GNS: Fix revocation wire format

author: Martin Schanzenbach <schanzen@gnunet.org> 2022-02-01 15:48:52 +0100
committer: Martin Schanzenbach <schanzen@gnunet.org> 2022-02-01 15:48:52 +0100
commit: 816bab695d6a7f4e359865e83b687d45ff66a2b1 (patch)
tree: 9e36e1d3d61e402a00119b727855fd71f01b795c
parent: 8e8f974d798b20e298de6583e8ad0b07ef9b0992 (diff)
download: gnunet-816bab695d6a7f4e359865e83b687d45ff66a2b1.tar.gz
gnunet-816bab695d6a7f4e359865e83b687d45ff66a2b1.zip
4 files changed, 167 insertions, 10 deletions
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c
index 4a7a69211..471569cb3 100644
--- a/src/identity/identity_api.c
+++ b/src/identity/identity_api.c
@@ -1063,6 +1063,25 @@ GNUNET_IDENTITY_signature_get_length (const struct
 ssize_t
+GNUNET_IDENTITY_signature_get_raw_length_by_type (uint32_t type)
+{
+  switch (ntohl (type))
+  {
+  case GNUNET_IDENTITY_TYPE_ECDSA:
+    return sizeof (struct GNUNET_CRYPTO_EcdsaSignature);
+    break;
+  case GNUNET_IDENTITY_TYPE_EDDSA:
+    return sizeof (struct GNUNET_CRYPTO_EddsaSignature);
+    break;
+  default:
+    GNUNET_break (0);
+  }
+  return -1;
+}
+ssize_t
 GNUNET_IDENTITY_read_signature_from_buffer (struct
                                            GNUNET_IDENTITY_Signature *sig,
                                            const void*buffer,
@@ -1099,6 +1118,31 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct
  return length;
 }
+enum GNUNET_GenericReturnValue
+GNUNET_IDENTITY_sign_raw_ (const struct
+                           GNUNET_IDENTITY_PrivateKey *priv,
+                           const struct
+                           GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+                           unsigned char *sig)
+{
+  switch (ntohl (priv->type))
+  {
+  case GNUNET_IDENTITY_TYPE_ECDSA:
+    return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose,
+                                      (struct GNUNET_CRYPTO_EcdsaSignature*)sig);
+    break;
+  case GNUNET_IDENTITY_TYPE_EDDSA:
+    return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose,
+                                      (struct GNUNET_CRYPTO_EddsaSignature*)sig);
+    break;
+  default:
+    GNUNET_break (0);
+  }
+  return GNUNET_SYSERR;
+}
 enum GNUNET_GenericReturnValue
 GNUNET_IDENTITY_sign_ (const struct
@@ -1155,6 +1199,37 @@ GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
 }
+enum GNUNET_GenericReturnValue
+GNUNET_IDENTITY_signature_verify_raw_ (uint32_t purpose,
+                                       const struct
+                                       GNUNET_CRYPTO_EccSignaturePurpose *
+                                       validate,
+                                       const unsigned char *sig,
+                                       const struct
+                                       GNUNET_IDENTITY_PublicKey *pub)
+{
+  switch (ntohl (pub->type))
+  {
+  case GNUNET_IDENTITY_TYPE_ECDSA:
+    return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate,
+                                        (struct GNUNET_CRYPTO_EcdsaSignature*)sig,
+                                        &(pub->ecdsa_key));
+    break;
+  case GNUNET_IDENTITY_TYPE_EDDSA:
+    return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate,
+                                        (struct GNUNET_CRYPTO_EddsaSignature*)sig,
+                                        &(pub->eddsa_key));
+    break;
+  default:
+    GNUNET_break (0);
+  }
+  return GNUNET_SYSERR;
+}
 ssize_t
 GNUNET_IDENTITY_encrypt (const void *block,
                         size_t size,
diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h
index b2a45577f..227c7f486 100644
--- a/src/include/gnunet_identity_service.h
+++ b/src/include/gnunet_identity_service.h
@@ -459,6 +459,21 @@ GNUNET_IDENTITY_signature_get_length (const struct
 /**
+ * Get the compacted length of a signature by type.
+ * Compacted means that it returns the minimum number of bytes this
+ * signature is long, as opposed to the union structure inside
+ * #GNUNET_IDENTITY_Signature.
+ * Useful for compact serializations.
+ *
+ * @param sig the signature.
+ * @return -1 on error, else the compacted length of the signature.
+ */
+ssize_t
+GNUNET_IDENTITY_signature_get_raw_length_by_type (const uint32_t type);
+/**
 * Reads a #GNUNET_IDENTITY_Signature from a compact buffer.
 * The buffer has to contain at least the compacted length of
 * a #GNUNET_IDENTITY_Signature in bytes.
@@ -516,6 +531,26 @@ GNUNET_IDENTITY_sign_ (const struct
                       GNUNET_CRYPTO_EccSignaturePurpose *purpose,
                       struct GNUNET_IDENTITY_Signature *sig);
+/**
+ * @brief Sign a given block.
+ *
+ * The @a purpose data is the beginning of the data of which the signature is
+ * to be created. The `size` field in @a purpose must correctly indicate the
+ * number of bytes of the data structure, including its header.
+ * The signature payload and length depends on the key type.
+ *
+ * @param priv private key to use for the signing
+ * @param purpose what to sign (size, purpose)
+ * @param[out] sig where to write the signature
+ * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_IDENTITY_sign_raw_ (const struct
+                           GNUNET_IDENTITY_PrivateKey *priv,
+                           const struct
+                           GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+                           unsigned char *sig);
 /**
 * @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey.
@@ -566,6 +601,30 @@ GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
                                   const struct
                                   GNUNET_IDENTITY_PublicKey *pub);
+/**
+ * @brief Verify a given signature.
+ *
+ * The @a validate data is the beginning of the data of which the signature
+ * is to be verified. The `size` field in @a validate must correctly indicate
+ * the number of bytes of the data structure, including its header.  If @a
+ * purpose does not match the purpose given in @a validate (the latter must be
+ * in big endian), signature verification fails.
+ *
+ * @param purpose what is the purpose that the signature should have?
+ * @param validate block to validate (size, purpose, data)
+ * @param sig signature that is being validated
+ * @param pub public key of the signer
+ * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_IDENTITY_signature_verify_raw_ (uint32_t purpose,
+                                       const struct
+                                       GNUNET_CRYPTO_EccSignaturePurpose *
+                                       validate,
+                                       const unsigned char *sig,
+                                       const struct
+                                       GNUNET_IDENTITY_PublicKey *pub);
 /**
 * @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey.
diff --git a/src/revocation/gnunet-revocation-tvg.c b/src/revocation/gnunet-revocation-tvg.c
index 0838cecc4..f1d4b0334 100644
--- a/src/revocation/gnunet-revocation-tvg.c
+++ b/src/revocation/gnunet-revocation-tvg.c
@@ -34,6 +34,28 @@
 #define TEST_EPOCHS 2
 #define TEST_DIFFICULTY 5
+static char* d_pkey =
+"6fea32c05af58bfa979553d188605fd57d8bf9cc263b78d5f7478c07b998ed70";
+int parsehex(char *src, char *dst, size_t dstlen, int invert)
+{
+  char *line = src;
+  char *data = line;
+  int off;
+  int read_byte;
+  int data_len = 0;
+  while (sscanf(data, " %02x%n", &read_byte, &off) == 1) {
+    if (invert)
+      dst[dstlen - 1 - data_len++] = read_byte;
+    else
+      dst[data_len++] = read_byte;
+    data += off;
+  }
+  return data_len;
+}
 static void
 print_bytes_ (void *buf,
             size_t buf_len,
@@ -87,6 +109,7 @@ run (void *cls,
  id_priv.type = htonl (GNUNET_IDENTITY_TYPE_ECDSA);
  GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key);
+  parsehex(d_pkey,(char*)&id_priv.ecdsa_key, sizeof (id_priv.ecdsa_key), 1);
  GNUNET_IDENTITY_key_get_public (&id_priv,
                                  &id_pub);
  GNUNET_STRINGS_data_to_string (&id_pub,
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c
index d5bd53e56..8f05b88fd 100644
--- a/src/revocation/revocation_api.c
+++ b/src/revocation/revocation_api.c
@@ -410,7 +410,7 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow,
                          const struct GNUNET_IDENTITY_PublicKey *key)
 {
  struct GNUNET_REVOCATION_SignaturePurposePS *spurp;
-  struct GNUNET_IDENTITY_Signature *sig;
+  unsigned char *sig;
  const struct GNUNET_IDENTITY_PublicKey *pk;
  size_t ksize;
@@ -427,12 +427,12 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow,
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Expected signature payload len: %u\n",
              ntohl (spurp->purpose.size));
-  sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize);
+  sig = ((unsigned char*) &pow[1] + ksize);
  if (GNUNET_OK !=
-      GNUNET_IDENTITY_signature_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION,
+      GNUNET_IDENTITY_signature_verify_raw_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION,
-                                         &spurp->purpose,
+                                             &spurp->purpose,
-                                         sig,
+                                             sig,
-                                         key))
+                                             key))
  {
    return GNUNET_SYSERR;
  }
@@ -588,9 +588,9 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key,
                                       ((char*) &rp[1]),
                                       ksize);
  sig = ((char*) &pow[1]) + ksize;
-  int result = GNUNET_IDENTITY_sign_ (key,
+  int result = GNUNET_IDENTITY_sign_raw_ (key,
-                                      &rp->purpose,
+                                          &rp->purpose,
-                                      (void*) sig);
+                                          (void*) sig);
  if (result == GNUNET_SYSERR)
    return GNUNET_NO;
  else
@@ -768,7 +768,7 @@ GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow)
  ksize = GNUNET_IDENTITY_key_get_length (pk);
  size += ksize;
  sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize);
-  size += GNUNET_IDENTITY_signature_get_length (sig);
+  size += GNUNET_IDENTITY_signature_get_raw_length_by_type (pk->type);
  return size;
 }
author	Martin Schanzenbach <schanzen@gnunet.org>	2022-02-01 15:48:52 +0100
committer	Martin Schanzenbach <schanzen@gnunet.org>	2022-02-01 15:48:52 +0100
commit	816bab695d6a7f4e359865e83b687d45ff66a2b1 (patch)
tree	9e36e1d3d61e402a00119b727855fd71f01b795c
parent	8e8f974d798b20e298de6583e8ad0b07ef9b0992 (diff)
download	gnunet-816bab695d6a7f4e359865e83b687d45ff66a2b1.tar.gz gnunet-816bab695d6a7f4e359865e83b687d45ff66a2b1.zip

diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c index 4a7a69211..471569cb3 100644 --- a/src/identity/identity_api.c +++ b/src/identity/identity_api.c
@@ -1063,6 +1063,25 @@ GNUNET_IDENTITY_signature_get_length (const struct
1063		1063
1064		1064
1065	ssize_t	1065	ssize_t
		1066	GNUNET_IDENTITY_signature_get_raw_length_by_type (uint32_t type)
		1067	{
		1068	switch (ntohl (type))
		1069	{
		1070	case GNUNET_IDENTITY_TYPE_ECDSA:
		1071	return sizeof (struct GNUNET_CRYPTO_EcdsaSignature);
		1072	break;
		1073	case GNUNET_IDENTITY_TYPE_EDDSA:
		1074	return sizeof (struct GNUNET_CRYPTO_EddsaSignature);
		1075	break;
		1076	default:
		1077	GNUNET_break (0);
		1078	}
		1079	return -1;
		1080	}
		1081
		1082
		1083
		1084	ssize_t
1066	GNUNET_IDENTITY_read_signature_from_buffer (struct	1085	GNUNET_IDENTITY_read_signature_from_buffer (struct
1067	GNUNET_IDENTITY_Signature *sig,	1086	GNUNET_IDENTITY_Signature *sig,
1068	const void*buffer,	1087	const void*buffer,
@@ -1099,6 +1118,31 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct
1099	return length;	1118	return length;
1100	}	1119	}
1101		1120
		1121	enum GNUNET_GenericReturnValue
		1122	GNUNET_IDENTITY_sign_raw_ (const struct
		1123	GNUNET_IDENTITY_PrivateKey *priv,
		1124	const struct
		1125	GNUNET_CRYPTO_EccSignaturePurpose *purpose,
		1126	unsigned char *sig)
		1127	{
		1128	switch (ntohl (priv->type))
		1129	{
		1130	case GNUNET_IDENTITY_TYPE_ECDSA:
		1131	return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose,
		1132	(struct GNUNET_CRYPTO_EcdsaSignature*)sig);
		1133	break;
		1134	case GNUNET_IDENTITY_TYPE_EDDSA:
		1135	return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose,
		1136	(struct GNUNET_CRYPTO_EddsaSignature*)sig);
		1137	break;
		1138	default:
		1139	GNUNET_break (0);
		1140	}
		1141
		1142	return GNUNET_SYSERR;
		1143	}
		1144
		1145
1102		1146
1103	enum GNUNET_GenericReturnValue	1147	enum GNUNET_GenericReturnValue
1104	GNUNET_IDENTITY_sign_ (const struct	1148	GNUNET_IDENTITY_sign_ (const struct
@@ -1155,6 +1199,37 @@ GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
1155	}	1199	}
1156		1200
1157		1201
		1202	enum GNUNET_GenericReturnValue
		1203	GNUNET_IDENTITY_signature_verify_raw_ (uint32_t purpose,
		1204	const struct
		1205	GNUNET_CRYPTO_EccSignaturePurpose *
		1206	validate,
		1207	const unsigned char *sig,
		1208	const struct
		1209	GNUNET_IDENTITY_PublicKey *pub)
		1210	{
		1211	switch (ntohl (pub->type))
		1212	{
		1213	case GNUNET_IDENTITY_TYPE_ECDSA:
		1214	return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate,
		1215	(struct GNUNET_CRYPTO_EcdsaSignature*)sig,
		1216	&(pub->ecdsa_key));
		1217	break;
		1218	case GNUNET_IDENTITY_TYPE_EDDSA:
		1219	return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate,
		1220	(struct GNUNET_CRYPTO_EddsaSignature*)sig,
		1221	&(pub->eddsa_key));
		1222	break;
		1223	default:
		1224	GNUNET_break (0);
		1225	}
		1226
		1227	return GNUNET_SYSERR;
		1228	}
		1229
		1230
		1231
		1232
1158	ssize_t	1233	ssize_t
1159	GNUNET_IDENTITY_encrypt (const void *block,	1234	GNUNET_IDENTITY_encrypt (const void *block,
1160	size_t size,	1235	size_t size,


diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h index b2a45577f..227c7f486 100644 --- a/src/include/gnunet_identity_service.h +++ b/src/include/gnunet_identity_service.h
@@ -459,6 +459,21 @@ GNUNET_IDENTITY_signature_get_length (const struct
459		459
460		460
461	/**	461	/**
		462	* Get the compacted length of a signature by type.
		463	* Compacted means that it returns the minimum number of bytes this
		464	* signature is long, as opposed to the union structure inside
		465	* #GNUNET_IDENTITY_Signature.
		466	* Useful for compact serializations.
		467	*
		468	* @param sig the signature.
		469	* @return -1 on error, else the compacted length of the signature.
		470	*/
		471	ssize_t
		472	GNUNET_IDENTITY_signature_get_raw_length_by_type (const uint32_t type);
		473
		474
		475
		476	/**
462	* Reads a #GNUNET_IDENTITY_Signature from a compact buffer.	477	* Reads a #GNUNET_IDENTITY_Signature from a compact buffer.
463	* The buffer has to contain at least the compacted length of	478	* The buffer has to contain at least the compacted length of
464	* a #GNUNET_IDENTITY_Signature in bytes.	479	* a #GNUNET_IDENTITY_Signature in bytes.
@@ -516,6 +531,26 @@ GNUNET_IDENTITY_sign_ (const struct
516	GNUNET_CRYPTO_EccSignaturePurpose *purpose,	531	GNUNET_CRYPTO_EccSignaturePurpose *purpose,
517	struct GNUNET_IDENTITY_Signature *sig);	532	struct GNUNET_IDENTITY_Signature *sig);
518		533
		534	/**
		535	* @brief Sign a given block.
		536	*
		537	* The @a purpose data is the beginning of the data of which the signature is
		538	* to be created. The `size` field in @a purpose must correctly indicate the
		539	* number of bytes of the data structure, including its header.
		540	* The signature payload and length depends on the key type.
		541	*
		542	* @param priv private key to use for the signing
		543	* @param purpose what to sign (size, purpose)
		544	* @param[out] sig where to write the signature
		545	* @return #GNUNET_SYSERR on error, #GNUNET_OK on success
		546	*/
		547	enum GNUNET_GenericReturnValue
		548	GNUNET_IDENTITY_sign_raw_ (const struct
		549	GNUNET_IDENTITY_PrivateKey *priv,
		550	const struct
		551	GNUNET_CRYPTO_EccSignaturePurpose *purpose,
		552	unsigned char *sig);
		553
519		554
520	/**	555	/**
521	* @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey.	556	* @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey.
@@ -566,6 +601,30 @@ GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
566	const struct	601	const struct
567	GNUNET_IDENTITY_PublicKey *pub);	602	GNUNET_IDENTITY_PublicKey *pub);
568		603
		604	/**
		605	* @brief Verify a given signature.
		606	*
		607	* The @a validate data is the beginning of the data of which the signature
		608	* is to be verified. The `size` field in @a validate must correctly indicate
		609	* the number of bytes of the data structure, including its header. If @a
		610	* purpose does not match the purpose given in @a validate (the latter must be
		611	* in big endian), signature verification fails.
		612	*
		613	* @param purpose what is the purpose that the signature should have?
		614	* @param validate block to validate (size, purpose, data)
		615	* @param sig signature that is being validated
		616	* @param pub public key of the signer
		617	* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
		618	*/
		619	enum GNUNET_GenericReturnValue
		620	GNUNET_IDENTITY_signature_verify_raw_ (uint32_t purpose,
		621	const struct
		622	GNUNET_CRYPTO_EccSignaturePurpose *
		623	validate,
		624	const unsigned char *sig,
		625	const struct
		626	GNUNET_IDENTITY_PublicKey *pub);
		627
569		628
570	/**	629	/**
571	* @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey.	630	* @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey.


diff --git a/src/revocation/gnunet-revocation-tvg.c b/src/revocation/gnunet-revocation-tvg.c index 0838cecc4..f1d4b0334 100644 --- a/src/revocation/gnunet-revocation-tvg.c +++ b/src/revocation/gnunet-revocation-tvg.c
@@ -34,6 +34,28 @@
34	#define TEST_EPOCHS 2	34	#define TEST_EPOCHS 2
35	#define TEST_DIFFICULTY 5	35	#define TEST_DIFFICULTY 5
36		36
		37	static char* d_pkey =
		38	"6fea32c05af58bfa979553d188605fd57d8bf9cc263b78d5f7478c07b998ed70";
		39
		40	int parsehex(char src, char dst, size_t dstlen, int invert)
		41	{
		42	char *line = src;
		43	char *data = line;
		44	int off;
		45	int read_byte;
		46	int data_len = 0;
		47
		48	while (sscanf(data, " %02x%n", &read_byte, &off) == 1) {
		49	if (invert)
		50	dst[dstlen - 1 - data_len++] = read_byte;
		51	else
		52	dst[data_len++] = read_byte;
		53	data += off;
		54	}
		55	return data_len;
		56	}
		57
		58
37	static void	59	static void
38	print_bytes_ (void *buf,	60	print_bytes_ (void *buf,
39	size_t buf_len,	61	size_t buf_len,
@@ -87,6 +109,7 @@ run (void *cls,
87		109
88	id_priv.type = htonl (GNUNET_IDENTITY_TYPE_ECDSA);	110	id_priv.type = htonl (GNUNET_IDENTITY_TYPE_ECDSA);
89	GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key);	111	GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key);
		112	parsehex(d_pkey,(char*)&id_priv.ecdsa_key, sizeof (id_priv.ecdsa_key), 1);
90	GNUNET_IDENTITY_key_get_public (&id_priv,	113	GNUNET_IDENTITY_key_get_public (&id_priv,
91	&id_pub);	114	&id_pub);
92	GNUNET_STRINGS_data_to_string (&id_pub,	115	GNUNET_STRINGS_data_to_string (&id_pub,


diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index d5bd53e56..8f05b88fd 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c
@@ -410,7 +410,7 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow,
410	const struct GNUNET_IDENTITY_PublicKey *key)	410	const struct GNUNET_IDENTITY_PublicKey *key)
411	{	411	{
412	struct GNUNET_REVOCATION_SignaturePurposePS *spurp;	412	struct GNUNET_REVOCATION_SignaturePurposePS *spurp;
413	struct GNUNET_IDENTITY_Signature *sig;	413	unsigned char *sig;
414	const struct GNUNET_IDENTITY_PublicKey *pk;	414	const struct GNUNET_IDENTITY_PublicKey *pk;
415	size_t ksize;	415	size_t ksize;
416		416
@@ -427,12 +427,12 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow,
427	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,	427	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
428	"Expected signature payload len: %u\n",	428	"Expected signature payload len: %u\n",
429	ntohl (spurp->purpose.size));	429	ntohl (spurp->purpose.size));
430	sig = (struct GNUNET_IDENTITY_Signature ) ((char) &pow[1] + ksize);	430	sig = ((unsigned char*) &pow[1] + ksize);
431	if (GNUNET_OK !=	431	if (GNUNET_OK !=
432	GNUNET_IDENTITY_signature_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION,	432	GNUNET_IDENTITY_signature_verify_raw_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION,
433	&spurp->purpose,	433	&spurp->purpose,
434	sig,	434	sig,
435	key))	435	key))
436	{	436	{
437	return GNUNET_SYSERR;	437	return GNUNET_SYSERR;
438	}	438	}
@@ -588,9 +588,9 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key,
588	((char*) &rp[1]),	588	((char*) &rp[1]),
589	ksize);	589	ksize);
590	sig = ((char*) &pow[1]) + ksize;	590	sig = ((char*) &pow[1]) + ksize;
591	int result = GNUNET_IDENTITY_sign_ (key,	591	int result = GNUNET_IDENTITY_sign_raw_ (key,
592	&rp->purpose,	592	&rp->purpose,
593	(void*) sig);	593	(void*) sig);
594	if (result == GNUNET_SYSERR)	594	if (result == GNUNET_SYSERR)
595	return GNUNET_NO;	595	return GNUNET_NO;
596	else	596	else
@@ -768,7 +768,7 @@ GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow)
768	ksize = GNUNET_IDENTITY_key_get_length (pk);	768	ksize = GNUNET_IDENTITY_key_get_length (pk);
769	size += ksize;	769	size += ksize;
770	sig = (struct GNUNET_IDENTITY_Signature ) ((char) &pow[1] + ksize);	770	sig = (struct GNUNET_IDENTITY_Signature ) ((char) &pow[1] + ksize);
771	size += GNUNET_IDENTITY_signature_get_length (sig);	771	size += GNUNET_IDENTITY_signature_get_raw_length_by_type (pk->type);
772	return size;	772	return size;
773	}	773	}
774		774