aboutsummaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-04-11 21:43:28 +0200
committerChristian Grothoff <christian@grothoff.org>2020-04-11 21:43:34 +0200
commit90ff9edfa9c5fcfa3a36d1653ff105e89b888e21 (patch)
tree780a2071f5072c8e8e044db741eb295c3f3ea2a7 /src/util
parent3bcfe59f1ce533246bda271f00b3ee957cae304d (diff)
downloadgnunet-90ff9edfa9c5fcfa3a36d1653ff105e89b888e21.tar.gz
gnunet-90ff9edfa9c5fcfa3a36d1653ff105e89b888e21.zip
fixing #6149
Diffstat (limited to 'src/util')
-rw-r--r--src/util/crypto_ecc.c96
-rw-r--r--src/util/crypto_ecc_setup.c573
-rw-r--r--src/util/disk.c64
-rw-r--r--src/util/gnunet-crypto-tvg.c123
-rw-r--r--src/util/gnunet-ecc.c108
-rw-r--r--src/util/gnunet-scrypt.c11
-rw-r--r--src/util/os_priority.c2
-rw-r--r--src/util/test_crypto_ecdh_ecdsa.c27
-rw-r--r--src/util/test_crypto_ecdh_eddsa.c24
-rw-r--r--src/util/test_crypto_ecdhe.c27
-rw-r--r--src/util/test_crypto_ecdsa.c100
-rw-r--r--src/util/test_crypto_eddsa.c108
12 files changed, 582 insertions, 681 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 4c1169f43..851a45f93 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -491,118 +491,98 @@ GNUNET_CRYPTO_eddsa_key_clear (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
491 491
492 492
493/** 493/**
494 * Create a new private key. Caller must free return value. 494 * Create a new private key.
495 * 495 *
496 * @return fresh private key 496 * @param[out] pk fresh private key
497 */ 497 */
498struct GNUNET_CRYPTO_EcdhePrivateKey * 498void
499GNUNET_CRYPTO_ecdhe_key_create () 499GNUNET_CRYPTO_ecdhe_key_create (struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
500{
501 struct GNUNET_CRYPTO_EcdhePrivateKey *priv;
502
503 priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey);
504 if (GNUNET_OK != GNUNET_CRYPTO_ecdhe_key_create2 (priv))
505 {
506 GNUNET_free (priv);
507 return NULL;
508 }
509 return priv;
510}
511
512
513/**
514 * @ingroup crypto
515 * Create a new private key. Clear with #GNUNET_CRYPTO_ecdhe_key_clear().
516 *
517 * @param[out] pk set to fresh private key;
518 * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure
519 */
520int
521GNUNET_CRYPTO_ecdhe_key_create2 (struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
522{ 500{
523 BENCHMARK_START (ecdhe_key_create); 501 BENCHMARK_START (ecdhe_key_create);
524 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, 502 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
525 pk, 503 pk,
526 sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey)); 504 sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey));
527 BENCHMARK_END (ecdhe_key_create); 505 BENCHMARK_END (ecdhe_key_create);
528 return GNUNET_OK;
529} 506}
530 507
531 508
532/** 509/**
533 * Create a new private key. Caller must free return value. 510 * Create a new private key.
534 * 511 *
535 * @return fresh private key 512 * @param[out] pk private key to initialize
536 */ 513 */
537struct GNUNET_CRYPTO_EcdsaPrivateKey * 514void
538GNUNET_CRYPTO_ecdsa_key_create () 515GNUNET_CRYPTO_ecdsa_key_create (struct GNUNET_CRYPTO_EcdsaPrivateKey *pk)
539{ 516{
540 struct GNUNET_CRYPTO_EcdsaPrivateKey *priv;
541 gcry_sexp_t priv_sexp; 517 gcry_sexp_t priv_sexp;
542 gcry_sexp_t s_keyparam; 518 gcry_sexp_t s_keyparam;
543 gcry_mpi_t d; 519 gcry_mpi_t d;
544 int rc; 520 int rc;
545 521
546 BENCHMARK_START (ecdsa_key_create); 522 BENCHMARK_START (ecdsa_key_create);
547
548 if (0 != (rc = gcry_sexp_build (&s_keyparam, 523 if (0 != (rc = gcry_sexp_build (&s_keyparam,
549 NULL, 524 NULL,
550 "(genkey(ecc(curve \"" CURVE "\")" 525 "(genkey(ecc(curve \"" CURVE "\")"
551 "(flags)))"))) 526 "(flags)))")))
552 { 527 {
553 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 528 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
554 return NULL; 529 "gcry_sexp_build",
530 rc);
531 GNUNET_assert (0);
555 } 532 }
556 if (0 != (rc = gcry_pk_genkey (&priv_sexp, s_keyparam))) 533 if (0 != (rc = gcry_pk_genkey (&priv_sexp,
534 s_keyparam)))
557 { 535 {
558 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_genkey", rc); 536 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
537 "gcry_pk_genkey",
538 rc);
559 gcry_sexp_release (s_keyparam); 539 gcry_sexp_release (s_keyparam);
560 return NULL; 540 GNUNET_assert (0);
561 } 541 }
562 gcry_sexp_release (s_keyparam); 542 gcry_sexp_release (s_keyparam);
563#if EXTRA_CHECKS 543#if EXTRA_CHECKS
564 if (0 != (rc = gcry_pk_testkey (priv_sexp))) 544 if (0 != (rc = gcry_pk_testkey (priv_sexp)))
565 { 545 {
566 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc); 546 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
547 "gcry_pk_testkey",
548 rc);
567 gcry_sexp_release (priv_sexp); 549 gcry_sexp_release (priv_sexp);
568 return NULL; 550 GNUNET_assert (0);
569 } 551 }
570#endif 552#endif
571 if (0 != (rc = key_from_sexp (&d, priv_sexp, "private-key", "d"))) 553 if (0 != (rc = key_from_sexp (&d, priv_sexp,
554 "private-key",
555 "d")))
572 { 556 {
573 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "key_from_sexp", rc); 557 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
558 "key_from_sexp",
559 rc);
574 gcry_sexp_release (priv_sexp); 560 gcry_sexp_release (priv_sexp);
575 return NULL; 561 GNUNET_assert (0);
576 } 562 }
577 gcry_sexp_release (priv_sexp); 563 gcry_sexp_release (priv_sexp);
578 priv = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); 564 GNUNET_CRYPTO_mpi_print_unsigned (pk->d,
579 GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof(priv->d), d); 565 sizeof(pk->d),
566 d);
580 gcry_mpi_release (d); 567 gcry_mpi_release (d);
581
582 BENCHMARK_END (ecdsa_key_create); 568 BENCHMARK_END (ecdsa_key_create);
583
584 return priv;
585} 569}
586 570
587 571
588/** 572/**
589 * Create a new private key. Caller must free return value. 573 * Create a new private key.
590 * 574 *
591 * @return fresh private key 575 * @param[out] pk set to fresh private key
592 */ 576 */
593struct GNUNET_CRYPTO_EddsaPrivateKey * 577void
594GNUNET_CRYPTO_eddsa_key_create () 578GNUNET_CRYPTO_eddsa_key_create (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
595{ 579{
596 struct GNUNET_CRYPTO_EddsaPrivateKey *priv;
597
598 BENCHMARK_START (eddsa_key_create); 580 BENCHMARK_START (eddsa_key_create);
599 priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey);
600 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, 581 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
601 priv, 582 pk,
602 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)); 583 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
584 // FIXME: should we not do the clamping here? Or is this done elsewhere?
603 BENCHMARK_END (eddsa_key_create); 585 BENCHMARK_END (eddsa_key_create);
604
605 return priv;
606} 586}
607 587
608 588
diff --git a/src/util/crypto_ecc_setup.c b/src/util/crypto_ecc_setup.c
index b3d410b7a..5167a33fb 100644
--- a/src/util/crypto_ecc_setup.c
+++ b/src/util/crypto_ecc_setup.c
@@ -1,6 +1,6 @@
1/* 1/*
2 This file is part of GNUnet. 2 This file is part of GNUnet.
3 Copyright (C) 2012, 2013, 2015 GNUnet e.V. 3 Copyright (C) 2012, 2013, 2015, 2020 GNUnet e.V.
4 4
5 GNUnet is free software: you can redistribute it and/or modify it 5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published 6 under the terms of the GNU Affero General Public License as published
@@ -53,375 +53,261 @@
53 53
54 54
55/** 55/**
56 * Wait for a short time (we're trying to lock a file or want 56 * Read file to @a buf. Fails if the file does not exist or
57 * to give another process a shot at finishing a disk write, etc.). 57 * does not have precisely @a buf_size bytes.
58 * Sleeps for 100ms (as that should be long enough for virtually all 58 *
59 * modern systems to context switch and allow another process to do 59 * @param filename file to read
60 * some 'real' work). 60 * @param[out] buf where to write the file contents
61 * @param buf_size number of bytes in @a buf
62 * @return #GNUNET_OK on success
61 */ 63 */
62static void 64static int
63short_wait () 65read_from_file (const char *filename,
66 void *buf,
67 size_t buf_size)
64{ 68{
65 struct GNUNET_TIME_Relative timeout; 69 int fd;
70 struct stat sb;
66 71
67 timeout = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, 100); 72 fd = open (filename,
68 (void) GNUNET_NETWORK_socket_select (NULL, NULL, NULL, timeout); 73 O_RDONLY);
74 if (-1 == fd)
75 {
76 memset (buf,
77 0,
78 buf_size);
79 return GNUNET_SYSERR;
80 }
81 if (0 != fstat (fd,
82 &sb))
83 {
84 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
85 "stat",
86 filename);
87 GNUNET_assert (0 == close (fd));
88 memset (buf,
89 0,
90 buf_size);
91 return GNUNET_SYSERR;
92 }
93 if (sb.st_size != buf_size)
94 {
95 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
96 "File `%s' has wrong size (%llu), expected %llu bytes\n",
97 filename,
98 (unsigned long long) sb.st_size,
99 (unsigned long long) buf_size);
100 GNUNET_assert (0 == close (fd));
101 memset (buf,
102 0,
103 buf_size);
104 return GNUNET_SYSERR;
105 }
106 if (buf_size !=
107 read (fd,
108 buf,
109 buf_size))
110 {
111 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
112 "read",
113 filename);
114 GNUNET_assert (0 == close (fd));
115 memset (buf,
116 0,
117 buf_size);
118 return GNUNET_SYSERR;
119 }
120 GNUNET_assert (0 == close (fd));
121 return GNUNET_OK;
69} 122}
70 123
71 124
72/** 125/**
73 * Create a new private key by reading it from a file. If the 126 * Write contents of @a buf atomically to @a filename.
74 * files does not exist, create a new key and write it to the 127 * Fail if @a filename already exists or if not exactly
75 * file. Caller must free return value. Note that this function 128 * @a buf with @a buf_size bytes could be written to
76 * can not guarantee that another process might not be trying 129 * @a filename.
77 * the same operation on the same file at the same time.
78 * If the contents of the file
79 * are invalid the old file is deleted and a fresh key is
80 * created.
81 * 130 *
82 * @param filename name of file to use to store the key 131 * @param filename where to write
83 * @return new private key, NULL on error (for example, 132 * @param buf buffer to write
84 * permission denied) 133 * @param buf_size number of bytes in @a buf to write
134 * @return #GNUNET_OK on success,
135 * #GNUNET_NO if a file existed under @a filename
136 * #GNUNET_SYSERR on failure
85 */ 137 */
86struct GNUNET_CRYPTO_EddsaPrivateKey * 138static int
87GNUNET_CRYPTO_eddsa_key_create_from_file (const char *filename) 139atomic_write_to_file (const char *filename,
140 const void *buf,
141 size_t buf_size)
88{ 142{
89 struct GNUNET_CRYPTO_EddsaPrivateKey *priv; 143 char *tmpl;
90 struct GNUNET_DISK_FileHandle *fd; 144 int fd;
91 unsigned int cnt;
92 int ec;
93 uint64_t fs;
94 ssize_t sret;
95 145
96 if (GNUNET_SYSERR == GNUNET_DISK_directory_create_for_file (filename))
97 return NULL;
98 while (GNUNET_YES != GNUNET_DISK_file_test (filename))
99 { 146 {
100 fd = 147 char *dname;
101 GNUNET_DISK_file_open (filename, 148
102 GNUNET_DISK_OPEN_WRITE | GNUNET_DISK_OPEN_CREATE 149 dname = GNUNET_strdup (filename);
103 | GNUNET_DISK_OPEN_FAILIFEXISTS, 150 GNUNET_asprintf (&tmpl,
104 GNUNET_DISK_PERM_USER_READ 151 "%s/XXXXXX",
105 | GNUNET_DISK_PERM_USER_WRITE); 152 dirname (dname));
106 if (NULL == fd) 153 GNUNET_free (dname);
107 {
108 if (EEXIST == errno)
109 {
110 if (GNUNET_YES != GNUNET_DISK_file_test (filename))
111 {
112 /* must exist but not be accessible, fail for good! */
113 if (0 != access (filename, R_OK))
114 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "access", filename);
115 else
116 GNUNET_break (0); /* what is going on!? */
117 return NULL;
118 }
119 continue;
120 }
121 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename);
122 return NULL;
123 }
124 cnt = 0;
125 while (GNUNET_YES !=
126 GNUNET_DISK_file_lock (fd,
127 0,
128 sizeof(struct GNUNET_CRYPTO_EddsaPrivateKey),
129 GNUNET_YES))
130 {
131 short_wait ();
132 if (0 == ++cnt % 10)
133 {
134 ec = errno;
135 LOG (GNUNET_ERROR_TYPE_ERROR,
136 _ ("Could not acquire lock on file `%s': %s...\n"),
137 filename,
138 strerror (ec));
139 }
140 }
141 LOG (GNUNET_ERROR_TYPE_INFO,
142 _ ("Creating a new private key. This may take a while.\n"));
143 priv = GNUNET_CRYPTO_eddsa_key_create ();
144 GNUNET_assert (NULL != priv);
145 GNUNET_assert (sizeof(*priv) ==
146 GNUNET_DISK_file_write (fd, priv, sizeof(*priv)));
147 GNUNET_DISK_file_sync (fd);
148 if (GNUNET_YES !=
149 GNUNET_DISK_file_unlock (fd,
150 0,
151 sizeof(struct GNUNET_CRYPTO_EddsaPrivateKey)))
152 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
153 GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd));
154 return priv;
155 } 154 }
156 /* key file exists already, read it! */ 155 fd = mkstemp (tmpl);
157 fd = GNUNET_DISK_file_open (filename, 156 if (-1 == fd)
158 GNUNET_DISK_OPEN_READ,
159 GNUNET_DISK_PERM_NONE);
160 if (NULL == fd)
161 { 157 {
162 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename); 158 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
163 return NULL; 159 "mkstemp",
160 tmpl);
161 GNUNET_free (tmpl);
162 return GNUNET_SYSERR;
164 } 163 }
165 cnt = 0; 164 if (0 != fchmod (fd,
166 while (1) 165 S_IRUSR))
167 { 166 {
168 if (GNUNET_YES != 167 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
169 GNUNET_DISK_file_lock (fd, 168 "chmod",
170 0, 169 tmpl);
171 sizeof(struct GNUNET_CRYPTO_EddsaPrivateKey), 170 GNUNET_assert (0 == close (fd));
172 GNUNET_NO)) 171 if (0 != unlink (tmpl))
173 { 172 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
174 if (0 == ++cnt % 60) 173 "unlink",
175 { 174 tmpl);
176 ec = errno; 175 GNUNET_free (tmpl);
177 LOG (GNUNET_ERROR_TYPE_ERROR, 176 return GNUNET_SYSERR;
178 _ ("Could not acquire lock on file `%s': %s...\n"),
179 filename,
180 strerror (ec));
181 LOG (
182 GNUNET_ERROR_TYPE_ERROR,
183 _ (
184 "This may be ok if someone is currently generating a private key.\n"));
185 }
186 short_wait ();
187 continue;
188 }
189 if (GNUNET_YES != GNUNET_DISK_file_test (filename))
190 {
191 /* eh, what!? File we opened is now gone!? */
192 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "stat", filename);
193 if (GNUNET_YES !=
194 GNUNET_DISK_file_unlock (fd,
195 0,
196 sizeof(
197 struct GNUNET_CRYPTO_EddsaPrivateKey)))
198 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
199 GNUNET_assert (GNUNET_OK == GNUNET_DISK_file_close (fd));
200
201 return NULL;
202 }
203 if (GNUNET_OK !=
204 GNUNET_DISK_file_size (filename, &fs, GNUNET_YES, GNUNET_YES))
205 fs = 0;
206 if (fs < sizeof(struct GNUNET_CRYPTO_EddsaPrivateKey))
207 {
208 /* maybe we got the read lock before the key generating
209 * process had a chance to get the write lock; give it up! */
210 if (GNUNET_YES !=
211 GNUNET_DISK_file_unlock (fd,
212 0,
213 sizeof(
214 struct GNUNET_CRYPTO_EddsaPrivateKey)))
215 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
216 if (0 == ++cnt % 10)
217 {
218 LOG (GNUNET_ERROR_TYPE_ERROR,
219 _ (
220 "When trying to read key file `%s' I found %u bytes but I need at least %u.\n"),
221 filename,
222 (unsigned int) fs,
223 (unsigned int) sizeof(struct GNUNET_CRYPTO_EddsaPrivateKey));
224 LOG (GNUNET_ERROR_TYPE_ERROR,
225 _ ("This may be ok if someone is currently generating a key.\n"));
226 }
227 short_wait (); /* wait a bit longer! */
228 continue;
229 }
230 break;
231 } 177 }
232 fs = sizeof(struct GNUNET_CRYPTO_EddsaPrivateKey); 178 if (buf_size !=
233 priv = GNUNET_malloc (fs); 179 write (fd,
234 sret = GNUNET_DISK_file_read (fd, priv, fs); 180 buf,
235 GNUNET_assert ((sret >= 0) && (fs == (size_t) sret)); 181 buf_size))
236 if (GNUNET_YES !=
237 GNUNET_DISK_file_unlock (fd,
238 0,
239 sizeof(struct GNUNET_CRYPTO_EddsaPrivateKey)))
240 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
241 GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd));
242#if CRYPTO_BUG
243 if (GNUNET_OK != check_eddsa_key (priv))
244 { 182 {
245 GNUNET_break (0); 183 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
246 GNUNET_free (priv); 184 "write",
247 return NULL; 185 tmpl);
186 GNUNET_assert (0 == close (fd));
187 if (0 != unlink (tmpl))
188 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
189 "unlink",
190 tmpl);
191 GNUNET_free (tmpl);
192 return GNUNET_SYSERR;
248 } 193 }
249#endif 194 GNUNET_assert (0 == close (fd));
250 return priv; 195
196 if (0 != link (tmpl,
197 filename))
198 {
199 if (0 != unlink (tmpl))
200 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
201 "unlink",
202 tmpl);
203 GNUNET_free (tmpl);
204 return GNUNET_NO;
205 }
206 if (0 != unlink (tmpl))
207 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
208 "unlink",
209 tmpl);
210 GNUNET_free (tmpl);
211 return GNUNET_OK;
251} 212}
252 213
253 214
254/** 215/**
255 * Create a new private key by reading it from a file. If the 216 * @ingroup crypto
256 * files does not exist, create a new key and write it to the 217 * @brief Create a new private key by reading it from a file.
257 * file. Caller must free return value. Note that this function 218 *
258 * can not guarantee that another process might not be trying 219 * If the files does not exist and @a do_create is set, creates a new key and
259 * the same operation on the same file at the same time. 220 * write it to the file.
260 * If the contents of the file 221 *
261 * are invalid the old file is deleted and a fresh key is 222 * If the contents of the file are invalid, an error is returned.
262 * created.
263 * 223 *
264 * @param filename name of file to use to store the key 224 * @param filename name of file to use to store the key
265 * @return new private key, NULL on error (for example, 225 * @param do_create should a file be created?
266 * permission denied) 226 * @param[out] pkey set to the private key from @a filename on success
227 * @return #GNUNET_OK on success, #GNUNET_NO if @a do_create was set but
228 * we found an existing file, #GNUNET_SYSERR on failure
267 */ 229 */
268struct GNUNET_CRYPTO_EcdsaPrivateKey * 230int
269GNUNET_CRYPTO_ecdsa_key_create_from_file (const char *filename) 231GNUNET_CRYPTO_eddsa_key_from_file (const char *filename,
232 int do_create,
233 struct GNUNET_CRYPTO_EddsaPrivateKey *pkey)
270{ 234{
271 struct GNUNET_CRYPTO_EcdsaPrivateKey *priv; 235 int ret;
272 struct GNUNET_DISK_FileHandle *fd; 236
273 unsigned int cnt; 237 if (GNUNET_OK ==
274 int ec; 238 read_from_file (filename,
275 uint64_t fs; 239 pkey,
276 ssize_t sret; 240 sizeof (*pkey)))
277
278 if (GNUNET_SYSERR == GNUNET_DISK_directory_create_for_file (filename))
279 return NULL;
280 while (GNUNET_YES != GNUNET_DISK_file_test (filename))
281 { 241 {
282 fd = 242 /* file existed, report that we didn't create it... */
283 GNUNET_DISK_file_open (filename, 243 return (do_create) ? GNUNET_NO : GNUNET_OK;
284 GNUNET_DISK_OPEN_WRITE | GNUNET_DISK_OPEN_CREATE
285 | GNUNET_DISK_OPEN_FAILIFEXISTS,
286 GNUNET_DISK_PERM_USER_READ
287 | GNUNET_DISK_PERM_USER_WRITE);
288 if (NULL == fd)
289 {
290 if (EEXIST == errno)
291 {
292 if (GNUNET_YES != GNUNET_DISK_file_test (filename))
293 {
294 /* must exist but not be accessible, fail for good! */
295 if (0 != access (filename, R_OK))
296 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "access", filename);
297 else
298 GNUNET_break (0); /* what is going on!? */
299 return NULL;
300 }
301 continue;
302 }
303 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename);
304 return NULL;
305 }
306 cnt = 0;
307 while (GNUNET_YES !=
308 GNUNET_DISK_file_lock (fd,
309 0,
310 sizeof(struct GNUNET_CRYPTO_EcdsaPrivateKey),
311 GNUNET_YES))
312 {
313 short_wait ();
314 if (0 == ++cnt % 10)
315 {
316 ec = errno;
317 LOG (GNUNET_ERROR_TYPE_ERROR,
318 _ ("Could not acquire lock on file `%s': %s...\n"),
319 filename,
320 strerror (ec));
321 }
322 }
323 LOG (GNUNET_ERROR_TYPE_INFO,
324 _ ("Creating a new private key. This may take a while.\n"));
325 priv = GNUNET_CRYPTO_ecdsa_key_create ();
326 GNUNET_assert (NULL != priv);
327 GNUNET_assert (sizeof(*priv) ==
328 GNUNET_DISK_file_write (fd, priv, sizeof(*priv)));
329 GNUNET_DISK_file_sync (fd);
330 if (GNUNET_YES !=
331 GNUNET_DISK_file_unlock (fd,
332 0,
333 sizeof(struct GNUNET_CRYPTO_EcdsaPrivateKey)))
334 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
335 GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd));
336 return priv;
337 } 244 }
338 /* key file exists already, read it! */ 245 GNUNET_CRYPTO_eddsa_key_create (pkey);
339 fd = GNUNET_DISK_file_open (filename, 246 ret = atomic_write_to_file (filename,
340 GNUNET_DISK_OPEN_READ, 247 pkey,
341 GNUNET_DISK_PERM_NONE); 248 sizeof (*pkey));
342 if (NULL == fd) 249 if ( (GNUNET_OK == ret) ||
250 (GNUNET_SYSERR == ret) )
251 return ret;
252 /* maybe another process succeeded in the meantime, try reading one more time */
253 if (GNUNET_OK ==
254 read_from_file (filename,
255 pkey,
256 sizeof (*pkey)))
343 { 257 {
344 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename); 258 /* file existed, report that *we* didn't create it... */
345 return NULL; 259 return (do_create) ? GNUNET_NO : GNUNET_OK;
346 } 260 }
347 cnt = 0; 261 /* give up */
348 while (1) 262 return GNUNET_SYSERR;
263}
264
265
266/**
267 * @ingroup crypto
268 * @brief Create a new private key by reading it from a file.
269 *
270 * If the files does not exist and @a do_create is set, creates a new key and
271 * write it to the file.
272 *
273 * If the contents of the file are invalid, an error is returned.
274 *
275 * @param filename name of file to use to store the key
276 * @param do_create should a file be created?
277 * @param[out] pkey set to the private key from @a filename on success
278 * @return #GNUNET_OK on success, #GNUNET_NO if @a do_create was set but
279 * we found an existing file, #GNUNET_SYSERR on failure
280 */
281int
282GNUNET_CRYPTO_ecdsa_key_from_file (const char *filename,
283 int do_create,
284 struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey)
285{
286 if (GNUNET_OK ==
287 read_from_file (filename,
288 pkey,
289 sizeof (*pkey)))
349 { 290 {
350 if (GNUNET_YES != 291 /* file existed, report that we didn't create it... */
351 GNUNET_DISK_file_lock (fd, 292 return (do_create) ? GNUNET_NO : GNUNET_OK;
352 0,
353 sizeof(struct GNUNET_CRYPTO_EcdsaPrivateKey),
354 GNUNET_NO))
355 {
356 if (0 == ++cnt % 60)
357 {
358 ec = errno;
359 LOG (GNUNET_ERROR_TYPE_ERROR,
360 _ ("Could not acquire lock on file `%s': %s...\n"),
361 filename,
362 strerror (ec));
363 LOG (
364 GNUNET_ERROR_TYPE_ERROR,
365 _ (
366 "This may be ok if someone is currently generating a private key.\n"));
367 }
368 short_wait ();
369 continue;
370 }
371 if (GNUNET_YES != GNUNET_DISK_file_test (filename))
372 {
373 /* eh, what!? File we opened is now gone!? */
374 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "stat", filename);
375 if (GNUNET_YES !=
376 GNUNET_DISK_file_unlock (fd,
377 0,
378 sizeof(
379 struct GNUNET_CRYPTO_EcdsaPrivateKey)))
380 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
381 GNUNET_assert (GNUNET_OK == GNUNET_DISK_file_close (fd));
382
383 return NULL;
384 }
385 if (GNUNET_OK !=
386 GNUNET_DISK_file_size (filename, &fs, GNUNET_YES, GNUNET_YES))
387 fs = 0;
388 if (fs < sizeof(struct GNUNET_CRYPTO_EcdsaPrivateKey))
389 {
390 /* maybe we got the read lock before the key generating
391 * process had a chance to get the write lock; give it up! */
392 if (GNUNET_YES !=
393 GNUNET_DISK_file_unlock (fd,
394 0,
395 sizeof(
396 struct GNUNET_CRYPTO_EcdsaPrivateKey)))
397 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
398 if (0 == ++cnt % 10)
399 {
400 LOG (GNUNET_ERROR_TYPE_ERROR,
401 _ (
402 "When trying to read key file `%s' I found %u bytes but I need at least %u.\n"),
403 filename,
404 (unsigned int) fs,
405 (unsigned int) sizeof(struct GNUNET_CRYPTO_EcdsaPrivateKey));
406 LOG (GNUNET_ERROR_TYPE_ERROR,
407 _ ("This may be ok if someone is currently generating a key.\n"));
408 }
409 short_wait (); /* wait a bit longer! */
410 continue;
411 }
412 break;
413 } 293 }
414 fs = sizeof(struct GNUNET_CRYPTO_EcdsaPrivateKey); 294 GNUNET_CRYPTO_ecdsa_key_create (pkey);
415 priv = GNUNET_malloc (fs); 295 if (GNUNET_OK ==
416 sret = GNUNET_DISK_file_read (fd, priv, fs); 296 atomic_write_to_file (filename,
417 GNUNET_assert ((sret >= 0) && (fs == (size_t) sret)); 297 pkey,
418 if (GNUNET_YES != 298 sizeof (*pkey)))
419 GNUNET_DISK_file_unlock (fd, 299 return GNUNET_OK;
420 0, 300 /* maybe another process succeeded in the meantime, try reading one more time */
421 sizeof(struct GNUNET_CRYPTO_EcdsaPrivateKey))) 301 if (GNUNET_OK ==
422 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); 302 read_from_file (filename,
423 GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd)); 303 pkey,
424 return priv; 304 sizeof (*pkey)))
305 {
306 /* file existed, report that *we* didn't create it... */
307 return (do_create) ? GNUNET_NO : GNUNET_OK;
308 }
309 /* give up */
310 return GNUNET_SYSERR;
425} 311}
426 312
427 313
@@ -441,9 +327,15 @@ GNUNET_CRYPTO_eddsa_key_create_from_configuration (
441 char *fn; 327 char *fn;
442 328
443 if (GNUNET_OK != 329 if (GNUNET_OK !=
444 GNUNET_CONFIGURATION_get_value_filename (cfg, "PEER", "PRIVATE_KEY", &fn)) 330 GNUNET_CONFIGURATION_get_value_filename (cfg,
331 "PEER",
332 "PRIVATE_KEY",
333 &fn))
445 return NULL; 334 return NULL;
446 priv = GNUNET_CRYPTO_eddsa_key_create_from_file (fn); 335 priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey);
336 GNUNET_CRYPTO_eddsa_key_from_file (fn,
337 GNUNET_YES,
338 priv);
447 GNUNET_free (fn); 339 GNUNET_free (fn);
448 return priv; 340 return priv;
449} 341}
@@ -469,7 +361,8 @@ GNUNET_CRYPTO_get_peer_identity (const struct GNUNET_CONFIGURATION_Handle *cfg,
469 _ ("Could not load peer's private key\n")); 361 _ ("Could not load peer's private key\n"));
470 return GNUNET_SYSERR; 362 return GNUNET_SYSERR;
471 } 363 }
472 GNUNET_CRYPTO_eddsa_key_get_public (priv, &dst->public_key); 364 GNUNET_CRYPTO_eddsa_key_get_public (priv,
365 &dst->public_key);
473 GNUNET_free (priv); 366 GNUNET_free (priv);
474 return GNUNET_OK; 367 return GNUNET_OK;
475} 368}
diff --git a/src/util/disk.c b/src/util/disk.c
index b98c81e4b..9018aa955 100644
--- a/src/util/disk.c
+++ b/src/util/disk.c
@@ -1188,70 +1188,6 @@ GNUNET_DISK_file_change_owner (const char *filename, const char *user)
1188 1188
1189 1189
1190/** 1190/**
1191 * Lock a part of a file
1192 *
1193 * @param fh file handle
1194 * @param lock_start absolute position from where to lock
1195 * @param lock_end absolute position until where to lock
1196 * @param excl #GNUNET_YES for an exclusive lock
1197 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
1198 */
1199int
1200GNUNET_DISK_file_lock (struct GNUNET_DISK_FileHandle *fh,
1201 off_t lock_start,
1202 off_t lock_end,
1203 int excl)
1204{
1205 if (fh == NULL)
1206 {
1207 errno = EINVAL;
1208 return GNUNET_SYSERR;
1209 }
1210
1211 struct flock fl;
1212
1213 memset (&fl, 0, sizeof(struct flock));
1214 fl.l_type = excl ? F_WRLCK : F_RDLCK;
1215 fl.l_whence = SEEK_SET;
1216 fl.l_start = lock_start;
1217 fl.l_len = lock_end;
1218
1219 return fcntl (fh->fd, F_SETLK, &fl) != 0 ? GNUNET_SYSERR : GNUNET_OK;
1220}
1221
1222
1223/**
1224 * Unlock a part of a file
1225 *
1226 * @param fh file handle
1227 * @param unlock_start absolute position from where to unlock
1228 * @param unlock_end absolute position until where to unlock
1229 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
1230 */
1231int
1232GNUNET_DISK_file_unlock (struct GNUNET_DISK_FileHandle *fh,
1233 off_t unlock_start,
1234 off_t unlock_end)
1235{
1236 if (fh == NULL)
1237 {
1238 errno = EINVAL;
1239 return GNUNET_SYSERR;
1240 }
1241
1242 struct flock fl;
1243
1244 memset (&fl, 0, sizeof(struct flock));
1245 fl.l_type = F_UNLCK;
1246 fl.l_whence = SEEK_SET;
1247 fl.l_start = unlock_start;
1248 fl.l_len = unlock_end;
1249
1250 return fcntl (fh->fd, F_SETLK, &fl) != 0 ? GNUNET_SYSERR : GNUNET_OK;
1251}
1252
1253
1254/**
1255 * Open a file. Note that the access permissions will only be 1191 * Open a file. Note that the access permissions will only be
1256 * used if a new file is created and if the underlying operating 1192 * used if a new file is created and if the underlying operating
1257 * system supports the given permissions. 1193 * system supports the given permissions.
diff --git a/src/util/gnunet-crypto-tvg.c b/src/util/gnunet-crypto-tvg.c
index e0ef9a622..c3fead62e 100644
--- a/src/util/gnunet-crypto-tvg.c
+++ b/src/util/gnunet-crypto-tvg.c
@@ -86,50 +86,63 @@ run (void *cls,
86 display_data (" output", &hc, sizeof (struct GNUNET_HashCode)); 86 display_data (" output", &hc, sizeof (struct GNUNET_HashCode));
87 } 87 }
88 { 88 {
89 struct GNUNET_CRYPTO_EcdhePrivateKey *priv1; 89 struct GNUNET_CRYPTO_EcdhePrivateKey priv1;
90 struct GNUNET_CRYPTO_EcdhePublicKey pub1; 90 struct GNUNET_CRYPTO_EcdhePublicKey pub1;
91 struct GNUNET_CRYPTO_EcdhePrivateKey *priv2; 91 struct GNUNET_CRYPTO_EcdhePrivateKey priv2;
92 struct GNUNET_HashCode skm; 92 struct GNUNET_HashCode skm;
93 priv1 = GNUNET_CRYPTO_ecdhe_key_create (); 93
94 priv2 = GNUNET_CRYPTO_ecdhe_key_create (); 94 GNUNET_CRYPTO_ecdhe_key_create (&priv1);
95 GNUNET_CRYPTO_ecdhe_key_get_public (priv1, &pub1); 95 GNUNET_CRYPTO_ecdhe_key_create (&priv2);
96 GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecc_ecdh (priv2, &pub1, &skm)); 96 GNUNET_CRYPTO_ecdhe_key_get_public (&priv1,
97 &pub1);
98 GNUNET_assert (GNUNET_OK ==
99 GNUNET_CRYPTO_ecc_ecdh (&priv2,
100 &pub1,
101 &skm));
97 102
98 printf ("ecdhe key:\n"); 103 printf ("ecdhe key:\n");
99 display_data (" priv1", priv1, sizeof (struct 104 display_data (" priv1",
100 GNUNET_CRYPTO_EcdhePrivateKey)); 105 &priv1,
101 display_data (" pub1", &pub1, sizeof (struct 106 sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey));
102 GNUNET_CRYPTO_EcdhePublicKey)); 107 display_data (" pub1",
103 display_data (" priv2", priv2, sizeof (struct 108 &pub1,
104 GNUNET_CRYPTO_EcdhePrivateKey)); 109 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
105 display_data (" skm", &skm, sizeof (struct GNUNET_HashCode)); 110 display_data (" priv2",
106 GNUNET_free (priv1); 111 &priv2,
107 GNUNET_free (priv2); 112 sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey));
113 display_data (" skm",
114 &skm,
115 sizeof (struct GNUNET_HashCode));
108 } 116 }
109 117
110 { 118 {
111 struct GNUNET_CRYPTO_EddsaPrivateKey *priv; 119 struct GNUNET_CRYPTO_EddsaPrivateKey priv;
112 struct GNUNET_CRYPTO_EddsaPublicKey pub; 120 struct GNUNET_CRYPTO_EddsaPublicKey pub;
113 priv = GNUNET_CRYPTO_eddsa_key_create (); 121
114 GNUNET_CRYPTO_eddsa_key_get_public (priv, &pub); 122 GNUNET_CRYPTO_eddsa_key_create (&priv);
123 GNUNET_CRYPTO_eddsa_key_get_public (&priv,
124 &pub);
115 125
116 printf ("eddsa key:\n"); 126 printf ("eddsa key:\n");
117 display_data (" priv", priv, sizeof (struct 127 display_data (" priv",
118 GNUNET_CRYPTO_EddsaPrivateKey)); 128 &priv,
119 display_data (" pub", &pub, sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)); 129 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
120 GNUNET_free (priv); 130 display_data (" pub",
131 &pub,
132 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey));
121 } 133 }
122 { 134 {
123 struct GNUNET_CRYPTO_EddsaPrivateKey *priv; 135 struct GNUNET_CRYPTO_EddsaPrivateKey priv;
124 struct GNUNET_CRYPTO_EddsaPublicKey pub; 136 struct GNUNET_CRYPTO_EddsaPublicKey pub;
125 struct GNUNET_CRYPTO_EddsaSignature sig; 137 struct GNUNET_CRYPTO_EddsaSignature sig;
126 struct TestSignatureDataPS data = { 0 }; 138 struct TestSignatureDataPS data = { 0 };
127 139
128 priv = GNUNET_CRYPTO_eddsa_key_create (); 140 GNUNET_CRYPTO_eddsa_key_create (&priv);
129 GNUNET_CRYPTO_eddsa_key_get_public (priv, &pub); 141 GNUNET_CRYPTO_eddsa_key_get_public (&priv,
142 &pub);
130 data.purpose.size = htonl (sizeof (data)); 143 data.purpose.size = htonl (sizeof (data));
131 data.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST); 144 data.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
132 GNUNET_CRYPTO_eddsa_sign (priv, 145 GNUNET_CRYPTO_eddsa_sign (&priv,
133 &data, 146 &data,
134 &sig); 147 &sig);
135 GNUNET_assert (GNUNET_OK == 148 GNUNET_assert (GNUNET_OK ==
@@ -139,12 +152,18 @@ run (void *cls,
139 &pub)); 152 &pub));
140 153
141 printf ("eddsa sig:\n"); 154 printf ("eddsa sig:\n");
142 display_data (" priv", priv, sizeof (struct 155 display_data (" priv",
143 GNUNET_CRYPTO_EddsaPrivateKey)); 156 &priv,
144 display_data (" pub", &pub, sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)); 157 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
145 display_data (" data", &data, sizeof (struct TestSignatureDataPS)); 158 display_data (" pub",
146 display_data (" sig", &sig, sizeof (struct GNUNET_CRYPTO_EddsaSignature)); 159 &pub,
147 GNUNET_free (priv); 160 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey));
161 display_data (" data",
162 &data,
163 sizeof (struct TestSignatureDataPS));
164 display_data (" sig",
165 &sig,
166 sizeof (struct GNUNET_CRYPTO_EddsaSignature));
148 } 167 }
149 168
150 { 169 {
@@ -173,28 +192,34 @@ run (void *cls,
173 display_data (" out", out, out_len); 192 display_data (" out", out, out_len);
174 } 193 }
175 { 194 {
176 struct GNUNET_CRYPTO_EcdhePrivateKey *priv_ecdhe; 195 struct GNUNET_CRYPTO_EcdhePrivateKey priv_ecdhe;
177 struct GNUNET_CRYPTO_EcdhePublicKey pub_ecdhe; 196 struct GNUNET_CRYPTO_EcdhePublicKey pub_ecdhe;
178 struct GNUNET_CRYPTO_EddsaPrivateKey *priv_eddsa; 197 struct GNUNET_CRYPTO_EddsaPrivateKey priv_eddsa;
179 struct GNUNET_CRYPTO_EddsaPublicKey pub_eddsa; 198 struct GNUNET_CRYPTO_EddsaPublicKey pub_eddsa;
180 struct GNUNET_HashCode key_material; 199 struct GNUNET_HashCode key_material;
181 priv_ecdhe = GNUNET_CRYPTO_ecdhe_key_create (); 200
182 GNUNET_CRYPTO_ecdhe_key_get_public (priv_ecdhe, &pub_ecdhe); 201 GNUNET_CRYPTO_ecdhe_key_create (&priv_ecdhe);
183 priv_eddsa = GNUNET_CRYPTO_eddsa_key_create (); 202 GNUNET_CRYPTO_ecdhe_key_get_public (&priv_ecdhe, &pub_ecdhe);
184 GNUNET_CRYPTO_eddsa_key_get_public (priv_eddsa, &pub_eddsa); 203 GNUNET_CRYPTO_eddsa_key_create (&priv_eddsa);
185 GNUNET_CRYPTO_ecdh_eddsa (priv_ecdhe, &pub_eddsa, &key_material); 204 GNUNET_CRYPTO_eddsa_key_get_public (&priv_eddsa, &pub_eddsa);
205 GNUNET_CRYPTO_ecdh_eddsa (&priv_ecdhe, &pub_eddsa, &key_material);
186 206
187 printf ("eddsa_ecdh:\n"); 207 printf ("eddsa_ecdh:\n");
188 display_data (" priv_ecdhe", priv_ecdhe, sizeof (struct 208 display_data (" priv_ecdhe",
189 GNUNET_CRYPTO_EcdhePrivateKey)); 209 &priv_ecdhe,
190 display_data (" pub_ecdhe", &pub_ecdhe, sizeof (struct 210 sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey));
191 GNUNET_CRYPTO_EcdhePublicKey)); 211 display_data (" pub_ecdhe",
192 display_data (" priv_eddsa", priv_eddsa, sizeof (struct 212 &pub_ecdhe,
193 GNUNET_CRYPTO_EddsaPrivateKey)); 213 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
194 display_data (" pub_eddsa", &pub_eddsa, sizeof (struct 214 display_data (" priv_eddsa",
195 GNUNET_CRYPTO_EddsaPublicKey)); 215 &priv_eddsa,
196 display_data (" key_material", &key_material, sizeof (struct 216 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
197 GNUNET_HashCode)); 217 display_data (" pub_eddsa",
218 &pub_eddsa,
219 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey));
220 display_data (" key_material",
221 &key_material,
222 sizeof (struct GNUNET_HashCode));
198 } 223 }
199 224
200 { 225 {
diff --git a/src/util/gnunet-ecc.c b/src/util/gnunet-ecc.c
index 02d2020ad..764a507b6 100644
--- a/src/util/gnunet-ecc.c
+++ b/src/util/gnunet-ecc.c
@@ -79,7 +79,7 @@ static void
79create_keys (const char *fn, const char *prefix) 79create_keys (const char *fn, const char *prefix)
80{ 80{
81 FILE *f; 81 FILE *f;
82 struct GNUNET_CRYPTO_EddsaPrivateKey *pk; 82 struct GNUNET_CRYPTO_EddsaPrivateKey pk;
83 struct GNUNET_CRYPTO_EddsaPublicKey target_pub; 83 struct GNUNET_CRYPTO_EddsaPublicKey target_pub;
84 static char vanity[KEY_STR_LEN + 1]; 84 static char vanity[KEY_STR_LEN + 1];
85 size_t len; 85 size_t len;
@@ -141,17 +141,16 @@ create_keys (const char *fn, const char *prefix)
141 while (0 < make_keys--) 141 while (0 < make_keys--)
142 { 142 {
143 fprintf (stderr, "."); 143 fprintf (stderr, ".");
144 if (NULL == (pk = GNUNET_CRYPTO_eddsa_key_create ())) 144 GNUNET_CRYPTO_eddsa_key_create (&pk);
145 {
146 GNUNET_break (0);
147 break;
148 }
149 if (NULL != prefix) 145 if (NULL != prefix)
150 { 146 {
151 struct GNUNET_CRYPTO_EddsaPublicKey newkey; 147 struct GNUNET_CRYPTO_EddsaPublicKey newkey;
152 148
153 GNUNET_CRYPTO_eddsa_key_get_public (pk, &newkey); 149 GNUNET_CRYPTO_eddsa_key_get_public (&pk,
154 if (0 != memcmp (&target_pub, &newkey, n)) 150 &newkey);
151 if (0 != memcmp (&target_pub,
152 &newkey,
153 n))
155 { 154 {
156 make_keys++; 155 make_keys++;
157 continue; 156 continue;
@@ -169,16 +168,17 @@ create_keys (const char *fn, const char *prefix)
169 } 168 }
170 } 169 }
171 if (GNUNET_TESTING_HOSTKEYFILESIZE != 170 if (GNUNET_TESTING_HOSTKEYFILESIZE !=
172 fwrite (pk, 1, GNUNET_TESTING_HOSTKEYFILESIZE, f)) 171 fwrite (&pk,
172 1,
173 GNUNET_TESTING_HOSTKEYFILESIZE,
174 f))
173 { 175 {
174 fprintf (stderr, 176 fprintf (stderr,
175 _ ("\nFailed to write to `%s': %s\n"), 177 _ ("\nFailed to write to `%s': %s\n"),
176 fn, 178 fn,
177 strerror (errno)); 179 strerror (errno));
178 GNUNET_free (pk);
179 break; 180 break;
180 } 181 }
181 GNUNET_free (pk);
182 } 182 }
183 if (UINT_MAX == make_keys) 183 if (UINT_MAX == make_keys)
184 fprintf (stderr, _ ("\nFinished!\n")); 184 fprintf (stderr, _ ("\nFinished!\n"));
@@ -201,49 +201,75 @@ print_hex (const char *msg, const void *buf, size_t size)
201 201
202 202
203static void 203static void
204print_examples_ecdh () 204print_examples_ecdh (void)
205{ 205{
206 struct GNUNET_CRYPTO_EcdhePrivateKey *dh_priv1; 206 struct GNUNET_CRYPTO_EcdhePrivateKey dh_priv1;
207 struct GNUNET_CRYPTO_EcdhePublicKey *dh_pub1; 207 struct GNUNET_CRYPTO_EcdhePublicKey dh_pub1;
208 struct GNUNET_CRYPTO_EcdhePrivateKey *dh_priv2; 208 struct GNUNET_CRYPTO_EcdhePrivateKey dh_priv2;
209 struct GNUNET_CRYPTO_EcdhePublicKey *dh_pub2; 209 struct GNUNET_CRYPTO_EcdhePublicKey dh_pub2;
210 struct GNUNET_HashCode hash; 210 struct GNUNET_HashCode hash;
211 char buf[128]; 211 char buf[128];
212 212
213 dh_pub1 = GNUNET_new (struct GNUNET_CRYPTO_EcdhePublicKey); 213 GNUNET_CRYPTO_ecdhe_key_create (&dh_priv1);
214 dh_priv1 = GNUNET_CRYPTO_ecdhe_key_create (); 214 GNUNET_CRYPTO_ecdhe_key_create (&dh_priv2);
215 dh_pub2 = GNUNET_new (struct GNUNET_CRYPTO_EcdhePublicKey); 215 GNUNET_CRYPTO_ecdhe_key_get_public (&dh_priv1,
216 dh_priv2 = GNUNET_CRYPTO_ecdhe_key_create (); 216 &dh_pub1);
217 GNUNET_CRYPTO_ecdhe_key_get_public (dh_priv1, dh_pub1); 217 GNUNET_CRYPTO_ecdhe_key_get_public (&dh_priv2,
218 GNUNET_CRYPTO_ecdhe_key_get_public (dh_priv2, dh_pub2); 218 &dh_pub2);
219 219
220 GNUNET_assert (NULL != 220 GNUNET_assert (NULL !=
221 GNUNET_STRINGS_data_to_string (dh_priv1, 32, buf, 128)); 221 GNUNET_STRINGS_data_to_string (&dh_priv1,
222 sizeof (dh_priv1),
223 buf,
224 sizeof (buf)));
222 printf ("ECDHE key 1:\n"); 225 printf ("ECDHE key 1:\n");
223 printf ("private: %s\n", buf); 226 printf ("private: %s\n",
224 print_hex ("private(hex)", dh_priv1, sizeof *dh_priv1); 227 buf);
225 GNUNET_assert (NULL != GNUNET_STRINGS_data_to_string (dh_pub1, 32, buf, 128)); 228 print_hex ("private(hex)",
226 printf ("public: %s\n", buf); 229 &dh_priv1, sizeof (dh_priv1));
227 print_hex ("public(hex)", dh_pub1, sizeof *dh_pub1); 230 GNUNET_assert (NULL !=
231 GNUNET_STRINGS_data_to_string (&dh_pub1,
232 sizeof (dh_pub1),
233 buf,
234 sizeof (buf)));
235 printf ("public: %s\n",
236 buf);
237 print_hex ("public(hex)",
238 &dh_pub1,
239 sizeof (dh_pub1));
228 240
229 GNUNET_assert (NULL != 241 GNUNET_assert (NULL !=
230 GNUNET_STRINGS_data_to_string (dh_priv2, 32, buf, 128)); 242 GNUNET_STRINGS_data_to_string (&dh_priv2,
243 sizeof (dh_priv2),
244 buf,
245 sizeof (buf)));
231 printf ("ECDHE key 2:\n"); 246 printf ("ECDHE key 2:\n");
232 printf ("private: %s\n", buf); 247 printf ("private: %s\n", buf);
233 print_hex ("private(hex)", dh_priv2, sizeof *dh_priv2); 248 print_hex ("private(hex)",
234 GNUNET_assert (NULL != GNUNET_STRINGS_data_to_string (dh_pub2, 32, buf, 128)); 249 &dh_priv2,
250 sizeof (dh_priv2));
251 GNUNET_assert (NULL !=
252 GNUNET_STRINGS_data_to_string (&dh_pub2,
253 sizeof (dh_pub2),
254 buf,
255 sizeof (buf)));
235 printf ("public: %s\n", buf); 256 printf ("public: %s\n", buf);
236 print_hex ("public(hex)", dh_pub2, sizeof *dh_pub2); 257 print_hex ("public(hex)",
258 &dh_pub2,
259 sizeof (dh_pub2));
237 260
238 GNUNET_assert (GNUNET_OK == 261 GNUNET_assert (GNUNET_OK ==
239 GNUNET_CRYPTO_ecc_ecdh (dh_priv1, dh_pub2, &hash)); 262 GNUNET_CRYPTO_ecc_ecdh (&dh_priv1,
240 GNUNET_assert (NULL != GNUNET_STRINGS_data_to_string (&hash, 64, buf, 128)); 263 &dh_pub2,
241 printf ("ECDH shared secret: %s\n", buf); 264 &hash));
242 265 GNUNET_assert (NULL !=
243 GNUNET_free (dh_priv1); 266 GNUNET_STRINGS_data_to_string (&hash,
244 GNUNET_free (dh_priv2); 267 sizeof (hash),
245 GNUNET_free (dh_pub1); 268 buf,
246 GNUNET_free (dh_pub2); 269 sizeof (buf)));
270 printf ("ECDH shared secret: %s\n",
271 buf);
272
247} 273}
248 274
249 275
@@ -251,7 +277,7 @@ print_examples_ecdh ()
251 * Print some random example operations to stdout. 277 * Print some random example operations to stdout.
252 */ 278 */
253static void 279static void
254print_examples () 280print_examples (void)
255{ 281{
256 print_examples_ecdh (); 282 print_examples_ecdh ();
257 // print_examples_ecdsa (); 283 // print_examples_ecdsa ();
diff --git a/src/util/gnunet-scrypt.c b/src/util/gnunet-scrypt.c
index bc8ce83c0..8c46136b9 100644
--- a/src/util/gnunet-scrypt.c
+++ b/src/util/gnunet-scrypt.c
@@ -174,7 +174,7 @@ run (void *cls,
174 const char *cfgfile, 174 const char *cfgfile,
175 const struct GNUNET_CONFIGURATION_Handle *config) 175 const struct GNUNET_CONFIGURATION_Handle *config)
176{ 176{
177 struct GNUNET_CRYPTO_EddsaPrivateKey *pk; 177 struct GNUNET_CRYPTO_EddsaPrivateKey pk;
178 char *pids; 178 char *pids;
179 179
180 (void) cls; 180 (void) cls;
@@ -214,15 +214,18 @@ run (void *cls,
214 } 214 }
215 } 215 }
216 GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Private Key file: %s\n", pkfn); 216 GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Private Key file: %s\n", pkfn);
217 if (NULL == (pk = GNUNET_CRYPTO_eddsa_key_create_from_file (pkfn))) 217 if (GNUNET_SYSERR ==
218 GNUNET_CRYPTO_eddsa_key_from_file (pkfn,
219 GNUNET_YES,
220 &pk))
218 { 221 {
219 fprintf (stderr, _ ("Loading hostkey from `%s' failed.\n"), pkfn); 222 fprintf (stderr, _ ("Loading hostkey from `%s' failed.\n"), pkfn);
220 GNUNET_free (pkfn); 223 GNUNET_free (pkfn);
221 return; 224 return;
222 } 225 }
223 GNUNET_free (pkfn); 226 GNUNET_free (pkfn);
224 GNUNET_CRYPTO_eddsa_key_get_public (pk, &pub); 227 GNUNET_CRYPTO_eddsa_key_get_public (&pk,
225 GNUNET_free (pk); 228 &pub);
226 pids = GNUNET_CRYPTO_eddsa_public_key_to_string (&pub); 229 pids = GNUNET_CRYPTO_eddsa_public_key_to_string (&pub);
227 GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Peer ID: %s\n", pids); 230 GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Peer ID: %s\n", pids);
228 GNUNET_free (pids); 231 GNUNET_free (pids);
diff --git a/src/util/os_priority.c b/src/util/os_priority.c
index 722aac872..36f0d8e30 100644
--- a/src/util/os_priority.c
+++ b/src/util/os_priority.c
@@ -975,7 +975,7 @@ GNUNET_OS_process_status (struct GNUNET_OS_Process *proc,
975 * @param proc pointer to process structure 975 * @param proc pointer to process structure
976 * @param type status type 976 * @param type status type
977 * @param code return code/signal number 977 * @param code return code/signal number
978 * @return #GNUNET_OK on success, #GNUNET_NO if the process is still running, #GNUNET_SYSERR otherwise 978 * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise
979 */ 979 */
980int 980int
981GNUNET_OS_process_wait_status (struct GNUNET_OS_Process *proc, 981GNUNET_OS_process_wait_status (struct GNUNET_OS_Process *proc,
diff --git a/src/util/test_crypto_ecdh_ecdsa.c b/src/util/test_crypto_ecdh_ecdsa.c
index 8a581ef73..3cc12de9b 100644
--- a/src/util/test_crypto_ecdh_ecdsa.c
+++ b/src/util/test_crypto_ecdh_ecdsa.c
@@ -32,39 +32,37 @@
32static int 32static int
33test_ecdh () 33test_ecdh ()
34{ 34{
35 struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_dsa; 35 struct GNUNET_CRYPTO_EcdsaPrivateKey priv_dsa;
36 struct GNUNET_CRYPTO_EcdhePrivateKey *priv_ecdh; 36 struct GNUNET_CRYPTO_EcdhePrivateKey priv_ecdh;
37 struct GNUNET_CRYPTO_EcdsaPublicKey id1; 37 struct GNUNET_CRYPTO_EcdsaPublicKey id1;
38 struct GNUNET_CRYPTO_EcdhePublicKey id2; 38 struct GNUNET_CRYPTO_EcdhePublicKey id2;
39 struct GNUNET_HashCode dh[2]; 39 struct GNUNET_HashCode dh[2];
40 40
41 /* Generate keys */ 41 /* Generate keys */
42 priv_dsa = GNUNET_CRYPTO_ecdsa_key_create (); 42 GNUNET_CRYPTO_ecdsa_key_create (&priv_dsa);
43 GNUNET_CRYPTO_ecdsa_key_get_public (priv_dsa, 43 GNUNET_CRYPTO_ecdsa_key_get_public (&priv_dsa,
44 &id1); 44 &id1);
45 for (unsigned int j = 0; j < 4; j++) 45 for (unsigned int j = 0; j < 4; j++)
46 { 46 {
47 fprintf (stderr, ","); 47 fprintf (stderr, ",");
48 priv_ecdh = GNUNET_CRYPTO_ecdhe_key_create (); 48 GNUNET_CRYPTO_ecdhe_key_create (&priv_ecdh);
49 /* Extract public keys */ 49 /* Extract public keys */
50 GNUNET_CRYPTO_ecdhe_key_get_public (priv_ecdh, 50 GNUNET_CRYPTO_ecdhe_key_get_public (&priv_ecdh,
51 &id2); 51 &id2);
52 /* Do ECDH */ 52 /* Do ECDH */
53 GNUNET_assert (GNUNET_OK == 53 GNUNET_assert (GNUNET_OK ==
54 GNUNET_CRYPTO_ecdsa_ecdh (priv_dsa, 54 GNUNET_CRYPTO_ecdsa_ecdh (&priv_dsa,
55 &id2, 55 &id2,
56 &dh[0])); 56 &dh[0]));
57 GNUNET_assert (GNUNET_OK == 57 GNUNET_assert (GNUNET_OK ==
58 GNUNET_CRYPTO_ecdh_ecdsa (priv_ecdh, 58 GNUNET_CRYPTO_ecdh_ecdsa (&priv_ecdh,
59 &id1, 59 &id1,
60 &dh[1])); 60 &dh[1]));
61 /* Check that both DH results are equal. */ 61 /* Check that both DH results are equal. */
62 GNUNET_assert (0 == memcmp (&dh[0], 62 GNUNET_assert (0 ==
63 &dh[1], 63 GNUNET_memcmp (&dh[0],
64 sizeof(struct GNUNET_HashCode))); 64 &dh[1]));
65 GNUNET_free (priv_ecdh);
66 } 65 }
67 GNUNET_free (priv_dsa);
68 return 0; 66 return 0;
69} 67}
70 68
@@ -75,8 +73,7 @@ main (int argc, char *argv[])
75 if (! gcry_check_version ("1.6.0")) 73 if (! gcry_check_version ("1.6.0"))
76 { 74 {
77 fprintf (stderr, 75 fprintf (stderr,
78 _ ( 76 "libgcrypt has not the expected version (version %s is required).\n",
79 "libgcrypt has not the expected version (version %s is required).\n"),
80 "1.6.0"); 77 "1.6.0");
81 return 0; 78 return 0;
82 } 79 }
diff --git a/src/util/test_crypto_ecdh_eddsa.c b/src/util/test_crypto_ecdh_eddsa.c
index 68f8c4671..6efd4d2fe 100644
--- a/src/util/test_crypto_ecdh_eddsa.c
+++ b/src/util/test_crypto_ecdh_eddsa.c
@@ -32,39 +32,37 @@
32static int 32static int
33test_ecdh () 33test_ecdh ()
34{ 34{
35 struct GNUNET_CRYPTO_EddsaPrivateKey *priv_dsa; 35 struct GNUNET_CRYPTO_EddsaPrivateKey priv_dsa;
36 struct GNUNET_CRYPTO_EcdhePrivateKey *priv_ecdh; 36 struct GNUNET_CRYPTO_EcdhePrivateKey priv_ecdh;
37 struct GNUNET_CRYPTO_EddsaPublicKey id1; 37 struct GNUNET_CRYPTO_EddsaPublicKey id1;
38 struct GNUNET_CRYPTO_EcdhePublicKey id2; 38 struct GNUNET_CRYPTO_EcdhePublicKey id2;
39 struct GNUNET_HashCode dh[2]; 39 struct GNUNET_HashCode dh[2];
40 40
41 /* Generate keys */ 41 /* Generate keys */
42 priv_dsa = GNUNET_CRYPTO_eddsa_key_create (); 42 GNUNET_CRYPTO_eddsa_key_create (&priv_dsa);
43 GNUNET_CRYPTO_eddsa_key_get_public (priv_dsa, 43 GNUNET_CRYPTO_eddsa_key_get_public (&priv_dsa,
44 &id1); 44 &id1);
45 for (unsigned int j = 0; j < 4; j++) 45 for (unsigned int j = 0; j < 4; j++)
46 { 46 {
47 fprintf (stderr, ","); 47 fprintf (stderr, ",");
48 priv_ecdh = GNUNET_CRYPTO_ecdhe_key_create (); 48 GNUNET_CRYPTO_ecdhe_key_create (&priv_ecdh);
49 /* Extract public keys */ 49 /* Extract public keys */
50 GNUNET_CRYPTO_ecdhe_key_get_public (priv_ecdh, 50 GNUNET_CRYPTO_ecdhe_key_get_public (&priv_ecdh,
51 &id2); 51 &id2);
52 /* Do ECDH */ 52 /* Do ECDH */
53 GNUNET_assert (GNUNET_OK == 53 GNUNET_assert (GNUNET_OK ==
54 GNUNET_CRYPTO_eddsa_ecdh (priv_dsa, 54 GNUNET_CRYPTO_eddsa_ecdh (&priv_dsa,
55 &id2, 55 &id2,
56 &dh[0])); 56 &dh[0]));
57 GNUNET_assert (GNUNET_OK == 57 GNUNET_assert (GNUNET_OK ==
58 GNUNET_CRYPTO_ecdh_eddsa (priv_ecdh, 58 GNUNET_CRYPTO_ecdh_eddsa (&priv_ecdh,
59 &id1, 59 &id1,
60 &dh[1])); 60 &dh[1]));
61 /* Check that both DH results are equal. */ 61 /* Check that both DH results are equal. */
62 GNUNET_assert (0 == memcmp (&dh[0], 62 GNUNET_assert (0 ==
63 &dh[1], 63 GNUNET_memcmp (&dh[0],
64 sizeof(struct GNUNET_HashCode))); 64 &dh[1]));
65 GNUNET_free (priv_ecdh);
66 } 65 }
67 GNUNET_free (priv_dsa);
68 return 0; 66 return 0;
69} 67}
70 68
diff --git a/src/util/test_crypto_ecdhe.c b/src/util/test_crypto_ecdhe.c
index 6f91be746..1144f1fe5 100644
--- a/src/util/test_crypto_ecdhe.c
+++ b/src/util/test_crypto_ecdhe.c
@@ -31,8 +31,8 @@
31int 31int
32main (int argc, char *argv[]) 32main (int argc, char *argv[])
33{ 33{
34 struct GNUNET_CRYPTO_EcdhePrivateKey *priv1; 34 struct GNUNET_CRYPTO_EcdhePrivateKey priv1;
35 struct GNUNET_CRYPTO_EcdhePrivateKey *priv2; 35 struct GNUNET_CRYPTO_EcdhePrivateKey priv2;
36 struct GNUNET_CRYPTO_EcdhePublicKey pub1; 36 struct GNUNET_CRYPTO_EcdhePublicKey pub1;
37 struct GNUNET_CRYPTO_EcdhePublicKey pub2; 37 struct GNUNET_CRYPTO_EcdhePublicKey pub2;
38 struct GNUNET_HashCode ecdh1; 38 struct GNUNET_HashCode ecdh1;
@@ -41,9 +41,7 @@ main (int argc, char *argv[])
41 if (! gcry_check_version ("1.6.0")) 41 if (! gcry_check_version ("1.6.0"))
42 { 42 {
43 fprintf (stderr, 43 fprintf (stderr,
44 _ 44 "libgcrypt has not the expected version (version %s is required).\n",
45 (
46 "libgcrypt has not the expected version (version %s is required).\n"),
47 "1.6.0"); 45 "1.6.0");
48 return 0; 46 return 0;
49 } 47 }
@@ -55,16 +53,15 @@ main (int argc, char *argv[])
55 { 53 {
56 fprintf (stderr, 54 fprintf (stderr,
57 "."); 55 ".");
58 priv1 = GNUNET_CRYPTO_ecdhe_key_create (); 56 GNUNET_CRYPTO_ecdhe_key_create (&priv1);
59 priv2 = GNUNET_CRYPTO_ecdhe_key_create (); 57 GNUNET_CRYPTO_ecdhe_key_create (&priv2);
60 GNUNET_CRYPTO_ecdhe_key_get_public (priv1, &pub1); 58 GNUNET_CRYPTO_ecdhe_key_get_public (&priv1, &pub1);
61 GNUNET_CRYPTO_ecdhe_key_get_public (priv2, &pub2); 59 GNUNET_CRYPTO_ecdhe_key_get_public (&priv2, &pub2);
62 GNUNET_CRYPTO_ecc_ecdh (priv1, &pub2, &ecdh1); 60 GNUNET_CRYPTO_ecc_ecdh (&priv1, &pub2, &ecdh1);
63 GNUNET_CRYPTO_ecc_ecdh (priv2, &pub1, &ecdh2); 61 GNUNET_CRYPTO_ecc_ecdh (&priv2, &pub1, &ecdh2);
64 GNUNET_assert (0 == memcmp (&ecdh1, &ecdh2, 62 GNUNET_assert (0 ==
65 sizeof(struct GNUNET_HashCode))); 63 GNUNET_memcmp (&ecdh1,
66 GNUNET_free (priv1); 64 &ecdh2));
67 GNUNET_free (priv2);
68 } 65 }
69 return 0; 66 return 0;
70} 67}
diff --git a/src/util/test_crypto_ecdsa.c b/src/util/test_crypto_ecdsa.c
index 190c58d7d..cfa236d6d 100644
--- a/src/util/test_crypto_ecdsa.c
+++ b/src/util/test_crypto_ecdsa.c
@@ -33,65 +33,74 @@
33#define PERF GNUNET_YES 33#define PERF GNUNET_YES
34 34
35 35
36static struct GNUNET_CRYPTO_EcdsaPrivateKey *key; 36static struct GNUNET_CRYPTO_EcdsaPrivateKey key;
37 37
38 38
39static int 39static int
40testSignVerify () 40testSignVerify (void)
41{ 41{
42 struct GNUNET_CRYPTO_EcdsaSignature sig; 42 struct GNUNET_CRYPTO_EcdsaSignature sig;
43 struct GNUNET_CRYPTO_EccSignaturePurpose purp; 43 struct GNUNET_CRYPTO_EccSignaturePurpose purp;
44 struct GNUNET_CRYPTO_EcdsaPublicKey pkey; 44 struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
45 int i;
46 struct GNUNET_TIME_Absolute start; 45 struct GNUNET_TIME_Absolute start;
47 int ok = GNUNET_OK; 46 int ok = GNUNET_OK;
48 47
49 fprintf (stderr, "%s", "W"); 48 fprintf (stderr, "%s", "W");
50 GNUNET_CRYPTO_ecdsa_key_get_public (key, &pkey); 49 GNUNET_CRYPTO_ecdsa_key_get_public (&key,
50 &pkey);
51 start = GNUNET_TIME_absolute_get (); 51 start = GNUNET_TIME_absolute_get ();
52 purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)); 52 purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose));
53 purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST); 53 purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
54 54
55 for (i = 0; i < ITER; i++) 55 for (unsigned int i = 0; i < ITER; i++)
56 { 56 {
57 fprintf (stderr, "%s", "."); fflush (stderr); 57 fprintf (stderr, "%s", ".");
58 fflush (stderr);
58 if (GNUNET_SYSERR == 59 if (GNUNET_SYSERR ==
59 GNUNET_CRYPTO_ecdsa_sign_ (key, &purp, &sig)) 60 GNUNET_CRYPTO_ecdsa_sign_ (&key,
61 &purp,
62 &sig))
60 { 63 {
61 fprintf (stderr, 64 fprintf (stderr,
62 "%s",
63 "GNUNET_CRYPTO_ecdsa_sign returned SYSERR\n"); 65 "GNUNET_CRYPTO_ecdsa_sign returned SYSERR\n");
64 ok = GNUNET_SYSERR; 66 ok = GNUNET_SYSERR;
65 continue; 67 continue;
66 } 68 }
67 if (GNUNET_SYSERR == 69 if (GNUNET_SYSERR ==
68 GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST, 70 GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,
69 &purp, &sig, 71 &purp,
72 &sig,
70 &pkey)) 73 &pkey))
71 { 74 {
72 printf ("GNUNET_CRYPTO_ecdsa_verify failed!\n"); 75 fprintf (stderr,
76 "GNUNET_CRYPTO_ecdsa_verify failed!\n");
73 ok = GNUNET_SYSERR; 77 ok = GNUNET_SYSERR;
74 continue; 78 continue;
75 } 79 }
76 if (GNUNET_SYSERR != 80 if (GNUNET_SYSERR !=
77 GNUNET_CRYPTO_ecdsa_verify_ ( 81 GNUNET_CRYPTO_ecdsa_verify_ (
78 GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN, 82 GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN,
79 &purp, &sig, &pkey)) 83 &purp,
84 &sig,
85 &pkey))
80 { 86 {
81 printf ("GNUNET_CRYPTO_ecdsa_verify failed to fail!\n"); 87 fprintf (stderr,
88 "GNUNET_CRYPTO_ecdsa_verify failed to fail!\n");
82 ok = GNUNET_SYSERR; 89 ok = GNUNET_SYSERR;
83 continue; 90 continue;
84 } 91 }
85 } 92 }
86 printf ("%d ECDSA sign/verify operations %s\n", ITER, 93 printf ("%d ECDSA sign/verify operations %s\n",
94 ITER,
87 GNUNET_STRINGS_relative_time_to_string ( 95 GNUNET_STRINGS_relative_time_to_string (
88 GNUNET_TIME_absolute_get_duration (start), GNUNET_YES)); 96 GNUNET_TIME_absolute_get_duration (start),
97 GNUNET_YES));
89 return ok; 98 return ok;
90} 99}
91 100
92 101
93static int 102static int
94testDeriveSignVerify () 103testDeriveSignVerify (void)
95{ 104{
96 struct GNUNET_CRYPTO_EcdsaSignature sig; 105 struct GNUNET_CRYPTO_EcdsaSignature sig;
97 struct GNUNET_CRYPTO_EccSignaturePurpose purp; 106 struct GNUNET_CRYPTO_EccSignaturePurpose purp;
@@ -99,15 +108,22 @@ testDeriveSignVerify ()
99 struct GNUNET_CRYPTO_EcdsaPublicKey pkey; 108 struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
100 struct GNUNET_CRYPTO_EcdsaPublicKey dpub; 109 struct GNUNET_CRYPTO_EcdsaPublicKey dpub;
101 110
102 dpriv = GNUNET_CRYPTO_ecdsa_private_key_derive (key, "test-derive", 111 dpriv = GNUNET_CRYPTO_ecdsa_private_key_derive (&key,
112 "test-derive",
103 "test-CTX"); 113 "test-CTX");
104 GNUNET_CRYPTO_ecdsa_key_get_public (key, &pkey); 114 GNUNET_CRYPTO_ecdsa_key_get_public (&key,
105 GNUNET_CRYPTO_ecdsa_public_key_derive (&pkey, "test-derive", "test-CTX", 115 &pkey);
116 GNUNET_CRYPTO_ecdsa_public_key_derive (&pkey,
117 "test-derive",
118 "test-CTX",
106 &dpub); 119 &dpub);
107 purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)); 120 purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose));
108 purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST); 121 purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
109 122
110 if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_sign_ (dpriv, &purp, &sig)) 123 if (GNUNET_SYSERR ==
124 GNUNET_CRYPTO_ecdsa_sign_ (dpriv,
125 &purp,
126 &sig))
111 { 127 {
112 fprintf (stderr, "%s", "GNUNET_CRYPTO_ecdsa_sign returned SYSERR\n"); 128 fprintf (stderr, "%s", "GNUNET_CRYPTO_ecdsa_sign returned SYSERR\n");
113 GNUNET_free (dpriv); 129 GNUNET_free (dpriv);
@@ -115,27 +131,34 @@ testDeriveSignVerify ()
115 } 131 }
116 if (GNUNET_SYSERR == 132 if (GNUNET_SYSERR ==
117 GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST, 133 GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,
118 &purp, &sig, 134 &purp,
135 &sig,
119 &dpub)) 136 &dpub))
120 { 137 {
121 printf ("GNUNET_CRYPTO_ecdsa_verify failed!\n"); 138 fprintf (stderr,
139 "GNUNET_CRYPTO_ecdsa_verify failed!\n");
122 GNUNET_free (dpriv); 140 GNUNET_free (dpriv);
123 return GNUNET_SYSERR; 141 return GNUNET_SYSERR;
124 } 142 }
125 if (GNUNET_SYSERR != 143 if (GNUNET_SYSERR !=
126 GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST, 144 GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,
127 &purp, &sig, 145 &purp,
146 &sig,
128 &pkey)) 147 &pkey))
129 { 148 {
130 printf ("GNUNET_CRYPTO_ecdsa_verify failed to fail!\n"); 149 fprintf (stderr,
150 "GNUNET_CRYPTO_ecdsa_verify failed to fail!\n");
131 GNUNET_free (dpriv); 151 GNUNET_free (dpriv);
132 return GNUNET_SYSERR; 152 return GNUNET_SYSERR;
133 } 153 }
134 if (GNUNET_SYSERR != 154 if (GNUNET_SYSERR !=
135 GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN, 155 GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN,
136 &purp, &sig, &dpub)) 156 &purp,
157 &sig,
158 &dpub))
137 { 159 {
138 printf ("GNUNET_CRYPTO_ecdsa_verify failed to fail!\n"); 160 fprintf (stderr,
161 "GNUNET_CRYPTO_ecdsa_verify failed to fail!\n");
139 GNUNET_free (dpriv); 162 GNUNET_free (dpriv);
140 return GNUNET_SYSERR; 163 return GNUNET_SYSERR;
141 } 164 }
@@ -146,7 +169,7 @@ testDeriveSignVerify ()
146 169
147#if PERF 170#if PERF
148static int 171static int
149testSignPerformance () 172testSignPerformance (void)
150{ 173{
151 struct GNUNET_CRYPTO_EccSignaturePurpose purp; 174 struct GNUNET_CRYPTO_EccSignaturePurpose purp;
152 struct GNUNET_CRYPTO_EcdsaSignature sig; 175 struct GNUNET_CRYPTO_EcdsaSignature sig;
@@ -183,26 +206,24 @@ testSignPerformance ()
183 206
184 207
185static void 208static void
186perf_keygen () 209perf_keygen (void)
187{ 210{
188 struct GNUNET_TIME_Absolute start; 211 struct GNUNET_TIME_Absolute start;
189 struct GNUNET_CRYPTO_EcdsaPrivateKey *pk; 212 struct GNUNET_CRYPTO_EcdsaPrivateKey pk;
190 int i;
191 213
192 fprintf (stderr, "%s", "W"); 214 fprintf (stderr, "%s", "W");
193 start = GNUNET_TIME_absolute_get (); 215 start = GNUNET_TIME_absolute_get ();
194 for (i = 0; i < 10; i++) 216 for (unsigned int i = 0; i < 10; i++)
195 { 217 {
196 fprintf (stderr, "."); fflush (stderr);
197 pk = GNUNET_CRYPTO_ecdsa_key_create ();
198 GNUNET_free (pk);
199 }
200 for (; i < 25; i++)
201 fprintf (stderr, "."); 218 fprintf (stderr, ".");
219 fflush (stderr);
220 GNUNET_CRYPTO_ecdsa_key_create (&pk);
221 }
202 fflush (stderr); 222 fflush (stderr);
203 printf ("10 ECDSA keys created in %s\n", 223 printf ("10 ECDSA keys created in %s\n",
204 GNUNET_STRINGS_relative_time_to_string ( 224 GNUNET_STRINGS_relative_time_to_string (
205 GNUNET_TIME_absolute_get_duration (start), GNUNET_YES)); 225 GNUNET_TIME_absolute_get_duration (start),
226 GNUNET_YES));
206} 227}
207 228
208 229
@@ -214,16 +235,14 @@ main (int argc, char *argv[])
214 if (! gcry_check_version ("1.6.0")) 235 if (! gcry_check_version ("1.6.0"))
215 { 236 {
216 fprintf (stderr, 237 fprintf (stderr,
217 _ 238 "libgcrypt has not the expected version (version %s is required).\n",
218 (
219 "libgcrypt has not the expected version (version %s is required).\n"),
220 "1.6.0"); 239 "1.6.0");
221 return 0; 240 return 0;
222 } 241 }
223 if (getenv ("GNUNET_GCRYPT_DEBUG")) 242 if (getenv ("GNUNET_GCRYPT_DEBUG"))
224 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0); 243 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
225 GNUNET_log_setup ("test-crypto-ecc", "WARNING", NULL); 244 GNUNET_log_setup ("test-crypto-ecc", "WARNING", NULL);
226 key = GNUNET_CRYPTO_ecdsa_key_create (); 245 GNUNET_CRYPTO_ecdsa_key_create (&key);
227 if (GNUNET_OK != testDeriveSignVerify ()) 246 if (GNUNET_OK != testDeriveSignVerify ())
228 { 247 {
229 failure_count++; 248 failure_count++;
@@ -237,7 +256,6 @@ main (int argc, char *argv[])
237#endif 256#endif
238 if (GNUNET_OK != testSignVerify ()) 257 if (GNUNET_OK != testSignVerify ())
239 failure_count++; 258 failure_count++;
240 GNUNET_free (key);
241 perf_keygen (); 259 perf_keygen ();
242 260
243 if (0 != failure_count) 261 if (0 != failure_count)
diff --git a/src/util/test_crypto_eddsa.c b/src/util/test_crypto_eddsa.c
index 87990cbac..5baf696b1 100644
--- a/src/util/test_crypto_eddsa.c
+++ b/src/util/test_crypto_eddsa.c
@@ -35,11 +35,11 @@
35#define PERF GNUNET_YES 35#define PERF GNUNET_YES
36 36
37 37
38static struct GNUNET_CRYPTO_EddsaPrivateKey *key; 38static struct GNUNET_CRYPTO_EddsaPrivateKey key;
39 39
40 40
41static int 41static int
42testSignVerify () 42testSignVerify (void)
43{ 43{
44 struct GNUNET_CRYPTO_EddsaSignature sig; 44 struct GNUNET_CRYPTO_EddsaSignature sig;
45 struct GNUNET_CRYPTO_EccSignaturePurpose purp; 45 struct GNUNET_CRYPTO_EccSignaturePurpose purp;
@@ -48,7 +48,8 @@ testSignVerify ()
48 int ok = GNUNET_OK; 48 int ok = GNUNET_OK;
49 49
50 fprintf (stderr, "%s", "W"); 50 fprintf (stderr, "%s", "W");
51 GNUNET_CRYPTO_eddsa_key_get_public (key, &pkey); 51 GNUNET_CRYPTO_eddsa_key_get_public (&key,
52 &pkey);
52 start = GNUNET_TIME_absolute_get (); 53 start = GNUNET_TIME_absolute_get ();
53 purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)); 54 purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose));
54 purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST); 55 purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
@@ -56,34 +57,45 @@ testSignVerify ()
56 for (unsigned int i = 0; i < ITER; i++) 57 for (unsigned int i = 0; i < ITER; i++)
57 { 58 {
58 fprintf (stderr, "%s", "."); fflush (stderr); 59 fprintf (stderr, "%s", "."); fflush (stderr);
59 if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_sign_ (key, &purp, &sig)) 60 if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_sign_ (&key,
61 &purp,
62 &sig))
60 { 63 {
61 fprintf (stderr, "%s", "GNUNET_CRYPTO_eddsa_sign returned SYSERR\n"); 64 fprintf (stderr,
65 "GNUNET_CRYPTO_eddsa_sign returned SYSERR\n");
62 ok = GNUNET_SYSERR; 66 ok = GNUNET_SYSERR;
63 continue; 67 continue;
64 } 68 }
65 if (GNUNET_SYSERR == 69 if (GNUNET_SYSERR ==
66 GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST, &purp, &sig, 70 GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,
71 &purp,
72 &sig,
67 &pkey)) 73 &pkey))
68 { 74 {
69 printf ("GNUNET_CRYPTO_eddsa_verify failed!\n"); 75 fprintf (stderr,
76 "GNUNET_CRYPTO_eddsa_verify failed!\n");
70 ok = GNUNET_SYSERR; 77 ok = GNUNET_SYSERR;
71 continue; 78 continue;
72 } 79 }
73 if (GNUNET_SYSERR != 80 if (GNUNET_SYSERR !=
74 GNUNET_CRYPTO_eddsa_verify_ ( 81 GNUNET_CRYPTO_eddsa_verify_ (
75 GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN, 82 GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN,
76 &purp, &sig, &pkey)) 83 &purp,
84 &sig,
85 &pkey))
77 { 86 {
78 printf ("GNUNET_CRYPTO_eddsa_verify failed to fail!\n"); 87 fprintf (stderr,
88 "GNUNET_CRYPTO_eddsa_verify failed to fail!\n");
79 ok = GNUNET_SYSERR; 89 ok = GNUNET_SYSERR;
80 continue; 90 continue;
81 } 91 }
82 } 92 }
83 fprintf (stderr, "\n"); 93 fprintf (stderr, "\n");
84 printf ("%d EdDSA sign/verify operations %s\n", ITER, 94 printf ("%d EdDSA sign/verify operations %s\n",
95 ITER,
85 GNUNET_STRINGS_relative_time_to_string ( 96 GNUNET_STRINGS_relative_time_to_string (
86 GNUNET_TIME_absolute_get_duration (start), GNUNET_YES)); 97 GNUNET_TIME_absolute_get_duration (start),
98 GNUNET_YES));
87 return ok; 99 return ok;
88} 100}
89 101
@@ -101,12 +113,17 @@ testSignPerformance ()
101 purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)); 113 purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose));
102 purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST); 114 purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
103 fprintf (stderr, "%s", "W"); 115 fprintf (stderr, "%s", "W");
104 GNUNET_CRYPTO_eddsa_key_get_public (key, &pkey); 116 GNUNET_CRYPTO_eddsa_key_get_public (&key,
117 &pkey);
105 start = GNUNET_TIME_absolute_get (); 118 start = GNUNET_TIME_absolute_get ();
106 for (unsigned int i = 0; i < ITER; i++) 119 for (unsigned int i = 0; i < ITER; i++)
107 { 120 {
108 fprintf (stderr, "%s", "."); fflush (stderr); 121 fprintf (stderr, "%s", ".");
109 if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_sign_ (key, &purp, &sig)) 122 fflush (stderr);
123 if (GNUNET_SYSERR ==
124 GNUNET_CRYPTO_eddsa_sign_ (&key,
125 &purp,
126 &sig))
110 { 127 {
111 fprintf (stderr, "%s", "GNUNET_CRYPTO_eddsa_sign returned SYSERR\n"); 128 fprintf (stderr, "%s", "GNUNET_CRYPTO_eddsa_sign returned SYSERR\n");
112 ok = GNUNET_SYSERR; 129 ok = GNUNET_SYSERR;
@@ -114,7 +131,8 @@ testSignPerformance ()
114 } 131 }
115 } 132 }
116 fprintf (stderr, "\n"); 133 fprintf (stderr, "\n");
117 printf ("%d EdDSA sign operations %s\n", ITER, 134 printf ("%d EdDSA sign operations %s\n",
135 ITER,
118 GNUNET_STRINGS_relative_time_to_string ( 136 GNUNET_STRINGS_relative_time_to_string (
119 GNUNET_TIME_absolute_get_duration (start), 137 GNUNET_TIME_absolute_get_duration (start),
120 GNUNET_YES)); 138 GNUNET_YES));
@@ -126,43 +144,53 @@ testSignPerformance ()
126 144
127 145
128static int 146static int
129testCreateFromFile () 147testCreateFromFile (void)
130{ 148{
131 struct GNUNET_CRYPTO_EddsaPublicKey p1; 149 struct GNUNET_CRYPTO_EddsaPublicKey p1;
132 struct GNUNET_CRYPTO_EddsaPublicKey p2; 150 struct GNUNET_CRYPTO_EddsaPublicKey p2;
133 151
134 key = GNUNET_CRYPTO_eddsa_key_create_from_file (KEYFILE); 152 GNUNET_assert (0 <=
135 GNUNET_assert (NULL != key); 153 GNUNET_CRYPTO_eddsa_key_from_file (KEYFILE,
136 GNUNET_CRYPTO_eddsa_key_get_public (key, &p1); 154 GNUNET_YES,
137 GNUNET_free (key); 155 &key));
138 key = GNUNET_CRYPTO_eddsa_key_create_from_file (KEYFILE); 156 GNUNET_CRYPTO_eddsa_key_get_public (&key,
139 GNUNET_assert (NULL != key); 157 &p1);
140 GNUNET_CRYPTO_eddsa_key_get_public (key, &p2); 158 GNUNET_assert (GNUNET_NO ==
141 GNUNET_assert (0 == memcmp (&p1, &p2, sizeof(p1))); 159 GNUNET_CRYPTO_eddsa_key_from_file (KEYFILE,
142 GNUNET_free (key); 160 GNUNET_YES,
161 &key));
162 GNUNET_CRYPTO_eddsa_key_get_public (&key,
163 &p2);
164 GNUNET_assert (0 ==
165 GNUNET_memcmp (&p1,
166 &p2));
143 GNUNET_assert (0 == unlink (KEYFILE)); 167 GNUNET_assert (0 == unlink (KEYFILE));
144 key = GNUNET_CRYPTO_eddsa_key_create_from_file (KEYFILE); 168 GNUNET_assert (GNUNET_OK ==
145 GNUNET_assert (NULL != key); 169 GNUNET_CRYPTO_eddsa_key_from_file (KEYFILE,
146 GNUNET_CRYPTO_eddsa_key_get_public (key, &p2); 170 GNUNET_NO,
147 GNUNET_assert (0 != memcmp (&p1, &p2, sizeof(p1))); 171 &key));
148 GNUNET_free (key); 172 GNUNET_CRYPTO_eddsa_key_get_public (&key,
173 &p2);
174 GNUNET_assert (0 !=
175 GNUNET_memcmp (&p1,
176 &p2));
149 return GNUNET_OK; 177 return GNUNET_OK;
150} 178}
151 179
152 180
153static void 181static void
154perf_keygen () 182perf_keygen (void)
155{ 183{
156 struct GNUNET_TIME_Absolute start; 184 struct GNUNET_TIME_Absolute start;
157 struct GNUNET_CRYPTO_EddsaPrivateKey *pk; 185 struct GNUNET_CRYPTO_EddsaPrivateKey pk;
158 186
159 fprintf (stderr, "%s", "W"); 187 fprintf (stderr, "%s", "W");
160 start = GNUNET_TIME_absolute_get (); 188 start = GNUNET_TIME_absolute_get ();
161 for (unsigned int i = 0; i < 10; i++) 189 for (unsigned int i = 0; i < 10; i++)
162 { 190 {
163 fprintf (stderr, "."); fflush (stderr); 191 fprintf (stderr, ".");
164 pk = GNUNET_CRYPTO_eddsa_key_create (); 192 fflush (stderr);
165 GNUNET_free (pk); 193 GNUNET_CRYPTO_eddsa_key_create (&pk);
166 } 194 }
167 fprintf (stderr, "\n"); 195 fprintf (stderr, "\n");
168 printf ("10 EdDSA keys created in %s\n", 196 printf ("10 EdDSA keys created in %s\n",
@@ -179,22 +207,22 @@ main (int argc, char *argv[])
179 if (! gcry_check_version ("1.6.0")) 207 if (! gcry_check_version ("1.6.0"))
180 { 208 {
181 fprintf (stderr, 209 fprintf (stderr,
182 _ ( 210 "libgcrypt has not the expected version (version %s is required).\n",
183 "libgcrypt has not the expected version (version %s is required).\n"),
184 "1.6.0"); 211 "1.6.0");
185 return 0; 212 return 0;
186 } 213 }
187 if (getenv ("GNUNET_GCRYPT_DEBUG")) 214 if (getenv ("GNUNET_GCRYPT_DEBUG"))
188 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0); 215 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
189 GNUNET_log_setup ("test-crypto-eddsa", "WARNING", NULL); 216 GNUNET_log_setup ("test-crypto-eddsa",
190 key = GNUNET_CRYPTO_eddsa_key_create (); 217 "WARNING",
218 NULL);
219 GNUNET_CRYPTO_eddsa_key_create (&key);
191#if PERF 220#if PERF
192 if (GNUNET_OK != testSignPerformance ()) 221 if (GNUNET_OK != testSignPerformance ())
193 failure_count++; 222 failure_count++;
194#endif 223#endif
195 if (GNUNET_OK != testSignVerify ()) 224 if (GNUNET_OK != testSignVerify ())
196 failure_count++; 225 failure_count++;
197 GNUNET_free (key);
198 if (GNUNET_OK != testCreateFromFile ()) 226 if (GNUNET_OK != testCreateFromFile ())
199 failure_count++; 227 failure_count++;
200 GNUNET_assert (0 == unlink (KEYFILE)); 228 GNUNET_assert (0 == unlink (KEYFILE));
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-19 14:31:13 +0000