diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-07-30 15:43:08 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-07-30 15:43:08 +0000 |
commit | b87f43cb7ca0ceec933054e6b224b1b321eb7238 (patch) | |
tree | ad54c100aed9b9cfe730fa8c50f49a511cca9170 /src | |
parent | 4ea563a1d1fbdf020af2432c0b0320e8422051f7 (diff) | |
download | gnunet-b87f43cb7ca0ceec933054e6b224b1b321eb7238.tar.gz gnunet-b87f43cb7ca0ceec933054e6b224b1b321eb7238.zip |
-make use of deterministic ECDSA in FS, requires libgcrypt from Git as of yesterday
Diffstat (limited to 'src')
-rw-r--r-- | src/fs/fs_api.c | 1 | ||||
-rw-r--r-- | src/fs/fs_namespace.c | 8 | ||||
-rw-r--r-- | src/fs/fs_pseudonym.c | 66 | ||||
-rw-r--r-- | src/util/disk.c | 6 |
4 files changed, 54 insertions, 27 deletions
diff --git a/src/fs/fs_api.c b/src/fs/fs_api.c index 3ccb67105..ab49139b9 100644 --- a/src/fs/fs_api.c +++ b/src/fs/fs_api.c | |||
@@ -2725,7 +2725,6 @@ deserialize_download (struct GNUNET_FS_Handle *h, | |||
2725 | } | 2725 | } |
2726 | if (NULL != parent) | 2726 | if (NULL != parent) |
2727 | { | 2727 | { |
2728 | GNUNET_abort (); // for debugging for now - FIXME | ||
2729 | GNUNET_CONTAINER_DLL_insert (parent->child_head, parent->child_tail, dc); | 2728 | GNUNET_CONTAINER_DLL_insert (parent->child_head, parent->child_tail, dc); |
2730 | } | 2729 | } |
2731 | if (NULL != search) | 2730 | if (NULL != search) |
diff --git a/src/fs/fs_namespace.c b/src/fs/fs_namespace.c index e838c489f..d456dc34b 100644 --- a/src/fs/fs_namespace.c +++ b/src/fs/fs_namespace.c | |||
@@ -723,10 +723,10 @@ GNUNET_FS_publish_sks (struct GNUNET_FS_Handle *h, | |||
723 | sizeof (ub_enc->verification_key), | 723 | sizeof (ub_enc->verification_key), |
724 | &query); | 724 | &query); |
725 | GNUNET_FS_pseudonym_sign (ns->key, | 725 | GNUNET_FS_pseudonym_sign (ns->key, |
726 | &ub_enc->purpose, | 726 | &ub_enc->purpose, |
727 | NULL, | 727 | NULL, |
728 | &signing_key, | 728 | &signing_key, |
729 | &ub_enc->signature); | 729 | &ub_enc->signature); |
730 | psc = GNUNET_malloc (sizeof (struct GNUNET_FS_PublishSksContext)); | 730 | psc = GNUNET_malloc (sizeof (struct GNUNET_FS_PublishSksContext)); |
731 | psc->uri = sks_uri; | 731 | psc->uri = sks_uri; |
732 | psc->cont = cont; | 732 | psc->cont = cont; |
diff --git a/src/fs/fs_pseudonym.c b/src/fs/fs_pseudonym.c index 32164fa11..49a084199 100644 --- a/src/fs/fs_pseudonym.c +++ b/src/fs/fs_pseudonym.c | |||
@@ -1,10 +1,10 @@ | |||
1 | /* | 1 | /* |
2 | This file is part of GNUnet | 2 | This file is part of GNUnet |
3 | (C) 2003, 2004, 2005, 2006, 2007, 2008, 2013 Christian Grothoff (and other contributing authors) | 3 | (C) 2003-2013 Christian Grothoff (and other contributing authors) |
4 | 4 | ||
5 | GNUnet is free software; you can redistribute it and/or modify | 5 | GNUnet is free software; you can redistribute it and/or modify |
6 | it under the terms of the GNU General Public License as published | 6 | it under the terms of the GNU General Public License as published |
7 | by the Free Software Foundation; either version 2, or (at your | 7 | by the Free Software Foundation; either version 3, or (at your |
8 | option) any later version. | 8 | option) any later version. |
9 | 9 | ||
10 | GNUnet is distributed in the hope that it will be useful, but | 10 | GNUnet is distributed in the hope that it will be useful, but |
@@ -1042,30 +1042,48 @@ GNUNET_FS_pseudonym_destroy (struct GNUNET_FS_PseudonymHandle *ph) | |||
1042 | * S-expression suitable for signature operations. | 1042 | * S-expression suitable for signature operations. |
1043 | * | 1043 | * |
1044 | * @param purpose data to convert | 1044 | * @param purpose data to convert |
1045 | * @param rfc6979 GNUNET_YES if we are to use deterministic ECDSA | ||
1045 | * @return converted s-expression | 1046 | * @return converted s-expression |
1046 | */ | 1047 | */ |
1047 | static gcry_sexp_t | 1048 | static gcry_sexp_t |
1048 | data_to_pkcs1 (const struct GNUNET_FS_PseudonymSignaturePurpose *purpose) | 1049 | data_to_pkcs1 (const struct GNUNET_FS_PseudonymSignaturePurpose *purpose, |
1050 | int rfc6979) | ||
1049 | { | 1051 | { |
1050 | struct GNUNET_CRYPTO_ShortHashCode hc; | 1052 | struct GNUNET_CRYPTO_ShortHashCode hc; |
1051 | size_t bufSize; | 1053 | size_t bufSize; |
1052 | gcry_sexp_t data; | 1054 | gcry_sexp_t data; |
1055 | const char *fmt; | ||
1056 | int rc; | ||
1053 | 1057 | ||
1054 | GNUNET_CRYPTO_short_hash (purpose, ntohl (purpose->size), &hc); | 1058 | GNUNET_CRYPTO_short_hash (purpose, ntohl (purpose->size), &hc); |
1055 | #define FORMATSTRING "(4:data(5:flags3:raw)(5:value32:01234567890123456789012345678901))" | 1059 | if (rfc6979) |
1056 | bufSize = strlen (FORMATSTRING) + 1; | 1060 | { |
1061 | if (0 != (rc = gcry_sexp_build (&data, NULL, | ||
1062 | "(data(flags rfc6979)(hash %s %b))", | ||
1063 | "sha256", | ||
1064 | sizeof (hc), | ||
1065 | &hc))) | ||
1066 | { | ||
1067 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); | ||
1068 | return NULL; | ||
1069 | } | ||
1070 | } | ||
1071 | else | ||
1057 | { | 1072 | { |
1058 | char buff[bufSize]; | 1073 | fmt = "(data(flags raw)(5:value32:01234567890123456789012345678901))"; |
1059 | 1074 | bufSize = strlen (fmt) + 1; | |
1060 | memcpy (buff, FORMATSTRING, bufSize); | 1075 | { |
1061 | memcpy (&buff | 1076 | char buff[bufSize]; |
1062 | [bufSize - | 1077 | |
1063 | strlen | 1078 | memcpy (buff, fmt, bufSize); |
1064 | ("01234567890123456789012345678901))") | 1079 | memcpy (&buff |
1065 | - 1], &hc, sizeof (struct GNUNET_CRYPTO_ShortHashCode)); | 1080 | [bufSize - |
1066 | GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0)); | 1081 | strlen |
1082 | ("01234567890123456789012345678901))") | ||
1083 | - 1], &hc, sizeof (struct GNUNET_CRYPTO_ShortHashCode)); | ||
1084 | GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0)); | ||
1085 | } | ||
1067 | } | 1086 | } |
1068 | #undef FORMATSTRING | ||
1069 | return data; | 1087 | return data; |
1070 | } | 1088 | } |
1071 | 1089 | ||
@@ -1159,8 +1177,12 @@ GNUNET_FS_pseudonym_sign (struct GNUNET_FS_PseudonymHandle *ph, | |||
1159 | } | 1177 | } |
1160 | gcry_mpi_release (dh); | 1178 | gcry_mpi_release (dh); |
1161 | /* prepare data for signing */ | 1179 | /* prepare data for signing */ |
1162 | data = data_to_pkcs1 (purpose); | 1180 | data = data_to_pkcs1 (purpose, NULL != seed); |
1163 | 1181 | if (NULL == data) | |
1182 | { | ||
1183 | gcry_sexp_release (spriv); | ||
1184 | return GNUNET_SYSERR; | ||
1185 | } | ||
1164 | /* get 'k' value from seed, if available */ | 1186 | /* get 'k' value from seed, if available */ |
1165 | if (NULL != seed) | 1187 | if (NULL != seed) |
1166 | { | 1188 | { |
@@ -1170,6 +1192,8 @@ GNUNET_FS_pseudonym_sign (struct GNUNET_FS_PseudonymHandle *ph, | |||
1170 | size, &size))) | 1192 | size, &size))) |
1171 | { | 1193 | { |
1172 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | 1194 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); |
1195 | gcry_sexp_release (spriv); | ||
1196 | gcry_sexp_release (data); | ||
1173 | return GNUNET_SYSERR; | 1197 | return GNUNET_SYSERR; |
1174 | } | 1198 | } |
1175 | } | 1199 | } |
@@ -1461,8 +1485,12 @@ GNUNET_FS_pseudonym_verify (const struct GNUNET_FS_PseudonymSignaturePurpose *pu | |||
1461 | 1485 | ||
1462 | 1486 | ||
1463 | /* build s-expression for data that was signed */ | 1487 | /* build s-expression for data that was signed */ |
1464 | data = data_to_pkcs1 (purpose); | 1488 | data = data_to_pkcs1 (purpose, GNUNET_NO); |
1465 | 1489 | if (NULL == data) | |
1490 | { | ||
1491 | gcry_sexp_release (sig_sexpr); | ||
1492 | return GNUNET_SYSERR; | ||
1493 | } | ||
1466 | /* create context of public key and initialize Q */ | 1494 | /* create context of public key and initialize Q */ |
1467 | size = sizeof (verification_key->q_x); | 1495 | size = sizeof (verification_key->q_x); |
1468 | if (0 != (rc = gcry_mpi_scan (&q_x, GCRYMPI_FMT_USG, | 1496 | if (0 != (rc = gcry_mpi_scan (&q_x, GCRYMPI_FMT_USG, |
diff --git a/src/util/disk.c b/src/util/disk.c index cda28ce6d..e815afb2b 100644 --- a/src/util/disk.c +++ b/src/util/disk.c | |||
@@ -1,10 +1,10 @@ | |||
1 | /* | 1 | /* |
2 | This file is part of GNUnet. | 2 | This file is part of GNUnet. |
3 | (C) 2001--2012 Christian Grothoff (and other contributing authors) | 3 | (C) 2001--2013 Christian Grothoff (and other contributing authors) |
4 | 4 | ||
5 | GNUnet is free software; you can redistribute it and/or modify | 5 | GNUnet is free software; you can redistribute it and/or modify |
6 | it under the terms of the GNU General Public License as published | 6 | it under the terms of the GNU General Public License as published |
7 | by the Free Software Foundation; either version 2, or (at your | 7 | by the Free Software Foundation; either version 3, or (at your |
8 | option) any later version. | 8 | option) any later version. |
9 | 9 | ||
10 | GNUnet is distributed in the hope that it will be useful, but | 10 | GNUnet is distributed in the hope that it will be useful, but |
@@ -587,7 +587,7 @@ GNUNET_DISK_directory_test (const char *fil, int is_readable) | |||
587 | } | 587 | } |
588 | if (!S_ISDIR (filestat.st_mode)) | 588 | if (!S_ISDIR (filestat.st_mode)) |
589 | { | 589 | { |
590 | LOG (GNUNET_ERROR_TYPE_WARNING, | 590 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
591 | "A file already exits with the same name %s\n", fil); | 591 | "A file already exits with the same name %s\n", fil); |
592 | return GNUNET_NO; | 592 | return GNUNET_NO; |
593 | } | 593 | } |