diff options
author | t3sserakt <t3ss@posteo.de> | 2022-03-17 15:12:06 +0100 |
---|---|---|
committer | t3sserakt <t3ss@posteo.de> | 2022-03-17 15:12:06 +0100 |
commit | 8d41efc36bec5bc5ec29278a365d5a63d7349084 (patch) | |
tree | 99177b1b5400df5ae7180c2af1f47408cace1034 /src/util | |
parent | 95a1edacccd9b3bf769a144a12d41946d0ac25dc (diff) | |
parent | ea4a5dd6ca3d62f852b5c2de94071b7fc8f0544c (diff) | |
download | gnunet-8d41efc36bec5bc5ec29278a365d5a63d7349084.tar.gz gnunet-8d41efc36bec5bc5ec29278a365d5a63d7349084.zip |
Merge branch 'master' of ssh://git.gnunet.org/gnunet
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/common_logging.c | 25 | ||||
-rw-r--r-- | src/util/crypto_cs.c | 214 | ||||
-rw-r--r-- | src/util/crypto_hash.c | 3 | ||||
-rw-r--r-- | src/util/dnsstub.c | 42 | ||||
-rw-r--r-- | src/util/getopt_helpers.c | 3 | ||||
-rw-r--r-- | src/util/gnunet-crypto-tvg.c | 24 | ||||
-rw-r--r-- | src/util/network.c | 3 | ||||
-rw-r--r-- | src/util/plugin.c | 4 | ||||
-rw-r--r-- | src/util/strings.c | 41 | ||||
-rw-r--r-- | src/util/test_crypto_cs.c | 334 | ||||
-rw-r--r-- | src/util/test_strings.c | 7 | ||||
-rw-r--r-- | src/util/time.c | 7 |
12 files changed, 394 insertions, 313 deletions
diff --git a/src/util/common_logging.c b/src/util/common_logging.c index cba37cd2f..b07f3fc0b 100644 --- a/src/util/common_logging.c +++ b/src/util/common_logging.c | |||
@@ -321,6 +321,28 @@ log_rotate (const char *new_name) | |||
321 | } | 321 | } |
322 | 322 | ||
323 | 323 | ||
324 | const char * | ||
325 | GNUNET_b2s (const void *buf, | ||
326 | size_t buf_size) | ||
327 | { | ||
328 | static GNUNET_THREAD_LOCAL char ret[9]; | ||
329 | struct GNUNET_HashCode hc; | ||
330 | char *tmp; | ||
331 | |||
332 | GNUNET_CRYPTO_hash (buf, | ||
333 | buf_size, | ||
334 | &hc); | ||
335 | tmp = GNUNET_STRINGS_data_to_string_alloc (&hc, | ||
336 | sizeof (hc)); | ||
337 | memcpy (ret, | ||
338 | tmp, | ||
339 | 8); | ||
340 | GNUNET_free (tmp); | ||
341 | ret[8] = '\0'; | ||
342 | return ret; | ||
343 | } | ||
344 | |||
345 | |||
324 | /** | 346 | /** |
325 | * Setup the log file. | 347 | * Setup the log file. |
326 | * | 348 | * |
@@ -1015,7 +1037,8 @@ mylog (enum GNUNET_ErrorType kind, | |||
1015 | else | 1037 | else |
1016 | { | 1038 | { |
1017 | /* RFC 3339 timestamp, with snprintf placeholder for microseconds */ | 1039 | /* RFC 3339 timestamp, with snprintf placeholder for microseconds */ |
1018 | if (0 == strftime (date2, DATE_STR_SIZE, "%Y-%m-%dT%H:%M:%S.%%06u%z", tmptr)) | 1040 | if (0 == strftime (date2, DATE_STR_SIZE, "%Y-%m-%dT%H:%M:%S.%%06u%z", |
1041 | tmptr)) | ||
1019 | abort (); | 1042 | abort (); |
1020 | /* Fill in microseconds */ | 1043 | /* Fill in microseconds */ |
1021 | if (0 > snprintf (date, sizeof(date), date2, timeofday.tv_usec)) | 1044 | if (0 > snprintf (date, sizeof(date), date2, timeofday.tv_usec)) |
diff --git a/src/util/crypto_cs.c b/src/util/crypto_cs.c index c89ba5d83..4c6648229 100644 --- a/src/util/crypto_cs.c +++ b/src/util/crypto_cs.c | |||
@@ -40,11 +40,6 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | 42 | ||
43 | /** | ||
44 | * Create a new random private key. | ||
45 | * | ||
46 | * @param[out] priv where to write the fresh private key | ||
47 | */ | ||
48 | void | 43 | void |
49 | GNUNET_CRYPTO_cs_private_key_generate (struct GNUNET_CRYPTO_CsPrivateKey *priv) | 44 | GNUNET_CRYPTO_cs_private_key_generate (struct GNUNET_CRYPTO_CsPrivateKey *priv) |
50 | { | 45 | { |
@@ -52,16 +47,10 @@ GNUNET_CRYPTO_cs_private_key_generate (struct GNUNET_CRYPTO_CsPrivateKey *priv) | |||
52 | } | 47 | } |
53 | 48 | ||
54 | 49 | ||
55 | /** | ||
56 | * Extract the public key of the given private key. | ||
57 | * | ||
58 | * @param priv the private key | ||
59 | * @param[out] pub where to write the public key | ||
60 | */ | ||
61 | void | 50 | void |
62 | GNUNET_CRYPTO_cs_private_key_get_public (const struct | 51 | GNUNET_CRYPTO_cs_private_key_get_public ( |
63 | GNUNET_CRYPTO_CsPrivateKey *priv, | 52 | const struct GNUNET_CRYPTO_CsPrivateKey *priv, |
64 | struct GNUNET_CRYPTO_CsPublicKey *pub) | 53 | struct GNUNET_CRYPTO_CsPublicKey *pub) |
65 | { | 54 | { |
66 | GNUNET_assert (0 == crypto_scalarmult_ed25519_base_noclamp (pub->point.y, | 55 | GNUNET_assert (0 == crypto_scalarmult_ed25519_base_noclamp (pub->point.y, |
67 | priv->scalar.d)); | 56 | priv->scalar.d)); |
@@ -69,63 +58,40 @@ GNUNET_CRYPTO_cs_private_key_get_public (const struct | |||
69 | 58 | ||
70 | 59 | ||
71 | /** | 60 | /** |
72 | * maps 32 random bytes to a scalar | 61 | * Maps 32 random bytes to a scalar. This is necessary because libsodium |
73 | * this is necessary because libsodium expects scalar to be in the prime order subgroup | 62 | * expects scalar to be in the prime order subgroup. |
74 | * @param[out] scalar containing 32 byte char array, is modified to be in prime order subgroup | 63 | * |
64 | * @param[in,out] scalar containing 32 byte char array, is modified to be in prime order subgroup | ||
75 | */ | 65 | */ |
76 | static void | 66 | static void |
77 | map_to_scalar_subgroup (struct GNUNET_CRYPTO_Cs25519Scalar *scalar) | 67 | map_to_scalar_subgroup (struct GNUNET_CRYPTO_Cs25519Scalar *scalar) |
78 | { | 68 | { |
79 | // perform clamping as described in RFC7748 | 69 | /* perform clamping as described in RFC7748 */ |
80 | scalar->d[0] &= 248; | 70 | scalar->d[0] &= 248; |
81 | scalar->d[31] &= 127; | 71 | scalar->d[31] &= 127; |
82 | scalar->d[31] |= 64; | 72 | scalar->d[31] |= 64; |
83 | } | 73 | } |
84 | 74 | ||
85 | 75 | ||
86 | /** | ||
87 | * Derive a new secret r pair r0 and r1. | ||
88 | * In original papers r is generated randomly | ||
89 | * To provide abort-idempotency, r needs to be derived but still needs to be UNPREDICTABLE | ||
90 | * To ensure unpredictability a new nonce should be used when a new r needs to be derived. | ||
91 | * Uses HKDF internally. | ||
92 | * Comment: Can be done in one HKDF shot and split output. | ||
93 | * | ||
94 | * @param nonce is a random nonce | ||
95 | * @param lts is a long-term-secret in form of a private key | ||
96 | * @param[out] r array containing derived secrets r0 and r1 | ||
97 | */ | ||
98 | void | 76 | void |
99 | GNUNET_CRYPTO_cs_r_derive (const struct GNUNET_CRYPTO_CsNonce *nonce, | 77 | GNUNET_CRYPTO_cs_r_derive (const struct GNUNET_CRYPTO_CsNonce *nonce, |
78 | const char *seed, | ||
100 | const struct GNUNET_CRYPTO_CsPrivateKey *lts, | 79 | const struct GNUNET_CRYPTO_CsPrivateKey *lts, |
101 | struct GNUNET_CRYPTO_CsRSecret r[2]) | 80 | struct GNUNET_CRYPTO_CsRSecret r[2]) |
102 | { | 81 | { |
103 | GNUNET_assert (GNUNET_YES == | 82 | GNUNET_assert ( |
104 | GNUNET_CRYPTO_hkdf (r, | 83 | GNUNET_YES == |
105 | sizeof (struct GNUNET_CRYPTO_CsRSecret) | 84 | GNUNET_CRYPTO_kdf ( |
106 | * 2, | 85 | r, sizeof (struct GNUNET_CRYPTO_CsRSecret) * 2, |
107 | GCRY_MD_SHA512, | 86 | seed, strlen (seed), |
108 | GCRY_MD_SHA256, | 87 | lts, sizeof (*lts), |
109 | "r", | 88 | nonce, sizeof (*nonce), |
110 | strlen ("r"), | 89 | NULL, 0)); |
111 | lts, | ||
112 | sizeof (*lts), | ||
113 | nonce, | ||
114 | sizeof (*nonce), | ||
115 | NULL, | ||
116 | 0)); | ||
117 | |||
118 | map_to_scalar_subgroup (&r[0].scalar); | 90 | map_to_scalar_subgroup (&r[0].scalar); |
119 | map_to_scalar_subgroup (&r[1].scalar); | 91 | map_to_scalar_subgroup (&r[1].scalar); |
120 | } | 92 | } |
121 | 93 | ||
122 | 94 | ||
123 | /** | ||
124 | * Extract the public R of the given secret r. | ||
125 | * | ||
126 | * @param r_priv the private key | ||
127 | * @param[out] r_pub where to write the public key | ||
128 | */ | ||
129 | void | 95 | void |
130 | GNUNET_CRYPTO_cs_r_get_public (const struct GNUNET_CRYPTO_CsRSecret *r_priv, | 96 | GNUNET_CRYPTO_cs_r_get_public (const struct GNUNET_CRYPTO_CsRSecret *r_priv, |
131 | struct GNUNET_CRYPTO_CsRPublic *r_pub) | 97 | struct GNUNET_CRYPTO_CsRPublic *r_pub) |
@@ -135,36 +101,23 @@ GNUNET_CRYPTO_cs_r_get_public (const struct GNUNET_CRYPTO_CsRSecret *r_priv, | |||
135 | } | 101 | } |
136 | 102 | ||
137 | 103 | ||
138 | /** | ||
139 | * Derives new random blinding factors. | ||
140 | * In original papers blinding factors are generated randomly | ||
141 | * To provide abort-idempotency, blinding factors need to be derived but still need to be UNPREDICTABLE | ||
142 | * To ensure unpredictability a new nonce has to be used. | ||
143 | * Uses HKDF internally | ||
144 | * | ||
145 | * @param secret is secret to derive blinding factors | ||
146 | * @param secret_len secret length | ||
147 | * @param[out] bs array containing the two derived blinding secrets | ||
148 | */ | ||
149 | void | 104 | void |
150 | GNUNET_CRYPTO_cs_blinding_secrets_derive (const struct | 105 | GNUNET_CRYPTO_cs_blinding_secrets_derive ( |
151 | GNUNET_CRYPTO_CsNonce *blind_seed, | 106 | const struct GNUNET_CRYPTO_CsNonce *blind_seed, |
152 | struct GNUNET_CRYPTO_CsBlindingSecret | 107 | struct GNUNET_CRYPTO_CsBlindingSecret bs[2]) |
153 | bs[2]) | ||
154 | { | 108 | { |
155 | GNUNET_assert (GNUNET_YES == | 109 | GNUNET_assert ( |
156 | GNUNET_CRYPTO_hkdf (bs, | 110 | GNUNET_YES == |
157 | sizeof (struct | 111 | GNUNET_CRYPTO_hkdf (bs, |
158 | GNUNET_CRYPTO_CsBlindingSecret) | 112 | sizeof (struct GNUNET_CRYPTO_CsBlindingSecret) * 2, |
159 | * 2, | 113 | GCRY_MD_SHA512, |
160 | GCRY_MD_SHA512, | 114 | GCRY_MD_SHA256, |
161 | GCRY_MD_SHA256, | 115 | "alphabeta", |
162 | "alphabeta", | 116 | strlen ("alphabeta"), |
163 | strlen ("alphabeta"), | 117 | blind_seed, |
164 | blind_seed, | 118 | sizeof(*blind_seed), |
165 | sizeof(*blind_seed), | 119 | NULL, |
166 | NULL, | 120 | 0)); |
167 | 0)); | ||
168 | map_to_scalar_subgroup (&bs[0].alpha); | 121 | map_to_scalar_subgroup (&bs[0].alpha); |
169 | map_to_scalar_subgroup (&bs[0].beta); | 122 | map_to_scalar_subgroup (&bs[0].beta); |
170 | map_to_scalar_subgroup (&bs[1].alpha); | 123 | map_to_scalar_subgroup (&bs[1].alpha); |
@@ -205,11 +158,16 @@ cs_full_domain_hash (const struct GNUNET_CRYPTO_CsRPublic *r_dash, | |||
205 | memcpy (r_m_concat, r_dash, sizeof(struct GNUNET_CRYPTO_CsRPublic)); | 158 | memcpy (r_m_concat, r_dash, sizeof(struct GNUNET_CRYPTO_CsRPublic)); |
206 | memcpy (r_m_concat + sizeof(struct GNUNET_CRYPTO_CsRPublic), msg, msg_len); | 159 | memcpy (r_m_concat + sizeof(struct GNUNET_CRYPTO_CsRPublic), msg, msg_len); |
207 | struct GNUNET_HashCode prehash; | 160 | struct GNUNET_HashCode prehash; |
208 | GNUNET_CRYPTO_hash (r_m_concat, r_m_concat_len, &prehash); | 161 | |
162 | GNUNET_CRYPTO_hash (r_m_concat, | ||
163 | r_m_concat_len, | ||
164 | &prehash); | ||
209 | 165 | ||
210 | // modulus converted to MPI representation | 166 | // modulus converted to MPI representation |
211 | gcry_mpi_t l_mpi; | 167 | gcry_mpi_t l_mpi; |
212 | GNUNET_CRYPTO_mpi_scan_unsigned (&l_mpi, L_BIG_ENDIAN, sizeof(L_BIG_ENDIAN)); | 168 | GNUNET_CRYPTO_mpi_scan_unsigned (&l_mpi, |
169 | L_BIG_ENDIAN, | ||
170 | sizeof(L_BIG_ENDIAN)); | ||
213 | 171 | ||
214 | // calculate full domain hash | 172 | // calculate full domain hash |
215 | gcry_mpi_t c_mpi; | 173 | gcry_mpi_t c_mpi; |
@@ -224,7 +182,9 @@ cs_full_domain_hash (const struct GNUNET_CRYPTO_CsRPublic *r_dash, | |||
224 | 182 | ||
225 | // convert c from mpi | 183 | // convert c from mpi |
226 | unsigned char c_big_endian[256 / 8]; | 184 | unsigned char c_big_endian[256 / 8]; |
227 | GNUNET_CRYPTO_mpi_print_unsigned (c_big_endian, sizeof(c_big_endian), c_mpi); | 185 | GNUNET_CRYPTO_mpi_print_unsigned (c_big_endian, |
186 | sizeof(c_big_endian), | ||
187 | c_mpi); | ||
228 | gcry_mpi_release (c_mpi); | 188 | gcry_mpi_release (c_mpi); |
229 | for (size_t i = 0; i<32; i++) | 189 | for (size_t i = 0; i<32; i++) |
230 | c->scalar.d[i] = c_big_endian[31 - i]; | 190 | c->scalar.d[i] = c_big_endian[31 - i]; |
@@ -266,28 +226,15 @@ calc_r_dash (const struct GNUNET_CRYPTO_CsBlindingSecret *bs, | |||
266 | } | 226 | } |
267 | 227 | ||
268 | 228 | ||
269 | /** | ||
270 | * Calculate two blinded c's | ||
271 | * Comment: One would be insecure due to Wagner's algorithm solving ROS | ||
272 | * | ||
273 | * @param bs array of the two blinding factor structs each containing alpha and beta | ||
274 | * @param r_pub array of the two signer's nonce R | ||
275 | * @param pub the public key of the signer | ||
276 | * @param msg the message to blind in preparation for signing | ||
277 | * @param msg_len length of message msg | ||
278 | * @param[out] blinded_c array of the two blinded c's | ||
279 | * @param[out] blinded_r_pub array of the two blinded R | ||
280 | */ | ||
281 | void | 229 | void |
282 | GNUNET_CRYPTO_cs_calc_blinded_c (const struct GNUNET_CRYPTO_CsBlindingSecret | 230 | GNUNET_CRYPTO_cs_calc_blinded_c ( |
283 | bs[2], | 231 | const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], |
284 | const struct GNUNET_CRYPTO_CsRPublic r_pub[2], | 232 | const struct GNUNET_CRYPTO_CsRPublic r_pub[2], |
285 | const struct GNUNET_CRYPTO_CsPublicKey *pub, | 233 | const struct GNUNET_CRYPTO_CsPublicKey *pub, |
286 | const void *msg, | 234 | const void *msg, |
287 | size_t msg_len, | 235 | size_t msg_len, |
288 | struct GNUNET_CRYPTO_CsC blinded_c[2], | 236 | struct GNUNET_CRYPTO_CsC blinded_c[2], |
289 | struct GNUNET_CRYPTO_CsRPublic | 237 | struct GNUNET_CRYPTO_CsRPublic blinded_r_pub[2]) |
290 | blinded_r_pub[2]) | ||
291 | { | 238 | { |
292 | // for i 0/1: R'i = Ri + alpha i*G + beta i*pub | 239 | // for i 0/1: R'i = Ri + alpha i*G + beta i*pub |
293 | calc_r_dash (&bs[0], &r_pub[0], pub, &blinded_r_pub[0]); | 240 | calc_r_dash (&bs[0], &r_pub[0], pub, &blinded_r_pub[0]); |
@@ -309,30 +256,13 @@ GNUNET_CRYPTO_cs_calc_blinded_c (const struct GNUNET_CRYPTO_CsBlindingSecret | |||
309 | } | 256 | } |
310 | 257 | ||
311 | 258 | ||
312 | /** | ||
313 | * Sign a blinded c | ||
314 | * This function derives b from a nonce and a longterm secret | ||
315 | * In original papers b is generated randomly | ||
316 | * To provide abort-idempotency, b needs to be derived but still need to be UNPREDICTABLE. | ||
317 | * To ensure unpredictability a new nonce has to be used for every signature | ||
318 | * HKDF is used internally for derivation | ||
319 | * r0 and r1 can be derived prior by using GNUNET_CRYPTO_cs_r_derive | ||
320 | * | ||
321 | * @param priv private key to use for the signing and as LTS in HKDF | ||
322 | * @param r array of the two secret nonce from the signer | ||
323 | * @param c array of the two blinded c to sign c_b | ||
324 | * @param nonce is a random nonce | ||
325 | * @param[out] blinded_signature_scalar where to write the signature | ||
326 | * @return 0 or 1 for b (see Clause Blind Signature Scheme) | ||
327 | */ | ||
328 | unsigned int | 259 | unsigned int |
329 | GNUNET_CRYPTO_cs_sign_derive (const struct GNUNET_CRYPTO_CsPrivateKey *priv, | 260 | GNUNET_CRYPTO_cs_sign_derive ( |
330 | const struct GNUNET_CRYPTO_CsRSecret r[2], | 261 | const struct GNUNET_CRYPTO_CsPrivateKey *priv, |
331 | const struct GNUNET_CRYPTO_CsC c[2], | 262 | const struct GNUNET_CRYPTO_CsRSecret r[2], |
332 | const struct GNUNET_CRYPTO_CsNonce *nonce, | 263 | const struct GNUNET_CRYPTO_CsC c[2], |
333 | struct GNUNET_CRYPTO_CsBlindS * | 264 | const struct GNUNET_CRYPTO_CsNonce *nonce, |
334 | blinded_signature_scalar | 265 | struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar) |
335 | ) | ||
336 | { | 266 | { |
337 | uint32_t hkdf_out; | 267 | uint32_t hkdf_out; |
338 | 268 | ||
@@ -365,18 +295,11 @@ GNUNET_CRYPTO_cs_sign_derive (const struct GNUNET_CRYPTO_CsPrivateKey *priv, | |||
365 | } | 295 | } |
366 | 296 | ||
367 | 297 | ||
368 | /** | ||
369 | * Unblind a blind-signed signature using a c that was blinded | ||
370 | * | ||
371 | * @param blinded_signature_scalar the signature made on the blinded c | ||
372 | * @param bs the blinding factors used in the blinding | ||
373 | * @param[out] signature_scalar where to write the unblinded signature | ||
374 | */ | ||
375 | void | 298 | void |
376 | GNUNET_CRYPTO_cs_unblind (const struct | 299 | GNUNET_CRYPTO_cs_unblind ( |
377 | GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, | 300 | const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, |
378 | const struct GNUNET_CRYPTO_CsBlindingSecret *bs, | 301 | const struct GNUNET_CRYPTO_CsBlindingSecret *bs, |
379 | struct GNUNET_CRYPTO_CsS *signature_scalar) | 302 | struct GNUNET_CRYPTO_CsS *signature_scalar) |
380 | { | 303 | { |
381 | crypto_core_ed25519_scalar_add (signature_scalar->scalar.d, | 304 | crypto_core_ed25519_scalar_add (signature_scalar->scalar.d, |
382 | blinded_signature_scalar->scalar.d, | 305 | blinded_signature_scalar->scalar.d, |
@@ -384,16 +307,6 @@ GNUNET_CRYPTO_cs_unblind (const struct | |||
384 | } | 307 | } |
385 | 308 | ||
386 | 309 | ||
387 | /** | ||
388 | * Verify whether the given message corresponds to the given signature and the | ||
389 | * signature is valid with respect to the given public key. | ||
390 | * | ||
391 | * @param sig signature that is being validated | ||
392 | * @param pub public key of the signer | ||
393 | * @param msg is the message that should be signed by @a sig (message is used to calculate c) | ||
394 | * @param msg_len is the message length | ||
395 | * @returns #GNUNET_YES on success, #GNUNET_SYSERR if signature invalid | ||
396 | */ | ||
397 | enum GNUNET_GenericReturnValue | 310 | enum GNUNET_GenericReturnValue |
398 | GNUNET_CRYPTO_cs_verify (const struct GNUNET_CRYPTO_CsSignature *sig, | 311 | GNUNET_CRYPTO_cs_verify (const struct GNUNET_CRYPTO_CsSignature *sig, |
399 | const struct GNUNET_CRYPTO_CsPublicKey *pub, | 312 | const struct GNUNET_CRYPTO_CsPublicKey *pub, |
@@ -402,7 +315,12 @@ GNUNET_CRYPTO_cs_verify (const struct GNUNET_CRYPTO_CsSignature *sig, | |||
402 | { | 315 | { |
403 | // calculate c' = H(R, m) | 316 | // calculate c' = H(R, m) |
404 | struct GNUNET_CRYPTO_CsC c_dash; | 317 | struct GNUNET_CRYPTO_CsC c_dash; |
405 | cs_full_domain_hash (&sig->r_point, msg, msg_len, pub, &c_dash); | 318 | |
319 | cs_full_domain_hash (&sig->r_point, | ||
320 | msg, | ||
321 | msg_len, | ||
322 | pub, | ||
323 | &c_dash); | ||
406 | 324 | ||
407 | // s'G ?= R' + c' pub | 325 | // s'G ?= R' + c' pub |
408 | struct GNUNET_CRYPTO_Cs25519Point sig_scal_mul_base; | 326 | struct GNUNET_CRYPTO_Cs25519Point sig_scal_mul_base; |
diff --git a/src/util/crypto_hash.c b/src/util/crypto_hash.c index dcd46e5f9..f516f5474 100644 --- a/src/util/crypto_hash.c +++ b/src/util/crypto_hash.c | |||
@@ -76,7 +76,8 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc, | |||
76 | char upper_enc[enclen]; | 76 | char upper_enc[enclen]; |
77 | char *up_ptr = upper_enc; | 77 | char *up_ptr = upper_enc; |
78 | 78 | ||
79 | GNUNET_STRINGS_utf8_toupper (enc, up_ptr); | 79 | if (GNUNET_OK != GNUNET_STRINGS_utf8_toupper (enc, up_ptr)) |
80 | return GNUNET_SYSERR; | ||
80 | 81 | ||
81 | return GNUNET_STRINGS_string_to_data (upper_enc, enclen, | 82 | return GNUNET_STRINGS_string_to_data (upper_enc, enclen, |
82 | (unsigned char *) result, | 83 | (unsigned char *) result, |
diff --git a/src/util/dnsstub.c b/src/util/dnsstub.c index 1ac274c92..c2f2a441f 100644 --- a/src/util/dnsstub.c +++ b/src/util/dnsstub.c | |||
@@ -324,24 +324,50 @@ do_dns_read (struct GNUNET_DNSSTUB_RequestSocket *rs, | |||
324 | found = GNUNET_NO; | 324 | found = GNUNET_NO; |
325 | for (struct DnsServer *ds = ctx->dns_head; NULL != ds; ds = ds->next) | 325 | for (struct DnsServer *ds = ctx->dns_head; NULL != ds; ds = ds->next) |
326 | { | 326 | { |
327 | if (0 == memcmp (&addr, | 327 | if (ds->ss.ss_family != addr.ss_family) |
328 | &ds->ss, | 328 | continue; |
329 | GNUNET_MIN (sizeof(struct sockaddr_storage), addrlen))) | 329 | if (addr.ss_family == AF_INET) |
330 | { | 330 | { |
331 | found = GNUNET_YES; | 331 | struct sockaddr_in *v4 = (struct sockaddr_in *) &addr; |
332 | break; | 332 | struct sockaddr_in *ds_v4 = (struct sockaddr_in *) &ds->ss; |
333 | |||
334 | |||
335 | if ((0 == memcmp (&v4->sin_addr, | ||
336 | &ds_v4->sin_addr, | ||
337 | sizeof(struct sockaddr_in))) && | ||
338 | (v4->sin_port == ds_v4->sin_port)) | ||
339 | { | ||
340 | found = GNUNET_YES; | ||
341 | break; | ||
342 | } | ||
343 | } | ||
344 | else | ||
345 | { | ||
346 | struct sockaddr_in6 *v6 = (struct sockaddr_in6 *) &addr; | ||
347 | struct sockaddr_in6 *ds_v6 = (struct sockaddr_in6 *) &ds->ss; | ||
348 | |||
349 | if (0 == memcmp (&v6->sin6_addr, | ||
350 | &ds_v6->sin6_addr, | ||
351 | sizeof (v6->sin6_addr)) && | ||
352 | (v6->sin6_port == ds_v6->sin6_port)) | ||
353 | { | ||
354 | found = GNUNET_YES; | ||
355 | break; | ||
356 | } | ||
357 | |||
333 | } | 358 | } |
334 | } | 359 | } |
335 | if (GNUNET_NO == found) | 360 | if (GNUNET_NO == found) |
336 | { | 361 | { |
337 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 362 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
338 | "Received DNS response from server we never asked (ignored)"); | 363 | "Received DNS response from server we never asked (ignored)\n"); |
364 | |||
339 | return GNUNET_NO; | 365 | return GNUNET_NO; |
340 | } | 366 | } |
341 | if (sizeof(struct GNUNET_TUN_DnsHeader) > (size_t) r) | 367 | if (sizeof(struct GNUNET_TUN_DnsHeader) > (size_t) r) |
342 | { | 368 | { |
343 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 369 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
344 | _ ("Received DNS response that is too small (%u bytes)"), | 370 | _ ("Received DNS response that is too small (%u bytes)\n"), |
345 | (unsigned int) r); | 371 | (unsigned int) r); |
346 | return GNUNET_NO; | 372 | return GNUNET_NO; |
347 | } | 373 | } |
@@ -648,7 +674,7 @@ GNUNET_DNSSTUB_add_dns_sa (struct GNUNET_DNSSTUB_Context *ctx, | |||
648 | ds = GNUNET_new (struct DnsServer); | 674 | ds = GNUNET_new (struct DnsServer); |
649 | switch (sa->sa_family) | 675 | switch (sa->sa_family) |
650 | { | 676 | { |
651 | case AF_INET: | 677 | case AF_INET : |
652 | GNUNET_memcpy (&ds->ss, sa, sizeof(struct sockaddr_in)); | 678 | GNUNET_memcpy (&ds->ss, sa, sizeof(struct sockaddr_in)); |
653 | break; | 679 | break; |
654 | 680 | ||
diff --git a/src/util/getopt_helpers.c b/src/util/getopt_helpers.c index 917aa440b..96aee40e3 100644 --- a/src/util/getopt_helpers.c +++ b/src/util/getopt_helpers.c | |||
@@ -174,7 +174,8 @@ OUTER: | |||
174 | i++; | 174 | i++; |
175 | } | 175 | } |
176 | pd = GNUNET_OS_project_data_get (); | 176 | pd = GNUNET_OS_project_data_get (); |
177 | printf ("Report bugs to %s.\n" | 177 | printf ("\n" |
178 | "Report bugs to %s.\n" | ||
178 | "Home page: %s\n", | 179 | "Home page: %s\n", |
179 | pd->bug_email, | 180 | pd->bug_email, |
180 | pd->homepage); | 181 | pd->homepage); |
diff --git a/src/util/gnunet-crypto-tvg.c b/src/util/gnunet-crypto-tvg.c index 6b2a7f472..0071f3e90 100644 --- a/src/util/gnunet-crypto-tvg.c +++ b/src/util/gnunet-crypto-tvg.c | |||
@@ -852,7 +852,7 @@ checkvec (const char *operation, | |||
852 | return GNUNET_SYSERR; | 852 | return GNUNET_SYSERR; |
853 | } | 853 | } |
854 | 854 | ||
855 | if ((b != 1)&& (b != 0)) | 855 | if ((b != 1) && (b != 0)) |
856 | { | 856 | { |
857 | GNUNET_break (0); | 857 | GNUNET_break (0); |
858 | return GNUNET_SYSERR; | 858 | return GNUNET_SYSERR; |
@@ -869,9 +869,14 @@ checkvec (const char *operation, | |||
869 | unsigned int b_comp; | 869 | unsigned int b_comp; |
870 | 870 | ||
871 | 871 | ||
872 | GNUNET_CRYPTO_cs_r_derive (&nonce, &priv, r_priv_comp); | 872 | GNUNET_CRYPTO_cs_r_derive (&nonce, |
873 | GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[0], &r_pub_comp[0]); | 873 | "rw", |
874 | GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[1], &r_pub_comp[1]); | 874 | &priv, |
875 | r_priv_comp); | ||
876 | GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[0], | ||
877 | &r_pub_comp[0]); | ||
878 | GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[1], | ||
879 | &r_pub_comp[1]); | ||
875 | GNUNET_assert (0 == memcmp (&r_priv_comp, | 880 | GNUNET_assert (0 == memcmp (&r_priv_comp, |
876 | &r_priv, | 881 | &r_priv, |
877 | sizeof(struct GNUNET_CRYPTO_CsRSecret) * 2)); | 882 | sizeof(struct GNUNET_CRYPTO_CsRSecret) * 2)); |
@@ -1316,9 +1321,14 @@ output_vectors () | |||
1316 | strlen ("nonce_secret"), | 1321 | strlen ("nonce_secret"), |
1317 | NULL, | 1322 | NULL, |
1318 | 0)); | 1323 | 0)); |
1319 | GNUNET_CRYPTO_cs_r_derive (&nonce, &priv, r_priv); | 1324 | GNUNET_CRYPTO_cs_r_derive (&nonce, |
1320 | GNUNET_CRYPTO_cs_r_get_public (&r_priv[0], &r_pub[0]); | 1325 | "rw", |
1321 | GNUNET_CRYPTO_cs_r_get_public (&r_priv[1], &r_pub[1]); | 1326 | &priv, |
1327 | r_priv); | ||
1328 | GNUNET_CRYPTO_cs_r_get_public (&r_priv[0], | ||
1329 | &r_pub[0]); | ||
1330 | GNUNET_CRYPTO_cs_r_get_public (&r_priv[1], | ||
1331 | &r_pub[1]); | ||
1322 | GNUNET_CRYPTO_cs_blinding_secrets_derive (&nonce, | 1332 | GNUNET_CRYPTO_cs_blinding_secrets_derive (&nonce, |
1323 | bs); | 1333 | bs); |
1324 | GNUNET_CRYPTO_cs_calc_blinded_c (bs, | 1334 | GNUNET_CRYPTO_cs_calc_blinded_c (bs, |
diff --git a/src/util/network.c b/src/util/network.c index 688c37665..2f77bc54e 100644 --- a/src/util/network.c +++ b/src/util/network.c | |||
@@ -350,7 +350,8 @@ initialize_network_handle (struct GNUNET_NETWORK_Handle *h, | |||
350 | 350 | ||
351 | if (h->fd >= FD_SETSIZE) | 351 | if (h->fd >= FD_SETSIZE) |
352 | { | 352 | { |
353 | GNUNET_break (GNUNET_OK == GNUNET_NETWORK_socket_close (h)); | 353 | GNUNET_break (GNUNET_OK == |
354 | GNUNET_NETWORK_socket_close (h)); | ||
354 | errno = EMFILE; | 355 | errno = EMFILE; |
355 | return GNUNET_SYSERR; | 356 | return GNUNET_SYSERR; |
356 | } | 357 | } |
diff --git a/src/util/plugin.c b/src/util/plugin.c index 39874a588..6ee41eec9 100644 --- a/src/util/plugin.c +++ b/src/util/plugin.c | |||
@@ -289,12 +289,12 @@ GNUNET_PLUGIN_unload (const char *library_name, | |||
289 | done = resolve_function (pos, | 289 | done = resolve_function (pos, |
290 | "done"); | 290 | "done"); |
291 | ret = NULL; | 291 | ret = NULL; |
292 | if (NULL != done) | ||
293 | ret = done (arg); | ||
294 | if (NULL == prev) | 292 | if (NULL == prev) |
295 | plugins = pos->next; | 293 | plugins = pos->next; |
296 | else | 294 | else |
297 | prev->next = pos->next; | 295 | prev->next = pos->next; |
296 | if (NULL != done) | ||
297 | ret = done (arg); | ||
298 | lt_dlclose (pos->handle); | 298 | lt_dlclose (pos->handle); |
299 | GNUNET_free (pos->name); | 299 | GNUNET_free (pos->name); |
300 | GNUNET_free (pos); | 300 | GNUNET_free (pos); |
diff --git a/src/util/strings.c b/src/util/strings.c index ece096f72..7e218cc59 100644 --- a/src/util/strings.c +++ b/src/util/strings.c | |||
@@ -390,7 +390,7 @@ GNUNET_STRINGS_conv (const char *input, | |||
390 | ret[encoded_string_length] = '\0'; | 390 | ret[encoded_string_length] = '\0'; |
391 | free (encoded_string); | 391 | free (encoded_string); |
392 | return ret; | 392 | return ret; |
393 | fail: | 393 | fail: |
394 | LOG (GNUNET_ERROR_TYPE_WARNING, | 394 | LOG (GNUNET_ERROR_TYPE_WARNING, |
395 | _ ("Character sets requested were `%s'->`%s'\n"), | 395 | _ ("Character sets requested were `%s'->`%s'\n"), |
396 | "UTF-8", | 396 | "UTF-8", |
@@ -426,24 +426,27 @@ GNUNET_STRINGS_from_utf8 (const char *input, | |||
426 | } | 426 | } |
427 | 427 | ||
428 | 428 | ||
429 | void | 429 | char * |
430 | GNUNET_STRINGS_utf8_normalize (const char *input, | 430 | GNUNET_STRINGS_utf8_normalize (const char *input) |
431 | char *output) | ||
432 | { | 431 | { |
433 | uint8_t *tmp; | 432 | uint8_t *tmp; |
434 | size_t len; | 433 | size_t len; |
435 | 434 | char *output; | |
436 | tmp = u8_normalize (UNINORM_NFC, | 435 | tmp = u8_normalize (UNINORM_NFC, |
437 | (uint8_t *) input, | 436 | (uint8_t *) input, |
438 | strlen ((char*) input), | 437 | strlen ((char*) input), |
439 | NULL, | 438 | NULL, |
440 | &len); | 439 | &len); |
440 | if (NULL == tmp) | ||
441 | return NULL; | ||
442 | output = GNUNET_malloc (len + 1); | ||
441 | GNUNET_memcpy (output, tmp, len); | 443 | GNUNET_memcpy (output, tmp, len); |
442 | output[len] = '\0'; | 444 | output[len] = '\0'; |
443 | free (tmp); | 445 | free (tmp); |
446 | return output; | ||
444 | } | 447 | } |
445 | 448 | ||
446 | void | 449 | enum GNUNET_GenericReturnValue |
447 | GNUNET_STRINGS_utf8_tolower (const char *input, | 450 | GNUNET_STRINGS_utf8_tolower (const char *input, |
448 | char *output) | 451 | char *output) |
449 | { | 452 | { |
@@ -456,13 +459,16 @@ GNUNET_STRINGS_utf8_tolower (const char *input, | |||
456 | UNINORM_NFD, | 459 | UNINORM_NFD, |
457 | NULL, | 460 | NULL, |
458 | &len); | 461 | &len); |
462 | if (NULL == tmp_in) | ||
463 | return GNUNET_SYSERR; | ||
459 | GNUNET_memcpy (output, tmp_in, len); | 464 | GNUNET_memcpy (output, tmp_in, len); |
460 | output[len] = '\0'; | 465 | output[len] = '\0'; |
461 | free (tmp_in); | 466 | GNUNET_free (tmp_in); |
467 | return GNUNET_OK; | ||
462 | } | 468 | } |
463 | 469 | ||
464 | 470 | ||
465 | void | 471 | enum GNUNET_GenericReturnValue |
466 | GNUNET_STRINGS_utf8_toupper (const char *input, | 472 | GNUNET_STRINGS_utf8_toupper (const char *input, |
467 | char *output) | 473 | char *output) |
468 | { | 474 | { |
@@ -475,9 +481,13 @@ GNUNET_STRINGS_utf8_toupper (const char *input, | |||
475 | UNINORM_NFD, | 481 | UNINORM_NFD, |
476 | NULL, | 482 | NULL, |
477 | &len); | 483 | &len); |
484 | if (NULL == tmp_in) | ||
485 | return GNUNET_SYSERR; | ||
486 | /* 0-terminator does not fit */ | ||
478 | GNUNET_memcpy (output, tmp_in, len); | 487 | GNUNET_memcpy (output, tmp_in, len); |
479 | output[len] = '\0'; | 488 | output[len] = '\0'; |
480 | free (tmp_in); | 489 | GNUNET_free (tmp_in); |
490 | return GNUNET_OK; | ||
481 | } | 491 | } |
482 | 492 | ||
483 | 493 | ||
@@ -1604,7 +1614,7 @@ GNUNET_STRINGS_base64_encode (const void *in, | |||
1604 | char *opt; | 1614 | char *opt; |
1605 | 1615 | ||
1606 | ret = 0; | 1616 | ret = 0; |
1607 | GNUNET_assert (len < SIZE_MAX / 4 * 3 ); | 1617 | GNUNET_assert (len < SIZE_MAX / 4 * 3); |
1608 | opt = GNUNET_malloc (2 + (len * 4 / 3) + 8); | 1618 | opt = GNUNET_malloc (2 + (len * 4 / 3) + 8); |
1609 | for (size_t i = 0; i < len; ++i) | 1619 | for (size_t i = 0; i < len; ++i) |
1610 | { | 1620 | { |
@@ -1741,7 +1751,7 @@ GNUNET_STRINGS_base64_decode (const char *data, | |||
1741 | output[ret++] = c; | 1751 | output[ret++] = c; |
1742 | } | 1752 | } |
1743 | } | 1753 | } |
1744 | END: | 1754 | END: |
1745 | *out = output; | 1755 | *out = output; |
1746 | return ret; | 1756 | return ret; |
1747 | } | 1757 | } |
@@ -1803,12 +1813,19 @@ GNUNET_STRINGS_urldecode (const char *data, | |||
1803 | char *wpos = *out; | 1813 | char *wpos = *out; |
1804 | size_t resl = 0; | 1814 | size_t resl = 0; |
1805 | 1815 | ||
1806 | while ('\0' != *rpos) | 1816 | while ( ('\0' != *rpos) && |
1817 | (data + len != rpos) ) | ||
1807 | { | 1818 | { |
1808 | unsigned int num; | 1819 | unsigned int num; |
1809 | switch (*rpos) | 1820 | switch (*rpos) |
1810 | { | 1821 | { |
1811 | case '%': | 1822 | case '%': |
1823 | if (rpos + 3 > data + len) | ||
1824 | { | ||
1825 | GNUNET_break_op (0); | ||
1826 | GNUNET_free (*out); | ||
1827 | return 0; | ||
1828 | } | ||
1812 | if (1 != sscanf (rpos + 1, "%2x", &num)) | 1829 | if (1 != sscanf (rpos + 1, "%2x", &num)) |
1813 | break; | 1830 | break; |
1814 | *wpos = (char) ((unsigned char) num); | 1831 | *wpos = (char) ((unsigned char) num); |
diff --git a/src/util/test_crypto_cs.c b/src/util/test_crypto_cs.c index d3406516e..914ded9bc 100644 --- a/src/util/test_crypto_cs.c +++ b/src/util/test_crypto_cs.c | |||
@@ -1,6 +1,6 @@ | |||
1 | /* | 1 | /* |
2 | This file is part of GNUnet | 2 | This file is part of GNUnet |
3 | Copyright (C) 2014,2015 GNUnet e.V. | 3 | Copyright (C) 2021,2022 GNUnet e.V. |
4 | 4 | ||
5 | GNUnet is free software: you can redistribute it and/or modify it | 5 | GNUnet is free software: you can redistribute it and/or modify it |
6 | under the terms of the GNU Affero General Public License as published | 6 | under the terms of the GNU Affero General Public License as published |
@@ -30,148 +30,168 @@ | |||
30 | 30 | ||
31 | #define ITER 25 | 31 | #define ITER 25 |
32 | 32 | ||
33 | void | 33 | static void |
34 | test_create_priv (struct GNUNET_CRYPTO_CsPrivateKey *priv) | 34 | test_create_priv (struct GNUNET_CRYPTO_CsPrivateKey *priv) |
35 | { | 35 | { |
36 | /* TEST 1 | 36 | /* TEST 1 |
37 | * Check that privkey is set | 37 | * Check that privkey is set |
38 | */ | 38 | */ |
39 | struct GNUNET_CRYPTO_CsPrivateKey other_priv; | 39 | struct GNUNET_CRYPTO_CsPrivateKey other_priv; |
40 | memcpy (&other_priv.scalar, &priv->scalar, sizeof(other_priv.scalar)); | ||
41 | 40 | ||
41 | other_priv = *priv; | ||
42 | GNUNET_CRYPTO_cs_private_key_generate (priv); | 42 | GNUNET_CRYPTO_cs_private_key_generate (priv); |
43 | 43 | GNUNET_assert (0 != | |
44 | GNUNET_assert (0 != memcmp (&other_priv.scalar, | 44 | GNUNET_memcmp (&other_priv.scalar, |
45 | &priv->scalar, | 45 | &priv->scalar)); |
46 | sizeof(other_priv.scalar))); | ||
47 | } | 46 | } |
48 | 47 | ||
49 | 48 | ||
50 | void | 49 | static void |
51 | test_generate_pub (const struct GNUNET_CRYPTO_CsPrivateKey *priv, | 50 | test_generate_pub (const struct GNUNET_CRYPTO_CsPrivateKey *priv, |
52 | struct GNUNET_CRYPTO_CsPublicKey *pub) | 51 | struct GNUNET_CRYPTO_CsPublicKey *pub) |
53 | { | 52 | { |
54 | /* TEST 1 | 53 | /* TEST 1 |
55 | * Check that pubkey is set | 54 | * Check that pubkey is set |
56 | */ | 55 | */ |
57 | struct GNUNET_CRYPTO_CsPublicKey other_pub; | 56 | struct GNUNET_CRYPTO_CsPublicKey other_pub; |
58 | memcpy (&other_pub.point, &pub->point, sizeof(other_pub.point)); | ||
59 | |||
60 | GNUNET_CRYPTO_cs_private_key_get_public (priv, pub); | ||
61 | 57 | ||
62 | GNUNET_assert (0 != memcmp (&other_pub.point, | 58 | other_pub = *pub; |
63 | &pub->point, | 59 | GNUNET_CRYPTO_cs_private_key_get_public (priv, |
64 | sizeof(other_pub.point))); | 60 | pub); |
61 | GNUNET_assert (0 != | ||
62 | GNUNET_memcmp (&other_pub.point, | ||
63 | &pub->point)); | ||
65 | 64 | ||
66 | /* TEST 2 | 65 | /* TEST 2 |
67 | * Check that pubkey is a valid point | 66 | * Check that pubkey is a valid point |
68 | */ | 67 | */ |
69 | GNUNET_assert (1 == crypto_core_ed25519_is_valid_point (pub->point.y)); | 68 | GNUNET_assert (1 == |
69 | crypto_core_ed25519_is_valid_point (pub->point.y)); | ||
70 | 70 | ||
71 | /* TEST 3 | 71 | /* TEST 3 |
72 | * Check if function gives the same result for the same output | 72 | * Check if function gives the same result for the same output |
73 | */ | 73 | */ |
74 | memcpy (&other_pub.point, &pub->point, sizeof(other_pub.point)); | 74 | other_pub = *pub; |
75 | 75 | for (unsigned int i = 0; i<ITER; i++) | |
76 | for (int i = 0; i<ITER; i++) { | 76 | { |
77 | GNUNET_CRYPTO_cs_private_key_get_public (priv, pub); | 77 | GNUNET_CRYPTO_cs_private_key_get_public (priv, |
78 | GNUNET_assert (0 == memcmp (&other_pub.point, | 78 | pub); |
79 | &pub->point, | 79 | GNUNET_assert (0 == |
80 | sizeof(other_pub.point))); | 80 | GNUNET_memcmp (&other_pub.point, |
81 | &pub->point)); | ||
81 | } | 82 | } |
82 | } | 83 | } |
83 | 84 | ||
84 | 85 | ||
85 | void | 86 | static void |
86 | test_derive_rsecret (const struct GNUNET_CRYPTO_CsNonce *nonce, | 87 | test_derive_rsecret (const struct GNUNET_CRYPTO_CsNonce *nonce, |
87 | const struct GNUNET_CRYPTO_CsPrivateKey *priv, | 88 | const struct GNUNET_CRYPTO_CsPrivateKey *priv, |
88 | struct GNUNET_CRYPTO_CsRSecret r[2]) | 89 | struct GNUNET_CRYPTO_CsRSecret r[2]) |
89 | { | 90 | { |
90 | /* TEST 1 | 91 | /* TEST 1 |
91 | * Check that r are set | 92 | * Check that r are set |
92 | */ | 93 | */ |
93 | struct GNUNET_CRYPTO_CsPrivateKey other_r[2]; | 94 | struct GNUNET_CRYPTO_CsPrivateKey other_r[2]; |
94 | memcpy (&other_r[0], &r[0], sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2); | ||
95 | 95 | ||
96 | GNUNET_CRYPTO_cs_r_derive (nonce, priv, r); | 96 | memcpy (other_r, |
97 | 97 | r, | |
98 | GNUNET_assert (0 != memcmp (&other_r[0], | 98 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2); |
99 | &r[0], | 99 | GNUNET_CRYPTO_cs_r_derive (nonce, |
100 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2)); | 100 | "nw", |
101 | priv, | ||
102 | r); | ||
103 | GNUNET_assert (0 != | ||
104 | memcmp (&other_r[0], | ||
105 | &r[0], | ||
106 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2)); | ||
101 | 107 | ||
102 | /* TEST 2 | 108 | /* TEST 2 |
103 | * Check if function gives the same result for the same input. | 109 | * Check if function gives the same result for the same input. |
104 | * This test ensures that the derivation is deterministic. | 110 | * This test ensures that the derivation is deterministic. |
105 | */ | 111 | */ |
106 | memcpy (&other_r[0], &r[0], sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2); | 112 | memcpy (other_r, |
107 | for (int i = 0; i<ITER; i++) { | 113 | r, |
108 | GNUNET_CRYPTO_cs_r_derive (nonce, priv, r); | 114 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2); |
109 | GNUNET_assert (0 == memcmp (&other_r[0], | 115 | for (unsigned int i = 0; i<ITER; i++) |
110 | &r[0], | 116 | { |
111 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2)); | 117 | GNUNET_CRYPTO_cs_r_derive (nonce, |
118 | "nw", | ||
119 | priv, | ||
120 | r); | ||
121 | GNUNET_assert (0 == | ||
122 | memcmp (other_r, | ||
123 | r, | ||
124 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2)); | ||
112 | } | 125 | } |
113 | } | 126 | } |
114 | 127 | ||
115 | 128 | ||
116 | void | 129 | static void |
117 | test_generate_rpublic (const struct GNUNET_CRYPTO_CsRSecret *r_priv, | 130 | test_generate_rpublic (const struct GNUNET_CRYPTO_CsRSecret *r_priv, |
118 | struct GNUNET_CRYPTO_CsRPublic *r_pub) | 131 | struct GNUNET_CRYPTO_CsRPublic *r_pub) |
119 | { | 132 | { |
120 | /* TEST 1 | 133 | /* TEST 1 |
121 | * Check that r_pub is set | 134 | * Check that r_pub is set |
122 | */ | 135 | */ |
123 | struct GNUNET_CRYPTO_CsRPublic other_r_pub; | 136 | struct GNUNET_CRYPTO_CsRPublic other_r_pub; |
124 | memcpy (&other_r_pub.point, &r_pub->point, sizeof(other_r_pub.point)); | ||
125 | |||
126 | GNUNET_CRYPTO_cs_r_get_public (r_priv, r_pub); | ||
127 | |||
128 | GNUNET_assert (0 != memcmp (&other_r_pub.point, | ||
129 | &r_pub->point, | ||
130 | sizeof(other_r_pub.point))); | ||
131 | 137 | ||
138 | other_r_pub = *r_pub; | ||
139 | GNUNET_CRYPTO_cs_r_get_public (r_priv, | ||
140 | r_pub); | ||
141 | GNUNET_assert (0 != | ||
142 | GNUNET_memcmp (&other_r_pub.point, | ||
143 | &r_pub->point)); | ||
132 | /* TEST 2 | 144 | /* TEST 2 |
133 | * Check that r_pub is a valid point | 145 | * Check that r_pub is a valid point |
134 | */ | 146 | */ |
135 | GNUNET_assert (1 == crypto_core_ed25519_is_valid_point (r_pub->point.y)); | 147 | GNUNET_assert (1 == |
148 | crypto_core_ed25519_is_valid_point (r_pub->point.y)); | ||
136 | 149 | ||
137 | /* TEST 3 | 150 | /* TEST 3 |
138 | * Check if function gives the same result for the same output | 151 | * Check if function gives the same result for the same output |
139 | */ | 152 | */ |
140 | memcpy (&other_r_pub.point, &r_pub->point, sizeof(other_r_pub.point)); | 153 | other_r_pub.point = r_pub->point; |
141 | for (int i = 0; i<ITER; i++) { | 154 | for (int i = 0; i<ITER; i++) |
142 | GNUNET_CRYPTO_cs_r_get_public (r_priv, r_pub); | 155 | { |
143 | GNUNET_assert (0 == memcmp (&other_r_pub.point, | 156 | GNUNET_CRYPTO_cs_r_get_public (r_priv, |
144 | &r_pub->point, | 157 | r_pub); |
145 | sizeof(other_r_pub.point))); | 158 | GNUNET_assert (0 == |
159 | GNUNET_memcmp (&other_r_pub.point, | ||
160 | &r_pub->point)); | ||
146 | } | 161 | } |
147 | } | 162 | } |
148 | 163 | ||
149 | 164 | ||
150 | void | 165 | static void |
151 | test_derive_blindingsecrets (const struct GNUNET_CRYPTO_CsNonce *blind_seed, | 166 | test_derive_blindingsecrets (const struct GNUNET_CRYPTO_CsNonce *blind_seed, |
152 | struct GNUNET_CRYPTO_CsBlindingSecret bs[2]) | 167 | struct GNUNET_CRYPTO_CsBlindingSecret bs[2]) |
153 | { | 168 | { |
154 | /* TEST 1 | 169 | /* TEST 1 |
155 | * Check that blinding secrets are set | 170 | * Check that blinding secrets are set |
156 | */ | 171 | */ |
157 | struct GNUNET_CRYPTO_CsBlindingSecret other_bs[2]; | 172 | struct GNUNET_CRYPTO_CsBlindingSecret other_bs[2]; |
158 | memcpy (&other_bs[0], &bs[0], sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) | 173 | |
159 | * 2); | 174 | memcpy (other_bs, |
175 | bs, | ||
176 | sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) * 2); | ||
160 | 177 | ||
161 | GNUNET_CRYPTO_cs_blinding_secrets_derive (blind_seed, bs); | 178 | GNUNET_CRYPTO_cs_blinding_secrets_derive (blind_seed, bs); |
162 | 179 | ||
163 | GNUNET_assert (0 != memcmp (&other_bs[0], | 180 | GNUNET_assert (0 != |
164 | &bs[0], | 181 | memcmp (other_bs, |
165 | sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) | 182 | bs, |
166 | * 2)); | 183 | sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) |
184 | * 2)); | ||
167 | 185 | ||
168 | /* TEST 2 | 186 | /* TEST 2 |
169 | * Check if function gives the same result for the same input. | 187 | * Check if function gives the same result for the same input. |
170 | * This test ensures that the derivation is deterministic. | 188 | * This test ensures that the derivation is deterministic. |
171 | */ | 189 | */ |
172 | memcpy (&other_bs[0], &bs[0], sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) | 190 | memcpy (other_bs, |
173 | * 2); | 191 | bs, |
174 | for (int i = 0; i<ITER; i++) { | 192 | sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) * 2); |
193 | for (unsigned int i = 0; i<ITER; i++) | ||
194 | { | ||
175 | GNUNET_CRYPTO_cs_blinding_secrets_derive (blind_seed, bs); | 195 | GNUNET_CRYPTO_cs_blinding_secrets_derive (blind_seed, bs); |
176 | GNUNET_assert (0 == memcmp (&other_bs[0], | 196 | GNUNET_assert (0 == memcmp (&other_bs[0], |
177 | &bs[0], | 197 | &bs[0], |
@@ -181,19 +201,20 @@ test_derive_blindingsecrets (const struct GNUNET_CRYPTO_CsNonce *blind_seed, | |||
181 | } | 201 | } |
182 | 202 | ||
183 | 203 | ||
184 | void | 204 | static void |
185 | test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], | 205 | test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], |
186 | const struct GNUNET_CRYPTO_CsRPublic r_pub[2], | 206 | const struct GNUNET_CRYPTO_CsRPublic r_pub[2], |
187 | const struct GNUNET_CRYPTO_CsPublicKey *pub, | 207 | const struct GNUNET_CRYPTO_CsPublicKey *pub, |
188 | const void *msg, | 208 | const void *msg, |
189 | size_t msg_len, | 209 | size_t msg_len, |
190 | struct GNUNET_CRYPTO_CsC blinded_cs[2], | 210 | struct GNUNET_CRYPTO_CsC blinded_cs[2], |
191 | struct GNUNET_CRYPTO_CsRPublic blinded_r_pub[2]) | 211 | struct GNUNET_CRYPTO_CsRPublic blinded_r_pub[2]) |
192 | { | 212 | { |
193 | /* TEST 1 | 213 | /* TEST 1 |
194 | * Check that the blinded c's and blinded r's | 214 | * Check that the blinded c's and blinded r's |
195 | */ | 215 | */ |
196 | struct GNUNET_CRYPTO_CsC other_blinded_c[2]; | 216 | struct GNUNET_CRYPTO_CsC other_blinded_c[2]; |
217 | |||
197 | memcpy (&other_blinded_c[0], | 218 | memcpy (&other_blinded_c[0], |
198 | &blinded_cs[0], | 219 | &blinded_cs[0], |
199 | sizeof(struct GNUNET_CRYPTO_CsC) * 2); | 220 | sizeof(struct GNUNET_CRYPTO_CsC) * 2); |
@@ -222,7 +243,8 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], | |||
222 | * Check if R' - aG -bX = R for b = 0 | 243 | * Check if R' - aG -bX = R for b = 0 |
223 | * This test does the opposite operations and checks wether the equation is still correct. | 244 | * This test does the opposite operations and checks wether the equation is still correct. |
224 | */ | 245 | */ |
225 | for (unsigned int b = 0; b <= 1; b++) { | 246 | for (unsigned int b = 0; b <= 1; b++) |
247 | { | ||
226 | struct GNUNET_CRYPTO_Cs25519Point aG; | 248 | struct GNUNET_CRYPTO_Cs25519Point aG; |
227 | struct GNUNET_CRYPTO_Cs25519Point bX; | 249 | struct GNUNET_CRYPTO_Cs25519Point bX; |
228 | struct GNUNET_CRYPTO_Cs25519Point r_min_aG; | 250 | struct GNUNET_CRYPTO_Cs25519Point r_min_aG; |
@@ -252,7 +274,6 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], | |||
252 | } | 274 | } |
253 | 275 | ||
254 | 276 | ||
255 | |||
256 | /* TEST 3 | 277 | /* TEST 3 |
257 | * Check that the blinded r_pubs' are valid points | 278 | * Check that the blinded r_pubs' are valid points |
258 | */ | 279 | */ |
@@ -271,7 +292,8 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], | |||
271 | &blinded_r_pub[0], | 292 | &blinded_r_pub[0], |
272 | sizeof(struct GNUNET_CRYPTO_CsRPublic) * 2); | 293 | sizeof(struct GNUNET_CRYPTO_CsRPublic) * 2); |
273 | 294 | ||
274 | for (int i = 0; i<ITER; i++) { | 295 | for (unsigned int i = 0; i<ITER; i++) |
296 | { | ||
275 | GNUNET_CRYPTO_cs_calc_blinded_c (bs, | 297 | GNUNET_CRYPTO_cs_calc_blinded_c (bs, |
276 | r_pub, | 298 | r_pub, |
277 | pub, | 299 | pub, |
@@ -289,13 +311,13 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], | |||
289 | } | 311 | } |
290 | 312 | ||
291 | 313 | ||
292 | void | 314 | static void |
293 | test_blind_sign (unsigned int *b, | 315 | test_blind_sign (unsigned int *b, |
294 | const struct GNUNET_CRYPTO_CsPrivateKey *priv, | 316 | const struct GNUNET_CRYPTO_CsPrivateKey *priv, |
295 | const struct GNUNET_CRYPTO_CsRSecret r[2], | 317 | const struct GNUNET_CRYPTO_CsRSecret r[2], |
296 | const struct GNUNET_CRYPTO_CsC c[2], | 318 | const struct GNUNET_CRYPTO_CsC c[2], |
297 | const struct GNUNET_CRYPTO_CsNonce *nonce, | 319 | const struct GNUNET_CRYPTO_CsNonce *nonce, |
298 | struct GNUNET_CRYPTO_CsBlindS *blinded_s) | 320 | struct GNUNET_CRYPTO_CsBlindS *blinded_s) |
299 | { | 321 | { |
300 | /* TEST 1 | 322 | /* TEST 1 |
301 | * Check that blinded_s is set | 323 | * Check that blinded_s is set |
@@ -336,8 +358,10 @@ test_blind_sign (unsigned int *b, | |||
336 | * Check if function gives the same result for the same input. | 358 | * Check if function gives the same result for the same input. |
337 | */ | 359 | */ |
338 | memcpy (&other_blinded_s, blinded_s, sizeof(struct GNUNET_CRYPTO_CsBlindS)); | 360 | memcpy (&other_blinded_s, blinded_s, sizeof(struct GNUNET_CRYPTO_CsBlindS)); |
339 | unsigned int other_b; | 361 | for (unsigned int i = 0; i<ITER; i++) |
340 | for (int i = 0; i<ITER; i++) { | 362 | { |
363 | unsigned int other_b; | ||
364 | |||
341 | other_b = GNUNET_CRYPTO_cs_sign_derive (priv, r, c, nonce, blinded_s); | 365 | other_b = GNUNET_CRYPTO_cs_sign_derive (priv, r, c, nonce, blinded_s); |
342 | 366 | ||
343 | GNUNET_assert (other_b == *b); | 367 | GNUNET_assert (other_b == *b); |
@@ -348,10 +372,10 @@ test_blind_sign (unsigned int *b, | |||
348 | } | 372 | } |
349 | 373 | ||
350 | 374 | ||
351 | void | 375 | static void |
352 | test_unblinds (const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, | 376 | test_unblinds (const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, |
353 | const struct GNUNET_CRYPTO_CsBlindingSecret *bs, | 377 | const struct GNUNET_CRYPTO_CsBlindingSecret *bs, |
354 | struct GNUNET_CRYPTO_CsS *signature_scalar) | 378 | struct GNUNET_CRYPTO_CsS *signature_scalar) |
355 | { | 379 | { |
356 | /* TEST 1 | 380 | /* TEST 1 |
357 | * Check that signature_scalar is set | 381 | * Check that signature_scalar is set |
@@ -387,7 +411,8 @@ test_unblinds (const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, | |||
387 | memcpy (&other_signature_scalar, signature_scalar, | 411 | memcpy (&other_signature_scalar, signature_scalar, |
388 | sizeof(struct GNUNET_CRYPTO_CsS)); | 412 | sizeof(struct GNUNET_CRYPTO_CsS)); |
389 | 413 | ||
390 | for (int i = 0; i<ITER; i++) { | 414 | for (unsigned int i = 0; i<ITER; i++) |
415 | { | ||
391 | GNUNET_CRYPTO_cs_unblind (blinded_signature_scalar, bs, signature_scalar); | 416 | GNUNET_CRYPTO_cs_unblind (blinded_signature_scalar, bs, signature_scalar); |
392 | GNUNET_assert (0 == memcmp (&other_signature_scalar, | 417 | GNUNET_assert (0 == memcmp (&other_signature_scalar, |
393 | signature_scalar, | 418 | signature_scalar, |
@@ -396,10 +421,10 @@ test_unblinds (const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, | |||
396 | } | 421 | } |
397 | 422 | ||
398 | 423 | ||
399 | void | 424 | static void |
400 | test_blind_verify (const struct GNUNET_CRYPTO_CsSignature *sig, | 425 | test_blind_verify (const struct GNUNET_CRYPTO_CsSignature *sig, |
401 | const struct GNUNET_CRYPTO_CsPublicKey *pub, | 426 | const struct GNUNET_CRYPTO_CsPublicKey *pub, |
402 | const struct GNUNET_CRYPTO_CsC *c) | 427 | const struct GNUNET_CRYPTO_CsC *c) |
403 | { | 428 | { |
404 | /* TEST 1 | 429 | /* TEST 1 |
405 | * Test verifies the blinded signature sG == Rb + cbX | 430 | * Test verifies the blinded signature sG == Rb + cbX |
@@ -425,28 +450,30 @@ test_blind_verify (const struct GNUNET_CRYPTO_CsSignature *sig, | |||
425 | } | 450 | } |
426 | 451 | ||
427 | 452 | ||
428 | void | 453 | static void |
429 | test_verify (const struct GNUNET_CRYPTO_CsSignature *sig, | 454 | test_verify (const struct GNUNET_CRYPTO_CsSignature *sig, |
430 | const struct GNUNET_CRYPTO_CsPublicKey *pub, | 455 | const struct GNUNET_CRYPTO_CsPublicKey *pub, |
431 | const void *msg, | 456 | const void *msg, |
432 | size_t msg_len) | 457 | size_t msg_len) |
433 | { | 458 | { |
434 | /* TEST 1 | 459 | /* TEST 1 |
435 | * Test simple verification | 460 | * Test simple verification |
436 | */ | 461 | */ |
437 | GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_cs_verify (sig, | 462 | GNUNET_assert (GNUNET_YES == |
438 | pub, | 463 | GNUNET_CRYPTO_cs_verify (sig, |
439 | msg, | 464 | pub, |
440 | msg_len)); | 465 | msg, |
466 | msg_len)); | ||
441 | /* TEST 2 | 467 | /* TEST 2 |
442 | * Test verification of "wrong" message | 468 | * Test verification of "wrong" message |
443 | */ | 469 | */ |
444 | char other_msg[] = "test massege"; | 470 | char other_msg[] = "test massege"; |
445 | size_t other_msg_len = strlen ("test massege"); | 471 | size_t other_msg_len = strlen ("test massege"); |
446 | GNUNET_assert (GNUNET_SYSERR == GNUNET_CRYPTO_cs_verify (sig, | 472 | GNUNET_assert (GNUNET_SYSERR == |
447 | pub, | 473 | GNUNET_CRYPTO_cs_verify (sig, |
448 | other_msg, | 474 | pub, |
449 | other_msg_len)); | 475 | other_msg, |
476 | other_msg_len)); | ||
450 | } | 477 | } |
451 | 478 | ||
452 | 479 | ||
@@ -461,71 +488,122 @@ main (int argc, | |||
461 | size_t message_len = strlen ("test message"); | 488 | size_t message_len = strlen ("test message"); |
462 | 489 | ||
463 | struct GNUNET_CRYPTO_CsPrivateKey priv; | 490 | struct GNUNET_CRYPTO_CsPrivateKey priv; |
491 | |||
492 | memset (&priv, | ||
493 | 42, | ||
494 | sizeof (priv)); | ||
464 | test_create_priv (&priv); | 495 | test_create_priv (&priv); |
465 | 496 | ||
466 | struct GNUNET_CRYPTO_CsPublicKey pub; | 497 | struct GNUNET_CRYPTO_CsPublicKey pub; |
467 | test_generate_pub (&priv, &pub); | 498 | |
499 | memset (&pub, | ||
500 | 42, | ||
501 | sizeof (pub)); | ||
502 | test_generate_pub (&priv, | ||
503 | &pub); | ||
468 | 504 | ||
469 | // derive nonce | 505 | // derive nonce |
470 | struct GNUNET_CRYPTO_CsNonce nonce; | 506 | struct GNUNET_CRYPTO_CsNonce nonce; |
471 | GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_hkdf (nonce.nonce, | 507 | GNUNET_assert (GNUNET_YES == |
472 | sizeof(nonce.nonce), | 508 | GNUNET_CRYPTO_kdf (nonce.nonce, |
473 | GCRY_MD_SHA512, | 509 | sizeof(nonce.nonce), |
474 | GCRY_MD_SHA256, | 510 | "nonce", |
475 | "nonce", | 511 | strlen ("nonce"), |
476 | strlen ("nonce"), | 512 | "nonce_secret", |
477 | "nonce_secret", | 513 | strlen ("nonce_secret"), |
478 | strlen ("nonce_secret"), | 514 | NULL, |
479 | NULL, | 515 | 0)); |
480 | 0)); | ||
481 | 516 | ||
482 | // generate r, R | 517 | // generate r, R |
483 | struct GNUNET_CRYPTO_CsRSecret r_secrets[2]; | 518 | struct GNUNET_CRYPTO_CsRSecret r_secrets[2]; |
484 | test_derive_rsecret (&nonce, &priv, r_secrets); | 519 | |
520 | memset (r_secrets, | ||
521 | 42, | ||
522 | sizeof (r_secrets)); | ||
523 | test_derive_rsecret (&nonce, | ||
524 | &priv, | ||
525 | r_secrets); | ||
485 | 526 | ||
486 | struct GNUNET_CRYPTO_CsRPublic r_publics[2]; | 527 | struct GNUNET_CRYPTO_CsRPublic r_publics[2]; |
487 | test_generate_rpublic (&r_secrets[0], &r_publics[0]); | 528 | |
488 | test_generate_rpublic (&r_secrets[1], &r_publics[1]); | 529 | memset (r_publics, |
530 | 42, | ||
531 | sizeof (r_publics)); | ||
532 | test_generate_rpublic (&r_secrets[0], | ||
533 | &r_publics[0]); | ||
534 | test_generate_rpublic (&r_secrets[1], | ||
535 | &r_publics[1]); | ||
489 | 536 | ||
490 | // ---------- actions performed by user | 537 | // ---------- actions performed by user |
491 | 538 | ||
492 | // generate blinding secrets | 539 | // generate blinding secrets |
493 | struct GNUNET_CRYPTO_CsBlindingSecret blindingsecrets[2]; | 540 | struct GNUNET_CRYPTO_CsBlindingSecret blindingsecrets[2]; |
541 | |||
542 | memset (blindingsecrets, | ||
543 | 42, | ||
544 | sizeof (blindingsecrets)); | ||
494 | test_derive_blindingsecrets (&nonce, | 545 | test_derive_blindingsecrets (&nonce, |
495 | blindingsecrets); | 546 | blindingsecrets); |
496 | 547 | ||
497 | // calculate blinded c's | 548 | // calculate blinded c's |
498 | struct GNUNET_CRYPTO_CsC blinded_cs[2]; | 549 | struct GNUNET_CRYPTO_CsC blinded_cs[2]; |
499 | struct GNUNET_CRYPTO_CsRPublic blinded_r_pubs[2]; | 550 | struct GNUNET_CRYPTO_CsRPublic blinded_r_pubs[2]; |
551 | |||
552 | memset (blinded_cs, | ||
553 | 42, | ||
554 | sizeof (blinded_cs)); | ||
555 | memset (blinded_r_pubs, | ||
556 | 42, | ||
557 | sizeof (blinded_r_pubs)); | ||
500 | test_calc_blindedc (blindingsecrets, | 558 | test_calc_blindedc (blindingsecrets, |
501 | r_publics, | 559 | r_publics, |
502 | &pub, | 560 | &pub, |
503 | message, | 561 | message, |
504 | message_len, | 562 | message_len, |
505 | blinded_cs, | 563 | blinded_cs, |
506 | blinded_r_pubs); | 564 | blinded_r_pubs); |
507 | 565 | ||
508 | // ---------- actions performed by signer | 566 | // ---------- actions performed by signer |
509 | // sign blinded c's and get b and s in return | 567 | // sign blinded c's and get b and s in return |
510 | unsigned int b; | 568 | unsigned int b; |
511 | struct GNUNET_CRYPTO_CsBlindS blinded_s; | 569 | struct GNUNET_CRYPTO_CsBlindS blinded_s; |
512 | test_blind_sign (&b, &priv, r_secrets, blinded_cs, &nonce, &blinded_s); | 570 | |
571 | memset (&blinded_s, | ||
572 | 42, | ||
573 | sizeof (blinded_s)); | ||
574 | test_blind_sign (&b, | ||
575 | &priv, | ||
576 | r_secrets, | ||
577 | blinded_cs, | ||
578 | &nonce, | ||
579 | &blinded_s); | ||
513 | 580 | ||
514 | // verify blinded signature | 581 | // verify blinded signature |
515 | struct GNUNET_CRYPTO_CsSignature blinded_signature; | 582 | struct GNUNET_CRYPTO_CsSignature blinded_signature; |
583 | |||
516 | blinded_signature.r_point = r_publics[b]; | 584 | blinded_signature.r_point = r_publics[b]; |
517 | blinded_signature.s_scalar.scalar = blinded_s.scalar; | 585 | blinded_signature.s_scalar.scalar = blinded_s.scalar; |
518 | test_blind_verify (&blinded_signature, &pub, &blinded_cs[b]); | 586 | test_blind_verify (&blinded_signature, |
587 | &pub, | ||
588 | &blinded_cs[b]); | ||
519 | 589 | ||
520 | // ---------- actions performed by user | 590 | // ---------- actions performed by user |
521 | struct GNUNET_CRYPTO_CsS sig_scalar; | 591 | struct GNUNET_CRYPTO_CsS sig_scalar; |
522 | test_unblinds (&blinded_s, &blindingsecrets[b], &sig_scalar); | 592 | |
593 | memset (&sig_scalar, | ||
594 | 42, | ||
595 | sizeof (sig_scalar)); | ||
596 | test_unblinds (&blinded_s, | ||
597 | &blindingsecrets[b], | ||
598 | &sig_scalar); | ||
523 | 599 | ||
524 | // verify unblinded signature | 600 | // verify unblinded signature |
525 | struct GNUNET_CRYPTO_CsSignature signature; | 601 | struct GNUNET_CRYPTO_CsSignature signature; |
526 | signature.r_point = blinded_r_pubs[b]; | 602 | signature.r_point = blinded_r_pubs[b]; |
527 | signature.s_scalar = sig_scalar; | 603 | signature.s_scalar = sig_scalar; |
528 | test_verify (&signature, &pub, message, message_len); | 604 | test_verify (&signature, |
529 | 605 | &pub, | |
606 | message, | ||
607 | message_len); | ||
530 | return 0; | 608 | return 0; |
531 | } | 609 | } |
diff --git a/src/util/test_strings.c b/src/util/test_strings.c index 1ecd31464..cccffcaf5 100644 --- a/src/util/test_strings.c +++ b/src/util/test_strings.c | |||
@@ -114,10 +114,9 @@ main (int argc, char *argv[]) | |||
114 | /* Normalization */ | 114 | /* Normalization */ |
115 | r = "q\u0307\u0323"; /* Non-canonical order */ | 115 | r = "q\u0307\u0323"; /* Non-canonical order */ |
116 | 116 | ||
117 | GNUNET_STRINGS_utf8_normalize (r, | 117 | b = GNUNET_STRINGS_utf8_normalize (r); |
118 | buf); | 118 | GNUNET_assert (0 == strcmp ("q\u0323\u0307", b)); |
119 | GNUNET_assert (0 == strcmp ("q\u0323\u0307", buf)); | 119 | GNUNET_free (b); |
120 | |||
121 | b = GNUNET_STRINGS_to_utf8 ("TEST", 4, "ASCII"); | 120 | b = GNUNET_STRINGS_to_utf8 ("TEST", 4, "ASCII"); |
122 | WANT ("TEST", b); | 121 | WANT ("TEST", b); |
123 | 122 | ||
diff --git a/src/util/time.c b/src/util/time.c index 83b39b4e8..68a6937a0 100644 --- a/src/util/time.c +++ b/src/util/time.c | |||
@@ -695,6 +695,13 @@ GNUNET_TIME_timestamp_from_s (uint64_t s_after_epoch) | |||
695 | } | 695 | } |
696 | 696 | ||
697 | 697 | ||
698 | uint64_t | ||
699 | GNUNET_TIME_timestamp_to_s (struct GNUNET_TIME_Timestamp ts) | ||
700 | { | ||
701 | return ts.abs_time.abs_value_us / GNUNET_TIME_UNIT_SECONDS.rel_value_us; | ||
702 | } | ||
703 | |||
704 | |||
698 | struct GNUNET_TIME_Absolute | 705 | struct GNUNET_TIME_Absolute |
699 | GNUNET_TIME_absolute_ntoh (struct GNUNET_TIME_AbsoluteNBO a) | 706 | GNUNET_TIME_absolute_ntoh (struct GNUNET_TIME_AbsoluteNBO a) |
700 | { | 707 | { |