GNS: Dog-food even more of our TVs

author: Martin Schanzenbach <schanzen@gnunet.org> 2023-07-04 14:34:10 +0200
committer: Martin Schanzenbach <schanzen@gnunet.org> 2023-07-04 14:34:10 +0200
commit: 9a0b6cb59596b66ec796647f788c8d08170da69a (patch)
tree: 7e59b74a5cb751d22d0c2d02b49faaa42db9b29f /src/gnsrecord
parent: b195b613458c987787f7a0ec4de7e1cbabe02fa4 (diff)
download: gnunet-9a0b6cb59596b66ec796647f788c8d08170da69a.tar.gz
gnunet-9a0b6cb59596b66ec796647f788c8d08170da69a.zip
1 files changed, 152 insertions, 4 deletions
diff --git a/src/gnsrecord/test_gnsrecord_testvectors.c b/src/gnsrecord/test_gnsrecord_testvectors.c
index 139eda58c..af91518ac 100644
--- a/src/gnsrecord/test_gnsrecord_testvectors.c
+++ b/src/gnsrecord/test_gnsrecord_testvectors.c
@@ -3,6 +3,7 @@
 #include "gnunet_gns_service.h"
 #include "gnunet_gnsrecord_lib.h"
 #include <inttypes.h>
+#include "gnsrecord_crypto.h"
 int res;
@@ -12,10 +13,13 @@ struct GnsTv
  struct GNUNET_GNSRECORD_Data expected_rd[2048];
  char *d;
  char *zid;
+  char *ztld;
  char *label;
  char *q;
  char *rdata;
  char *rrblock;
+  char *k;
+  char *nonce;
 };
 /** The first tests is from the Go implementation.
@@ -34,6 +38,7 @@ struct GnsTv tvs[] = {
      "f9 6d 84 ff 61 f5 98 2c"
      "2c 4f e0 2d 5a 11 fe df"
      "b0 c2 90 1f",
+    .ztld = "000G0037FH3QTBCK15Y8BCCNRVWPV17ZC7TSGB1C9ZG2TPGHZVFV1GMG3W",
    .label = "74 65 73 74 64 65 6c 65"
             "67 61 74 69 6f 6e",
    .q =
@@ -45,6 +50,14 @@ struct GnsTv tvs[] = {
      "b0 f7 ec 9a f1 cc 42 64"
      "12 99 40 6b 04 fd 9b 5b"
      "57 91 f8 6c 4b 08 d5 f4",
+    .nonce =
+      "e9 0a 00 61 00 1c ee 8c"
+      "10 e2 59 80 00 00 00 01",
+    .k =
+      "86 4e 71 38 ea e7 fd 91"
+      "a3 01 36 89 9c 13 2b 23"
+      "ac eb db 2c ef 43 cb 19"
+      "f6 bf 55 b6 7d b9 b3 b3",
    .rdata =
      "00 1c ee 8c 10 e2 59 80"
      "00 20 00 01 00 01 00 00"
@@ -84,9 +97,18 @@ struct GnsTv tvs[] = {
      "f9 6d 84 ff 61 f5 98 2c"
      "2c 4f e0 2d 5a 11 fe df"
      "b0 c2 90 1f",
+    .ztld = "000G0037FH3QTBCK15Y8BCCNRVWPV17ZC7TSGB1C9ZG2TPGHZVFV1GMG3W",
    .label =
      "e5 a4 a9 e4 b8 8b e7 84"
      "a1 e6 95 b5",
+    .nonce =
+      "ee 96 33 c1 00 1c ee 8c"
+      "10 e2 59 80 00 00 00 01",
+    .k =
+      "fb 3a b5 de 23 bd da e1"
+      "99 7a af 7b 92 c2 d2 71"
+      "51 40 8b 77 af 7a 41 ac"
+      "79 05 7c 4d f5 38 3d 01",
    .q =
      "af f0 ad 6a 44 09 73 68"
      "42 9a c4 76 df a1 f3 4b"
@@ -155,9 +177,19 @@ struct GnsTv tvs[] = {
      "53 b8 5d 93 b0 47 b6 3d"
      "44 6c 58 45 cb 48 44 5d"
      "db 96 68 8f",
+    .ztld = "000G051WYJWJ80S04BRDRM2R2H9VGQCKP13VCFA4DHC4BJT88HEXQ5K8HW",
    .label =
      "74 65 73 74 64 65 6c 65"
      "67 61 74 69 6f 6e",
+    .nonce =
+      "98 13 2e a8 68 59 d3 5c"
+      "88 bf d3 17 fa 99 1b cb"
+      "00 1c ee 8c 10 e2 59 80",
+    .k =
+      "85 c4 29 a9 56 7a a6 33"
+      "41 1a 96 91 e9 09 4c 45"
+      "28 16 72 be 58 60 34 aa"
+      "e4 a2 a2 cc 71 61 59 e2",
    .q =
      "ab aa ba c0 e1 24 94 59"
      "75 98 83 95 aa c0 24 1e"
@@ -208,9 +240,19 @@ struct GnsTv tvs[] = {
      "53 b8 5d 93 b0 47 b6 3d"
      "44 6c 58 45 cb 48 44 5d"
      "db 96 68 8f",
+    .ztld = "000G051WYJWJ80S04BRDRM2R2H9VGQCKP13VCFA4DHC4BJT88HEXQ5K8HW",
    .label =
      "e5 a4 a9 e4 b8 8b e7 84"
      "a1 e6 95 b5",
+    .nonce =
+      "bb 0d 3f 0f bd 22 42 77"
+      "50 da 5d 69 12 16 e6 c9"
+      "00 1c ee 8c 10 e2 59 80",
+    .k =
+      "3d f8 05 bd 66 87 aa 14"
+      "20 96 28 c2 44 b1 11 91"
+      "88 c3 92 56 37 a4 1e 5d"
+      "76 49 6c 29 45 dc 37 7b",
    .q =
      "ba f8 21 77 ee c0 81 e0"
      "74 a7 da 47 ff c6 48 77"
@@ -399,6 +441,80 @@ res_checker (void *cls,
 }
+enum GNUNET_GenericReturnValue
+check_derivations_edkey (const char*label,
+                         struct GNUNET_TIME_Absolute expire,
+                         struct GNUNET_IDENTITY_PublicKey *pub,
+                         struct GnsTv *tv)
+{
+  unsigned char nonce[crypto_secretbox_NONCEBYTES];
+  unsigned char skey[crypto_secretbox_KEYBYTES];
+  unsigned char nonce_expected[crypto_secretbox_NONCEBYTES];
+  unsigned char skey_expected[crypto_secretbox_KEYBYTES];
+  parsehex (tv->nonce,(char*) nonce_expected, crypto_secretbox_NONCEBYTES, 0);
+  parsehex (tv->k,(char*) skey_expected, crypto_secretbox_KEYBYTES, 0);
+  GNR_derive_block_xsalsa_key (nonce,
+                               skey,
+                               label,
+                               GNUNET_TIME_absolute_hton (
+                                 expire).abs_value_us__,
+                               &pub->eddsa_key);
+  /* Ignore random 128-bit nonce, can't check this here. Will be checked on
+   * decryption. */
+  if (0 != memcmp (nonce + 16, nonce_expected + 16, sizeof (nonce) - 16))
+  {
+    printf ("FAIL: Failed to derive nonce:\n");
+    print_bytes (nonce, sizeof (nonce), 8);
+    print_bytes (nonce_expected, sizeof (nonce), 8);
+    return GNUNET_NO;
+  }
+  if (0 != memcmp (skey, skey_expected, sizeof (skey)))
+  {
+    printf ("FAIL: Failed to derive secret key\n");
+    return GNUNET_NO;
+  }
+  return GNUNET_OK;
+}
+enum GNUNET_GenericReturnValue
+check_derivations_pkey (const char*label,
+                        struct GNUNET_TIME_Absolute expire,
+                        struct GNUNET_IDENTITY_PublicKey *pub,
+                        struct GnsTv *tv)
+{
+  unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
+  unsigned char ctr_expected[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
+  unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH];
+  unsigned char skey_expected[GNUNET_CRYPTO_AES_KEY_LENGTH];
+  parsehex (tv->nonce,(char*) ctr_expected, sizeof (ctr), 0);
+  parsehex (tv->k,(char*) skey_expected, sizeof (skey), 0);
+  GNR_derive_block_aes_key (ctr,
+                            skey,
+                            label,
+                            GNUNET_TIME_absolute_hton (
+                              expire).abs_value_us__,
+                            &pub->ecdsa_key);
+  /* Ignore random 32-bit nonce, can't check this here. Will be checked on
+   * decryption. */
+  if (0 != memcmp (ctr + 4, ctr_expected + 4, sizeof (ctr) - 4))
+  {
+    printf ("FAIL: Failed to derive nonce\n");
+    return GNUNET_NO;
+  }
+  if (0 != memcmp (skey, skey_expected, sizeof (skey)))
+  {
+    printf ("FAIL: Failed to derive secret key\n");
+    return GNUNET_NO;
+  }
+  return GNUNET_OK;
+}
 int
 main ()
 {
@@ -408,8 +524,10 @@ main ()
  struct GNUNET_GNSRECORD_Block *rrblock;
  struct GNUNET_HashCode query;
  struct GNUNET_HashCode expected_query;
+  struct GNUNET_TIME_Absolute expire;
  char label[128];
  char rdata[8096];
+  char ztld[128];
  res = 0;
  for (int i = 0; NULL != tvs[i].d; i++)
@@ -427,6 +545,19 @@ main ()
      printf ("Wrong pubkey.\n");
      print_bytes (&pub, 36, 8);
      print_bytes (&pub_parsed, 36, 8);
+      res = 1;
+      break;
+    }
+    GNUNET_STRINGS_data_to_string (&pub,
+                                   GNUNET_IDENTITY_public_key_get_length (
+                                     &pub),
+                                   ztld,
+                                   sizeof (ztld));
+    if (0 != strcmp (ztld, tvs[i].ztld))
+    {
+      printf ("Wrong zTLD: expected %s, got %s\n", tvs[i].ztld, ztld);
+      res = 1;
+      break;
    }
    rrblock = GNUNET_malloc (strlen (tvs[i].rrblock));
    parsehex (tvs[i].rrblock, (char*) rrblock, 0, 0);
@@ -441,7 +572,7 @@ main ()
      printf ("  expected: %s", GNUNET_h2s (&expected_query));
      printf (", was: %s\n", GNUNET_h2s (&query));
      res = 1;
-      goto finish;
+      break;
    }
    int len = parsehex (tvs[i].rdata, (char*) rdata, 0, 0);
    tvs[i].expected_rd_count =
@@ -451,13 +582,29 @@ main ()
    if (GNUNET_OK !=
        GNUNET_GNSRECORD_records_deserialize (len,
                                              rdata,
-                                              tvs[i].
+                                              tvs[i].expected_rd_count,
-                                              expected_rd_count,
                                              tvs[i].expected_rd))
    {
      printf ("FAIL: Deserialization of RDATA failed\n");
      res = 1;
-      goto finish;
+      break;
+    }
+    expire = GNUNET_GNSRECORD_record_get_expiration_time (
+      tvs[i].expected_rd_count,
+      tvs[i].expected_rd,
+      GNUNET_TIME_UNIT_ZERO_ABS);
+    if ((GNUNET_GNSRECORD_TYPE_PKEY == ntohl (pub.type)) &&
+        (GNUNET_OK != check_derivations_pkey (label, expire, &pub, &tvs[i])))
+    {
+      res = 1;
+      break;
+    }
+    else if ((GNUNET_GNSRECORD_TYPE_EDKEY == ntohl (pub.type)) &&
+             (GNUNET_OK != check_derivations_edkey (label, expire, &pub,
+                                                    &tvs[i])))
+    {
+      res = 1;
+      break;
    }
    if (GNUNET_OK != GNUNET_GNSRECORD_block_decrypt (rrblock,
                                                     &pub_parsed,
@@ -467,6 +614,7 @@ main ()
    {
      printf ("FAIL: Decryption of RRBLOCK failed\n");
      res = 1;
+      break;
    }
    if (0 != res)
      break;
author	Martin Schanzenbach <schanzen@gnunet.org>	2023-07-04 14:34:10 +0200
committer	Martin Schanzenbach <schanzen@gnunet.org>	2023-07-04 14:34:10 +0200
commit	9a0b6cb59596b66ec796647f788c8d08170da69a (patch)
tree	7e59b74a5cb751d22d0c2d02b49faaa42db9b29f /src/gnsrecord
parent	b195b613458c987787f7a0ec4de7e1cbabe02fa4 (diff)
download	gnunet-9a0b6cb59596b66ec796647f788c8d08170da69a.tar.gz gnunet-9a0b6cb59596b66ec796647f788c8d08170da69a.zip

diff --git a/src/gnsrecord/test_gnsrecord_testvectors.c b/src/gnsrecord/test_gnsrecord_testvectors.c index 139eda58c..af91518ac 100644 --- a/src/gnsrecord/test_gnsrecord_testvectors.c +++ b/src/gnsrecord/test_gnsrecord_testvectors.c
@@ -3,6 +3,7 @@
3	#include "gnunet_gns_service.h"	3	#include "gnunet_gns_service.h"
4	#include "gnunet_gnsrecord_lib.h"	4	#include "gnunet_gnsrecord_lib.h"
5	#include <inttypes.h>	5	#include <inttypes.h>
		6	#include "gnsrecord_crypto.h"
6		7
7	int res;	8	int res;
8		9
@@ -12,10 +13,13 @@ struct GnsTv
12	struct GNUNET_GNSRECORD_Data expected_rd[2048];	13	struct GNUNET_GNSRECORD_Data expected_rd[2048];
13	char *d;	14	char *d;
14	char *zid;	15	char *zid;
		16	char *ztld;
15	char *label;	17	char *label;
16	char *q;	18	char *q;
17	char *rdata;	19	char *rdata;
18	char *rrblock;	20	char *rrblock;
		21	char *k;
		22	char *nonce;
19	};	23	};
20		24
21	/** The first tests is from the Go implementation.	25	/** The first tests is from the Go implementation.
@@ -34,6 +38,7 @@ struct GnsTv tvs[] = {
34	"f9 6d 84 ff 61 f5 98 2c"	38	"f9 6d 84 ff 61 f5 98 2c"
35	"2c 4f e0 2d 5a 11 fe df"	39	"2c 4f e0 2d 5a 11 fe df"
36	"b0 c2 90 1f",	40	"b0 c2 90 1f",
		41	.ztld = "000G0037FH3QTBCK15Y8BCCNRVWPV17ZC7TSGB1C9ZG2TPGHZVFV1GMG3W",
37	.label = "74 65 73 74 64 65 6c 65"	42	.label = "74 65 73 74 64 65 6c 65"
38	"67 61 74 69 6f 6e",	43	"67 61 74 69 6f 6e",
39	.q =	44	.q =
@@ -45,6 +50,14 @@ struct GnsTv tvs[] = {
45	"b0 f7 ec 9a f1 cc 42 64"	50	"b0 f7 ec 9a f1 cc 42 64"
46	"12 99 40 6b 04 fd 9b 5b"	51	"12 99 40 6b 04 fd 9b 5b"
47	"57 91 f8 6c 4b 08 d5 f4",	52	"57 91 f8 6c 4b 08 d5 f4",
		53	.nonce =
		54	"e9 0a 00 61 00 1c ee 8c"
		55	"10 e2 59 80 00 00 00 01",
		56	.k =
		57	"86 4e 71 38 ea e7 fd 91"
		58	"a3 01 36 89 9c 13 2b 23"
		59	"ac eb db 2c ef 43 cb 19"
		60	"f6 bf 55 b6 7d b9 b3 b3",
48	.rdata =	61	.rdata =
49	"00 1c ee 8c 10 e2 59 80"	62	"00 1c ee 8c 10 e2 59 80"
50	"00 20 00 01 00 01 00 00"	63	"00 20 00 01 00 01 00 00"
@@ -84,9 +97,18 @@ struct GnsTv tvs[] = {
84	"f9 6d 84 ff 61 f5 98 2c"	97	"f9 6d 84 ff 61 f5 98 2c"
85	"2c 4f e0 2d 5a 11 fe df"	98	"2c 4f e0 2d 5a 11 fe df"
86	"b0 c2 90 1f",	99	"b0 c2 90 1f",
		100	.ztld = "000G0037FH3QTBCK15Y8BCCNRVWPV17ZC7TSGB1C9ZG2TPGHZVFV1GMG3W",
87	.label =	101	.label =
88	"e5 a4 a9 e4 b8 8b e7 84"	102	"e5 a4 a9 e4 b8 8b e7 84"
89	"a1 e6 95 b5",	103	"a1 e6 95 b5",
		104	.nonce =
		105	"ee 96 33 c1 00 1c ee 8c"
		106	"10 e2 59 80 00 00 00 01",
		107	.k =
		108	"fb 3a b5 de 23 bd da e1"
		109	"99 7a af 7b 92 c2 d2 71"
		110	"51 40 8b 77 af 7a 41 ac"
		111	"79 05 7c 4d f5 38 3d 01",
90	.q =	112	.q =
91	"af f0 ad 6a 44 09 73 68"	113	"af f0 ad 6a 44 09 73 68"
92	"42 9a c4 76 df a1 f3 4b"	114	"42 9a c4 76 df a1 f3 4b"
@@ -155,9 +177,19 @@ struct GnsTv tvs[] = {
155	"53 b8 5d 93 b0 47 b6 3d"	177	"53 b8 5d 93 b0 47 b6 3d"
156	"44 6c 58 45 cb 48 44 5d"	178	"44 6c 58 45 cb 48 44 5d"
157	"db 96 68 8f",	179	"db 96 68 8f",
		180	.ztld = "000G051WYJWJ80S04BRDRM2R2H9VGQCKP13VCFA4DHC4BJT88HEXQ5K8HW",
158	.label =	181	.label =
159	"74 65 73 74 64 65 6c 65"	182	"74 65 73 74 64 65 6c 65"
160	"67 61 74 69 6f 6e",	183	"67 61 74 69 6f 6e",
		184	.nonce =
		185	"98 13 2e a8 68 59 d3 5c"
		186	"88 bf d3 17 fa 99 1b cb"
		187	"00 1c ee 8c 10 e2 59 80",
		188	.k =
		189	"85 c4 29 a9 56 7a a6 33"
		190	"41 1a 96 91 e9 09 4c 45"
		191	"28 16 72 be 58 60 34 aa"
		192	"e4 a2 a2 cc 71 61 59 e2",
161	.q =	193	.q =
162	"ab aa ba c0 e1 24 94 59"	194	"ab aa ba c0 e1 24 94 59"
163	"75 98 83 95 aa c0 24 1e"	195	"75 98 83 95 aa c0 24 1e"
@@ -208,9 +240,19 @@ struct GnsTv tvs[] = {
208	"53 b8 5d 93 b0 47 b6 3d"	240	"53 b8 5d 93 b0 47 b6 3d"
209	"44 6c 58 45 cb 48 44 5d"	241	"44 6c 58 45 cb 48 44 5d"
210	"db 96 68 8f",	242	"db 96 68 8f",
		243	.ztld = "000G051WYJWJ80S04BRDRM2R2H9VGQCKP13VCFA4DHC4BJT88HEXQ5K8HW",
211	.label =	244	.label =
212	"e5 a4 a9 e4 b8 8b e7 84"	245	"e5 a4 a9 e4 b8 8b e7 84"
213	"a1 e6 95 b5",	246	"a1 e6 95 b5",
		247	.nonce =
		248	"bb 0d 3f 0f bd 22 42 77"
		249	"50 da 5d 69 12 16 e6 c9"
		250	"00 1c ee 8c 10 e2 59 80",
		251	.k =
		252	"3d f8 05 bd 66 87 aa 14"
		253	"20 96 28 c2 44 b1 11 91"
		254	"88 c3 92 56 37 a4 1e 5d"
		255	"76 49 6c 29 45 dc 37 7b",
214	.q =	256	.q =
215	"ba f8 21 77 ee c0 81 e0"	257	"ba f8 21 77 ee c0 81 e0"
216	"74 a7 da 47 ff c6 48 77"	258	"74 a7 da 47 ff c6 48 77"
@@ -399,6 +441,80 @@ res_checker (void *cls,
399	}	441	}
400		442
401		443
		444	enum GNUNET_GenericReturnValue
		445	check_derivations_edkey (const char*label,
		446	struct GNUNET_TIME_Absolute expire,
		447	struct GNUNET_IDENTITY_PublicKey *pub,
		448	struct GnsTv *tv)
		449	{
		450	unsigned char nonce[crypto_secretbox_NONCEBYTES];
		451	unsigned char skey[crypto_secretbox_KEYBYTES];
		452	unsigned char nonce_expected[crypto_secretbox_NONCEBYTES];
		453	unsigned char skey_expected[crypto_secretbox_KEYBYTES];
		454
		455
		456	parsehex (tv->nonce,(char*) nonce_expected, crypto_secretbox_NONCEBYTES, 0);
		457	parsehex (tv->k,(char*) skey_expected, crypto_secretbox_KEYBYTES, 0);
		458	GNR_derive_block_xsalsa_key (nonce,
		459	skey,
		460	label,
		461	GNUNET_TIME_absolute_hton (
		462	expire).abs_value_us__,
		463	&pub->eddsa_key);
		464	/* Ignore random 128-bit nonce, can't check this here. Will be checked on
		465	* decryption. */
		466	if (0 != memcmp (nonce + 16, nonce_expected + 16, sizeof (nonce) - 16))
		467	{
		468	printf ("FAIL: Failed to derive nonce:\n");
		469	print_bytes (nonce, sizeof (nonce), 8);
		470	print_bytes (nonce_expected, sizeof (nonce), 8);
		471	return GNUNET_NO;
		472	}
		473	if (0 != memcmp (skey, skey_expected, sizeof (skey)))
		474	{
		475	printf ("FAIL: Failed to derive secret key\n");
		476	return GNUNET_NO;
		477	}
		478	return GNUNET_OK;
		479	}
		480
		481
		482	enum GNUNET_GenericReturnValue
		483	check_derivations_pkey (const char*label,
		484	struct GNUNET_TIME_Absolute expire,
		485	struct GNUNET_IDENTITY_PublicKey *pub,
		486	struct GnsTv *tv)
		487	{
		488	unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
		489	unsigned char ctr_expected[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
		490	unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH];
		491	unsigned char skey_expected[GNUNET_CRYPTO_AES_KEY_LENGTH];
		492
		493	parsehex (tv->nonce,(char*) ctr_expected, sizeof (ctr), 0);
		494	parsehex (tv->k,(char*) skey_expected, sizeof (skey), 0);
		495	GNR_derive_block_aes_key (ctr,
		496	skey,
		497	label,
		498	GNUNET_TIME_absolute_hton (
		499	expire).abs_value_us__,
		500	&pub->ecdsa_key);
		501
		502	/* Ignore random 32-bit nonce, can't check this here. Will be checked on
		503	* decryption. */
		504	if (0 != memcmp (ctr + 4, ctr_expected + 4, sizeof (ctr) - 4))
		505	{
		506	printf ("FAIL: Failed to derive nonce\n");
		507	return GNUNET_NO;
		508	}
		509	if (0 != memcmp (skey, skey_expected, sizeof (skey)))
		510	{
		511	printf ("FAIL: Failed to derive secret key\n");
		512	return GNUNET_NO;
		513	}
		514	return GNUNET_OK;
		515	}
		516
		517
402	int	518	int
403	main ()	519	main ()
404	{	520	{
@@ -408,8 +524,10 @@ main ()
408	struct GNUNET_GNSRECORD_Block *rrblock;	524	struct GNUNET_GNSRECORD_Block *rrblock;
409	struct GNUNET_HashCode query;	525	struct GNUNET_HashCode query;
410	struct GNUNET_HashCode expected_query;	526	struct GNUNET_HashCode expected_query;
		527	struct GNUNET_TIME_Absolute expire;
411	char label[128];	528	char label[128];
412	char rdata[8096];	529	char rdata[8096];
		530	char ztld[128];
413	res = 0;	531	res = 0;
414		532
415	for (int i = 0; NULL != tvs[i].d; i++)	533	for (int i = 0; NULL != tvs[i].d; i++)
@@ -427,6 +545,19 @@ main ()
427	printf ("Wrong pubkey.\n");	545	printf ("Wrong pubkey.\n");
428	print_bytes (&pub, 36, 8);	546	print_bytes (&pub, 36, 8);
429	print_bytes (&pub_parsed, 36, 8);	547	print_bytes (&pub_parsed, 36, 8);
		548	res = 1;
		549	break;
		550	}
		551	GNUNET_STRINGS_data_to_string (&pub,
		552	GNUNET_IDENTITY_public_key_get_length (
		553	&pub),
		554	ztld,
		555	sizeof (ztld));
		556	if (0 != strcmp (ztld, tvs[i].ztld))
		557	{
		558	printf ("Wrong zTLD: expected %s, got %s\n", tvs[i].ztld, ztld);
		559	res = 1;
		560	break;
430	}	561	}
431	rrblock = GNUNET_malloc (strlen (tvs[i].rrblock));	562	rrblock = GNUNET_malloc (strlen (tvs[i].rrblock));
432	parsehex (tvs[i].rrblock, (char*) rrblock, 0, 0);	563	parsehex (tvs[i].rrblock, (char*) rrblock, 0, 0);
@@ -441,7 +572,7 @@ main ()
441	printf (" expected: %s", GNUNET_h2s (&expected_query));	572	printf (" expected: %s", GNUNET_h2s (&expected_query));
442	printf (", was: %s\n", GNUNET_h2s (&query));	573	printf (", was: %s\n", GNUNET_h2s (&query));
443	res = 1;	574	res = 1;
444	goto finish;	575	break;
445	}	576	}
446	int len = parsehex (tvs[i].rdata, (char*) rdata, 0, 0);	577	int len = parsehex (tvs[i].rdata, (char*) rdata, 0, 0);
447	tvs[i].expected_rd_count =	578	tvs[i].expected_rd_count =
@@ -451,13 +582,29 @@ main ()
451	if (GNUNET_OK !=	582	if (GNUNET_OK !=
452	GNUNET_GNSRECORD_records_deserialize (len,	583	GNUNET_GNSRECORD_records_deserialize (len,
453	rdata,	584	rdata,
454	tvs[i].	585	tvs[i].expected_rd_count,
455	expected_rd_count,
456	tvs[i].expected_rd))	586	tvs[i].expected_rd))
457	{	587	{
458	printf ("FAIL: Deserialization of RDATA failed\n");	588	printf ("FAIL: Deserialization of RDATA failed\n");
459	res = 1;	589	res = 1;
460	goto finish;	590	break;
		591	}
		592	expire = GNUNET_GNSRECORD_record_get_expiration_time (
		593	tvs[i].expected_rd_count,
		594	tvs[i].expected_rd,
		595	GNUNET_TIME_UNIT_ZERO_ABS);
		596	if ((GNUNET_GNSRECORD_TYPE_PKEY == ntohl (pub.type)) &&
		597	(GNUNET_OK != check_derivations_pkey (label, expire, &pub, &tvs[i])))
		598	{
		599	res = 1;
		600	break;
		601	}
		602	else if ((GNUNET_GNSRECORD_TYPE_EDKEY == ntohl (pub.type)) &&
		603	(GNUNET_OK != check_derivations_edkey (label, expire, &pub,
		604	&tvs[i])))
		605	{
		606	res = 1;
		607	break;
461	}	608	}
462	if (GNUNET_OK != GNUNET_GNSRECORD_block_decrypt (rrblock,	609	if (GNUNET_OK != GNUNET_GNSRECORD_block_decrypt (rrblock,
463	&pub_parsed,	610	&pub_parsed,
@@ -467,6 +614,7 @@ main ()
467	{	614	{
468	printf ("FAIL: Decryption of RRBLOCK failed\n");	615	printf ("FAIL: Decryption of RRBLOCK failed\n");
469	res = 1;	616	res = 1;
		617	break;
470	}	618	}
471	if (0 != res)	619	if (0 != res)
472	break;	620	break;