diff options
author | Matthias Wachs <wachs@net.in.tum.de> | 2012-03-09 14:14:01 +0000 |
---|---|---|
committer | Matthias Wachs <wachs@net.in.tum.de> | 2012-03-09 14:14:01 +0000 |
commit | 5e828dc0248330d772913795257b3fda14fe9552 (patch) | |
tree | 362ecdb95dcb89c56a7f20d31b06efa7351fe8ba /src | |
parent | 780fdda9a42441ecf36482461ebd35e4ec5c7510 (diff) | |
download | gnunet-5e828dc0248330d772913795257b3fda14fe9552.tar.gz gnunet-5e828dc0248330d772913795257b3fda14fe9552.zip |
- changes to signing verfifying: includes block expiration
Diffstat (limited to 'src')
19 files changed, 132 insertions, 61 deletions
diff --git a/src/gns/test_gns_dht_delegated_lookup.c b/src/gns/test_gns_dht_delegated_lookup.c index 3b097a3d5..dc73c7b58 100644 --- a/src/gns/test_gns_dht_delegated_lookup.c +++ b/src/gns/test_gns_dht_delegated_lookup.c | |||
@@ -204,7 +204,8 @@ put_dht(void *cls, int32_t success, const char *emsg) | |||
204 | rd.data_size = sizeof(struct in_addr); | 204 | rd.data_size = sizeof(struct in_addr); |
205 | rd.data = web; | 205 | rd.data = web; |
206 | rd.record_type = GNUNET_DNSPARSER_TYPE_A; | 206 | rd.record_type = GNUNET_DNSPARSER_TYPE_A; |
207 | sig = GNUNET_NAMESTORE_create_signature(bob_key, TEST_RECORD_NAME, | 207 | |
208 | sig = GNUNET_NAMESTORE_create_signature(bob_key, GNUNET_TIME_absolute_get_forever(), TEST_RECORD_NAME, | ||
208 | &rd, 1); | 209 | &rd, 1); |
209 | rd_payload_length = GNUNET_NAMESTORE_records_get_size (1, &rd); | 210 | rd_payload_length = GNUNET_NAMESTORE_records_get_size (1, &rd); |
210 | nrb = GNUNET_malloc(rd_payload_length + strlen(TEST_RECORD_NAME) + 1 | 211 | nrb = GNUNET_malloc(rd_payload_length + strlen(TEST_RECORD_NAME) + 1 |
diff --git a/src/gns/test_gns_simple_shorten.c b/src/gns/test_gns_simple_shorten.c index fc0c0f1f0..4f8f57acb 100644 --- a/src/gns/test_gns_simple_shorten.c +++ b/src/gns/test_gns_simple_shorten.c | |||
@@ -254,7 +254,7 @@ do_shorten(void *cls, const struct GNUNET_PeerIdentity *id, | |||
254 | /* put alice into bobs zone */ | 254 | /* put alice into bobs zone */ |
255 | GNUNET_CRYPTO_hash(&alice_pkey, sizeof(alice_pkey), &alice_hash); | 255 | GNUNET_CRYPTO_hash(&alice_pkey, sizeof(alice_pkey), &alice_hash); |
256 | rd.data = &alice_hash; | 256 | rd.data = &alice_hash; |
257 | sig = GNUNET_NAMESTORE_create_signature(bob_key, TEST_AUTHORITY_ALICE, | 257 | sig = GNUNET_NAMESTORE_create_signature(bob_key, GNUNET_TIME_absolute_get_forever(), TEST_AUTHORITY_ALICE, |
258 | &rd, 1); | 258 | &rd, 1); |
259 | 259 | ||
260 | GNUNET_NAMESTORE_record_put (namestore_handle, | 260 | GNUNET_NAMESTORE_record_put (namestore_handle, |
@@ -272,7 +272,7 @@ do_shorten(void *cls, const struct GNUNET_PeerIdentity *id, | |||
272 | rd.data_size = sizeof(struct in_addr); | 272 | rd.data_size = sizeof(struct in_addr); |
273 | rd.data = web; | 273 | rd.data = web; |
274 | rd.record_type = GNUNET_DNSPARSER_TYPE_A; | 274 | rd.record_type = GNUNET_DNSPARSER_TYPE_A; |
275 | sig = GNUNET_NAMESTORE_create_signature(alice_key, TEST_RECORD_NAME, | 275 | sig = GNUNET_NAMESTORE_create_signature(alice_key,GNUNET_TIME_absolute_get_forever(), TEST_RECORD_NAME, |
276 | &rd, 1); | 276 | &rd, 1); |
277 | 277 | ||
278 | GNUNET_NAMESTORE_record_put (namestore_handle, | 278 | GNUNET_NAMESTORE_record_put (namestore_handle, |
@@ -290,7 +290,7 @@ do_shorten(void *cls, const struct GNUNET_PeerIdentity *id, | |||
290 | rd.record_type = GNUNET_GNS_RECORD_PSEU; | 290 | rd.record_type = GNUNET_GNS_RECORD_PSEU; |
291 | GNUNET_free(sig); | 291 | GNUNET_free(sig); |
292 | 292 | ||
293 | sig = GNUNET_NAMESTORE_create_signature(alice_key, "", | 293 | sig = GNUNET_NAMESTORE_create_signature(alice_key,GNUNET_TIME_absolute_get_forever(), "", |
294 | &rd, 1); | 294 | &rd, 1); |
295 | 295 | ||
296 | GNUNET_NAMESTORE_record_put (namestore_handle, | 296 | GNUNET_NAMESTORE_record_put (namestore_handle, |
diff --git a/src/include/gnunet_namestore_service.h b/src/include/gnunet_namestore_service.h index 29c70a179..fbc2a4b3c 100644 --- a/src/include/gnunet_namestore_service.h +++ b/src/include/gnunet_namestore_service.h | |||
@@ -206,6 +206,7 @@ GNUNET_NAMESTORE_record_put (struct GNUNET_NAMESTORE_Handle *h, | |||
206 | * to validate signatures received from the network. | 206 | * to validate signatures received from the network. |
207 | * | 207 | * |
208 | * @param public_key public key of the zone | 208 | * @param public_key public key of the zone |
209 | * @param expire block expiration | ||
209 | * @param name name that is being mapped (at most 255 characters long) | 210 | * @param name name that is being mapped (at most 255 characters long) |
210 | * @param rd_count number of entries in 'rd' array | 211 | * @param rd_count number of entries in 'rd' array |
211 | * @param rd array of records with data to store | 212 | * @param rd array of records with data to store |
@@ -214,10 +215,11 @@ GNUNET_NAMESTORE_record_put (struct GNUNET_NAMESTORE_Handle *h, | |||
214 | */ | 215 | */ |
215 | int | 216 | int |
216 | GNUNET_NAMESTORE_verify_signature (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *public_key, | 217 | GNUNET_NAMESTORE_verify_signature (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *public_key, |
217 | const char *name, | 218 | const struct GNUNET_TIME_Absolute expire, |
218 | unsigned int rd_count, | 219 | const char *name, |
219 | const struct GNUNET_NAMESTORE_RecordData *rd, | 220 | unsigned int rd_count, |
220 | const struct GNUNET_CRYPTO_RsaSignature *signature); | 221 | const struct GNUNET_NAMESTORE_RecordData *rd, |
222 | const struct GNUNET_CRYPTO_RsaSignature *signature); | ||
221 | 223 | ||
222 | 224 | ||
223 | /** | 225 | /** |
diff --git a/src/namestore/gnunet-service-namestore.c b/src/namestore/gnunet-service-namestore.c index 87ecc9018..57d2dd007 100644 --- a/src/namestore/gnunet-service-namestore.c +++ b/src/namestore/gnunet-service-namestore.c | |||
@@ -212,6 +212,21 @@ int zone_to_disk_it (void *cls, | |||
212 | } | 212 | } |
213 | 213 | ||
214 | 214 | ||
215 | struct GNUNET_TIME_Absolute | ||
216 | get_block_expiration_time (unsigned int rd_count, const struct GNUNET_NAMESTORE_RecordData *rd) | ||
217 | { | ||
218 | int c; | ||
219 | struct GNUNET_TIME_Absolute expire = GNUNET_TIME_absolute_get_forever(); | ||
220 | if (NULL == rd) | ||
221 | return GNUNET_TIME_absolute_get_zero(); | ||
222 | for (c = 0; c < rd_count; c++) | ||
223 | { | ||
224 | if (rd[c].expiration.abs_value < expire.abs_value) | ||
225 | expire = rd[c].expiration; | ||
226 | } | ||
227 | return expire; | ||
228 | } | ||
229 | |||
215 | /** | 230 | /** |
216 | * Task run during shutdown. | 231 | * Task run during shutdown. |
217 | * | 232 | * |
@@ -231,6 +246,7 @@ cleanup_task (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc) | |||
231 | snc = NULL; | 246 | snc = NULL; |
232 | 247 | ||
233 | GNUNET_CONTAINER_multihashmap_iterate(zonekeys, &zone_to_disk_it, NULL); | 248 | GNUNET_CONTAINER_multihashmap_iterate(zonekeys, &zone_to_disk_it, NULL); |
249 | GNUNET_CONTAINER_multihashmap_destroy(zonekeys); | ||
234 | 250 | ||
235 | for (nc = client_head; nc != NULL; nc = next) | 251 | for (nc = client_head; nc != NULL; nc = next) |
236 | { | 252 | { |
@@ -364,6 +380,7 @@ handle_lookup_name_it (void *cls, | |||
364 | struct GNUNET_NAMESTORE_RecordData *rd_selected = NULL; | 380 | struct GNUNET_NAMESTORE_RecordData *rd_selected = NULL; |
365 | struct GNUNET_NAMESTORE_CryptoContainer *cc; | 381 | struct GNUNET_NAMESTORE_CryptoContainer *cc; |
366 | struct GNUNET_CRYPTO_RsaSignature *signature_new = NULL; | 382 | struct GNUNET_CRYPTO_RsaSignature *signature_new = NULL; |
383 | struct GNUNET_TIME_Absolute e; | ||
367 | GNUNET_HashCode zone_key_hash; | 384 | GNUNET_HashCode zone_key_hash; |
368 | char *rd_tmp; | 385 | char *rd_tmp; |
369 | char *name_tmp; | 386 | char *name_tmp; |
@@ -435,7 +452,8 @@ handle_lookup_name_it (void *cls, | |||
435 | if (GNUNET_CONTAINER_multihashmap_contains(zonekeys, &zone_key_hash)) | 452 | if (GNUNET_CONTAINER_multihashmap_contains(zonekeys, &zone_key_hash)) |
436 | { | 453 | { |
437 | cc = GNUNET_CONTAINER_multihashmap_get(zonekeys, &zone_key_hash); | 454 | cc = GNUNET_CONTAINER_multihashmap_get(zonekeys, &zone_key_hash); |
438 | signature_new = GNUNET_NAMESTORE_create_signature(cc->privkey, name, rd, rd_count); | 455 | e = get_block_expiration_time(rd_count, rd); |
456 | signature_new = GNUNET_NAMESTORE_create_signature(cc->privkey, e, name, rd, rd_count); | ||
439 | GNUNET_assert (signature_new != NULL); | 457 | GNUNET_assert (signature_new != NULL); |
440 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating signature for name `%s' with %u records in zone `%s'\n",name, copied_elements, GNUNET_h2s(&zone_key_hash)); | 458 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating signature for name `%s' with %u records in zone `%s'\n",name, copied_elements, GNUNET_h2s(&zone_key_hash)); |
441 | authoritative = GNUNET_YES; | 459 | authoritative = GNUNET_YES; |
@@ -444,9 +462,6 @@ handle_lookup_name_it (void *cls, | |||
444 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "I am not authoritative for name `%s' in zone `%s'\n",name, GNUNET_h2s(&zone_key_hash)); | 462 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "I am not authoritative for name `%s' in zone `%s'\n",name, GNUNET_h2s(&zone_key_hash)); |
445 | } | 463 | } |
446 | 464 | ||
447 | if (rd_selected != rd) | ||
448 | GNUNET_free (rd_selected); | ||
449 | |||
450 | r_size = sizeof (struct LookupNameResponseMessage) + | 465 | r_size = sizeof (struct LookupNameResponseMessage) + |
451 | sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded) + | 466 | sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded) + |
452 | name_len + | 467 | name_len + |
@@ -460,7 +475,10 @@ handle_lookup_name_it (void *cls, | |||
460 | lnr_msg->rd_count = htons (copied_elements); | 475 | lnr_msg->rd_count = htons (copied_elements); |
461 | lnr_msg->rd_len = htons (rd_ser_len); | 476 | lnr_msg->rd_len = htons (rd_ser_len); |
462 | lnr_msg->name_len = htons (name_len); | 477 | lnr_msg->name_len = htons (name_len); |
463 | lnr_msg->expire = GNUNET_TIME_absolute_hton(expire); | 478 | lnr_msg->expire = GNUNET_TIME_absolute_hton(get_block_expiration_time(copied_elements, rd_selected)); |
479 | |||
480 | if (rd_selected != rd) | ||
481 | GNUNET_free (rd_selected); | ||
464 | 482 | ||
465 | if (zone_key != NULL) | 483 | if (zone_key != NULL) |
466 | lnr_msg->public_key = (*zone_key); | 484 | lnr_msg->public_key = (*zone_key); |
@@ -811,6 +829,7 @@ static void handle_record_create (void *cls, | |||
811 | { | 829 | { |
812 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received `%s' message\n", "NAMESTORE_RECORD_CREATE"); | 830 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received `%s' message\n", "NAMESTORE_RECORD_CREATE"); |
813 | struct GNUNET_NAMESTORE_Client *nc; | 831 | struct GNUNET_NAMESTORE_Client *nc; |
832 | struct GNUNET_NAMESTORE_CryptoContainer *cc; | ||
814 | struct CreateRecordContext crc; | 833 | struct CreateRecordContext crc; |
815 | struct GNUNET_CRYPTO_RsaPrivateKey *pkey; | 834 | struct GNUNET_CRYPTO_RsaPrivateKey *pkey; |
816 | struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub; | 835 | struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub; |
@@ -895,6 +914,19 @@ static void handle_record_create (void *cls, | |||
895 | GNUNET_CRYPTO_rsa_key_get_public(pkey, &pub); | 914 | GNUNET_CRYPTO_rsa_key_get_public(pkey, &pub); |
896 | GNUNET_CRYPTO_hash (&pub, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &pubkey_hash); | 915 | GNUNET_CRYPTO_hash (&pub, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &pubkey_hash); |
897 | 916 | ||
917 | if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains(zonekeys, &pubkey_hash)) | ||
918 | { | ||
919 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received new private key for zone `%s'\n",GNUNET_h2s(&pubkey_hash)); | ||
920 | |||
921 | cc = GNUNET_malloc (sizeof (struct GNUNET_NAMESTORE_CryptoContainer)); | ||
922 | cc->privkey = GNUNET_CRYPTO_rsa_decode_key((char *) pkey_tmp, key_len); | ||
923 | cc->pubkey = GNUNET_malloc(sizeof (pub)); | ||
924 | memcpy (cc->pubkey, &pub, sizeof(pub)); | ||
925 | cc->zone = pubkey_hash; | ||
926 | |||
927 | GNUNET_CONTAINER_multihashmap_put(zonekeys, &pubkey_hash, cc, GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY); | ||
928 | } | ||
929 | |||
898 | crc.expire = GNUNET_TIME_absolute_ntoh(rp_msg->expire); | 930 | crc.expire = GNUNET_TIME_absolute_ntoh(rp_msg->expire); |
899 | crc.res = GNUNET_SYSERR; | 931 | crc.res = GNUNET_SYSERR; |
900 | crc.pkey = pkey; | 932 | crc.pkey = pkey; |
@@ -909,6 +941,7 @@ static void handle_record_create (void *cls, | |||
909 | if (res != GNUNET_SYSERR) | 941 | if (res != GNUNET_SYSERR) |
910 | res = GNUNET_OK; | 942 | res = GNUNET_OK; |
911 | GNUNET_CRYPTO_rsa_key_free(pkey); | 943 | GNUNET_CRYPTO_rsa_key_free(pkey); |
944 | pkey = NULL; | ||
912 | 945 | ||
913 | /* Send response */ | 946 | /* Send response */ |
914 | send: | 947 | send: |
@@ -1027,6 +1060,7 @@ static void handle_record_remove (void *cls, | |||
1027 | struct GNUNET_NAMESTORE_Client *nc; | 1060 | struct GNUNET_NAMESTORE_Client *nc; |
1028 | struct RecordRemoveResponseMessage rrr_msg; | 1061 | struct RecordRemoveResponseMessage rrr_msg; |
1029 | struct GNUNET_CRYPTO_RsaPrivateKey *pkey; | 1062 | struct GNUNET_CRYPTO_RsaPrivateKey *pkey; |
1063 | struct GNUNET_NAMESTORE_CryptoContainer *cc = NULL; | ||
1030 | struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub; | 1064 | struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub; |
1031 | GNUNET_HashCode pubkey_hash; | 1065 | GNUNET_HashCode pubkey_hash; |
1032 | char * pkey_tmp = NULL; | 1066 | char * pkey_tmp = NULL; |
@@ -1120,6 +1154,18 @@ static void handle_record_remove (void *cls, | |||
1120 | GNUNET_CRYPTO_rsa_key_get_public(pkey, &pub); | 1154 | GNUNET_CRYPTO_rsa_key_get_public(pkey, &pub); |
1121 | GNUNET_CRYPTO_hash (&pub, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &pubkey_hash); | 1155 | GNUNET_CRYPTO_hash (&pub, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &pubkey_hash); |
1122 | 1156 | ||
1157 | if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains(zonekeys, &pubkey_hash)) | ||
1158 | { | ||
1159 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received new private key for zone `%s'\n",GNUNET_h2s(&pubkey_hash)); | ||
1160 | cc = GNUNET_malloc (sizeof (struct GNUNET_NAMESTORE_CryptoContainer)); | ||
1161 | cc->privkey = GNUNET_CRYPTO_rsa_decode_key((char *) pkey_tmp, key_len); | ||
1162 | cc->pubkey = GNUNET_malloc(sizeof (pub)); | ||
1163 | memcpy (cc->pubkey, &pub, sizeof(pub)); | ||
1164 | cc->zone = pubkey_hash; | ||
1165 | |||
1166 | GNUNET_CONTAINER_multihashmap_put(zonekeys, &pubkey_hash, cc, GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY); | ||
1167 | } | ||
1168 | |||
1123 | struct GNUNET_NAMESTORE_RecordData rd[rd_count]; | 1169 | struct GNUNET_NAMESTORE_RecordData rd[rd_count]; |
1124 | res = GNUNET_NAMESTORE_records_deserialize(rd_ser_len, rd_ser, rd_count, rd); | 1170 | res = GNUNET_NAMESTORE_records_deserialize(rd_ser_len, rd_ser, rd_count, rd); |
1125 | if ((res != GNUNET_OK) || (rd_count != 1)) | 1171 | if ((res != GNUNET_OK) || (rd_count != 1)) |
@@ -1334,6 +1380,7 @@ void zone_iteration_proc (void *cls, | |||
1334 | struct GNUNET_NAMESTORE_Client *nc = zi->client; | 1380 | struct GNUNET_NAMESTORE_Client *nc = zi->client; |
1335 | struct GNUNET_NAMESTORE_CryptoContainer * cc; | 1381 | struct GNUNET_NAMESTORE_CryptoContainer * cc; |
1336 | struct GNUNET_CRYPTO_RsaSignature *signature_new = NULL; | 1382 | struct GNUNET_CRYPTO_RsaSignature *signature_new = NULL; |
1383 | struct GNUNET_TIME_Absolute e; | ||
1337 | GNUNET_HashCode zone_key_hash; | 1384 | GNUNET_HashCode zone_key_hash; |
1338 | int authoritative = GNUNET_NO; | 1385 | int authoritative = GNUNET_NO; |
1339 | 1386 | ||
@@ -1393,9 +1440,11 @@ void zone_iteration_proc (void *cls, | |||
1393 | if (GNUNET_CONTAINER_multihashmap_contains(zonekeys, &zone_key_hash)) | 1440 | if (GNUNET_CONTAINER_multihashmap_contains(zonekeys, &zone_key_hash)) |
1394 | { | 1441 | { |
1395 | cc = GNUNET_CONTAINER_multihashmap_get(zonekeys, &zone_key_hash); | 1442 | cc = GNUNET_CONTAINER_multihashmap_get(zonekeys, &zone_key_hash); |
1396 | signature_new = GNUNET_NAMESTORE_create_signature(cc->privkey, name, rd, rd_count); | 1443 | e = get_block_expiration_time(rd_count, rd); |
1444 | expire = e; | ||
1445 | signature_new = GNUNET_NAMESTORE_create_signature(cc->privkey, e, name, rd, rd_count); | ||
1397 | GNUNET_assert (signature_new != NULL); | 1446 | GNUNET_assert (signature_new != NULL); |
1398 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating signature for name `%s' with %u records in zone `%s'\n",name, rd_count, GNUNET_h2s(&zone_key_hash)); | 1447 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating signature for `%s' in zone `%s' with %u records and expiration %llu\n", name, GNUNET_h2s(&zone_key_hash), rd_count, e.abs_value); |
1399 | authoritative = GNUNET_YES; | 1448 | authoritative = GNUNET_YES; |
1400 | } | 1449 | } |
1401 | 1450 | ||
diff --git a/src/namestore/namestore.h b/src/namestore/namestore.h index e0550b499..48e021f6d 100644 --- a/src/namestore/namestore.h +++ b/src/namestore/namestore.h | |||
@@ -47,9 +47,10 @@ | |||
47 | #define GNUNET_MESSAGE_TYPE_NAMESTORE_ZONE_ITERATION_STOP 448 | 47 | #define GNUNET_MESSAGE_TYPE_NAMESTORE_ZONE_ITERATION_STOP 448 |
48 | 48 | ||
49 | /** | 49 | /** |
50 | * Create a signature based on name and records | 50 | * Sign name and records |
51 | * | 51 | * |
52 | * @param key the private key | 52 | * @param key the private key |
53 | * @param expire block expiration | ||
53 | * @param name the name | 54 | * @param name the name |
54 | * @param rd record data | 55 | * @param rd record data |
55 | * @param rd_count number of records | 56 | * @param rd_count number of records |
@@ -58,9 +59,10 @@ | |||
58 | */ | 59 | */ |
59 | struct GNUNET_CRYPTO_RsaSignature * | 60 | struct GNUNET_CRYPTO_RsaSignature * |
60 | GNUNET_NAMESTORE_create_signature (const struct GNUNET_CRYPTO_RsaPrivateKey *key, | 61 | GNUNET_NAMESTORE_create_signature (const struct GNUNET_CRYPTO_RsaPrivateKey *key, |
61 | const char *name, | 62 | struct GNUNET_TIME_Absolute expire, |
62 | const struct GNUNET_NAMESTORE_RecordData *rd, | 63 | const char *name, |
63 | unsigned int rd_count); | 64 | const struct GNUNET_NAMESTORE_RecordData *rd, |
65 | unsigned int rd_count); | ||
64 | 66 | ||
65 | /** | 67 | /** |
66 | * Compares if two records are equal | 68 | * Compares if two records are equal |
diff --git a/src/namestore/namestore_api.c b/src/namestore/namestore_api.c index f1dfcc0aa..f9125d325 100644 --- a/src/namestore/namestore_api.c +++ b/src/namestore/namestore_api.c | |||
@@ -1048,6 +1048,7 @@ GNUNET_NAMESTORE_record_put (struct GNUNET_NAMESTORE_Handle *h, | |||
1048 | * to validate signatures received from the network. | 1048 | * to validate signatures received from the network. |
1049 | * | 1049 | * |
1050 | * @param public_key public key of the zone | 1050 | * @param public_key public key of the zone |
1051 | * @param expire block expiration | ||
1051 | * @param name name that is being mapped (at most 255 characters long) | 1052 | * @param name name that is being mapped (at most 255 characters long) |
1052 | * @param rd_count number of entries in 'rd' array | 1053 | * @param rd_count number of entries in 'rd' array |
1053 | * @param rd array of records with data to store | 1054 | * @param rd array of records with data to store |
@@ -1056,6 +1057,7 @@ GNUNET_NAMESTORE_record_put (struct GNUNET_NAMESTORE_Handle *h, | |||
1056 | */ | 1057 | */ |
1057 | int | 1058 | int |
1058 | GNUNET_NAMESTORE_verify_signature (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *public_key, | 1059 | GNUNET_NAMESTORE_verify_signature (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *public_key, |
1060 | const struct GNUNET_TIME_Absolute expire, | ||
1059 | const char *name, | 1061 | const char *name, |
1060 | unsigned int rd_count, | 1062 | unsigned int rd_count, |
1061 | const struct GNUNET_NAMESTORE_RecordData *rd, | 1063 | const struct GNUNET_NAMESTORE_RecordData *rd, |
@@ -1067,6 +1069,8 @@ GNUNET_NAMESTORE_verify_signature (const struct GNUNET_CRYPTO_RsaPublicKeyBinary | |||
1067 | char * name_tmp; | 1069 | char * name_tmp; |
1068 | char * rd_tmp; | 1070 | char * rd_tmp; |
1069 | struct GNUNET_CRYPTO_RsaSignaturePurpose *sig_purpose; | 1071 | struct GNUNET_CRYPTO_RsaSignaturePurpose *sig_purpose; |
1072 | struct GNUNET_TIME_AbsoluteNBO *expire_tmp; | ||
1073 | struct GNUNET_TIME_AbsoluteNBO expire_nbo = GNUNET_TIME_absolute_hton(expire); | ||
1070 | 1074 | ||
1071 | GNUNET_assert (public_key != NULL); | 1075 | GNUNET_assert (public_key != NULL); |
1072 | GNUNET_assert (name != NULL); | 1076 | GNUNET_assert (name != NULL); |
@@ -1085,11 +1089,13 @@ GNUNET_NAMESTORE_verify_signature (const struct GNUNET_CRYPTO_RsaPublicKeyBinary | |||
1085 | return GNUNET_SYSERR; | 1089 | return GNUNET_SYSERR; |
1086 | } | 1090 | } |
1087 | 1091 | ||
1088 | sig_purpose = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + rd_ser_len + name_len); | 1092 | sig_purpose = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + sizeof (struct GNUNET_TIME_AbsoluteNBO) + rd_ser_len + name_len); |
1089 | sig_purpose->size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose)+ rd_ser_len + name_len); | 1093 | sig_purpose->size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose)+ rd_ser_len + name_len); |
1090 | sig_purpose->purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); | 1094 | sig_purpose->purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); |
1091 | name_tmp = (char *) &sig_purpose[1]; | 1095 | expire_tmp = (struct GNUNET_TIME_AbsoluteNBO *) &sig_purpose[1]; |
1096 | name_tmp = (char *) &expire_tmp[1]; | ||
1092 | rd_tmp = &name_tmp[name_len]; | 1097 | rd_tmp = &name_tmp[name_len]; |
1098 | memcpy (expire_tmp, &expire_nbo, sizeof (struct GNUNET_TIME_AbsoluteNBO)); | ||
1093 | memcpy (name_tmp, name, name_len); | 1099 | memcpy (name_tmp, name, name_len); |
1094 | memcpy (rd_tmp, rd_ser, rd_ser_len); | 1100 | memcpy (rd_tmp, rd_ser, rd_ser_len); |
1095 | 1101 | ||
diff --git a/src/namestore/namestore_common.c b/src/namestore/namestore_common.c index 311388b14..b8236edf0 100644 --- a/src/namestore/namestore_common.c +++ b/src/namestore/namestore_common.c | |||
@@ -198,6 +198,7 @@ GNUNET_NAMESTORE_records_deserialize (size_t len, | |||
198 | * Sign name and records | 198 | * Sign name and records |
199 | * | 199 | * |
200 | * @param key the private key | 200 | * @param key the private key |
201 | * @param expire block expiration | ||
201 | * @param name the name | 202 | * @param name the name |
202 | * @param rd record data | 203 | * @param rd record data |
203 | * @param rd_count number of records | 204 | * @param rd_count number of records |
@@ -206,14 +207,18 @@ GNUNET_NAMESTORE_records_deserialize (size_t len, | |||
206 | */ | 207 | */ |
207 | struct GNUNET_CRYPTO_RsaSignature * | 208 | struct GNUNET_CRYPTO_RsaSignature * |
208 | GNUNET_NAMESTORE_create_signature (const struct GNUNET_CRYPTO_RsaPrivateKey *key, | 209 | GNUNET_NAMESTORE_create_signature (const struct GNUNET_CRYPTO_RsaPrivateKey *key, |
210 | struct GNUNET_TIME_Absolute expire, | ||
209 | const char *name, | 211 | const char *name, |
210 | const struct GNUNET_NAMESTORE_RecordData *rd, | 212 | const struct GNUNET_NAMESTORE_RecordData *rd, |
211 | unsigned int rd_count) | 213 | unsigned int rd_count) |
212 | { | 214 | { |
213 | struct GNUNET_CRYPTO_RsaSignature *sig = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignature)); | 215 | struct GNUNET_CRYPTO_RsaSignature *sig = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignature)); |
214 | struct GNUNET_CRYPTO_RsaSignaturePurpose *sig_purpose; | 216 | struct GNUNET_CRYPTO_RsaSignaturePurpose *sig_purpose; |
217 | struct GNUNET_TIME_AbsoluteNBO expire_nbo = GNUNET_TIME_absolute_hton(expire); | ||
215 | size_t rd_ser_len; | 218 | size_t rd_ser_len; |
216 | size_t name_len; | 219 | size_t name_len; |
220 | |||
221 | struct GNUNET_TIME_AbsoluteNBO *expire_tmp; | ||
217 | char * name_tmp; | 222 | char * name_tmp; |
218 | char * rd_tmp; | 223 | char * rd_tmp; |
219 | int res; | 224 | int res; |
@@ -230,12 +235,13 @@ GNUNET_NAMESTORE_create_signature (const struct GNUNET_CRYPTO_RsaPrivateKey *key | |||
230 | char rd_ser[rd_ser_len]; | 235 | char rd_ser[rd_ser_len]; |
231 | GNUNET_NAMESTORE_records_serialize(rd_count, rd, rd_ser_len, rd_ser); | 236 | GNUNET_NAMESTORE_records_serialize(rd_count, rd, rd_ser_len, rd_ser); |
232 | 237 | ||
233 | sig_purpose = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + rd_ser_len + name_len); | 238 | sig_purpose = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + sizeof (struct GNUNET_TIME_AbsoluteNBO) + rd_ser_len + name_len); |
234 | |||
235 | sig_purpose->size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose)+ rd_ser_len + name_len); | 239 | sig_purpose->size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose)+ rd_ser_len + name_len); |
236 | sig_purpose->purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); | 240 | sig_purpose->purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); |
237 | name_tmp = (char *) &sig_purpose[1]; | 241 | expire_tmp = (struct GNUNET_TIME_AbsoluteNBO *) &sig_purpose[1]; |
242 | name_tmp = (char *) &expire_tmp[1]; | ||
238 | rd_tmp = &name_tmp[name_len]; | 243 | rd_tmp = &name_tmp[name_len]; |
244 | memcpy (expire_tmp, &expire_nbo, sizeof (struct GNUNET_TIME_AbsoluteNBO)); | ||
239 | memcpy (name_tmp, name, name_len); | 245 | memcpy (name_tmp, name, name_len); |
240 | memcpy (rd_tmp, rd_ser, rd_ser_len); | 246 | memcpy (rd_tmp, rd_ser, rd_ser_len); |
241 | 247 | ||
diff --git a/src/namestore/test_namestore_api_create.c b/src/namestore/test_namestore_api_create.c index f42fee206..82c2d2ab5 100644 --- a/src/namestore/test_namestore_api_create.c +++ b/src/namestore/test_namestore_api_create.c | |||
@@ -176,14 +176,14 @@ void name_lookup_second_proc (void *cls, | |||
176 | } | 176 | } |
177 | } | 177 | } |
178 | 178 | ||
179 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, n, rd_count, rd, signature)) | 179 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, expire, n, rd_count, rd, signature)) |
180 | { | 180 | { |
181 | GNUNET_break (0); | 181 | GNUNET_break (0); |
182 | failed = GNUNET_YES; | 182 | failed = GNUNET_YES; |
183 | } | 183 | } |
184 | 184 | ||
185 | 185 | ||
186 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, n, rd_count, rd, signature)) | 186 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, n, rd_count, rd, signature)) |
187 | { | 187 | { |
188 | GNUNET_break (0); | 188 | GNUNET_break (0); |
189 | failed = GNUNET_YES; | 189 | failed = GNUNET_YES; |
@@ -192,7 +192,7 @@ void name_lookup_second_proc (void *cls, | |||
192 | struct GNUNET_NAMESTORE_RecordData rd_new[2]; | 192 | struct GNUNET_NAMESTORE_RecordData rd_new[2]; |
193 | rd_new[0] = *s_first_record; | 193 | rd_new[0] = *s_first_record; |
194 | rd_new[1] = *s_second_record; | 194 | rd_new[1] = *s_second_record; |
195 | s_signature_updated = GNUNET_NAMESTORE_create_signature(privkey, s_name, rd_new, 2); | 195 | s_signature_updated = GNUNET_NAMESTORE_create_signature(privkey, expire, s_name, rd_new, 2); |
196 | 196 | ||
197 | if (0 != memcmp (s_signature_updated, signature, sizeof (struct GNUNET_CRYPTO_RsaSignature))) | 197 | if (0 != memcmp (s_signature_updated, signature, sizeof (struct GNUNET_CRYPTO_RsaSignature))) |
198 | { | 198 | { |
@@ -281,7 +281,7 @@ void name_lookup_initial_proc (void *cls, | |||
281 | } | 281 | } |
282 | } | 282 | } |
283 | 283 | ||
284 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, n, rd_count, rd, signature)) | 284 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire,n, rd_count, rd, signature)) |
285 | { | 285 | { |
286 | GNUNET_break (0); | 286 | GNUNET_break (0); |
287 | failed = GNUNET_YES; | 287 | failed = GNUNET_YES; |
@@ -423,7 +423,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
423 | char rd_ser[rd_ser_len]; | 423 | char rd_ser[rd_ser_len]; |
424 | GNUNET_NAMESTORE_records_serialize(1, s_first_record, rd_ser_len, rd_ser); | 424 | GNUNET_NAMESTORE_records_serialize(1, s_first_record, rd_ser_len, rd_ser); |
425 | 425 | ||
426 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_first_record, 1); | 426 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_first_record->expiration, s_name, s_first_record, 1); |
427 | 427 | ||
428 | /* create random zone hash */ | 428 | /* create random zone hash */ |
429 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); | 429 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); |
diff --git a/src/namestore/test_namestore_api_create_update.c b/src/namestore/test_namestore_api_create_update.c index 4f8f6e05f..9e8f9c4d4 100644 --- a/src/namestore/test_namestore_api_create_update.c +++ b/src/namestore/test_namestore_api_create_update.c | |||
@@ -176,7 +176,7 @@ void name_lookup_second_proc (void *cls, | |||
176 | } | 176 | } |
177 | } | 177 | } |
178 | 178 | ||
179 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, n, rd_count, rd, signature)) | 179 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, n, rd_count, rd, signature)) |
180 | { | 180 | { |
181 | GNUNET_break (0); | 181 | GNUNET_break (0); |
182 | failed = GNUNET_YES; | 182 | failed = GNUNET_YES; |
@@ -185,7 +185,7 @@ void name_lookup_second_proc (void *cls, | |||
185 | struct GNUNET_NAMESTORE_RecordData rd_new[2]; | 185 | struct GNUNET_NAMESTORE_RecordData rd_new[2]; |
186 | rd_new[0] = *s_first_record; | 186 | rd_new[0] = *s_first_record; |
187 | rd_new[1] = *s_second_record; | 187 | rd_new[1] = *s_second_record; |
188 | s_signature_updated = GNUNET_NAMESTORE_create_signature(privkey, s_name, rd_new, 2); | 188 | s_signature_updated = GNUNET_NAMESTORE_create_signature(privkey, expire, s_name, rd_new, 2); |
189 | 189 | ||
190 | if (0 != memcmp (s_signature_updated, signature, sizeof (struct GNUNET_CRYPTO_RsaSignature))) | 190 | if (0 != memcmp (s_signature_updated, signature, sizeof (struct GNUNET_CRYPTO_RsaSignature))) |
191 | { | 191 | { |
@@ -274,7 +274,7 @@ void name_lookup_initial_proc (void *cls, | |||
274 | } | 274 | } |
275 | } | 275 | } |
276 | 276 | ||
277 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, n, rd_count, rd, signature)) | 277 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, n, rd_count, rd, signature)) |
278 | { | 278 | { |
279 | GNUNET_break (0); | 279 | GNUNET_break (0); |
280 | failed = GNUNET_YES; | 280 | failed = GNUNET_YES; |
@@ -462,7 +462,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
462 | char rd_ser[rd_ser_len]; | 462 | char rd_ser[rd_ser_len]; |
463 | GNUNET_NAMESTORE_records_serialize(1, s_first_record, rd_ser_len, rd_ser); | 463 | GNUNET_NAMESTORE_records_serialize(1, s_first_record, rd_ser_len, rd_ser); |
464 | 464 | ||
465 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_first_record, 1); | 465 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_first_record->expiration, s_name, s_first_record, 1); |
466 | 466 | ||
467 | /* create random zone hash */ | 467 | /* create random zone hash */ |
468 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); | 468 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); |
diff --git a/src/namestore/test_namestore_api_lookup.c b/src/namestore/test_namestore_api_lookup.c index 47bc9b672..4a33c6467 100644 --- a/src/namestore/test_namestore_api_lookup.c +++ b/src/namestore/test_namestore_api_lookup.c | |||
@@ -270,7 +270,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
270 | GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser); | 270 | GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser); |
271 | 271 | ||
272 | /* sign */ | 272 | /* sign */ |
273 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_rd, RECORDS); | 273 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_rd[0].expiration, s_name, s_rd, RECORDS); |
274 | 274 | ||
275 | /* create random zone hash */ | 275 | /* create random zone hash */ |
276 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); | 276 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); |
diff --git a/src/namestore/test_namestore_api_lookup_specific_type.c b/src/namestore/test_namestore_api_lookup_specific_type.c index 3facec50f..bd6a9f7d0 100644 --- a/src/namestore/test_namestore_api_lookup_specific_type.c +++ b/src/namestore/test_namestore_api_lookup_specific_type.c | |||
@@ -279,7 +279,7 @@ create_record (int count) | |||
279 | 279 | ||
280 | for (c = 0; c < RECORDS-1; c++) | 280 | for (c = 0; c < RECORDS-1; c++) |
281 | { | 281 | { |
282 | rd[c].expiration = GNUNET_TIME_absolute_get(); | 282 | rd[c].expiration = GNUNET_TIME_absolute_get_zero(); |
283 | rd[c].record_type = 1; | 283 | rd[c].record_type = 1; |
284 | rd[c].data_size = TEST_RECORD_DATALEN; | 284 | rd[c].data_size = TEST_RECORD_DATALEN; |
285 | rd[c].data = GNUNET_malloc(TEST_RECORD_DATALEN); | 285 | rd[c].data = GNUNET_malloc(TEST_RECORD_DATALEN); |
@@ -342,7 +342,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
342 | GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser); | 342 | GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser); |
343 | 343 | ||
344 | /* sign */ | 344 | /* sign */ |
345 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_rd, RECORDS); | 345 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_rd[RECORDS -1].expiration, s_name, s_rd, RECORDS); |
346 | 346 | ||
347 | /* create random zone hash */ | 347 | /* create random zone hash */ |
348 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); | 348 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); |
diff --git a/src/namestore/test_namestore_api_put.c b/src/namestore/test_namestore_api_put.c index 310c9a331..190b5cec1 100644 --- a/src/namestore/test_namestore_api_put.c +++ b/src/namestore/test_namestore_api_put.c | |||
@@ -196,7 +196,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
196 | char * s_name = "dummy.dummy.gnunet"; | 196 | char * s_name = "dummy.dummy.gnunet"; |
197 | s_rd = create_record (RECORDS); | 197 | s_rd = create_record (RECORDS); |
198 | 198 | ||
199 | signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_rd, RECORDS); | 199 | signature = GNUNET_NAMESTORE_create_signature(privkey, s_rd[0].expiration, s_name, s_rd, RECORDS); |
200 | 200 | ||
201 | GNUNET_break (s_rd != NULL); | 201 | GNUNET_break (s_rd != NULL); |
202 | GNUNET_break (s_name != NULL); | 202 | GNUNET_break (s_name != NULL); |
diff --git a/src/namestore/test_namestore_api_remove.c b/src/namestore/test_namestore_api_remove.c index 88c4771d1..3b05168c5 100644 --- a/src/namestore/test_namestore_api_remove.c +++ b/src/namestore/test_namestore_api_remove.c | |||
@@ -174,7 +174,7 @@ void name_lookup_proc (void *cls, | |||
174 | } | 174 | } |
175 | } | 175 | } |
176 | 176 | ||
177 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, n, rd_count, rd, signature)) | 177 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, n, rd_count, rd, signature)) |
178 | { | 178 | { |
179 | GNUNET_break (0); | 179 | GNUNET_break (0); |
180 | failed = GNUNET_YES; | 180 | failed = GNUNET_YES; |
@@ -251,7 +251,7 @@ create_record (int count) | |||
251 | 251 | ||
252 | for (c = 1; c < RECORDS; c++) | 252 | for (c = 1; c < RECORDS; c++) |
253 | { | 253 | { |
254 | rd[c].expiration = GNUNET_TIME_absolute_get(); | 254 | rd[c].expiration = GNUNET_TIME_absolute_get_zero(); |
255 | rd[c].record_type = TEST_RECORD_TYPE; | 255 | rd[c].record_type = TEST_RECORD_TYPE; |
256 | rd[c].data_size = TEST_RECORD_DATALEN; | 256 | rd[c].data_size = TEST_RECORD_DATALEN; |
257 | rd[c].data = GNUNET_malloc(TEST_RECORD_DATALEN); | 257 | rd[c].data = GNUNET_malloc(TEST_RECORD_DATALEN); |
@@ -306,7 +306,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
306 | GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser); | 306 | GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser); |
307 | 307 | ||
308 | /* sign */ | 308 | /* sign */ |
309 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_rd, RECORDS); | 309 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_rd[0].expiration, s_name, s_rd, RECORDS); |
310 | 310 | ||
311 | /* create random zone hash */ | 311 | /* create random zone hash */ |
312 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); | 312 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); |
diff --git a/src/namestore/test_namestore_api_remove_not_existing_record.c b/src/namestore/test_namestore_api_remove_not_existing_record.c index 431e7d1a5..bf50c6f17 100644 --- a/src/namestore/test_namestore_api_remove_not_existing_record.c +++ b/src/namestore/test_namestore_api_remove_not_existing_record.c | |||
@@ -240,7 +240,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
240 | GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser); | 240 | GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser); |
241 | 241 | ||
242 | /* sign */ | 242 | /* sign */ |
243 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_rd, RECORDS); | 243 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_rd[0].expiration, s_name, s_rd, RECORDS); |
244 | 244 | ||
245 | /* create random zone hash */ | 245 | /* create random zone hash */ |
246 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); | 246 | GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone); |
diff --git a/src/namestore/test_namestore_api_sign_verify.c b/src/namestore/test_namestore_api_sign_verify.c index 1fb479611..b9c9eec15 100644 --- a/src/namestore/test_namestore_api_sign_verify.c +++ b/src/namestore/test_namestore_api_sign_verify.c | |||
@@ -80,6 +80,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
80 | privkey = GNUNET_CRYPTO_rsa_key_create_from_file(hostkey_file); | 80 | privkey = GNUNET_CRYPTO_rsa_key_create_from_file(hostkey_file); |
81 | GNUNET_free (hostkey_file); | 81 | GNUNET_free (hostkey_file); |
82 | GNUNET_assert (privkey != NULL); | 82 | GNUNET_assert (privkey != NULL); |
83 | struct GNUNET_TIME_Absolute expire = GNUNET_TIME_absolute_get(); | ||
83 | /* get public key */ | 84 | /* get public key */ |
84 | GNUNET_CRYPTO_rsa_key_get_public(privkey, &pubkey); | 85 | GNUNET_CRYPTO_rsa_key_get_public(privkey, &pubkey); |
85 | 86 | ||
@@ -90,19 +91,19 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
90 | s_name = "dummy.dummy.gnunet"; | 91 | s_name = "dummy.dummy.gnunet"; |
91 | s_rd = create_record (RECORDS); | 92 | s_rd = create_record (RECORDS); |
92 | 93 | ||
93 | signature = GNUNET_NAMESTORE_create_signature (privkey, s_name, s_rd, RECORDS); | 94 | signature = GNUNET_NAMESTORE_create_signature (privkey, expire, s_name, s_rd, RECORDS); |
94 | GNUNET_assert (signature != NULL); | 95 | GNUNET_assert (signature != NULL); |
95 | 96 | ||
96 | res_c = GNUNET_NAMESTORE_verify_signature(&pubkey, s_name, RECORDS, s_rd, signature); | 97 | res_c = GNUNET_NAMESTORE_verify_signature(&pubkey, expire, s_name, RECORDS, s_rd, signature); |
97 | GNUNET_break (res == GNUNET_OK); | 98 | GNUNET_break (res == GNUNET_OK); |
98 | 99 | ||
99 | GNUNET_free (signature); | 100 | GNUNET_free (signature); |
100 | 101 | ||
101 | signature = GNUNET_NAMESTORE_create_signature (privkey, s_name, s_rd, RECORDS); | 102 | signature = GNUNET_NAMESTORE_create_signature (privkey, expire, s_name, s_rd, RECORDS); |
102 | GNUNET_break (signature != NULL); | 103 | GNUNET_break (signature != NULL); |
103 | 104 | ||
104 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "FYI: The next warning is intended!\n"); | 105 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "FYI: The next warning is intended!\n"); |
105 | res_w = GNUNET_NAMESTORE_verify_signature(&pubkey, s_name, RECORDS - 1, s_rd, signature); | 106 | res_w = GNUNET_NAMESTORE_verify_signature(&pubkey, expire, s_name, RECORDS - 1, s_rd, signature); |
106 | GNUNET_break (res_w == GNUNET_SYSERR); | 107 | GNUNET_break (res_w == GNUNET_SYSERR); |
107 | 108 | ||
108 | GNUNET_free (signature); | 109 | GNUNET_free (signature); |
diff --git a/src/namestore/test_namestore_api_zone_iteration.c b/src/namestore/test_namestore_api_zone_iteration.c index ffc482e0d..7433b95b0 100644 --- a/src/namestore/test_namestore_api_zone_iteration.c +++ b/src/namestore/test_namestore_api_zone_iteration.c | |||
@@ -220,8 +220,12 @@ void zone_proc (void *cls, | |||
220 | else | 220 | else |
221 | { | 221 | { |
222 | /* verify signature returned from name store */ | 222 | /* verify signature returned from name store */ |
223 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, name, rd_count, rd, signature)) | 223 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature (zone_key, expire, name, rd_count, rd, signature)) |
224 | { | 224 | { |
225 | GNUNET_HashCode zone_key_hash; | ||
226 | GNUNET_CRYPTO_hash (zone_key, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &zone_key_hash); | ||
227 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Verifying signature for `%s' in zone `%s' with %u records and expiration %llu failed\n", name, GNUNET_h2s(&zone_key_hash), rd_count, expire.abs_value); | ||
228 | |||
225 | failed = GNUNET_YES; | 229 | failed = GNUNET_YES; |
226 | GNUNET_break (0); | 230 | GNUNET_break (0); |
227 | } | 231 | } |
@@ -284,7 +288,7 @@ void zone_proc (void *cls, | |||
284 | failed = GNUNET_YES; | 288 | failed = GNUNET_YES; |
285 | GNUNET_break (0); | 289 | GNUNET_break (0); |
286 | } | 290 | } |
287 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, name, rd_count, rd, signature)) | 291 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, expire, name, rd_count, rd, signature)) |
288 | { | 292 | { |
289 | failed = GNUNET_YES; | 293 | failed = GNUNET_YES; |
290 | GNUNET_break (0); | 294 | GNUNET_break (0); |
@@ -430,7 +434,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
430 | 434 | ||
431 | GNUNET_asprintf(&s_name_1, "dummy1"); | 435 | GNUNET_asprintf(&s_name_1, "dummy1"); |
432 | s_rd_1 = create_record(1); | 436 | s_rd_1 = create_record(1); |
433 | sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_name_1, s_rd_1, 1); | 437 | sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_1->expiration, s_name_1, s_rd_1, 1); |
434 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_1, s_rd_1, &put_cont, NULL); | 438 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_1, s_rd_1, &put_cont, NULL); |
435 | 439 | ||
436 | 440 | ||
@@ -438,14 +442,14 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
438 | GNUNET_asprintf(&s_name_2, "dummy2"); | 442 | GNUNET_asprintf(&s_name_2, "dummy2"); |
439 | s_rd_2 = create_record(1); | 443 | s_rd_2 = create_record(1); |
440 | 444 | ||
441 | sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_name_2, s_rd_2, 1); | 445 | sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_2->expiration, s_name_2, s_rd_2, 1); |
442 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_2, s_rd_2, &put_cont, NULL); | 446 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_2, s_rd_2, &put_cont, NULL); |
443 | 447 | ||
444 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Created record 3\n"); | 448 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Created record 3\n"); |
445 | /* name in different zone */ | 449 | /* name in different zone */ |
446 | GNUNET_asprintf(&s_name_3, "dummy3"); | 450 | GNUNET_asprintf(&s_name_3, "dummy3"); |
447 | s_rd_3 = create_record(1); | 451 | s_rd_3 = create_record(1); |
448 | sig_3 = GNUNET_NAMESTORE_create_signature(privkey2, s_name_3, s_rd_3, 1); | 452 | sig_3 = GNUNET_NAMESTORE_create_signature(privkey2, s_rd_3->expiration, s_name_3, s_rd_3, 1); |
449 | GNUNET_NAMESTORE_record_put (nsh, &pubkey2, s_name_3, GNUNET_TIME_absolute_get_forever(), 1, s_rd_3, sig_3, &put_cont, NULL); | 453 | GNUNET_NAMESTORE_record_put (nsh, &pubkey2, s_name_3, GNUNET_TIME_absolute_get_forever(), 1, s_rd_3, sig_3, &put_cont, NULL); |
450 | } | 454 | } |
451 | 455 | ||
diff --git a/src/namestore/test_namestore_api_zone_iteration_specific_zone.c b/src/namestore/test_namestore_api_zone_iteration_specific_zone.c index 4b0ce817f..ae8e2da5c 100644 --- a/src/namestore/test_namestore_api_zone_iteration_specific_zone.c +++ b/src/namestore/test_namestore_api_zone_iteration_specific_zone.c | |||
@@ -396,7 +396,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
396 | 396 | ||
397 | GNUNET_asprintf(&s_name_1, "dummy1"); | 397 | GNUNET_asprintf(&s_name_1, "dummy1"); |
398 | s_rd_1 = create_record(1); | 398 | s_rd_1 = create_record(1); |
399 | sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_name_1, s_rd_1, 1); | 399 | sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_1[0].expiration ,s_name_1, s_rd_1, 1); |
400 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_1, s_rd_1, &put_cont, NULL); | 400 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_1, s_rd_1, &put_cont, NULL); |
401 | 401 | ||
402 | 402 | ||
@@ -404,14 +404,14 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
404 | GNUNET_asprintf(&s_name_2, "dummy2"); | 404 | GNUNET_asprintf(&s_name_2, "dummy2"); |
405 | s_rd_2 = create_record(1); | 405 | s_rd_2 = create_record(1); |
406 | 406 | ||
407 | sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_name_2, s_rd_2, 1); | 407 | sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_2[0].expiration, s_name_2, s_rd_2, 1); |
408 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_2, s_rd_2, &put_cont, NULL); | 408 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_2, s_rd_2, &put_cont, NULL); |
409 | 409 | ||
410 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Created record 3\n"); | 410 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Created record 3\n"); |
411 | /* name in different zone */ | 411 | /* name in different zone */ |
412 | GNUNET_asprintf(&s_name_3, "dummy3"); | 412 | GNUNET_asprintf(&s_name_3, "dummy3"); |
413 | s_rd_3 = create_record(1); | 413 | s_rd_3 = create_record(1); |
414 | sig_3 = GNUNET_NAMESTORE_create_signature(privkey, s_name_3, s_rd_3, 1); | 414 | sig_3 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_3[0].expiration, s_name_3, s_rd_3, 1); |
415 | GNUNET_NAMESTORE_record_put (nsh, &pubkey2, s_name_3, GNUNET_TIME_absolute_get_forever(), 1, s_rd_3, sig_3, &put_cont, NULL); | 415 | GNUNET_NAMESTORE_record_put (nsh, &pubkey2, s_name_3, GNUNET_TIME_absolute_get_forever(), 1, s_rd_3, sig_3, &put_cont, NULL); |
416 | } | 416 | } |
417 | 417 | ||
diff --git a/src/namestore/test_namestore_api_zone_iteration_stop.c b/src/namestore/test_namestore_api_zone_iteration_stop.c index 419a058fa..47b09a00c 100644 --- a/src/namestore/test_namestore_api_zone_iteration_stop.c +++ b/src/namestore/test_namestore_api_zone_iteration_stop.c | |||
@@ -226,7 +226,7 @@ void zone_proc (void *cls, | |||
226 | { | 226 | { |
227 | 227 | ||
228 | /* verify signature returned from name store */ | 228 | /* verify signature returned from name store */ |
229 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, name, rd_count, rd, signature)) | 229 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, expire, name, rd_count, rd, signature)) |
230 | { | 230 | { |
231 | failed = GNUNET_YES; | 231 | failed = GNUNET_YES; |
232 | GNUNET_break (0); | 232 | GNUNET_break (0); |
@@ -249,7 +249,7 @@ void zone_proc (void *cls, | |||
249 | failed = GNUNET_YES; | 249 | failed = GNUNET_YES; |
250 | GNUNET_break (0); | 250 | GNUNET_break (0); |
251 | } | 251 | } |
252 | if (0 != memcmp (signature, sig_1, sizeof (struct GNUNET_CRYPTO_RsaSignature))) | 252 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, s_name_1, 1, s_rd_1, signature)) |
253 | { | 253 | { |
254 | failed = GNUNET_YES; | 254 | failed = GNUNET_YES; |
255 | GNUNET_break (0); | 255 | GNUNET_break (0); |
@@ -271,7 +271,7 @@ void zone_proc (void *cls, | |||
271 | GNUNET_break (0); | 271 | GNUNET_break (0); |
272 | } | 272 | } |
273 | 273 | ||
274 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey2, s_name_2, 1, s_rd_2, signature)) | 274 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, s_name_2, 1, s_rd_2, signature)) |
275 | { | 275 | { |
276 | failed = GNUNET_YES; | 276 | failed = GNUNET_YES; |
277 | GNUNET_break (0); | 277 | GNUNET_break (0); |
@@ -292,7 +292,7 @@ void zone_proc (void *cls, | |||
292 | failed = GNUNET_YES; | 292 | failed = GNUNET_YES; |
293 | GNUNET_break (0); | 293 | GNUNET_break (0); |
294 | } | 294 | } |
295 | if (0 != memcmp (signature, sig_3, sizeof (struct GNUNET_CRYPTO_RsaSignature))) | 295 | if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey2, expire, s_name_3, 1, s_rd_3, signature)) |
296 | { | 296 | { |
297 | failed = GNUNET_YES; | 297 | failed = GNUNET_YES; |
298 | GNUNET_break (0); | 298 | GNUNET_break (0); |
@@ -446,7 +446,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
446 | 446 | ||
447 | GNUNET_asprintf(&s_name_1, "dummy1"); | 447 | GNUNET_asprintf(&s_name_1, "dummy1"); |
448 | s_rd_1 = create_record(1); | 448 | s_rd_1 = create_record(1); |
449 | sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_name_1, s_rd_1, 1); | 449 | sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_1[0].expiration, s_name_1, s_rd_1, 1); |
450 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_1, s_rd_1, &put_cont, NULL); | 450 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_1, s_rd_1, &put_cont, NULL); |
451 | 451 | ||
452 | 452 | ||
@@ -454,14 +454,14 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
454 | GNUNET_asprintf(&s_name_2, "dummy2"); | 454 | GNUNET_asprintf(&s_name_2, "dummy2"); |
455 | s_rd_2 = create_record(1); | 455 | s_rd_2 = create_record(1); |
456 | 456 | ||
457 | sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_name_2, s_rd_2, 1); | 457 | sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_2[0].expiration, s_name_2, s_rd_2, 1); |
458 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_2, s_rd_2, &put_cont, NULL); | 458 | GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_2, s_rd_2, &put_cont, NULL); |
459 | 459 | ||
460 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Created record 3\n"); | 460 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Created record 3\n"); |
461 | /* name in different zone */ | 461 | /* name in different zone */ |
462 | GNUNET_asprintf(&s_name_3, "dummy3"); | 462 | GNUNET_asprintf(&s_name_3, "dummy3"); |
463 | s_rd_3 = create_record(1); | 463 | s_rd_3 = create_record(1); |
464 | sig_3 = GNUNET_NAMESTORE_create_signature(privkey2, s_name_3, s_rd_3, 1); | 464 | sig_3 = GNUNET_NAMESTORE_create_signature(privkey2, s_rd_3[0].expiration, s_name_3, s_rd_3, 1); |
465 | GNUNET_NAMESTORE_record_put (nsh, &pubkey2, s_name_3, GNUNET_TIME_absolute_get_forever(), 1, s_rd_3, sig_3, &put_cont, NULL); | 465 | GNUNET_NAMESTORE_record_put (nsh, &pubkey2, s_name_3, GNUNET_TIME_absolute_get_forever(), 1, s_rd_3, sig_3, &put_cont, NULL); |
466 | } | 466 | } |
467 | 467 | ||
diff --git a/src/namestore/test_namestore_api_zone_to_name.c b/src/namestore/test_namestore_api_zone_to_name.c index 498b1197d..ba15389f0 100644 --- a/src/namestore/test_namestore_api_zone_to_name.c +++ b/src/namestore/test_namestore_api_zone_to_name.c | |||
@@ -247,7 +247,7 @@ run (void *cls, char *const *args, const char *cfgfile, | |||
247 | GNUNET_break (NULL != nsh); | 247 | GNUNET_break (NULL != nsh); |
248 | 248 | ||
249 | expire = GNUNET_TIME_absolute_get (); | 249 | expire = GNUNET_TIME_absolute_get (); |
250 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, &rd, 1); | 250 | s_signature = GNUNET_NAMESTORE_create_signature(privkey, rd.expiration, s_name, &rd, 1); |
251 | GNUNET_NAMESTORE_record_put(nsh, &pubkey, s_name, expire, 1, &rd, s_signature, put_cont, NULL); | 251 | GNUNET_NAMESTORE_record_put(nsh, &pubkey, s_name, expire, 1, &rd, s_signature, put_cont, NULL); |
252 | 252 | ||
253 | GNUNET_free ((void *) rd.data); | 253 | GNUNET_free ((void *) rd.data); |