diff options
| author | Christian Grothoff <christian@grothoff.org> | 2013-03-04 14:09:27 +0000 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2013-03-04 14:09:27 +0000 |
| commit | dcb57a9e51e8fe7412948ec0c47d383ed390ed61 (patch) | |
| tree | 4b137f53d1959e099db77da43091973471df0dbc /src/util | |
| parent | 4022058a6325b650542ad8e5a52e167c5336eaaa (diff) | |
| download | gnunet-dcb57a9e51e8fe7412948ec0c47d383ed390ed61.tar.gz gnunet-dcb57a9e51e8fe7412948ec0c47d383ed390ed61.zip | |
add argument to GNUNET_CRYPTO_ecc_decode_key to allow testing to disable key validation
Diffstat (limited to 'src/util')
| -rw-r--r-- | src/util/crypto_ecc.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 0c9f6e134..d89989bd4 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
| @@ -325,11 +325,15 @@ GNUNET_CRYPTO_ecc_encode_key (const struct GNUNET_CRYPTO_EccPrivateKey *key) | |||
| 325 | * | 325 | * |
| 326 | * @param buf the buffer where the private key data is stored | 326 | * @param buf the buffer where the private key data is stored |
| 327 | * @param len the length of the data in 'buffer' | 327 | * @param len the length of the data in 'buffer' |
| 328 | * @param validate GNUNET_YES to validate that the key is well-formed, | ||
| 329 | * GNUNET_NO if the key comes from a totally trusted source | ||
| 330 | * and validation is considered too expensive | ||
| 328 | * @return NULL on error | 331 | * @return NULL on error |
| 329 | */ | 332 | */ |
| 330 | struct GNUNET_CRYPTO_EccPrivateKey * | 333 | struct GNUNET_CRYPTO_EccPrivateKey * |
| 331 | GNUNET_CRYPTO_ecc_decode_key (const char *buf, | 334 | GNUNET_CRYPTO_ecc_decode_key (const char *buf, |
| 332 | size_t len) | 335 | size_t len, |
| 336 | int validate) | ||
| 333 | { | 337 | { |
| 334 | struct GNUNET_CRYPTO_EccPrivateKey *ret; | 338 | struct GNUNET_CRYPTO_EccPrivateKey *ret; |
| 335 | uint16_t be; | 339 | uint16_t be; |
| @@ -350,8 +354,9 @@ GNUNET_CRYPTO_ecc_decode_key (const char *buf, | |||
| 350 | { | 354 | { |
| 351 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_scan", rc); | 355 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_scan", rc); |
| 352 | return NULL; | 356 | return NULL; |
| 353 | } | 357 | } |
| 354 | if (0 != (rc = gcry_pk_testkey (sexp))) | 358 | if ( (GNUNET_YES == validate) && |
| 359 | (0 != (rc = gcry_pk_testkey (sexp))) ) | ||
| 355 | { | 360 | { |
| 356 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc); | 361 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc); |
| 357 | return NULL; | 362 | return NULL; |
| @@ -451,7 +456,7 @@ try_read_key (const char *filename) | |||
| 451 | char enc[fs]; | 456 | char enc[fs]; |
| 452 | 457 | ||
| 453 | GNUNET_break (fs == GNUNET_DISK_file_read (fd, enc, fs)); | 458 | GNUNET_break (fs == GNUNET_DISK_file_read (fd, enc, fs)); |
| 454 | if (NULL == (ret = GNUNET_CRYPTO_ecc_decode_key ((char *) enc, fs))) | 459 | if (NULL == (ret = GNUNET_CRYPTO_ecc_decode_key ((char *) enc, fs, GNUNET_YES))) |
| 455 | { | 460 | { |
| 456 | LOG (GNUNET_ERROR_TYPE_ERROR, | 461 | LOG (GNUNET_ERROR_TYPE_ERROR, |
| 457 | _("File `%s' does not contain a valid private key (failed decode, %llu bytes). Deleting it.\n"), | 462 | _("File `%s' does not contain a valid private key (failed decode, %llu bytes). Deleting it.\n"), |
| @@ -646,7 +651,7 @@ GNUNET_CRYPTO_ecc_key_create_from_file (const char *filename) | |||
| 646 | len = ntohs (enc->size); | 651 | len = ntohs (enc->size); |
| 647 | ret = NULL; | 652 | ret = NULL; |
| 648 | if ((len > fs) || | 653 | if ((len > fs) || |
| 649 | (NULL == (ret = GNUNET_CRYPTO_ecc_decode_key ((char *) enc, len)))) | 654 | (NULL == (ret = GNUNET_CRYPTO_ecc_decode_key ((char *) enc, len, GNUNET_YES)))) |
| 650 | { | 655 | { |
| 651 | LOG (GNUNET_ERROR_TYPE_ERROR, | 656 | LOG (GNUNET_ERROR_TYPE_ERROR, |
| 652 | _("File `%s' does not contain a valid private key. Deleting it.\n"), | 657 | _("File `%s' does not contain a valid private key. Deleting it.\n"), |