diff options
Diffstat (limited to 'src/revocation')
-rw-r--r-- | src/revocation/Makefile.am | 3 | ||||
-rw-r--r-- | src/revocation/gnunet-revocation-tvg.c | 25 | ||||
-rw-r--r-- | src/revocation/gnunet-revocation.c | 71 | ||||
-rw-r--r-- | src/revocation/gnunet-service-revocation.c | 75 | ||||
-rw-r--r-- | src/revocation/plugin_block_revocation.c | 23 | ||||
-rw-r--r-- | src/revocation/revocation.h | 11 | ||||
-rw-r--r-- | src/revocation/revocation_api.c | 188 | ||||
-rw-r--r-- | src/revocation/test_revocation.c | 20 |
8 files changed, 294 insertions, 122 deletions
diff --git a/src/revocation/Makefile.am b/src/revocation/Makefile.am index 9d98502a6..b1a079a0d 100644 --- a/src/revocation/Makefile.am +++ b/src/revocation/Makefile.am | |||
@@ -30,6 +30,7 @@ libgnunet_plugin_block_revocation_la_LIBADD = \ | |||
30 | $(top_builddir)/src/block/libgnunetblockgroup.la \ | 30 | $(top_builddir)/src/block/libgnunetblockgroup.la \ |
31 | $(top_builddir)/src/block/libgnunetblock.la \ | 31 | $(top_builddir)/src/block/libgnunetblock.la \ |
32 | $(top_builddir)/src/util/libgnunetutil.la \ | 32 | $(top_builddir)/src/util/libgnunetutil.la \ |
33 | $(top_builddir)/src/identity/libgnunetidentity.la \ | ||
33 | $(LTLIBINTL) | 34 | $(LTLIBINTL) |
34 | libgnunet_plugin_block_revocation_la_DEPENDENCIES = \ | 35 | libgnunet_plugin_block_revocation_la_DEPENDENCIES = \ |
35 | libgnunetrevocation.la \ | 36 | libgnunetrevocation.la \ |
@@ -63,6 +64,7 @@ libgnunetrevocation_la_SOURCES = \ | |||
63 | revocation_api.c revocation.h | 64 | revocation_api.c revocation.h |
64 | libgnunetrevocation_la_LIBADD = \ | 65 | libgnunetrevocation_la_LIBADD = \ |
65 | $(top_builddir)/src/util/libgnunetutil.la \ | 66 | $(top_builddir)/src/util/libgnunetutil.la \ |
67 | $(top_builddir)/src/identity/libgnunetidentity.la \ | ||
66 | $(LIBGCRYPT_LIBS) \ | 68 | $(LIBGCRYPT_LIBS) \ |
67 | $(GN_LIBINTL) $(XLIB) -lgcrypt | 69 | $(GN_LIBINTL) $(XLIB) -lgcrypt |
68 | libgnunetrevocation_la_LDFLAGS = \ | 70 | libgnunetrevocation_la_LDFLAGS = \ |
@@ -80,6 +82,7 @@ gnunet_service_revocation_LDADD = \ | |||
80 | $(top_builddir)/src/core/libgnunetcore.la \ | 82 | $(top_builddir)/src/core/libgnunetcore.la \ |
81 | $(top_builddir)/src/setu/libgnunetsetu.la \ | 83 | $(top_builddir)/src/setu/libgnunetsetu.la \ |
82 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | 84 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ |
85 | $(top_builddir)/src/identity/libgnunetidentity.la \ | ||
83 | $(top_builddir)/src/util/libgnunetutil.la \ | 86 | $(top_builddir)/src/util/libgnunetutil.la \ |
84 | -lm \ | 87 | -lm \ |
85 | $(GN_LIBINTL) | 88 | $(GN_LIBINTL) |
diff --git a/src/revocation/gnunet-revocation-tvg.c b/src/revocation/gnunet-revocation-tvg.c index 29df1bb4d..1692472bb 100644 --- a/src/revocation/gnunet-revocation-tvg.c +++ b/src/revocation/gnunet-revocation-tvg.c | |||
@@ -65,25 +65,26 @@ run (void *cls, | |||
65 | const char *cfgfile, | 65 | const char *cfgfile, |
66 | const struct GNUNET_CONFIGURATION_Handle *cfg) | 66 | const struct GNUNET_CONFIGURATION_Handle *cfg) |
67 | { | 67 | { |
68 | struct GNUNET_CRYPTO_EcdsaPrivateKey id_priv; | 68 | struct GNUNET_IDENTITY_PrivateKey id_priv; |
69 | struct GNUNET_CRYPTO_EcdsaPublicKey id_pub; | 69 | struct GNUNET_IDENTITY_PublicKey id_pub; |
70 | struct GNUNET_REVOCATION_PowP pow; | 70 | struct GNUNET_REVOCATION_PowP *pow; |
71 | struct GNUNET_REVOCATION_PowCalculationHandle *ph; | 71 | struct GNUNET_REVOCATION_PowCalculationHandle *ph; |
72 | struct GNUNET_TIME_Relative exp; | 72 | struct GNUNET_TIME_Relative exp; |
73 | 73 | ||
74 | GNUNET_CRYPTO_ecdsa_key_create (&id_priv); | 74 | id_priv.type = htonl (GNUNET_IDENTITY_TYPE_ECDSA); |
75 | GNUNET_CRYPTO_ecdsa_key_get_public (&id_priv, | 75 | GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key); |
76 | &id_pub); | 76 | GNUNET_IDENTITY_key_get_public (&id_priv, |
77 | &id_pub); | ||
77 | fprintf (stdout, "Zone private key (d, little-endian scalar):\n"); | 78 | fprintf (stdout, "Zone private key (d, little-endian scalar):\n"); |
78 | print_bytes (&id_priv, sizeof(id_priv), 0); | 79 | print_bytes (&id_priv, sizeof(id_priv), 0); |
79 | fprintf (stdout, "\n"); | 80 | fprintf (stdout, "\n"); |
80 | fprintf (stdout, "Zone public key (zk):\n"); | 81 | fprintf (stdout, "Zone public key (zk):\n"); |
81 | print_bytes (&id_pub, sizeof(id_pub), 0); | 82 | print_bytes (&id_pub, sizeof(id_pub), 0); |
82 | fprintf (stdout, "\n"); | 83 | fprintf (stdout, "\n"); |
83 | memset (&pow, 0, sizeof (pow)); | 84 | pow = GNUNET_malloc (GNUNET_REVOCATION_MAX_PROOF_SIZE); |
84 | GNUNET_REVOCATION_pow_init (&id_priv, | 85 | GNUNET_REVOCATION_pow_init (&id_priv, |
85 | &pow); | 86 | pow); |
86 | ph = GNUNET_REVOCATION_pow_start (&pow, | 87 | ph = GNUNET_REVOCATION_pow_start (pow, |
87 | TEST_EPOCHS, | 88 | TEST_EPOCHS, |
88 | TEST_DIFFICULTY); | 89 | TEST_DIFFICULTY); |
89 | fprintf (stdout, "Difficulty (%d base difficulty + %d epochs): %d\n\n", | 90 | fprintf (stdout, "Difficulty (%d base difficulty + %d epochs): %d\n\n", |
@@ -97,12 +98,12 @@ run (void *cls, | |||
97 | } | 98 | } |
98 | exp = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, | 99 | exp = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, |
99 | TEST_EPOCHS); | 100 | TEST_EPOCHS); |
100 | GNUNET_assert (GNUNET_OK == GNUNET_REVOCATION_check_pow (&pow, | 101 | GNUNET_assert (GNUNET_OK == GNUNET_REVOCATION_check_pow (pow, |
101 | TEST_DIFFICULTY, | 102 | TEST_DIFFICULTY, |
102 | exp)); | 103 | exp)); |
103 | fprintf (stdout, "Proof:\n"); | 104 | fprintf (stdout, "Proof:\n"); |
104 | print_bytes (&pow, | 105 | print_bytes (pow, |
105 | sizeof (pow), | 106 | GNUNET_REVOCATION_proof_get_size (pow), |
106 | 8); | 107 | 8); |
107 | } | 108 | } |
108 | 109 | ||
diff --git a/src/revocation/gnunet-revocation.c b/src/revocation/gnunet-revocation.c index 0e1e482ab..d59ea7c81 100644 --- a/src/revocation/gnunet-revocation.c +++ b/src/revocation/gnunet-revocation.c | |||
@@ -101,7 +101,7 @@ static struct GNUNET_SCHEDULER_Task *pow_task; | |||
101 | /** | 101 | /** |
102 | * Proof-of-work object | 102 | * Proof-of-work object |
103 | */ | 103 | */ |
104 | static struct GNUNET_REVOCATION_PowP proof_of_work; | 104 | static struct GNUNET_REVOCATION_PowP *proof_of_work; |
105 | 105 | ||
106 | /** | 106 | /** |
107 | * Function run if the user aborts with CTRL-C. | 107 | * Function run if the user aborts with CTRL-C. |
@@ -213,7 +213,7 @@ static void | |||
213 | perform_revocation () | 213 | perform_revocation () |
214 | { | 214 | { |
215 | h = GNUNET_REVOCATION_revoke (cfg, | 215 | h = GNUNET_REVOCATION_revoke (cfg, |
216 | &proof_of_work, | 216 | proof_of_work, |
217 | &print_revocation_result, | 217 | &print_revocation_result, |
218 | NULL); | 218 | NULL); |
219 | } | 219 | } |
@@ -228,11 +228,12 @@ perform_revocation () | |||
228 | static void | 228 | static void |
229 | sync_pow () | 229 | sync_pow () |
230 | { | 230 | { |
231 | size_t psize = GNUNET_REVOCATION_proof_get_size (proof_of_work); | ||
231 | if ((NULL != filename) && | 232 | if ((NULL != filename) && |
232 | (sizeof(struct GNUNET_REVOCATION_PowP) != | 233 | (psize != |
233 | GNUNET_DISK_fn_write (filename, | 234 | GNUNET_DISK_fn_write (filename, |
234 | &proof_of_work, | 235 | proof_of_work, |
235 | sizeof(struct GNUNET_REVOCATION_PowP), | 236 | psize, |
236 | GNUNET_DISK_PERM_USER_READ | 237 | GNUNET_DISK_PERM_USER_READ |
237 | | GNUNET_DISK_PERM_USER_WRITE))) | 238 | | GNUNET_DISK_PERM_USER_WRITE))) |
238 | GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "write", filename); | 239 | GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "write", filename); |
@@ -269,6 +270,7 @@ static void | |||
269 | calculate_pow (void *cls) | 270 | calculate_pow (void *cls) |
270 | { | 271 | { |
271 | struct GNUNET_REVOCATION_PowCalculationHandle *ph = cls; | 272 | struct GNUNET_REVOCATION_PowCalculationHandle *ph = cls; |
273 | size_t psize; | ||
272 | 274 | ||
273 | /* store temporary results */ | 275 | /* store temporary results */ |
274 | pow_task = NULL; | 276 | pow_task = NULL; |
@@ -277,11 +279,12 @@ calculate_pow (void *cls) | |||
277 | /* actually do POW calculation */ | 279 | /* actually do POW calculation */ |
278 | if (GNUNET_OK == GNUNET_REVOCATION_pow_round (ph)) | 280 | if (GNUNET_OK == GNUNET_REVOCATION_pow_round (ph)) |
279 | { | 281 | { |
282 | psize = GNUNET_REVOCATION_proof_get_size (proof_of_work); | ||
280 | if ((NULL != filename) && | 283 | if ((NULL != filename) && |
281 | (sizeof(struct GNUNET_REVOCATION_PowP) != | 284 | (psize != |
282 | GNUNET_DISK_fn_write (filename, | 285 | GNUNET_DISK_fn_write (filename, |
283 | &proof_of_work, | 286 | proof_of_work, |
284 | sizeof(struct GNUNET_REVOCATION_PowP), | 287 | psize, |
285 | GNUNET_DISK_PERM_USER_READ | 288 | GNUNET_DISK_PERM_USER_READ |
286 | | GNUNET_DISK_PERM_USER_WRITE))) | 289 | | GNUNET_DISK_PERM_USER_WRITE))) |
287 | GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "write", filename); | 290 | GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "write", filename); |
@@ -325,9 +328,10 @@ calculate_pow (void *cls) | |||
325 | static void | 328 | static void |
326 | ego_callback (void *cls, struct GNUNET_IDENTITY_Ego *ego) | 329 | ego_callback (void *cls, struct GNUNET_IDENTITY_Ego *ego) |
327 | { | 330 | { |
328 | struct GNUNET_CRYPTO_EcdsaPublicKey key; | 331 | struct GNUNET_IDENTITY_PublicKey key; |
329 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey; | 332 | const struct GNUNET_IDENTITY_PrivateKey *privkey; |
330 | struct GNUNET_REVOCATION_PowCalculationHandle *ph = NULL; | 333 | struct GNUNET_REVOCATION_PowCalculationHandle *ph = NULL; |
334 | size_t psize; | ||
331 | 335 | ||
332 | el = NULL; | 336 | el = NULL; |
333 | if (NULL == ego) | 337 | if (NULL == ego) |
@@ -338,12 +342,15 @@ ego_callback (void *cls, struct GNUNET_IDENTITY_Ego *ego) | |||
338 | } | 342 | } |
339 | GNUNET_IDENTITY_ego_get_public_key (ego, &key); | 343 | GNUNET_IDENTITY_ego_get_public_key (ego, &key); |
340 | privkey = GNUNET_IDENTITY_ego_get_private_key (ego); | 344 | privkey = GNUNET_IDENTITY_ego_get_private_key (ego); |
341 | memset (&proof_of_work, 0, sizeof (proof_of_work)); | 345 | proof_of_work = GNUNET_malloc (GNUNET_REVOCATION_MAX_PROOF_SIZE); |
342 | if ((NULL != filename) && (GNUNET_YES == GNUNET_DISK_file_test (filename)) && | 346 | if ((NULL != filename) && (GNUNET_YES == GNUNET_DISK_file_test (filename)) && |
343 | (sizeof(proof_of_work) == | 347 | (0 < (psize = |
344 | GNUNET_DISK_fn_read (filename, &proof_of_work, sizeof(proof_of_work)))) | 348 | GNUNET_DISK_fn_read (filename, proof_of_work, |
349 | GNUNET_REVOCATION_MAX_PROOF_SIZE)))) | ||
345 | { | 350 | { |
346 | if (0 != GNUNET_memcmp (&proof_of_work.key, &key)) | 351 | size_t ksize = GNUNET_IDENTITY_key_get_length (&key); |
352 | if (((psize - sizeof (*proof_of_work)) < ksize) || // Key too small | ||
353 | (0 != memcmp (&proof_of_work[1], &key, ksize))) // Keys do not match | ||
347 | { | 354 | { |
348 | fprintf (stderr, | 355 | fprintf (stderr, |
349 | _ ("Error: revocation certificate in `%s' is not for `%s'\n"), | 356 | _ ("Error: revocation certificate in `%s' is not for `%s'\n"), |
@@ -352,7 +359,7 @@ ego_callback (void *cls, struct GNUNET_IDENTITY_Ego *ego) | |||
352 | return; | 359 | return; |
353 | } | 360 | } |
354 | if (GNUNET_YES == | 361 | if (GNUNET_YES == |
355 | GNUNET_REVOCATION_check_pow (&proof_of_work, | 362 | GNUNET_REVOCATION_check_pow (proof_of_work, |
356 | (unsigned int) matching_bits, | 363 | (unsigned int) matching_bits, |
357 | epoch_duration)) | 364 | epoch_duration)) |
358 | { | 365 | { |
@@ -369,7 +376,7 @@ ego_callback (void *cls, struct GNUNET_IDENTITY_Ego *ego) | |||
369 | fprintf (stderr, | 376 | fprintf (stderr, |
370 | "%s", | 377 | "%s", |
371 | _ ("Continuing calculation where left off...\n")); | 378 | _ ("Continuing calculation where left off...\n")); |
372 | ph = GNUNET_REVOCATION_pow_start (&proof_of_work, | 379 | ph = GNUNET_REVOCATION_pow_start (proof_of_work, |
373 | epochs, | 380 | epochs, |
374 | matching_bits); | 381 | matching_bits); |
375 | } | 382 | } |
@@ -379,8 +386,8 @@ ego_callback (void *cls, struct GNUNET_IDENTITY_Ego *ego) | |||
379 | if (NULL == ph) | 386 | if (NULL == ph) |
380 | { | 387 | { |
381 | GNUNET_REVOCATION_pow_init (privkey, | 388 | GNUNET_REVOCATION_pow_init (privkey, |
382 | &proof_of_work); | 389 | proof_of_work); |
383 | ph = GNUNET_REVOCATION_pow_start (&proof_of_work, | 390 | ph = GNUNET_REVOCATION_pow_start (proof_of_work, |
384 | epochs, /* Epochs */ | 391 | epochs, /* Epochs */ |
385 | matching_bits); | 392 | matching_bits); |
386 | } | 393 | } |
@@ -403,15 +410,15 @@ run (void *cls, | |||
403 | const char *cfgfile, | 410 | const char *cfgfile, |
404 | const struct GNUNET_CONFIGURATION_Handle *c) | 411 | const struct GNUNET_CONFIGURATION_Handle *c) |
405 | { | 412 | { |
406 | struct GNUNET_CRYPTO_EcdsaPublicKey pk; | 413 | struct GNUNET_IDENTITY_PublicKey pk; |
414 | size_t psize; | ||
407 | 415 | ||
408 | cfg = c; | 416 | cfg = c; |
409 | if (NULL != test_ego) | 417 | if (NULL != test_ego) |
410 | { | 418 | { |
411 | if (GNUNET_OK != | 419 | if (GNUNET_OK != |
412 | GNUNET_CRYPTO_ecdsa_public_key_from_string (test_ego, | 420 | GNUNET_IDENTITY_public_key_from_string (test_ego, |
413 | strlen (test_ego), | 421 | &pk)) |
414 | &pk)) | ||
415 | { | 422 | { |
416 | fprintf (stderr, _ ("Public key `%s' malformed\n"), test_ego); | 423 | fprintf (stderr, _ ("Public key `%s' malformed\n"), test_ego); |
417 | return; | 424 | return; |
@@ -463,23 +470,33 @@ run (void *cls, | |||
463 | } | 470 | } |
464 | if ((NULL != filename) && (perform)) | 471 | if ((NULL != filename) && (perform)) |
465 | { | 472 | { |
466 | if (sizeof(proof_of_work) != GNUNET_DISK_fn_read (filename, | 473 | size_t bread; |
467 | &proof_of_work, | 474 | proof_of_work = GNUNET_malloc (GNUNET_REVOCATION_MAX_PROOF_SIZE); |
468 | sizeof(proof_of_work))) | 475 | if (0 < (bread = GNUNET_DISK_fn_read (filename, |
476 | proof_of_work, | ||
477 | GNUNET_REVOCATION_MAX_PROOF_SIZE))) | ||
469 | { | 478 | { |
470 | fprintf (stderr, | 479 | fprintf (stderr, |
471 | _ ("Failed to read revocation certificate from `%s'\n"), | 480 | _ ("Failed to read revocation certificate from `%s'\n"), |
472 | filename); | 481 | filename); |
473 | return; | 482 | return; |
474 | } | 483 | } |
484 | psize = GNUNET_REVOCATION_proof_get_size (proof_of_work); | ||
485 | if (bread != psize) | ||
486 | { | ||
487 | fprintf (stderr, | ||
488 | _ ("Revocation certificate corrupted in `%s'\n"), | ||
489 | filename); | ||
490 | return; | ||
491 | } | ||
475 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); | 492 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); |
476 | if (GNUNET_YES != | 493 | if (GNUNET_YES != |
477 | GNUNET_REVOCATION_check_pow (&proof_of_work, | 494 | GNUNET_REVOCATION_check_pow (proof_of_work, |
478 | (unsigned int) matching_bits, | 495 | (unsigned int) matching_bits, |
479 | epoch_duration)) | 496 | epoch_duration)) |
480 | { | 497 | { |
481 | struct GNUNET_REVOCATION_PowCalculationHandle *ph; | 498 | struct GNUNET_REVOCATION_PowCalculationHandle *ph; |
482 | ph = GNUNET_REVOCATION_pow_start (&proof_of_work, | 499 | ph = GNUNET_REVOCATION_pow_start (proof_of_work, |
483 | epochs, /* Epochs */ | 500 | epochs, /* Epochs */ |
484 | matching_bits); | 501 | matching_bits); |
485 | 502 | ||
diff --git a/src/revocation/gnunet-service-revocation.c b/src/revocation/gnunet-service-revocation.c index ddebb38ad..0fa92f4a6 100644 --- a/src/revocation/gnunet-service-revocation.c +++ b/src/revocation/gnunet-service-revocation.c | |||
@@ -172,7 +172,8 @@ new_peer_entry (const struct GNUNET_PeerIdentity *peer) | |||
172 | static int | 172 | static int |
173 | verify_revoke_message (const struct RevokeMessage *rm) | 173 | verify_revoke_message (const struct RevokeMessage *rm) |
174 | { | 174 | { |
175 | if (GNUNET_YES != GNUNET_REVOCATION_check_pow (&rm->proof_of_work, | 175 | struct GNUNET_REVOCATION_PowP *pow = (struct GNUNET_REVOCATION_PowP *) &rm[1]; |
176 | if (GNUNET_YES != GNUNET_REVOCATION_check_pow (pow, | ||
176 | (unsigned | 177 | (unsigned |
177 | int) revocation_work_required, | 178 | int) revocation_work_required, |
178 | epoch_duration)) | 179 | epoch_duration)) |
@@ -236,7 +237,7 @@ handle_query_message (void *cls, | |||
236 | int res; | 237 | int res; |
237 | 238 | ||
238 | GNUNET_CRYPTO_hash (&qm->key, | 239 | GNUNET_CRYPTO_hash (&qm->key, |
239 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey), | 240 | sizeof(struct GNUNET_IDENTITY_PublicKey), |
240 | &hc); | 241 | &hc); |
241 | res = GNUNET_CONTAINER_multihashmap_contains (revocation_map, | 242 | res = GNUNET_CONTAINER_multihashmap_contains (revocation_map, |
242 | &hc); | 243 | &hc); |
@@ -276,9 +277,11 @@ do_flood (void *cls, | |||
276 | return GNUNET_OK; /* peer connected to us via SET, | 277 | return GNUNET_OK; /* peer connected to us via SET, |
277 | but we have no direct CORE | 278 | but we have no direct CORE |
278 | connection for flooding */ | 279 | connection for flooding */ |
279 | e = GNUNET_MQ_msg (cp, | 280 | e = GNUNET_MQ_msg_extra (cp, |
281 | htonl (rm->pow_size), | ||
280 | GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE); | 282 | GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE); |
281 | *cp = *rm; | 283 | *cp = *rm; |
284 | memcpy (&cp[1], &rm[1], htonl (rm->pow_size)); | ||
282 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 285 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
283 | "Flooding revocation to `%s'\n", | 286 | "Flooding revocation to `%s'\n", |
284 | GNUNET_i2s (target)); | 287 | GNUNET_i2s (target)); |
@@ -303,9 +306,12 @@ publicize_rm (const struct RevokeMessage *rm) | |||
303 | struct RevokeMessage *cp; | 306 | struct RevokeMessage *cp; |
304 | struct GNUNET_HashCode hc; | 307 | struct GNUNET_HashCode hc; |
305 | struct GNUNET_SETU_Element e; | 308 | struct GNUNET_SETU_Element e; |
309 | const struct GNUNET_IDENTITY_PublicKey *pk; | ||
306 | 310 | ||
307 | GNUNET_CRYPTO_hash (&rm->proof_of_work.key, | 311 | struct GNUNET_REVOCATION_PowP *pow = (struct GNUNET_REVOCATION_PowP *) &rm[1]; |
308 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey), | 312 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
313 | GNUNET_CRYPTO_hash (pk, | ||
314 | GNUNET_IDENTITY_key_get_length (pk), | ||
309 | &hc); | 315 | &hc); |
310 | if (GNUNET_YES == | 316 | if (GNUNET_YES == |
311 | GNUNET_CONTAINER_multihashmap_contains (revocation_map, | 317 | GNUNET_CONTAINER_multihashmap_contains (revocation_map, |
@@ -371,6 +377,23 @@ publicize_rm (const struct RevokeMessage *rm) | |||
371 | } | 377 | } |
372 | 378 | ||
373 | 379 | ||
380 | static int | ||
381 | check_revoke_message (void *cls, | ||
382 | const struct RevokeMessage *rm) | ||
383 | { | ||
384 | uint16_t size; | ||
385 | |||
386 | size = ntohs (rm->header.size); | ||
387 | if (size <= sizeof(struct RevokeMessage)) | ||
388 | { | ||
389 | GNUNET_break (0); | ||
390 | return GNUNET_SYSERR; | ||
391 | } | ||
392 | return GNUNET_OK; | ||
393 | |||
394 | } | ||
395 | |||
396 | |||
374 | /** | 397 | /** |
375 | * Handle REVOKE message from client. | 398 | * Handle REVOKE message from client. |
376 | * | 399 | * |
@@ -403,6 +426,23 @@ handle_revoke_message (void *cls, | |||
403 | } | 426 | } |
404 | 427 | ||
405 | 428 | ||
429 | static int | ||
430 | check_p2p_revoke (void *cls, | ||
431 | const struct RevokeMessage *rm) | ||
432 | { | ||
433 | uint16_t size; | ||
434 | |||
435 | size = ntohs (rm->header.size); | ||
436 | if (size <= sizeof(struct RevokeMessage)) | ||
437 | { | ||
438 | GNUNET_break (0); | ||
439 | return GNUNET_SYSERR; | ||
440 | } | ||
441 | return GNUNET_OK; | ||
442 | |||
443 | } | ||
444 | |||
445 | |||
406 | /** | 446 | /** |
407 | * Core handler for flooded revocation messages. | 447 | * Core handler for flooded revocation messages. |
408 | * | 448 | * |
@@ -784,16 +824,17 @@ run (void *cls, | |||
784 | struct GNUNET_SERVICE_Handle *service) | 824 | struct GNUNET_SERVICE_Handle *service) |
785 | { | 825 | { |
786 | struct GNUNET_MQ_MessageHandler core_handlers[] = { | 826 | struct GNUNET_MQ_MessageHandler core_handlers[] = { |
787 | GNUNET_MQ_hd_fixed_size (p2p_revoke, | 827 | GNUNET_MQ_hd_var_size (p2p_revoke, |
788 | GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE, | 828 | GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE, |
789 | struct RevokeMessage, | 829 | struct RevokeMessage, |
790 | NULL), | 830 | NULL), |
791 | GNUNET_MQ_handler_end () | 831 | GNUNET_MQ_handler_end () |
792 | }; | 832 | }; |
793 | char *fn; | 833 | char *fn; |
794 | uint64_t left; | 834 | uint64_t left; |
795 | struct RevokeMessage *rm; | 835 | struct RevokeMessage *rm; |
796 | struct GNUNET_HashCode hc; | 836 | struct GNUNET_HashCode hc; |
837 | const struct GNUNET_IDENTITY_PublicKey *pk; | ||
797 | 838 | ||
798 | GNUNET_CRYPTO_hash ("revocation-set-union-application-id", | 839 | GNUNET_CRYPTO_hash ("revocation-set-union-application-id", |
799 | strlen ("revocation-set-union-application-id"), | 840 | strlen ("revocation-set-union-application-id"), |
@@ -892,9 +933,11 @@ run (void *cls, | |||
892 | GNUNET_free (fn); | 933 | GNUNET_free (fn); |
893 | return; | 934 | return; |
894 | } | 935 | } |
895 | GNUNET_break (0 == ntohl (rm->reserved)); | 936 | struct GNUNET_REVOCATION_PowP *pow = (struct |
896 | GNUNET_CRYPTO_hash (&rm->proof_of_work.key, | 937 | GNUNET_REVOCATION_PowP *) &rm[1]; |
897 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey), | 938 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
939 | GNUNET_CRYPTO_hash (pk, | ||
940 | GNUNET_IDENTITY_key_get_length (pk), | ||
898 | &hc); | 941 | &hc); |
899 | GNUNET_break (GNUNET_OK == | 942 | GNUNET_break (GNUNET_OK == |
900 | GNUNET_CONTAINER_multihashmap_put (revocation_map, | 943 | GNUNET_CONTAINER_multihashmap_put (revocation_map, |
@@ -939,10 +982,10 @@ GNUNET_SERVICE_MAIN | |||
939 | GNUNET_MESSAGE_TYPE_REVOCATION_QUERY, | 982 | GNUNET_MESSAGE_TYPE_REVOCATION_QUERY, |
940 | struct QueryMessage, | 983 | struct QueryMessage, |
941 | NULL), | 984 | NULL), |
942 | GNUNET_MQ_hd_fixed_size (revoke_message, | 985 | GNUNET_MQ_hd_var_size (revoke_message, |
943 | GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE, | 986 | GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE, |
944 | struct RevokeMessage, | 987 | struct RevokeMessage, |
945 | NULL), | 988 | NULL), |
946 | GNUNET_MQ_handler_end ()); | 989 | GNUNET_MQ_handler_end ()); |
947 | 990 | ||
948 | 991 | ||
diff --git a/src/revocation/plugin_block_revocation.c b/src/revocation/plugin_block_revocation.c index 291c56f70..3c9344a49 100644 --- a/src/revocation/plugin_block_revocation.c +++ b/src/revocation/plugin_block_revocation.c | |||
@@ -143,16 +143,18 @@ block_plugin_revocation_evaluate (void *cls, | |||
143 | GNUNET_break_op (0); | 143 | GNUNET_break_op (0); |
144 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; | 144 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; |
145 | } | 145 | } |
146 | if (0 >= | 146 | struct GNUNET_REVOCATION_PowP *pow = (struct GNUNET_REVOCATION_PowP *) &rm[1]; |
147 | GNUNET_REVOCATION_check_pow (&rm->proof_of_work, | 147 | const struct GNUNET_IDENTITY_PublicKey *pk; |
148 | ic->matching_bits, | 148 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
149 | ic->epoch_duration)) | 149 | if (GNUNET_YES != GNUNET_REVOCATION_check_pow (pow, |
150 | ic->matching_bits, | ||
151 | ic->epoch_duration)) | ||
150 | { | 152 | { |
151 | GNUNET_break_op (0); | 153 | GNUNET_break_op (0); |
152 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; | 154 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; |
153 | } | 155 | } |
154 | GNUNET_CRYPTO_hash (&rm->proof_of_work.key, | 156 | GNUNET_CRYPTO_hash (pk, |
155 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey), | 157 | GNUNET_IDENTITY_key_get_length (pk), |
156 | &chash); | 158 | &chash); |
157 | if (GNUNET_YES == | 159 | if (GNUNET_YES == |
158 | GNUNET_BLOCK_GROUP_bf_test_and_set (group, | 160 | GNUNET_BLOCK_GROUP_bf_test_and_set (group, |
@@ -182,13 +184,16 @@ block_plugin_revocation_get_key (void *cls, | |||
182 | { | 184 | { |
183 | const struct RevokeMessage *rm = block; | 185 | const struct RevokeMessage *rm = block; |
184 | 186 | ||
185 | if (block_size != sizeof(*rm)) | 187 | if (block_size <= sizeof(*rm)) |
186 | { | 188 | { |
187 | GNUNET_break_op (0); | 189 | GNUNET_break_op (0); |
188 | return GNUNET_SYSERR; | 190 | return GNUNET_SYSERR; |
189 | } | 191 | } |
190 | GNUNET_CRYPTO_hash (&rm->proof_of_work.key, | 192 | struct GNUNET_REVOCATION_PowP *pow = (struct GNUNET_REVOCATION_PowP *) &rm[1]; |
191 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey), | 193 | const struct GNUNET_IDENTITY_PublicKey *pk; |
194 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | ||
195 | GNUNET_CRYPTO_hash (pk, | ||
196 | GNUNET_IDENTITY_key_get_length (pk), | ||
192 | key); | 197 | key); |
193 | return GNUNET_OK; | 198 | return GNUNET_OK; |
194 | } | 199 | } |
diff --git a/src/revocation/revocation.h b/src/revocation/revocation.h index 635c56cfc..c3a9c9e6b 100644 --- a/src/revocation/revocation.h +++ b/src/revocation/revocation.h | |||
@@ -49,7 +49,7 @@ struct QueryMessage | |||
49 | /** | 49 | /** |
50 | * Key to check. | 50 | * Key to check. |
51 | */ | 51 | */ |
52 | struct GNUNET_CRYPTO_EcdsaPublicKey key; | 52 | struct GNUNET_IDENTITY_PublicKey key; |
53 | }; | 53 | }; |
54 | 54 | ||
55 | 55 | ||
@@ -85,14 +85,11 @@ struct RevokeMessage | |||
85 | struct GNUNET_MessageHeader header; | 85 | struct GNUNET_MessageHeader header; |
86 | 86 | ||
87 | /** | 87 | /** |
88 | * For alignment. | 88 | * Length of PoW with signature. |
89 | */ | 89 | */ |
90 | uint32_t reserved GNUNET_PACKED; | 90 | uint32_t pow_size GNUNET_PACKED; |
91 | 91 | ||
92 | /** | 92 | /** Followed by the PoW **/ |
93 | * Number that causes a hash collision with the @e public_key. | ||
94 | */ | ||
95 | struct GNUNET_REVOCATION_PowP proof_of_work; | ||
96 | }; | 93 | }; |
97 | 94 | ||
98 | 95 | ||
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index 75cfd8761..94fbc7022 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c | |||
@@ -160,7 +160,7 @@ handle_revocation_query_response (void *cls, | |||
160 | */ | 160 | */ |
161 | struct GNUNET_REVOCATION_Query * | 161 | struct GNUNET_REVOCATION_Query * |
162 | GNUNET_REVOCATION_query (const struct GNUNET_CONFIGURATION_Handle *cfg, | 162 | GNUNET_REVOCATION_query (const struct GNUNET_CONFIGURATION_Handle *cfg, |
163 | const struct GNUNET_CRYPTO_EcdsaPublicKey *key, | 163 | const struct GNUNET_IDENTITY_PublicKey *key, |
164 | GNUNET_REVOCATION_Callback func, | 164 | GNUNET_REVOCATION_Callback func, |
165 | void *func_cls) | 165 | void *func_cls) |
166 | { | 166 | { |
@@ -359,10 +359,12 @@ GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
359 | } | 359 | } |
360 | h->func = func; | 360 | h->func = func; |
361 | h->func_cls = func_cls; | 361 | h->func_cls = func_cls; |
362 | env = GNUNET_MQ_msg (rm, | 362 | size_t extra_len = GNUNET_REVOCATION_proof_get_size (pow); |
363 | GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE); | 363 | env = GNUNET_MQ_msg_extra (rm, |
364 | rm->reserved = htonl (0); | 364 | extra_len, |
365 | rm->proof_of_work = *pow; | 365 | GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE); |
366 | rm->pow_size = htonl (extra_len); | ||
367 | memcpy (&rm[1], pow, extra_len); | ||
366 | GNUNET_MQ_send (h->mq, | 368 | GNUNET_MQ_send (h->mq, |
367 | env); | 369 | env); |
368 | return h; | 370 | return h; |
@@ -420,6 +422,58 @@ calculate_score (const struct GNUNET_REVOCATION_PowCalculationHandle *ph) | |||
420 | } | 422 | } |
421 | 423 | ||
422 | 424 | ||
425 | enum GNUNET_GenericReturnValue | ||
426 | check_signature_ecdsa (const struct GNUNET_REVOCATION_PowP *pow, | ||
427 | const struct GNUNET_CRYPTO_EcdsaPublicKey *key) | ||
428 | { | ||
429 | struct GNUNET_REVOCATION_EcdsaSignaturePurposePS spurp; | ||
430 | struct GNUNET_CRYPTO_EcdsaSignature *sig; | ||
431 | const struct GNUNET_IDENTITY_PublicKey *pk; | ||
432 | size_t ksize; | ||
433 | |||
434 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | ||
435 | ksize = GNUNET_IDENTITY_key_get_length (pk); | ||
436 | |||
437 | spurp.ktype = pk->type; | ||
438 | spurp.key = pk->ecdsa_key; | ||
439 | spurp.timestamp = pow->timestamp; | ||
440 | spurp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); | ||
441 | spurp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | ||
442 | + GNUNET_IDENTITY_key_get_length (pk) | ||
443 | + sizeof (struct GNUNET_TIME_AbsoluteNBO)); | ||
444 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
445 | "Expected signature payload len: %u\n", | ||
446 | ntohl (spurp.purpose.size)); | ||
447 | sig = (struct GNUNET_CRYPTO_EcdsaSignature *) ((char*)&pow[1] + ksize); | ||
448 | if (GNUNET_OK != | ||
449 | GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, | ||
450 | &spurp.purpose, | ||
451 | sig, | ||
452 | key)) | ||
453 | { | ||
454 | return GNUNET_SYSERR; | ||
455 | } | ||
456 | return GNUNET_OK; | ||
457 | } | ||
458 | |||
459 | |||
460 | enum GNUNET_GenericReturnValue | ||
461 | check_signature (const struct GNUNET_REVOCATION_PowP *pow) | ||
462 | { | ||
463 | const struct GNUNET_IDENTITY_PublicKey *pk; | ||
464 | |||
465 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | ||
466 | switch (ntohl (pk->type)) | ||
467 | { | ||
468 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
469 | return check_signature_ecdsa (pow, &pk->ecdsa_key); | ||
470 | default: | ||
471 | return GNUNET_SYSERR; | ||
472 | } | ||
473 | return GNUNET_SYSERR; | ||
474 | } | ||
475 | |||
476 | |||
423 | /** | 477 | /** |
424 | * Check if the given proof-of-work is valid. | 478 | * Check if the given proof-of-work is valid. |
425 | * | 479 | * |
@@ -433,10 +487,9 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_PowP *pow, | |||
433 | unsigned int difficulty, | 487 | unsigned int difficulty, |
434 | struct GNUNET_TIME_Relative epoch_duration) | 488 | struct GNUNET_TIME_Relative epoch_duration) |
435 | { | 489 | { |
436 | char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) | 490 | char buf[sizeof(struct GNUNET_IDENTITY_PublicKey) |
437 | + sizeof (struct GNUNET_TIME_AbsoluteNBO) | 491 | + sizeof (struct GNUNET_TIME_AbsoluteNBO) |
438 | + sizeof (uint64_t)] GNUNET_ALIGN; | 492 | + sizeof (uint64_t)] GNUNET_ALIGN; |
439 | struct GNUNET_REVOCATION_SignaturePurposePS spurp; | ||
440 | struct GNUNET_HashCode result; | 493 | struct GNUNET_HashCode result; |
441 | struct GNUNET_TIME_Absolute ts; | 494 | struct GNUNET_TIME_Absolute ts; |
442 | struct GNUNET_TIME_Absolute exp; | 495 | struct GNUNET_TIME_Absolute exp; |
@@ -446,25 +499,18 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_PowP *pow, | |||
446 | unsigned int tmp_score = 0; | 499 | unsigned int tmp_score = 0; |
447 | unsigned int epochs; | 500 | unsigned int epochs; |
448 | uint64_t pow_val; | 501 | uint64_t pow_val; |
502 | const struct GNUNET_IDENTITY_PublicKey *pk; | ||
503 | |||
504 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | ||
449 | 505 | ||
450 | /** | 506 | /** |
451 | * Check if signature valid | 507 | * Check if signature valid |
452 | */ | 508 | */ |
453 | spurp.key = pow->key; | 509 | if (GNUNET_OK != check_signature (pow)) |
454 | spurp.timestamp = pow->timestamp; | ||
455 | spurp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); | ||
456 | spurp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | ||
457 | + sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) | ||
458 | + sizeof (struct GNUNET_TIME_AbsoluteNBO)); | ||
459 | if (GNUNET_OK != | ||
460 | GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, | ||
461 | &spurp.purpose, | ||
462 | &pow->signature, | ||
463 | &pow->key)) | ||
464 | { | 510 | { |
465 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 511 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
466 | "Proof of work signature invalid!\n"); | 512 | "Proof of work signature invalid!\n"); |
467 | return GNUNET_NO; | 513 | return GNUNET_SYSERR; |
468 | } | 514 | } |
469 | 515 | ||
470 | /** | 516 | /** |
@@ -479,8 +525,8 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_PowP *pow, | |||
479 | &pow->timestamp, | 525 | &pow->timestamp, |
480 | sizeof (uint64_t)); | 526 | sizeof (uint64_t)); |
481 | GNUNET_memcpy (&buf[sizeof(uint64_t) * 2], | 527 | GNUNET_memcpy (&buf[sizeof(uint64_t) * 2], |
482 | &pow->key, | 528 | pk, |
483 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)); | 529 | GNUNET_IDENTITY_key_get_length (pk)); |
484 | for (unsigned int i = 0; i < POW_COUNT; i++) | 530 | for (unsigned int i = 0; i < POW_COUNT; i++) |
485 | { | 531 | { |
486 | pow_val = GNUNET_ntohll (pow->pow[i]); | 532 | pow_val = GNUNET_ntohll (pow->pow[i]); |
@@ -529,18 +575,15 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_PowP *pow, | |||
529 | } | 575 | } |
530 | 576 | ||
531 | 577 | ||
532 | /** | 578 | enum GNUNET_GenericReturnValue |
533 | * Initializes a fresh PoW computation. | 579 | sign_pow_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, |
534 | * | 580 | struct GNUNET_REVOCATION_PowP *pow) |
535 | * @param key the key to calculate the PoW for. | ||
536 | * @param[out] pow starting point for PoW calculation (not yet valid) | ||
537 | */ | ||
538 | void | ||
539 | GNUNET_REVOCATION_pow_init (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | ||
540 | struct GNUNET_REVOCATION_PowP *pow) | ||
541 | { | 581 | { |
542 | struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); | 582 | struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); |
543 | struct GNUNET_REVOCATION_SignaturePurposePS rp; | 583 | struct GNUNET_REVOCATION_EcdsaSignaturePurposePS rp; |
584 | const struct GNUNET_IDENTITY_PublicKey *pk; | ||
585 | size_t ksize; | ||
586 | char *sig; | ||
544 | 587 | ||
545 | /** | 588 | /** |
546 | * Predate the validity period to prevent rejections due to | 589 | * Predate the validity period to prevent rejections due to |
@@ -548,19 +591,57 @@ GNUNET_REVOCATION_pow_init (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
548 | */ | 591 | */ |
549 | ts = GNUNET_TIME_absolute_subtract (ts, | 592 | ts = GNUNET_TIME_absolute_subtract (ts, |
550 | GNUNET_TIME_UNIT_WEEKS); | 593 | GNUNET_TIME_UNIT_WEEKS); |
551 | 594 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | |
595 | ksize = GNUNET_IDENTITY_key_get_length (pk); | ||
552 | pow->timestamp = GNUNET_TIME_absolute_hton (ts); | 596 | pow->timestamp = GNUNET_TIME_absolute_hton (ts); |
553 | rp.timestamp = pow->timestamp; | 597 | rp.timestamp = pow->timestamp; |
554 | rp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); | 598 | rp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); |
555 | rp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 599 | rp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) |
556 | + sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) | 600 | + ksize |
557 | + sizeof (struct GNUNET_TIME_AbsoluteNBO)); | 601 | + sizeof (struct GNUNET_TIME_AbsoluteNBO)); |
558 | GNUNET_CRYPTO_ecdsa_key_get_public (key, &pow->key); | 602 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
559 | rp.key = pow->key; | 603 | "Signature payload len: %u\n", |
560 | GNUNET_assert (GNUNET_OK == | 604 | ntohl (rp.purpose.size)); |
561 | GNUNET_CRYPTO_ecdsa_sign_ (key, | 605 | rp.ktype = pk->type; |
562 | &rp.purpose, | 606 | rp.key = pk->ecdsa_key; |
563 | &pow->signature)); | 607 | sig = ((char*)&pow[1]) + ksize; |
608 | return GNUNET_CRYPTO_ecdsa_sign_ (key, | ||
609 | &rp.purpose, | ||
610 | (void*) sig); | ||
611 | |||
612 | } | ||
613 | |||
614 | |||
615 | enum GNUNET_GenericReturnValue | ||
616 | sign_pow (const struct GNUNET_IDENTITY_PrivateKey *key, | ||
617 | struct GNUNET_REVOCATION_PowP *pow) | ||
618 | { | ||
619 | struct GNUNET_IDENTITY_PublicKey *pk; | ||
620 | |||
621 | pk = (struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | ||
622 | GNUNET_IDENTITY_key_get_public (key, pk); | ||
623 | switch (ntohl (pk->type)) | ||
624 | { | ||
625 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
626 | return sign_pow_ecdsa (&key->ecdsa_key, pow); | ||
627 | default: | ||
628 | return GNUNET_NO; | ||
629 | } | ||
630 | return GNUNET_NO; | ||
631 | } | ||
632 | |||
633 | |||
634 | /** | ||
635 | * Initializes a fresh PoW computation. | ||
636 | * | ||
637 | * @param key the key to calculate the PoW for. | ||
638 | * @param[out] pow starting point for PoW calculation (not yet valid) | ||
639 | */ | ||
640 | void | ||
641 | GNUNET_REVOCATION_pow_init (const struct GNUNET_IDENTITY_PrivateKey *key, | ||
642 | struct GNUNET_REVOCATION_PowP *pow) | ||
643 | { | ||
644 | GNUNET_assert (GNUNET_OK == sign_pow (key, pow)); | ||
564 | } | 645 | } |
565 | 646 | ||
566 | 647 | ||
@@ -622,15 +703,17 @@ cmp_pow_value (const void *a, const void *b) | |||
622 | enum GNUNET_GenericReturnValue | 703 | enum GNUNET_GenericReturnValue |
623 | GNUNET_REVOCATION_pow_round (struct GNUNET_REVOCATION_PowCalculationHandle *pc) | 704 | GNUNET_REVOCATION_pow_round (struct GNUNET_REVOCATION_PowCalculationHandle *pc) |
624 | { | 705 | { |
625 | char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) | 706 | char buf[sizeof(struct GNUNET_IDENTITY_PublicKey) |
626 | + sizeof (uint64_t) | 707 | + sizeof (uint64_t) |
627 | + sizeof (uint64_t)] GNUNET_ALIGN; | 708 | + sizeof (uint64_t)] GNUNET_ALIGN; |
628 | struct GNUNET_HashCode result; | 709 | struct GNUNET_HashCode result; |
710 | const struct GNUNET_IDENTITY_PublicKey *pk; | ||
629 | unsigned int zeros; | 711 | unsigned int zeros; |
630 | int ret; | 712 | int ret; |
631 | uint64_t pow_nbo; | 713 | uint64_t pow_nbo; |
632 | 714 | ||
633 | pc->current_pow++; | 715 | pc->current_pow++; |
716 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &(pc->pow[1]); | ||
634 | 717 | ||
635 | /** | 718 | /** |
636 | * Do not try duplicates | 719 | * Do not try duplicates |
@@ -644,8 +727,8 @@ GNUNET_REVOCATION_pow_round (struct GNUNET_REVOCATION_PowCalculationHandle *pc) | |||
644 | &pc->pow->timestamp, | 727 | &pc->pow->timestamp, |
645 | sizeof (uint64_t)); | 728 | sizeof (uint64_t)); |
646 | GNUNET_memcpy (&buf[sizeof(uint64_t) * 2], | 729 | GNUNET_memcpy (&buf[sizeof(uint64_t) * 2], |
647 | &pc->pow->key, | 730 | pk, |
648 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)); | 731 | GNUNET_IDENTITY_key_get_length (pk)); |
649 | GNUNET_CRYPTO_pow_hash (&salt, | 732 | GNUNET_CRYPTO_pow_hash (&salt, |
650 | buf, | 733 | buf, |
651 | sizeof(buf), | 734 | sizeof(buf), |
@@ -690,4 +773,25 @@ GNUNET_REVOCATION_pow_stop (struct GNUNET_REVOCATION_PowCalculationHandle *pc) | |||
690 | } | 773 | } |
691 | 774 | ||
692 | 775 | ||
776 | size_t | ||
777 | GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow) | ||
778 | { | ||
779 | size_t size; | ||
780 | const struct GNUNET_IDENTITY_PublicKey *pk; | ||
781 | |||
782 | size = sizeof (struct GNUNET_REVOCATION_PowP); | ||
783 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | ||
784 | size += GNUNET_IDENTITY_key_get_length (pk); | ||
785 | |||
786 | switch (ntohl (pk->type)) | ||
787 | { | ||
788 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
789 | return size + sizeof (struct GNUNET_CRYPTO_EcdsaSignature); | ||
790 | default: | ||
791 | return 0; | ||
792 | } | ||
793 | return 0; | ||
794 | } | ||
795 | |||
796 | |||
693 | /* end of revocation_api.c */ | 797 | /* end of revocation_api.c */ |
diff --git a/src/revocation/test_revocation.c b/src/revocation/test_revocation.c index b65567d79..c6457016f 100644 --- a/src/revocation/test_revocation.c +++ b/src/revocation/test_revocation.c | |||
@@ -38,8 +38,8 @@ struct TestPeer | |||
38 | struct GNUNET_TESTBED_Operation *core_op; | 38 | struct GNUNET_TESTBED_Operation *core_op; |
39 | struct GNUNET_IDENTITY_Handle *idh; | 39 | struct GNUNET_IDENTITY_Handle *idh; |
40 | const struct GNUNET_CONFIGURATION_Handle *cfg; | 40 | const struct GNUNET_CONFIGURATION_Handle *cfg; |
41 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey; | 41 | const struct GNUNET_IDENTITY_PrivateKey *privkey; |
42 | struct GNUNET_CRYPTO_EcdsaPublicKey pubkey; | 42 | struct GNUNET_IDENTITY_PublicKey pubkey; |
43 | struct GNUNET_CRYPTO_EcdsaSignature sig; | 43 | struct GNUNET_CRYPTO_EcdsaSignature sig; |
44 | struct GNUNET_IDENTITY_Operation *create_id_op; | 44 | struct GNUNET_IDENTITY_Operation *create_id_op; |
45 | struct GNUNET_IDENTITY_EgoLookup *ego_lookup; | 45 | struct GNUNET_IDENTITY_EgoLookup *ego_lookup; |
@@ -142,13 +142,13 @@ revocation_cb (void *cls, enum GNUNET_GenericReturnValue is_valid) | |||
142 | } | 142 | } |
143 | 143 | ||
144 | 144 | ||
145 | static struct GNUNET_REVOCATION_PowP proof_of_work; | 145 | static struct GNUNET_REVOCATION_PowP *proof_of_work; |
146 | 146 | ||
147 | static void | 147 | static void |
148 | ego_cb (void *cls, struct GNUNET_IDENTITY_Ego *ego) | 148 | ego_cb (void *cls, struct GNUNET_IDENTITY_Ego *ego) |
149 | { | 149 | { |
150 | static int completed = 0; | 150 | static int completed = 0; |
151 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey; | 151 | const struct GNUNET_IDENTITY_PrivateKey *privkey; |
152 | 152 | ||
153 | if ((NULL != ego) && (cls == &testpeers[0])) | 153 | if ((NULL != ego) && (cls == &testpeers[0])) |
154 | { | 154 | { |
@@ -164,10 +164,10 @@ ego_cb (void *cls, struct GNUNET_IDENTITY_Ego *ego) | |||
164 | GNUNET_IDENTITY_ego_get_public_key (ego, &testpeers[1].pubkey); | 164 | GNUNET_IDENTITY_ego_get_public_key (ego, &testpeers[1].pubkey); |
165 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Calculating proof of work...\n"); | 165 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Calculating proof of work...\n"); |
166 | privkey = GNUNET_IDENTITY_ego_get_private_key (ego); | 166 | privkey = GNUNET_IDENTITY_ego_get_private_key (ego); |
167 | memset (&proof_of_work, 0, sizeof (proof_of_work)); | 167 | proof_of_work = GNUNET_malloc (GNUNET_REVOCATION_MAX_PROOF_SIZE); |
168 | GNUNET_REVOCATION_pow_init (privkey, | 168 | GNUNET_REVOCATION_pow_init (privkey, |
169 | &proof_of_work); | 169 | proof_of_work); |
170 | testpeers[1].pow = GNUNET_REVOCATION_pow_start (&proof_of_work, | 170 | testpeers[1].pow = GNUNET_REVOCATION_pow_start (proof_of_work, |
171 | 1, | 171 | 1, |
172 | 5); | 172 | 5); |
173 | int res = | 173 | int res = |
@@ -184,7 +184,7 @@ ego_cb (void *cls, struct GNUNET_IDENTITY_Ego *ego) | |||
184 | { | 184 | { |
185 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Egos retrieved\n"); | 185 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Egos retrieved\n"); |
186 | testpeers[1].revok_handle = GNUNET_REVOCATION_revoke (testpeers[1].cfg, | 186 | testpeers[1].revok_handle = GNUNET_REVOCATION_revoke (testpeers[1].cfg, |
187 | &proof_of_work, | 187 | proof_of_work, |
188 | &revocation_cb, | 188 | &revocation_cb, |
189 | NULL); | 189 | NULL); |
190 | GNUNET_REVOCATION_pow_stop (testpeers[1].pow); | 190 | GNUNET_REVOCATION_pow_stop (testpeers[1].pow); |
@@ -194,7 +194,7 @@ ego_cb (void *cls, struct GNUNET_IDENTITY_Ego *ego) | |||
194 | 194 | ||
195 | static void | 195 | static void |
196 | identity_create_cb (void *cls, | 196 | identity_create_cb (void *cls, |
197 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *pk, | 197 | const struct GNUNET_IDENTITY_PrivateKey *pk, |
198 | const char *emsg) | 198 | const char *emsg) |
199 | { | 199 | { |
200 | static int completed = 0; | 200 | static int completed = 0; |
@@ -238,11 +238,13 @@ identity_completion_cb (void *cls, | |||
238 | testpeers[0].create_id_op = GNUNET_IDENTITY_create (testpeers[0].idh, | 238 | testpeers[0].create_id_op = GNUNET_IDENTITY_create (testpeers[0].idh, |
239 | "client", | 239 | "client", |
240 | NULL, | 240 | NULL, |
241 | GNUNET_IDENTITY_TYPE_ECDSA, | ||
241 | &identity_create_cb, | 242 | &identity_create_cb, |
242 | &testpeers[0]); | 243 | &testpeers[0]); |
243 | testpeers[1].create_id_op = GNUNET_IDENTITY_create (testpeers[1].idh, | 244 | testpeers[1].create_id_op = GNUNET_IDENTITY_create (testpeers[1].idh, |
244 | "toberevoked", | 245 | "toberevoked", |
245 | NULL, | 246 | NULL, |
247 | GNUNET_IDENTITY_TYPE_ECDSA, | ||
246 | &identity_create_cb, | 248 | &identity_create_cb, |
247 | &testpeers[1]); | 249 | &testpeers[1]); |
248 | } | 250 | } |