diff options
author | Christian Grothoff <christian@grothoff.org> | 2022-01-10 10:43:06 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2022-01-10 10:43:06 +0100 |
commit | 5982cb44ba9b28751b69a818d32afe2d2b99db1c (patch) | |
tree | 31484d4ad1786bced0e446abeae14fde772d90e5 /src | |
parent | 8f8351c2ddb2c3040195548363161a2a177c7cc0 (diff) | |
download | gnunet-5982cb44ba9b28751b69a818d32afe2d2b99db1c.tar.gz gnunet-5982cb44ba9b28751b69a818d32afe2d2b99db1c.zip |
-export routine for path verification (untested)
Diffstat (limited to 'src')
-rw-r--r-- | src/dht/dht_api.c | 37 | ||||
-rw-r--r-- | src/include/gnunet_dht_service.h | 29 |
2 files changed, 65 insertions, 1 deletions
diff --git a/src/dht/dht_api.c b/src/dht/dht_api.c index 1ba2f7277..af3c7d685 100644 --- a/src/dht/dht_api.c +++ b/src/dht/dht_api.c | |||
@@ -28,6 +28,7 @@ | |||
28 | #include "platform.h" | 28 | #include "platform.h" |
29 | #include "gnunet_util_lib.h" | 29 | #include "gnunet_util_lib.h" |
30 | #include "gnunet_constants.h" | 30 | #include "gnunet_constants.h" |
31 | #include "gnunet_signatures.h" | ||
31 | #include "gnunet_arm_service.h" | 32 | #include "gnunet_arm_service.h" |
32 | #include "gnunet_hello_lib.h" | 33 | #include "gnunet_hello_lib.h" |
33 | #include "gnunet_protocols.h" | 34 | #include "gnunet_protocols.h" |
@@ -1189,7 +1190,43 @@ GNUNET_DHT_pp2s (const struct GNUNET_DHT_PathElement *path, | |||
1189 | (i == path_len - 1) ? "" : "-"); | 1190 | (i == path_len - 1) ? "" : "-"); |
1190 | } | 1191 | } |
1191 | return buf; | 1192 | return buf; |
1193 | } | ||
1194 | |||
1192 | 1195 | ||
1196 | unsigned int | ||
1197 | GNUNET_DHT_verify_path (const struct GNUNET_HashCode *key, | ||
1198 | const void *data, | ||
1199 | size_t data_size, | ||
1200 | struct GNUNET_TIME_Absolute exp_time, | ||
1201 | const struct GNUNET_DHT_PathElement *path, | ||
1202 | unsigned int path_len, | ||
1203 | const struct GNUNET_PeerIdentity *me) | ||
1204 | { | ||
1205 | |||
1206 | struct GNUNET_DHT_HopSignature hs = { | ||
1207 | .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DHT_HOP), | ||
1208 | .purpose.size = htonl (sizeof (hs)), | ||
1209 | .expiration_time = GNUNET_TIME_absolute_hton (exp_time), | ||
1210 | .key = *key, | ||
1211 | }; | ||
1212 | unsigned int i = path_len - 1; | ||
1213 | |||
1214 | GNUNET_CRYPTO_hash (data, | ||
1215 | data_size, | ||
1216 | &hs.h_data); | ||
1217 | while (i > 0) | ||
1218 | { | ||
1219 | hs.pred = path[i - 1].pred; | ||
1220 | hs.succ = (path_len == i + 1) ? *me : path[i + 1].pred; | ||
1221 | if (GNUNET_OK != | ||
1222 | GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_DHT_HOP, | ||
1223 | &hs, | ||
1224 | &path[i - 1].sig, | ||
1225 | &path[i].pred.public_key)) | ||
1226 | return i; | ||
1227 | i--; | ||
1228 | } | ||
1229 | return i; | ||
1193 | } | 1230 | } |
1194 | 1231 | ||
1195 | 1232 | ||
diff --git a/src/include/gnunet_dht_service.h b/src/include/gnunet_dht_service.h index 7376dd5f4..5c365639a 100644 --- a/src/include/gnunet_dht_service.h +++ b/src/include/gnunet_dht_service.h | |||
@@ -473,7 +473,7 @@ GNUNET_DHT_monitor_stop (struct GNUNET_DHT_MonitorHandle *handle); | |||
473 | * Convert a peer path to a human-readable string. | 473 | * Convert a peer path to a human-readable string. |
474 | * | 474 | * |
475 | * @param path array of path elements to convert to a string | 475 | * @param path array of path elements to convert to a string |
476 | * @param num_pids length of the @a pids array | 476 | * @param path_len length of the @a path array |
477 | * @return string representing the array of @a pids | 477 | * @return string representing the array of @a pids |
478 | */ | 478 | */ |
479 | char * | 479 | char * |
@@ -481,6 +481,33 @@ GNUNET_DHT_pp2s (const struct GNUNET_DHT_PathElement *path, | |||
481 | unsigned int path_len); | 481 | unsigned int path_len); |
482 | 482 | ||
483 | 483 | ||
484 | /** | ||
485 | * Verify signatures on a @a path, in reverse order (starting at | ||
486 | * the last element of the path). Note that the last signature | ||
487 | * on the path is never verified as that is the slot where our | ||
488 | * peer (@a me) would need to sign. | ||
489 | * | ||
490 | * @param key key of the data (not necessarily the query hash) | ||
491 | * @param data payload (the block) | ||
492 | * @param data_size number of bytes in @a data | ||
493 | * @param exp_time expiration time of @a data | ||
494 | * @param path array of path elements to verify | ||
495 | * @param path_len length of the @a path array | ||
496 | * @param me our own peer identity (needed to verify the last element) | ||
497 | * @return 0 on success, otherwise the index of | ||
498 | * the last path element that succeeded with verification; | ||
499 | * @a path_len -1 if no signature was valid | ||
500 | */ | ||
501 | unsigned int | ||
502 | GNUNET_DHT_verify_path (const struct GNUNET_HashCode *key, | ||
503 | const void *data, | ||
504 | size_t data_size, | ||
505 | struct GNUNET_TIME_Absolute exp_time, | ||
506 | const struct GNUNET_DHT_PathElement *path, | ||
507 | unsigned int path_len, | ||
508 | const struct GNUNET_PeerIdentity *me); | ||
509 | |||
510 | |||
484 | #if 0 /* keep Emacsens' auto-indent happy */ | 511 | #if 0 /* keep Emacsens' auto-indent happy */ |
485 | { | 512 | { |
486 | #endif | 513 | #endif |