diff options
| author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2020-04-18 19:46:44 +0200 |
|---|---|---|
| committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2020-04-18 19:46:44 +0200 |
| commit | f00c18e631ce8bdaf80d20f236ef275c9cb99291 (patch) | |
| tree | 7926acf614e631febcbd5c99243d9c00edd2fbc2 /src/revocation | |
| parent | 91cccda131a12be139d50effe4657c6b24e36135 (diff) | |
| download | gnunet-f00c18e631ce8bdaf80d20f236ef275c9cb99291.tar.gz gnunet-f00c18e631ce8bdaf80d20f236ef275c9cb99291.zip | |
simplify pow even more; add timestamp to revocation pow
Diffstat (limited to 'src/revocation')
| -rw-r--r-- | src/revocation/gnunet-revocation.c | 22 | ||||
| -rw-r--r-- | src/revocation/gnunet-service-revocation.c | 3 | ||||
| -rw-r--r-- | src/revocation/plugin_block_revocation.c | 3 | ||||
| -rw-r--r-- | src/revocation/revocation.h | 5 | ||||
| -rw-r--r-- | src/revocation/revocation_api.c | 17 |
5 files changed, 47 insertions, 3 deletions
diff --git a/src/revocation/gnunet-revocation.c b/src/revocation/gnunet-revocation.c index f5aa2d17e..42ec71d16 100644 --- a/src/revocation/gnunet-revocation.c +++ b/src/revocation/gnunet-revocation.c | |||
| @@ -203,6 +203,11 @@ struct RevocationData | |||
| 203 | struct GNUNET_CRYPTO_EcdsaSignature sig; | 203 | struct GNUNET_CRYPTO_EcdsaSignature sig; |
| 204 | 204 | ||
| 205 | /** | 205 | /** |
| 206 | * Time of revocation | ||
| 207 | */ | ||
| 208 | struct GNUNET_TIME_AbsoluteNBO ts; | ||
| 209 | |||
| 210 | /** | ||
| 206 | * Proof of work (in NBO). | 211 | * Proof of work (in NBO). |
| 207 | */ | 212 | */ |
| 208 | uint64_t pow GNUNET_PACKED; | 213 | uint64_t pow GNUNET_PACKED; |
| @@ -215,9 +220,13 @@ struct RevocationData | |||
| 215 | static void | 220 | static void |
| 216 | perform_revocation (const struct RevocationData *rd) | 221 | perform_revocation (const struct RevocationData *rd) |
| 217 | { | 222 | { |
| 223 | struct GNUNET_TIME_Absolute ts; | ||
| 224 | |||
| 225 | ts = GNUNET_TIME_absolute_ntoh (rd->ts); | ||
| 218 | h = GNUNET_REVOCATION_revoke (cfg, | 226 | h = GNUNET_REVOCATION_revoke (cfg, |
| 219 | &rd->key, | 227 | &rd->key, |
| 220 | &rd->sig, | 228 | &rd->sig, |
| 229 | &ts, | ||
| 221 | rd->pow, | 230 | rd->pow, |
| 222 | &print_revocation_result, | 231 | &print_revocation_result, |
| 223 | NULL); | 232 | NULL); |
| @@ -273,6 +282,7 @@ static void | |||
| 273 | calculate_pow (void *cls) | 282 | calculate_pow (void *cls) |
| 274 | { | 283 | { |
| 275 | struct RevocationData *rd = cls; | 284 | struct RevocationData *rd = cls; |
| 285 | struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_ntoh (rd->ts); | ||
| 276 | 286 | ||
| 277 | /* store temporary results */ | 287 | /* store temporary results */ |
| 278 | pow_task = NULL; | 288 | pow_task = NULL; |
| @@ -290,6 +300,7 @@ calculate_pow (void *cls) | |||
| 290 | /* actually do POW calculation */ | 300 | /* actually do POW calculation */ |
| 291 | rd->pow++; | 301 | rd->pow++; |
| 292 | if (GNUNET_OK == GNUNET_REVOCATION_check_pow (&rd->key, | 302 | if (GNUNET_OK == GNUNET_REVOCATION_check_pow (&rd->key, |
| 303 | &ts, | ||
| 293 | rd->pow, | 304 | rd->pow, |
| 294 | (unsigned int) matching_bits)) | 305 | (unsigned int) matching_bits)) |
| 295 | { | 306 | { |
| @@ -331,6 +342,7 @@ ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego) | |||
| 331 | { | 342 | { |
| 332 | struct RevocationData *rd; | 343 | struct RevocationData *rd; |
| 333 | struct GNUNET_CRYPTO_EcdsaPublicKey key; | 344 | struct GNUNET_CRYPTO_EcdsaPublicKey key; |
| 345 | struct GNUNET_TIME_Absolute ts; | ||
| 334 | 346 | ||
| 335 | el = NULL; | 347 | el = NULL; |
| 336 | if (NULL == ego) | 348 | if (NULL == ego) |
| @@ -361,9 +373,14 @@ ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego) | |||
| 361 | ego), | 373 | ego), |
| 362 | &rd->sig); | 374 | &rd->sig); |
| 363 | rd->key = key; | 375 | rd->key = key; |
| 376 | rd->ts = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ()); | ||
| 364 | } | 377 | } |
| 378 | ts = GNUNET_TIME_absolute_ntoh (rd->ts); | ||
| 365 | if (GNUNET_YES == | 379 | if (GNUNET_YES == |
| 366 | GNUNET_REVOCATION_check_pow (&key, rd->pow, (unsigned int) matching_bits)) | 380 | GNUNET_REVOCATION_check_pow (&key, |
| 381 | &ts, | ||
| 382 | rd->pow, | ||
| 383 | (unsigned int) matching_bits)) | ||
| 367 | { | 384 | { |
| 368 | fprintf (stderr, "%s", _ ("Revocation certificate ready\n")); | 385 | fprintf (stderr, "%s", _ ("Revocation certificate ready\n")); |
| 369 | if (perform) | 386 | if (perform) |
| @@ -397,6 +414,7 @@ run (void *cls, | |||
| 397 | { | 414 | { |
| 398 | struct GNUNET_CRYPTO_EcdsaPublicKey pk; | 415 | struct GNUNET_CRYPTO_EcdsaPublicKey pk; |
| 399 | struct RevocationData rd; | 416 | struct RevocationData rd; |
| 417 | struct GNUNET_TIME_Absolute ts; | ||
| 400 | 418 | ||
| 401 | cfg = c; | 419 | cfg = c; |
| 402 | if (NULL != test_ego) | 420 | if (NULL != test_ego) |
| @@ -453,8 +471,10 @@ run (void *cls, | |||
| 453 | return; | 471 | return; |
| 454 | } | 472 | } |
| 455 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); | 473 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); |
| 474 | ts = GNUNET_TIME_absolute_ntoh (rd.ts); | ||
| 456 | if (GNUNET_YES != | 475 | if (GNUNET_YES != |
| 457 | GNUNET_REVOCATION_check_pow (&rd.key, | 476 | GNUNET_REVOCATION_check_pow (&rd.key, |
| 477 | &ts, | ||
| 458 | rd.pow, | 478 | rd.pow, |
| 459 | (unsigned int) matching_bits)) | 479 | (unsigned int) matching_bits)) |
| 460 | { | 480 | { |
diff --git a/src/revocation/gnunet-service-revocation.c b/src/revocation/gnunet-service-revocation.c index 3e811cd9a..ff75faa2c 100644 --- a/src/revocation/gnunet-service-revocation.c +++ b/src/revocation/gnunet-service-revocation.c | |||
| @@ -167,8 +167,11 @@ new_peer_entry (const struct GNUNET_PeerIdentity *peer) | |||
| 167 | static int | 167 | static int |
| 168 | verify_revoke_message (const struct RevokeMessage *rm) | 168 | verify_revoke_message (const struct RevokeMessage *rm) |
| 169 | { | 169 | { |
| 170 | struct GNUNET_TIME_Absolute ts; | ||
| 171 | ts = GNUNET_TIME_absolute_ntoh (rm->ts); | ||
| 170 | if (GNUNET_YES != | 172 | if (GNUNET_YES != |
| 171 | GNUNET_REVOCATION_check_pow (&rm->public_key, | 173 | GNUNET_REVOCATION_check_pow (&rm->public_key, |
| 174 | &ts, | ||
| 172 | rm->proof_of_work, | 175 | rm->proof_of_work, |
| 173 | (unsigned int) revocation_work_required)) | 176 | (unsigned int) revocation_work_required)) |
| 174 | { | 177 | { |
diff --git a/src/revocation/plugin_block_revocation.c b/src/revocation/plugin_block_revocation.c index 8d16b8781..57234fa36 100644 --- a/src/revocation/plugin_block_revocation.c +++ b/src/revocation/plugin_block_revocation.c | |||
| @@ -134,6 +134,7 @@ block_plugin_revocation_evaluate (void *cls, | |||
| 134 | struct InternalContext *ic = cls; | 134 | struct InternalContext *ic = cls; |
| 135 | struct GNUNET_HashCode chash; | 135 | struct GNUNET_HashCode chash; |
| 136 | const struct RevokeMessage *rm = reply_block; | 136 | const struct RevokeMessage *rm = reply_block; |
| 137 | struct GNUNET_TIME_Absolute ts; | ||
| 137 | 138 | ||
| 138 | if (NULL == reply_block) | 139 | if (NULL == reply_block) |
| 139 | return GNUNET_BLOCK_EVALUATION_REQUEST_VALID; | 140 | return GNUNET_BLOCK_EVALUATION_REQUEST_VALID; |
| @@ -142,8 +143,10 @@ block_plugin_revocation_evaluate (void *cls, | |||
| 142 | GNUNET_break_op (0); | 143 | GNUNET_break_op (0); |
| 143 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; | 144 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; |
| 144 | } | 145 | } |
| 146 | ts = GNUNET_TIME_absolute_ntoh (rm->ts); | ||
| 145 | if (GNUNET_YES != | 147 | if (GNUNET_YES != |
| 146 | GNUNET_REVOCATION_check_pow (&rm->public_key, | 148 | GNUNET_REVOCATION_check_pow (&rm->public_key, |
| 149 | &ts, | ||
| 147 | rm->proof_of_work, | 150 | rm->proof_of_work, |
| 148 | ic->matching_bits)) | 151 | ic->matching_bits)) |
| 149 | { | 152 | { |
diff --git a/src/revocation/revocation.h b/src/revocation/revocation.h index b6e7a07ec..184f58e0a 100644 --- a/src/revocation/revocation.h +++ b/src/revocation/revocation.h | |||
| @@ -89,6 +89,11 @@ struct RevokeMessage | |||
| 89 | uint32_t reserved GNUNET_PACKED; | 89 | uint32_t reserved GNUNET_PACKED; |
| 90 | 90 | ||
| 91 | /** | 91 | /** |
| 92 | * Timestamp | ||
| 93 | */ | ||
| 94 | struct GNUNET_TIME_AbsoluteNBO ts; | ||
| 95 | |||
| 96 | /** | ||
| 92 | * Number that causes a hash collision with the @e public_key. | 97 | * Number that causes a hash collision with the @e public_key. |
| 93 | */ | 98 | */ |
| 94 | uint64_t proof_of_work GNUNET_PACKED; | 99 | uint64_t proof_of_work GNUNET_PACKED; |
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index 4755d4816..c2aafd254 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c | |||
| @@ -235,6 +235,7 @@ handle_revocation_response (void *cls, | |||
| 235 | * @param key public key of the key to revoke | 235 | * @param key public key of the key to revoke |
| 236 | * @param sig signature to use on the revocation (should have been | 236 | * @param sig signature to use on the revocation (should have been |
| 237 | * created using #GNUNET_REVOCATION_sign_revocation). | 237 | * created using #GNUNET_REVOCATION_sign_revocation). |
| 238 | * @param ts revocation timestamp | ||
| 238 | * @param pow proof of work to use (should have been created by | 239 | * @param pow proof of work to use (should have been created by |
| 239 | * iteratively calling #GNUNET_REVOCATION_check_pow) | 240 | * iteratively calling #GNUNET_REVOCATION_check_pow) |
| 240 | * @param func funtion to call with the result of the check | 241 | * @param func funtion to call with the result of the check |
| @@ -247,6 +248,7 @@ struct GNUNET_REVOCATION_Handle * | |||
| 247 | GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, | 248 | GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, |
| 248 | const struct GNUNET_CRYPTO_EcdsaPublicKey *key, | 249 | const struct GNUNET_CRYPTO_EcdsaPublicKey *key, |
| 249 | const struct GNUNET_CRYPTO_EcdsaSignature *sig, | 250 | const struct GNUNET_CRYPTO_EcdsaSignature *sig, |
| 251 | const struct GNUNET_TIME_Absolute *ts, | ||
| 250 | uint64_t pow, | 252 | uint64_t pow, |
| 251 | GNUNET_REVOCATION_Callback func, | 253 | GNUNET_REVOCATION_Callback func, |
| 252 | void *func_cls) | 254 | void *func_cls) |
| @@ -271,6 +273,7 @@ GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
| 271 | &matching_bits)) && | 273 | &matching_bits)) && |
| 272 | (GNUNET_YES != | 274 | (GNUNET_YES != |
| 273 | GNUNET_REVOCATION_check_pow (key, | 275 | GNUNET_REVOCATION_check_pow (key, |
| 276 | ts, | ||
| 274 | pow, | 277 | pow, |
| 275 | (unsigned int) matching_bits))) | 278 | (unsigned int) matching_bits))) |
| 276 | { | 279 | { |
| @@ -346,22 +349,32 @@ count_leading_zeroes (const struct GNUNET_HashCode *hash) | |||
| 346 | * would be acceptable for revoking the given key. | 349 | * would be acceptable for revoking the given key. |
| 347 | * | 350 | * |
| 348 | * @param key key to check for | 351 | * @param key key to check for |
| 352 | * @param ts revocation timestamp | ||
| 349 | * @param pow proof of work value | 353 | * @param pow proof of work value |
| 350 | * @param matching_bits how many bits must match (configuration) | 354 | * @param matching_bits how many bits must match (configuration) |
| 351 | * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not | 355 | * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not |
| 352 | */ | 356 | */ |
| 353 | int | 357 | int |
| 354 | GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EcdsaPublicKey *key, | 358 | GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EcdsaPublicKey *key, |
| 359 | const struct GNUNET_TIME_Absolute *ts, | ||
| 355 | uint64_t pow, | 360 | uint64_t pow, |
| 356 | unsigned int matching_bits) | 361 | unsigned int matching_bits) |
| 357 | { | 362 | { |
| 358 | char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) | 363 | char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) |
| 359 | + sizeof(pow)] GNUNET_ALIGN; | 364 | + sizeof(pow) |
| 365 | + sizeof (struct GNUNET_TIME_AbsoluteNBO)] GNUNET_ALIGN; | ||
| 360 | struct GNUNET_HashCode result; | 366 | struct GNUNET_HashCode result; |
| 367 | struct GNUNET_TIME_AbsoluteNBO ts_nbo; | ||
| 361 | 368 | ||
| 362 | GNUNET_memcpy (buf, &pow, sizeof(pow)); | 369 | ts_nbo = GNUNET_TIME_absolute_hton (*ts); |
| 370 | |||
| 371 | GNUNET_memcpy (buf, &pow, sizeof(pow)) ; | ||
| 363 | GNUNET_memcpy (&buf[sizeof(pow)], key, | 372 | GNUNET_memcpy (&buf[sizeof(pow)], key, |
| 364 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)); | 373 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)); |
| 374 | GNUNET_memcpy (&buf[sizeof(pow) + sizeof (struct GNUNET_TIME_AbsoluteNBO)], | ||
| 375 | &ts_nbo, | ||
| 376 | sizeof (struct GNUNET_TIME_AbsoluteNBO)); | ||
| 377 | |||
| 365 | GNUNET_CRYPTO_pow_hash ("gnunet-revocation-proof-of-work", | 378 | GNUNET_CRYPTO_pow_hash ("gnunet-revocation-proof-of-work", |
| 366 | buf, | 379 | buf, |
| 367 | sizeof(buf), | 380 | sizeof(buf), |