Merge branch 'master' of ssh://git.gnunet.org/gnunet

12 files changed, 394 insertions, 313 deletions

diff --git a/src/util/common_logging.c b/src/util/common_logging.c
index cba37cd2f..b07f3fc0b 100644
--- a/src/util/common_logging.c
+++ b/src/util/common_logging.c
@@ -321,6 +321,28 @@ log_rotate (const char *new_name)
 }
 
 
+const char *
+GNUNET_b2s (const void *buf,
+            size_t buf_size)
+{
+  static GNUNET_THREAD_LOCAL char ret[9];
+  struct GNUNET_HashCode hc;
+  char *tmp;
+
+  GNUNET_CRYPTO_hash (buf,
+                      buf_size,
+                      &hc);
+  tmp = GNUNET_STRINGS_data_to_string_alloc (&hc,
+                                             sizeof (hc));
+  memcpy (ret,
+          tmp,
+          8);
+  GNUNET_free (tmp);
+  ret[8] = '\0';
+  return ret;
+}
+
+
 /**
  * Setup the log file.
  *
@@ -1015,7 +1037,8 @@ mylog (enum GNUNET_ErrorType kind,
     else
     {
       /* RFC 3339 timestamp, with snprintf placeholder for microseconds */
-      if (0 == strftime (date2, DATE_STR_SIZE, "%Y-%m-%dT%H:%M:%S.%%06u%z", tmptr))
+      if (0 == strftime (date2, DATE_STR_SIZE, "%Y-%m-%dT%H:%M:%S.%%06u%z",
+                         tmptr))
         abort ();
       /* Fill in microseconds */
       if (0 > snprintf (date, sizeof(date), date2, timeofday.tv_usec))
diff --git a/src/util/crypto_cs.c b/src/util/crypto_cs.c
index c89ba5d83..4c6648229 100644
--- a/src/util/crypto_cs.c
+++ b/src/util/crypto_cs.c
@@ -40,11 +40,6 @@
  */
 
 
-/**
- * Create a new random private key.
- *
- * @param[out] priv where to write the fresh private key
- */
 void
 GNUNET_CRYPTO_cs_private_key_generate (struct GNUNET_CRYPTO_CsPrivateKey *priv)
 {
@@ -52,16 +47,10 @@ GNUNET_CRYPTO_cs_private_key_generate (struct GNUNET_CRYPTO_CsPrivateKey *priv)
 }
 
 
-/**
- * Extract the public key of the given private key.
- *
- * @param priv the private key
- * @param[out] pub where to write the public key
- */
 void
-GNUNET_CRYPTO_cs_private_key_get_public (const struct
-                                         GNUNET_CRYPTO_CsPrivateKey *priv,
-                                         struct GNUNET_CRYPTO_CsPublicKey *pub)
+GNUNET_CRYPTO_cs_private_key_get_public (
+  const struct GNUNET_CRYPTO_CsPrivateKey *priv,
+  struct GNUNET_CRYPTO_CsPublicKey *pub)
 {
   GNUNET_assert (0 == crypto_scalarmult_ed25519_base_noclamp (pub->point.y,
                                                               priv->scalar.d));
@@ -69,63 +58,40 @@ GNUNET_CRYPTO_cs_private_key_get_public (const struct
 
 
 /**
- * maps 32 random bytes to a scalar
- * this is necessary because libsodium expects scalar to be in the prime order subgroup
- * @param[out] scalar containing 32 byte char array, is modified to be in prime order subgroup
+ * Maps 32 random bytes to a scalar.  This is necessary because libsodium
+ * expects scalar to be in the prime order subgroup.
+ *
+ * @param[in,out] scalar containing 32 byte char array, is modified to be in prime order subgroup
  */
 static void
 map_to_scalar_subgroup (struct GNUNET_CRYPTO_Cs25519Scalar *scalar)
 {
-  // perform clamping as described in RFC7748
+  /* perform clamping as described in RFC7748 */
   scalar->d[0] &= 248;
   scalar->d[31] &= 127;
   scalar->d[31] |= 64;
 }
 
 
-/**
- * Derive a new secret r pair r0 and r1.
- * In original papers r is generated randomly
- * To provide abort-idempotency, r needs to be derived but still needs to be UNPREDICTABLE
- * To ensure unpredictability a new nonce should be used when a new r needs to be derived.
- * Uses HKDF internally.
- * Comment: Can be done in one HKDF shot and split output.
- *
- * @param nonce is a random nonce
- * @param lts is a long-term-secret in form of a private key
- * @param[out] r array containing derived secrets r0 and r1
- */
 void
 GNUNET_CRYPTO_cs_r_derive (const struct GNUNET_CRYPTO_CsNonce *nonce,
+                           const char *seed,
                            const struct GNUNET_CRYPTO_CsPrivateKey *lts,
                            struct GNUNET_CRYPTO_CsRSecret r[2])
 {
-  GNUNET_assert (GNUNET_YES ==
-                 GNUNET_CRYPTO_hkdf (r,
-                                     sizeof (struct GNUNET_CRYPTO_CsRSecret)
-                                     * 2,
-                                     GCRY_MD_SHA512,
-                                     GCRY_MD_SHA256,
-                                     "r",
-                                     strlen ("r"),
-                                     lts,
-                                     sizeof (*lts),
-                                     nonce,
-                                     sizeof (*nonce),
-                                     NULL,
-                                     0));
-
+  GNUNET_assert (
+    GNUNET_YES ==
+    GNUNET_CRYPTO_kdf (
+      r,     sizeof (struct GNUNET_CRYPTO_CsRSecret) * 2,
+      seed,   strlen (seed),
+      lts,   sizeof (*lts),
+      nonce, sizeof (*nonce),
+      NULL,  0));
   map_to_scalar_subgroup (&r[0].scalar);
   map_to_scalar_subgroup (&r[1].scalar);
 }
 
 
-/**
- * Extract the public R of the given secret r.
- *
- * @param r_priv the private key
- * @param[out] r_pub where to write the public key
- */
 void
 GNUNET_CRYPTO_cs_r_get_public (const struct GNUNET_CRYPTO_CsRSecret *r_priv,
                                struct GNUNET_CRYPTO_CsRPublic *r_pub)
@@ -135,36 +101,23 @@ GNUNET_CRYPTO_cs_r_get_public (const struct GNUNET_CRYPTO_CsRSecret *r_priv,
 }
 
 
-/**
- * Derives new random blinding factors.
- * In original papers blinding factors are generated randomly
- * To provide abort-idempotency, blinding factors need to be derived but still need to be UNPREDICTABLE
- * To ensure unpredictability a new nonce has to be used.
- * Uses HKDF internally
- *
- * @param secret is secret to derive blinding factors
- * @param secret_len secret length
- * @param[out] bs array containing the two derived blinding secrets
- */
 void
-GNUNET_CRYPTO_cs_blinding_secrets_derive (const struct
-                                          GNUNET_CRYPTO_CsNonce *blind_seed,
-                                          struct GNUNET_CRYPTO_CsBlindingSecret
-                                          bs[2])
+GNUNET_CRYPTO_cs_blinding_secrets_derive (
+  const struct GNUNET_CRYPTO_CsNonce *blind_seed,
+  struct GNUNET_CRYPTO_CsBlindingSecret bs[2])
 {
-  GNUNET_assert (GNUNET_YES ==
-                 GNUNET_CRYPTO_hkdf (bs,
-                                     sizeof (struct
-                                             GNUNET_CRYPTO_CsBlindingSecret)
-                                     * 2,
-                                     GCRY_MD_SHA512,
-                                     GCRY_MD_SHA256,
-                                     "alphabeta",
-                                     strlen ("alphabeta"),
-                                     blind_seed,
-                                     sizeof(*blind_seed),
-                                     NULL,
-                                     0));
+  GNUNET_assert (
+    GNUNET_YES ==
+    GNUNET_CRYPTO_hkdf (bs,
+                        sizeof (struct GNUNET_CRYPTO_CsBlindingSecret) * 2,
+                        GCRY_MD_SHA512,
+                        GCRY_MD_SHA256,
+                        "alphabeta",
+                        strlen ("alphabeta"),
+                        blind_seed,
+                        sizeof(*blind_seed),
+                        NULL,
+                        0));
   map_to_scalar_subgroup (&bs[0].alpha);
   map_to_scalar_subgroup (&bs[0].beta);
   map_to_scalar_subgroup (&bs[1].alpha);
@@ -205,11 +158,16 @@ cs_full_domain_hash (const struct GNUNET_CRYPTO_CsRPublic *r_dash,
   memcpy (r_m_concat, r_dash, sizeof(struct GNUNET_CRYPTO_CsRPublic));
   memcpy (r_m_concat + sizeof(struct GNUNET_CRYPTO_CsRPublic), msg, msg_len);
   struct GNUNET_HashCode prehash;
-  GNUNET_CRYPTO_hash (r_m_concat, r_m_concat_len, &prehash);
+
+  GNUNET_CRYPTO_hash (r_m_concat,
+                      r_m_concat_len,
+                      &prehash);
 
   // modulus converted to MPI representation
   gcry_mpi_t l_mpi;
-  GNUNET_CRYPTO_mpi_scan_unsigned (&l_mpi, L_BIG_ENDIAN, sizeof(L_BIG_ENDIAN));
+  GNUNET_CRYPTO_mpi_scan_unsigned (&l_mpi,
+                                   L_BIG_ENDIAN,
+                                   sizeof(L_BIG_ENDIAN));
 
   // calculate full domain hash
   gcry_mpi_t c_mpi;
@@ -224,7 +182,9 @@ cs_full_domain_hash (const struct GNUNET_CRYPTO_CsRPublic *r_dash,
 
   // convert c from mpi
   unsigned char c_big_endian[256 / 8];
-  GNUNET_CRYPTO_mpi_print_unsigned (c_big_endian, sizeof(c_big_endian), c_mpi);
+  GNUNET_CRYPTO_mpi_print_unsigned (c_big_endian,
+                                    sizeof(c_big_endian),
+                                    c_mpi);
   gcry_mpi_release (c_mpi);
   for (size_t i = 0; i<32; i++)
     c->scalar.d[i] = c_big_endian[31 - i];
@@ -266,28 +226,15 @@ calc_r_dash (const struct GNUNET_CRYPTO_CsBlindingSecret *bs,
 }
 
 
-/**
- * Calculate two blinded c's
- * Comment: One would be insecure due to Wagner's algorithm solving ROS
- *
- * @param bs array of the two blinding factor structs each containing alpha and beta
- * @param r_pub array of the two signer's nonce R
- * @param pub the public key of the signer
- * @param msg the message to blind in preparation for signing
- * @param msg_len length of message msg
- * @param[out] blinded_c array of the two blinded c's
- * @param[out] blinded_r_pub array of the two blinded R
- */
 void
-GNUNET_CRYPTO_cs_calc_blinded_c (const struct GNUNET_CRYPTO_CsBlindingSecret
-                                 bs[2],
-                                 const struct GNUNET_CRYPTO_CsRPublic r_pub[2],
-                                 const struct GNUNET_CRYPTO_CsPublicKey *pub,
-                                 const void *msg,
-                                 size_t msg_len,
-                                 struct GNUNET_CRYPTO_CsC blinded_c[2],
-                                 struct GNUNET_CRYPTO_CsRPublic
-                                 blinded_r_pub[2])
+GNUNET_CRYPTO_cs_calc_blinded_c (
+  const struct GNUNET_CRYPTO_CsBlindingSecret bs[2],
+  const struct GNUNET_CRYPTO_CsRPublic r_pub[2],
+  const struct GNUNET_CRYPTO_CsPublicKey *pub,
+  const void *msg,
+  size_t msg_len,
+  struct GNUNET_CRYPTO_CsC blinded_c[2],
+  struct GNUNET_CRYPTO_CsRPublic blinded_r_pub[2])
 {
   // for i 0/1: R'i = Ri + alpha i*G + beta i*pub
   calc_r_dash (&bs[0], &r_pub[0], pub, &blinded_r_pub[0]);
@@ -309,30 +256,13 @@ GNUNET_CRYPTO_cs_calc_blinded_c (const struct GNUNET_CRYPTO_CsBlindingSecret
 }
 
 
-/**
- * Sign a blinded c
- * This function derives b from a nonce and a longterm secret
- * In original papers b is generated randomly
- * To provide abort-idempotency, b needs to be derived but still need to be UNPREDICTABLE.
- * To ensure unpredictability a new nonce has to be used for every signature
- * HKDF is used internally for derivation
- * r0 and r1 can be derived prior by using GNUNET_CRYPTO_cs_r_derive
- *
- * @param priv private key to use for the signing and as LTS in HKDF
- * @param r array of the two secret nonce from the signer
- * @param c array of the two blinded c to sign c_b
- * @param nonce is a random nonce
- * @param[out] blinded_signature_scalar where to write the signature
- * @return 0 or 1 for b (see Clause Blind Signature Scheme)
- */
 unsigned int
-GNUNET_CRYPTO_cs_sign_derive (const struct GNUNET_CRYPTO_CsPrivateKey *priv,
-                              const struct GNUNET_CRYPTO_CsRSecret r[2],
-                              const struct GNUNET_CRYPTO_CsC c[2],
-                              const struct GNUNET_CRYPTO_CsNonce *nonce,
-                              struct GNUNET_CRYPTO_CsBlindS *
-                              blinded_signature_scalar
-                              )
+GNUNET_CRYPTO_cs_sign_derive (
+  const struct GNUNET_CRYPTO_CsPrivateKey *priv,
+  const struct GNUNET_CRYPTO_CsRSecret r[2],
+  const struct GNUNET_CRYPTO_CsC c[2],
+  const struct GNUNET_CRYPTO_CsNonce *nonce,
+  struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar)
 {
   uint32_t hkdf_out;
 
@@ -365,18 +295,11 @@ GNUNET_CRYPTO_cs_sign_derive (const struct GNUNET_CRYPTO_CsPrivateKey *priv,
 }
 
 
-/**
- * Unblind a blind-signed signature using a c that was blinded
- *
- * @param blinded_signature_scalar the signature made on the blinded c
- * @param bs the blinding factors used in the blinding
- * @param[out] signature_scalar where to write the unblinded signature
- */
 void
-GNUNET_CRYPTO_cs_unblind (const struct
-                          GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar,
-                          const struct GNUNET_CRYPTO_CsBlindingSecret *bs,
-                          struct GNUNET_CRYPTO_CsS *signature_scalar)
+GNUNET_CRYPTO_cs_unblind (
+  const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar,
+  const struct GNUNET_CRYPTO_CsBlindingSecret *bs,
+  struct GNUNET_CRYPTO_CsS *signature_scalar)
 {
   crypto_core_ed25519_scalar_add (signature_scalar->scalar.d,
                                   blinded_signature_scalar->scalar.d,
@@ -384,16 +307,6 @@ GNUNET_CRYPTO_cs_unblind (const struct
 }
 
 
-/**
- * Verify whether the given message corresponds to the given signature and the
- * signature is valid with respect to the given public key.
- *
- * @param sig signature that is being validated
- * @param pub public key of the signer
- * @param msg is the message that should be signed by @a sig  (message is used to calculate c)
- * @param msg_len is the message length
- * @returns #GNUNET_YES on success, #GNUNET_SYSERR if signature invalid
- */
 enum GNUNET_GenericReturnValue
 GNUNET_CRYPTO_cs_verify (const struct GNUNET_CRYPTO_CsSignature *sig,
                          const struct GNUNET_CRYPTO_CsPublicKey *pub,
@@ -402,7 +315,12 @@ GNUNET_CRYPTO_cs_verify (const struct GNUNET_CRYPTO_CsSignature *sig,
 {
   // calculate c' = H(R, m)
   struct GNUNET_CRYPTO_CsC c_dash;
-  cs_full_domain_hash (&sig->r_point, msg, msg_len, pub, &c_dash);
+
+  cs_full_domain_hash (&sig->r_point,
+                       msg,
+                       msg_len,
+                       pub,
+                       &c_dash);
 
   // s'G ?= R' + c' pub
   struct GNUNET_CRYPTO_Cs25519Point sig_scal_mul_base;
diff --git a/src/util/crypto_hash.c b/src/util/crypto_hash.c
index dcd46e5f9..f516f5474 100644
--- a/src/util/crypto_hash.c
+++ b/src/util/crypto_hash.c
@@ -76,7 +76,8 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc,
   char upper_enc[enclen];
   char *up_ptr = upper_enc;
 
-  GNUNET_STRINGS_utf8_toupper (enc, up_ptr);
+  if (GNUNET_OK != GNUNET_STRINGS_utf8_toupper (enc, up_ptr))
+    return GNUNET_SYSERR;
 
   return GNUNET_STRINGS_string_to_data (upper_enc, enclen,
                                         (unsigned char *) result,
diff --git a/src/util/dnsstub.c b/src/util/dnsstub.c
index 1ac274c92..c2f2a441f 100644
--- a/src/util/dnsstub.c
+++ b/src/util/dnsstub.c
@@ -324,24 +324,50 @@ do_dns_read (struct GNUNET_DNSSTUB_RequestSocket *rs,
     found = GNUNET_NO;
     for (struct DnsServer *ds = ctx->dns_head; NULL != ds; ds = ds->next)
     {
-      if (0 == memcmp (&addr,
-                       &ds->ss,
-                       GNUNET_MIN (sizeof(struct sockaddr_storage), addrlen)))
+      if (ds->ss.ss_family != addr.ss_family)
+        continue;
+      if (addr.ss_family == AF_INET)
       {
-        found = GNUNET_YES;
-        break;
+        struct sockaddr_in *v4 = (struct sockaddr_in *) &addr;
+        struct sockaddr_in *ds_v4 = (struct sockaddr_in *) &ds->ss;
+
+
+        if ((0 == memcmp (&v4->sin_addr,
+                         &ds_v4->sin_addr,
+                         sizeof(struct sockaddr_in))) &&
+            (v4->sin_port == ds_v4->sin_port))
+        {
+          found = GNUNET_YES;
+          break;
+        }
+      }
+      else
+      {
+        struct sockaddr_in6 *v6 = (struct sockaddr_in6 *) &addr;
+        struct sockaddr_in6 *ds_v6 = (struct sockaddr_in6 *) &ds->ss;
+
+        if (0 == memcmp (&v6->sin6_addr,
+                         &ds_v6->sin6_addr,
+                         sizeof (v6->sin6_addr)) &&
+            (v6->sin6_port == ds_v6->sin6_port))
+        {
+          found = GNUNET_YES;
+          break;
+        }
+
       }
     }
     if (GNUNET_NO == found)
     {
       GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                  "Received DNS response from server we never asked (ignored)");
+                  "Received DNS response from server we never asked (ignored)\n");
+
       return GNUNET_NO;
     }
     if (sizeof(struct GNUNET_TUN_DnsHeader) > (size_t) r)
     {
       GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                  _ ("Received DNS response that is too small (%u bytes)"),
+                  _ ("Received DNS response that is too small (%u bytes)\n"),
                   (unsigned int) r);
       return GNUNET_NO;
     }
@@ -648,7 +674,7 @@ GNUNET_DNSSTUB_add_dns_sa (struct GNUNET_DNSSTUB_Context *ctx,
   ds = GNUNET_new (struct DnsServer);
   switch (sa->sa_family)
   {
-  case AF_INET:
+  case AF_INET :
     GNUNET_memcpy (&ds->ss, sa, sizeof(struct sockaddr_in));
     break;
 
diff --git a/src/util/getopt_helpers.c b/src/util/getopt_helpers.c
index 917aa440b..96aee40e3 100644
--- a/src/util/getopt_helpers.c
+++ b/src/util/getopt_helpers.c
@@ -174,7 +174,8 @@ OUTER:
     i++;
   }
   pd = GNUNET_OS_project_data_get ();
-  printf ("Report bugs to %s.\n"
+  printf ("\n"
+          "Report bugs to %s.\n"
           "Home page: %s\n",
           pd->bug_email,
           pd->homepage);
diff --git a/src/util/gnunet-crypto-tvg.c b/src/util/gnunet-crypto-tvg.c
index 6b2a7f472..0071f3e90 100644
--- a/src/util/gnunet-crypto-tvg.c
+++ b/src/util/gnunet-crypto-tvg.c
@@ -852,7 +852,7 @@ checkvec (const char *operation,
       return GNUNET_SYSERR;
     }
 
-    if ((b != 1)&& (b != 0))
+    if ((b != 1) && (b != 0))
     {
       GNUNET_break (0);
       return GNUNET_SYSERR;
@@ -869,9 +869,14 @@ checkvec (const char *operation,
     unsigned int b_comp;
 
 
-    GNUNET_CRYPTO_cs_r_derive (&nonce, &priv, r_priv_comp);
-    GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[0], &r_pub_comp[0]);
-    GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[1], &r_pub_comp[1]);
+    GNUNET_CRYPTO_cs_r_derive (&nonce,
+                               "rw",
+                               &priv,
+                               r_priv_comp);
+    GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[0],
+                                   &r_pub_comp[0]);
+    GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[1],
+                                   &r_pub_comp[1]);
     GNUNET_assert (0 == memcmp (&r_priv_comp,
                                 &r_priv,
                                 sizeof(struct GNUNET_CRYPTO_CsRSecret) * 2));
@@ -1316,9 +1321,14 @@ output_vectors ()
                                                      strlen ("nonce_secret"),
                                                      NULL,
                                                      0));
-    GNUNET_CRYPTO_cs_r_derive (&nonce, &priv, r_priv);
-    GNUNET_CRYPTO_cs_r_get_public (&r_priv[0], &r_pub[0]);
-    GNUNET_CRYPTO_cs_r_get_public (&r_priv[1], &r_pub[1]);
+    GNUNET_CRYPTO_cs_r_derive (&nonce,
+                               "rw",
+                               &priv,
+                               r_priv);
+    GNUNET_CRYPTO_cs_r_get_public (&r_priv[0],
+                                   &r_pub[0]);
+    GNUNET_CRYPTO_cs_r_get_public (&r_priv[1],
+                                   &r_pub[1]);
     GNUNET_CRYPTO_cs_blinding_secrets_derive (&nonce,
                                               bs);
     GNUNET_CRYPTO_cs_calc_blinded_c (bs,
diff --git a/src/util/network.c b/src/util/network.c
index 688c37665..2f77bc54e 100644
--- a/src/util/network.c
+++ b/src/util/network.c
@@ -350,7 +350,8 @@ initialize_network_handle (struct GNUNET_NETWORK_Handle *h,
 
   if (h->fd >= FD_SETSIZE)
   {
-    GNUNET_break (GNUNET_OK == GNUNET_NETWORK_socket_close (h));
+    GNUNET_break (GNUNET_OK ==
+                  GNUNET_NETWORK_socket_close (h));
     errno = EMFILE;
     return GNUNET_SYSERR;
   }
diff --git a/src/util/plugin.c b/src/util/plugin.c
index 39874a588..6ee41eec9 100644
--- a/src/util/plugin.c
+++ b/src/util/plugin.c
@@ -289,12 +289,12 @@ GNUNET_PLUGIN_unload (const char *library_name,
   done = resolve_function (pos,
                            "done");
   ret = NULL;
-  if (NULL != done)
-    ret = done (arg);
   if (NULL == prev)
     plugins = pos->next;
   else
     prev->next = pos->next;
+  if (NULL != done)
+    ret = done (arg);
   lt_dlclose (pos->handle);
   GNUNET_free (pos->name);
   GNUNET_free (pos);
diff --git a/src/util/strings.c b/src/util/strings.c
index ece096f72..7e218cc59 100644
--- a/src/util/strings.c
+++ b/src/util/strings.c
@@ -390,7 +390,7 @@ GNUNET_STRINGS_conv (const char *input,
   ret[encoded_string_length] = '\0';
   free (encoded_string);
   return ret;
-fail:
+  fail:
   LOG (GNUNET_ERROR_TYPE_WARNING,
        _ ("Character sets requested were `%s'->`%s'\n"),
        "UTF-8",
@@ -426,24 +426,27 @@ GNUNET_STRINGS_from_utf8 (const char *input,
 }
 
 
-void
-GNUNET_STRINGS_utf8_normalize (const char *input,
-                               char *output)
+char *
+GNUNET_STRINGS_utf8_normalize (const char *input)
 {
   uint8_t *tmp;
   size_t len;
-
+  char *output;
   tmp = u8_normalize (UNINORM_NFC,
                       (uint8_t *) input,
                       strlen ((char*) input),
                       NULL,
                       &len);
+  if (NULL == tmp)
+    return NULL;
+  output = GNUNET_malloc (len + 1);
   GNUNET_memcpy (output, tmp, len);
   output[len] = '\0';
   free (tmp);
+  return output;
 }
 
-void
+enum GNUNET_GenericReturnValue
 GNUNET_STRINGS_utf8_tolower (const char *input,
                              char *output)
 {
@@ -456,13 +459,16 @@ GNUNET_STRINGS_utf8_tolower (const char *input,
                        UNINORM_NFD,
                        NULL,
                        &len);
+  if (NULL == tmp_in)
+    return GNUNET_SYSERR;
   GNUNET_memcpy (output, tmp_in, len);
   output[len] = '\0';
-  free (tmp_in);
+  GNUNET_free (tmp_in);
+  return GNUNET_OK;
 }
 
 
-void
+enum GNUNET_GenericReturnValue
 GNUNET_STRINGS_utf8_toupper (const char *input,
                              char *output)
 {
@@ -475,9 +481,13 @@ GNUNET_STRINGS_utf8_toupper (const char *input,
                        UNINORM_NFD,
                        NULL,
                        &len);
+  if (NULL == tmp_in)
+    return GNUNET_SYSERR;
+  /* 0-terminator does not fit */
   GNUNET_memcpy (output, tmp_in, len);
   output[len] = '\0';
-  free (tmp_in);
+  GNUNET_free (tmp_in);
+  return GNUNET_OK;
 }
 
 
@@ -1604,7 +1614,7 @@ GNUNET_STRINGS_base64_encode (const void *in,
   char *opt;
 
   ret = 0;
-  GNUNET_assert (len < SIZE_MAX / 4 * 3 );
+  GNUNET_assert (len < SIZE_MAX / 4 * 3);
   opt = GNUNET_malloc (2 + (len * 4 / 3) + 8);
   for (size_t i = 0; i < len; ++i)
   {
@@ -1741,7 +1751,7 @@ GNUNET_STRINGS_base64_decode (const char *data,
       output[ret++] = c;
     }
   }
-END:
+  END:
   *out = output;
   return ret;
 }
@@ -1803,12 +1813,19 @@ GNUNET_STRINGS_urldecode (const char *data,
   char *wpos = *out;
   size_t resl = 0;
 
-  while ('\0' != *rpos)
+  while ( ('\0' != *rpos) &&
+          (data + len != rpos) )
   {
     unsigned int num;
     switch (*rpos)
     {
     case '%':
+      if (rpos + 3 > data + len)
+      {
+        GNUNET_break_op (0);
+        GNUNET_free (*out);
+        return 0;
+      }
       if (1 != sscanf (rpos + 1, "%2x", &num))
         break;
       *wpos = (char) ((unsigned char) num);
diff --git a/src/util/test_crypto_cs.c b/src/util/test_crypto_cs.c
index d3406516e..914ded9bc 100644
--- a/src/util/test_crypto_cs.c
+++ b/src/util/test_crypto_cs.c
@@ -1,6 +1,6 @@
 /*
    This file is part of GNUnet
-   Copyright (C) 2014,2015 GNUnet e.V.
+   Copyright (C) 2021,2022 GNUnet e.V.
 
    GNUnet is free software: you can redistribute it and/or modify it
    under the terms of the GNU Affero General Public License as published
@@ -30,148 +30,168 @@
 
 #define ITER 25
 
-void
+static void
 test_create_priv (struct GNUNET_CRYPTO_CsPrivateKey *priv)
 {
   /* TEST 1
    * Check that privkey is set
    */
   struct GNUNET_CRYPTO_CsPrivateKey other_priv;
-  memcpy (&other_priv.scalar, &priv->scalar, sizeof(other_priv.scalar));
 
+  other_priv = *priv;
   GNUNET_CRYPTO_cs_private_key_generate (priv);
-
-  GNUNET_assert (0 != memcmp (&other_priv.scalar,
-                              &priv->scalar,
-                              sizeof(other_priv.scalar)));
+  GNUNET_assert (0 !=
+                 GNUNET_memcmp (&other_priv.scalar,
+                                &priv->scalar));
 }
 
 
-void
+static void
 test_generate_pub (const struct GNUNET_CRYPTO_CsPrivateKey *priv,
-                       struct GNUNET_CRYPTO_CsPublicKey *pub)
+                   struct GNUNET_CRYPTO_CsPublicKey *pub)
 {
   /* TEST 1
    * Check that pubkey is set
    */
   struct GNUNET_CRYPTO_CsPublicKey other_pub;
-  memcpy (&other_pub.point, &pub->point, sizeof(other_pub.point));
-
-  GNUNET_CRYPTO_cs_private_key_get_public (priv, pub);
 
-  GNUNET_assert (0 != memcmp (&other_pub.point,
-                              &pub->point,
-                              sizeof(other_pub.point)));
+  other_pub = *pub;
+  GNUNET_CRYPTO_cs_private_key_get_public (priv,
+                                           pub);
+  GNUNET_assert (0 !=
+                 GNUNET_memcmp (&other_pub.point,
+                                &pub->point));
 
   /* TEST 2
    * Check that pubkey is a valid point
    */
-  GNUNET_assert (1 == crypto_core_ed25519_is_valid_point (pub->point.y));
+  GNUNET_assert (1 ==
+                 crypto_core_ed25519_is_valid_point (pub->point.y));
 
   /* TEST 3
    * Check if function gives the same result for the same output
    */
-  memcpy (&other_pub.point, &pub->point, sizeof(other_pub.point));
-
-  for (int i = 0; i<ITER; i++) {
-    GNUNET_CRYPTO_cs_private_key_get_public (priv, pub);
-    GNUNET_assert (0 == memcmp (&other_pub.point,
-                                &pub->point,
-                                sizeof(other_pub.point)));
+  other_pub = *pub;
+  for (unsigned int i = 0; i<ITER; i++)
+  {
+    GNUNET_CRYPTO_cs_private_key_get_public (priv,
+                                             pub);
+    GNUNET_assert (0 ==
+                   GNUNET_memcmp (&other_pub.point,
+                                  &pub->point));
   }
 }
 
 
-void
+static void
 test_derive_rsecret (const struct GNUNET_CRYPTO_CsNonce *nonce,
-                   const struct GNUNET_CRYPTO_CsPrivateKey *priv,
-                   struct GNUNET_CRYPTO_CsRSecret r[2])
+                     const struct GNUNET_CRYPTO_CsPrivateKey *priv,
+                     struct GNUNET_CRYPTO_CsRSecret r[2])
 {
   /* TEST 1
    * Check that r are set
    */
   struct GNUNET_CRYPTO_CsPrivateKey other_r[2];
-  memcpy (&other_r[0], &r[0], sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2);
 
-  GNUNET_CRYPTO_cs_r_derive (nonce, priv, r);
-
-  GNUNET_assert (0 != memcmp (&other_r[0],
-                              &r[0],
-                              sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2));
+  memcpy (other_r,
+          r,
+          sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2);
+  GNUNET_CRYPTO_cs_r_derive (nonce,
+                             "nw",
+                             priv,
+                             r);
+  GNUNET_assert (0 !=
+                 memcmp (&other_r[0],
+                         &r[0],
+                         sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2));
 
   /* TEST 2
    * Check if function gives the same result for the same input.
    * This test ensures that the derivation is deterministic.
    */
-  memcpy (&other_r[0], &r[0], sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2);
-  for (int i = 0; i<ITER; i++) {
-    GNUNET_CRYPTO_cs_r_derive (nonce, priv, r);
-    GNUNET_assert (0 == memcmp (&other_r[0],
-                                &r[0],
-                                sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2));
+  memcpy (other_r,
+          r,
+          sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2);
+  for (unsigned int i = 0; i<ITER; i++)
+  {
+    GNUNET_CRYPTO_cs_r_derive (nonce,
+                               "nw",
+                               priv,
+                               r);
+    GNUNET_assert (0 ==
+                   memcmp (other_r,
+                           r,
+                           sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2));
   }
 }
 
 
-void
+static void
 test_generate_rpublic (const struct GNUNET_CRYPTO_CsRSecret *r_priv,
-                     struct GNUNET_CRYPTO_CsRPublic *r_pub)
+                       struct GNUNET_CRYPTO_CsRPublic *r_pub)
 {
   /* TEST 1
    * Check that r_pub is set
    */
   struct GNUNET_CRYPTO_CsRPublic other_r_pub;
-  memcpy (&other_r_pub.point, &r_pub->point, sizeof(other_r_pub.point));
-
-  GNUNET_CRYPTO_cs_r_get_public (r_priv, r_pub);
-
-  GNUNET_assert (0 != memcmp (&other_r_pub.point,
-                              &r_pub->point,
-                              sizeof(other_r_pub.point)));
 
+  other_r_pub = *r_pub;
+  GNUNET_CRYPTO_cs_r_get_public (r_priv,
+                                 r_pub);
+  GNUNET_assert (0 !=
+                 GNUNET_memcmp (&other_r_pub.point,
+                                &r_pub->point));
   /* TEST 2
    * Check that r_pub is a valid point
    */
-  GNUNET_assert (1 == crypto_core_ed25519_is_valid_point (r_pub->point.y));
+  GNUNET_assert (1 ==
+                 crypto_core_ed25519_is_valid_point (r_pub->point.y));
 
   /* TEST 3
    * Check if function gives the same result for the same output
    */
-  memcpy (&other_r_pub.point, &r_pub->point, sizeof(other_r_pub.point));
-  for (int i = 0; i<ITER; i++) {
-    GNUNET_CRYPTO_cs_r_get_public (r_priv, r_pub);
-    GNUNET_assert (0 == memcmp (&other_r_pub.point,
-                                &r_pub->point,
-                                sizeof(other_r_pub.point)));
+  other_r_pub.point = r_pub->point;
+  for (int i = 0; i<ITER; i++)
+  {
+    GNUNET_CRYPTO_cs_r_get_public (r_priv,
+                                   r_pub);
+    GNUNET_assert (0 ==
+                   GNUNET_memcmp (&other_r_pub.point,
+                                  &r_pub->point));
   }
 }
 
 
-void
+static void
 test_derive_blindingsecrets (const struct GNUNET_CRYPTO_CsNonce *blind_seed,
-                           struct GNUNET_CRYPTO_CsBlindingSecret bs[2])
+                             struct GNUNET_CRYPTO_CsBlindingSecret bs[2])
 {
   /* TEST 1
    * Check that blinding secrets are set
    */
   struct GNUNET_CRYPTO_CsBlindingSecret other_bs[2];
-  memcpy (&other_bs[0], &bs[0], sizeof(struct GNUNET_CRYPTO_CsBlindingSecret)
-          * 2);
+
+  memcpy (other_bs,
+          bs,
+          sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) * 2);
 
   GNUNET_CRYPTO_cs_blinding_secrets_derive (blind_seed, bs);
 
-  GNUNET_assert (0 != memcmp (&other_bs[0],
-                              &bs[0],
-                              sizeof(struct GNUNET_CRYPTO_CsBlindingSecret)
-                              * 2));
+  GNUNET_assert (0 !=
+                 memcmp (other_bs,
+                         bs,
+                         sizeof(struct GNUNET_CRYPTO_CsBlindingSecret)
+                         * 2));
 
   /* TEST 2
    * Check if function gives the same result for the same input.
    * This test ensures that the derivation is deterministic.
    */
-  memcpy (&other_bs[0], &bs[0], sizeof(struct GNUNET_CRYPTO_CsBlindingSecret)
-          * 2);
-  for (int i = 0; i<ITER; i++) {
+  memcpy (other_bs,
+          bs,
+          sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) * 2);
+  for (unsigned int i = 0; i<ITER; i++)
+  {
     GNUNET_CRYPTO_cs_blinding_secrets_derive (blind_seed, bs);
     GNUNET_assert (0 == memcmp (&other_bs[0],
                                 &bs[0],
@@ -181,19 +201,20 @@ test_derive_blindingsecrets (const struct GNUNET_CRYPTO_CsNonce *blind_seed,
 }
 
 
-void
+static void
 test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2],
-                  const struct GNUNET_CRYPTO_CsRPublic r_pub[2],
-                  const struct GNUNET_CRYPTO_CsPublicKey *pub,
-                  const void *msg,
-                  size_t msg_len,
-                  struct GNUNET_CRYPTO_CsC blinded_cs[2],
-                  struct GNUNET_CRYPTO_CsRPublic blinded_r_pub[2])
+                    const struct GNUNET_CRYPTO_CsRPublic r_pub[2],
+                    const struct GNUNET_CRYPTO_CsPublicKey *pub,
+                    const void *msg,
+                    size_t msg_len,
+                    struct GNUNET_CRYPTO_CsC blinded_cs[2],
+                    struct GNUNET_CRYPTO_CsRPublic blinded_r_pub[2])
 {
   /* TEST 1
    * Check that the blinded c's and blinded r's
    */
   struct GNUNET_CRYPTO_CsC other_blinded_c[2];
+
   memcpy (&other_blinded_c[0],
           &blinded_cs[0],
           sizeof(struct GNUNET_CRYPTO_CsC) * 2);
@@ -222,7 +243,8 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2],
    * Check if R' - aG -bX = R for b = 0
    * This test does the opposite operations and checks wether the equation is still correct.
    */
-  for (unsigned int b = 0; b <= 1; b++) {
+  for (unsigned int b = 0; b <= 1; b++)
+  {
     struct GNUNET_CRYPTO_Cs25519Point aG;
     struct GNUNET_CRYPTO_Cs25519Point bX;
     struct GNUNET_CRYPTO_Cs25519Point r_min_aG;
@@ -252,7 +274,6 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2],
   }
 
 
-
   /* TEST 3
    * Check that the blinded r_pubs' are valid points
    */
@@ -271,7 +292,8 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2],
           &blinded_r_pub[0],
           sizeof(struct GNUNET_CRYPTO_CsRPublic) * 2);
 
-  for (int i = 0; i<ITER; i++) {
+  for (unsigned int i = 0; i<ITER; i++)
+  {
     GNUNET_CRYPTO_cs_calc_blinded_c (bs,
                                      r_pub,
                                      pub,
@@ -289,13 +311,13 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2],
 }
 
 
-void
+static void
 test_blind_sign (unsigned int *b,
-               const struct GNUNET_CRYPTO_CsPrivateKey *priv,
-               const struct GNUNET_CRYPTO_CsRSecret r[2],
-               const struct GNUNET_CRYPTO_CsC c[2],
-               const struct GNUNET_CRYPTO_CsNonce *nonce,
-               struct GNUNET_CRYPTO_CsBlindS *blinded_s)
+                 const struct GNUNET_CRYPTO_CsPrivateKey *priv,
+                 const struct GNUNET_CRYPTO_CsRSecret r[2],
+                 const struct GNUNET_CRYPTO_CsC c[2],
+                 const struct GNUNET_CRYPTO_CsNonce *nonce,
+                 struct GNUNET_CRYPTO_CsBlindS *blinded_s)
 {
   /* TEST 1
    * Check that blinded_s is set
@@ -336,8 +358,10 @@ test_blind_sign (unsigned int *b,
    * Check if function gives the same result for the same input.
    */
   memcpy (&other_blinded_s, blinded_s, sizeof(struct GNUNET_CRYPTO_CsBlindS));
-  unsigned int other_b;
-  for (int i = 0; i<ITER; i++) {
+  for (unsigned int i = 0; i<ITER; i++)
+  {
+    unsigned int other_b;
+
     other_b = GNUNET_CRYPTO_cs_sign_derive (priv, r, c, nonce, blinded_s);
 
     GNUNET_assert (other_b == *b);
@@ -348,10 +372,10 @@ test_blind_sign (unsigned int *b,
 }
 
 
-void
+static void
 test_unblinds (const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar,
-              const struct GNUNET_CRYPTO_CsBlindingSecret *bs,
-              struct GNUNET_CRYPTO_CsS *signature_scalar)
+               const struct GNUNET_CRYPTO_CsBlindingSecret *bs,
+               struct GNUNET_CRYPTO_CsS *signature_scalar)
 {
   /* TEST 1
    * Check that signature_scalar is set
@@ -387,7 +411,8 @@ test_unblinds (const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar,
   memcpy (&other_signature_scalar, signature_scalar,
           sizeof(struct GNUNET_CRYPTO_CsS));
 
-  for (int i = 0; i<ITER; i++) {
+  for (unsigned int i = 0; i<ITER; i++)
+  {
     GNUNET_CRYPTO_cs_unblind (blinded_signature_scalar, bs, signature_scalar);
     GNUNET_assert (0 == memcmp (&other_signature_scalar,
                                 signature_scalar,
@@ -396,10 +421,10 @@ test_unblinds (const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar,
 }
 
 
-void
+static void
 test_blind_verify (const struct GNUNET_CRYPTO_CsSignature *sig,
-                 const struct GNUNET_CRYPTO_CsPublicKey *pub,
-                 const struct GNUNET_CRYPTO_CsC *c)
+                   const struct GNUNET_CRYPTO_CsPublicKey *pub,
+                   const struct GNUNET_CRYPTO_CsC *c)
 {
   /* TEST 1
    * Test verifies the blinded signature sG == Rb + cbX
@@ -425,28 +450,30 @@ test_blind_verify (const struct GNUNET_CRYPTO_CsSignature *sig,
 }
 
 
-void
+static void
 test_verify (const struct GNUNET_CRYPTO_CsSignature *sig,
-            const struct GNUNET_CRYPTO_CsPublicKey *pub,
-            const void *msg,
-            size_t msg_len)
+             const struct GNUNET_CRYPTO_CsPublicKey *pub,
+             const void *msg,
+             size_t msg_len)
 {
   /* TEST 1
    * Test simple verification
    */
-  GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_cs_verify (sig,
-                                                        pub,
-                                                        msg,
-                                                        msg_len));
+  GNUNET_assert (GNUNET_YES ==
+                 GNUNET_CRYPTO_cs_verify (sig,
+                                          pub,
+                                          msg,
+                                          msg_len));
   /* TEST 2
    * Test verification of "wrong" message
    */
   char other_msg[] = "test massege";
   size_t other_msg_len = strlen ("test massege");
-  GNUNET_assert (GNUNET_SYSERR == GNUNET_CRYPTO_cs_verify (sig,
-                                                       pub,
-                                                       other_msg,
-                                                       other_msg_len));
+  GNUNET_assert (GNUNET_SYSERR ==
+                 GNUNET_CRYPTO_cs_verify (sig,
+                                          pub,
+                                          other_msg,
+                                          other_msg_len));
 }
 
 
@@ -461,71 +488,122 @@ main (int argc,
   size_t message_len = strlen ("test message");
 
   struct GNUNET_CRYPTO_CsPrivateKey priv;
+
+  memset (&priv,
+          42,
+          sizeof (priv));
   test_create_priv (&priv);
 
   struct GNUNET_CRYPTO_CsPublicKey pub;
-  test_generate_pub (&priv, &pub);
+
+  memset (&pub,
+          42,
+          sizeof (pub));
+  test_generate_pub (&priv,
+                     &pub);
 
   // derive nonce
   struct GNUNET_CRYPTO_CsNonce nonce;
-  GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_hkdf (nonce.nonce,
-                                                   sizeof(nonce.nonce),
-                                                   GCRY_MD_SHA512,
-                                                   GCRY_MD_SHA256,
-                                                   "nonce",
-                                                   strlen ("nonce"),
-                                                   "nonce_secret",
-                                                   strlen ("nonce_secret"),
-                                                   NULL,
-                                                   0));
+  GNUNET_assert (GNUNET_YES ==
+                 GNUNET_CRYPTO_kdf (nonce.nonce,
+                                    sizeof(nonce.nonce),
+                                    "nonce",
+                                    strlen ("nonce"),
+                                    "nonce_secret",
+                                    strlen ("nonce_secret"),
+                                    NULL,
+                                    0));
 
   // generate r, R
   struct GNUNET_CRYPTO_CsRSecret r_secrets[2];
-  test_derive_rsecret (&nonce, &priv, r_secrets);
+
+  memset (r_secrets,
+          42,
+          sizeof (r_secrets));
+  test_derive_rsecret (&nonce,
+                       &priv,
+                       r_secrets);
 
   struct GNUNET_CRYPTO_CsRPublic r_publics[2];
-  test_generate_rpublic (&r_secrets[0], &r_publics[0]);
-  test_generate_rpublic (&r_secrets[1], &r_publics[1]);
+
+  memset (r_publics,
+          42,
+          sizeof (r_publics));
+  test_generate_rpublic (&r_secrets[0],
+                         &r_publics[0]);
+  test_generate_rpublic (&r_secrets[1],
+                         &r_publics[1]);
 
   // ---------- actions performed by user
 
   // generate blinding secrets
   struct GNUNET_CRYPTO_CsBlindingSecret blindingsecrets[2];
+
+  memset (blindingsecrets,
+          42,
+          sizeof (blindingsecrets));
   test_derive_blindingsecrets (&nonce,
                                blindingsecrets);
 
   // calculate blinded c's
   struct GNUNET_CRYPTO_CsC blinded_cs[2];
   struct GNUNET_CRYPTO_CsRPublic blinded_r_pubs[2];
+
+  memset (blinded_cs,
+          42,
+          sizeof (blinded_cs));
+  memset (blinded_r_pubs,
+          42,
+          sizeof (blinded_r_pubs));
   test_calc_blindedc (blindingsecrets,
-                    r_publics,
-                    &pub,
-                    message,
-                    message_len,
-                    blinded_cs,
-                    blinded_r_pubs);
+                      r_publics,
+                      &pub,
+                      message,
+                      message_len,
+                      blinded_cs,
+                      blinded_r_pubs);
 
   // ---------- actions performed by signer
   // sign blinded c's and get b and s in return
   unsigned int b;
   struct GNUNET_CRYPTO_CsBlindS blinded_s;
-  test_blind_sign (&b, &priv, r_secrets, blinded_cs, &nonce, &blinded_s);
+
+  memset (&blinded_s,
+          42,
+          sizeof (blinded_s));
+  test_blind_sign (&b,
+                   &priv,
+                   r_secrets,
+                   blinded_cs,
+                   &nonce,
+                   &blinded_s);
 
   // verify blinded signature
   struct GNUNET_CRYPTO_CsSignature blinded_signature;
+
   blinded_signature.r_point = r_publics[b];
   blinded_signature.s_scalar.scalar = blinded_s.scalar;
-  test_blind_verify (&blinded_signature, &pub, &blinded_cs[b]);
+  test_blind_verify (&blinded_signature,
+                     &pub,
+                     &blinded_cs[b]);
 
   // ---------- actions performed by user
-    struct GNUNET_CRYPTO_CsS sig_scalar;
-  test_unblinds (&blinded_s, &blindingsecrets[b], &sig_scalar);
+  struct GNUNET_CRYPTO_CsS sig_scalar;
+
+  memset (&sig_scalar,
+          42,
+          sizeof (sig_scalar));
+  test_unblinds (&blinded_s,
+                 &blindingsecrets[b],
+                 &sig_scalar);
 
   // verify unblinded signature
   struct GNUNET_CRYPTO_CsSignature signature;
   signature.r_point = blinded_r_pubs[b];
   signature.s_scalar = sig_scalar;
-  test_verify (&signature, &pub, message, message_len);
-
+  test_verify (&signature,
+               &pub,
+               message,
+               message_len);
   return 0;
 }
diff --git a/src/util/test_strings.c b/src/util/test_strings.c
index 1ecd31464..cccffcaf5 100644
--- a/src/util/test_strings.c
+++ b/src/util/test_strings.c
@@ -114,10 +114,9 @@ main (int argc, char *argv[])
   /* Normalization */
   r = "q\u0307\u0323"; /* Non-canonical order */
 
-  GNUNET_STRINGS_utf8_normalize (r,
-                                 buf);
-  GNUNET_assert (0 == strcmp ("q\u0323\u0307", buf));
-
+  b = GNUNET_STRINGS_utf8_normalize (r);
+  GNUNET_assert (0 == strcmp ("q\u0323\u0307", b));
+  GNUNET_free (b);
   b = GNUNET_STRINGS_to_utf8 ("TEST", 4, "ASCII");
   WANT ("TEST", b);
 
diff --git a/src/util/time.c b/src/util/time.c
index 83b39b4e8..68a6937a0 100644
--- a/src/util/time.c
+++ b/src/util/time.c
@@ -695,6 +695,13 @@ GNUNET_TIME_timestamp_from_s (uint64_t s_after_epoch)
 }
 
 
+uint64_t
+GNUNET_TIME_timestamp_to_s (struct GNUNET_TIME_Timestamp ts)
+{
+  return ts.abs_time.abs_value_us / GNUNET_TIME_UNIT_SECONDS.rel_value_us;
+}
+
+
 struct GNUNET_TIME_Absolute
 GNUNET_TIME_absolute_ntoh (struct GNUNET_TIME_AbsoluteNBO a)
 {