- add signature check

author: Schanzenbach, Martin <mschanzenbach@posteo.de> 2016-12-07 10:53:45 +0100
committer: Schanzenbach, Martin <mschanzenbach@posteo.de> 2016-12-07 10:53:45 +0100
commit: 68f5813fdac760d6bc8d832b298f2621bc0e7023 (patch)
tree: c0ab717eff932b61c9387785a2feaf71c6c36ca7 /src/credential
parent: 1be263982990fc0650c30fb5f758d4100540561d (diff)
download: gnunet-68f5813fdac760d6bc8d832b298f2621bc0e7023.tar.gz
gnunet-68f5813fdac760d6bc8d832b298f2621bc0e7023.zip
3 files changed, 6 insertions, 6 deletions
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index 4f06806d1..272ccebdf 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -434,7 +434,7 @@ handle_credential_query (void* cls,
    GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head,
                                      vrh->cred_chain_tail,
                                      cr_entry);
-    /*if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL, 
+    if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL, 
                                               &crd->purpose,
                                               &crd->sig,
                                               &crd->issuer_key))
@@ -442,7 +442,7 @@ handle_credential_query (void* cls,
      GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
                  "Invalid credential found\n");
      continue;
-    }*/
+    }
    if (0 != memcmp (&crd->issuer_key,
                     &vrh->issuer_key,
                     sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
index ff95ec119..90ac393d0 100644
--- a/src/credential/plugin_gnsrecord_credential.c
+++ b/src/credential/plugin_gnsrecord_credential.c
@@ -182,8 +182,8 @@ credential_string_to_value (void *cls,
        cred->sig = *sig;
        cred->expiration = GNUNET_htonll (etime_abs.abs_value_us);
        cred->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
-        cred->purpose.size = strlen (name) + 1 + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
+        cred->purpose.size = htonl (strlen (name) + 1 + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
-                             sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey) + sizeof (uint64_t);
+                             sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey) + sizeof (uint64_t));
        GNUNET_free (sig);
        GNUNET_memcpy (&cred[1],
                       name,
diff --git a/src/credential/test_credential_verify_simple.sh b/src/credential/test_credential_verify_simple.sh
index ce0a2207a..2fac4659e 100755
--- a/src/credential/test_credential_verify_simple.sh
+++ b/src/credential/test_credential_verify_simple.sh
@@ -19,7 +19,7 @@ rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
 which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
-gnunet-arm -s -c test_credential_lookup.conf
+#gnunet-arm -s -c test_credential_lookup.conf
 gnunet-identity -C testissuer -c test_credential_lookup.conf
 gnunet-identity -C testsubject -c test_credential_lookup.conf
@@ -45,6 +45,6 @@ if [ "$RES_CRED" == "Successful." ]
 then
  exit 0
 else
-  echo "FAIL: Failed to verify credential $RES_IP."
+  echo "FAIL: Failed to verify credential."
  exit 1
 fi
author	Schanzenbach, Martin <mschanzenbach@posteo.de>	2016-12-07 10:53:45 +0100
committer	Schanzenbach, Martin <mschanzenbach@posteo.de>	2016-12-07 10:53:45 +0100
commit	68f5813fdac760d6bc8d832b298f2621bc0e7023 (patch)
tree	c0ab717eff932b61c9387785a2feaf71c6c36ca7 /src/credential
parent	1be263982990fc0650c30fb5f758d4100540561d (diff)
download	gnunet-68f5813fdac760d6bc8d832b298f2621bc0e7023.tar.gz gnunet-68f5813fdac760d6bc8d832b298f2621bc0e7023.zip

diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c index 4f06806d1..272ccebdf 100644 --- a/src/credential/gnunet-service-credential.c +++ b/src/credential/gnunet-service-credential.c
@@ -434,7 +434,7 @@ handle_credential_query (void* cls,
434	GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head,	434	GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head,
435	vrh->cred_chain_tail,	435	vrh->cred_chain_tail,
436	cr_entry);	436	cr_entry);
437	/*if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL,	437	if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL,
438	&crd->purpose,	438	&crd->purpose,
439	&crd->sig,	439	&crd->sig,
440	&crd->issuer_key))	440	&crd->issuer_key))
@@ -442,7 +442,7 @@ handle_credential_query (void* cls,
442	GNUNET_log (GNUNET_ERROR_TYPE_WARNING,	442	GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
443	"Invalid credential found\n");	443	"Invalid credential found\n");
444	continue;	444	continue;
445	}*/	445	}
446	if (0 != memcmp (&crd->issuer_key,	446	if (0 != memcmp (&crd->issuer_key,
447	&vrh->issuer_key,	447	&vrh->issuer_key,
448	sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))	448	sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))


diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c index ff95ec119..90ac393d0 100644 --- a/src/credential/plugin_gnsrecord_credential.c +++ b/src/credential/plugin_gnsrecord_credential.c
@@ -182,8 +182,8 @@ credential_string_to_value (void *cls,
182	cred->sig = *sig;	182	cred->sig = *sig;
183	cred->expiration = GNUNET_htonll (etime_abs.abs_value_us);	183	cred->expiration = GNUNET_htonll (etime_abs.abs_value_us);
184	cred->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);	184	cred->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
185	cred->purpose.size = strlen (name) + 1 + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +	185	cred->purpose.size = htonl (strlen (name) + 1 + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
186	sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey) + sizeof (uint64_t);	186	sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey) + sizeof (uint64_t));
187	GNUNET_free (sig);	187	GNUNET_free (sig);
188	GNUNET_memcpy (&cred[1],	188	GNUNET_memcpy (&cred[1],
189	name,	189	name,


diff --git a/src/credential/test_credential_verify_simple.sh b/src/credential/test_credential_verify_simple.sh index ce0a2207a..2fac4659e 100755 --- a/src/credential/test_credential_verify_simple.sh +++ b/src/credential/test_credential_verify_simple.sh
@@ -19,7 +19,7 @@ rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
19		19
20		20
21	which timeout &> /dev/null && DO_TIMEOUT="timeout 30"	21	which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
22	gnunet-arm -s -c test_credential_lookup.conf	22	#gnunet-arm -s -c test_credential_lookup.conf
23	gnunet-identity -C testissuer -c test_credential_lookup.conf	23	gnunet-identity -C testissuer -c test_credential_lookup.conf
24	gnunet-identity -C testsubject -c test_credential_lookup.conf	24	gnunet-identity -C testsubject -c test_credential_lookup.conf
25		25
@@ -45,6 +45,6 @@ if [ "$RES_CRED" == "Successful." ]
45	then	45	then
46	exit 0	46	exit 0
47	else	47	else
48	echo "FAIL: Failed to verify credential $RES_IP."	48	echo "FAIL: Failed to verify credential."
49	exit 1	49	exit 1
50	fi	50	fi