diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-10-18 11:58:09 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-10-18 11:58:09 +0000 |
commit | ba7d316cff500d0bffee07994f970b80f811d089 (patch) | |
tree | f2447a588c89b775b0abc1f0c313b3f9a20eb872 /src/gnsrecord/gnsrecord_crypto.c | |
parent | fe41d052396d6d63c0ad3ff10852f3289418b0db (diff) | |
download | gnunet-ba7d316cff500d0bffee07994f970b80f811d089.tar.gz gnunet-ba7d316cff500d0bffee07994f970b80f811d089.zip |
-fix testcase to not use expired records
Diffstat (limited to 'src/gnsrecord/gnsrecord_crypto.c')
-rw-r--r-- | src/gnsrecord/gnsrecord_crypto.c | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index 0d173c26e..336fb93c2 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c | |||
@@ -93,9 +93,19 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
93 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 93 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
94 | struct GNUNET_CRYPTO_SymmetricSessionKey skey; | 94 | struct GNUNET_CRYPTO_SymmetricSessionKey skey; |
95 | uint32_t rd_count_nbo; | 95 | uint32_t rd_count_nbo; |
96 | unsigned int i; | ||
96 | 97 | ||
97 | if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) | 98 | if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) |
98 | return NULL; | 99 | return NULL; |
100 | /* sanity check */ | ||
101 | for (i=0;i<rd_count;i++) | ||
102 | if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION)) | ||
103 | { | ||
104 | /* encrypted blocks must never have relative expiration times, skip! */ | ||
105 | GNUNET_break (0); | ||
106 | return NULL; | ||
107 | } | ||
108 | /* serialize */ | ||
99 | rd_count_nbo = htonl (rd_count); | 109 | rd_count_nbo = htonl (rd_count); |
100 | memcpy (payload, &rd_count_nbo, sizeof (uint32_t)); | 110 | memcpy (payload, &rd_count_nbo, sizeof (uint32_t)); |
101 | GNUNET_assert (payload_len == | 111 | GNUNET_assert (payload_len == |
@@ -108,9 +118,10 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
108 | sizeof (struct GNUNET_TIME_AbsoluteNBO)); | 118 | sizeof (struct GNUNET_TIME_AbsoluteNBO)); |
109 | block->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); | 119 | block->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); |
110 | block->expiration_time = GNUNET_TIME_absolute_hton (expire); | 120 | block->expiration_time = GNUNET_TIME_absolute_hton (expire); |
121 | /* encrypt and sign */ | ||
111 | dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, | 122 | dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, |
112 | label, | 123 | label, |
113 | "gns"); | 124 | "gns"); |
114 | GNUNET_CRYPTO_ecdsa_key_get_public (dkey, | 125 | GNUNET_CRYPTO_ecdsa_key_get_public (dkey, |
115 | &block->derived_key); | 126 | &block->derived_key); |
116 | GNUNET_CRYPTO_ecdsa_key_get_public (key, | 127 | GNUNET_CRYPTO_ecdsa_key_get_public (key, |
@@ -118,8 +129,8 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
118 | derive_block_aes_key (&iv, &skey, label, &pkey); | 129 | derive_block_aes_key (&iv, &skey, label, &pkey); |
119 | GNUNET_break (payload_len + sizeof (uint32_t) == | 130 | GNUNET_break (payload_len + sizeof (uint32_t) == |
120 | GNUNET_CRYPTO_symmetric_encrypt (payload, payload_len + sizeof (uint32_t), | 131 | GNUNET_CRYPTO_symmetric_encrypt (payload, payload_len + sizeof (uint32_t), |
121 | &skey, &iv, | 132 | &skey, &iv, |
122 | &block[1])); | 133 | &block[1])); |
123 | if (GNUNET_OK != | 134 | if (GNUNET_OK != |
124 | GNUNET_CRYPTO_ecdsa_sign (dkey, | 135 | GNUNET_CRYPTO_ecdsa_sign (dkey, |
125 | &block->purpose, | 136 | &block->purpose, |