diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-04-15 18:09:07 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-04-15 18:09:07 +0000 |
commit | 7e33a2c23c9f0e9f6c45e8c1700c95f95a7569c3 (patch) | |
tree | b5d1e7615f519df72ee4400b58b6a902a32618f3 /src/fs | |
parent | 0016a5eca2ada2df9de375022a73677c3d7b9247 (diff) | |
download | gnunet-7e33a2c23c9f0e9f6c45e8c1700c95f95a7569c3.tar.gz gnunet-7e33a2c23c9f0e9f6c45e8c1700c95f95a7569c3.zip |
-fixes
Diffstat (limited to 'src/fs')
-rw-r--r-- | src/fs/fs_pseudonym.c | 81 |
1 files changed, 58 insertions, 23 deletions
diff --git a/src/fs/fs_pseudonym.c b/src/fs/fs_pseudonym.c index 896a26e59..3f0c6b6c7 100644 --- a/src/fs/fs_pseudonym.c +++ b/src/fs/fs_pseudonym.c | |||
@@ -103,6 +103,12 @@ static struct GNUNET_FS_pseudonym_DiscoveryHandle *disco_head; | |||
103 | */ | 103 | */ |
104 | static struct GNUNET_FS_pseudonym_DiscoveryHandle *disco_tail; | 104 | static struct GNUNET_FS_pseudonym_DiscoveryHandle *disco_tail; |
105 | 105 | ||
106 | /** | ||
107 | * Pointer to indiate 'anonymous' pseudonym (global static, all | ||
108 | * zeros). We actually use pointer comparisson to detect the | ||
109 | * "anonymous" pseudonym handle. | ||
110 | */ | ||
111 | static struct GNUNET_FS_PseudonymHandle anonymous; | ||
106 | 112 | ||
107 | /** | 113 | /** |
108 | * Internal notification about new tracked URI. | 114 | * Internal notification about new tracked URI. |
@@ -896,9 +902,11 @@ GNUNET_FS_pseudonym_create (const char *filename) | |||
896 | if (0 != (rc = gcry_pk_genkey (&r_key, params))) | 902 | if (0 != (rc = gcry_pk_genkey (&r_key, params))) |
897 | { | 903 | { |
898 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_genkey", rc); | 904 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_genkey", rc); |
905 | gcry_sexp_release (params); | ||
899 | gcry_sexp_release (r_key); | 906 | gcry_sexp_release (r_key); |
900 | return NULL; | 907 | return NULL; |
901 | } | 908 | } |
909 | gcry_sexp_release (params); | ||
902 | /* extract "d" (secret key) from r_key */ | 910 | /* extract "d" (secret key) from r_key */ |
903 | rc = key_from_sexp (&d, r_key, "private-key", "d"); | 911 | rc = key_from_sexp (&d, r_key, "private-key", "d"); |
904 | if (0 != rc) | 912 | if (0 != rc) |
@@ -931,6 +939,7 @@ GNUNET_FS_pseudonym_create (const char *filename) | |||
931 | q_y = gcry_mpi_new (256); | 939 | q_y = gcry_mpi_new (256); |
932 | gcry_mpi_ec_get_affine (q_x, q_y, q, ctx); | 940 | gcry_mpi_ec_get_affine (q_x, q_y, q, ctx); |
933 | gcry_mpi_point_release (q); | 941 | gcry_mpi_point_release (q); |
942 | gcry_ctx_release (ctx); | ||
934 | 943 | ||
935 | /* store q_x/q_y in public key */ | 944 | /* store q_x/q_y in public key */ |
936 | size = sizeof (ph->public_key.q_x); | 945 | size = sizeof (ph->public_key.q_x); |
@@ -1010,15 +1019,7 @@ GNUNET_FS_pseudonym_create_from_existing_file (const char *filename) | |||
1010 | struct GNUNET_FS_PseudonymHandle * | 1019 | struct GNUNET_FS_PseudonymHandle * |
1011 | GNUNET_FS_pseudonym_get_anonymous_pseudonym_handle () | 1020 | GNUNET_FS_pseudonym_get_anonymous_pseudonym_handle () |
1012 | { | 1021 | { |
1013 | struct GNUNET_FS_PseudonymHandle *ph; | 1022 | return &anonymous; |
1014 | |||
1015 | ph = GNUNET_malloc (sizeof (struct GNUNET_FS_PseudonymHandle)); | ||
1016 | /* Note if we use 'd=0' for the anonymous handle (as per#2564), | ||
1017 | then I believe the public key should be also zero, as Q=0P=0; | ||
1018 | so setting everything to all-zeros (as per GNUNET_malloc) | ||
1019 | should be all that is needed here). | ||
1020 | */ | ||
1021 | return ph; | ||
1022 | } | 1023 | } |
1023 | 1024 | ||
1024 | 1025 | ||
@@ -1031,7 +1032,8 @@ GNUNET_FS_pseudonym_get_anonymous_pseudonym_handle () | |||
1031 | void | 1032 | void |
1032 | GNUNET_FS_pseudonym_destroy (struct GNUNET_FS_PseudonymHandle *ph) | 1033 | GNUNET_FS_pseudonym_destroy (struct GNUNET_FS_PseudonymHandle *ph) |
1033 | { | 1034 | { |
1034 | GNUNET_free (ph); | 1035 | if (&anonymous != ph) |
1036 | GNUNET_free (ph); | ||
1035 | } | 1037 | } |
1036 | 1038 | ||
1037 | 1039 | ||
@@ -1102,13 +1104,21 @@ GNUNET_FS_pseudonym_sign (struct GNUNET_FS_PseudonymHandle *ph, | |||
1102 | int rc; | 1104 | int rc; |
1103 | 1105 | ||
1104 | /* get private key 'd' from pseudonym */ | 1106 | /* get private key 'd' from pseudonym */ |
1105 | size = sizeof (ph->d); | 1107 | if (&anonymous == ph) |
1106 | if (0 != (rc = gcry_mpi_scan (&d, GCRYMPI_FMT_USG, | ||
1107 | &ph->d, | ||
1108 | size, &size))) | ||
1109 | { | 1108 | { |
1110 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | 1109 | d = gcry_mpi_new (0); |
1111 | return GNUNET_SYSERR; | 1110 | gcry_mpi_set_ui (d, 0); |
1111 | } | ||
1112 | else | ||
1113 | { | ||
1114 | size = sizeof (ph->d); | ||
1115 | if (0 != (rc = gcry_mpi_scan (&d, GCRYMPI_FMT_USG, | ||
1116 | &ph->d, | ||
1117 | size, &size))) | ||
1118 | { | ||
1119 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | ||
1120 | return GNUNET_SYSERR; | ||
1121 | } | ||
1112 | } | 1122 | } |
1113 | /* get 'x' value from signing key */ | 1123 | /* get 'x' value from signing key */ |
1114 | size = sizeof (struct GNUNET_HashCode); | 1124 | size = sizeof (struct GNUNET_HashCode); |
@@ -1212,6 +1222,7 @@ GNUNET_FS_pseudonym_sign (struct GNUNET_FS_PseudonymHandle *ph, | |||
1212 | return GNUNET_SYSERR; | 1222 | return GNUNET_SYSERR; |
1213 | } | 1223 | } |
1214 | gcry_mpi_release (rs[1]); | 1224 | gcry_mpi_release (rs[1]); |
1225 | GNUNET_FS_pseudonym_get_identifier (ph, &signature->signer); | ||
1215 | return GNUNET_OK; | 1226 | return GNUNET_OK; |
1216 | } | 1227 | } |
1217 | 1228 | ||
@@ -1226,14 +1237,34 @@ GNUNET_FS_pseudonym_sign (struct GNUNET_FS_PseudonymHandle *ph, | |||
1226 | static gcry_ctx_t | 1237 | static gcry_ctx_t |
1227 | get_context_from_pseudonym (struct GNUNET_FS_PseudonymIdentifier *pseudonym) | 1238 | get_context_from_pseudonym (struct GNUNET_FS_PseudonymIdentifier *pseudonym) |
1228 | { | 1239 | { |
1240 | static struct GNUNET_FS_PseudonymIdentifier zerop; | ||
1229 | gcry_ctx_t ctx; | 1241 | gcry_ctx_t ctx; |
1230 | gcry_mpi_t q_x; | 1242 | gcry_mpi_t q_x; |
1231 | gcry_mpi_t q_y; | 1243 | gcry_mpi_t q_y; |
1244 | gcry_mpi_t zero; | ||
1232 | gcry_mpi_point_t q; | 1245 | gcry_mpi_point_t q; |
1233 | size_t size; | 1246 | size_t size; |
1234 | int rc; | 1247 | int rc; |
1235 | 1248 | ||
1236 | /* extract 'q' from pseudonym */ | 1249 | /* extract 'q' from pseudonym */ |
1250 | if (0 == memcmp (pseudonym, &zerop, sizeof (zerop))) | ||
1251 | { | ||
1252 | /* create basic ECC context */ | ||
1253 | if (0 != (rc = gcry_mpi_ec_new (&ctx, NULL, "NIST P-256"))) | ||
1254 | { | ||
1255 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_ec_new", rc); /* erroff gives more info */ | ||
1256 | return NULL; | ||
1257 | } | ||
1258 | /* initialize 'ctx' with 'q' = 0 */ | ||
1259 | zero = gcry_mpi_new (0); | ||
1260 | gcry_mpi_set_ui (zero, 0); | ||
1261 | q = gcry_mpi_point_new (0); | ||
1262 | gcry_mpi_point_set (q, zero, zero, zero); | ||
1263 | gcry_mpi_ec_set_point ("q", q, ctx); | ||
1264 | gcry_mpi_release (zero); | ||
1265 | gcry_mpi_point_release (q); | ||
1266 | return ctx; | ||
1267 | } | ||
1237 | size = sizeof (pseudonym->q_x); | 1268 | size = sizeof (pseudonym->q_x); |
1238 | if (0 != (rc = gcry_mpi_scan (&q_x, GCRYMPI_FMT_USG, pseudonym->q_x, size, &size))) | 1269 | if (0 != (rc = gcry_mpi_scan (&q_x, GCRYMPI_FMT_USG, pseudonym->q_x, size, &size))) |
1239 | { | 1270 | { |
@@ -1279,8 +1310,8 @@ get_context_from_pseudonym (struct GNUNET_FS_PseudonymIdentifier *pseudonym) | |||
1279 | */ | 1310 | */ |
1280 | int | 1311 | int |
1281 | GNUNET_FS_pseudonym_derive_verification_key (struct GNUNET_FS_PseudonymIdentifier *pseudonym, | 1312 | GNUNET_FS_pseudonym_derive_verification_key (struct GNUNET_FS_PseudonymIdentifier *pseudonym, |
1282 | const struct GNUNET_HashCode *signing_key, | 1313 | const struct GNUNET_HashCode *signing_key, |
1283 | struct GNUNET_FS_PseudonymIdentifier *verification_key) | 1314 | struct GNUNET_FS_PseudonymIdentifier *verification_key) |
1284 | { | 1315 | { |
1285 | gcry_mpi_t h; | 1316 | gcry_mpi_t h; |
1286 | size_t size; | 1317 | size_t size; |
@@ -1314,6 +1345,7 @@ GNUNET_FS_pseudonym_derive_verification_key (struct GNUNET_FS_PseudonymIdentifie | |||
1314 | /* then call the 'multiply' function, to compute the product hG */ | 1345 | /* then call the 'multiply' function, to compute the product hG */ |
1315 | hg = gcry_mpi_point_new (0); | 1346 | hg = gcry_mpi_point_new (0); |
1316 | gcry_mpi_ec_mul (hg, h, g, ctx); | 1347 | gcry_mpi_ec_mul (hg, h, g, ctx); |
1348 | gcry_mpi_point_release (g); | ||
1317 | gcry_mpi_release (h); | 1349 | gcry_mpi_release (h); |
1318 | 1350 | ||
1319 | /* get Q = dG from 'pseudonym' */ | 1351 | /* get Q = dG from 'pseudonym' */ |
@@ -1321,7 +1353,7 @@ GNUNET_FS_pseudonym_derive_verification_key (struct GNUNET_FS_PseudonymIdentifie | |||
1321 | /* calculate V = Q + hG = dG + hG = (d + h)G*/ | 1353 | /* calculate V = Q + hG = dG + hG = (d + h)G*/ |
1322 | v = gcry_mpi_point_new (0); | 1354 | v = gcry_mpi_point_new (0); |
1323 | gcry_mpi_ec_add (v, q, hg, ctx); | 1355 | gcry_mpi_ec_add (v, q, hg, ctx); |
1324 | /* FIXME: free 'hg'? */ | 1356 | gcry_mpi_point_release (hg); |
1325 | 1357 | ||
1326 | /* store 'v' point in "verification_key" */ | 1358 | /* store 'v' point in "verification_key" */ |
1327 | v_x = gcry_mpi_new (256); | 1359 | v_x = gcry_mpi_new (256); |
@@ -1486,10 +1518,13 @@ GNUNET_FS_pseudonym_verify (const struct GNUNET_FS_PseudonymSignaturePurpose *pu | |||
1486 | */ | 1518 | */ |
1487 | void | 1519 | void |
1488 | GNUNET_FS_pseudonym_get_identifier (struct GNUNET_FS_PseudonymHandle *ph, | 1520 | GNUNET_FS_pseudonym_get_identifier (struct GNUNET_FS_PseudonymHandle *ph, |
1489 | struct GNUNET_FS_PseudonymIdentifier *pseudonym) | 1521 | struct GNUNET_FS_PseudonymIdentifier *pseudonym) |
1490 | { | 1522 | { |
1491 | memcpy (pseudonym, &ph->public_key, | 1523 | if (&anonymous == ph) |
1492 | sizeof (struct GNUNET_FS_PseudonymIdentifier)); | 1524 | memset (pseudonym, 0, sizeof (struct GNUNET_FS_PseudonymIdentifier)); |
1525 | else | ||
1526 | memcpy (pseudonym, &ph->public_key, | ||
1527 | sizeof (struct GNUNET_FS_PseudonymIdentifier)); | ||
1493 | } | 1528 | } |
1494 | 1529 | ||
1495 | 1530 | ||
@@ -1502,7 +1537,7 @@ GNUNET_FS_pseudonym_get_identifier (struct GNUNET_FS_PseudonymHandle *ph, | |||
1502 | */ | 1537 | */ |
1503 | int | 1538 | int |
1504 | GNUNET_FS_pseudonym_remove (const struct GNUNET_CONFIGURATION_Handle *cfg, | 1539 | GNUNET_FS_pseudonym_remove (const struct GNUNET_CONFIGURATION_Handle *cfg, |
1505 | const struct GNUNET_FS_PseudonymIdentifier *id) | 1540 | const struct GNUNET_FS_PseudonymIdentifier *id) |
1506 | { | 1541 | { |
1507 | char *fn; | 1542 | char *fn; |
1508 | int result; | 1543 | int result; |