-gcrypt works better now, removing some debug logic

author: Christian Grothoff <christian@grothoff.org> 2013-04-15 16:26:26 +0000
committer: Christian Grothoff <christian@grothoff.org> 2013-04-15 16:26:26 +0000
commit: 0016a5eca2ada2df9de375022a73677c3d7b9247 (patch)
tree: f5ef17d0c0bdd7345b6df96ae252ac6e6a904246 /src/fs
parent: 30438ae068cdc7a96eb252ea611f822270db8264 (diff)
download: gnunet-0016a5eca2ada2df9de375022a73677c3d7b9247.tar.gz
gnunet-0016a5eca2ada2df9de375022a73677c3d7b9247.zip
2 files changed, 21 insertions, 81 deletions
diff --git a/src/fs/fs_pseudonym.c b/src/fs/fs_pseudonym.c
index 7394fb0c6..896a26e59 100644
--- a/src/fs/fs_pseudonym.c
+++ b/src/fs/fs_pseudonym.c
@@ -1067,8 +1067,6 @@ data_to_pkcs1 (const struct GNUNET_FS_PseudonymSignaturePurpose *purpose)
  return data;
 }
-gcry_ctx_t xctx;
 /**
 * Cryptographically sign some data with the pseudonym.
@@ -1085,10 +1083,10 @@ gcry_ctx_t xctx;
 */
 int 
 GNUNET_FS_pseudonym_sign (struct GNUNET_FS_PseudonymHandle *ph,
-                       const struct GNUNET_FS_PseudonymSignaturePurpose *purpose,
+                          const struct GNUNET_FS_PseudonymSignaturePurpose *purpose,
-                       const struct GNUNET_HashCode *seed,
+                          const struct GNUNET_HashCode *seed,
-                       const struct GNUNET_HashCode *signing_key,
+                          const struct GNUNET_HashCode *signing_key,
-                       struct GNUNET_FS_PseudonymSignature *signature)
+                          struct GNUNET_FS_PseudonymSignature *signature)
 {
  size_t size;
  size_t erroff;
@@ -1136,47 +1134,9 @@ GNUNET_FS_pseudonym_sign (struct GNUNET_FS_PseudonymHandle *ph,
  /* calculate dx = d + h mod n */
  dh = gcry_mpi_new (256);
  gcry_mpi_addm (dh, d, h, n);  
-  // gcry_mpi_release (d);
+  gcry_mpi_release (d);
-  // gcry_mpi_release (h);
+  gcry_mpi_release (h);
  gcry_mpi_release (n);
-  if (1) {
-    gcry_mpi_point_t g;
-    gcry_mpi_point_t v;
-    gcry_mpi_point_t hg;
-    gcry_mpi_point_t q;
-    gcry_mpi_t v_x;
-    gcry_mpi_t v_y;
-    gcry_mpi_ec_new (&xctx, NULL, "NIST P-256");
-    g = gcry_mpi_ec_get_point ("g", xctx, 0);
-    hg = gcry_mpi_point_new (0);
-    gcry_mpi_ec_mul (hg, h, g, xctx);
-    fprintf (stderr, "\nExpected verification hG value:\n");
-    v_x = gcry_mpi_new (256);
-    v_y = gcry_mpi_new (256);
-    gcry_mpi_ec_get_affine (v_x, v_y, hg, xctx);
-    gcry_mpi_dump (v_x);
-    gcry_mpi_dump (v_y);
-    q = gcry_mpi_point_new (0);    
-    gcry_mpi_ec_mul (q, d, g, xctx);
-    fprintf (stderr, "\nExpected verification q value:\n");
-    gcry_mpi_ec_get_affine (v_x, v_y, q, xctx);
-    gcry_mpi_dump (v_x);
-    gcry_mpi_dump (v_y);
-    v = gcry_mpi_point_new (0);
-    gcry_mpi_ec_add (v, q, hg, xctx);
-    gcry_mpi_ec_get_affine (v_x, v_y, v, xctx);
-    fprintf (stderr, "\nExpected verification key public point value V := q + hG:\n");
-    gcry_mpi_dump (v_x);
-    gcry_mpi_dump (v_y);
-    fprintf (stderr, "\n");
-    
-  }
  
  /* now build sexpression with the signing key */
  if (0 != (rc = gcry_sexp_build (&spriv, &erroff,
@@ -1241,6 +1201,7 @@ GNUNET_FS_pseudonym_sign (struct GNUNET_FS_PseudonymHandle *ph,
    gcry_mpi_release (rs[1]);
    return GNUNET_SYSERR;
  }
  gcry_mpi_release (rs[0]);
  size = sizeof (signature->sig_s);
  if (0 != (rc = gcry_mpi_print (GCRYMPI_FMT_USG, signature->sig_s, size,
@@ -1353,42 +1314,19 @@ GNUNET_FS_pseudonym_derive_verification_key (struct GNUNET_FS_PseudonymIdentifie
  /* then call the 'multiply' function, to compute the product hG */
  hg = gcry_mpi_point_new (0);
  gcry_mpi_ec_mul (hg, h, g, ctx);
-  {
-    fprintf (stderr, "\nVerification hG value:\n");
-    v_x = gcry_mpi_new (256);
-    v_y = gcry_mpi_new (256);
-    gcry_mpi_ec_get_affine (v_x, v_y, hg, ctx);
-    gcry_mpi_dump (v_x);
-    gcry_mpi_dump (v_y);
-  }
  gcry_mpi_release (h);
  /* get Q = dG from 'pseudonym' */
  q = gcry_mpi_ec_get_point ("q", ctx, 0);
-  {
-    fprintf (stderr, "\nVerification q value:\n");
-    v_x = gcry_mpi_new (256);
-    v_y = gcry_mpi_new (256);
-    gcry_mpi_ec_get_affine (v_x, v_y, q, ctx);
-    gcry_mpi_dump (v_x);
-    gcry_mpi_dump (v_y);
-  }
  /* calculate V = Q + hG = dG + hG = (d + h)G*/
  v = gcry_mpi_point_new (0);
-  gcry_mpi_ec_add (v, q, hg, xctx);
+  gcry_mpi_ec_add (v, q, hg, ctx);
  /* FIXME: free 'hg'? */
  
  /* store 'v' point in "verification_key" */
  v_x = gcry_mpi_new (256);
  v_y = gcry_mpi_new (256);
-  gcry_mpi_ec_get_affine (v_x, v_y, v, xctx);
+  gcry_mpi_ec_get_affine (v_x, v_y, v, ctx);
-  {
-    fprintf (stderr, "\nVerification key public point value V := q + hG:\n");
-    gcry_mpi_dump (v_x);
-    gcry_mpi_dump (v_y);
-  }
  gcry_mpi_point_release (v);
  gcry_ctx_release (ctx);
@@ -1428,8 +1366,8 @@ GNUNET_FS_pseudonym_derive_verification_key (struct GNUNET_FS_PseudonymIdentifie
 */
 int
 GNUNET_FS_pseudonym_verify (const struct GNUNET_FS_PseudonymSignaturePurpose *purpose,
-                         const struct GNUNET_FS_PseudonymSignature *signature,
+                            const struct GNUNET_FS_PseudonymSignature *signature,
-                         const struct GNUNET_FS_PseudonymIdentifier *verification_key)
+                            const struct GNUNET_FS_PseudonymIdentifier *verification_key)
 {
  gcry_sexp_t data;
  gcry_sexp_t sig_sexpr;
@@ -1471,6 +1409,7 @@ GNUNET_FS_pseudonym_verify (const struct GNUNET_FS_PseudonymSignaturePurpose *pu
  gcry_mpi_release (r);
  gcry_mpi_release (s);
  /* build s-expression for data that was signed */
  data = data_to_pkcs1 (purpose);
@@ -1533,7 +1472,6 @@ GNUNET_FS_pseudonym_verify (const struct GNUNET_FS_PseudonymSignaturePurpose *pu
    LOG (GNUNET_ERROR_TYPE_WARNING,
         _("ECDSA signature verification failed at %s:%d: %s\n"), __FILE__,
         __LINE__, gcry_strerror (rc));
-exit (1);
    return GNUNET_SYSERR;
  }
  return GNUNET_OK;
diff --git a/src/fs/test_pseudonym.c b/src/fs/test_pseudonym.c
index 0615f5a5b..a6e258038 100644
--- a/src/fs/test_pseudonym.c
+++ b/src/fs/test_pseudonym.c
@@ -223,26 +223,24 @@ test_signature (struct GNUNET_FS_PseudonymHandle *ph,
  struct GNUNET_FS_PseudonymIdentifier verification_key;
  GNUNET_FS_pseudonym_sign (ph, purpose, seed, signing_key, &signature);
-  if (0)
-    {
  GNUNET_FS_pseudonym_sign (ph, purpose, seed, signing_key, &signature2);
  /* with seed, two sigs must be identical, without, they must be different! */
  if (NULL != seed)
    GNUNET_break (0 == memcmp (&signature, &signature2, sizeof (signature)));
  else /* crypto not implemented, thus for now 'break' */
    GNUNET_break (0 != memcmp (&signature, &signature2, sizeof (signature)));
-    }
  GNUNET_FS_pseudonym_get_identifier (ph, &pseudonym);
  GNUNET_FS_pseudonym_derive_verification_key (&pseudonym,
                                            signing_key,
                                            &verification_key);
  GNUNET_break (GNUNET_OK ==
-                 GNUNET_FS_pseudonym_verify (purpose, &signature, &verification_key));
+                GNUNET_FS_pseudonym_verify (purpose, &signature, &verification_key));
  /* also check that if the data is changed, the signature no longer matches */
  (*bit)++;
+  GNUNET_log_skip (1, GNUNET_NO);
  /* crypto not implemented, thus for now 'break' */
  GNUNET_break (GNUNET_OK !=
-                 GNUNET_FS_pseudonym_verify (purpose, &signature, &verification_key));
+                GNUNET_FS_pseudonym_verify (purpose, &signature, &verification_key));
  (*bit)--;
 }
@@ -266,8 +264,10 @@ test_crypto_ops (struct GNUNET_FS_PseudonymHandle *ph)
  purpose->purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
  memset (&seed, 41, sizeof (seed));
  memset (&signing_key, 40, sizeof (signing_key));
-  test_signature (ph, purpose, &seed, &signing_key, &data[sizeof (struct GNUNET_FS_PseudonymSignaturePurpose)]);
+  test_signature (ph, purpose, &seed,
-  test_signature (ph, purpose, NULL, &signing_key, &data[sizeof (struct GNUNET_FS_PseudonymSignaturePurpose)]);
+                  &signing_key, &data[sizeof (struct GNUNET_FS_PseudonymSignaturePurpose)]);
+  test_signature (ph, purpose, NULL, 
+                  &signing_key, &data[sizeof (struct GNUNET_FS_PseudonymSignaturePurpose)]);
 }
@@ -301,6 +301,7 @@ test_crypto ()
  GNUNET_FS_pseudonym_destroy (ph);  
  /* check anonymous pseudonym operations generation */
+  fprintf (stderr, "Checking anonymous ops\n");
  ph = GNUNET_FS_pseudonym_get_anonymous_pseudonym_handle ();
  GNUNET_FS_pseudonym_get_identifier (ph, &pseudonym2);
  if (0 == memcmp (&pseudonym, &pseudonym2, sizeof (pseudonym)))
@@ -314,6 +315,7 @@ test_crypto ()
 int
 main (int argc, char *argv[])
 {
+  GNUNET_log_setup ("test-pseudonym", "WARNING", NULL);
  if (0 != test_io ())
    return 1;
  if (0 != test_crypto ())
author	Christian Grothoff <christian@grothoff.org>	2013-04-15 16:26:26 +0000
committer	Christian Grothoff <christian@grothoff.org>	2013-04-15 16:26:26 +0000
commit	0016a5eca2ada2df9de375022a73677c3d7b9247 (patch)
tree	f5ef17d0c0bdd7345b6df96ae252ac6e6a904246 /src/fs
parent	30438ae068cdc7a96eb252ea611f822270db8264 (diff)
download	gnunet-0016a5eca2ada2df9de375022a73677c3d7b9247.tar.gz gnunet-0016a5eca2ada2df9de375022a73677c3d7b9247.zip