include buffer of 10& of epoch

author: Schanzenbach, Martin <mschanzenbach@posteo.de> 2020-04-20 19:08:23 +0200
committer: Schanzenbach, Martin <mschanzenbach@posteo.de> 2020-04-20 19:08:23 +0200
commit: c20768b8b09fabaa3c2330cde381e894b1f90efb (patch)
tree: 62bca41b94c3280a09abbf9db8b50da5f354b691 /src/revocation/revocation_api.c
parent: 424cd50ecd0144b264a547fe149839cf2866c21f (diff)
download: gnunet-c20768b8b09fabaa3c2330cde381e894b1f90efb.tar.gz
gnunet-c20768b8b09fabaa3c2330cde381e894b1f90efb.zip
1 files changed, 61 insertions, 9 deletions
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c
index 2979e7400..fe600ec7a 100644
--- a/src/revocation/revocation_api.c
+++ b/src/revocation/revocation_api.c
@@ -311,21 +311,41 @@ GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg,
    GNUNET_MQ_handler_end ()
  };
  unsigned long long matching_bits;
+  struct GNUNET_TIME_Relative epoch_length;
  struct RevokeMessage *rm;
  struct GNUNET_MQ_Envelope *env;
-  if ((GNUNET_OK ==
+  if ((GNUNET_OK !=
       GNUNET_CONFIGURATION_get_value_number (cfg,
                                              "REVOCATION",
                                              "WORKBITS",
-                                              &matching_bits)) &&
+                                              &matching_bits)))
-      (0 >= GNUNET_REVOCATION_check_pow (pow, (unsigned int) matching_bits)))
+    {
+    GNUNET_break (0);
+    GNUNET_free (h);
+    return NULL;
+  }
+  if ((GNUNET_OK !=
+       GNUNET_CONFIGURATION_get_value_time (cfg,
+                                              "REVOCATION",
+                                              "EPOCH_LENGTH",
+                                              &epoch_length)))
+  {
+    GNUNET_break (0);
+    GNUNET_free (h);
+    return NULL;
+  }
+  if (GNUNET_YES != GNUNET_REVOCATION_check_pow (pow,
+                                                 (unsigned int) matching_bits,
+                                                 epoch_length))
  {
    GNUNET_break (0);
    GNUNET_free (h);
    return NULL;
  }
  h->mq = GNUNET_CLIENT_connect (cfg,
                                 "revocation",
                                 handlers,
@@ -408,16 +428,21 @@ calculate_score (const struct GNUNET_REVOCATION_PowCalculationHandle *ph)
 * @param ts  revocation timestamp
 * @param pow proof of work value
 * @param matching_bits how many bits must match (configuration)
- * @return number of epochs valid if the @a pow is acceptable, -1 if not
+ * @return GNUNET_YES if the @a pow is acceptable, GNUNET_NO if not
 */
 int
 GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
-                             unsigned int difficulty)
+                             unsigned int difficulty,
+                             struct GNUNET_TIME_Relative epoch_length)
 {
  char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)
           + sizeof (uint64_t)
           + sizeof (uint64_t)] GNUNET_ALIGN;
  struct GNUNET_HashCode result;
+  struct GNUNET_TIME_Absolute ts;
+  struct GNUNET_TIME_Absolute exp;
+  struct GNUNET_TIME_Relative ttl;
+  struct GNUNET_TIME_Relative buffer;
  unsigned int score = 0;
  unsigned int tmp_score = 0;
  unsigned int epochs;
@@ -434,7 +459,7 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
  {
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Proof of work signature invalid!\n");
-    return -1;
+    return GNUNET_NO;
  }
  /**
@@ -445,7 +470,7 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
    for (unsigned int j = i + 1; j < POW_COUNT; j++)
    {
      if (pow->pow[i] == pow->pow[j])
-        return -1;
+        return GNUNET_NO;
    }
  }
  GNUNET_memcpy (&buf[sizeof(uint64_t)],
@@ -471,9 +496,36 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
  }
  score = score / POW_COUNT;
  if (score < difficulty)
-    return -1;
+    return GNUNET_NO;
  epochs = score - difficulty;
-  return epochs;
+  /**
+   * Check expiration
+   */
+  ts = GNUNET_TIME_absolute_ntoh (pow->timestamp);
+  ttl = GNUNET_TIME_relative_multiply (epoch_length,
+                                       epochs);
+  /**
+   * Extend by 10% for unsynchronized clocks
+   */
+  buffer = GNUNET_TIME_relative_divide (epoch_length,
+                                        10);
+  ts = GNUNET_TIME_absolute_subtract (ts,
+                                      buffer);
+  if (0 != GNUNET_TIME_absolute_get_remaining (ts).rel_value_us)
+    return GNUNET_NO; /* Not yet valid. */
+  /* Revert to actual start time */
+  ts = GNUNET_TIME_absolute_add (ts,
+                                 buffer);
+  exp = GNUNET_TIME_absolute_add (ts, ttl);
+  exp = GNUNET_TIME_absolute_add (exp,
+                                  buffer);
+  if (0 == GNUNET_TIME_absolute_get_remaining (exp).rel_value_us)
+    return GNUNET_NO; /* expired */
+  return GNUNET_YES;
 }
author	Schanzenbach, Martin <mschanzenbach@posteo.de>	2020-04-20 19:08:23 +0200
committer	Schanzenbach, Martin <mschanzenbach@posteo.de>	2020-04-20 19:08:23 +0200
commit	c20768b8b09fabaa3c2330cde381e894b1f90efb (patch)
tree	62bca41b94c3280a09abbf9db8b50da5f354b691 /src/revocation/revocation_api.c
parent	424cd50ecd0144b264a547fe149839cf2866c21f (diff)
download	gnunet-c20768b8b09fabaa3c2330cde381e894b1f90efb.tar.gz gnunet-c20768b8b09fabaa3c2330cde381e894b1f90efb.zip

diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index 2979e7400..fe600ec7a 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c
@@ -311,21 +311,41 @@ GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg,
311	GNUNET_MQ_handler_end ()	311	GNUNET_MQ_handler_end ()
312	};	312	};
313	unsigned long long matching_bits;	313	unsigned long long matching_bits;
		314	struct GNUNET_TIME_Relative epoch_length;
314	struct RevokeMessage *rm;	315	struct RevokeMessage *rm;
315	struct GNUNET_MQ_Envelope *env;	316	struct GNUNET_MQ_Envelope *env;
316		317
317	if ((GNUNET_OK ==	318	if ((GNUNET_OK !=
318	GNUNET_CONFIGURATION_get_value_number (cfg,	319	GNUNET_CONFIGURATION_get_value_number (cfg,
319	"REVOCATION",	320	"REVOCATION",
320	"WORKBITS",	321	"WORKBITS",
321	&matching_bits)) &&	322	&matching_bits)))
322	(0 >= GNUNET_REVOCATION_check_pow (pow, (unsigned int) matching_bits)))	323	{
		324	GNUNET_break (0);
		325	GNUNET_free (h);
		326	return NULL;
		327	}
		328	if ((GNUNET_OK !=
		329	GNUNET_CONFIGURATION_get_value_time (cfg,
		330	"REVOCATION",
		331	"EPOCH_LENGTH",
		332	&epoch_length)))
		333	{
		334	GNUNET_break (0);
		335	GNUNET_free (h);
		336	return NULL;
		337	}
		338	if (GNUNET_YES != GNUNET_REVOCATION_check_pow (pow,
		339	(unsigned int) matching_bits,
		340	epoch_length))
323	{	341	{
324	GNUNET_break (0);	342	GNUNET_break (0);
325	GNUNET_free (h);	343	GNUNET_free (h);
326	return NULL;	344	return NULL;
327	}	345	}
328		346
		347
		348
329	h->mq = GNUNET_CLIENT_connect (cfg,	349	h->mq = GNUNET_CLIENT_connect (cfg,
330	"revocation",	350	"revocation",
331	handlers,	351	handlers,
@@ -408,16 +428,21 @@ calculate_score (const struct GNUNET_REVOCATION_PowCalculationHandle *ph)
408	* @param ts revocation timestamp	428	* @param ts revocation timestamp
409	* @param pow proof of work value	429	* @param pow proof of work value
410	* @param matching_bits how many bits must match (configuration)	430	* @param matching_bits how many bits must match (configuration)
411	* @return number of epochs valid if the @a pow is acceptable, -1 if not	431	* @return GNUNET_YES if the @a pow is acceptable, GNUNET_NO if not
412	*/	432	*/
413	int	433	int
414	GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,	434	GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
415	unsigned int difficulty)	435	unsigned int difficulty,
		436	struct GNUNET_TIME_Relative epoch_length)
416	{	437	{
417	char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)	438	char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)
418	+ sizeof (uint64_t)	439	+ sizeof (uint64_t)
419	+ sizeof (uint64_t)] GNUNET_ALIGN;	440	+ sizeof (uint64_t)] GNUNET_ALIGN;
420	struct GNUNET_HashCode result;	441	struct GNUNET_HashCode result;
		442	struct GNUNET_TIME_Absolute ts;
		443	struct GNUNET_TIME_Absolute exp;
		444	struct GNUNET_TIME_Relative ttl;
		445	struct GNUNET_TIME_Relative buffer;
421	unsigned int score = 0;	446	unsigned int score = 0;
422	unsigned int tmp_score = 0;	447	unsigned int tmp_score = 0;
423	unsigned int epochs;	448	unsigned int epochs;
@@ -434,7 +459,7 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
434	{	459	{
435	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,	460	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
436	"Proof of work signature invalid!\n");	461	"Proof of work signature invalid!\n");
437	return -1;	462	return GNUNET_NO;
438	}	463	}
439		464
440	/**	465	/**
@@ -445,7 +470,7 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
445	for (unsigned int j = i + 1; j < POW_COUNT; j++)	470	for (unsigned int j = i + 1; j < POW_COUNT; j++)
446	{	471	{
447	if (pow->pow[i] == pow->pow[j])	472	if (pow->pow[i] == pow->pow[j])
448	return -1;	473	return GNUNET_NO;
449	}	474	}
450	}	475	}
451	GNUNET_memcpy (&buf[sizeof(uint64_t)],	476	GNUNET_memcpy (&buf[sizeof(uint64_t)],
@@ -471,9 +496,36 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
471	}	496	}
472	score = score / POW_COUNT;	497	score = score / POW_COUNT;
473	if (score < difficulty)	498	if (score < difficulty)
474	return -1;	499	return GNUNET_NO;
475	epochs = score - difficulty;	500	epochs = score - difficulty;
476	return epochs;	501
		502	/**
		503	* Check expiration
		504	*/
		505	ts = GNUNET_TIME_absolute_ntoh (pow->timestamp);
		506	ttl = GNUNET_TIME_relative_multiply (epoch_length,
		507	epochs);
		508	/**
		509	* Extend by 10% for unsynchronized clocks
		510	*/
		511	buffer = GNUNET_TIME_relative_divide (epoch_length,
		512	10);
		513	ts = GNUNET_TIME_absolute_subtract (ts,
		514	buffer);
		515
		516	if (0 != GNUNET_TIME_absolute_get_remaining (ts).rel_value_us)
		517	return GNUNET_NO; /* Not yet valid. */
		518	/* Revert to actual start time */
		519	ts = GNUNET_TIME_absolute_add (ts,
		520	buffer);
		521
		522	exp = GNUNET_TIME_absolute_add (ts, ttl);
		523	exp = GNUNET_TIME_absolute_add (exp,
		524	buffer);
		525
		526	if (0 == GNUNET_TIME_absolute_get_remaining (exp).rel_value_us)
		527	return GNUNET_NO; /* expired */
		528	return GNUNET_YES;
477	}	529	}
478		530
479		531