diff options
author | Christian Grothoff <christian@grothoff.org> | 2019-11-16 18:24:47 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2019-11-16 18:24:58 +0100 |
commit | be6c14f2b2b880d72cd77538e98a067241d90f55 (patch) | |
tree | 4b945be0967a8d1dc5ea28b3720dfa9d0c363063 /src | |
parent | 8a0e314c66e07a5f5f8af4e5508d5a3c938b4812 (diff) | |
download | gnunet-be6c14f2b2b880d72cd77538e98a067241d90f55.tar.gz gnunet-be6c14f2b2b880d72cd77538e98a067241d90f55.zip |
patch up RSA signature format for #5698
Diffstat (limited to 'src')
-rw-r--r-- | src/util/crypto_rsa.c | 70 | ||||
-rw-r--r-- | src/util/test_crypto_rsa.c | 9 |
2 files changed, 76 insertions, 3 deletions
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index b34f919ec..08bdeb2ca 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c | |||
@@ -1,6 +1,6 @@ | |||
1 | /* | 1 | /* |
2 | This file is part of GNUnet | 2 | This file is part of GNUnet |
3 | Copyright (C) 2014,2016 GNUnet e.V. | 3 | Copyright (C) 2014,2016,2019 GNUnet e.V. |
4 | 4 | ||
5 | GNUnet is free software: you can redistribute it and/or modify it | 5 | GNUnet is free software: you can redistribute it and/or modify it |
6 | under the terms of the GNU Affero General Public License as published | 6 | under the terms of the GNU Affero General Public License as published |
@@ -32,6 +32,8 @@ | |||
32 | 32 | ||
33 | #define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-rsa", __VA_ARGS__) | 33 | #define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-rsa", __VA_ARGS__) |
34 | 34 | ||
35 | /* Flip for #5968 */ | ||
36 | #define NEW_CRYPTO 0 | ||
35 | 37 | ||
36 | /** | 38 | /** |
37 | * The private information of an RSA key pair. | 39 | * The private information of an RSA key pair. |
@@ -333,7 +335,6 @@ struct GNUNET_CRYPTO_RsaPublicKeyHeaderP | |||
333 | 335 | ||
334 | GNUNET_NETWORK_STRUCT_END | 336 | GNUNET_NETWORK_STRUCT_END |
335 | 337 | ||
336 | #define NEW_CRYPTO 0 | ||
337 | 338 | ||
338 | /** | 339 | /** |
339 | * Encode the public key in a format suitable for | 340 | * Encode the public key in a format suitable for |
@@ -1127,6 +1128,39 @@ GNUNET_CRYPTO_rsa_signature_encode (const struct | |||
1127 | GNUNET_CRYPTO_RsaSignature *sig, | 1128 | GNUNET_CRYPTO_RsaSignature *sig, |
1128 | char **buffer) | 1129 | char **buffer) |
1129 | { | 1130 | { |
1131 | #if NEW_CRYPTO | ||
1132 | gcry_mpi_t s; | ||
1133 | size_t buf_size; | ||
1134 | size_t rsize; | ||
1135 | unsigned char *buf; | ||
1136 | int ret; | ||
1137 | |||
1138 | ret = key_from_sexp (&s, | ||
1139 | sig->sexp, | ||
1140 | "sig-val", | ||
1141 | "s"); | ||
1142 | if (0 != ret) | ||
1143 | ret = key_from_sexp (&s, | ||
1144 | sig->sexp, | ||
1145 | "rsa", | ||
1146 | "s"); | ||
1147 | GNUNET_assert (0 == ret); | ||
1148 | gcry_mpi_print (GCRYMPI_FMT_USG, | ||
1149 | NULL, | ||
1150 | 0, | ||
1151 | &buf_size, | ||
1152 | s); | ||
1153 | buf = GNUNET_malloc (buf_size); | ||
1154 | GNUNET_assert (0 == | ||
1155 | gcry_mpi_print (GCRYMPI_FMT_USG, | ||
1156 | buf, | ||
1157 | buf_size, | ||
1158 | &rsize, | ||
1159 | s)); | ||
1160 | GNUNET_assert (rsize == buf_size); | ||
1161 | *buffer = (char *) buf; | ||
1162 | return buf_size; | ||
1163 | #else | ||
1130 | size_t n; | 1164 | size_t n; |
1131 | char *b; | 1165 | char *b; |
1132 | 1166 | ||
@@ -1142,6 +1176,7 @@ GNUNET_CRYPTO_rsa_signature_encode (const struct | |||
1142 | n)); | 1176 | n)); |
1143 | *buffer = b; | 1177 | *buffer = b; |
1144 | return n; | 1178 | return n; |
1179 | #endif | ||
1145 | } | 1180 | } |
1146 | 1181 | ||
1147 | 1182 | ||
@@ -1158,6 +1193,36 @@ GNUNET_CRYPTO_rsa_signature_decode (const char *buf, | |||
1158 | size_t len) | 1193 | size_t len) |
1159 | { | 1194 | { |
1160 | struct GNUNET_CRYPTO_RsaSignature *sig; | 1195 | struct GNUNET_CRYPTO_RsaSignature *sig; |
1196 | #if NEW_CRYPTO | ||
1197 | gcry_mpi_t s; | ||
1198 | gcry_sexp_t data; | ||
1199 | |||
1200 | if (0 != | ||
1201 | gcry_mpi_scan (&s, | ||
1202 | GCRYMPI_FMT_USG, | ||
1203 | buf, | ||
1204 | len, | ||
1205 | NULL)) | ||
1206 | { | ||
1207 | GNUNET_break_op (0); | ||
1208 | return NULL; | ||
1209 | } | ||
1210 | |||
1211 | if (0 != | ||
1212 | gcry_sexp_build (&data, | ||
1213 | NULL, | ||
1214 | "(sig-val(rsa(s %M)))", | ||
1215 | s)) | ||
1216 | { | ||
1217 | GNUNET_break (0); | ||
1218 | gcry_mpi_release (s); | ||
1219 | return NULL; | ||
1220 | } | ||
1221 | gcry_mpi_release (s); | ||
1222 | sig = GNUNET_new (struct GNUNET_CRYPTO_RsaSignature); | ||
1223 | sig->sexp = data; | ||
1224 | return sig; | ||
1225 | #else | ||
1161 | int ret; | 1226 | int ret; |
1162 | gcry_mpi_t s; | 1227 | gcry_mpi_t s; |
1163 | 1228 | ||
@@ -1185,6 +1250,7 @@ GNUNET_CRYPTO_rsa_signature_decode (const char *buf, | |||
1185 | return NULL; | 1250 | return NULL; |
1186 | } | 1251 | } |
1187 | gcry_mpi_release (s); | 1252 | gcry_mpi_release (s); |
1253 | #endif | ||
1188 | return sig; | 1254 | return sig; |
1189 | } | 1255 | } |
1190 | 1256 | ||
diff --git a/src/util/test_crypto_rsa.c b/src/util/test_crypto_rsa.c index 5b546f243..277f58ba0 100644 --- a/src/util/test_crypto_rsa.c +++ b/src/util/test_crypto_rsa.c | |||
@@ -93,15 +93,22 @@ main (int argc, | |||
93 | char *buf; | 93 | char *buf; |
94 | size_t buf_size; | 94 | size_t buf_size; |
95 | struct GNUNET_CRYPTO_RsaPublicKey *pub2; | 95 | struct GNUNET_CRYPTO_RsaPublicKey *pub2; |
96 | struct GNUNET_CRYPTO_RsaSignature *sig2; | ||
96 | 97 | ||
97 | buf_size = GNUNET_CRYPTO_rsa_public_key_encode (pub, | 98 | buf_size = GNUNET_CRYPTO_rsa_public_key_encode (pub, |
98 | &buf); | 99 | &buf); |
99 | pub2 = GNUNET_CRYPTO_rsa_public_key_decode (buf, | 100 | pub2 = GNUNET_CRYPTO_rsa_public_key_decode (buf, |
100 | buf_size); | 101 | buf_size); |
101 | GNUNET_free (buf); | 102 | GNUNET_free (buf); |
103 | buf_size = GNUNET_CRYPTO_rsa_signature_encode (sig, | ||
104 | &buf); | ||
105 | sig2 = GNUNET_CRYPTO_rsa_signature_decode (buf, | ||
106 | buf_size); | ||
107 | GNUNET_free (buf); | ||
102 | GNUNET_assert (GNUNET_OK == | 108 | GNUNET_assert (GNUNET_OK == |
103 | GNUNET_CRYPTO_rsa_verify (&hash, sig, pub2)); | 109 | GNUNET_CRYPTO_rsa_verify (&hash, sig2, pub2)); |
104 | GNUNET_CRYPTO_rsa_public_key_free (pub2); | 110 | GNUNET_CRYPTO_rsa_public_key_free (pub2); |
111 | GNUNET_CRYPTO_rsa_signature_free (sig2); | ||
105 | } | 112 | } |
106 | /* corrupt our hash and see if the signature is still valid */ | 113 | /* corrupt our hash and see if the signature is still valid */ |
107 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &hash, | 114 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &hash, |