diff options
Diffstat (limited to 'src/fs/fs_pseudonym.c')
-rw-r--r-- | src/fs/fs_pseudonym.c | 66 |
1 files changed, 47 insertions, 19 deletions
diff --git a/src/fs/fs_pseudonym.c b/src/fs/fs_pseudonym.c index 32164fa11..49a084199 100644 --- a/src/fs/fs_pseudonym.c +++ b/src/fs/fs_pseudonym.c | |||
@@ -1,10 +1,10 @@ | |||
1 | /* | 1 | /* |
2 | This file is part of GNUnet | 2 | This file is part of GNUnet |
3 | (C) 2003, 2004, 2005, 2006, 2007, 2008, 2013 Christian Grothoff (and other contributing authors) | 3 | (C) 2003-2013 Christian Grothoff (and other contributing authors) |
4 | 4 | ||
5 | GNUnet is free software; you can redistribute it and/or modify | 5 | GNUnet is free software; you can redistribute it and/or modify |
6 | it under the terms of the GNU General Public License as published | 6 | it under the terms of the GNU General Public License as published |
7 | by the Free Software Foundation; either version 2, or (at your | 7 | by the Free Software Foundation; either version 3, or (at your |
8 | option) any later version. | 8 | option) any later version. |
9 | 9 | ||
10 | GNUnet is distributed in the hope that it will be useful, but | 10 | GNUnet is distributed in the hope that it will be useful, but |
@@ -1042,30 +1042,48 @@ GNUNET_FS_pseudonym_destroy (struct GNUNET_FS_PseudonymHandle *ph) | |||
1042 | * S-expression suitable for signature operations. | 1042 | * S-expression suitable for signature operations. |
1043 | * | 1043 | * |
1044 | * @param purpose data to convert | 1044 | * @param purpose data to convert |
1045 | * @param rfc6979 GNUNET_YES if we are to use deterministic ECDSA | ||
1045 | * @return converted s-expression | 1046 | * @return converted s-expression |
1046 | */ | 1047 | */ |
1047 | static gcry_sexp_t | 1048 | static gcry_sexp_t |
1048 | data_to_pkcs1 (const struct GNUNET_FS_PseudonymSignaturePurpose *purpose) | 1049 | data_to_pkcs1 (const struct GNUNET_FS_PseudonymSignaturePurpose *purpose, |
1050 | int rfc6979) | ||
1049 | { | 1051 | { |
1050 | struct GNUNET_CRYPTO_ShortHashCode hc; | 1052 | struct GNUNET_CRYPTO_ShortHashCode hc; |
1051 | size_t bufSize; | 1053 | size_t bufSize; |
1052 | gcry_sexp_t data; | 1054 | gcry_sexp_t data; |
1055 | const char *fmt; | ||
1056 | int rc; | ||
1053 | 1057 | ||
1054 | GNUNET_CRYPTO_short_hash (purpose, ntohl (purpose->size), &hc); | 1058 | GNUNET_CRYPTO_short_hash (purpose, ntohl (purpose->size), &hc); |
1055 | #define FORMATSTRING "(4:data(5:flags3:raw)(5:value32:01234567890123456789012345678901))" | 1059 | if (rfc6979) |
1056 | bufSize = strlen (FORMATSTRING) + 1; | 1060 | { |
1061 | if (0 != (rc = gcry_sexp_build (&data, NULL, | ||
1062 | "(data(flags rfc6979)(hash %s %b))", | ||
1063 | "sha256", | ||
1064 | sizeof (hc), | ||
1065 | &hc))) | ||
1066 | { | ||
1067 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); | ||
1068 | return NULL; | ||
1069 | } | ||
1070 | } | ||
1071 | else | ||
1057 | { | 1072 | { |
1058 | char buff[bufSize]; | 1073 | fmt = "(data(flags raw)(5:value32:01234567890123456789012345678901))"; |
1059 | 1074 | bufSize = strlen (fmt) + 1; | |
1060 | memcpy (buff, FORMATSTRING, bufSize); | 1075 | { |
1061 | memcpy (&buff | 1076 | char buff[bufSize]; |
1062 | [bufSize - | 1077 | |
1063 | strlen | 1078 | memcpy (buff, fmt, bufSize); |
1064 | ("01234567890123456789012345678901))") | 1079 | memcpy (&buff |
1065 | - 1], &hc, sizeof (struct GNUNET_CRYPTO_ShortHashCode)); | 1080 | [bufSize - |
1066 | GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0)); | 1081 | strlen |
1082 | ("01234567890123456789012345678901))") | ||
1083 | - 1], &hc, sizeof (struct GNUNET_CRYPTO_ShortHashCode)); | ||
1084 | GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0)); | ||
1085 | } | ||
1067 | } | 1086 | } |
1068 | #undef FORMATSTRING | ||
1069 | return data; | 1087 | return data; |
1070 | } | 1088 | } |
1071 | 1089 | ||
@@ -1159,8 +1177,12 @@ GNUNET_FS_pseudonym_sign (struct GNUNET_FS_PseudonymHandle *ph, | |||
1159 | } | 1177 | } |
1160 | gcry_mpi_release (dh); | 1178 | gcry_mpi_release (dh); |
1161 | /* prepare data for signing */ | 1179 | /* prepare data for signing */ |
1162 | data = data_to_pkcs1 (purpose); | 1180 | data = data_to_pkcs1 (purpose, NULL != seed); |
1163 | 1181 | if (NULL == data) | |
1182 | { | ||
1183 | gcry_sexp_release (spriv); | ||
1184 | return GNUNET_SYSERR; | ||
1185 | } | ||
1164 | /* get 'k' value from seed, if available */ | 1186 | /* get 'k' value from seed, if available */ |
1165 | if (NULL != seed) | 1187 | if (NULL != seed) |
1166 | { | 1188 | { |
@@ -1170,6 +1192,8 @@ GNUNET_FS_pseudonym_sign (struct GNUNET_FS_PseudonymHandle *ph, | |||
1170 | size, &size))) | 1192 | size, &size))) |
1171 | { | 1193 | { |
1172 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | 1194 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); |
1195 | gcry_sexp_release (spriv); | ||
1196 | gcry_sexp_release (data); | ||
1173 | return GNUNET_SYSERR; | 1197 | return GNUNET_SYSERR; |
1174 | } | 1198 | } |
1175 | } | 1199 | } |
@@ -1461,8 +1485,12 @@ GNUNET_FS_pseudonym_verify (const struct GNUNET_FS_PseudonymSignaturePurpose *pu | |||
1461 | 1485 | ||
1462 | 1486 | ||
1463 | /* build s-expression for data that was signed */ | 1487 | /* build s-expression for data that was signed */ |
1464 | data = data_to_pkcs1 (purpose); | 1488 | data = data_to_pkcs1 (purpose, GNUNET_NO); |
1465 | 1489 | if (NULL == data) | |
1490 | { | ||
1491 | gcry_sexp_release (sig_sexpr); | ||
1492 | return GNUNET_SYSERR; | ||
1493 | } | ||
1466 | /* create context of public key and initialize Q */ | 1494 | /* create context of public key and initialize Q */ |
1467 | size = sizeof (verification_key->q_x); | 1495 | size = sizeof (verification_key->q_x); |
1468 | if (0 != (rc = gcry_mpi_scan (&q_x, GCRYMPI_FMT_USG, | 1496 | if (0 != (rc = gcry_mpi_scan (&q_x, GCRYMPI_FMT_USG, |