diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2022-02-03 09:25:12 +0100 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2022-02-03 09:25:12 +0100 |
commit | 112ef3796314122465f23215233d8b7dd7a15a0b (patch) | |
tree | 1e9f9c9861a840898613ef822d26fb375c4a56ad /src/gnsrecord | |
parent | ad6bc2037ffee49f6df1a3ac87fa507581af2365 (diff) | |
download | gnunet-112ef3796314122465f23215233d8b7dd7a15a0b.tar.gz gnunet-112ef3796314122465f23215233d8b7dd7a15a0b.zip |
GNS: Rework GNS block wire format
Diffstat (limited to 'src/gnsrecord')
-rw-r--r-- | src/gnsrecord/gnsrecord_crypto.c | 311 | ||||
-rw-r--r-- | src/gnsrecord/gnsrecord_crypto.h | 20 | ||||
-rw-r--r-- | src/gnsrecord/gnsrecord_misc.c | 19 | ||||
-rw-r--r-- | src/gnsrecord/gnsrecord_serialization.c | 56 | ||||
-rw-r--r-- | src/gnsrecord/gnunet-gnsrecord-tvg.c | 82 | ||||
-rw-r--r-- | src/gnsrecord/test_gnsrecord_crypto.c | 12 |
6 files changed, 284 insertions, 216 deletions
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index 24f4c48ca..890ddb011 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c | |||
@@ -95,8 +95,8 @@ eddsa_symmetric_decrypt ( | |||
95 | if (ctlen < 0) | 95 | if (ctlen < 0) |
96 | return GNUNET_SYSERR; | 96 | return GNUNET_SYSERR; |
97 | if (0 != crypto_secretbox_open_detached (result, | 97 | if (0 != crypto_secretbox_open_detached (result, |
98 | block, // Ciphertext | 98 | ((unsigned char*) block) + crypto_secretbox_MACBYTES, // Ciphertext |
99 | ((unsigned char*) block) + ctlen, // TAG | 99 | block, // Tag |
100 | ctlen, | 100 | ctlen, |
101 | nonce, key)) | 101 | nonce, key)) |
102 | { | 102 | { |
@@ -116,8 +116,8 @@ eddsa_symmetric_encrypt ( | |||
116 | { | 116 | { |
117 | if (size > crypto_secretbox_MESSAGEBYTES_MAX) | 117 | if (size > crypto_secretbox_MESSAGEBYTES_MAX) |
118 | return GNUNET_SYSERR; | 118 | return GNUNET_SYSERR; |
119 | crypto_secretbox_detached (result, // Ciphertext | 119 | crypto_secretbox_detached (result + crypto_secretbox_MACBYTES, // Ciphertext |
120 | result + size, // TAG | 120 | result, // TAG |
121 | block, size, nonce, key); | 121 | block, size, nonce, key); |
122 | return GNUNET_OK; | 122 | return GNUNET_OK; |
123 | } | 123 | } |
@@ -180,6 +180,20 @@ GNR_derive_block_xsalsa_key (unsigned char *nonce, | |||
180 | } | 180 | } |
181 | 181 | ||
182 | 182 | ||
183 | static ssize_t | ||
184 | block_get_size_ecdsa (const struct GNUNET_GNSRECORD_Data *rd, | ||
185 | unsigned int rd_count) | ||
186 | { | ||
187 | ssize_t len; | ||
188 | |||
189 | len = GNUNET_GNSRECORD_records_get_size (rd_count, rd); | ||
190 | if (len < 0) | ||
191 | return -1; | ||
192 | len += sizeof(struct GNUNET_GNSRECORD_Block); | ||
193 | return len; | ||
194 | } | ||
195 | |||
196 | |||
183 | /** | 197 | /** |
184 | * Sign name and records | 198 | * Sign name and records |
185 | * | 199 | * |
@@ -189,20 +203,22 @@ GNR_derive_block_xsalsa_key (unsigned char *nonce, | |||
189 | * @param label the name for the records | 203 | * @param label the name for the records |
190 | * @param rd record data | 204 | * @param rd record data |
191 | * @param rd_count number of records | 205 | * @param rd_count number of records |
192 | * @return NULL on error (block too large) | 206 | * @param block the block result. Must be allocated sufficiently. |
207 | * @return GNUNET_SYSERR on error (otherwise GNUNET_OK) | ||
193 | */ | 208 | */ |
194 | static struct GNUNET_GNSRECORD_Block * | 209 | static enum GNUNET_GenericReturnValue |
195 | block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | 210 | block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, |
196 | const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, | 211 | const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, |
197 | struct GNUNET_TIME_Absolute expire, | 212 | struct GNUNET_TIME_Absolute expire, |
198 | const char *label, | 213 | const char *label, |
199 | const struct GNUNET_GNSRECORD_Data *rd, | 214 | const struct GNUNET_GNSRECORD_Data *rd, |
200 | unsigned int rd_count) | 215 | unsigned int rd_count, |
216 | struct GNUNET_GNSRECORD_Block **block) | ||
201 | { | 217 | { |
202 | ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, | 218 | ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, |
203 | rd); | 219 | rd); |
204 | struct GNUNET_GNSRECORD_Block *block; | ||
205 | struct GNUNET_GNSRECORD_EcdsaBlock *ecblock; | 220 | struct GNUNET_GNSRECORD_EcdsaBlock *ecblock; |
221 | struct GNRBlockPS *gnr_block; | ||
206 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; | 222 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; |
207 | unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; | 223 | unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; |
208 | unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH]; | 224 | unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH]; |
@@ -213,12 +229,12 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
213 | if (payload_len < 0) | 229 | if (payload_len < 0) |
214 | { | 230 | { |
215 | GNUNET_break (0); | 231 | GNUNET_break (0); |
216 | return NULL; | 232 | return GNUNET_SYSERR; |
217 | } | 233 | } |
218 | if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) | 234 | if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) |
219 | { | 235 | { |
220 | GNUNET_break (0); | 236 | GNUNET_break (0); |
221 | return NULL; | 237 | return GNUNET_SYSERR; |
222 | } | 238 | } |
223 | /* convert relative to absolute times */ | 239 | /* convert relative to absolute times */ |
224 | now = GNUNET_TIME_absolute_get (); | 240 | now = GNUNET_TIME_absolute_get (); |
@@ -236,31 +252,25 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
236 | } | 252 | } |
237 | } | 253 | } |
238 | /* serialize */ | 254 | /* serialize */ |
255 | *block = GNUNET_malloc (sizeof (struct GNUNET_GNSRECORD_Block) + payload_len); | ||
256 | (*block)->size = htonl(sizeof (struct GNUNET_GNSRECORD_Block) + payload_len); | ||
239 | rd_count_nbo = htonl (rd_count); | 257 | rd_count_nbo = htonl (rd_count); |
240 | { | 258 | { |
241 | char payload[sizeof(uint32_t) + payload_len]; | 259 | char payload[payload_len]; |
242 | 260 | ||
243 | GNUNET_memcpy (payload, | ||
244 | &rd_count_nbo, | ||
245 | sizeof(uint32_t)); | ||
246 | GNUNET_assert (payload_len == | 261 | GNUNET_assert (payload_len == |
247 | GNUNET_GNSRECORD_records_serialize (rd_count, | 262 | GNUNET_GNSRECORD_records_serialize (rd_count, |
248 | rdc, | 263 | rdc, |
249 | payload_len, | 264 | payload_len, |
250 | &payload[sizeof(uint32_t) | 265 | payload)); |
251 | ])); | 266 | gnr_block = GNUNET_malloc (sizeof (struct GNRBlockPS) + payload_len); |
252 | block = GNUNET_malloc (sizeof(struct GNUNET_GNSRECORD_Block) | 267 | ecblock = &(*block)->ecdsa_block; |
253 | + sizeof(uint32_t) | 268 | (*block)->type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); |
254 | + payload_len); | 269 | gnr_block->purpose.size = htonl (sizeof(struct GNRBlockPS) + payload_len); |
255 | ecblock = &block->ecdsa_block; | 270 | gnr_block->purpose.purpose = |
256 | block->type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); | 271 | htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); |
257 | ecblock->purpose.size = htonl (sizeof(uint32_t) | 272 | gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); |
258 | + payload_len | 273 | ecblock->expiration_time = gnr_block->expiration_time; |
259 | + sizeof(struct | ||
260 | GNUNET_CRYPTO_EccSignaturePurpose) | ||
261 | + sizeof(struct GNUNET_TIME_AbsoluteNBO)); | ||
262 | ecblock->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); | ||
263 | ecblock->expiration_time = GNUNET_TIME_absolute_hton (expire); | ||
264 | /* encrypt and sign */ | 274 | /* encrypt and sign */ |
265 | dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, | 275 | dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, |
266 | label, | 276 | label, |
@@ -272,26 +282,40 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
272 | label, | 282 | label, |
273 | ecblock->expiration_time.abs_value_us__, | 283 | ecblock->expiration_time.abs_value_us__, |
274 | pkey); | 284 | pkey); |
275 | GNUNET_break (payload_len + sizeof(uint32_t) == | 285 | GNUNET_break (payload_len == |
276 | ecdsa_symmetric_encrypt (payload, | 286 | ecdsa_symmetric_encrypt (payload, |
277 | payload_len | 287 | payload_len, |
278 | + sizeof(uint32_t), | ||
279 | skey, | 288 | skey, |
280 | ctr, | 289 | ctr, |
281 | &ecblock[1])); | 290 | &ecblock[1])); |
291 | GNUNET_memcpy (&gnr_block[1], &ecblock[1], payload_len); | ||
282 | } | 292 | } |
283 | if (GNUNET_OK != | 293 | if (GNUNET_OK != |
284 | GNUNET_CRYPTO_ecdsa_sign_ (dkey, | 294 | GNUNET_CRYPTO_ecdsa_sign_ (dkey, |
285 | &ecblock->purpose, | 295 | &gnr_block->purpose, |
286 | &ecblock->signature)) | 296 | &ecblock->signature)) |
287 | { | 297 | { |
288 | GNUNET_break (0); | 298 | GNUNET_break (0); |
299 | GNUNET_free (*block); | ||
289 | GNUNET_free (dkey); | 300 | GNUNET_free (dkey); |
290 | GNUNET_free (block); | 301 | return GNUNET_SYSERR; |
291 | return NULL; | ||
292 | } | 302 | } |
293 | GNUNET_free (dkey); | 303 | GNUNET_free (dkey); |
294 | return block; | 304 | return GNUNET_OK; |
305 | } | ||
306 | |||
307 | static ssize_t | ||
308 | block_get_size_eddsa (const struct GNUNET_GNSRECORD_Data *rd, | ||
309 | unsigned int rd_count) | ||
310 | { | ||
311 | ssize_t len; | ||
312 | |||
313 | len = GNUNET_GNSRECORD_records_get_size (rd_count, rd); | ||
314 | if (len < 0) | ||
315 | return -1; | ||
316 | len += sizeof(struct GNUNET_GNSRECORD_Block); | ||
317 | len += crypto_secretbox_MACBYTES; | ||
318 | return len; | ||
295 | } | 319 | } |
296 | 320 | ||
297 | 321 | ||
@@ -304,20 +328,22 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
304 | * @param label the name for the records | 328 | * @param label the name for the records |
305 | * @param rd record data | 329 | * @param rd record data |
306 | * @param rd_count number of records | 330 | * @param rd_count number of records |
307 | * @return NULL on error (block too large) | 331 | * @param block where to store the block. Must be allocated sufficiently. |
332 | * @return GNUNET_SYSERR on error (otherwise GNUNET_OK) | ||
308 | */ | 333 | */ |
309 | static struct GNUNET_GNSRECORD_Block * | 334 | enum GNUNET_GenericReturnValue |
310 | block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | 335 | block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, |
311 | const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, | 336 | const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, |
312 | struct GNUNET_TIME_Absolute expire, | 337 | struct GNUNET_TIME_Absolute expire, |
313 | const char *label, | 338 | const char *label, |
314 | const struct GNUNET_GNSRECORD_Data *rd, | 339 | const struct GNUNET_GNSRECORD_Data *rd, |
315 | unsigned int rd_count) | 340 | unsigned int rd_count, |
341 | struct GNUNET_GNSRECORD_Block **block) | ||
316 | { | 342 | { |
317 | ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, | 343 | ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, |
318 | rd); | 344 | rd); |
319 | struct GNUNET_GNSRECORD_Block *block; | ||
320 | struct GNUNET_GNSRECORD_EddsaBlock *edblock; | 345 | struct GNUNET_GNSRECORD_EddsaBlock *edblock; |
346 | struct GNRBlockPS *gnr_block; | ||
321 | struct GNUNET_CRYPTO_EddsaPrivateScalar dkey; | 347 | struct GNUNET_CRYPTO_EddsaPrivateScalar dkey; |
322 | unsigned char nonce[crypto_secretbox_NONCEBYTES]; | 348 | unsigned char nonce[crypto_secretbox_NONCEBYTES]; |
323 | unsigned char skey[crypto_secretbox_KEYBYTES]; | 349 | unsigned char skey[crypto_secretbox_KEYBYTES]; |
@@ -328,12 +354,12 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | |||
328 | if (payload_len < 0) | 354 | if (payload_len < 0) |
329 | { | 355 | { |
330 | GNUNET_break (0); | 356 | GNUNET_break (0); |
331 | return NULL; | 357 | return GNUNET_SYSERR; |
332 | } | 358 | } |
333 | if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) | 359 | if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) |
334 | { | 360 | { |
335 | GNUNET_break (0); | 361 | GNUNET_break (0); |
336 | return NULL; | 362 | return GNUNET_SYSERR; |
337 | } | 363 | } |
338 | /* convert relative to absolute times */ | 364 | /* convert relative to absolute times */ |
339 | now = GNUNET_TIME_absolute_get (); | 365 | now = GNUNET_TIME_absolute_get (); |
@@ -351,33 +377,32 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | |||
351 | } | 377 | } |
352 | } | 378 | } |
353 | /* serialize */ | 379 | /* serialize */ |
380 | *block = GNUNET_malloc (sizeof (struct GNUNET_GNSRECORD_Block) | ||
381 | + payload_len + crypto_secretbox_MACBYTES); | ||
382 | (*block)->size = htonl(sizeof (struct GNUNET_GNSRECORD_Block) | ||
383 | + payload_len + crypto_secretbox_MACBYTES); | ||
354 | rd_count_nbo = htonl (rd_count); | 384 | rd_count_nbo = htonl (rd_count); |
355 | { | 385 | { |
356 | char payload[sizeof(uint32_t) + payload_len]; | 386 | char payload[payload_len]; |
357 | 387 | ||
358 | GNUNET_memcpy (payload, | ||
359 | &rd_count_nbo, | ||
360 | sizeof(uint32_t)); | ||
361 | GNUNET_assert (payload_len == | 388 | GNUNET_assert (payload_len == |
362 | GNUNET_GNSRECORD_records_serialize (rd_count, | 389 | GNUNET_GNSRECORD_records_serialize (rd_count, |
363 | rdc, | 390 | rdc, |
364 | payload_len, | 391 | payload_len, |
365 | &payload[sizeof(uint32_t) | 392 | payload)); |
366 | ])); | 393 | gnr_block = GNUNET_malloc (sizeof (struct GNRBlockPS) |
367 | block = GNUNET_malloc (sizeof(struct GNUNET_GNSRECORD_Block) | 394 | + payload_len |
368 | + sizeof(uint32_t) | 395 | + crypto_secretbox_MACBYTES); |
369 | + payload_len | 396 | edblock = &(*block)->eddsa_block; |
370 | + crypto_secretbox_MACBYTES); | 397 | (*block)->type = htonl (GNUNET_GNSRECORD_TYPE_EDKEY); |
371 | edblock = &block->eddsa_block; | 398 | gnr_block->purpose.size = |
372 | block->type = htonl (GNUNET_GNSRECORD_TYPE_EDKEY); | 399 | htonl (sizeof(struct GNRBlockPS) |
373 | edblock->purpose.size = htonl (sizeof(uint32_t) | 400 | + payload_len |
374 | + payload_len | 401 | + crypto_secretbox_MACBYTES); |
375 | + sizeof(struct | 402 | gnr_block->purpose.purpose = |
376 | GNUNET_CRYPTO_EccSignaturePurpose) | 403 | htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); |
377 | + sizeof(struct GNUNET_TIME_AbsoluteNBO) | 404 | gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); |
378 | + crypto_secretbox_MACBYTES); | 405 | edblock->expiration_time = gnr_block->expiration_time; |
379 | edblock->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); | ||
380 | edblock->expiration_time = GNUNET_TIME_absolute_hton (expire); | ||
381 | /* encrypt and sign */ | 406 | /* encrypt and sign */ |
382 | GNUNET_CRYPTO_eddsa_private_key_derive (key, | 407 | GNUNET_CRYPTO_eddsa_private_key_derive (key, |
383 | label, | 408 | label, |
@@ -392,38 +417,56 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | |||
392 | pkey); | 417 | pkey); |
393 | GNUNET_break (GNUNET_OK == | 418 | GNUNET_break (GNUNET_OK == |
394 | eddsa_symmetric_encrypt (payload, | 419 | eddsa_symmetric_encrypt (payload, |
395 | payload_len | 420 | payload_len, |
396 | + sizeof(uint32_t), | ||
397 | skey, | 421 | skey, |
398 | nonce, | 422 | nonce, |
399 | &edblock[1])); | 423 | &edblock[1])); |
424 | GNUNET_memcpy (&gnr_block[1], &edblock[1], | ||
425 | payload_len + crypto_secretbox_MACBYTES); | ||
426 | |||
427 | GNUNET_CRYPTO_eddsa_sign_with_scalar (&dkey, | ||
428 | &gnr_block->purpose, | ||
429 | &edblock->signature); | ||
400 | } | 430 | } |
401 | GNUNET_CRYPTO_eddsa_sign_with_scalar (&dkey, | 431 | return GNUNET_OK; |
402 | &edblock->purpose, | ||
403 | &edblock->signature); | ||
404 | return block; | ||
405 | } | 432 | } |
406 | 433 | ||
434 | ssize_t | ||
435 | GNUNET_GNSRECORD_block_calculate_size (const struct | ||
436 | GNUNET_IDENTITY_PrivateKey *key, | ||
437 | const struct GNUNET_GNSRECORD_Data *rd, | ||
438 | unsigned int rd_count) | ||
439 | { | ||
440 | struct GNUNET_IDENTITY_PublicKey pkey; | ||
441 | ssize_t res; | ||
407 | 442 | ||
408 | /** | 443 | GNUNET_IDENTITY_key_get_public (key, |
409 | * Sign name and records | 444 | &pkey); |
410 | * | 445 | switch (ntohl (key->type)) |
411 | * @param key the private key | 446 | { |
412 | * @param expire block expiration | 447 | case GNUNET_GNSRECORD_TYPE_PKEY: |
413 | * @param label the name for the records | 448 | res = block_get_size_ecdsa (rd, rd_count); |
414 | * @param rd record data | 449 | break; |
415 | * @param rd_count number of records | 450 | case GNUNET_GNSRECORD_TYPE_EDKEY: |
416 | * @return NULL on error (block too large) | 451 | res = block_get_size_eddsa (rd, rd_count); |
417 | */ | 452 | break; |
418 | struct GNUNET_GNSRECORD_Block * | 453 | default: |
454 | GNUNET_assert (0); | ||
455 | } | ||
456 | return -1; | ||
457 | |||
458 | } | ||
459 | |||
460 | enum GNUNET_GenericReturnValue | ||
419 | GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, | 461 | GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, |
420 | struct GNUNET_TIME_Absolute expire, | 462 | struct GNUNET_TIME_Absolute expire, |
421 | const char *label, | 463 | const char *label, |
422 | const struct GNUNET_GNSRECORD_Data *rd, | 464 | const struct GNUNET_GNSRECORD_Data *rd, |
423 | unsigned int rd_count) | 465 | unsigned int rd_count, |
466 | struct GNUNET_GNSRECORD_Block **result) | ||
424 | { | 467 | { |
425 | struct GNUNET_IDENTITY_PublicKey pkey; | 468 | struct GNUNET_IDENTITY_PublicKey pkey; |
426 | struct GNUNET_GNSRECORD_Block *res = NULL; | 469 | enum GNUNET_GenericReturnValue res = GNUNET_SYSERR; |
427 | char *norm_label; | 470 | char *norm_label; |
428 | 471 | ||
429 | GNUNET_IDENTITY_key_get_public (key, | 472 | GNUNET_IDENTITY_key_get_public (key, |
@@ -438,7 +481,8 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, | |||
438 | expire, | 481 | expire, |
439 | norm_label, | 482 | norm_label, |
440 | rd, | 483 | rd, |
441 | rd_count); | 484 | rd_count, |
485 | result); | ||
442 | break; | 486 | break; |
443 | case GNUNET_GNSRECORD_TYPE_EDKEY: | 487 | case GNUNET_GNSRECORD_TYPE_EDKEY: |
444 | res = block_create_eddsa (&key->eddsa_key, | 488 | res = block_create_eddsa (&key->eddsa_key, |
@@ -446,7 +490,8 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, | |||
446 | expire, | 490 | expire, |
447 | norm_label, | 491 | norm_label, |
448 | rd, | 492 | rd, |
449 | rd_count); | 493 | rd_count, |
494 | result); | ||
450 | break; | 495 | break; |
451 | default: | 496 | default: |
452 | GNUNET_assert (0); | 497 | GNUNET_assert (0); |
@@ -473,28 +518,17 @@ struct KeyCacheLine | |||
473 | }; | 518 | }; |
474 | 519 | ||
475 | 520 | ||
476 | /** | 521 | enum GNUNET_GenericReturnValue |
477 | * Sign name and records, cache derived public key (also keeps the | ||
478 | * private key in static memory, so do not use this function if | ||
479 | * keeping the private key in the process'es RAM is a major issue). | ||
480 | * | ||
481 | * @param key the private key | ||
482 | * @param expire block expiration | ||
483 | * @param label the name for the records | ||
484 | * @param rd record data | ||
485 | * @param rd_count number of records | ||
486 | * @return NULL on error (block too large) | ||
487 | */ | ||
488 | struct GNUNET_GNSRECORD_Block * | ||
489 | GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, | 522 | GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, |
490 | struct GNUNET_TIME_Absolute expire, | 523 | struct GNUNET_TIME_Absolute expire, |
491 | const char *label, | 524 | const char *label, |
492 | const struct GNUNET_GNSRECORD_Data *rd, | 525 | const struct GNUNET_GNSRECORD_Data *rd, |
493 | unsigned int rd_count) | 526 | unsigned int rd_count, |
527 | struct GNUNET_GNSRECORD_Block **result) | ||
494 | { | 528 | { |
495 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *key; | 529 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *key; |
496 | struct GNUNET_CRYPTO_EddsaPublicKey edpubkey; | 530 | struct GNUNET_CRYPTO_EddsaPublicKey edpubkey; |
497 | struct GNUNET_GNSRECORD_Block *res = NULL; | 531 | enum GNUNET_GenericReturnValue res = GNUNET_SYSERR; |
498 | char *norm_label; | 532 | char *norm_label; |
499 | 533 | ||
500 | norm_label = GNUNET_GNSRECORD_string_normalize (label); | 534 | norm_label = GNUNET_GNSRECORD_string_normalize (label); |
@@ -522,7 +556,8 @@ GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, | |||
522 | expire, | 556 | expire, |
523 | norm_label, | 557 | norm_label, |
524 | rd, | 558 | rd, |
525 | rd_count); | 559 | rd_count, |
560 | result); | ||
526 | } | 561 | } |
527 | else if (GNUNET_IDENTITY_TYPE_EDDSA == ntohl (pkey->type)) | 562 | else if (GNUNET_IDENTITY_TYPE_EDDSA == ntohl (pkey->type)) |
528 | { | 563 | { |
@@ -533,7 +568,8 @@ GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, | |||
533 | expire, | 568 | expire, |
534 | norm_label, | 569 | norm_label, |
535 | rd, | 570 | rd, |
536 | rd_count); | 571 | rd_count, |
572 | result); | ||
537 | } | 573 | } |
538 | GNUNET_free (norm_label); | 574 | GNUNET_free (norm_label); |
539 | return res; | 575 | return res; |
@@ -550,41 +586,55 @@ GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, | |||
550 | enum GNUNET_GenericReturnValue | 586 | enum GNUNET_GenericReturnValue |
551 | GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block) | 587 | GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block) |
552 | { | 588 | { |
589 | struct GNRBlockPS *purp; | ||
590 | size_t payload_len = ntohl (block->size) | ||
591 | - sizeof (struct GNUNET_GNSRECORD_Block); | ||
592 | enum GNUNET_GenericReturnValue res = GNUNET_NO; | ||
593 | purp = GNUNET_malloc (sizeof (struct GNRBlockPS) + payload_len); | ||
594 | purp->purpose.size = htonl (sizeof (struct GNRBlockPS) + payload_len); | ||
595 | purp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); | ||
596 | GNUNET_memcpy (&purp[1], &block[1], payload_len); | ||
597 | |||
553 | switch (ntohl (block->type)) | 598 | switch (ntohl (block->type)) |
554 | { | 599 | { |
555 | case GNUNET_GNSRECORD_TYPE_PKEY: | 600 | case GNUNET_GNSRECORD_TYPE_PKEY: |
556 | return GNUNET_CRYPTO_ecdsa_verify_ ( | 601 | purp->expiration_time = block->ecdsa_block.expiration_time; |
602 | res = GNUNET_CRYPTO_ecdsa_verify_ ( | ||
557 | GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, | 603 | GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, |
558 | &block->ecdsa_block.purpose, | 604 | &purp->purpose, |
559 | &block->ecdsa_block.signature, | 605 | &block->ecdsa_block.signature, |
560 | &block->ecdsa_block.derived_key); | 606 | &block->ecdsa_block.derived_key); |
607 | break; | ||
561 | case GNUNET_GNSRECORD_TYPE_EDKEY: | 608 | case GNUNET_GNSRECORD_TYPE_EDKEY: |
562 | return GNUNET_CRYPTO_eddsa_verify_ ( | 609 | purp->expiration_time = block->eddsa_block.expiration_time; |
610 | res = GNUNET_CRYPTO_eddsa_verify_ ( | ||
563 | GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, | 611 | GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, |
564 | &block->eddsa_block.purpose, | 612 | &purp->purpose, |
565 | &block->eddsa_block.signature, | 613 | &block->eddsa_block.signature, |
566 | &block->eddsa_block.derived_key); | 614 | &block->eddsa_block.derived_key); |
615 | break; | ||
567 | default: | 616 | default: |
568 | return GNUNET_NO; | 617 | res = GNUNET_NO; |
569 | } | 618 | } |
619 | GNUNET_free (purp); | ||
620 | return res; | ||
570 | } | 621 | } |
571 | 622 | ||
572 | 623 | ||
573 | enum GNUNET_GenericReturnValue | 624 | enum GNUNET_GenericReturnValue |
574 | block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, | 625 | block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_Block *block, |
575 | const struct | 626 | const struct |
576 | GNUNET_CRYPTO_EcdsaPublicKey *zone_key, | 627 | GNUNET_CRYPTO_EcdsaPublicKey *zone_key, |
577 | const char *label, | 628 | const char *label, |
578 | GNUNET_GNSRECORD_RecordCallback proc, | 629 | GNUNET_GNSRECORD_RecordCallback proc, |
579 | void *proc_cls) | 630 | void *proc_cls) |
580 | { | 631 | { |
581 | size_t payload_len = ntohl (block->purpose.size) | 632 | size_t payload_len = ntohl (block->size) - sizeof (struct |
582 | - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 633 | GNUNET_GNSRECORD_Block); |
583 | - sizeof(struct GNUNET_TIME_AbsoluteNBO); | ||
584 | unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; | 634 | unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; |
585 | unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH]; | 635 | unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH]; |
586 | 636 | ||
587 | if (ntohl (block->purpose.size) < | 637 | if (ntohl (block->size) < |
588 | sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 638 | sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) |
589 | + sizeof(struct GNUNET_TIME_AbsoluteNBO)) | 639 | + sizeof(struct GNUNET_TIME_AbsoluteNBO)) |
590 | { | 640 | { |
@@ -594,20 +644,18 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, | |||
594 | GNR_derive_block_aes_key (ctr, | 644 | GNR_derive_block_aes_key (ctr, |
595 | key, | 645 | key, |
596 | label, | 646 | label, |
597 | block->expiration_time.abs_value_us__, | 647 | block->ecdsa_block.expiration_time.abs_value_us__, |
598 | zone_key); | 648 | zone_key); |
599 | { | 649 | { |
600 | char payload[payload_len]; | 650 | char payload[payload_len]; |
601 | uint32_t rd_count; | 651 | unsigned int rd_count; |
602 | 652 | ||
603 | GNUNET_break (payload_len == | 653 | GNUNET_break (payload_len == |
604 | ecdsa_symmetric_decrypt (&block[1], payload_len, | 654 | ecdsa_symmetric_decrypt (&block[1], payload_len, |
605 | key, ctr, | 655 | key, ctr, |
606 | payload)); | 656 | payload)); |
607 | GNUNET_memcpy (&rd_count, | 657 | rd_count = GNUNET_GNSRECORD_records_deserialize_get_size (payload_len, |
608 | payload, | 658 | payload); |
609 | sizeof(uint32_t)); | ||
610 | rd_count = ntohl (rd_count); | ||
611 | if (rd_count > 2048) | 659 | if (rd_count > 2048) |
612 | { | 660 | { |
613 | /* limit to sane value */ | 661 | /* limit to sane value */ |
@@ -620,8 +668,8 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, | |||
620 | struct GNUNET_TIME_Absolute now; | 668 | struct GNUNET_TIME_Absolute now; |
621 | 669 | ||
622 | if (GNUNET_OK != | 670 | if (GNUNET_OK != |
623 | GNUNET_GNSRECORD_records_deserialize (payload_len - sizeof(uint32_t), | 671 | GNUNET_GNSRECORD_records_deserialize (payload_len, |
624 | &payload[sizeof(uint32_t)], | 672 | payload, |
625 | rd_count, | 673 | rd_count, |
626 | rd)) | 674 | rd)) |
627 | { | 675 | { |
@@ -699,20 +747,20 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, | |||
699 | 747 | ||
700 | 748 | ||
701 | enum GNUNET_GenericReturnValue | 749 | enum GNUNET_GenericReturnValue |
702 | block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, | 750 | block_decrypt_eddsa (const struct GNUNET_GNSRECORD_Block *block, |
703 | const struct | 751 | const struct |
704 | GNUNET_CRYPTO_EddsaPublicKey *zone_key, | 752 | GNUNET_CRYPTO_EddsaPublicKey *zone_key, |
705 | const char *label, | 753 | const char *label, |
706 | GNUNET_GNSRECORD_RecordCallback proc, | 754 | GNUNET_GNSRECORD_RecordCallback proc, |
707 | void *proc_cls) | 755 | void *proc_cls) |
708 | { | 756 | { |
709 | size_t payload_len = ntohl (block->purpose.size) | 757 | const struct GNUNET_GNSRECORD_EddsaBlock *edblock = &block->eddsa_block; |
710 | - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 758 | size_t payload_len = ntohl (block->size) - sizeof (struct |
711 | - sizeof(struct GNUNET_TIME_AbsoluteNBO); | 759 | GNUNET_GNSRECORD_Block); |
712 | unsigned char nonce[crypto_secretbox_NONCEBYTES]; | 760 | unsigned char nonce[crypto_secretbox_NONCEBYTES]; |
713 | unsigned char key[crypto_secretbox_KEYBYTES]; | 761 | unsigned char key[crypto_secretbox_KEYBYTES]; |
714 | 762 | ||
715 | if (ntohl (block->purpose.size) < | 763 | if (ntohl (block->size) < |
716 | sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 764 | sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) |
717 | + sizeof(struct GNUNET_TIME_AbsoluteNBO)) | 765 | + sizeof(struct GNUNET_TIME_AbsoluteNBO)) |
718 | { | 766 | { |
@@ -722,20 +770,19 @@ block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, | |||
722 | GNR_derive_block_xsalsa_key (nonce, | 770 | GNR_derive_block_xsalsa_key (nonce, |
723 | key, | 771 | key, |
724 | label, | 772 | label, |
725 | block->expiration_time.abs_value_us__, | 773 | block->eddsa_block.expiration_time.abs_value_us__, |
726 | zone_key); | 774 | zone_key); |
727 | { | 775 | { |
728 | char payload[payload_len]; | 776 | char payload[payload_len]; |
729 | uint32_t rd_count; | 777 | unsigned int rd_count; |
730 | 778 | ||
731 | GNUNET_break (GNUNET_OK == | 779 | GNUNET_break (GNUNET_OK == |
732 | eddsa_symmetric_decrypt (&block[1], payload_len, | 780 | eddsa_symmetric_decrypt (&block[1], payload_len, |
733 | key, nonce, | 781 | key, nonce, |
734 | payload)); | 782 | payload)); |
735 | GNUNET_memcpy (&rd_count, | 783 | payload_len -= crypto_secretbox_MACBYTES; |
736 | payload, | 784 | rd_count = GNUNET_GNSRECORD_records_deserialize_get_size (payload_len, |
737 | sizeof(uint32_t)); | 785 | payload); |
738 | rd_count = ntohl (rd_count); | ||
739 | if (rd_count > 2048) | 786 | if (rd_count > 2048) |
740 | { | 787 | { |
741 | /* limit to sane value */ | 788 | /* limit to sane value */ |
@@ -748,8 +795,8 @@ block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, | |||
748 | struct GNUNET_TIME_Absolute now; | 795 | struct GNUNET_TIME_Absolute now; |
749 | 796 | ||
750 | if (GNUNET_OK != | 797 | if (GNUNET_OK != |
751 | GNUNET_GNSRECORD_records_deserialize (payload_len - sizeof(uint32_t), | 798 | GNUNET_GNSRECORD_records_deserialize (payload_len, |
752 | &payload[sizeof(uint32_t)], | 799 | payload, |
753 | rd_count, | 800 | rd_count, |
754 | rd)) | 801 | rd)) |
755 | { | 802 | { |
@@ -852,12 +899,12 @@ GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block, | |||
852 | switch (ntohl (zone_key->type)) | 899 | switch (ntohl (zone_key->type)) |
853 | { | 900 | { |
854 | case GNUNET_IDENTITY_TYPE_ECDSA: | 901 | case GNUNET_IDENTITY_TYPE_ECDSA: |
855 | res = block_decrypt_ecdsa (&block->ecdsa_block, | 902 | res = block_decrypt_ecdsa (block, |
856 | &zone_key->ecdsa_key, norm_label, proc, | 903 | &zone_key->ecdsa_key, norm_label, proc, |
857 | proc_cls); | 904 | proc_cls); |
858 | break; | 905 | break; |
859 | case GNUNET_IDENTITY_TYPE_EDDSA: | 906 | case GNUNET_IDENTITY_TYPE_EDDSA: |
860 | res = block_decrypt_eddsa (&block->eddsa_block, | 907 | res = block_decrypt_eddsa (block, |
861 | &zone_key->eddsa_key, norm_label, proc, | 908 | &zone_key->eddsa_key, norm_label, proc, |
862 | proc_cls); | 909 | proc_cls); |
863 | break; | 910 | break; |
diff --git a/src/gnsrecord/gnsrecord_crypto.h b/src/gnsrecord/gnsrecord_crypto.h index be762f1b5..79a7e6fb9 100644 --- a/src/gnsrecord/gnsrecord_crypto.h +++ b/src/gnsrecord/gnsrecord_crypto.h | |||
@@ -35,6 +35,26 @@ | |||
35 | #include "gnunet_tun_lib.h" | 35 | #include "gnunet_tun_lib.h" |
36 | 36 | ||
37 | /** | 37 | /** |
38 | * Information we have in an encrypted block with record data (i.e. in the DHT). | ||
39 | */ | ||
40 | struct GNRBlockPS | ||
41 | { | ||
42 | /** | ||
43 | * Number of bytes signed; also specifies the number of bytes | ||
44 | * of encrypted data that follow. | ||
45 | */ | ||
46 | struct GNUNET_CRYPTO_EccSignaturePurpose purpose; | ||
47 | |||
48 | /** | ||
49 | * Expiration time of the block. | ||
50 | */ | ||
51 | struct GNUNET_TIME_AbsoluteNBO expiration_time; | ||
52 | |||
53 | /* followed by encrypted data */ | ||
54 | }; | ||
55 | |||
56 | |||
57 | /** | ||
38 | * Derive session key and iv from label and public key. | 58 | * Derive session key and iv from label and public key. |
39 | * | 59 | * |
40 | * @param iv initialization vector to initialize | 60 | * @param iv initialization vector to initialize |
diff --git a/src/gnsrecord/gnsrecord_misc.c b/src/gnsrecord/gnsrecord_misc.c index c6f07ccd0..61604c730 100644 --- a/src/gnsrecord/gnsrecord_misc.c +++ b/src/gnsrecord/gnsrecord_misc.c | |||
@@ -334,24 +334,7 @@ GNUNET_GNSRECORD_is_zonekey_type (uint32_t type) | |||
334 | size_t | 334 | size_t |
335 | GNUNET_GNSRECORD_block_get_size (const struct GNUNET_GNSRECORD_Block *block) | 335 | GNUNET_GNSRECORD_block_get_size (const struct GNUNET_GNSRECORD_Block *block) |
336 | { | 336 | { |
337 | switch (ntohl (block->type)) | 337 | return ntohl (block->size); |
338 | { | ||
339 | case GNUNET_GNSRECORD_TYPE_PKEY: | ||
340 | return sizeof (uint32_t) /* zone type */ | ||
341 | + sizeof (block->ecdsa_block) /* EcdsaBlock */ | ||
342 | + ntohl (block->ecdsa_block.purpose.size) /* Length of signed data */ | ||
343 | - sizeof (block->ecdsa_block.purpose); /* Purpose already in EcdsaBlock */ | ||
344 | break; | ||
345 | case GNUNET_GNSRECORD_TYPE_EDKEY: | ||
346 | return sizeof (uint32_t) /* zone type */ | ||
347 | + sizeof (block->eddsa_block) /* EddsaBlock */ | ||
348 | + ntohl (block->eddsa_block.purpose.size) /* Length of signed data */ | ||
349 | - sizeof (block->ecdsa_block.purpose); /* Purpose already in EcdsaBlock */ | ||
350 | |||
351 | default: | ||
352 | return 0; | ||
353 | } | ||
354 | return 0; | ||
355 | } | 338 | } |
356 | 339 | ||
357 | 340 | ||
diff --git a/src/gnsrecord/gnsrecord_serialization.c b/src/gnsrecord/gnsrecord_serialization.c index cb6957605..eaa3a9ab2 100644 --- a/src/gnsrecord/gnsrecord_serialization.c +++ b/src/gnsrecord/gnsrecord_serialization.c | |||
@@ -60,17 +60,18 @@ struct NetworkRecord | |||
60 | /** | 60 | /** |
61 | * Number of bytes in 'data', network byte order. | 61 | * Number of bytes in 'data', network byte order. |
62 | */ | 62 | */ |
63 | uint32_t data_size GNUNET_PACKED; | 63 | uint16_t data_size GNUNET_PACKED; |
64 | 64 | ||
65 | /** | 65 | /** |
66 | * Type of the GNS/DNS record, network byte order. | 66 | * Flags for the record, network byte order. |
67 | */ | 67 | */ |
68 | uint32_t record_type GNUNET_PACKED; | 68 | uint16_t flags GNUNET_PACKED; |
69 | 69 | ||
70 | /** | 70 | /** |
71 | * Flags for the record, network byte order. | 71 | * Type of the GNS/DNS record, network byte order. |
72 | */ | 72 | */ |
73 | uint32_t flags GNUNET_PACKED; | 73 | uint32_t record_type GNUNET_PACKED; |
74 | |||
74 | }; | 75 | }; |
75 | 76 | ||
76 | GNUNET_NETWORK_STRUCT_END | 77 | GNUNET_NETWORK_STRUCT_END |
@@ -169,9 +170,9 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count, | |||
169 | rd[i].flags, | 170 | rd[i].flags, |
170 | (unsigned long long) rd[i].expiration_time); | 171 | (unsigned long long) rd[i].expiration_time); |
171 | rec.expiration_time = GNUNET_htonll (rd[i].expiration_time); | 172 | rec.expiration_time = GNUNET_htonll (rd[i].expiration_time); |
172 | rec.data_size = htonl ((uint32_t) rd[i].data_size); | 173 | rec.data_size = htons ((uint16_t) rd[i].data_size); |
173 | rec.record_type = htonl (rd[i].record_type); | 174 | rec.record_type = htonl (rd[i].record_type); |
174 | rec.flags = htonl (rd[i].flags); | 175 | rec.flags = htons (rd[i].flags); |
175 | if ((off + sizeof(rec) > dest_size) || | 176 | if ((off + sizeof(rec) > dest_size) || |
176 | (off + sizeof(rec) < off)) | 177 | (off + sizeof(rec) < off)) |
177 | { | 178 | { |
@@ -214,13 +215,48 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count, | |||
214 | return dest_size; | 215 | return dest_size; |
215 | } | 216 | } |
216 | 217 | ||
218 | unsigned int | ||
219 | GNUNET_GNSRECORD_records_deserialize_get_size (size_t len, | ||
220 | const char *src) | ||
221 | { | ||
222 | struct NetworkRecord rec; | ||
223 | struct NetworkRecord rec_zero; | ||
224 | size_t off; | ||
225 | unsigned int rd_count = 0; | ||
226 | |||
227 | memset (&rec_zero, 0, sizeof (rec_zero)); | ||
228 | |||
229 | off = 0; | ||
230 | for (off = 0; (off + sizeof(rec) <= len) && (off + sizeof(rec) >= off);) | ||
231 | { | ||
232 | /* | ||
233 | * If we have found a byte string of zeroes, we have reached | ||
234 | * the padding | ||
235 | */ | ||
236 | if (0 == GNUNET_memcmp (&rec, &rec_zero)) | ||
237 | break; | ||
238 | GNUNET_memcpy (&rec, | ||
239 | &src[off], | ||
240 | sizeof(rec)); | ||
241 | off += sizeof(rec); | ||
242 | if ((off + ntohs ((uint16_t) rec.data_size) > len) || | ||
243 | (off + ntohs ((uint16_t) rec.data_size) < off)) | ||
244 | { | ||
245 | GNUNET_break_op (0); | ||
246 | return 0; | ||
247 | } | ||
248 | off += ntohs ((uint16_t) rec.data_size); | ||
249 | rd_count++; | ||
250 | } | ||
251 | return rd_count; | ||
252 | } | ||
217 | 253 | ||
218 | /** | 254 | /** |
219 | * Deserialize the given records to the given destination. | 255 | * Deserialize the given records to the given destination. |
220 | * | 256 | * |
221 | * @param len size of the serialized record data | 257 | * @param len size of the serialized record data |
222 | * @param src the serialized record data | 258 | * @param src the serialized record data |
223 | * @param rd_count number of records in the rd array | 259 | * @param rd_count number of records parsed |
224 | * @param dest where to put the data | 260 | * @param dest where to put the data |
225 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error | 261 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error |
226 | */ | 262 | */ |
@@ -246,9 +282,9 @@ GNUNET_GNSRECORD_records_deserialize (size_t len, | |||
246 | &src[off], | 282 | &src[off], |
247 | sizeof(rec)); | 283 | sizeof(rec)); |
248 | dest[i].expiration_time = GNUNET_ntohll (rec.expiration_time); | 284 | dest[i].expiration_time = GNUNET_ntohll (rec.expiration_time); |
249 | dest[i].data_size = ntohl ((uint32_t) rec.data_size); | 285 | dest[i].data_size = ntohs ((uint16_t) rec.data_size); |
250 | dest[i].record_type = ntohl (rec.record_type); | 286 | dest[i].record_type = ntohl (rec.record_type); |
251 | dest[i].flags = ntohl (rec.flags); | 287 | dest[i].flags = ntohs (rec.flags); |
252 | off += sizeof(rec); | 288 | off += sizeof(rec); |
253 | if ((off + dest[i].data_size > len) || | 289 | if ((off + dest[i].data_size > len) || |
254 | (off + dest[i].data_size < off)) | 290 | (off + dest[i].data_size < off)) |
diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index 91c6608cd..f9b83e48b 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c | |||
@@ -38,12 +38,12 @@ | |||
38 | #define TEST_RRCOUNT 2 | 38 | #define TEST_RRCOUNT 2 |
39 | 39 | ||
40 | static char *d_pkey = | 40 | static char *d_pkey = |
41 | "50d7b652a4efeadff37396909785e5952171a02178c8e7d450fa907925fafd98"; | 41 | "50d7b652a4efeadff37396909785e5952171a02178c8e7d450fa907925fafd98"; |
42 | 42 | ||
43 | static char *d_edkey = | 43 | static char *d_edkey = |
44 | "5af7020ee19160328832352bbc6a68a8d71a7cbe1b929969a7c66d415a0d8f65"; | 44 | "5af7020ee19160328832352bbc6a68a8d71a7cbe1b929969a7c66d415a0d8f65"; |
45 | 45 | ||
46 | int parsehex(char *src, char *dst, size_t dstlen, int invert) | 46 | int parsehex (char *src, char *dst, size_t dstlen, int invert) |
47 | { | 47 | { |
48 | char *line = src; | 48 | char *line = src; |
49 | char *data = line; | 49 | char *data = line; |
@@ -51,7 +51,8 @@ int parsehex(char *src, char *dst, size_t dstlen, int invert) | |||
51 | int read_byte; | 51 | int read_byte; |
52 | int data_len = 0; | 52 | int data_len = 0; |
53 | 53 | ||
54 | while (sscanf(data, " %02x%n", &read_byte, &off) == 1) { | 54 | while (sscanf (data, " %02x%n", &read_byte, &off) == 1) |
55 | { | ||
55 | if (invert) | 56 | if (invert) |
56 | dst[dstlen - 1 - data_len++] = read_byte; | 57 | dst[dstlen - 1 - data_len++] = read_byte; |
57 | else | 58 | else |
@@ -155,9 +156,9 @@ run_pkey (void) | |||
155 | 156 | ||
156 | id_priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); | 157 | id_priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); |
157 | GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key); | 158 | GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key); |
158 | parsehex(d_pkey, | 159 | parsehex (d_pkey, |
159 | (char*)&id_priv.ecdsa_key, | 160 | (char*) &id_priv.ecdsa_key, |
160 | sizeof (id_priv.ecdsa_key), 1); | 161 | sizeof (id_priv.ecdsa_key), 1); |
161 | 162 | ||
162 | GNUNET_IDENTITY_key_get_public (&id_priv, | 163 | GNUNET_IDENTITY_key_get_public (&id_priv, |
163 | &id_pub); | 164 | &id_pub); |
@@ -204,16 +205,12 @@ run_pkey (void) | |||
204 | rdata_size = GNUNET_GNSRECORD_records_get_size (TEST_RRCOUNT, | 205 | rdata_size = GNUNET_GNSRECORD_records_get_size (TEST_RRCOUNT, |
205 | rd); | 206 | rd); |
206 | rdata = GNUNET_malloc (rdata_size); | 207 | rdata = GNUNET_malloc (rdata_size); |
207 | rd_count_nbo = htonl (2); | ||
208 | GNUNET_memcpy (rdata, | ||
209 | &rd_count_nbo, | ||
210 | sizeof (uint32_t)); | ||
211 | GNUNET_GNSRECORD_records_serialize (2, | 208 | GNUNET_GNSRECORD_records_serialize (2, |
212 | rd, | 209 | rd, |
213 | rdata_size, | 210 | rdata_size, |
214 | rdata + sizeof (uint32_t)); | 211 | rdata); |
215 | fprintf (stdout, "RDATA:\n"); | 212 | fprintf (stdout, "RDATA:\n"); |
216 | print_bytes (rdata, rdata_size + sizeof (uint32_t), 8); | 213 | print_bytes (rdata, rdata_size, 8); |
217 | fprintf (stdout, "\n"); | 214 | fprintf (stdout, "\n"); |
218 | expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, rd); | 215 | expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, rd); |
219 | GNR_derive_block_aes_key (ctr, | 216 | GNR_derive_block_aes_key (ctr, |
@@ -235,26 +232,20 @@ run_pkey (void) | |||
235 | fprintf (stdout, "Storage key (q):\n"); | 232 | fprintf (stdout, "Storage key (q):\n"); |
236 | print_bytes (&query, sizeof (query), 8); | 233 | print_bytes (&query, sizeof (query), 8); |
237 | fprintf (stdout, "\n"); | 234 | fprintf (stdout, "\n"); |
238 | 235 | GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (&id_priv, | |
239 | rrblock = GNUNET_GNSRECORD_block_create (&id_priv, | 236 | expire, |
240 | expire, | 237 | TEST_RECORD_LABEL, |
241 | TEST_RECORD_LABEL, | 238 | rd, |
242 | rd, | 239 | TEST_RRCOUNT, |
243 | TEST_RRCOUNT); | 240 | &rrblock)); |
244 | size_t bdata_size = ntohl (rrblock->ecdsa_block.purpose.size) | 241 | size_t bdata_size = ntohl(rrblock->size) - sizeof (struct GNUNET_GNSRECORD_Block); |
245 | - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | ||
246 | - sizeof(struct GNUNET_TIME_AbsoluteNBO); | ||
247 | size_t ecblock_size = ntohl (rrblock->ecdsa_block.purpose.size) | ||
248 | + sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) | ||
249 | + sizeof(struct GNUNET_CRYPTO_EcdsaSignature); | ||
250 | size_t block_size = ecblock_size + sizeof (uint32_t); | ||
251 | 242 | ||
252 | bdata = (char*) &(&rrblock->ecdsa_block)[1]; | 243 | bdata = (char*) &(&rrblock->ecdsa_block)[1]; |
253 | fprintf (stdout, "BDATA:\n"); | 244 | fprintf (stdout, "BDATA:\n"); |
254 | print_bytes (bdata, bdata_size, 8); | 245 | print_bytes (bdata, bdata_size, 8); |
255 | fprintf (stdout, "\n"); | 246 | fprintf (stdout, "\n"); |
256 | fprintf (stdout, "RRBLOCK:\n"); | 247 | fprintf (stdout, "RRBLOCK:\n"); |
257 | print_bytes (rrblock, block_size, 8); | 248 | print_bytes (rrblock, ntohl(rrblock->size), 8); |
258 | fprintf (stdout, "\n"); | 249 | fprintf (stdout, "\n"); |
259 | GNUNET_free (rdata); | 250 | GNUNET_free (rdata); |
260 | } | 251 | } |
@@ -309,9 +300,9 @@ run_edkey (void) | |||
309 | 300 | ||
310 | id_priv.type = htonl (GNUNET_IDENTITY_TYPE_EDDSA); | 301 | id_priv.type = htonl (GNUNET_IDENTITY_TYPE_EDDSA); |
311 | GNUNET_CRYPTO_eddsa_key_create (&id_priv.eddsa_key); | 302 | GNUNET_CRYPTO_eddsa_key_create (&id_priv.eddsa_key); |
312 | parsehex(d_edkey, | 303 | parsehex (d_edkey, |
313 | (char*)&id_priv.eddsa_key, | 304 | (char*) &id_priv.eddsa_key, |
314 | sizeof (id_priv.eddsa_key), 0); | 305 | sizeof (id_priv.eddsa_key), 0); |
315 | GNUNET_IDENTITY_key_get_public (&id_priv, | 306 | GNUNET_IDENTITY_key_get_public (&id_priv, |
316 | &id_pub); | 307 | &id_pub); |
317 | fprintf (stdout, | 308 | fprintf (stdout, |
@@ -358,17 +349,13 @@ run_edkey (void) | |||
358 | rd); | 349 | rd); |
359 | expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, | 350 | expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, |
360 | rd); | 351 | rd); |
361 | rdata = GNUNET_malloc (sizeof (uint32_t) + rdata_size); | 352 | rdata = GNUNET_malloc (rdata_size); |
362 | rd_count_nbo = htonl (2); | ||
363 | GNUNET_memcpy (rdata, | ||
364 | &rd_count_nbo, | ||
365 | sizeof (uint32_t)); | ||
366 | GNUNET_GNSRECORD_records_serialize (2, | 353 | GNUNET_GNSRECORD_records_serialize (2, |
367 | rd, | 354 | rd, |
368 | rdata_size, | 355 | rdata_size, |
369 | rdata + sizeof (uint32_t)); | 356 | rdata); |
370 | fprintf (stdout, "RDATA:\n"); | 357 | fprintf (stdout, "RDATA:\n"); |
371 | print_bytes (rdata, rdata_size + sizeof (uint32_t), 8); | 358 | print_bytes (rdata, rdata_size, 8); |
372 | fprintf (stdout, "\n"); | 359 | fprintf (stdout, "\n"); |
373 | GNR_derive_block_xsalsa_key (nonce, | 360 | GNR_derive_block_xsalsa_key (nonce, |
374 | skey, | 361 | skey, |
@@ -389,25 +376,20 @@ run_edkey (void) | |||
389 | print_bytes (&query, sizeof (query), 8); | 376 | print_bytes (&query, sizeof (query), 8); |
390 | fprintf (stdout, "\n"); | 377 | fprintf (stdout, "\n"); |
391 | 378 | ||
392 | rrblock = GNUNET_GNSRECORD_block_create (&id_priv, | 379 | GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (&id_priv, |
393 | expire, | 380 | expire, |
394 | TEST_RECORD_LABEL, | 381 | TEST_RECORD_LABEL, |
395 | rd, | 382 | rd, |
396 | TEST_RRCOUNT); | 383 | TEST_RRCOUNT, |
397 | size_t bdata_size = ntohl (rrblock->eddsa_block.purpose.size) | 384 | &rrblock)); |
398 | - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 385 | size_t bdata_size = ntohl(rrblock->size) - sizeof (struct GNUNET_GNSRECORD_Block); |
399 | - sizeof(struct GNUNET_TIME_AbsoluteNBO); | ||
400 | size_t ecblock_size = ntohl (rrblock->eddsa_block.purpose.size) | ||
401 | + sizeof(struct GNUNET_CRYPTO_EddsaPublicKey) | ||
402 | + sizeof(struct GNUNET_CRYPTO_EddsaSignature); | ||
403 | size_t block_size = ecblock_size + sizeof (uint32_t); | ||
404 | 386 | ||
405 | bdata = (char*) &(&rrblock->eddsa_block)[1]; | 387 | bdata = (char*) &(&rrblock->eddsa_block)[1]; |
406 | fprintf (stdout, "BDATA:\n"); | 388 | fprintf (stdout, "BDATA:\n"); |
407 | print_bytes (bdata, bdata_size, 8); | 389 | print_bytes (bdata, bdata_size, 8); |
408 | fprintf (stdout, "\n"); | 390 | fprintf (stdout, "\n"); |
409 | fprintf (stdout, "RRBLOCK:\n"); | 391 | fprintf (stdout, "RRBLOCK:\n"); |
410 | print_bytes (rrblock, block_size, 8); | 392 | print_bytes (rrblock, ntohl(rrblock->size), 8); |
411 | fprintf (stdout, "\n"); | 393 | fprintf (stdout, "\n"); |
412 | GNUNET_free (rdata); | 394 | GNUNET_free (rdata); |
413 | } | 395 | } |
diff --git a/src/gnsrecord/test_gnsrecord_crypto.c b/src/gnsrecord/test_gnsrecord_crypto.c index 9e5a1aa7e..ee14fa904 100644 --- a/src/gnsrecord/test_gnsrecord_crypto.c +++ b/src/gnsrecord/test_gnsrecord_crypto.c | |||
@@ -123,12 +123,12 @@ test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey) | |||
123 | s_rd = create_record (RECORDS); | 123 | s_rd = create_record (RECORDS); |
124 | 124 | ||
125 | /* Create block */ | 125 | /* Create block */ |
126 | GNUNET_assert (NULL != (block = | 126 | GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (privkey, |
127 | GNUNET_GNSRECORD_block_create (privkey, | 127 | expire, |
128 | expire, | 128 | s_name, |
129 | s_name, | 129 | s_rd, |
130 | s_rd, | 130 | RECORDS, |
131 | RECORDS))); | 131 | &block)); |
132 | GNUNET_assert (GNUNET_OK == | 132 | GNUNET_assert (GNUNET_OK == |
133 | GNUNET_GNSRECORD_query_from_block (block, | 133 | GNUNET_GNSRECORD_query_from_block (block, |
134 | &query_block)); | 134 | &query_block)); |