diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2020-04-18 19:46:44 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2020-04-18 19:46:44 +0200 |
commit | f00c18e631ce8bdaf80d20f236ef275c9cb99291 (patch) | |
tree | 7926acf614e631febcbd5c99243d9c00edd2fbc2 /src/revocation | |
parent | 91cccda131a12be139d50effe4657c6b24e36135 (diff) | |
download | gnunet-f00c18e631ce8bdaf80d20f236ef275c9cb99291.tar.gz gnunet-f00c18e631ce8bdaf80d20f236ef275c9cb99291.zip |
simplify pow even more; add timestamp to revocation pow
Diffstat (limited to 'src/revocation')
-rw-r--r-- | src/revocation/gnunet-revocation.c | 22 | ||||
-rw-r--r-- | src/revocation/gnunet-service-revocation.c | 3 | ||||
-rw-r--r-- | src/revocation/plugin_block_revocation.c | 3 | ||||
-rw-r--r-- | src/revocation/revocation.h | 5 | ||||
-rw-r--r-- | src/revocation/revocation_api.c | 17 |
5 files changed, 47 insertions, 3 deletions
diff --git a/src/revocation/gnunet-revocation.c b/src/revocation/gnunet-revocation.c index f5aa2d17e..42ec71d16 100644 --- a/src/revocation/gnunet-revocation.c +++ b/src/revocation/gnunet-revocation.c | |||
@@ -203,6 +203,11 @@ struct RevocationData | |||
203 | struct GNUNET_CRYPTO_EcdsaSignature sig; | 203 | struct GNUNET_CRYPTO_EcdsaSignature sig; |
204 | 204 | ||
205 | /** | 205 | /** |
206 | * Time of revocation | ||
207 | */ | ||
208 | struct GNUNET_TIME_AbsoluteNBO ts; | ||
209 | |||
210 | /** | ||
206 | * Proof of work (in NBO). | 211 | * Proof of work (in NBO). |
207 | */ | 212 | */ |
208 | uint64_t pow GNUNET_PACKED; | 213 | uint64_t pow GNUNET_PACKED; |
@@ -215,9 +220,13 @@ struct RevocationData | |||
215 | static void | 220 | static void |
216 | perform_revocation (const struct RevocationData *rd) | 221 | perform_revocation (const struct RevocationData *rd) |
217 | { | 222 | { |
223 | struct GNUNET_TIME_Absolute ts; | ||
224 | |||
225 | ts = GNUNET_TIME_absolute_ntoh (rd->ts); | ||
218 | h = GNUNET_REVOCATION_revoke (cfg, | 226 | h = GNUNET_REVOCATION_revoke (cfg, |
219 | &rd->key, | 227 | &rd->key, |
220 | &rd->sig, | 228 | &rd->sig, |
229 | &ts, | ||
221 | rd->pow, | 230 | rd->pow, |
222 | &print_revocation_result, | 231 | &print_revocation_result, |
223 | NULL); | 232 | NULL); |
@@ -273,6 +282,7 @@ static void | |||
273 | calculate_pow (void *cls) | 282 | calculate_pow (void *cls) |
274 | { | 283 | { |
275 | struct RevocationData *rd = cls; | 284 | struct RevocationData *rd = cls; |
285 | struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_ntoh (rd->ts); | ||
276 | 286 | ||
277 | /* store temporary results */ | 287 | /* store temporary results */ |
278 | pow_task = NULL; | 288 | pow_task = NULL; |
@@ -290,6 +300,7 @@ calculate_pow (void *cls) | |||
290 | /* actually do POW calculation */ | 300 | /* actually do POW calculation */ |
291 | rd->pow++; | 301 | rd->pow++; |
292 | if (GNUNET_OK == GNUNET_REVOCATION_check_pow (&rd->key, | 302 | if (GNUNET_OK == GNUNET_REVOCATION_check_pow (&rd->key, |
303 | &ts, | ||
293 | rd->pow, | 304 | rd->pow, |
294 | (unsigned int) matching_bits)) | 305 | (unsigned int) matching_bits)) |
295 | { | 306 | { |
@@ -331,6 +342,7 @@ ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego) | |||
331 | { | 342 | { |
332 | struct RevocationData *rd; | 343 | struct RevocationData *rd; |
333 | struct GNUNET_CRYPTO_EcdsaPublicKey key; | 344 | struct GNUNET_CRYPTO_EcdsaPublicKey key; |
345 | struct GNUNET_TIME_Absolute ts; | ||
334 | 346 | ||
335 | el = NULL; | 347 | el = NULL; |
336 | if (NULL == ego) | 348 | if (NULL == ego) |
@@ -361,9 +373,14 @@ ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego) | |||
361 | ego), | 373 | ego), |
362 | &rd->sig); | 374 | &rd->sig); |
363 | rd->key = key; | 375 | rd->key = key; |
376 | rd->ts = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ()); | ||
364 | } | 377 | } |
378 | ts = GNUNET_TIME_absolute_ntoh (rd->ts); | ||
365 | if (GNUNET_YES == | 379 | if (GNUNET_YES == |
366 | GNUNET_REVOCATION_check_pow (&key, rd->pow, (unsigned int) matching_bits)) | 380 | GNUNET_REVOCATION_check_pow (&key, |
381 | &ts, | ||
382 | rd->pow, | ||
383 | (unsigned int) matching_bits)) | ||
367 | { | 384 | { |
368 | fprintf (stderr, "%s", _ ("Revocation certificate ready\n")); | 385 | fprintf (stderr, "%s", _ ("Revocation certificate ready\n")); |
369 | if (perform) | 386 | if (perform) |
@@ -397,6 +414,7 @@ run (void *cls, | |||
397 | { | 414 | { |
398 | struct GNUNET_CRYPTO_EcdsaPublicKey pk; | 415 | struct GNUNET_CRYPTO_EcdsaPublicKey pk; |
399 | struct RevocationData rd; | 416 | struct RevocationData rd; |
417 | struct GNUNET_TIME_Absolute ts; | ||
400 | 418 | ||
401 | cfg = c; | 419 | cfg = c; |
402 | if (NULL != test_ego) | 420 | if (NULL != test_ego) |
@@ -453,8 +471,10 @@ run (void *cls, | |||
453 | return; | 471 | return; |
454 | } | 472 | } |
455 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); | 473 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); |
474 | ts = GNUNET_TIME_absolute_ntoh (rd.ts); | ||
456 | if (GNUNET_YES != | 475 | if (GNUNET_YES != |
457 | GNUNET_REVOCATION_check_pow (&rd.key, | 476 | GNUNET_REVOCATION_check_pow (&rd.key, |
477 | &ts, | ||
458 | rd.pow, | 478 | rd.pow, |
459 | (unsigned int) matching_bits)) | 479 | (unsigned int) matching_bits)) |
460 | { | 480 | { |
diff --git a/src/revocation/gnunet-service-revocation.c b/src/revocation/gnunet-service-revocation.c index 3e811cd9a..ff75faa2c 100644 --- a/src/revocation/gnunet-service-revocation.c +++ b/src/revocation/gnunet-service-revocation.c | |||
@@ -167,8 +167,11 @@ new_peer_entry (const struct GNUNET_PeerIdentity *peer) | |||
167 | static int | 167 | static int |
168 | verify_revoke_message (const struct RevokeMessage *rm) | 168 | verify_revoke_message (const struct RevokeMessage *rm) |
169 | { | 169 | { |
170 | struct GNUNET_TIME_Absolute ts; | ||
171 | ts = GNUNET_TIME_absolute_ntoh (rm->ts); | ||
170 | if (GNUNET_YES != | 172 | if (GNUNET_YES != |
171 | GNUNET_REVOCATION_check_pow (&rm->public_key, | 173 | GNUNET_REVOCATION_check_pow (&rm->public_key, |
174 | &ts, | ||
172 | rm->proof_of_work, | 175 | rm->proof_of_work, |
173 | (unsigned int) revocation_work_required)) | 176 | (unsigned int) revocation_work_required)) |
174 | { | 177 | { |
diff --git a/src/revocation/plugin_block_revocation.c b/src/revocation/plugin_block_revocation.c index 8d16b8781..57234fa36 100644 --- a/src/revocation/plugin_block_revocation.c +++ b/src/revocation/plugin_block_revocation.c | |||
@@ -134,6 +134,7 @@ block_plugin_revocation_evaluate (void *cls, | |||
134 | struct InternalContext *ic = cls; | 134 | struct InternalContext *ic = cls; |
135 | struct GNUNET_HashCode chash; | 135 | struct GNUNET_HashCode chash; |
136 | const struct RevokeMessage *rm = reply_block; | 136 | const struct RevokeMessage *rm = reply_block; |
137 | struct GNUNET_TIME_Absolute ts; | ||
137 | 138 | ||
138 | if (NULL == reply_block) | 139 | if (NULL == reply_block) |
139 | return GNUNET_BLOCK_EVALUATION_REQUEST_VALID; | 140 | return GNUNET_BLOCK_EVALUATION_REQUEST_VALID; |
@@ -142,8 +143,10 @@ block_plugin_revocation_evaluate (void *cls, | |||
142 | GNUNET_break_op (0); | 143 | GNUNET_break_op (0); |
143 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; | 144 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; |
144 | } | 145 | } |
146 | ts = GNUNET_TIME_absolute_ntoh (rm->ts); | ||
145 | if (GNUNET_YES != | 147 | if (GNUNET_YES != |
146 | GNUNET_REVOCATION_check_pow (&rm->public_key, | 148 | GNUNET_REVOCATION_check_pow (&rm->public_key, |
149 | &ts, | ||
147 | rm->proof_of_work, | 150 | rm->proof_of_work, |
148 | ic->matching_bits)) | 151 | ic->matching_bits)) |
149 | { | 152 | { |
diff --git a/src/revocation/revocation.h b/src/revocation/revocation.h index b6e7a07ec..184f58e0a 100644 --- a/src/revocation/revocation.h +++ b/src/revocation/revocation.h | |||
@@ -89,6 +89,11 @@ struct RevokeMessage | |||
89 | uint32_t reserved GNUNET_PACKED; | 89 | uint32_t reserved GNUNET_PACKED; |
90 | 90 | ||
91 | /** | 91 | /** |
92 | * Timestamp | ||
93 | */ | ||
94 | struct GNUNET_TIME_AbsoluteNBO ts; | ||
95 | |||
96 | /** | ||
92 | * Number that causes a hash collision with the @e public_key. | 97 | * Number that causes a hash collision with the @e public_key. |
93 | */ | 98 | */ |
94 | uint64_t proof_of_work GNUNET_PACKED; | 99 | uint64_t proof_of_work GNUNET_PACKED; |
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index 4755d4816..c2aafd254 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c | |||
@@ -235,6 +235,7 @@ handle_revocation_response (void *cls, | |||
235 | * @param key public key of the key to revoke | 235 | * @param key public key of the key to revoke |
236 | * @param sig signature to use on the revocation (should have been | 236 | * @param sig signature to use on the revocation (should have been |
237 | * created using #GNUNET_REVOCATION_sign_revocation). | 237 | * created using #GNUNET_REVOCATION_sign_revocation). |
238 | * @param ts revocation timestamp | ||
238 | * @param pow proof of work to use (should have been created by | 239 | * @param pow proof of work to use (should have been created by |
239 | * iteratively calling #GNUNET_REVOCATION_check_pow) | 240 | * iteratively calling #GNUNET_REVOCATION_check_pow) |
240 | * @param func funtion to call with the result of the check | 241 | * @param func funtion to call with the result of the check |
@@ -247,6 +248,7 @@ struct GNUNET_REVOCATION_Handle * | |||
247 | GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, | 248 | GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, |
248 | const struct GNUNET_CRYPTO_EcdsaPublicKey *key, | 249 | const struct GNUNET_CRYPTO_EcdsaPublicKey *key, |
249 | const struct GNUNET_CRYPTO_EcdsaSignature *sig, | 250 | const struct GNUNET_CRYPTO_EcdsaSignature *sig, |
251 | const struct GNUNET_TIME_Absolute *ts, | ||
250 | uint64_t pow, | 252 | uint64_t pow, |
251 | GNUNET_REVOCATION_Callback func, | 253 | GNUNET_REVOCATION_Callback func, |
252 | void *func_cls) | 254 | void *func_cls) |
@@ -271,6 +273,7 @@ GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
271 | &matching_bits)) && | 273 | &matching_bits)) && |
272 | (GNUNET_YES != | 274 | (GNUNET_YES != |
273 | GNUNET_REVOCATION_check_pow (key, | 275 | GNUNET_REVOCATION_check_pow (key, |
276 | ts, | ||
274 | pow, | 277 | pow, |
275 | (unsigned int) matching_bits))) | 278 | (unsigned int) matching_bits))) |
276 | { | 279 | { |
@@ -346,22 +349,32 @@ count_leading_zeroes (const struct GNUNET_HashCode *hash) | |||
346 | * would be acceptable for revoking the given key. | 349 | * would be acceptable for revoking the given key. |
347 | * | 350 | * |
348 | * @param key key to check for | 351 | * @param key key to check for |
352 | * @param ts revocation timestamp | ||
349 | * @param pow proof of work value | 353 | * @param pow proof of work value |
350 | * @param matching_bits how many bits must match (configuration) | 354 | * @param matching_bits how many bits must match (configuration) |
351 | * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not | 355 | * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not |
352 | */ | 356 | */ |
353 | int | 357 | int |
354 | GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EcdsaPublicKey *key, | 358 | GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EcdsaPublicKey *key, |
359 | const struct GNUNET_TIME_Absolute *ts, | ||
355 | uint64_t pow, | 360 | uint64_t pow, |
356 | unsigned int matching_bits) | 361 | unsigned int matching_bits) |
357 | { | 362 | { |
358 | char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) | 363 | char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) |
359 | + sizeof(pow)] GNUNET_ALIGN; | 364 | + sizeof(pow) |
365 | + sizeof (struct GNUNET_TIME_AbsoluteNBO)] GNUNET_ALIGN; | ||
360 | struct GNUNET_HashCode result; | 366 | struct GNUNET_HashCode result; |
367 | struct GNUNET_TIME_AbsoluteNBO ts_nbo; | ||
361 | 368 | ||
362 | GNUNET_memcpy (buf, &pow, sizeof(pow)); | 369 | ts_nbo = GNUNET_TIME_absolute_hton (*ts); |
370 | |||
371 | GNUNET_memcpy (buf, &pow, sizeof(pow)) ; | ||
363 | GNUNET_memcpy (&buf[sizeof(pow)], key, | 372 | GNUNET_memcpy (&buf[sizeof(pow)], key, |
364 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)); | 373 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)); |
374 | GNUNET_memcpy (&buf[sizeof(pow) + sizeof (struct GNUNET_TIME_AbsoluteNBO)], | ||
375 | &ts_nbo, | ||
376 | sizeof (struct GNUNET_TIME_AbsoluteNBO)); | ||
377 | |||
365 | GNUNET_CRYPTO_pow_hash ("gnunet-revocation-proof-of-work", | 378 | GNUNET_CRYPTO_pow_hash ("gnunet-revocation-proof-of-work", |
366 | buf, | 379 | buf, |
367 | sizeof(buf), | 380 | sizeof(buf), |