aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/gnsrecord/Makefile.am9
-rw-r--r--src/gnsrecord/gnsrecord_crypto.c535
-rw-r--r--src/gnsrecord/gnsrecord_crypto.h87
-rw-r--r--src/gnsrecord/gnsrecord_misc.c19
-rw-r--r--src/gnsrecord/gnsrecord_serialization.c56
-rw-r--r--src/gnsrecord/gnunet-gnsrecord-tvg.c223
-rw-r--r--src/gnsrecord/test_gnsrecord_crypto.c12
-rw-r--r--src/gnsrecord/test_gnsrecord_testvectors.c128
-rw-r--r--src/identity/identity_api.c75
-rw-r--r--src/include/gnunet_gnsrecord_lib.h76
-rw-r--r--src/include/gnunet_identity_service.h59
-rw-r--r--src/namestore/gnunet-service-namestore.c10
-rw-r--r--src/revocation/gnunet-revocation-tvg.c58
-rw-r--r--src/revocation/revocation.h8
-rw-r--r--src/revocation/revocation_api.c53
-rw-r--r--src/util/.gitignore3
-rw-r--r--src/util/gnunet-crypto-tvg.c401
-rw-r--r--src/zonemaster/gnunet-service-zonemaster-monitor.c22
-rw-r--r--src/zonemaster/gnunet-service-zonemaster.c10
19 files changed, 1428 insertions, 416 deletions
diff --git a/src/gnsrecord/Makefile.am b/src/gnsrecord/Makefile.am
index 42ac4ede4..4308d9c1a 100644
--- a/src/gnsrecord/Makefile.am
+++ b/src/gnsrecord/Makefile.am
@@ -20,6 +20,7 @@ check_PROGRAMS = \
20 test_gnsrecord_crypto \ 20 test_gnsrecord_crypto \
21 test_gnsrecord_serialization \ 21 test_gnsrecord_serialization \
22 test_gnsrecord_block_expiration \ 22 test_gnsrecord_block_expiration \
23 test_gnsrecord_testvectors \
23 perf_gnsrecord_crypto 24 perf_gnsrecord_crypto
24 25
25if ENABLE_TEST_RUN 26if ENABLE_TEST_RUN
@@ -85,6 +86,14 @@ libgnunet_plugin_gnsrecord_dns_la_LDFLAGS = \
85EXTRA_DIST = \ 86EXTRA_DIST = \
86 $(check_SCRIPTS) 87 $(check_SCRIPTS)
87 88
89test_gnsrecord_testvectors_SOURCES = \
90 test_gnsrecord_testvectors.c
91test_gnsrecord_testvectors_LDADD = \
92 $(top_builddir)/src/testing/libgnunettesting.la \
93 $(top_builddir)/src/identity/libgnunetidentity.la \
94 libgnunetgnsrecord.la \
95 $(top_builddir)/src/util/libgnunetutil.la
96
88 97
89test_gnsrecord_serialization_SOURCES = \ 98test_gnsrecord_serialization_SOURCES = \
90 test_gnsrecord_serialization.c 99 test_gnsrecord_serialization.c
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c
index fe7db88b9..890ddb011 100644
--- a/src/gnsrecord/gnsrecord_crypto.c
+++ b/src/gnsrecord/gnsrecord_crypto.c
@@ -25,15 +25,7 @@
25 * @author Matthias Wachs 25 * @author Matthias Wachs
26 * @author Christian Grothoff 26 * @author Christian Grothoff
27 */ 27 */
28#include "platform.h" 28#include "gnsrecord_crypto.h"
29#include "gnunet_util_lib.h"
30#include "gnunet_constants.h"
31#include "gnunet_signatures.h"
32#include "gnunet_arm_service.h"
33#include "gnunet_gnsrecord_lib.h"
34#include "gnunet_dnsparser_lib.h"
35#include "gnunet_tun_lib.h"
36
37 29
38#define LOG(kind, ...) GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__) 30#define LOG(kind, ...) GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__)
39 31
@@ -103,8 +95,8 @@ eddsa_symmetric_decrypt (
103 if (ctlen < 0) 95 if (ctlen < 0)
104 return GNUNET_SYSERR; 96 return GNUNET_SYSERR;
105 if (0 != crypto_secretbox_open_detached (result, 97 if (0 != crypto_secretbox_open_detached (result,
106 block, // Ciphertext 98 ((unsigned char*) block) + crypto_secretbox_MACBYTES, // Ciphertext
107 ((unsigned char*)block) + ctlen, // TAG 99 block, // Tag
108 ctlen, 100 ctlen,
109 nonce, key)) 101 nonce, key))
110 { 102 {
@@ -124,27 +116,19 @@ eddsa_symmetric_encrypt (
124{ 116{
125 if (size > crypto_secretbox_MESSAGEBYTES_MAX) 117 if (size > crypto_secretbox_MESSAGEBYTES_MAX)
126 return GNUNET_SYSERR; 118 return GNUNET_SYSERR;
127 crypto_secretbox_detached (result, // Ciphertext 119 crypto_secretbox_detached (result + crypto_secretbox_MACBYTES, // Ciphertext
128 result + size, // TAG 120 result, // TAG
129 block, size, nonce, key); 121 block, size, nonce, key);
130 return GNUNET_OK; 122 return GNUNET_OK;
131} 123}
132 124
133 125
134/** 126void
135 * Derive session key and iv from label and public key. 127GNR_derive_block_aes_key (unsigned char *ctr,
136 * 128 unsigned char *key,
137 * @param iv initialization vector to initialize 129 const char *label,
138 * @param skey session key to initialize 130 uint64_t exp,
139 * @param label label to use for KDF 131 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
140 * @param pub public key to use for KDF
141 */
142static void
143derive_block_aes_key (unsigned char *ctr,
144 unsigned char *key,
145 const char *label,
146 uint64_t exp,
147 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
148{ 132{
149 static const char ctx_key[] = "gns-aes-ctx-key"; 133 static const char ctx_key[] = "gns-aes-ctx-key";
150 static const char ctx_iv[] = "gns-aes-ctx-iv"; 134 static const char ctx_iv[] = "gns-aes-ctx-iv";
@@ -168,23 +152,15 @@ derive_block_aes_key (unsigned char *ctr,
168} 152}
169 153
170 154
171/** 155void
172 * Derive session key and iv from label and public key. 156GNR_derive_block_xsalsa_key (unsigned char *nonce,
173 * 157 unsigned char *key,
174 * @param nonce initialization vector to initialize 158 const char *label,
175 * @param skey session key to initialize 159 uint64_t exp,
176 * @param label label to use for KDF 160 const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
177 * @param pub public key to use for KDF
178 */
179static void
180derive_block_xsalsa_key (unsigned char *nonce,
181 unsigned char *key,
182 const char *label,
183 uint64_t exp,
184 const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
185{ 161{
186 static const char ctx_key[] = "gns-aes-ctx-key"; 162 static const char ctx_key[] = "gns-xsalsa-ctx-key";
187 static const char ctx_iv[] = "gns-aes-ctx-iv"; 163 static const char ctx_iv[] = "gns-xsalsa-ctx-iv";
188 164
189 GNUNET_CRYPTO_kdf (key, crypto_secretbox_KEYBYTES, 165 GNUNET_CRYPTO_kdf (key, crypto_secretbox_KEYBYTES,
190 ctx_key, strlen (ctx_key), 166 ctx_key, strlen (ctx_key),
@@ -204,6 +180,20 @@ derive_block_xsalsa_key (unsigned char *nonce,
204} 180}
205 181
206 182
183static ssize_t
184block_get_size_ecdsa (const struct GNUNET_GNSRECORD_Data *rd,
185 unsigned int rd_count)
186{
187 ssize_t len;
188
189 len = GNUNET_GNSRECORD_records_get_size (rd_count, rd);
190 if (len < 0)
191 return -1;
192 len += sizeof(struct GNUNET_GNSRECORD_Block);
193 return len;
194}
195
196
207/** 197/**
208 * Sign name and records 198 * Sign name and records
209 * 199 *
@@ -213,20 +203,22 @@ derive_block_xsalsa_key (unsigned char *nonce,
213 * @param label the name for the records 203 * @param label the name for the records
214 * @param rd record data 204 * @param rd record data
215 * @param rd_count number of records 205 * @param rd_count number of records
216 * @return NULL on error (block too large) 206 * @param block the block result. Must be allocated sufficiently.
207 * @return GNUNET_SYSERR on error (otherwise GNUNET_OK)
217 */ 208 */
218static struct GNUNET_GNSRECORD_Block * 209static enum GNUNET_GenericReturnValue
219block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, 210block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
220 const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, 211 const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey,
221 struct GNUNET_TIME_Absolute expire, 212 struct GNUNET_TIME_Absolute expire,
222 const char *label, 213 const char *label,
223 const struct GNUNET_GNSRECORD_Data *rd, 214 const struct GNUNET_GNSRECORD_Data *rd,
224 unsigned int rd_count) 215 unsigned int rd_count,
216 struct GNUNET_GNSRECORD_Block **block)
225{ 217{
226 ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, 218 ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count,
227 rd); 219 rd);
228 struct GNUNET_GNSRECORD_Block *block;
229 struct GNUNET_GNSRECORD_EcdsaBlock *ecblock; 220 struct GNUNET_GNSRECORD_EcdsaBlock *ecblock;
221 struct GNRBlockPS *gnr_block;
230 struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; 222 struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey;
231 unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; 223 unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
232 unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH]; 224 unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH];
@@ -237,12 +229,12 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
237 if (payload_len < 0) 229 if (payload_len < 0)
238 { 230 {
239 GNUNET_break (0); 231 GNUNET_break (0);
240 return NULL; 232 return GNUNET_SYSERR;
241 } 233 }
242 if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) 234 if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE)
243 { 235 {
244 GNUNET_break (0); 236 GNUNET_break (0);
245 return NULL; 237 return GNUNET_SYSERR;
246 } 238 }
247 /* convert relative to absolute times */ 239 /* convert relative to absolute times */
248 now = GNUNET_TIME_absolute_get (); 240 now = GNUNET_TIME_absolute_get ();
@@ -260,62 +252,70 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
260 } 252 }
261 } 253 }
262 /* serialize */ 254 /* serialize */
255 *block = GNUNET_malloc (sizeof (struct GNUNET_GNSRECORD_Block) + payload_len);
256 (*block)->size = htonl(sizeof (struct GNUNET_GNSRECORD_Block) + payload_len);
263 rd_count_nbo = htonl (rd_count); 257 rd_count_nbo = htonl (rd_count);
264 { 258 {
265 char payload[sizeof(uint32_t) + payload_len]; 259 char payload[payload_len];
266 260
267 GNUNET_memcpy (payload,
268 &rd_count_nbo,
269 sizeof(uint32_t));
270 GNUNET_assert (payload_len == 261 GNUNET_assert (payload_len ==
271 GNUNET_GNSRECORD_records_serialize (rd_count, 262 GNUNET_GNSRECORD_records_serialize (rd_count,
272 rdc, 263 rdc,
273 payload_len, 264 payload_len,
274 &payload[sizeof(uint32_t) 265 payload));
275 ])); 266 gnr_block = GNUNET_malloc (sizeof (struct GNRBlockPS) + payload_len);
276 block = GNUNET_malloc (sizeof(struct GNUNET_GNSRECORD_Block) 267 ecblock = &(*block)->ecdsa_block;
277 + sizeof(uint32_t) 268 (*block)->type = htonl (GNUNET_GNSRECORD_TYPE_PKEY);
278 + payload_len); 269 gnr_block->purpose.size = htonl (sizeof(struct GNRBlockPS) + payload_len);
279 ecblock = &block->ecdsa_block; 270 gnr_block->purpose.purpose =
280 block->type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); 271 htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN);
281 ecblock->purpose.size = htonl (sizeof(uint32_t) 272 gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire);
282 + payload_len 273 ecblock->expiration_time = gnr_block->expiration_time;
283 + sizeof(struct
284 GNUNET_CRYPTO_EccSignaturePurpose)
285 + sizeof(struct GNUNET_TIME_AbsoluteNBO));
286 ecblock->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN);
287 ecblock->expiration_time = GNUNET_TIME_absolute_hton (expire);
288 /* encrypt and sign */ 274 /* encrypt and sign */
289 dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, 275 dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key,
290 label, 276 label,
291 "gns"); 277 "gns");
292 GNUNET_CRYPTO_ecdsa_key_get_public (dkey, 278 GNUNET_CRYPTO_ecdsa_key_get_public (dkey,
293 &ecblock->derived_key); 279 &ecblock->derived_key);
294 derive_block_aes_key (ctr, 280 GNR_derive_block_aes_key (ctr,
295 skey, 281 skey,
296 label, 282 label,
297 ecblock->expiration_time.abs_value_us__, 283 ecblock->expiration_time.abs_value_us__,
298 pkey); 284 pkey);
299 GNUNET_break (payload_len + sizeof(uint32_t) == 285 GNUNET_break (payload_len ==
300 ecdsa_symmetric_encrypt (payload, 286 ecdsa_symmetric_encrypt (payload,
301 payload_len 287 payload_len,
302 + sizeof(uint32_t),
303 skey, 288 skey,
304 ctr, 289 ctr,
305 &ecblock[1])); 290 &ecblock[1]));
291 GNUNET_memcpy (&gnr_block[1], &ecblock[1], payload_len);
306 } 292 }
307 if (GNUNET_OK != 293 if (GNUNET_OK !=
308 GNUNET_CRYPTO_ecdsa_sign_ (dkey, 294 GNUNET_CRYPTO_ecdsa_sign_ (dkey,
309 &ecblock->purpose, 295 &gnr_block->purpose,
310 &ecblock->signature)) 296 &ecblock->signature))
311 { 297 {
312 GNUNET_break (0); 298 GNUNET_break (0);
299 GNUNET_free (*block);
313 GNUNET_free (dkey); 300 GNUNET_free (dkey);
314 GNUNET_free (block); 301 return GNUNET_SYSERR;
315 return NULL;
316 } 302 }
317 GNUNET_free (dkey); 303 GNUNET_free (dkey);
318 return block; 304 return GNUNET_OK;
305}
306
307static ssize_t
308block_get_size_eddsa (const struct GNUNET_GNSRECORD_Data *rd,
309 unsigned int rd_count)
310{
311 ssize_t len;
312
313 len = GNUNET_GNSRECORD_records_get_size (rd_count, rd);
314 if (len < 0)
315 return -1;
316 len += sizeof(struct GNUNET_GNSRECORD_Block);
317 len += crypto_secretbox_MACBYTES;
318 return len;
319} 319}
320 320
321 321
@@ -328,20 +328,22 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
328 * @param label the name for the records 328 * @param label the name for the records
329 * @param rd record data 329 * @param rd record data
330 * @param rd_count number of records 330 * @param rd_count number of records
331 * @return NULL on error (block too large) 331 * @param block where to store the block. Must be allocated sufficiently.
332 * @return GNUNET_SYSERR on error (otherwise GNUNET_OK)
332 */ 333 */
333static struct GNUNET_GNSRECORD_Block * 334enum GNUNET_GenericReturnValue
334block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, 335block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key,
335 const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, 336 const struct GNUNET_CRYPTO_EddsaPublicKey *pkey,
336 struct GNUNET_TIME_Absolute expire, 337 struct GNUNET_TIME_Absolute expire,
337 const char *label, 338 const char *label,
338 const struct GNUNET_GNSRECORD_Data *rd, 339 const struct GNUNET_GNSRECORD_Data *rd,
339 unsigned int rd_count) 340 unsigned int rd_count,
341 struct GNUNET_GNSRECORD_Block **block)
340{ 342{
341 ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, 343 ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count,
342 rd); 344 rd);
343 struct GNUNET_GNSRECORD_Block *block;
344 struct GNUNET_GNSRECORD_EddsaBlock *edblock; 345 struct GNUNET_GNSRECORD_EddsaBlock *edblock;
346 struct GNRBlockPS *gnr_block;
345 struct GNUNET_CRYPTO_EddsaPrivateScalar dkey; 347 struct GNUNET_CRYPTO_EddsaPrivateScalar dkey;
346 unsigned char nonce[crypto_secretbox_NONCEBYTES]; 348 unsigned char nonce[crypto_secretbox_NONCEBYTES];
347 unsigned char skey[crypto_secretbox_KEYBYTES]; 349 unsigned char skey[crypto_secretbox_KEYBYTES];
@@ -352,12 +354,12 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key,
352 if (payload_len < 0) 354 if (payload_len < 0)
353 { 355 {
354 GNUNET_break (0); 356 GNUNET_break (0);
355 return NULL; 357 return GNUNET_SYSERR;
356 } 358 }
357 if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) 359 if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE)
358 { 360 {
359 GNUNET_break (0); 361 GNUNET_break (0);
360 return NULL; 362 return GNUNET_SYSERR;
361 } 363 }
362 /* convert relative to absolute times */ 364 /* convert relative to absolute times */
363 now = GNUNET_TIME_absolute_get (); 365 now = GNUNET_TIME_absolute_get ();
@@ -375,33 +377,32 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key,
375 } 377 }
376 } 378 }
377 /* serialize */ 379 /* serialize */
380 *block = GNUNET_malloc (sizeof (struct GNUNET_GNSRECORD_Block)
381 + payload_len + crypto_secretbox_MACBYTES);
382 (*block)->size = htonl(sizeof (struct GNUNET_GNSRECORD_Block)
383 + payload_len + crypto_secretbox_MACBYTES);
378 rd_count_nbo = htonl (rd_count); 384 rd_count_nbo = htonl (rd_count);
379 { 385 {
380 char payload[sizeof(uint32_t) + payload_len]; 386 char payload[payload_len];
381 387
382 GNUNET_memcpy (payload,
383 &rd_count_nbo,
384 sizeof(uint32_t));
385 GNUNET_assert (payload_len == 388 GNUNET_assert (payload_len ==
386 GNUNET_GNSRECORD_records_serialize (rd_count, 389 GNUNET_GNSRECORD_records_serialize (rd_count,
387 rdc, 390 rdc,
388 payload_len, 391 payload_len,
389 &payload[sizeof(uint32_t) 392 payload));
390 ])); 393 gnr_block = GNUNET_malloc (sizeof (struct GNRBlockPS)
391 block = GNUNET_malloc (sizeof(struct GNUNET_GNSRECORD_Block) 394 + payload_len
392 + sizeof(uint32_t) 395 + crypto_secretbox_MACBYTES);
393 + payload_len 396 edblock = &(*block)->eddsa_block;
394 + crypto_secretbox_MACBYTES); 397 (*block)->type = htonl (GNUNET_GNSRECORD_TYPE_EDKEY);
395 edblock = &block->eddsa_block; 398 gnr_block->purpose.size =
396 block->type = htonl (GNUNET_GNSRECORD_TYPE_EDKEY); 399 htonl (sizeof(struct GNRBlockPS)
397 edblock->purpose.size = htonl (sizeof(uint32_t) 400 + payload_len
398 + payload_len 401 + crypto_secretbox_MACBYTES);
399 + sizeof(struct 402 gnr_block->purpose.purpose =
400 GNUNET_CRYPTO_EccSignaturePurpose) 403 htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN);
401 + sizeof(struct GNUNET_TIME_AbsoluteNBO) 404 gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire);
402 + crypto_secretbox_MACBYTES); 405 edblock->expiration_time = gnr_block->expiration_time;
403 edblock->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN);
404 edblock->expiration_time = GNUNET_TIME_absolute_hton (expire);
405 /* encrypt and sign */ 406 /* encrypt and sign */
406 GNUNET_CRYPTO_eddsa_private_key_derive (key, 407 GNUNET_CRYPTO_eddsa_private_key_derive (key,
407 label, 408 label,
@@ -409,45 +410,63 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key,
409 &dkey); 410 &dkey);
410 GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dkey, 411 GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dkey,
411 &edblock->derived_key); 412 &edblock->derived_key);
412 derive_block_xsalsa_key (nonce, 413 GNR_derive_block_xsalsa_key (nonce,
413 skey, 414 skey,
414 label, 415 label,
415 edblock->expiration_time.abs_value_us__, 416 edblock->expiration_time.abs_value_us__,
416 pkey); 417 pkey);
417 GNUNET_break (GNUNET_OK == 418 GNUNET_break (GNUNET_OK ==
418 eddsa_symmetric_encrypt (payload, 419 eddsa_symmetric_encrypt (payload,
419 payload_len 420 payload_len,
420 + sizeof(uint32_t),
421 skey, 421 skey,
422 nonce, 422 nonce,
423 &edblock[1])); 423 &edblock[1]));
424 GNUNET_memcpy (&gnr_block[1], &edblock[1],
425 payload_len + crypto_secretbox_MACBYTES);
426
427 GNUNET_CRYPTO_eddsa_sign_with_scalar (&dkey,
428 &gnr_block->purpose,
429 &edblock->signature);
424 } 430 }
425 GNUNET_CRYPTO_eddsa_sign_with_scalar (&dkey, 431 return GNUNET_OK;
426 &edblock->purpose,
427 &edblock->signature);
428 return block;
429} 432}
430 433
434ssize_t
435GNUNET_GNSRECORD_block_calculate_size (const struct
436 GNUNET_IDENTITY_PrivateKey *key,
437 const struct GNUNET_GNSRECORD_Data *rd,
438 unsigned int rd_count)
439{
440 struct GNUNET_IDENTITY_PublicKey pkey;
441 ssize_t res;
431 442
432/** 443 GNUNET_IDENTITY_key_get_public (key,
433 * Sign name and records 444 &pkey);
434 * 445 switch (ntohl (key->type))
435 * @param key the private key 446 {
436 * @param expire block expiration 447 case GNUNET_GNSRECORD_TYPE_PKEY:
437 * @param label the name for the records 448 res = block_get_size_ecdsa (rd, rd_count);
438 * @param rd record data 449 break;
439 * @param rd_count number of records 450 case GNUNET_GNSRECORD_TYPE_EDKEY:
440 * @return NULL on error (block too large) 451 res = block_get_size_eddsa (rd, rd_count);
441 */ 452 break;
442struct GNUNET_GNSRECORD_Block * 453 default:
454 GNUNET_assert (0);
455 }
456 return -1;
457
458}
459
460enum GNUNET_GenericReturnValue
443GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, 461GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key,
444 struct GNUNET_TIME_Absolute expire, 462 struct GNUNET_TIME_Absolute expire,
445 const char *label, 463 const char *label,
446 const struct GNUNET_GNSRECORD_Data *rd, 464 const struct GNUNET_GNSRECORD_Data *rd,
447 unsigned int rd_count) 465 unsigned int rd_count,
466 struct GNUNET_GNSRECORD_Block **result)
448{ 467{
449 struct GNUNET_IDENTITY_PublicKey pkey; 468 struct GNUNET_IDENTITY_PublicKey pkey;
450 struct GNUNET_GNSRECORD_Block *res = NULL; 469 enum GNUNET_GenericReturnValue res = GNUNET_SYSERR;
451 char *norm_label; 470 char *norm_label;
452 471
453 GNUNET_IDENTITY_key_get_public (key, 472 GNUNET_IDENTITY_key_get_public (key,
@@ -456,24 +475,26 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key,
456 475
457 switch (ntohl (key->type)) 476 switch (ntohl (key->type))
458 { 477 {
459 case GNUNET_GNSRECORD_TYPE_PKEY: 478 case GNUNET_GNSRECORD_TYPE_PKEY:
460 res = block_create_ecdsa (&key->ecdsa_key, 479 res = block_create_ecdsa (&key->ecdsa_key,
461 &pkey.ecdsa_key, 480 &pkey.ecdsa_key,
462 expire, 481 expire,
463 norm_label, 482 norm_label,
464 rd, 483 rd,
465 rd_count); 484 rd_count,
466 break; 485 result);
467 case GNUNET_GNSRECORD_TYPE_EDKEY: 486 break;
468 res = block_create_eddsa (&key->eddsa_key, 487 case GNUNET_GNSRECORD_TYPE_EDKEY:
469 &pkey.eddsa_key, 488 res = block_create_eddsa (&key->eddsa_key,
470 expire, 489 &pkey.eddsa_key,
471 norm_label, 490 expire,
472 rd, 491 norm_label,
473 rd_count); 492 rd,
474 break; 493 rd_count,
475 default: 494 result);
476 GNUNET_assert (0); 495 break;
496 default:
497 GNUNET_assert (0);
477 } 498 }
478 GNUNET_free (norm_label); 499 GNUNET_free (norm_label);
479 return res; 500 return res;
@@ -497,28 +518,17 @@ struct KeyCacheLine
497}; 518};
498 519
499 520
500/** 521enum GNUNET_GenericReturnValue
501 * Sign name and records, cache derived public key (also keeps the
502 * private key in static memory, so do not use this function if
503 * keeping the private key in the process'es RAM is a major issue).
504 *
505 * @param key the private key
506 * @param expire block expiration
507 * @param label the name for the records
508 * @param rd record data
509 * @param rd_count number of records
510 * @return NULL on error (block too large)
511 */
512struct GNUNET_GNSRECORD_Block *
513GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, 522GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey,
514 struct GNUNET_TIME_Absolute expire, 523 struct GNUNET_TIME_Absolute expire,
515 const char *label, 524 const char *label,
516 const struct GNUNET_GNSRECORD_Data *rd, 525 const struct GNUNET_GNSRECORD_Data *rd,
517 unsigned int rd_count) 526 unsigned int rd_count,
527 struct GNUNET_GNSRECORD_Block **result)
518{ 528{
519 const struct GNUNET_CRYPTO_EcdsaPrivateKey *key; 529 const struct GNUNET_CRYPTO_EcdsaPrivateKey *key;
520 struct GNUNET_CRYPTO_EddsaPublicKey edpubkey; 530 struct GNUNET_CRYPTO_EddsaPublicKey edpubkey;
521 struct GNUNET_GNSRECORD_Block *res = NULL; 531 enum GNUNET_GenericReturnValue res = GNUNET_SYSERR;
522 char *norm_label; 532 char *norm_label;
523 533
524 norm_label = GNUNET_GNSRECORD_string_normalize (label); 534 norm_label = GNUNET_GNSRECORD_string_normalize (label);
@@ -546,7 +556,8 @@ GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey,
546 expire, 556 expire,
547 norm_label, 557 norm_label,
548 rd, 558 rd,
549 rd_count); 559 rd_count,
560 result);
550 } 561 }
551 else if (GNUNET_IDENTITY_TYPE_EDDSA == ntohl (pkey->type)) 562 else if (GNUNET_IDENTITY_TYPE_EDDSA == ntohl (pkey->type))
552 { 563 {
@@ -557,7 +568,8 @@ GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey,
557 expire, 568 expire,
558 norm_label, 569 norm_label,
559 rd, 570 rd,
560 rd_count); 571 rd_count,
572 result);
561 } 573 }
562 GNUNET_free (norm_label); 574 GNUNET_free (norm_label);
563 return res; 575 return res;
@@ -574,64 +586,76 @@ GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey,
574enum GNUNET_GenericReturnValue 586enum GNUNET_GenericReturnValue
575GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block) 587GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block)
576{ 588{
589 struct GNRBlockPS *purp;
590 size_t payload_len = ntohl (block->size)
591 - sizeof (struct GNUNET_GNSRECORD_Block);
592 enum GNUNET_GenericReturnValue res = GNUNET_NO;
593 purp = GNUNET_malloc (sizeof (struct GNRBlockPS) + payload_len);
594 purp->purpose.size = htonl (sizeof (struct GNRBlockPS) + payload_len);
595 purp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN);
596 GNUNET_memcpy (&purp[1], &block[1], payload_len);
597
577 switch (ntohl (block->type)) 598 switch (ntohl (block->type))
578 { 599 {
579 case GNUNET_GNSRECORD_TYPE_PKEY: 600 case GNUNET_GNSRECORD_TYPE_PKEY:
580 return GNUNET_CRYPTO_ecdsa_verify_ ( 601 purp->expiration_time = block->ecdsa_block.expiration_time;
581 GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, 602 res = GNUNET_CRYPTO_ecdsa_verify_ (
582 &block->ecdsa_block.purpose, 603 GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN,
583 &block->ecdsa_block.signature, 604 &purp->purpose,
584 &block->ecdsa_block.derived_key); 605 &block->ecdsa_block.signature,
585 case GNUNET_GNSRECORD_TYPE_EDKEY: 606 &block->ecdsa_block.derived_key);
586 return GNUNET_CRYPTO_eddsa_verify_ ( 607 break;
587 GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, 608 case GNUNET_GNSRECORD_TYPE_EDKEY:
588 &block->eddsa_block.purpose, 609 purp->expiration_time = block->eddsa_block.expiration_time;
589 &block->eddsa_block.signature, 610 res = GNUNET_CRYPTO_eddsa_verify_ (
590 &block->eddsa_block.derived_key); 611 GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN,
591 default: 612 &purp->purpose,
592 return GNUNET_NO; 613 &block->eddsa_block.signature,
614 &block->eddsa_block.derived_key);
615 break;
616 default:
617 res = GNUNET_NO;
593 } 618 }
619 GNUNET_free (purp);
620 return res;
594} 621}
595 622
596 623
597enum GNUNET_GenericReturnValue 624enum GNUNET_GenericReturnValue
598block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, 625block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_Block *block,
599 const struct 626 const struct
600 GNUNET_CRYPTO_EcdsaPublicKey *zone_key, 627 GNUNET_CRYPTO_EcdsaPublicKey *zone_key,
601 const char *label, 628 const char *label,
602 GNUNET_GNSRECORD_RecordCallback proc, 629 GNUNET_GNSRECORD_RecordCallback proc,
603 void *proc_cls) 630 void *proc_cls)
604{ 631{
605 size_t payload_len = ntohl (block->purpose.size) 632 size_t payload_len = ntohl (block->size) - sizeof (struct
606 - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) 633 GNUNET_GNSRECORD_Block);
607 - sizeof(struct GNUNET_TIME_AbsoluteNBO);
608 unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; 634 unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
609 unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH]; 635 unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH];
610 636
611 if (ntohl (block->purpose.size) < 637 if (ntohl (block->size) <
612 sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) 638 sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
613 + sizeof(struct GNUNET_TIME_AbsoluteNBO)) 639 + sizeof(struct GNUNET_TIME_AbsoluteNBO))
614 { 640 {
615 GNUNET_break_op (0); 641 GNUNET_break_op (0);
616 return GNUNET_SYSERR; 642 return GNUNET_SYSERR;
617 } 643 }
618 derive_block_aes_key (ctr, 644 GNR_derive_block_aes_key (ctr,
619 key, 645 key,
620 label, 646 label,
621 block->expiration_time.abs_value_us__, 647 block->ecdsa_block.expiration_time.abs_value_us__,
622 zone_key); 648 zone_key);
623 { 649 {
624 char payload[payload_len]; 650 char payload[payload_len];
625 uint32_t rd_count; 651 unsigned int rd_count;
626 652
627 GNUNET_break (payload_len == 653 GNUNET_break (payload_len ==
628 ecdsa_symmetric_decrypt (&block[1], payload_len, 654 ecdsa_symmetric_decrypt (&block[1], payload_len,
629 key, ctr, 655 key, ctr,
630 payload)); 656 payload));
631 GNUNET_memcpy (&rd_count, 657 rd_count = GNUNET_GNSRECORD_records_deserialize_get_size (payload_len,
632 payload, 658 payload);
633 sizeof(uint32_t));
634 rd_count = ntohl (rd_count);
635 if (rd_count > 2048) 659 if (rd_count > 2048)
636 { 660 {
637 /* limit to sane value */ 661 /* limit to sane value */
@@ -644,8 +668,8 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block,
644 struct GNUNET_TIME_Absolute now; 668 struct GNUNET_TIME_Absolute now;
645 669
646 if (GNUNET_OK != 670 if (GNUNET_OK !=
647 GNUNET_GNSRECORD_records_deserialize (payload_len - sizeof(uint32_t), 671 GNUNET_GNSRECORD_records_deserialize (payload_len,
648 &payload[sizeof(uint32_t)], 672 payload,
649 rd_count, 673 rd_count,
650 rd)) 674 rd))
651 { 675 {
@@ -723,43 +747,42 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block,
723 747
724 748
725enum GNUNET_GenericReturnValue 749enum GNUNET_GenericReturnValue
726block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, 750block_decrypt_eddsa (const struct GNUNET_GNSRECORD_Block *block,
727 const struct 751 const struct
728 GNUNET_CRYPTO_EddsaPublicKey *zone_key, 752 GNUNET_CRYPTO_EddsaPublicKey *zone_key,
729 const char *label, 753 const char *label,
730 GNUNET_GNSRECORD_RecordCallback proc, 754 GNUNET_GNSRECORD_RecordCallback proc,
731 void *proc_cls) 755 void *proc_cls)
732{ 756{
733 size_t payload_len = ntohl (block->purpose.size) 757 const struct GNUNET_GNSRECORD_EddsaBlock *edblock = &block->eddsa_block;
734 - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) 758 size_t payload_len = ntohl (block->size) - sizeof (struct
735 - sizeof(struct GNUNET_TIME_AbsoluteNBO); 759 GNUNET_GNSRECORD_Block);
736 unsigned char nonce[crypto_secretbox_NONCEBYTES]; 760 unsigned char nonce[crypto_secretbox_NONCEBYTES];
737 unsigned char key[crypto_secretbox_KEYBYTES]; 761 unsigned char key[crypto_secretbox_KEYBYTES];
738 762
739 if (ntohl (block->purpose.size) < 763 if (ntohl (block->size) <
740 sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) 764 sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
741 + sizeof(struct GNUNET_TIME_AbsoluteNBO)) 765 + sizeof(struct GNUNET_TIME_AbsoluteNBO))
742 { 766 {
743 GNUNET_break_op (0); 767 GNUNET_break_op (0);
744 return GNUNET_SYSERR; 768 return GNUNET_SYSERR;
745 } 769 }
746 derive_block_xsalsa_key (nonce, 770 GNR_derive_block_xsalsa_key (nonce,
747 key, 771 key,
748 label, 772 label,
749 block->expiration_time.abs_value_us__, 773 block->eddsa_block.expiration_time.abs_value_us__,
750 zone_key); 774 zone_key);
751 { 775 {
752 char payload[payload_len]; 776 char payload[payload_len];
753 uint32_t rd_count; 777 unsigned int rd_count;
754 778
755 GNUNET_break (GNUNET_OK == 779 GNUNET_break (GNUNET_OK ==
756 eddsa_symmetric_decrypt (&block[1], payload_len, 780 eddsa_symmetric_decrypt (&block[1], payload_len,
757 key, nonce, 781 key, nonce,
758 payload)); 782 payload));
759 GNUNET_memcpy (&rd_count, 783 payload_len -= crypto_secretbox_MACBYTES;
760 payload, 784 rd_count = GNUNET_GNSRECORD_records_deserialize_get_size (payload_len,
761 sizeof(uint32_t)); 785 payload);
762 rd_count = ntohl (rd_count);
763 if (rd_count > 2048) 786 if (rd_count > 2048)
764 { 787 {
765 /* limit to sane value */ 788 /* limit to sane value */
@@ -772,8 +795,8 @@ block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block,
772 struct GNUNET_TIME_Absolute now; 795 struct GNUNET_TIME_Absolute now;
773 796
774 if (GNUNET_OK != 797 if (GNUNET_OK !=
775 GNUNET_GNSRECORD_records_deserialize (payload_len - sizeof(uint32_t), 798 GNUNET_GNSRECORD_records_deserialize (payload_len,
776 &payload[sizeof(uint32_t)], 799 payload,
777 rd_count, 800 rd_count,
778 rd)) 801 rd))
779 { 802 {
@@ -875,16 +898,18 @@ GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block,
875 norm_label = GNUNET_GNSRECORD_string_normalize (label); 898 norm_label = GNUNET_GNSRECORD_string_normalize (label);
876 switch (ntohl (zone_key->type)) 899 switch (ntohl (zone_key->type))
877 { 900 {
878 case GNUNET_IDENTITY_TYPE_ECDSA: 901 case GNUNET_IDENTITY_TYPE_ECDSA:
879 res = block_decrypt_ecdsa (&block->ecdsa_block, 902 res = block_decrypt_ecdsa (block,
880 &zone_key->ecdsa_key, norm_label, proc, proc_cls); 903 &zone_key->ecdsa_key, norm_label, proc,
881 break; 904 proc_cls);
882 case GNUNET_IDENTITY_TYPE_EDDSA: 905 break;
883 res = block_decrypt_eddsa (&block->eddsa_block, 906 case GNUNET_IDENTITY_TYPE_EDDSA:
884 &zone_key->eddsa_key, norm_label, proc, proc_cls); 907 res = block_decrypt_eddsa (block,
885 break; 908 &zone_key->eddsa_key, norm_label, proc,
886 default: 909 proc_cls);
887 return GNUNET_SYSERR; 910 break;
911 default:
912 return GNUNET_SYSERR;
888 } 913 }
889 GNUNET_free (norm_label); 914 GNUNET_free (norm_label);
890 return res; 915 return res;
@@ -910,17 +935,17 @@ GNUNET_GNSRECORD_query_from_private_key (const struct
910 norm_label = GNUNET_GNSRECORD_string_normalize (label); 935 norm_label = GNUNET_GNSRECORD_string_normalize (label);
911 switch (ntohl (zone->type)) 936 switch (ntohl (zone->type))
912 { 937 {
913 case GNUNET_GNSRECORD_TYPE_PKEY: 938 case GNUNET_GNSRECORD_TYPE_PKEY:
914 case GNUNET_GNSRECORD_TYPE_EDKEY: 939 case GNUNET_GNSRECORD_TYPE_EDKEY:
915 940
916 GNUNET_IDENTITY_key_get_public (zone, 941 GNUNET_IDENTITY_key_get_public (zone,
917 &pub); 942 &pub);
918 GNUNET_GNSRECORD_query_from_public_key (&pub, 943 GNUNET_GNSRECORD_query_from_public_key (&pub,
919 norm_label, 944 norm_label,
920 query); 945 query);
921 break; 946 break;
922 default: 947 default:
923 GNUNET_assert (0); 948 GNUNET_assert (0);
924 } 949 }
925 GNUNET_free (norm_label); 950 GNUNET_free (norm_label);
926} 951}
@@ -947,28 +972,28 @@ GNUNET_GNSRECORD_query_from_public_key (const struct
947 972
948 switch (ntohl (pub->type)) 973 switch (ntohl (pub->type))
949 { 974 {
950 case GNUNET_GNSRECORD_TYPE_PKEY: 975 case GNUNET_GNSRECORD_TYPE_PKEY:
951 pd.type = pub->type; 976 pd.type = pub->type;
952 GNUNET_CRYPTO_ecdsa_public_key_derive (&pub->ecdsa_key, 977 GNUNET_CRYPTO_ecdsa_public_key_derive (&pub->ecdsa_key,
953 norm_label, 978 norm_label,
954 "gns", 979 "gns",
955 &pd.ecdsa_key); 980 &pd.ecdsa_key);
956 GNUNET_CRYPTO_hash (&pd.ecdsa_key, 981 GNUNET_CRYPTO_hash (&pd.ecdsa_key,
957 sizeof (pd.ecdsa_key), 982 sizeof (pd.ecdsa_key),
958 query); 983 query);
959 break; 984 break;
960 case GNUNET_GNSRECORD_TYPE_EDKEY: 985 case GNUNET_GNSRECORD_TYPE_EDKEY:
961 pd.type = pub->type; 986 pd.type = pub->type;
962 GNUNET_CRYPTO_eddsa_public_key_derive (&pub->eddsa_key, 987 GNUNET_CRYPTO_eddsa_public_key_derive (&pub->eddsa_key,
963 norm_label, 988 norm_label,
964 "gns", 989 "gns",
965 &(pd.eddsa_key)); 990 &(pd.eddsa_key));
966 GNUNET_CRYPTO_hash (&pd.eddsa_key, 991 GNUNET_CRYPTO_hash (&pd.eddsa_key,
967 sizeof (pd.eddsa_key), 992 sizeof (pd.eddsa_key),
968 query); 993 query);
969 break; 994 break;
970 default: 995 default:
971 GNUNET_assert (0); 996 GNUNET_assert (0);
972 } 997 }
973 GNUNET_free (norm_label); 998 GNUNET_free (norm_label);
974} 999}
diff --git a/src/gnsrecord/gnsrecord_crypto.h b/src/gnsrecord/gnsrecord_crypto.h
new file mode 100644
index 000000000..79a7e6fb9
--- /dev/null
+++ b/src/gnsrecord/gnsrecord_crypto.h
@@ -0,0 +1,87 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2009-2013, 2018 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
21/**
22 * @file gnsrecord/gnsrecord_crypto.h
23 * @brief API for GNS record-related crypto
24 * @author Martin Schanzenbach
25 * @author Matthias Wachs
26 * @author Christian Grothoff
27 */
28#include "platform.h"
29#include "gnunet_util_lib.h"
30#include "gnunet_constants.h"
31#include "gnunet_signatures.h"
32#include "gnunet_arm_service.h"
33#include "gnunet_gnsrecord_lib.h"
34#include "gnunet_dnsparser_lib.h"
35#include "gnunet_tun_lib.h"
36
37/**
38 * Information we have in an encrypted block with record data (i.e. in the DHT).
39 */
40struct GNRBlockPS
41{
42 /**
43 * Number of bytes signed; also specifies the number of bytes
44 * of encrypted data that follow.
45 */
46 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
47
48 /**
49 * Expiration time of the block.
50 */
51 struct GNUNET_TIME_AbsoluteNBO expiration_time;
52
53 /* followed by encrypted data */
54};
55
56
57/**
58 * Derive session key and iv from label and public key.
59 *
60 * @param iv initialization vector to initialize
61 * @param skey session key to initialize
62 * @param label label to use for KDF
63 * @param pub public key to use for KDF
64 */
65void
66GNR_derive_block_aes_key (unsigned char *ctr,
67 unsigned char *key,
68 const char *label,
69 uint64_t exp,
70 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
71
72
73/**
74 * Derive session key and iv from label and public key.
75 *
76 * @param nonce initialization vector to initialize
77 * @param skey session key to initialize
78 * @param label label to use for KDF
79 * @param pub public key to use for KDF
80 */
81void
82GNR_derive_block_xsalsa_key (unsigned char *nonce,
83 unsigned char *key,
84 const char *label,
85 uint64_t exp,
86 const struct GNUNET_CRYPTO_EddsaPublicKey *pub);
87
diff --git a/src/gnsrecord/gnsrecord_misc.c b/src/gnsrecord/gnsrecord_misc.c
index c6f07ccd0..61604c730 100644
--- a/src/gnsrecord/gnsrecord_misc.c
+++ b/src/gnsrecord/gnsrecord_misc.c
@@ -334,24 +334,7 @@ GNUNET_GNSRECORD_is_zonekey_type (uint32_t type)
334size_t 334size_t
335GNUNET_GNSRECORD_block_get_size (const struct GNUNET_GNSRECORD_Block *block) 335GNUNET_GNSRECORD_block_get_size (const struct GNUNET_GNSRECORD_Block *block)
336{ 336{
337 switch (ntohl (block->type)) 337 return ntohl (block->size);
338 {
339 case GNUNET_GNSRECORD_TYPE_PKEY:
340 return sizeof (uint32_t) /* zone type */
341 + sizeof (block->ecdsa_block) /* EcdsaBlock */
342 + ntohl (block->ecdsa_block.purpose.size) /* Length of signed data */
343 - sizeof (block->ecdsa_block.purpose); /* Purpose already in EcdsaBlock */
344 break;
345 case GNUNET_GNSRECORD_TYPE_EDKEY:
346 return sizeof (uint32_t) /* zone type */
347 + sizeof (block->eddsa_block) /* EddsaBlock */
348 + ntohl (block->eddsa_block.purpose.size) /* Length of signed data */
349 - sizeof (block->ecdsa_block.purpose); /* Purpose already in EcdsaBlock */
350
351 default:
352 return 0;
353 }
354 return 0;
355} 338}
356 339
357 340
diff --git a/src/gnsrecord/gnsrecord_serialization.c b/src/gnsrecord/gnsrecord_serialization.c
index cb6957605..eaa3a9ab2 100644
--- a/src/gnsrecord/gnsrecord_serialization.c
+++ b/src/gnsrecord/gnsrecord_serialization.c
@@ -60,17 +60,18 @@ struct NetworkRecord
60 /** 60 /**
61 * Number of bytes in 'data', network byte order. 61 * Number of bytes in 'data', network byte order.
62 */ 62 */
63 uint32_t data_size GNUNET_PACKED; 63 uint16_t data_size GNUNET_PACKED;
64 64
65 /** 65 /**
66 * Type of the GNS/DNS record, network byte order. 66 * Flags for the record, network byte order.
67 */ 67 */
68 uint32_t record_type GNUNET_PACKED; 68 uint16_t flags GNUNET_PACKED;
69 69
70 /** 70 /**
71 * Flags for the record, network byte order. 71 * Type of the GNS/DNS record, network byte order.
72 */ 72 */
73 uint32_t flags GNUNET_PACKED; 73 uint32_t record_type GNUNET_PACKED;
74
74}; 75};
75 76
76GNUNET_NETWORK_STRUCT_END 77GNUNET_NETWORK_STRUCT_END
@@ -169,9 +170,9 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count,
169 rd[i].flags, 170 rd[i].flags,
170 (unsigned long long) rd[i].expiration_time); 171 (unsigned long long) rd[i].expiration_time);
171 rec.expiration_time = GNUNET_htonll (rd[i].expiration_time); 172 rec.expiration_time = GNUNET_htonll (rd[i].expiration_time);
172 rec.data_size = htonl ((uint32_t) rd[i].data_size); 173 rec.data_size = htons ((uint16_t) rd[i].data_size);
173 rec.record_type = htonl (rd[i].record_type); 174 rec.record_type = htonl (rd[i].record_type);
174 rec.flags = htonl (rd[i].flags); 175 rec.flags = htons (rd[i].flags);
175 if ((off + sizeof(rec) > dest_size) || 176 if ((off + sizeof(rec) > dest_size) ||
176 (off + sizeof(rec) < off)) 177 (off + sizeof(rec) < off))
177 { 178 {
@@ -214,13 +215,48 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count,
214 return dest_size; 215 return dest_size;
215} 216}
216 217
218unsigned int
219GNUNET_GNSRECORD_records_deserialize_get_size (size_t len,
220 const char *src)
221{
222 struct NetworkRecord rec;
223 struct NetworkRecord rec_zero;
224 size_t off;
225 unsigned int rd_count = 0;
226
227 memset (&rec_zero, 0, sizeof (rec_zero));
228
229 off = 0;
230 for (off = 0; (off + sizeof(rec) <= len) && (off + sizeof(rec) >= off);)
231 {
232 /*
233 * If we have found a byte string of zeroes, we have reached
234 * the padding
235 */
236 if (0 == GNUNET_memcmp (&rec, &rec_zero))
237 break;
238 GNUNET_memcpy (&rec,
239 &src[off],
240 sizeof(rec));
241 off += sizeof(rec);
242 if ((off + ntohs ((uint16_t) rec.data_size) > len) ||
243 (off + ntohs ((uint16_t) rec.data_size) < off))
244 {
245 GNUNET_break_op (0);
246 return 0;
247 }
248 off += ntohs ((uint16_t) rec.data_size);
249 rd_count++;
250 }
251 return rd_count;
252}
217 253
218/** 254/**
219 * Deserialize the given records to the given destination. 255 * Deserialize the given records to the given destination.
220 * 256 *
221 * @param len size of the serialized record data 257 * @param len size of the serialized record data
222 * @param src the serialized record data 258 * @param src the serialized record data
223 * @param rd_count number of records in the rd array 259 * @param rd_count number of records parsed
224 * @param dest where to put the data 260 * @param dest where to put the data
225 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error 261 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
226 */ 262 */
@@ -246,9 +282,9 @@ GNUNET_GNSRECORD_records_deserialize (size_t len,
246 &src[off], 282 &src[off],
247 sizeof(rec)); 283 sizeof(rec));
248 dest[i].expiration_time = GNUNET_ntohll (rec.expiration_time); 284 dest[i].expiration_time = GNUNET_ntohll (rec.expiration_time);
249 dest[i].data_size = ntohl ((uint32_t) rec.data_size); 285 dest[i].data_size = ntohs ((uint16_t) rec.data_size);
250 dest[i].record_type = ntohl (rec.record_type); 286 dest[i].record_type = ntohl (rec.record_type);
251 dest[i].flags = ntohl (rec.flags); 287 dest[i].flags = ntohs (rec.flags);
252 off += sizeof(rec); 288 off += sizeof(rec);
253 if ((off + dest[i].data_size > len) || 289 if ((off + dest[i].data_size > len) ||
254 (off + dest[i].data_size < off)) 290 (off + dest[i].data_size < off))
diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c
index 16a360bdc..f9b83e48b 100644
--- a/src/gnsrecord/gnunet-gnsrecord-tvg.c
+++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c
@@ -31,15 +31,43 @@
31#include "gnunet_dnsparser_lib.h" 31#include "gnunet_dnsparser_lib.h"
32#include "gnunet_testing_lib.h" 32#include "gnunet_testing_lib.h"
33#include <inttypes.h> 33#include <inttypes.h>
34#include "gnsrecord_crypto.h"
34 35
35#define TEST_RECORD_LABEL "test" 36#define TEST_RECORD_LABEL "test"
36#define TEST_RECORD_A "1.2.3.4" 37#define TEST_RECORD_A "1.2.3.4"
37#define TEST_RRCOUNT 2 38#define TEST_RRCOUNT 2
38 39
40static char *d_pkey =
41 "50d7b652a4efeadff37396909785e5952171a02178c8e7d450fa907925fafd98";
42
43static char *d_edkey =
44 "5af7020ee19160328832352bbc6a68a8d71a7cbe1b929969a7c66d415a0d8f65";
45
46int parsehex (char *src, char *dst, size_t dstlen, int invert)
47{
48 char *line = src;
49 char *data = line;
50 int off;
51 int read_byte;
52 int data_len = 0;
53
54 while (sscanf (data, " %02x%n", &read_byte, &off) == 1)
55 {
56 if (invert)
57 dst[dstlen - 1 - data_len++] = read_byte;
58 else
59 dst[data_len++] = read_byte;
60 data += off;
61 }
62 return data_len;
63}
64
65
39static void 66static void
40print_bytes (void *buf, 67print_bytes_ (void *buf,
41 size_t buf_len, 68 size_t buf_len,
42 int fold) 69 int fold,
70 int in_be)
43{ 71{
44 int i; 72 int i;
45 73
@@ -47,11 +75,22 @@ print_bytes (void *buf,
47 { 75 {
48 if ((0 != i) && (0 != fold) && (i % fold == 0)) 76 if ((0 != i) && (0 != fold) && (i % fold == 0))
49 printf ("\n"); 77 printf ("\n");
50 printf ("%02x", ((unsigned char*) buf)[i]); 78 if (in_be)
79 printf ("%02x", ((unsigned char*) buf)[buf_len - 1 - i]);
80 else
81 printf ("%02x", ((unsigned char*) buf)[i]);
51 } 82 }
52 printf ("\n"); 83 printf ("\n");
53} 84}
54 85
86static void
87print_bytes (void *buf,
88 size_t buf_len,
89 int fold)
90{
91 print_bytes_ (buf, buf_len, fold, 0);
92}
93
55 94
56static void 95static void
57print_record (const struct GNUNET_GNSRECORD_Data *rd) 96print_record (const struct GNUNET_GNSRECORD_Data *rd)
@@ -84,28 +123,51 @@ static void
84run_pkey (void) 123run_pkey (void)
85{ 124{
86 struct GNUNET_GNSRECORD_Data rd[2]; 125 struct GNUNET_GNSRECORD_Data rd[2];
87 struct GNUNET_TIME_Absolute exp_abs = GNUNET_TIME_absolute_get (); 126 struct GNUNET_TIME_Absolute expire;
127 struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
128 struct GNUNET_TIME_Absolute exp1;
129 struct GNUNET_TIME_Absolute exp2;
130 struct GNUNET_TIME_Relative delta1;
131 struct GNUNET_TIME_Relative delta2;
88 struct GNUNET_GNSRECORD_Block *rrblock; 132 struct GNUNET_GNSRECORD_Block *rrblock;
89 char *bdata; 133 char *bdata;
90 struct GNUNET_IDENTITY_PrivateKey id_priv; 134 struct GNUNET_IDENTITY_PrivateKey id_priv;
91 struct GNUNET_IDENTITY_PublicKey id_pub; 135 struct GNUNET_IDENTITY_PublicKey id_pub;
92 struct GNUNET_IDENTITY_PrivateKey pkey_data_p; 136 struct GNUNET_IDENTITY_PrivateKey pkey_data_p;
93 struct GNUNET_IDENTITY_PublicKey pkey_data; 137 struct GNUNET_IDENTITY_PublicKey pkey_data;
138 struct GNUNET_HashCode query;
94 void *data; 139 void *data;
95 size_t data_size; 140 size_t data_size;
96 char *rdata; 141 char *rdata;
97 size_t rdata_size; 142 size_t rdata_size;
143 uint32_t rd_count_nbo;
98 char ztld[128]; 144 char ztld[128];
145 unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
146 unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH];
147
148 /*
149 * Make two different expiration times
150 */
151 GNUNET_STRINGS_fancy_time_to_absolute ("2048-01-23 10:51:34",
152 &exp1);
153 GNUNET_STRINGS_fancy_time_to_absolute ("3540-05-22 07:55:01",
154 &exp2);
155
99 156
100 id_priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); 157 id_priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY);
101 GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key); 158 GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key);
159 parsehex (d_pkey,
160 (char*) &id_priv.ecdsa_key,
161 sizeof (id_priv.ecdsa_key), 1);
162
102 GNUNET_IDENTITY_key_get_public (&id_priv, 163 GNUNET_IDENTITY_key_get_public (&id_priv,
103 &id_pub); 164 &id_pub);
104 fprintf (stdout, 165 fprintf (stdout,
105 "Zone private key (d, little-endian, with ztype prepended):\n"); 166 "Zone private key (d, big-endian):\n");
106 print_bytes (&id_priv, GNUNET_IDENTITY_key_get_length (&id_pub), 8); // FIXME length for privkey? 167 print_bytes_ (&id_priv.ecdsa_key,
168 sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), 8, 1);
107 fprintf (stdout, "\n"); 169 fprintf (stdout, "\n");
108 fprintf (stdout, "Zone identifier (zid):\n"); 170 fprintf (stdout, "Zone identifier (ztype|zkey):\n");
109 print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); 171 print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8);
110 GNUNET_STRINGS_data_to_string (&id_pub, 172 GNUNET_STRINGS_data_to_string (&id_pub,
111 GNUNET_IDENTITY_key_get_length (&id_pub), 173 GNUNET_IDENTITY_key_get_length (&id_pub),
@@ -127,20 +189,20 @@ run_pkey (void)
127 GNUNET_DNSPARSER_TYPE_A, TEST_RECORD_A, &data, &data_size)); 189 GNUNET_DNSPARSER_TYPE_A, TEST_RECORD_A, &data, &data_size));
128 rd[0].data = data; 190 rd[0].data = data;
129 rd[0].data_size = data_size; 191 rd[0].data_size = data_size;
130 rd[0].expiration_time = exp_abs.abs_value_us; 192 rd[0].expiration_time = exp1.abs_value_us;
131 rd[0].record_type = GNUNET_DNSPARSER_TYPE_A; 193 rd[0].record_type = GNUNET_DNSPARSER_TYPE_A;
132 fprintf (stdout, "Record #0\n"); 194 fprintf (stdout, "Record #0\n");
133 print_record (&rd[0]); 195 print_record (&rd[0]);
134 196
135 rd[1].data = &pkey_data; 197 rd[1].data = "Some nick";
136 rd[1].data_size = sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey); 198 rd[1].data_size = sizeof (struct GNUNET_IDENTITY_PublicKey);
137 rd[1].expiration_time = exp_abs.abs_value_us; 199 rd[1].expiration_time = exp2.abs_value_us;
138 rd[1].record_type = GNUNET_GNSRECORD_TYPE_PKEY; 200 rd[1].record_type = GNUNET_GNSRECORD_TYPE_NICK;
139 rd[1].flags = GNUNET_GNSRECORD_RF_PRIVATE; 201 rd[1].flags = GNUNET_GNSRECORD_RF_PRIVATE;
140 fprintf (stdout, "Record #1\n"); 202 fprintf (stdout, "Record #1\n");
141 print_record (&rd[1]); 203 print_record (&rd[1]);
142 204
143 rdata_size = GNUNET_GNSRECORD_records_get_size (2, 205 rdata_size = GNUNET_GNSRECORD_records_get_size (TEST_RRCOUNT,
144 rd); 206 rd);
145 rdata = GNUNET_malloc (rdata_size); 207 rdata = GNUNET_malloc (rdata_size);
146 GNUNET_GNSRECORD_records_serialize (2, 208 GNUNET_GNSRECORD_records_serialize (2,
@@ -150,25 +212,40 @@ run_pkey (void)
150 fprintf (stdout, "RDATA:\n"); 212 fprintf (stdout, "RDATA:\n");
151 print_bytes (rdata, rdata_size, 8); 213 print_bytes (rdata, rdata_size, 8);
152 fprintf (stdout, "\n"); 214 fprintf (stdout, "\n");
153 rrblock = GNUNET_GNSRECORD_block_create (&id_priv, 215 expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, rd);
154 exp_abs, 216 GNR_derive_block_aes_key (ctr,
155 TEST_RECORD_LABEL, 217 skey,
156 rd, 218 TEST_RECORD_LABEL,
157 TEST_RRCOUNT); 219 GNUNET_TIME_absolute_hton (
158 size_t bdata_size = ntohl (rrblock->ecdsa_block.purpose.size) 220 expire).abs_value_us__,
159 - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) 221 &id_pub.ecdsa_key);
160 - sizeof(struct GNUNET_TIME_AbsoluteNBO); 222
161 size_t ecblock_size = ntohl (rrblock->ecdsa_block.purpose.size) 223 fprintf (stdout, "Encryption NONCE|EXPIRATION|BLOCK COUNTER:\n");
162 + sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) 224 print_bytes (ctr, sizeof (ctr), 8);
163 + sizeof(struct GNUNET_CRYPTO_EcdsaSignature); 225 fprintf (stdout, "\n");
164 size_t block_size = ecblock_size + sizeof (uint32_t); 226 fprintf (stdout, "Encryption key (K):\n");
227 print_bytes (skey, sizeof (skey), 8);
228 fprintf (stdout, "\n");
229 GNUNET_GNSRECORD_query_from_public_key (&id_pub,
230 TEST_RECORD_LABEL,
231 &query);
232 fprintf (stdout, "Storage key (q):\n");
233 print_bytes (&query, sizeof (query), 8);
234 fprintf (stdout, "\n");
235 GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (&id_priv,
236 expire,
237 TEST_RECORD_LABEL,
238 rd,
239 TEST_RRCOUNT,
240 &rrblock));
241 size_t bdata_size = ntohl(rrblock->size) - sizeof (struct GNUNET_GNSRECORD_Block);
165 242
166 bdata = (char*) &(&rrblock->ecdsa_block)[1]; 243 bdata = (char*) &(&rrblock->ecdsa_block)[1];
167 fprintf (stdout, "BDATA:\n"); 244 fprintf (stdout, "BDATA:\n");
168 print_bytes (bdata, bdata_size, 8); 245 print_bytes (bdata, bdata_size, 8);
169 fprintf (stdout, "\n"); 246 fprintf (stdout, "\n");
170 fprintf (stdout, "RRBLOCK:\n"); 247 fprintf (stdout, "RRBLOCK:\n");
171 print_bytes (rrblock, block_size, 8); 248 print_bytes (rrblock, ntohl(rrblock->size), 8);
172 fprintf (stdout, "\n"); 249 fprintf (stdout, "\n");
173 GNUNET_free (rdata); 250 GNUNET_free (rdata);
174} 251}
@@ -186,28 +263,54 @@ static void
186run_edkey (void) 263run_edkey (void)
187{ 264{
188 struct GNUNET_GNSRECORD_Data rd[2]; 265 struct GNUNET_GNSRECORD_Data rd[2];
189 struct GNUNET_TIME_Absolute exp_abs = GNUNET_TIME_absolute_get (); 266 struct GNUNET_TIME_Absolute expire;
267 struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
268 struct GNUNET_TIME_Absolute exp1;
269 struct GNUNET_TIME_Absolute exp2;
270 struct GNUNET_TIME_Relative delta1;
271 struct GNUNET_TIME_Relative delta2;
190 struct GNUNET_GNSRECORD_Block *rrblock; 272 struct GNUNET_GNSRECORD_Block *rrblock;
191 char *bdata; 273 char *bdata;
192 struct GNUNET_IDENTITY_PrivateKey id_priv; 274 struct GNUNET_IDENTITY_PrivateKey id_priv;
193 struct GNUNET_IDENTITY_PublicKey id_pub; 275 struct GNUNET_IDENTITY_PublicKey id_pub;
194 struct GNUNET_IDENTITY_PrivateKey pkey_data_p; 276 struct GNUNET_IDENTITY_PrivateKey pkey_data_p;
195 struct GNUNET_IDENTITY_PublicKey pkey_data; 277 struct GNUNET_IDENTITY_PublicKey pkey_data;
278 struct GNUNET_HashCode query;
196 void *data; 279 void *data;
197 size_t data_size; 280 size_t data_size;
198 char *rdata; 281 char *rdata;
199 size_t rdata_size; 282 size_t rdata_size;
283 uint32_t rd_count_nbo;
200 char ztld[128]; 284 char ztld[128];
285 unsigned char nonce[crypto_secretbox_NONCEBYTES];
286 unsigned char skey[crypto_secretbox_KEYBYTES];
287
288 /*
289 * Make two different expiration times
290 */
291 GNUNET_STRINGS_fancy_time_to_absolute ("%2048-01-23 10:51:34",
292 &exp1);
293 GNUNET_STRINGS_fancy_time_to_absolute ("3540-05-22 07:55:01",
294 &exp2);
295
296 id_priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY);
297 GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key);
298 GNUNET_IDENTITY_key_get_public (&id_priv,
299 &id_pub);
201 300
202 id_priv.type = htonl (GNUNET_IDENTITY_TYPE_EDDSA); 301 id_priv.type = htonl (GNUNET_IDENTITY_TYPE_EDDSA);
203 GNUNET_CRYPTO_eddsa_key_create (&id_priv.eddsa_key); 302 GNUNET_CRYPTO_eddsa_key_create (&id_priv.eddsa_key);
303 parsehex (d_edkey,
304 (char*) &id_priv.eddsa_key,
305 sizeof (id_priv.eddsa_key), 0);
204 GNUNET_IDENTITY_key_get_public (&id_priv, 306 GNUNET_IDENTITY_key_get_public (&id_priv,
205 &id_pub); 307 &id_pub);
206 fprintf (stdout, 308 fprintf (stdout,
207 "Zone private key (d, little-endian, with ztype prepended):\n"); 309 "Zone private key (d):\n");
208 print_bytes (&id_priv, GNUNET_IDENTITY_key_get_length (&id_pub), 8); // FIXME length for privkey? 310 print_bytes (&id_priv.eddsa_key, sizeof (struct
311 GNUNET_CRYPTO_EddsaPrivateKey), 8);
209 fprintf (stdout, "\n"); 312 fprintf (stdout, "\n");
210 fprintf (stdout, "Zone identifier (zid):\n"); 313 fprintf (stdout, "Zone identifier (ztype|zkey):\n");
211 print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); 314 print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8);
212 GNUNET_STRINGS_data_to_string (&id_pub, 315 GNUNET_STRINGS_data_to_string (&id_pub,
213 GNUNET_IDENTITY_key_get_length (&id_pub), 316 GNUNET_IDENTITY_key_get_length (&id_pub),
@@ -229,21 +332,23 @@ run_edkey (void)
229 GNUNET_DNSPARSER_TYPE_A, TEST_RECORD_A, &data, &data_size)); 332 GNUNET_DNSPARSER_TYPE_A, TEST_RECORD_A, &data, &data_size));
230 rd[0].data = data; 333 rd[0].data = data;
231 rd[0].data_size = data_size; 334 rd[0].data_size = data_size;
232 rd[0].expiration_time = exp_abs.abs_value_us; 335 rd[0].expiration_time = exp1.abs_value_us;
233 rd[0].record_type = GNUNET_DNSPARSER_TYPE_A; 336 rd[0].record_type = GNUNET_DNSPARSER_TYPE_A;
234 fprintf (stdout, "Record #0\n"); 337 fprintf (stdout, "Record #0\n");
235 print_record (&rd[0]); 338 print_record (&rd[0]);
236 339
237 rd[1].data = &pkey_data; 340 rd[1].data = "My Nick";
238 rd[1].data_size = sizeof (struct GNUNET_CRYPTO_EddsaPublicKey); 341 rd[1].data_size = sizeof (struct GNUNET_IDENTITY_PublicKey);
239 rd[1].expiration_time = exp_abs.abs_value_us; 342 rd[1].expiration_time = exp2.abs_value_us;
240 rd[1].record_type = GNUNET_GNSRECORD_TYPE_EDKEY; 343 rd[1].record_type = GNUNET_GNSRECORD_TYPE_NICK;
241 rd[1].flags = GNUNET_GNSRECORD_RF_PRIVATE; 344 rd[1].flags = GNUNET_GNSRECORD_RF_PRIVATE;
242 fprintf (stdout, "Record #1\n"); 345 fprintf (stdout, "Record #1\n");
243 print_record (&rd[1]); 346 print_record (&rd[1]);
244 347
245 rdata_size = GNUNET_GNSRECORD_records_get_size (2, 348 rdata_size = GNUNET_GNSRECORD_records_get_size (TEST_RRCOUNT,
246 rd); 349 rd);
350 expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT,
351 rd);
247 rdata = GNUNET_malloc (rdata_size); 352 rdata = GNUNET_malloc (rdata_size);
248 GNUNET_GNSRECORD_records_serialize (2, 353 GNUNET_GNSRECORD_records_serialize (2,
249 rd, 354 rd,
@@ -252,25 +357,39 @@ run_edkey (void)
252 fprintf (stdout, "RDATA:\n"); 357 fprintf (stdout, "RDATA:\n");
253 print_bytes (rdata, rdata_size, 8); 358 print_bytes (rdata, rdata_size, 8);
254 fprintf (stdout, "\n"); 359 fprintf (stdout, "\n");
255 rrblock = GNUNET_GNSRECORD_block_create (&id_priv, 360 GNR_derive_block_xsalsa_key (nonce,
256 exp_abs, 361 skey,
257 TEST_RECORD_LABEL, 362 TEST_RECORD_LABEL,
258 rd, 363 GNUNET_TIME_absolute_hton (
259 TEST_RRCOUNT); 364 expire).abs_value_us__,
260 size_t bdata_size = ntohl (rrblock->eddsa_block.purpose.size) 365 &id_pub.eddsa_key);
261 - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) 366 fprintf (stdout, "Encryption NONCE|EXPIRATION:\n");
262 - sizeof(struct GNUNET_TIME_AbsoluteNBO); 367 print_bytes (nonce, sizeof (nonce), 8);
263 size_t ecblock_size = ntohl (rrblock->eddsa_block.purpose.size) 368 fprintf (stdout, "\n");
264 + sizeof(struct GNUNET_CRYPTO_EddsaPublicKey) 369 fprintf (stdout, "Encryption key (K):\n");
265 + sizeof(struct GNUNET_CRYPTO_EddsaSignature); 370 print_bytes (skey, sizeof (skey), 8);
266 size_t block_size = ecblock_size + sizeof (uint32_t); 371 fprintf (stdout, "\n");
372 GNUNET_GNSRECORD_query_from_public_key (&id_pub,
373 TEST_RECORD_LABEL,
374 &query);
375 fprintf (stdout, "Storage key (q):\n");
376 print_bytes (&query, sizeof (query), 8);
377 fprintf (stdout, "\n");
378
379 GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (&id_priv,
380 expire,
381 TEST_RECORD_LABEL,
382 rd,
383 TEST_RRCOUNT,
384 &rrblock));
385 size_t bdata_size = ntohl(rrblock->size) - sizeof (struct GNUNET_GNSRECORD_Block);
267 386
268 bdata = (char*) &(&rrblock->eddsa_block)[1]; 387 bdata = (char*) &(&rrblock->eddsa_block)[1];
269 fprintf (stdout, "BDATA:\n"); 388 fprintf (stdout, "BDATA:\n");
270 print_bytes (bdata, bdata_size, 8); 389 print_bytes (bdata, bdata_size, 8);
271 fprintf (stdout, "\n"); 390 fprintf (stdout, "\n");
272 fprintf (stdout, "RRBLOCK:\n"); 391 fprintf (stdout, "RRBLOCK:\n");
273 print_bytes (rrblock, block_size, 8); 392 print_bytes (rrblock, ntohl(rrblock->size), 8);
274 fprintf (stdout, "\n"); 393 fprintf (stdout, "\n");
275 GNUNET_free (rdata); 394 GNUNET_free (rdata);
276} 395}
@@ -290,8 +409,8 @@ run (void *cls,
290 const char *cfgfile, 409 const char *cfgfile,
291 const struct GNUNET_CONFIGURATION_Handle *cfg) 410 const struct GNUNET_CONFIGURATION_Handle *cfg)
292{ 411{
293 run_pkey(); 412 run_pkey ();
294 run_edkey(); 413 run_edkey ();
295} 414}
296 415
297 416
diff --git a/src/gnsrecord/test_gnsrecord_crypto.c b/src/gnsrecord/test_gnsrecord_crypto.c
index 9e5a1aa7e..ee14fa904 100644
--- a/src/gnsrecord/test_gnsrecord_crypto.c
+++ b/src/gnsrecord/test_gnsrecord_crypto.c
@@ -123,12 +123,12 @@ test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey)
123 s_rd = create_record (RECORDS); 123 s_rd = create_record (RECORDS);
124 124
125 /* Create block */ 125 /* Create block */
126 GNUNET_assert (NULL != (block = 126 GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (privkey,
127 GNUNET_GNSRECORD_block_create (privkey, 127 expire,
128 expire, 128 s_name,
129 s_name, 129 s_rd,
130 s_rd, 130 RECORDS,
131 RECORDS))); 131 &block));
132 GNUNET_assert (GNUNET_OK == 132 GNUNET_assert (GNUNET_OK ==
133 GNUNET_GNSRECORD_query_from_block (block, 133 GNUNET_GNSRECORD_query_from_block (block,
134 &query_block)); 134 &query_block));
diff --git a/src/gnsrecord/test_gnsrecord_testvectors.c b/src/gnsrecord/test_gnsrecord_testvectors.c
new file mode 100644
index 000000000..153c56261
--- /dev/null
+++ b/src/gnsrecord/test_gnsrecord_testvectors.c
@@ -0,0 +1,128 @@
1#include "platform.h"
2#include "gnunet_util_lib.h"
3#include "gnunet_signatures.h"
4#include "gnunet_gns_service.h"
5#include "gnunet_gnsrecord_lib.h"
6#include "gnunet_dnsparser_lib.h"
7#include "gnunet_testing_lib.h"
8#include <inttypes.h>
9
10
11
12static char *d =
13"50d7b652a4efeadff37396909785e5952171a02178c8e7d450fa907925fafd98";
14
15
16static char *zid =
17"00010000677c477d2d93097c85b195c6f96d84ff61f5982c2c4fe02d5a11fedfb0c2901f";
18
19#define RRCOUNT 2
20#define LABEL "test"
21
22#define R0_EXPIRATION 14888744139323793
23#define R0_DATA_SIZE 4
24#define R0_TYPE 1
25#define R0_FLAGS 0
26#define R0_DATA "01020304"
27
28/* Record #1*/
29#define R1_EXPIRATION 26147096139323793
30#define R1_DATA_SIZE 36
31#define R1_TYPE 65536
32#define R1_FLAGS 2
33#define R1_DATA \
34"000100000e601be42eb57fb4697610cf3a3b18347b65a33f025b5b174abefb30807bfecf"
35
36#define R1_RRBLOCK \
37"000100008e16da87203b5159c5538e9b765742e968c54af9afbc0890dc80205ad14c84e107b0c115fc0089aa38b9c7ab9cbe1d77040d282a51a2ad493f61f3495f02d8170fe473a55ec6bdf9a509ab1701ffc37ea3bb4cac4a672520986df96e67cc1a73000000940000000f0034e53be193799100e4837eb5d04f92903de4b5234e8ccac5736c9793379a59c33375fc8951aca2eb7aad067bf9af60bf26758646a17f5e5c3b6215f94079545b1c4d4f1b2ebb22c2b4dad44126817b6f001530d476401dd67ac0148554e806353da9e4298079f3e1b16942c48d90c4360c61238c40d9d52911aea52cc0037ac7160bb3cf5b2f4a722fd96b"
38
39int parsehex(char *src, char *dst, size_t dstlen, int invert)
40{
41 char *line = src;
42 char *data = line;
43 int off;
44 int read_byte;
45 int data_len = 0;
46
47 while (sscanf(data, " %02x%n", &read_byte, &off) == 1) {
48 if (invert)
49 dst[dstlen - 1 - data_len++] = read_byte;
50 else
51 dst[data_len++] = read_byte;
52 data += off;
53 }
54 return data_len;
55}
56
57void
58res_checker (void *cls,
59 unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd)
60{
61 int r0_found = 0;
62 int r1_found = 0;
63 char r0_data[R0_DATA_SIZE];
64 char r1_data[R1_DATA_SIZE];
65 parsehex(R0_DATA, (char*)r0_data, 0, 0);
66 parsehex(R1_DATA, (char*)r1_data, 0, 0);
67 GNUNET_assert (rd_count == RRCOUNT);
68 for (int i = 0; i < RRCOUNT; i++)
69 {
70 if (rd[i].record_type == R0_TYPE)
71 {
72 if (0 != memcmp (rd[i].data, r0_data, R0_DATA_SIZE))
73 {
74 printf ("R0 Data mismatch\n");
75 continue;
76 }
77 if (rd[i].expiration_time != R0_EXPIRATION)
78 {
79 printf ("R0 expiration mismatch\n");
80 continue;
81 }
82 r0_found = 1;
83 }
84 if (rd[i].record_type == R1_TYPE)
85 {
86 if (0 != memcmp (rd[i].data, r1_data, R1_DATA_SIZE))
87 {
88 printf ("R1 Data mismatch\n");
89 continue;
90 }
91 if (rd[i].expiration_time != R1_EXPIRATION)
92 {
93 printf ("R1 expiration mismatch\n");
94 continue;
95 }
96
97 r1_found = 1;
98 }
99
100 }
101 GNUNET_assert (r0_found);
102 GNUNET_assert (r1_found);
103}
104
105
106int
107main()
108{
109 struct GNUNET_IDENTITY_PrivateKey priv;
110 struct GNUNET_IDENTITY_PublicKey pub;
111 struct GNUNET_IDENTITY_PublicKey pub_parsed;
112 struct GNUNET_GNSRECORD_Block *rrblock;
113 char *bdata;
114
115 parsehex(d,(char*)&priv.ecdsa_key, sizeof (priv.ecdsa_key), 1);
116 priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY);
117 parsehex(zid,(char*)&pub_parsed, 0, 0);
118 GNUNET_IDENTITY_key_get_public(&priv, &pub);
119 GNUNET_assert (0 == memcmp (&pub, &pub_parsed, sizeof (pub)));
120 rrblock = GNUNET_malloc (strlen (R1_RRBLOCK) / 2);
121 parsehex(R1_RRBLOCK, (char*)rrblock, 0, 0);
122 GNUNET_GNSRECORD_block_decrypt (rrblock,
123 &pub_parsed,
124 LABEL,
125 &res_checker,
126 NULL);
127 return 0;
128}
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c
index 4a7a69211..471569cb3 100644
--- a/src/identity/identity_api.c
+++ b/src/identity/identity_api.c
@@ -1063,6 +1063,25 @@ GNUNET_IDENTITY_signature_get_length (const struct
1063 1063
1064 1064
1065ssize_t 1065ssize_t
1066GNUNET_IDENTITY_signature_get_raw_length_by_type (uint32_t type)
1067{
1068 switch (ntohl (type))
1069 {
1070 case GNUNET_IDENTITY_TYPE_ECDSA:
1071 return sizeof (struct GNUNET_CRYPTO_EcdsaSignature);
1072 break;
1073 case GNUNET_IDENTITY_TYPE_EDDSA:
1074 return sizeof (struct GNUNET_CRYPTO_EddsaSignature);
1075 break;
1076 default:
1077 GNUNET_break (0);
1078 }
1079 return -1;
1080}
1081
1082
1083
1084ssize_t
1066GNUNET_IDENTITY_read_signature_from_buffer (struct 1085GNUNET_IDENTITY_read_signature_from_buffer (struct
1067 GNUNET_IDENTITY_Signature *sig, 1086 GNUNET_IDENTITY_Signature *sig,
1068 const void*buffer, 1087 const void*buffer,
@@ -1099,6 +1118,31 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct
1099 return length; 1118 return length;
1100} 1119}
1101 1120
1121enum GNUNET_GenericReturnValue
1122GNUNET_IDENTITY_sign_raw_ (const struct
1123 GNUNET_IDENTITY_PrivateKey *priv,
1124 const struct
1125 GNUNET_CRYPTO_EccSignaturePurpose *purpose,
1126 unsigned char *sig)
1127{
1128 switch (ntohl (priv->type))
1129 {
1130 case GNUNET_IDENTITY_TYPE_ECDSA:
1131 return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose,
1132 (struct GNUNET_CRYPTO_EcdsaSignature*)sig);
1133 break;
1134 case GNUNET_IDENTITY_TYPE_EDDSA:
1135 return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose,
1136 (struct GNUNET_CRYPTO_EddsaSignature*)sig);
1137 break;
1138 default:
1139 GNUNET_break (0);
1140 }
1141
1142 return GNUNET_SYSERR;
1143}
1144
1145
1102 1146
1103enum GNUNET_GenericReturnValue 1147enum GNUNET_GenericReturnValue
1104GNUNET_IDENTITY_sign_ (const struct 1148GNUNET_IDENTITY_sign_ (const struct
@@ -1155,6 +1199,37 @@ GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
1155} 1199}
1156 1200
1157 1201
1202enum GNUNET_GenericReturnValue
1203GNUNET_IDENTITY_signature_verify_raw_ (uint32_t purpose,
1204 const struct
1205 GNUNET_CRYPTO_EccSignaturePurpose *
1206 validate,
1207 const unsigned char *sig,
1208 const struct
1209 GNUNET_IDENTITY_PublicKey *pub)
1210{
1211 switch (ntohl (pub->type))
1212 {
1213 case GNUNET_IDENTITY_TYPE_ECDSA:
1214 return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate,
1215 (struct GNUNET_CRYPTO_EcdsaSignature*)sig,
1216 &(pub->ecdsa_key));
1217 break;
1218 case GNUNET_IDENTITY_TYPE_EDDSA:
1219 return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate,
1220 (struct GNUNET_CRYPTO_EddsaSignature*)sig,
1221 &(pub->eddsa_key));
1222 break;
1223 default:
1224 GNUNET_break (0);
1225 }
1226
1227 return GNUNET_SYSERR;
1228}
1229
1230
1231
1232
1158ssize_t 1233ssize_t
1159GNUNET_IDENTITY_encrypt (const void *block, 1234GNUNET_IDENTITY_encrypt (const void *block,
1160 size_t size, 1235 size_t size,
diff --git a/src/include/gnunet_gnsrecord_lib.h b/src/include/gnunet_gnsrecord_lib.h
index 94e20323d..fdbac3cf5 100644
--- a/src/include/gnunet_gnsrecord_lib.h
+++ b/src/include/gnunet_gnsrecord_lib.h
@@ -61,6 +61,7 @@ extern "C" {
61 61
62/** 62/**
63 * Flags that can be set for a record. 63 * Flags that can be set for a record.
64 * MUST fit into 16 bit.
64 */ 65 */
65enum GNUNET_GNSRECORD_Flags 66enum GNUNET_GNSRECORD_Flags
66{ 67{
@@ -70,10 +71,17 @@ enum GNUNET_GNSRECORD_Flags
70 GNUNET_GNSRECORD_RF_NONE = 0, 71 GNUNET_GNSRECORD_RF_NONE = 0,
71 72
72 /** 73 /**
73 * This is a private record of this peer and it should 74 * This record is critical. If it cannot be processed
74 * thus not be handed out to other peers. 75 * (for example beacuse the record type is unknown)
76 * resolution MUST fail
75 */ 77 */
76 GNUNET_GNSRECORD_RF_PRIVATE = 2, 78 GNUNET_GNSRECORD_RF_CRITICAL = 1,
79
80 /**
81 * This record should not be used unless all (other) records with an absolute
82 * expiration time have expired.
83 */
84 GNUNET_GNSRECORD_RF_SHADOW_RECORD = 2,
77 85
78 /** 86 /**
79 * This is a supplemental record. 87 * This is a supplemental record.
@@ -84,13 +92,14 @@ enum GNUNET_GNSRECORD_Flags
84 * This expiration time of the record is a relative 92 * This expiration time of the record is a relative
85 * time (not an absolute time). 93 * time (not an absolute time).
86 */ 94 */
87 GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION = 8, 95 GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION = 16384, /* 2^14 */
88 96
89 /** 97 /**
90 * This record should not be used unless all (other) records with an absolute 98 * This is a private record of this peer and it should
91 * expiration time have expired. 99 * thus not be handed out to other peers.
92 */ 100 */
93 GNUNET_GNSRECORD_RF_SHADOW_RECORD = 16 101 GNUNET_GNSRECORD_RF_PRIVATE = 32768, /* 2^15 */
102
94 103
95/** 104/**
96 * When comparing flags for record equality for removal, 105 * When comparing flags for record equality for removal,
@@ -184,12 +193,6 @@ struct GNUNET_GNSRECORD_EcdsaBlock
184 struct GNUNET_CRYPTO_EcdsaSignature signature; 193 struct GNUNET_CRYPTO_EcdsaSignature signature;
185 194
186 /** 195 /**
187 * Number of bytes signed; also specifies the number of bytes
188 * of encrypted data that follow.
189 */
190 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
191
192 /**
193 * Expiration time of the block. 196 * Expiration time of the block.
194 */ 197 */
195 struct GNUNET_TIME_AbsoluteNBO expiration_time; 198 struct GNUNET_TIME_AbsoluteNBO expiration_time;
@@ -214,22 +217,25 @@ struct GNUNET_GNSRECORD_EddsaBlock
214 struct GNUNET_CRYPTO_EddsaSignature signature; 217 struct GNUNET_CRYPTO_EddsaSignature signature;
215 218
216 /** 219 /**
217 * Number of bytes signed; also specifies the number of bytes
218 * of encrypted data that follow.
219 */
220 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
221
222 /**
223 * Expiration time of the block. 220 * Expiration time of the block.
224 */ 221 */
225 struct GNUNET_TIME_AbsoluteNBO expiration_time; 222 struct GNUNET_TIME_AbsoluteNBO expiration_time;
226 223
224
227 /* followed by encrypted data */ 225 /* followed by encrypted data */
228}; 226};
229 227
230 228
231struct GNUNET_GNSRECORD_Block 229struct GNUNET_GNSRECORD_Block
232{ 230{
231 /**
232 * Size of the block.
233 */
234 uint32_t size;
235
236 /**
237 * The zone type (GNUNET_GNSRECORD_TYPE_PKEY)
238 */
233 uint32_t type; 239 uint32_t type;
234 240
235 union 241 union
@@ -387,6 +393,9 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count,
387 const struct GNUNET_GNSRECORD_Data *rd, 393 const struct GNUNET_GNSRECORD_Data *rd,
388 size_t dest_size, char *dest); 394 size_t dest_size, char *dest);
389 395
396unsigned int
397GNUNET_GNSRECORD_records_deserialize_get_size (size_t len,
398 const char *src);
390 399
391/** 400/**
392 * Deserialize the given records to the given destination. 401 * Deserialize the given records to the given destination.
@@ -503,6 +512,21 @@ GNUNET_GNSRECORD_query_from_public_key (
503 512
504 513
505/** 514/**
515 * Get size of buffer for block creation.
516 *
517 * @param key the zone key
518 * @param rd record data
519 * @param rd_count number of records
520 * @return -1 on error (otherwise the length of the block)
521 */
522ssize_t
523GNUNET_GNSRECORD_block_calculate_size (const struct
524 GNUNET_IDENTITY_PrivateKey *key,
525 const struct GNUNET_GNSRECORD_Data *rd,
526 unsigned int rd_count);
527
528
529/**
506 * Sign name and records 530 * Sign name and records
507 * 531 *
508 * @param key the private key 532 * @param key the private key
@@ -510,13 +534,16 @@ GNUNET_GNSRECORD_query_from_public_key (
510 * @param label the name for the records 534 * @param label the name for the records
511 * @param rd record data 535 * @param rd record data
512 * @param rd_count number of records in @a rd 536 * @param rd_count number of records in @a rd
537 * @param result the block buffer. Will be allocated.
538 * @return GNUNET_OK on success
513 */ 539 */
514struct GNUNET_GNSRECORD_Block * 540enum GNUNET_GenericReturnValue
515GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, 541GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key,
516 struct GNUNET_TIME_Absolute expire, 542 struct GNUNET_TIME_Absolute expire,
517 const char *label, 543 const char *label,
518 const struct GNUNET_GNSRECORD_Data *rd, 544 const struct GNUNET_GNSRECORD_Data *rd,
519 unsigned int rd_count); 545 unsigned int rd_count,
546 struct GNUNET_GNSRECORD_Block **block);
520 547
521 548
522/** 549/**
@@ -529,13 +556,16 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key,
529 * @param label the name for the records 556 * @param label the name for the records
530 * @param rd record data 557 * @param rd record data
531 * @param rd_count number of records in @a rd 558 * @param rd_count number of records in @a rd
559 * @param result the block buffer. Will be allocated.
560 * @return GNUNET_OK on success.
532 */ 561 */
533struct GNUNET_GNSRECORD_Block * 562enum GNUNET_GenericReturnValue
534GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *key, 563GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *key,
535 struct GNUNET_TIME_Absolute expire, 564 struct GNUNET_TIME_Absolute expire,
536 const char *label, 565 const char *label,
537 const struct GNUNET_GNSRECORD_Data *rd, 566 const struct GNUNET_GNSRECORD_Data *rd,
538 unsigned int rd_count); 567 unsigned int rd_count,
568 struct GNUNET_GNSRECORD_Block **result);
539 569
540 570
541/** 571/**
diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h
index b2a45577f..227c7f486 100644
--- a/src/include/gnunet_identity_service.h
+++ b/src/include/gnunet_identity_service.h
@@ -459,6 +459,21 @@ GNUNET_IDENTITY_signature_get_length (const struct
459 459
460 460
461/** 461/**
462 * Get the compacted length of a signature by type.
463 * Compacted means that it returns the minimum number of bytes this
464 * signature is long, as opposed to the union structure inside
465 * #GNUNET_IDENTITY_Signature.
466 * Useful for compact serializations.
467 *
468 * @param sig the signature.
469 * @return -1 on error, else the compacted length of the signature.
470 */
471ssize_t
472GNUNET_IDENTITY_signature_get_raw_length_by_type (const uint32_t type);
473
474
475
476/**
462 * Reads a #GNUNET_IDENTITY_Signature from a compact buffer. 477 * Reads a #GNUNET_IDENTITY_Signature from a compact buffer.
463 * The buffer has to contain at least the compacted length of 478 * The buffer has to contain at least the compacted length of
464 * a #GNUNET_IDENTITY_Signature in bytes. 479 * a #GNUNET_IDENTITY_Signature in bytes.
@@ -516,6 +531,26 @@ GNUNET_IDENTITY_sign_ (const struct
516 GNUNET_CRYPTO_EccSignaturePurpose *purpose, 531 GNUNET_CRYPTO_EccSignaturePurpose *purpose,
517 struct GNUNET_IDENTITY_Signature *sig); 532 struct GNUNET_IDENTITY_Signature *sig);
518 533
534/**
535 * @brief Sign a given block.
536 *
537 * The @a purpose data is the beginning of the data of which the signature is
538 * to be created. The `size` field in @a purpose must correctly indicate the
539 * number of bytes of the data structure, including its header.
540 * The signature payload and length depends on the key type.
541 *
542 * @param priv private key to use for the signing
543 * @param purpose what to sign (size, purpose)
544 * @param[out] sig where to write the signature
545 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
546 */
547enum GNUNET_GenericReturnValue
548GNUNET_IDENTITY_sign_raw_ (const struct
549 GNUNET_IDENTITY_PrivateKey *priv,
550 const struct
551 GNUNET_CRYPTO_EccSignaturePurpose *purpose,
552 unsigned char *sig);
553
519 554
520/** 555/**
521 * @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey. 556 * @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey.
@@ -566,6 +601,30 @@ GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
566 const struct 601 const struct
567 GNUNET_IDENTITY_PublicKey *pub); 602 GNUNET_IDENTITY_PublicKey *pub);
568 603
604/**
605 * @brief Verify a given signature.
606 *
607 * The @a validate data is the beginning of the data of which the signature
608 * is to be verified. The `size` field in @a validate must correctly indicate
609 * the number of bytes of the data structure, including its header. If @a
610 * purpose does not match the purpose given in @a validate (the latter must be
611 * in big endian), signature verification fails.
612 *
613 * @param purpose what is the purpose that the signature should have?
614 * @param validate block to validate (size, purpose, data)
615 * @param sig signature that is being validated
616 * @param pub public key of the signer
617 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
618 */
619enum GNUNET_GenericReturnValue
620GNUNET_IDENTITY_signature_verify_raw_ (uint32_t purpose,
621 const struct
622 GNUNET_CRYPTO_EccSignaturePurpose *
623 validate,
624 const unsigned char *sig,
625 const struct
626 GNUNET_IDENTITY_PublicKey *pub);
627
569 628
570/** 629/**
571 * @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey. 630 * @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey.
diff --git a/src/namestore/gnunet-service-namestore.c b/src/namestore/gnunet-service-namestore.c
index cf1b555a5..9b2d9b6f3 100644
--- a/src/namestore/gnunet-service-namestore.c
+++ b/src/namestore/gnunet-service-namestore.c
@@ -950,11 +950,13 @@ refresh_block (struct NamestoreClient *nc,
950 } 950 }
951 exp_time = GNUNET_GNSRECORD_record_get_expiration_time (res_count, res); 951 exp_time = GNUNET_GNSRECORD_record_get_expiration_time (res_count, res);
952 if (cache_keys) 952 if (cache_keys)
953 block = 953 GNUNET_assert (GNUNET_OK ==
954 GNUNET_GNSRECORD_block_create2 (zone_key, exp_time, name, res, res_count); 954 GNUNET_GNSRECORD_block_create2 (zone_key, exp_time, name,
955 res, res_count, &block));
955 else 956 else
956 block = 957 GNUNET_assert (GNUNET_OK ==
957 GNUNET_GNSRECORD_block_create (zone_key, exp_time, name, res, res_count); 958 GNUNET_GNSRECORD_block_create (zone_key, exp_time, name,
959 res, res_count, &block));
958 GNUNET_assert (NULL != block); 960 GNUNET_assert (NULL != block);
959 GNUNET_IDENTITY_key_get_public (zone_key, &pkey); 961 GNUNET_IDENTITY_key_get_public (zone_key, &pkey);
960 GNUNET_log ( 962 GNUNET_log (
diff --git a/src/revocation/gnunet-revocation-tvg.c b/src/revocation/gnunet-revocation-tvg.c
index cb5e31fcd..3ba5b56fa 100644
--- a/src/revocation/gnunet-revocation-tvg.c
+++ b/src/revocation/gnunet-revocation-tvg.c
@@ -29,15 +29,39 @@
29#include "gnunet_revocation_service.h" 29#include "gnunet_revocation_service.h"
30#include "gnunet_dnsparser_lib.h" 30#include "gnunet_dnsparser_lib.h"
31#include "gnunet_testing_lib.h" 31#include "gnunet_testing_lib.h"
32#include "revocation.h"
32#include <inttypes.h> 33#include <inttypes.h>
33 34
34#define TEST_EPOCHS 2 35#define TEST_EPOCHS 2
35#define TEST_DIFFICULTY 5 36#define TEST_DIFFICULTY 5
36 37
38static char* d_pkey =
39"6fea32c05af58bfa979553d188605fd57d8bf9cc263b78d5f7478c07b998ed70";
40
41int parsehex(char *src, char *dst, size_t dstlen, int invert)
42{
43 char *line = src;
44 char *data = line;
45 int off;
46 int read_byte;
47 int data_len = 0;
48
49 while (sscanf(data, " %02x%n", &read_byte, &off) == 1) {
50 if (invert)
51 dst[dstlen - 1 - data_len++] = read_byte;
52 else
53 dst[data_len++] = read_byte;
54 data += off;
55 }
56 return data_len;
57}
58
59
37static void 60static void
38print_bytes (void *buf, 61print_bytes_ (void *buf,
39 size_t buf_len, 62 size_t buf_len,
40 int fold) 63 int fold,
64 int in_be)
41{ 65{
42 int i; 66 int i;
43 67
@@ -45,11 +69,23 @@ print_bytes (void *buf,
45 { 69 {
46 if ((0 != i) && (0 != fold) && (i % fold == 0)) 70 if ((0 != i) && (0 != fold) && (i % fold == 0))
47 printf ("\n"); 71 printf ("\n");
48 printf ("%02x", ((unsigned char*) buf)[i]); 72 if (in_be)
73 printf ("%02x", ((unsigned char*) buf)[buf_len - 1 - i]);
74 else
75 printf ("%02x", ((unsigned char*) buf)[i]);
49 } 76 }
50 printf ("\n"); 77 printf ("\n");
51} 78}
52 79
80static void
81print_bytes (void *buf,
82 size_t buf_len,
83 int fold)
84{
85 print_bytes_ (buf, buf_len, fold, 0);
86}
87
88
53 89
54/** 90/**
55 * Main function that will be run. 91 * Main function that will be run.
@@ -74,16 +110,17 @@ run (void *cls,
74 110
75 id_priv.type = htonl (GNUNET_IDENTITY_TYPE_ECDSA); 111 id_priv.type = htonl (GNUNET_IDENTITY_TYPE_ECDSA);
76 GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key); 112 GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key);
113 parsehex(d_pkey,(char*)&id_priv.ecdsa_key, sizeof (id_priv.ecdsa_key), 1);
77 GNUNET_IDENTITY_key_get_public (&id_priv, 114 GNUNET_IDENTITY_key_get_public (&id_priv,
78 &id_pub); 115 &id_pub);
79 GNUNET_STRINGS_data_to_string (&id_pub, 116 GNUNET_STRINGS_data_to_string (&id_pub,
80 GNUNET_IDENTITY_key_get_length (&id_pub), 117 GNUNET_IDENTITY_key_get_length (&id_pub),
81 ztld, 118 ztld,
82 sizeof (ztld)); 119 sizeof (ztld));
83 fprintf (stdout, "Zone private key (d, little-endian scalar, with ztype prepended):\n"); 120 fprintf (stdout, "Zone private key (d, big-endian scalar):\n");
84 print_bytes (&id_priv, sizeof(id_priv), 8); 121 print_bytes_ (&id_priv.ecdsa_key, sizeof(id_priv.ecdsa_key), 8, 1);
85 fprintf (stdout, "\n"); 122 fprintf (stdout, "\n");
86 fprintf (stdout, "Zone identifier (zid):\n"); 123 fprintf (stdout, "Zone identifier (ztype|zkey):\n");
87 print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); 124 print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8);
88 fprintf (stdout, "\n"); 125 fprintf (stdout, "\n");
89 fprintf (stdout, "Encoded zone identifier (zkl = zTLD):\n"); 126 fprintf (stdout, "Encoded zone identifier (zkl = zTLD):\n");
@@ -104,6 +141,15 @@ run (void *cls,
104 { 141 {
105 pow_passes++; 142 pow_passes++;
106 } 143 }
144 struct GNUNET_REVOCATION_SignaturePurposePS *purp;
145 purp = REV_create_signature_message (pow);
146 fprintf (stdout, "Signed message:\n");
147 print_bytes (purp,
148 ntohl (purp->purpose.size),
149 8);
150 printf ("\n");
151 GNUNET_free (purp);
152
107 exp = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, 153 exp = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS,
108 TEST_EPOCHS); 154 TEST_EPOCHS);
109 GNUNET_assert (GNUNET_OK == GNUNET_REVOCATION_check_pow (pow, 155 GNUNET_assert (GNUNET_OK == GNUNET_REVOCATION_check_pow (pow,
diff --git a/src/revocation/revocation.h b/src/revocation/revocation.h
index c3a9c9e6b..490abf180 100644
--- a/src/revocation/revocation.h
+++ b/src/revocation/revocation.h
@@ -113,5 +113,13 @@ struct RevocationResponseMessage
113 113
114GNUNET_NETWORK_STRUCT_END 114GNUNET_NETWORK_STRUCT_END
115 115
116/**
117 * Create the revocation metadata to sign for a revocation message
118 *
119 * @param pow the PoW to sign
120 * @return the signature purpose
121 */
122struct GNUNET_REVOCATION_SignaturePurposePS *
123REV_create_signature_message (const struct GNUNET_REVOCATION_PowP *pow);
116 124
117#endif 125#endif
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c
index d5bd53e56..bc5dae021 100644
--- a/src/revocation/revocation_api.c
+++ b/src/revocation/revocation_api.c
@@ -404,19 +404,15 @@ calculate_score (const struct GNUNET_REVOCATION_PowCalculationHandle *ph)
404 return avg; 404 return avg;
405} 405}
406 406
407 407struct GNUNET_REVOCATION_SignaturePurposePS *
408enum GNUNET_GenericReturnValue 408REV_create_signature_message (const struct GNUNET_REVOCATION_PowP *pow)
409check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow,
410 const struct GNUNET_IDENTITY_PublicKey *key)
411{ 409{
412 struct GNUNET_REVOCATION_SignaturePurposePS *spurp; 410 struct GNUNET_REVOCATION_SignaturePurposePS *spurp;
413 struct GNUNET_IDENTITY_Signature *sig;
414 const struct GNUNET_IDENTITY_PublicKey *pk; 411 const struct GNUNET_IDENTITY_PublicKey *pk;
415 size_t ksize; 412 size_t ksize;
416 413
417 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; 414 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1];
418 ksize = GNUNET_IDENTITY_key_get_length (pk); 415 ksize = GNUNET_IDENTITY_key_get_length (pk);
419
420 spurp = GNUNET_malloc (sizeof (*spurp) + ksize); 416 spurp = GNUNET_malloc (sizeof (*spurp) + ksize);
421 spurp->timestamp = pow->timestamp; 417 spurp->timestamp = pow->timestamp;
422 spurp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); 418 spurp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION);
@@ -424,15 +420,25 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow,
424 GNUNET_IDENTITY_write_key_to_buffer (pk, 420 GNUNET_IDENTITY_write_key_to_buffer (pk,
425 (char*) &spurp[1], 421 (char*) &spurp[1],
426 ksize); 422 ksize);
427 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 423 return spurp;
428 "Expected signature payload len: %u\n", 424}
429 ntohl (spurp->purpose.size)); 425
430 sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize); 426enum GNUNET_GenericReturnValue
427check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow,
428 const struct GNUNET_IDENTITY_PublicKey *key)
429{
430 struct GNUNET_REVOCATION_SignaturePurposePS *spurp;
431 unsigned char *sig;
432 size_t ksize;
433
434 ksize = GNUNET_IDENTITY_key_get_length (key);
435 spurp = REV_create_signature_message (pow);
436 sig = ((unsigned char*) &pow[1] + ksize);
431 if (GNUNET_OK != 437 if (GNUNET_OK !=
432 GNUNET_IDENTITY_signature_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, 438 GNUNET_IDENTITY_signature_verify_raw_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION,
433 &spurp->purpose, 439 &spurp->purpose,
434 sig, 440 sig,
435 key)) 441 key))
436 { 442 {
437 return GNUNET_SYSERR; 443 return GNUNET_SYSERR;
438 } 444 }
@@ -577,20 +583,11 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key,
577 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; 583 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1];
578 ksize = GNUNET_IDENTITY_key_get_length (pk); 584 ksize = GNUNET_IDENTITY_key_get_length (pk);
579 pow->timestamp = GNUNET_TIME_absolute_hton (ts); 585 pow->timestamp = GNUNET_TIME_absolute_hton (ts);
580 rp = GNUNET_malloc (sizeof (*rp) + ksize); 586 rp = REV_create_signature_message (pow);
581 rp->timestamp = pow->timestamp;
582 rp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION);
583 rp->purpose.size = htonl (sizeof(*rp) + ksize);
584 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
585 "Signature payload len: %u\n",
586 ntohl (rp->purpose.size));
587 GNUNET_IDENTITY_write_key_to_buffer (pk,
588 ((char*) &rp[1]),
589 ksize);
590 sig = ((char*) &pow[1]) + ksize; 587 sig = ((char*) &pow[1]) + ksize;
591 int result = GNUNET_IDENTITY_sign_ (key, 588 int result = GNUNET_IDENTITY_sign_raw_ (key,
592 &rp->purpose, 589 &rp->purpose,
593 (void*) sig); 590 (void*) sig);
594 if (result == GNUNET_SYSERR) 591 if (result == GNUNET_SYSERR)
595 return GNUNET_NO; 592 return GNUNET_NO;
596 else 593 else
@@ -768,7 +765,7 @@ GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow)
768 ksize = GNUNET_IDENTITY_key_get_length (pk); 765 ksize = GNUNET_IDENTITY_key_get_length (pk);
769 size += ksize; 766 size += ksize;
770 sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize); 767 sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize);
771 size += GNUNET_IDENTITY_signature_get_length (sig); 768 size += GNUNET_IDENTITY_signature_get_raw_length_by_type (pk->type);
772 return size; 769 return size;
773} 770}
774 771
diff --git a/src/util/.gitignore b/src/util/.gitignore
index 7c7b7045d..51eab71db 100644
--- a/src/util/.gitignore
+++ b/src/util/.gitignore
@@ -43,6 +43,7 @@ test_crypto_kdf
43test_crypto_paillier 43test_crypto_paillier
44test_crypto_random 44test_crypto_random
45test_crypto_rsa 45test_crypto_rsa
46test_crypto_cs
46test_crypto_symmetric 47test_crypto_symmetric
47test_disk 48test_disk
48test_getopt 49test_getopt
@@ -70,7 +71,9 @@ perf_crypto_asymmetric
70perf_crypto_hash 71perf_crypto_hash
71perf_crypto_symmetric 72perf_crypto_symmetric
72perf_crypto_rsa 73perf_crypto_rsa
74perf_crypto_cs
73perf_crypto_ecc_dlog 75perf_crypto_ecc_dlog
76perf_crypto_paillier
74test_hexcoder 77test_hexcoder
75test_regex 78test_regex
76test_tun 79test_tun
diff --git a/src/util/gnunet-crypto-tvg.c b/src/util/gnunet-crypto-tvg.c
index 28e44e28b..6b2a7f472 100644
--- a/src/util/gnunet-crypto-tvg.c
+++ b/src/util/gnunet-crypto-tvg.c
@@ -672,6 +672,263 @@ checkvec (const char *operation,
672 GNUNET_free (sig_enc_data); 672 GNUNET_free (sig_enc_data);
673 GNUNET_free (skey); 673 GNUNET_free (skey);
674 } 674 }
675 else if (0 == strcmp (operation, "cs_blind_signing"))
676 {
677 struct GNUNET_CRYPTO_CsPrivateKey priv;
678 struct GNUNET_CRYPTO_CsPublicKey pub;
679 struct GNUNET_CRYPTO_CsBlindingSecret bs[2];
680 struct GNUNET_CRYPTO_CsRSecret r_priv[2];
681 struct GNUNET_CRYPTO_CsRPublic r_pub[2];
682 struct GNUNET_CRYPTO_CsRPublic r_pub_blind[2];
683 struct GNUNET_CRYPTO_CsC c[2];
684 struct GNUNET_CRYPTO_CsS signature_scalar;
685 struct GNUNET_CRYPTO_CsBlindS blinded_s;
686 struct GNUNET_CRYPTO_CsSignature sig;
687 struct GNUNET_CRYPTO_CsNonce nonce;
688 struct GNUNET_HashCode message_hash;
689 unsigned int b;
690
691 if (GNUNET_OK != expect_data_fixed (vec,
692 "message_hash",
693 &message_hash,
694 sizeof (message_hash)))
695 {
696 GNUNET_break (0);
697 return GNUNET_SYSERR;
698 }
699 if (GNUNET_OK != expect_data_fixed (vec,
700 "cs_public_key",
701 &pub,
702 sizeof (pub)))
703 {
704 GNUNET_break (0);
705 return GNUNET_SYSERR;
706 }
707
708 if (GNUNET_OK != expect_data_fixed (vec,
709 "cs_private_key",
710 &priv,
711 sizeof (priv)))
712 {
713 GNUNET_break (0);
714 return GNUNET_SYSERR;
715 }
716 if (GNUNET_OK != expect_data_fixed (vec,
717 "cs_nonce",
718 &nonce,
719 sizeof (nonce)))
720 {
721 GNUNET_break (0);
722 return GNUNET_SYSERR;
723 }
724 if (GNUNET_OK != expect_data_fixed (vec,
725 "cs_r_priv_0",
726 &r_priv[0],
727 sizeof (r_priv[0])))
728 {
729 GNUNET_break (0);
730 return GNUNET_SYSERR;
731 }
732 if (GNUNET_OK != expect_data_fixed (vec,
733 "cs_r_priv_1",
734 &r_priv[1],
735 sizeof (r_priv[1])))
736 {
737 GNUNET_break (0);
738 return GNUNET_SYSERR;
739 }
740 if (GNUNET_OK != expect_data_fixed (vec,
741 "cs_r_pub_0",
742 &r_pub[0],
743 sizeof (r_pub[0])))
744 {
745 GNUNET_break (0);
746 return GNUNET_SYSERR;
747 }
748 if (GNUNET_OK != expect_data_fixed (vec,
749 "cs_r_pub_1",
750 &r_pub[1],
751 sizeof (r_pub[1])))
752 {
753 GNUNET_break (0);
754 return GNUNET_SYSERR;
755 }
756
757 if (GNUNET_OK != expect_data_fixed (vec,
758 "cs_bs_alpha_0",
759 &bs[0].alpha,
760 sizeof (bs[0].alpha)))
761 {
762 GNUNET_break (0);
763 return GNUNET_SYSERR;
764 }
765 if (GNUNET_OK != expect_data_fixed (vec,
766 "cs_bs_alpha_1",
767 &bs[1].alpha,
768 sizeof (bs[1].alpha)))
769 {
770 GNUNET_break (0);
771 return GNUNET_SYSERR;
772 }
773 if (GNUNET_OK != expect_data_fixed (vec,
774 "cs_bs_beta_0",
775 &bs[0].beta,
776 sizeof (bs[0].beta)))
777 {
778 GNUNET_break (0);
779 return GNUNET_SYSERR;
780 }
781 if (GNUNET_OK != expect_data_fixed (vec,
782 "cs_bs_beta_1",
783 &bs[1].beta,
784 sizeof (bs[1].beta)))
785 {
786 GNUNET_break (0);
787 return GNUNET_SYSERR;
788 }
789 if (GNUNET_OK != expect_data_fixed (vec,
790 "cs_r_pub_blind_0",
791 &r_pub_blind[0],
792 sizeof (r_pub_blind[0])))
793 {
794 GNUNET_break (0);
795 return GNUNET_SYSERR;
796 }
797 if (GNUNET_OK != expect_data_fixed (vec,
798 "cs_r_pub_blind_1",
799 &r_pub_blind[1],
800 sizeof (r_pub_blind[1])))
801 {
802 GNUNET_break (0);
803 return GNUNET_SYSERR;
804 }
805 if (GNUNET_OK != expect_data_fixed (vec,
806 "cs_c_0",
807 &c[0],
808 sizeof (c[0])))
809 {
810 GNUNET_break (0);
811 return GNUNET_SYSERR;
812 }
813 if (GNUNET_OK != expect_data_fixed (vec,
814 "cs_c_1",
815 &c[1],
816 sizeof (c[1])))
817 {
818 GNUNET_break (0);
819 return GNUNET_SYSERR;
820 }
821 if (GNUNET_OK != expect_data_fixed (vec,
822 "cs_blind_s",
823 &blinded_s,
824 sizeof (blinded_s)))
825 {
826 GNUNET_break (0);
827 return GNUNET_SYSERR;
828 }
829 if (GNUNET_OK != expect_data_fixed (vec,
830 "cs_b",
831 &b,
832 sizeof (b)))
833 {
834 GNUNET_break (0);
835 return GNUNET_SYSERR;
836 }
837 if (GNUNET_OK != expect_data_fixed (vec,
838 "cs_sig_s",
839 &signature_scalar,
840 sizeof (signature_scalar)))
841 {
842 GNUNET_break (0);
843 return GNUNET_SYSERR;
844 }
845 sig.s_scalar = signature_scalar;
846 if (GNUNET_OK != expect_data_fixed (vec,
847 "cs_sig_R",
848 &sig.r_point,
849 sizeof (sig.r_point)))
850 {
851 GNUNET_break (0);
852 return GNUNET_SYSERR;
853 }
854
855 if ((b != 1)&& (b != 0))
856 {
857 GNUNET_break (0);
858 return GNUNET_SYSERR;
859 }
860
861 struct GNUNET_CRYPTO_CsRSecret r_priv_comp[2];
862 struct GNUNET_CRYPTO_CsRPublic r_pub_comp[2];
863 struct GNUNET_CRYPTO_CsBlindingSecret bs_comp[2];
864 struct GNUNET_CRYPTO_CsC c_comp[2];
865 struct GNUNET_CRYPTO_CsRPublic r_pub_blind_comp[2];
866 struct GNUNET_CRYPTO_CsBlindS blinded_s_comp;
867 struct GNUNET_CRYPTO_CsS signature_scalar_comp;
868 struct GNUNET_CRYPTO_CsSignature sig_comp;
869 unsigned int b_comp;
870
871
872 GNUNET_CRYPTO_cs_r_derive (&nonce, &priv, r_priv_comp);
873 GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[0], &r_pub_comp[0]);
874 GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[1], &r_pub_comp[1]);
875 GNUNET_assert (0 == memcmp (&r_priv_comp,
876 &r_priv,
877 sizeof(struct GNUNET_CRYPTO_CsRSecret) * 2));
878 GNUNET_assert (0 == memcmp (&r_pub_comp,
879 &r_pub,
880 sizeof(struct GNUNET_CRYPTO_CsRPublic) * 2));
881
882 GNUNET_CRYPTO_cs_blinding_secrets_derive (&nonce,
883 bs_comp);
884 GNUNET_assert (0 == memcmp (&bs_comp,
885 &bs,
886 sizeof(struct GNUNET_CRYPTO_CsBlindingSecret)
887 * 2));
888 GNUNET_CRYPTO_cs_calc_blinded_c (bs_comp,
889 r_pub_comp,
890 &pub,
891 &message_hash,
892 sizeof(message_hash),
893 c_comp,
894 r_pub_blind_comp);
895 GNUNET_assert (0 == memcmp (&c_comp,
896 &c,
897 sizeof(struct GNUNET_CRYPTO_CsC) * 2));
898 GNUNET_assert (0 == memcmp (&r_pub_blind_comp,
899 &r_pub_blind,
900 sizeof(struct GNUNET_CRYPTO_CsRPublic) * 2));
901 b_comp = GNUNET_CRYPTO_cs_sign_derive (&priv,
902 r_priv_comp,
903 c_comp,
904 &nonce,
905 &blinded_s_comp);
906 GNUNET_assert (0 == memcmp (&blinded_s_comp,
907 &blinded_s,
908 sizeof(blinded_s)));
909 GNUNET_assert (0 == memcmp (&b_comp,
910 &b,
911 sizeof(b)));
912 GNUNET_CRYPTO_cs_unblind (&blinded_s_comp,
913 &bs_comp[b_comp],
914 &signature_scalar_comp);
915 GNUNET_assert (0 == memcmp (&signature_scalar_comp,
916 &signature_scalar,
917 sizeof(signature_scalar_comp)));
918 sig_comp.r_point = r_pub_blind_comp[b_comp];
919 sig_comp.s_scalar = signature_scalar_comp;
920 GNUNET_assert (0 == memcmp (&sig_comp,
921 &sig,
922 sizeof(sig_comp)));
923 if (GNUNET_OK != GNUNET_CRYPTO_cs_verify (&sig_comp,
924 &pub,
925 &message_hash,
926 sizeof(message_hash)))
927 {
928 GNUNET_break (0);
929 return GNUNET_SYSERR;
930 }
931 }
675 else 932 else
676 { 933 {
677 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 934 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -1025,6 +1282,150 @@ output_vectors ()
1025 GNUNET_free (secret_enc_data); 1282 GNUNET_free (secret_enc_data);
1026 } 1283 }
1027 1284
1285 {
1286 json_t *vec = vec_for (vecs, "cs_blind_signing");
1287
1288 struct GNUNET_CRYPTO_CsPrivateKey priv;
1289 struct GNUNET_CRYPTO_CsPublicKey pub;
1290 struct GNUNET_CRYPTO_CsBlindingSecret bs[2];
1291 struct GNUNET_CRYPTO_CsRSecret r_priv[2];
1292 struct GNUNET_CRYPTO_CsRPublic r_pub[2];
1293 struct GNUNET_CRYPTO_CsRPublic r_pub_blind[2];
1294 struct GNUNET_CRYPTO_CsC c[2];
1295 struct GNUNET_CRYPTO_CsS signature_scalar;
1296 struct GNUNET_CRYPTO_CsBlindS blinded_s;
1297 struct GNUNET_CRYPTO_CsSignature sig;
1298 struct GNUNET_CRYPTO_CsNonce nonce;
1299 unsigned int b;
1300 struct GNUNET_HashCode message_hash;
1301
1302 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
1303 &message_hash,
1304 sizeof (struct GNUNET_HashCode));
1305
1306 GNUNET_CRYPTO_cs_private_key_generate (&priv);
1307 GNUNET_CRYPTO_cs_private_key_get_public (&priv, &pub);
1308
1309 GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_hkdf (nonce.nonce,
1310 sizeof(nonce.nonce),
1311 GCRY_MD_SHA512,
1312 GCRY_MD_SHA256,
1313 "nonce",
1314 strlen ("nonce"),
1315 "nonce_secret",
1316 strlen ("nonce_secret"),
1317 NULL,
1318 0));
1319 GNUNET_CRYPTO_cs_r_derive (&nonce, &priv, r_priv);
1320 GNUNET_CRYPTO_cs_r_get_public (&r_priv[0], &r_pub[0]);
1321 GNUNET_CRYPTO_cs_r_get_public (&r_priv[1], &r_pub[1]);
1322 GNUNET_CRYPTO_cs_blinding_secrets_derive (&nonce,
1323 bs);
1324 GNUNET_CRYPTO_cs_calc_blinded_c (bs,
1325 r_pub,
1326 &pub,
1327 &message_hash,
1328 sizeof(message_hash),
1329 c,
1330 r_pub_blind);
1331 b = GNUNET_CRYPTO_cs_sign_derive (&priv,
1332 r_priv,
1333 c,
1334 &nonce,
1335 &blinded_s);
1336 GNUNET_CRYPTO_cs_unblind (&blinded_s, &bs[b], &signature_scalar);
1337 sig.r_point = r_pub_blind[b];
1338 sig.s_scalar = signature_scalar;
1339 if (GNUNET_OK != GNUNET_CRYPTO_cs_verify (&sig,
1340 &pub,
1341 &message_hash,
1342 sizeof(message_hash)))
1343 {
1344 GNUNET_break (0);
1345 return GNUNET_SYSERR;
1346 }
1347 d2j (vec,
1348 "message_hash",
1349 &message_hash,
1350 sizeof (struct GNUNET_HashCode));
1351 d2j (vec,
1352 "cs_public_key",
1353 &pub,
1354 sizeof(pub));
1355 d2j (vec,
1356 "cs_private_key",
1357 &priv,
1358 sizeof(priv));
1359 d2j (vec,
1360 "cs_nonce",
1361 &nonce,
1362 sizeof(nonce));
1363 d2j (vec,
1364 "cs_r_priv_0",
1365 &r_priv[0],
1366 sizeof(r_priv[0]));
1367 d2j (vec,
1368 "cs_r_priv_1",
1369 &r_priv[1],
1370 sizeof(r_priv[1]));
1371 d2j (vec,
1372 "cs_r_pub_0",
1373 &r_pub[0],
1374 sizeof(r_pub[0]));
1375 d2j (vec,
1376 "cs_r_pub_1",
1377 &r_pub[1],
1378 sizeof(r_pub[1]));
1379 d2j (vec,
1380 "cs_bs_alpha_0",
1381 &bs[0].alpha,
1382 sizeof(bs[0].alpha));
1383 d2j (vec,
1384 "cs_bs_alpha_1",
1385 &bs[1].alpha,
1386 sizeof(bs[1].alpha));
1387 d2j (vec,
1388 "cs_bs_beta_0",
1389 &bs[0].beta,
1390 sizeof(bs[0].beta));
1391 d2j (vec,
1392 "cs_bs_beta_1",
1393 &bs[1].beta,
1394 sizeof(bs[1].beta));
1395 d2j (vec,
1396 "cs_r_pub_blind_0",
1397 &r_pub_blind[0],
1398 sizeof(r_pub_blind[0]));
1399 d2j (vec,
1400 "cs_r_pub_blind_1",
1401 &r_pub_blind[1],
1402 sizeof(r_pub_blind[1]));
1403 d2j (vec,
1404 "cs_c_0",
1405 &c[0],
1406 sizeof(c[0]));
1407 d2j (vec,
1408 "cs_c_1",
1409 &c[1],
1410 sizeof(c[1]));
1411 d2j (vec,
1412 "cs_blind_s",
1413 &blinded_s,
1414 sizeof(blinded_s));
1415 d2j (vec,
1416 "cs_b",
1417 &b,
1418 sizeof(b));
1419 d2j (vec,
1420 "cs_sig_s",
1421 &signature_scalar,
1422 sizeof(signature_scalar));
1423 d2j (vec,
1424 "cs_sig_R",
1425 &r_pub_blind[b],
1426 sizeof(r_pub_blind[b]));
1427 }
1428
1028 json_dumpf (vecfile, stdout, JSON_INDENT (2)); 1429 json_dumpf (vecfile, stdout, JSON_INDENT (2));
1029 json_decref (vecfile); 1430 json_decref (vecfile);
1030 printf ("\n"); 1431 printf ("\n");
diff --git a/src/zonemaster/gnunet-service-zonemaster-monitor.c b/src/zonemaster/gnunet-service-zonemaster-monitor.c
index 7e8c1fb8b..3392a19d7 100644
--- a/src/zonemaster/gnunet-service-zonemaster-monitor.c
+++ b/src/zonemaster/gnunet-service-zonemaster-monitor.c
@@ -255,17 +255,19 @@ perform_dht_put (const struct GNUNET_IDENTITY_PrivateKey *key,
255 expire = GNUNET_GNSRECORD_record_get_expiration_time (rd_public_count, 255 expire = GNUNET_GNSRECORD_record_get_expiration_time (rd_public_count,
256 rd_public); 256 rd_public);
257 if (cache_keys) 257 if (cache_keys)
258 block = GNUNET_GNSRECORD_block_create2 (key, 258 GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create2 (key,
259 expire, 259 expire,
260 label, 260 label,
261 rd_public, 261 rd_public,
262 rd_public_count); 262 rd_public_count,
263 &block));
263 else 264 else
264 block = GNUNET_GNSRECORD_block_create (key, 265 GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (key,
265 expire, 266 expire,
266 label, 267 label,
267 rd_public, 268 rd_public,
268 rd_public_count); 269 rd_public_count,
270 &block));
269 if (NULL == block) 271 if (NULL == block)
270 { 272 {
271 GNUNET_break (0); 273 GNUNET_break (0);
diff --git a/src/zonemaster/gnunet-service-zonemaster.c b/src/zonemaster/gnunet-service-zonemaster.c
index 2957cfee2..bacafb97c 100644
--- a/src/zonemaster/gnunet-service-zonemaster.c
+++ b/src/zonemaster/gnunet-service-zonemaster.c
@@ -594,17 +594,19 @@ perform_dht_put (const struct GNUNET_IDENTITY_PrivateKey *key,
594 expire = GNUNET_GNSRECORD_record_get_expiration_time (rd_public_count, 594 expire = GNUNET_GNSRECORD_record_get_expiration_time (rd_public_count,
595 rd_public); 595 rd_public);
596 if (cache_keys) 596 if (cache_keys)
597 block = GNUNET_GNSRECORD_block_create2 (key, 597 GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create2 (key,
598 expire, 598 expire,
599 label, 599 label,
600 rd_public, 600 rd_public,
601 rd_public_count); 601 rd_public_count,
602 &block));
602 else 603 else
603 block = GNUNET_GNSRECORD_block_create (key, 604 GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (key,
604 expire, 605 expire,
605 label, 606 label,
606 rd_public, 607 rd_public,
607 rd_public_count); 608 rd_public_count,
609 &block));
608 if (NULL == block) 610 if (NULL == block)
609 { 611 {
610 GNUNET_break (0); 612 GNUNET_break (0);