diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-02-05 20:49:21 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-02-05 20:49:21 +0000 |
commit | ca35f67faee8371fa763bdf49f04a8d5d4cdc021 (patch) | |
tree | 5535df5e5a2428ed838c6a0e60b2c6c68a7842c5 /src/transport/gnunet-service-transport_validation.c | |
parent | dd7cca21c5dbaef4d56f92bab3932f0f73d092d1 (diff) | |
download | gnunet-ca35f67faee8371fa763bdf49f04a8d5d4cdc021.tar.gz gnunet-ca35f67faee8371fa763bdf49f04a8d5d4cdc021.zip |
switching to ECDHE cryptography f, implementation is incomplete and INSECURE, do not use for anything but testing
Diffstat (limited to 'src/transport/gnunet-service-transport_validation.c')
-rw-r--r-- | src/transport/gnunet-service-transport_validation.c | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/src/transport/gnunet-service-transport_validation.c b/src/transport/gnunet-service-transport_validation.c index 3598a3494..c38a5022c 100644 --- a/src/transport/gnunet-service-transport_validation.c +++ b/src/transport/gnunet-service-transport_validation.c | |||
@@ -149,13 +149,13 @@ struct TransportPongMessage | |||
149 | /** | 149 | /** |
150 | * Signature. | 150 | * Signature. |
151 | */ | 151 | */ |
152 | struct GNUNET_CRYPTO_RsaSignature signature; | 152 | struct GNUNET_CRYPTO_EccSignature signature; |
153 | 153 | ||
154 | /** | 154 | /** |
155 | * GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN to confirm that this is a | 155 | * GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN to confirm that this is a |
156 | * plausible address for the signing peer. | 156 | * plausible address for the signing peer. |
157 | */ | 157 | */ |
158 | struct GNUNET_CRYPTO_RsaSignaturePurpose purpose; | 158 | struct GNUNET_CRYPTO_EccSignaturePurpose purpose; |
159 | 159 | ||
160 | /** | 160 | /** |
161 | * When does this signature expire? | 161 | * When does this signature expire? |
@@ -190,7 +190,7 @@ struct ValidationEntry | |||
190 | /** | 190 | /** |
191 | * Public key of the peer. | 191 | * Public key of the peer. |
192 | */ | 192 | */ |
193 | struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded public_key; | 193 | struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded public_key; |
194 | 194 | ||
195 | /** | 195 | /** |
196 | * The identity of the peer. FIXME: duplicated (also in 'address') | 196 | * The identity of the peer. FIXME: duplicated (also in 'address') |
@@ -636,7 +636,7 @@ revalidate_address (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc) | |||
636 | * if we don't have an existing entry and no public key was given | 636 | * if we don't have an existing entry and no public key was given |
637 | */ | 637 | */ |
638 | static struct ValidationEntry * | 638 | static struct ValidationEntry * |
639 | find_validation_entry (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded | 639 | find_validation_entry (const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded |
640 | *public_key, const struct GNUNET_HELLO_Address *address) | 640 | *public_key, const struct GNUNET_HELLO_Address *address) |
641 | { | 641 | { |
642 | struct ValidationEntryMatchContext vemc; | 642 | struct ValidationEntryMatchContext vemc; |
@@ -688,7 +688,7 @@ add_valid_address (void *cls, const struct GNUNET_HELLO_Address *address, | |||
688 | const struct GNUNET_HELLO_Message *hello = cls; | 688 | const struct GNUNET_HELLO_Message *hello = cls; |
689 | struct ValidationEntry *ve; | 689 | struct ValidationEntry *ve; |
690 | struct GNUNET_PeerIdentity pid; | 690 | struct GNUNET_PeerIdentity pid; |
691 | struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded public_key; | 691 | struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded public_key; |
692 | 692 | ||
693 | if (GNUNET_TIME_absolute_get_remaining (expiration).rel_value == 0) | 693 | if (GNUNET_TIME_absolute_get_remaining (expiration).rel_value == 0) |
694 | return GNUNET_OK; /* expired */ | 694 | return GNUNET_OK; /* expired */ |
@@ -789,7 +789,7 @@ GST_validation_stop () | |||
789 | */ | 789 | */ |
790 | static void | 790 | static void |
791 | multicast_pong (void *cls, | 791 | multicast_pong (void *cls, |
792 | const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded | 792 | const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded |
793 | *public_key, struct GNUNET_TIME_Absolute valid_until, | 793 | *public_key, struct GNUNET_TIME_Absolute valid_until, |
794 | struct GNUNET_TIME_Absolute validation_block, | 794 | struct GNUNET_TIME_Absolute validation_block, |
795 | const struct GNUNET_HELLO_Address *address) | 795 | const struct GNUNET_HELLO_Address *address) |
@@ -835,7 +835,7 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender, | |||
835 | const struct TransportPingMessage *ping; | 835 | const struct TransportPingMessage *ping; |
836 | struct TransportPongMessage *pong; | 836 | struct TransportPongMessage *pong; |
837 | struct GNUNET_TRANSPORT_PluginFunctions *papi; | 837 | struct GNUNET_TRANSPORT_PluginFunctions *papi; |
838 | struct GNUNET_CRYPTO_RsaSignature *sig_cache; | 838 | struct GNUNET_CRYPTO_EccSignature *sig_cache; |
839 | struct GNUNET_TIME_Absolute *sig_cache_exp; | 839 | struct GNUNET_TIME_Absolute *sig_cache_exp; |
840 | const char *addr; | 840 | const char *addr; |
841 | const char *addrend; | 841 | const char *addrend; |
@@ -931,7 +931,7 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender, | |||
931 | { | 931 | { |
932 | addrend = NULL; /* make gcc happy */ | 932 | addrend = NULL; /* make gcc happy */ |
933 | slen = 0; | 933 | slen = 0; |
934 | static struct GNUNET_CRYPTO_RsaSignature no_address_signature; | 934 | static struct GNUNET_CRYPTO_EccSignature no_address_signature; |
935 | static struct GNUNET_TIME_Absolute no_address_signature_expiration; | 935 | static struct GNUNET_TIME_Absolute no_address_signature_expiration; |
936 | 936 | ||
937 | sig_cache = &no_address_signature; | 937 | sig_cache = &no_address_signature; |
@@ -951,7 +951,7 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender, | |||
951 | htons (sizeof (struct TransportPongMessage) + alen + slen); | 951 | htons (sizeof (struct TransportPongMessage) + alen + slen); |
952 | pong->header.type = htons (GNUNET_MESSAGE_TYPE_TRANSPORT_PONG); | 952 | pong->header.type = htons (GNUNET_MESSAGE_TYPE_TRANSPORT_PONG); |
953 | pong->purpose.size = | 953 | pong->purpose.size = |
954 | htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + | 954 | htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + |
955 | sizeof (uint32_t) + sizeof (struct GNUNET_TIME_AbsoluteNBO) + | 955 | sizeof (uint32_t) + sizeof (struct GNUNET_TIME_AbsoluteNBO) + |
956 | alen + slen); | 956 | alen + slen); |
957 | pong->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN); | 957 | pong->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN); |
@@ -981,7 +981,7 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender, | |||
981 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating buggy PONG signature to indicate ownership.\n"); | 981 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating buggy PONG signature to indicate ownership.\n"); |
982 | pong->expiration = GNUNET_TIME_absolute_hton (GNUNET_TIME_relative_to_absolute (PONG_SIGNATURE_LIFETIME)); | 982 | pong->expiration = GNUNET_TIME_absolute_hton (GNUNET_TIME_relative_to_absolute (PONG_SIGNATURE_LIFETIME)); |
983 | GNUNET_assert (GNUNET_OK == | 983 | GNUNET_assert (GNUNET_OK == |
984 | GNUNET_CRYPTO_rsa_sign (GST_my_private_key, &pong->purpose, | 984 | GNUNET_CRYPTO_ecc_sign (GST_my_private_key, &pong->purpose, |
985 | &pong->signature)); | 985 | &pong->signature)); |
986 | } | 986 | } |
987 | else | 987 | else |
@@ -1001,7 +1001,7 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender, | |||
1001 | *sig_cache_exp = GNUNET_TIME_relative_to_absolute (PONG_SIGNATURE_LIFETIME); | 1001 | *sig_cache_exp = GNUNET_TIME_relative_to_absolute (PONG_SIGNATURE_LIFETIME); |
1002 | pong->expiration = GNUNET_TIME_absolute_hton (*sig_cache_exp); | 1002 | pong->expiration = GNUNET_TIME_absolute_hton (*sig_cache_exp); |
1003 | GNUNET_assert (GNUNET_OK == | 1003 | GNUNET_assert (GNUNET_OK == |
1004 | GNUNET_CRYPTO_rsa_sign (GST_my_private_key, &pong->purpose, | 1004 | GNUNET_CRYPTO_ecc_sign (GST_my_private_key, &pong->purpose, |
1005 | sig_cache)); | 1005 | sig_cache)); |
1006 | } | 1006 | } |
1007 | else | 1007 | else |
@@ -1080,7 +1080,7 @@ struct ValidateAddressContext | |||
1080 | /** | 1080 | /** |
1081 | * Public key of the peer whose address is being validated. | 1081 | * Public key of the peer whose address is being validated. |
1082 | */ | 1082 | */ |
1083 | struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded public_key; | 1083 | struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded public_key; |
1084 | }; | 1084 | }; |
1085 | 1085 | ||
1086 | 1086 | ||
@@ -1197,7 +1197,7 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender, | |||
1197 | } | 1197 | } |
1198 | 1198 | ||
1199 | if (GNUNET_OK != | 1199 | if (GNUNET_OK != |
1200 | GNUNET_CRYPTO_rsa_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN, | 1200 | GNUNET_CRYPTO_ecc_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN, |
1201 | &pong->purpose, &pong->signature, | 1201 | &pong->purpose, &pong->signature, |
1202 | &ve->public_key)) | 1202 | &ve->public_key)) |
1203 | { | 1203 | { |