summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorTheJackiMonster <thejackimonster@gmail.com>2020-11-05 22:04:41 +0100
committerTheJackiMonster <thejackimonster@gmail.com>2020-11-05 22:04:41 +0100
commitbd73336f5d7168f92574cf19703ec242c97e6062 (patch)
tree7fdb248c9a76ec78406406cf6f10faa79d8416c4 /src
parentc07ae5c8d29202466f066e4dcddbfd091513db7c (diff)
revocation and reclaim updated verification
Signed-off-by: TheJackiMonster <thejackimonster@gmail.com>
Diffstat (limited to 'src')
-rw-r--r--src/include/gnunet_revocation_service.h9
-rw-r--r--src/reclaim/oidc_helper.c26
-rw-r--r--src/revocation/revocation_api.c53
3 files changed, 34 insertions, 54 deletions
diff --git a/src/include/gnunet_revocation_service.h b/src/include/gnunet_revocation_service.h
index 18c1f2674..3ad8f864b 100644
--- a/src/include/gnunet_revocation_service.h
+++ b/src/include/gnunet_revocation_service.h
@@ -95,7 +95,7 @@ struct GNUNET_REVOCATION_PowP
/**
* The signature object we use for the PoW
*/
-struct GNUNET_REVOCATION_EcdsaSignaturePurposePS
+struct GNUNET_REVOCATION_SignaturePurposePS
{
/**
* The signature purpose
@@ -103,14 +103,9 @@ struct GNUNET_REVOCATION_EcdsaSignaturePurposePS
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
/**
- * Type of the key
- */
- uint32_t ktype;
-
- /**
* The revoked public key
*/
- struct GNUNET_CRYPTO_EcdsaPublicKey key;
+ struct GNUNET_IDENTITY_PublicKey key;
/**
* The timestamp of the revocation
diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c
index c3ff07976..0caa46b90 100644
--- a/src/reclaim/oidc_helper.c
+++ b/src/reclaim/oidc_helper.c
@@ -525,7 +525,7 @@ OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer,
// Get length
code_payload_len = sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
+ payload_len + sizeof(struct
- GNUNET_CRYPTO_EcdsaSignature);
+ GNUNET_IDENTITY_Signature);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Length of data to encode: %lu\n",
code_payload_len);
@@ -544,10 +544,10 @@ OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer,
buf_ptr += payload_len;
// Sign and store signature
if (GNUNET_SYSERR ==
- GNUNET_CRYPTO_ecdsa_sign_ (&issuer->ecdsa_key,
- purpose,
- (struct GNUNET_CRYPTO_EcdsaSignature *)
- buf_ptr))
+ GNUNET_IDENTITY_private_key_sign_ (issuer,
+ purpose,
+ (struct GNUNET_IDENTITY_Signature *)
+ buf_ptr))
{
GNUNET_break (0);
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Unable to sign code\n");
@@ -593,7 +593,7 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience,
char *code_challenge;
char *code_verifier_hash;
struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
- struct GNUNET_CRYPTO_EcdsaSignature *signature;
+ struct GNUNET_IDENTITY_Signature *signature;
uint32_t code_challenge_len;
uint32_t attrs_ser_len;
uint32_t pres_ser_len;
@@ -609,7 +609,7 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience,
(void **) &code_payload);
if (code_payload_len < sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
+ sizeof(struct OIDC_Parameters)
- + sizeof(struct GNUNET_CRYPTO_EcdsaSignature))
+ + sizeof(struct GNUNET_IDENTITY_Signature))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Authorization code malformed\n");
GNUNET_free (code_payload);
@@ -620,10 +620,10 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience,
plaintext_len = code_payload_len;
plaintext_len -= sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose);
ptr = (char *) &purpose[1];
- plaintext_len -= sizeof(struct GNUNET_CRYPTO_EcdsaSignature);
+ plaintext_len -= sizeof(struct GNUNET_IDENTITY_Signature);
plaintext = ptr;
ptr += plaintext_len;
- signature = (struct GNUNET_CRYPTO_EcdsaSignature *) ptr;
+ signature = (struct GNUNET_IDENTITY_Signature *) ptr;
params = (struct OIDC_Parameters *) plaintext;
// cmp code_challenge code_verifier
@@ -684,10 +684,10 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience,
return GNUNET_SYSERR;
}
if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN,
- purpose,
- signature,
- &ticket->identity.ecdsa_key))
+ GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN,
+ purpose,
+ signature,
+ &(ticket->identity)))
{
GNUNET_free (code_payload);
if (NULL != *nonce_str)
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c
index 94fbc7022..ee0150064 100644
--- a/src/revocation/revocation_api.c
+++ b/src/revocation/revocation_api.c
@@ -423,19 +423,18 @@ calculate_score (const struct GNUNET_REVOCATION_PowCalculationHandle *ph)
enum GNUNET_GenericReturnValue
-check_signature_ecdsa (const struct GNUNET_REVOCATION_PowP *pow,
- const struct GNUNET_CRYPTO_EcdsaPublicKey *key)
+check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow,
+ const struct GNUNET_IDENTITY_PublicKey *key)
{
- struct GNUNET_REVOCATION_EcdsaSignaturePurposePS spurp;
- struct GNUNET_CRYPTO_EcdsaSignature *sig;
+ struct GNUNET_REVOCATION_SignaturePurposePS spurp;
+ struct GNUNET_IDENTITY_Signature *sig;
const struct GNUNET_IDENTITY_PublicKey *pk;
size_t ksize;
pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1];
ksize = GNUNET_IDENTITY_key_get_length (pk);
- spurp.ktype = pk->type;
- spurp.key = pk->ecdsa_key;
+ spurp.key = *pk;
spurp.timestamp = pow->timestamp;
spurp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION);
spurp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
@@ -446,10 +445,10 @@ check_signature_ecdsa (const struct GNUNET_REVOCATION_PowP *pow,
ntohl (spurp.purpose.size));
sig = (struct GNUNET_CRYPTO_EcdsaSignature *) ((char*)&pow[1] + ksize);
if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION,
- &spurp.purpose,
- sig,
- key))
+ GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION,
+ &spurp.purpose,
+ sig,
+ key))
{
return GNUNET_SYSERR;
}
@@ -463,14 +462,7 @@ check_signature (const struct GNUNET_REVOCATION_PowP *pow)
const struct GNUNET_IDENTITY_PublicKey *pk;
pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1];
- switch (ntohl (pk->type))
- {
- case GNUNET_IDENTITY_TYPE_ECDSA:
- return check_signature_ecdsa (pow, &pk->ecdsa_key);
- default:
- return GNUNET_SYSERR;
- }
- return GNUNET_SYSERR;
+ return check_signature_identity (pow, pk);
}
@@ -576,11 +568,11 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_PowP *pow,
enum GNUNET_GenericReturnValue
-sign_pow_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
+sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key,
struct GNUNET_REVOCATION_PowP *pow)
{
struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get ();
- struct GNUNET_REVOCATION_EcdsaSignaturePurposePS rp;
+ struct GNUNET_REVOCATION_SignaturePurposePS rp;
const struct GNUNET_IDENTITY_PublicKey *pk;
size_t ksize;
char *sig;
@@ -602,13 +594,13 @@ sign_pow_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Signature payload len: %u\n",
ntohl (rp.purpose.size));
- rp.ktype = pk->type;
- rp.key = pk->ecdsa_key;
+ rp.key = *pk;
sig = ((char*)&pow[1]) + ksize;
- return GNUNET_CRYPTO_ecdsa_sign_ (key,
- &rp.purpose,
- (void*) sig);
-
+ int result = GNUNET_IDENTITY_private_key_sign_ (key,
+ &rp.purpose,
+ (void*) sig);
+ if (result == GNUNET_SYSERR) return GNUNET_NO;
+ else return result;
}
@@ -620,14 +612,7 @@ sign_pow (const struct GNUNET_IDENTITY_PrivateKey *key,
pk = (struct GNUNET_IDENTITY_PublicKey *) &pow[1];
GNUNET_IDENTITY_key_get_public (key, pk);
- switch (ntohl (pk->type))
- {
- case GNUNET_IDENTITY_TYPE_ECDSA:
- return sign_pow_ecdsa (&key->ecdsa_key, pow);
- default:
- return GNUNET_NO;
- }
- return GNUNET_NO;
+ return sign_pow_identity (key, pow);
}