summaryrefslogtreecommitdiff
path: root/src/transport
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-04-08 16:56:33 +0200
committerChristian Grothoff <christian@grothoff.org>2020-04-08 16:56:33 +0200
commit11ae9f030e13d07c505a4d5477d592ddb4b3acf6 (patch)
tree69ce120a7c60c84d0d074bab8fe2cd26e77300dc /src/transport
parent2348fe4ae8ffe93765d5c56c3cc5d4490eae946d (diff)
fix sign api for to address #6164
Diffstat (limited to 'src/transport')
-rw-r--r--src/transport/gnunet-communicator-tcp.c31
-rw-r--r--src/transport/gnunet-communicator-udp.c16
-rw-r--r--src/transport/gnunet-service-tng.c74
-rw-r--r--src/transport/gnunet-service-transport_neighbours.c8
-rw-r--r--src/transport/gnunet-service-transport_validation.c7
5 files changed, 70 insertions, 66 deletions
diff --git a/src/transport/gnunet-communicator-tcp.c b/src/transport/gnunet-communicator-tcp.c
index 045a57d0f..2786ba184 100644
--- a/src/transport/gnunet-communicator-tcp.c
+++ b/src/transport/gnunet-communicator-tcp.c
@@ -880,7 +880,7 @@ do_rekey (struct Queue *queue, const struct TCPRekey *rekey)
/* FIXME: check monotonic time is monotonic... */
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_TCP_REKEY,
- &thp.purpose,
+ &thp,
&rekey->sender_sig,
&queue->target.public_key))
{
@@ -1063,8 +1063,7 @@ queue_read (void *cls)
However, we have to take into account that the plaintext buffer may have
already contained data and not jumpt too far ahead in the ciphertext.
If there is no rekey and the last message is incomplete (max > total),
- it is safe to keep the decryption so we shift by 'max' */
- if (GNUNET_YES == queue->rekeyed)
+ it is safe to keep the decryption so we shift by 'max' */if (GNUNET_YES == queue->rekeyed)
{
max = total - old_pread_off;
queue->rekeyed = GNUNET_NO;
@@ -1284,9 +1283,9 @@ inject_rekey (struct Queue *queue)
thp.receiver = queue->target;
thp.ephemeral = rekey.ephemeral;
thp.monotonic_time = rekey.monotonic_time;
- GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
- &thp.purpose,
- &rekey.sender_sig));
+ GNUNET_CRYPTO_eddsa_sign (my_private_key,
+ &thp,
+ &rekey.sender_sig);
calculate_hmac (&queue->out_hmac, &rekey, sizeof(rekey), &rekey.hmac);
/* Encrypt rekey message with 'old' cipher */
GNUNET_assert (0 ==
@@ -1586,9 +1585,9 @@ transmit_kx (struct Queue *queue,
ths.receiver = queue->target;
ths.ephemeral = *epub;
ths.monotonic_time = tc.monotonic_time;
- GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
- &ths.purpose,
- &tc.sender_sig));
+ GNUNET_CRYPTO_eddsa_sign (my_private_key,
+ &ths,
+ &tc.sender_sig);
GNUNET_assert (0 ==
gcry_cipher_encrypt (queue->out_cipher,
&queue->cwrite_buf[queue->cwrite_off],
@@ -1654,7 +1653,7 @@ decrypt_and_check_tc (struct Queue *queue,
from this sender! */
return GNUNET_CRYPTO_eddsa_verify (
GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE,
- &ths.purpose,
+ &ths,
&tc->sender_sig,
&tc->sender.public_key);
}
@@ -1953,7 +1952,7 @@ mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
queue->address_len = in_len;
queue->sock = sock;
boot_queue (queue, GNUNET_TRANSPORT_CS_OUTBOUND);
- //queue->mq_awaits_continue = GNUNET_YES;
+ // queue->mq_awaits_continue = GNUNET_YES;
queue->read_task =
GNUNET_SCHEDULER_add_read_net (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT,
queue->sock,
@@ -2155,9 +2154,9 @@ run (void *cls,
max_queue_length = DEFAULT_MAX_QUEUE_LENGTH;
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_time (cfg,
- COMMUNICATOR_CONFIG_SECTION,
- "REKEY_INTERVAL",
- &rekey_interval))
+ COMMUNICATOR_CONFIG_SECTION,
+ "REKEY_INTERVAL",
+ &rekey_interval))
rekey_interval = DEFAULT_REKEY_INTERVAL;
in = tcp_address_to_sockaddr (bindto, &in_len);
@@ -2286,8 +2285,8 @@ main (int argc, char *const *argv)
options,
&run,
NULL))
- ? 0
- : 1;
+ ? 0
+ : 1;
GNUNET_free ((void *) argv);
return ret;
}
diff --git a/src/transport/gnunet-communicator-udp.c b/src/transport/gnunet-communicator-udp.c
index d767689b9..1542a7702 100644
--- a/src/transport/gnunet-communicator-udp.c
+++ b/src/transport/gnunet-communicator-udp.c
@@ -1533,7 +1533,7 @@ verify_confirmation (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral,
uhs.monotonic_time = uc->monotonic_time;
return GNUNET_CRYPTO_eddsa_verify (
GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE,
- &uhs.purpose,
+ &uhs,
&uc->sender_sig,
&uc->sender.public_key);
}
@@ -1634,7 +1634,7 @@ sock_read (void *cls)
GNUNET_CRYPTO_hash (&sa, salen, &uhs.h_address);
if (GNUNET_OK ==
GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST,
- &uhs.purpose,
+ &uhs,
&ub->sender_sig,
&ub->sender.public_key))
{
@@ -1932,9 +1932,9 @@ mq_send (struct GNUNET_MQ_Handle *mq,
uhs.receiver = receiver->target;
GNUNET_CRYPTO_ecdhe_key_get_public (&epriv, &uhs.ephemeral);
uhs.monotonic_time = uc.monotonic_time;
- GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
- &uhs.purpose,
- &uc.sender_sig));
+ GNUNET_CRYPTO_eddsa_sign (my_private_key,
+ &uhs,
+ &uc.sender_sig);
/* Leave space for kx */
dpos = sizeof(kx);
/* Append encrypted uc to dgram */
@@ -2534,9 +2534,9 @@ iface_proc (void *cls,
ubs.purpose.size = htonl (sizeof(ubs));
ubs.sender = my_identity;
GNUNET_CRYPTO_hash (addr, addrlen, &ubs.h_address);
- GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
- &ubs.purpose,
- &bi->bcm.sender_sig));
+ GNUNET_CRYPTO_eddsa_sign (my_private_key,
+ &ubs,
+ &bi->bcm.sender_sig);
if (NULL != broadcast_addr)
{
bi->broadcast_task = GNUNET_SCHEDULER_add_now (&ifc_broadcast, bi);
diff --git a/src/transport/gnunet-service-tng.c b/src/transport/gnunet-service-tng.c
index 8d68d90a6..75763fd9d 100644
--- a/src/transport/gnunet-service-tng.c
+++ b/src/transport/gnunet-service-tng.c
@@ -4137,9 +4137,9 @@ update_ephemeral (struct DistanceVector *dv)
ec.purpose.size = htonl (sizeof(ec));
ec.target = dv->target;
ec.ephemeral_key = dv->ephemeral_key;
- GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (GST_my_private_key,
- &ec.purpose,
- &dv->sender_sig));
+ GNUNET_CRYPTO_eddsa_sign (GST_my_private_key,
+ &ec,
+ &dv->sender_sig);
}
@@ -6391,17 +6391,17 @@ forward_dv_learn (const struct GNUNET_PeerIdentity *next_hop,
GNUNET_memcpy (dhops, hops, sizeof(struct DVPathEntryP) * nhops);
dhops[nhops].hop = GST_my_identity;
{
- struct DvHopPS dhp = { .purpose.purpose =
- htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_HOP),
- .purpose.size = htonl (sizeof(dhp)),
- .pred = dhops[nhops - 1].hop,
- .succ = *next_hop,
- .challenge = msg->challenge };
+ struct DvHopPS dhp = {
+ .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_HOP),
+ .purpose.size = htonl (sizeof(dhp)),
+ .pred = dhops[nhops - 1].hop,
+ .succ = *next_hop,
+ .challenge = msg->challenge
+ };
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_eddsa_sign (GST_my_private_key,
- &dhp.purpose,
- &dhops[nhops].hop_sig));
+ GNUNET_CRYPTO_eddsa_sign (GST_my_private_key,
+ &dhp,
+ &dhops[nhops].hop_sig);
}
route_control_message_without_fc (next_hop,
&fwd->header,
@@ -6434,7 +6434,7 @@ validate_dv_initiator_signature (
if (
GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_INITIATOR,
- &ip.purpose,
+ &ip,
init_sig,
&init->public_key))
{
@@ -6770,7 +6770,7 @@ handle_dv_learn (void *cls, const struct TransportDVLearnMessage *dvl)
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_HOP,
- &dhp.purpose,
+ &dhp,
&hops[i].hop_sig,
&hops[i].hop.public_key))
{
@@ -7422,7 +7422,7 @@ handle_dv_box (void *cls, const struct TransportDVBoxMessage *dvb)
GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (
GNUNET_SIGNATURE_PURPOSE_TRANSPORT_EPHEMERAL,
- &ec.purpose,
+ &ec,
&ppay.sender_sig,
&ppay.sender.public_key))
{
@@ -7728,15 +7728,16 @@ handle_validation_challenge (
tvr.validity_duration = validity_duration;
{
/* create signature */
- struct TransportValidationPS tvp =
- { .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_CHALLENGE),
+ struct TransportValidationPS tvp = {
+ .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_CHALLENGE),
.purpose.size = htonl (sizeof(tvp)),
.validity_duration = validity_duration,
- .challenge = tvc->challenge };
+ .challenge = tvc->challenge
+ };
- GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (GST_my_private_key,
- &tvp.purpose,
- &tvr.signature));
+ GNUNET_CRYPTO_eddsa_sign (GST_my_private_key,
+ &tvp,
+ &tvr.signature);
}
route_control_message_without_fc (&cmc->im.sender,
&tvr.header,
@@ -7921,16 +7922,17 @@ handle_validation_response (
{
/* check signature */
- struct TransportValidationPS tvp =
- { .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_CHALLENGE),
+ struct TransportValidationPS tvp = {
+ .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_CHALLENGE),
.purpose.size = htonl (sizeof(tvp)),
.validity_duration = tvr->validity_duration,
- .challenge = tvr->challenge };
+ .challenge = tvr->challenge
+ };
if (
GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_CHALLENGE,
- &tvp.purpose,
+ &tvp,
&tvr->signature,
&cmc->im.sender.public_key))
{
@@ -9393,15 +9395,17 @@ start_dv_learn (void *cls)
dvl.monotonic_time =
GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (GST_cfg));
{
- struct DvInitPS dvip = { .purpose.purpose = htonl (
- GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_INITIATOR),
- .purpose.size = htonl (sizeof(dvip)),
- .monotonic_time = dvl.monotonic_time,
- .challenge = lle->challenge };
-
- GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (GST_my_private_key,
- &dvip.purpose,
- &dvl.init_sig));
+ struct DvInitPS dvip = {
+ .purpose.purpose = htonl (
+ GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_INITIATOR),
+ .purpose.size = htonl (sizeof(dvip)),
+ .monotonic_time = dvl.monotonic_time,
+ .challenge = lle->challenge
+ };
+
+ GNUNET_CRYPTO_eddsa_sign (GST_my_private_key,
+ &dvip,
+ &dvl.init_sig);
}
dvl.initiator = GST_my_identity;
dvl.challenge = lle->challenge;
diff --git a/src/transport/gnunet-service-transport_neighbours.c b/src/transport/gnunet-service-transport_neighbours.c
index 9c6cebc24..ec64ca607 100644
--- a/src/transport/gnunet-service-transport_neighbours.c
+++ b/src/transport/gnunet-service-transport_neighbours.c
@@ -1045,9 +1045,9 @@ send_disconnect (struct NeighbourMapEntry *n)
GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ());
disconnect_msg.public_key = GST_my_identity.public_key;
GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_eddsa_sign (GST_my_private_key,
- &disconnect_msg.purpose,
- &disconnect_msg.signature));
+ GNUNET_CRYPTO_eddsa_sign_ (GST_my_private_key,
+ &disconnect_msg.purpose,
+ &disconnect_msg.signature));
(void) send_with_session (n,
&disconnect_msg,
@@ -3763,7 +3763,7 @@ GST_neighbours_handle_disconnect_message (const struct
return;
}
if (GNUNET_OK !=
- GNUNET_CRYPTO_eddsa_verify (
+ GNUNET_CRYPTO_eddsa_verify_ (
GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_DISCONNECT,
&sdm->purpose,
&sdm->signature,
diff --git a/src/transport/gnunet-service-transport_validation.c b/src/transport/gnunet-service-transport_validation.c
index 631b0a8f8..610c45a21 100644
--- a/src/transport/gnunet-service-transport_validation.c
+++ b/src/transport/gnunet-service-transport_validation.c
@@ -1271,8 +1271,9 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender,
*sig_cache_exp = GNUNET_TIME_relative_to_absolute (PONG_SIGNATURE_LIFETIME);
pong->expiration = GNUNET_TIME_absolute_hton (*sig_cache_exp);
if (GNUNET_OK !=
- GNUNET_CRYPTO_eddsa_sign (GST_my_private_key, &pong->purpose,
- sig_cache))
+ GNUNET_CRYPTO_eddsa_sign_ (GST_my_private_key,
+ &pong->purpose,
+ sig_cache))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
_ ("Failed to create PONG signature for peer `%s'\n"),
@@ -1559,7 +1560,7 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender,
if (GNUNET_YES == do_verify)
{
/* Do expensive verification */
- sig_res = GNUNET_CRYPTO_eddsa_verify (
+ sig_res = GNUNET_CRYPTO_eddsa_verify_ (
GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN,
&pong->purpose,
&pong->signature,