diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/conversation/conversation.h | 2 | ||||
-rw-r--r-- | src/conversation/gnunet-service-conversation.c | 13 | ||||
-rw-r--r-- | src/fs/gnunet-publish.c | 9 | ||||
-rw-r--r-- | src/gnsrecord/gnsrecord_misc.c | 31 | ||||
-rw-r--r-- | src/identity/identity_api.c | 229 | ||||
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 6 | ||||
-rw-r--r-- | src/include/gnunet_identity_service.h | 264 | ||||
-rw-r--r-- | src/include/gnunet_revocation_service.h | 14 | ||||
-rw-r--r-- | src/namestore/test_namestore_api_zone_to_name.c | 3 | ||||
-rwxr-xr-x | src/namestore/test_plugin_rest_namestore.sh | 21 | ||||
-rw-r--r-- | src/pt/test_gns_vpn.c | 2 | ||||
-rw-r--r-- | src/reclaim/oidc_helper.c | 57 | ||||
-rw-r--r-- | src/revocation/revocation_api.c | 104 | ||||
-rw-r--r-- | src/testbed/test_testbed_api_template.conf | 2 |
14 files changed, 617 insertions, 140 deletions
diff --git a/src/conversation/conversation.h b/src/conversation/conversation.h index 9eedbeb91..d244f5163 100644 --- a/src/conversation/conversation.h +++ b/src/conversation/conversation.h | |||
@@ -313,7 +313,7 @@ struct CadetPhoneRingMessage | |||
313 | /** | 313 | /** |
314 | * Signature over a `struct CadetPhoneRingInfoPS` | 314 | * Signature over a `struct CadetPhoneRingInfoPS` |
315 | */ | 315 | */ |
316 | struct GNUNET_CRYPTO_EcdsaSignature signature; | 316 | struct GNUNET_IDENTITY_Signature signature; |
317 | }; | 317 | }; |
318 | 318 | ||
319 | 319 | ||
diff --git a/src/conversation/gnunet-service-conversation.c b/src/conversation/gnunet-service-conversation.c index b1a629217..a69c95a80 100644 --- a/src/conversation/gnunet-service-conversation.c +++ b/src/conversation/gnunet-service-conversation.c | |||
@@ -752,10 +752,11 @@ handle_cadet_ring_message (void *cls, const struct CadetPhoneRingMessage *msg) | |||
752 | rs.expiration_time = msg->expiration_time; | 752 | rs.expiration_time = msg->expiration_time; |
753 | 753 | ||
754 | if (GNUNET_OK != | 754 | if (GNUNET_OK != |
755 | GNUNET_CRYPTO_ecdsa_verify (GNUNET_SIGNATURE_PURPOSE_CONVERSATION_RING, | 755 | GNUNET_IDENTITY_signature_verify ( |
756 | &rs, | 756 | GNUNET_SIGNATURE_PURPOSE_CONVERSATION_RING, |
757 | &msg->signature, | 757 | &rs, |
758 | &msg->caller_id.ecdsa_key)) | 758 | &msg->signature, |
759 | &msg->caller_id)) | ||
759 | { | 760 | { |
760 | GNUNET_break_op (0); | 761 | GNUNET_break_op (0); |
761 | destroy_line_cadet_channels (ch); | 762 | destroy_line_cadet_channels (ch); |
@@ -1138,9 +1139,7 @@ handle_client_call_message (void *cls, const struct ClientCallMessage *msg) | |||
1138 | e = GNUNET_MQ_msg (ring, GNUNET_MESSAGE_TYPE_CONVERSATION_CADET_PHONE_RING); | 1139 | e = GNUNET_MQ_msg (ring, GNUNET_MESSAGE_TYPE_CONVERSATION_CADET_PHONE_RING); |
1139 | GNUNET_IDENTITY_key_get_public (&msg->caller_id, &ring->caller_id); | 1140 | GNUNET_IDENTITY_key_get_public (&msg->caller_id, &ring->caller_id); |
1140 | ring->expiration_time = rs.expiration_time; | 1141 | ring->expiration_time = rs.expiration_time; |
1141 | GNUNET_CRYPTO_ecdsa_sign (&msg->caller_id.ecdsa_key, | 1142 | GNUNET_IDENTITY_sign (&msg->caller_id, &rs, &ring->signature); |
1142 | &rs, | ||
1143 | &ring->signature); | ||
1144 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sending RING message via CADET\n"); | 1143 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sending RING message via CADET\n"); |
1145 | GNUNET_MQ_send (ch->mq, e); | 1144 | GNUNET_MQ_send (ch->mq, e); |
1146 | GNUNET_SERVICE_client_continue (line->client); | 1145 | GNUNET_SERVICE_client_continue (line->client); |
diff --git a/src/fs/gnunet-publish.c b/src/fs/gnunet-publish.c index 518192283..dea467669 100644 --- a/src/fs/gnunet-publish.c +++ b/src/fs/gnunet-publish.c | |||
@@ -591,13 +591,12 @@ directory_trim_complete (struct GNUNET_FS_ShareTreeItem *directory_scan_result) | |||
591 | GNUNET_SCHEDULER_shutdown (); | 591 | GNUNET_SCHEDULER_shutdown (); |
592 | return; | 592 | return; |
593 | } | 593 | } |
594 | if (NULL == namespace) | 594 | priv = NULL; |
595 | priv = NULL; | 595 | if (NULL != namespace) |
596 | else | ||
597 | { | 596 | { |
598 | pk = GNUNET_IDENTITY_ego_get_private_key (namespace); | 597 | pk = GNUNET_IDENTITY_ego_get_private_key (namespace); |
599 | if (GNUNET_IDENTITY_TYPE_ECDSA == ntohl (pk->type)) | 598 | GNUNET_assert (GNUNET_IDENTITY_TYPE_ECDSA == ntohl (pk->type)); |
600 | priv = &pk->ecdsa_key; | 599 | priv = &pk->ecdsa_key; |
601 | } | 600 | } |
602 | pc = GNUNET_FS_publish_start (ctx, | 601 | pc = GNUNET_FS_publish_start (ctx, |
603 | fi, | 602 | fi, |
diff --git a/src/gnsrecord/gnsrecord_misc.c b/src/gnsrecord/gnsrecord_misc.c index ba8803850..82c38f19a 100644 --- a/src/gnsrecord/gnsrecord_misc.c +++ b/src/gnsrecord/gnsrecord_misc.c | |||
@@ -107,8 +107,8 @@ GNUNET_GNSRECORD_records_cmp (const struct GNUNET_GNSRECORD_Data *a, | |||
107 | { | 107 | { |
108 | LOG (GNUNET_ERROR_TYPE_DEBUG, | 108 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
109 | "Expiration time %llu != %llu\n", | 109 | "Expiration time %llu != %llu\n", |
110 | a->expiration_time, | 110 | (unsigned long long) a->expiration_time, |
111 | b->expiration_time); | 111 | (unsigned long long) b->expiration_time); |
112 | return GNUNET_NO; | 112 | return GNUNET_NO; |
113 | } | 113 | } |
114 | if ((a->flags & GNUNET_GNSRECORD_RF_RCMP_FLAGS) | 114 | if ((a->flags & GNUNET_GNSRECORD_RF_RCMP_FLAGS) |
@@ -282,11 +282,13 @@ GNUNET_GNSRECORD_identity_from_data (const char *data, | |||
282 | return GNUNET_SYSERR; | 282 | return GNUNET_SYSERR; |
283 | if (data_size > sizeof (struct GNUNET_IDENTITY_PublicKey)) | 283 | if (data_size > sizeof (struct GNUNET_IDENTITY_PublicKey)) |
284 | return GNUNET_SYSERR; | 284 | return GNUNET_SYSERR; |
285 | key->type = type; | 285 | return (GNUNET_IDENTITY_read_key_from_buffer (key, data, data_size) == |
286 | memcpy (key, data, data_size); | 286 | data_size? |
287 | return GNUNET_OK; | 287 | GNUNET_OK : |
288 | GNUNET_SYSERR); | ||
288 | } | 289 | } |
289 | 290 | ||
291 | |||
290 | enum GNUNET_GenericReturnValue | 292 | enum GNUNET_GenericReturnValue |
291 | GNUNET_GNSRECORD_data_from_identity (const struct | 293 | GNUNET_GNSRECORD_data_from_identity (const struct |
292 | GNUNET_IDENTITY_PublicKey *key, | 294 | GNUNET_IDENTITY_PublicKey *key, |
@@ -294,13 +296,15 @@ GNUNET_GNSRECORD_data_from_identity (const struct | |||
294 | size_t *data_size, | 296 | size_t *data_size, |
295 | uint32_t *type) | 297 | uint32_t *type) |
296 | { | 298 | { |
297 | *type = key->type; | 299 | *type = ntohl (key->type); |
298 | *data_size = GNUNET_IDENTITY_key_get_length (key); | 300 | *data_size = GNUNET_IDENTITY_key_get_length (key); |
299 | if (0 == *data_size) | 301 | if (0 == *data_size) |
300 | return GNUNET_SYSERR; | 302 | return GNUNET_SYSERR; |
301 | *data = GNUNET_malloc (*data_size); | 303 | *data = GNUNET_malloc (*data_size); |
302 | memcpy (*data, key, *data_size); | 304 | return (GNUNET_IDENTITY_write_key_to_buffer (key, *data, *data_size) == |
303 | return GNUNET_OK; | 305 | *data_size? |
306 | GNUNET_OK : | ||
307 | GNUNET_SYSERR); | ||
304 | } | 308 | } |
305 | 309 | ||
306 | 310 | ||
@@ -309,14 +313,15 @@ GNUNET_GNSRECORD_is_zonekey_type (uint32_t type) | |||
309 | { | 313 | { |
310 | switch (type) | 314 | switch (type) |
311 | { | 315 | { |
312 | case GNUNET_GNSRECORD_TYPE_PKEY: | 316 | case GNUNET_GNSRECORD_TYPE_PKEY: |
313 | case GNUNET_GNSRECORD_TYPE_EDKEY: | 317 | case GNUNET_GNSRECORD_TYPE_EDKEY: |
314 | return GNUNET_YES; | 318 | return GNUNET_YES; |
315 | default: | 319 | default: |
316 | return GNUNET_NO; | 320 | return GNUNET_NO; |
317 | } | 321 | } |
318 | } | 322 | } |
319 | 323 | ||
324 | |||
320 | size_t | 325 | size_t |
321 | GNUNET_GNSRECORD_block_get_size (const struct GNUNET_GNSRECORD_Block *block) | 326 | GNUNET_GNSRECORD_block_get_size (const struct GNUNET_GNSRECORD_Block *block) |
322 | { | 327 | { |
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c index 213b6966e..d44e8da96 100644 --- a/src/identity/identity_api.c +++ b/src/identity/identity_api.c | |||
@@ -953,6 +953,7 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h) | |||
953 | GNUNET_free (h); | 953 | GNUNET_free (h); |
954 | } | 954 | } |
955 | 955 | ||
956 | |||
956 | ssize_t | 957 | ssize_t |
957 | private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) | 958 | private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) |
958 | { | 959 | { |
@@ -971,7 +972,6 @@ private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) | |||
971 | } | 972 | } |
972 | 973 | ||
973 | 974 | ||
974 | |||
975 | ssize_t | 975 | ssize_t |
976 | GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) | 976 | GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) |
977 | { | 977 | { |
@@ -990,6 +990,229 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) | |||
990 | } | 990 | } |
991 | 991 | ||
992 | 992 | ||
993 | ssize_t | ||
994 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, | ||
995 | const void*buffer, | ||
996 | size_t len) | ||
997 | { | ||
998 | if (len < sizeof (key->type)) | ||
999 | return -1; | ||
1000 | GNUNET_memcpy (&(key->type), buffer, sizeof (key->type)); | ||
1001 | const ssize_t length = GNUNET_IDENTITY_key_get_length (key); | ||
1002 | if (len < length) | ||
1003 | return -1; | ||
1004 | if (length < 0) | ||
1005 | return -2; | ||
1006 | GNUNET_memcpy (&(key->ecdsa_key), buffer + sizeof (key->type), length | ||
1007 | - sizeof (key->type)); | ||
1008 | return length; | ||
1009 | } | ||
1010 | |||
1011 | |||
1012 | ssize_t | ||
1013 | GNUNET_IDENTITY_write_key_to_buffer (const struct | ||
1014 | GNUNET_IDENTITY_PublicKey *key, | ||
1015 | void*buffer, | ||
1016 | size_t len) | ||
1017 | { | ||
1018 | const ssize_t length = GNUNET_IDENTITY_key_get_length (key); | ||
1019 | if (len < length) | ||
1020 | return -1; | ||
1021 | if (length < 0) | ||
1022 | return -2; | ||
1023 | GNUNET_memcpy (buffer, key, length); | ||
1024 | return length; | ||
1025 | } | ||
1026 | |||
1027 | |||
1028 | ssize_t | ||
1029 | GNUNET_IDENTITY_signature_get_length (const struct | ||
1030 | GNUNET_IDENTITY_Signature *sig) | ||
1031 | { | ||
1032 | switch (ntohl (sig->type)) | ||
1033 | { | ||
1034 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1035 | return sizeof (sig->type) + sizeof (sig->ecdsa_signature); | ||
1036 | break; | ||
1037 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1038 | return sizeof (sig->type) + sizeof (sig->eddsa_signature); | ||
1039 | break; | ||
1040 | default: | ||
1041 | GNUNET_break (0); | ||
1042 | } | ||
1043 | return -1; | ||
1044 | } | ||
1045 | |||
1046 | |||
1047 | ssize_t | ||
1048 | GNUNET_IDENTITY_read_signature_from_buffer (struct | ||
1049 | GNUNET_IDENTITY_Signature *sig, | ||
1050 | const void*buffer, | ||
1051 | size_t len) | ||
1052 | { | ||
1053 | if (len < sizeof (sig->type)) | ||
1054 | return -1; | ||
1055 | GNUNET_memcpy (&(sig->type), buffer, sizeof (sig->type)); | ||
1056 | const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); | ||
1057 | if (len < length) | ||
1058 | return -1; | ||
1059 | if (length < 0) | ||
1060 | return -2; | ||
1061 | GNUNET_memcpy (&(sig->ecdsa_signature), buffer + sizeof (sig->type), length | ||
1062 | - sizeof (sig->type)); | ||
1063 | return length; | ||
1064 | } | ||
1065 | |||
1066 | |||
1067 | ssize_t | ||
1068 | GNUNET_IDENTITY_write_signature_to_buffer (const struct | ||
1069 | GNUNET_IDENTITY_Signature *sig, | ||
1070 | void*buffer, | ||
1071 | size_t len) | ||
1072 | { | ||
1073 | const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); | ||
1074 | if (len < length) | ||
1075 | return -1; | ||
1076 | if (length < 0) | ||
1077 | return -2; | ||
1078 | GNUNET_memcpy (buffer, &(sig->type), sizeof (sig->type)); | ||
1079 | GNUNET_memcpy (buffer + sizeof (sig->type), &(sig->ecdsa_signature), length | ||
1080 | - sizeof (sig->type)); | ||
1081 | return length; | ||
1082 | } | ||
1083 | |||
1084 | |||
1085 | int | ||
1086 | GNUNET_IDENTITY_sign_ (const struct | ||
1087 | GNUNET_IDENTITY_PrivateKey *priv, | ||
1088 | const struct | ||
1089 | GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
1090 | struct GNUNET_IDENTITY_Signature *sig) | ||
1091 | { | ||
1092 | sig->type = priv->type; | ||
1093 | switch (ntohl (priv->type)) | ||
1094 | { | ||
1095 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1096 | return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose, | ||
1097 | &(sig->ecdsa_signature)); | ||
1098 | break; | ||
1099 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1100 | return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose, | ||
1101 | &(sig->eddsa_signature)); | ||
1102 | break; | ||
1103 | default: | ||
1104 | GNUNET_break (0); | ||
1105 | } | ||
1106 | |||
1107 | return GNUNET_SYSERR; | ||
1108 | } | ||
1109 | |||
1110 | |||
1111 | int | ||
1112 | GNUNET_IDENTITY_signature_verify_ (uint32_t purpose, | ||
1113 | const struct | ||
1114 | GNUNET_CRYPTO_EccSignaturePurpose *validate, | ||
1115 | const struct GNUNET_IDENTITY_Signature *sig, | ||
1116 | const struct GNUNET_IDENTITY_PublicKey *pub) | ||
1117 | { | ||
1118 | /* check type matching of 'sig' and 'pub' */ | ||
1119 | GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); | ||
1120 | switch (ntohl (pub->type)) | ||
1121 | { | ||
1122 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1123 | return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, | ||
1124 | &(sig->ecdsa_signature), | ||
1125 | &(pub->ecdsa_key)); | ||
1126 | break; | ||
1127 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1128 | return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, | ||
1129 | &(sig->eddsa_signature), | ||
1130 | &(pub->eddsa_key)); | ||
1131 | break; | ||
1132 | default: | ||
1133 | GNUNET_break (0); | ||
1134 | } | ||
1135 | |||
1136 | return GNUNET_SYSERR; | ||
1137 | } | ||
1138 | |||
1139 | |||
1140 | ssize_t | ||
1141 | GNUNET_IDENTITY_public_key_encrypt (const void *block, | ||
1142 | size_t size, | ||
1143 | const struct GNUNET_IDENTITY_PublicKey *pub, | ||
1144 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
1145 | void *result) | ||
1146 | { | ||
1147 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; | ||
1148 | GNUNET_CRYPTO_ecdhe_key_create (&pk); | ||
1149 | struct GNUNET_HashCode hash; | ||
1150 | switch (ntohl (pub->type)) | ||
1151 | { | ||
1152 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1153 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa (&pk, &(pub->ecdsa_key), | ||
1154 | &hash)) | ||
1155 | return -1; | ||
1156 | break; | ||
1157 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1158 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa (&pk, &(pub->eddsa_key), | ||
1159 | &hash)) | ||
1160 | return -1; | ||
1161 | break; | ||
1162 | default: | ||
1163 | return -1; | ||
1164 | } | ||
1165 | GNUNET_CRYPTO_ecdhe_key_get_public (&pk, ecc); | ||
1166 | GNUNET_CRYPTO_ecdhe_key_clear (&pk); | ||
1167 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | ||
1168 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | ||
1169 | GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); | ||
1170 | GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); | ||
1171 | const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt (block, size, &key, | ||
1172 | &iv, result); | ||
1173 | GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); | ||
1174 | GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); | ||
1175 | return encrypted; | ||
1176 | } | ||
1177 | |||
1178 | |||
1179 | ssize_t | ||
1180 | GNUNET_IDENTITY_private_key_decrypt (const void *block, | ||
1181 | size_t size, | ||
1182 | const struct | ||
1183 | GNUNET_IDENTITY_PrivateKey *priv, | ||
1184 | const struct | ||
1185 | GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
1186 | void *result) | ||
1187 | { | ||
1188 | struct GNUNET_HashCode hash; | ||
1189 | switch (ntohl (priv->type)) | ||
1190 | { | ||
1191 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1192 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh (&(priv->ecdsa_key), ecc, | ||
1193 | &hash)) | ||
1194 | return -1; | ||
1195 | break; | ||
1196 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1197 | if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh (&(priv->eddsa_key), ecc, | ||
1198 | &hash)) | ||
1199 | return -1; | ||
1200 | break; | ||
1201 | default: | ||
1202 | return -1; | ||
1203 | } | ||
1204 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | ||
1205 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | ||
1206 | GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); | ||
1207 | GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); | ||
1208 | const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt (block, size, &key, | ||
1209 | &iv, result); | ||
1210 | GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); | ||
1211 | GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); | ||
1212 | return decrypted; | ||
1213 | } | ||
1214 | |||
1215 | |||
993 | char * | 1216 | char * |
994 | GNUNET_IDENTITY_public_key_to_string (const struct | 1217 | GNUNET_IDENTITY_public_key_to_string (const struct |
995 | GNUNET_IDENTITY_PublicKey *key) | 1218 | GNUNET_IDENTITY_PublicKey *key) |
@@ -1023,7 +1246,7 @@ GNUNET_IDENTITY_public_key_from_string (const char *str, | |||
1023 | if (GNUNET_OK != ret) | 1246 | if (GNUNET_OK != ret) |
1024 | return GNUNET_SYSERR; | 1247 | return GNUNET_SYSERR; |
1025 | ktype = ntohl (key->type); | 1248 | ktype = ntohl (key->type); |
1026 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? | 1249 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? |
1027 | 1250 | ||
1028 | } | 1251 | } |
1029 | 1252 | ||
@@ -1041,7 +1264,7 @@ GNUNET_IDENTITY_private_key_from_string (const char *str, | |||
1041 | if (GNUNET_OK != ret) | 1264 | if (GNUNET_OK != ret) |
1042 | return GNUNET_SYSERR; | 1265 | return GNUNET_SYSERR; |
1043 | ktype = ntohl (key->type); | 1266 | ktype = ntohl (key->type); |
1044 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? | 1267 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? |
1045 | } | 1268 | } |
1046 | 1269 | ||
1047 | 1270 | ||
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 03fb16a43..2bbf2b1e7 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -1700,7 +1700,7 @@ GNUNET_CRYPTO_eddsa_sign_ ( | |||
1700 | */ | 1700 | */ |
1701 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ | 1701 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ |
1702 | /* check size is set correctly */ \ | 1702 | /* check size is set correctly */ \ |
1703 | GNUNET_assert (htonl ((ps)->purpose.size) == sizeof (*ps)); \ | 1703 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)); \ |
1704 | /* check 'ps' begins with the purpose */ \ | 1704 | /* check 'ps' begins with the purpose */ \ |
1705 | GNUNET_static_assert (((void*) (ps)) == \ | 1705 | GNUNET_static_assert (((void*) (ps)) == \ |
1706 | ((void*) &(ps)->purpose)); \ | 1706 | ((void*) &(ps)->purpose)); \ |
@@ -1747,7 +1747,7 @@ GNUNET_CRYPTO_ecdsa_sign_ ( | |||
1747 | */ | 1747 | */ |
1748 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ | 1748 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ |
1749 | /* check size is set correctly */ \ | 1749 | /* check size is set correctly */ \ |
1750 | GNUNET_assert (htonl ((ps)->purpose.size) == sizeof (*(ps))); \ | 1750 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
1751 | /* check 'ps' begins with the purpose */ \ | 1751 | /* check 'ps' begins with the purpose */ \ |
1752 | GNUNET_static_assert (((void*) (ps)) == \ | 1752 | GNUNET_static_assert (((void*) (ps)) == \ |
1753 | ((void*) &(ps)->purpose)); \ | 1753 | ((void*) &(ps)->purpose)); \ |
@@ -1853,7 +1853,7 @@ GNUNET_CRYPTO_ecdsa_verify_ ( | |||
1853 | */ | 1853 | */ |
1854 | #define GNUNET_CRYPTO_ecdsa_verify(purp,ps,sig,pub) ({ \ | 1854 | #define GNUNET_CRYPTO_ecdsa_verify(purp,ps,sig,pub) ({ \ |
1855 | /* check size is set correctly */ \ | 1855 | /* check size is set correctly */ \ |
1856 | GNUNET_assert (htonl ((ps)->purpose.size) == sizeof (*(ps))); \ | 1856 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
1857 | /* check 'ps' begins with the purpose */ \ | 1857 | /* check 'ps' begins with the purpose */ \ |
1858 | GNUNET_static_assert (((void*) (ps)) == \ | 1858 | GNUNET_static_assert (((void*) (ps)) == \ |
1859 | ((void*) &(ps)->purpose)); \ | 1859 | ((void*) &(ps)->purpose)); \ |
diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h index 17714fec4..2974568db 100644 --- a/src/include/gnunet_identity_service.h +++ b/src/include/gnunet_identity_service.h | |||
@@ -138,6 +138,33 @@ struct GNUNET_IDENTITY_PublicKey | |||
138 | 138 | ||
139 | 139 | ||
140 | /** | 140 | /** |
141 | * An identity signature as per LSD0001. | ||
142 | */ | ||
143 | struct GNUNET_IDENTITY_Signature | ||
144 | { | ||
145 | /** | ||
146 | * Type of signature. | ||
147 | * Defined by the GNS zone type value. | ||
148 | * In NBO. | ||
149 | */ | ||
150 | uint32_t type; | ||
151 | |||
152 | union | ||
153 | { | ||
154 | /** | ||
155 | * An ECDSA signature | ||
156 | */ | ||
157 | struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature; | ||
158 | |||
159 | /** | ||
160 | * AN EdDSA signature | ||
161 | */ | ||
162 | struct GNUNET_CRYPTO_EddsaSignature eddsa_signature; | ||
163 | }; | ||
164 | }; | ||
165 | |||
166 | |||
167 | /** | ||
141 | * Handle for an operation with the identity service. | 168 | * Handle for an operation with the identity service. |
142 | */ | 169 | */ |
143 | struct GNUNET_IDENTITY_Operation; | 170 | struct GNUNET_IDENTITY_Operation; |
@@ -379,6 +406,240 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key); | |||
379 | 406 | ||
380 | 407 | ||
381 | /** | 408 | /** |
409 | * Reads a #GNUNET_IDENTITY_PublicKey from a compact buffer. | ||
410 | * The buffer has to contain at least the compacted length of | ||
411 | * a #GNUNET_IDENTITY_PublicKey in bytes. | ||
412 | * If the buffer is too small, the function returns -1 as error. | ||
413 | * If the buffer does not contain a valid key, it returns -2 as error. | ||
414 | * | ||
415 | * @param key the key | ||
416 | * @param buffer the buffer | ||
417 | * @param len the length of buffer | ||
418 | * @return -1 or -2 on error, else the amount of bytes read from the buffer | ||
419 | */ | ||
420 | ssize_t | ||
421 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, | ||
422 | const void*buffer, | ||
423 | size_t len); | ||
424 | |||
425 | |||
426 | /** | ||
427 | * Writes a #GNUNET_IDENTITY_PublicKey to a compact buffer. | ||
428 | * The buffer requires space for at least the compacted length of | ||
429 | * a #GNUNET_IDENTITY_PublicKey in bytes. | ||
430 | * If the buffer is too small, the function returns -1 as error. | ||
431 | * If the key is not valid, it returns -2 as error. | ||
432 | * | ||
433 | * @param key the key | ||
434 | * @param buffer the buffer | ||
435 | * @param len the length of buffer | ||
436 | * @return -1 or -2 on error, else the amount of bytes written to the buffer | ||
437 | */ | ||
438 | ssize_t | ||
439 | GNUNET_IDENTITY_write_key_to_buffer (const struct | ||
440 | GNUNET_IDENTITY_PublicKey *key, | ||
441 | void*buffer, | ||
442 | size_t len); | ||
443 | |||
444 | |||
445 | /** | ||
446 | * Get the compacted length of a #GNUNET_IDENTITY_Signature. | ||
447 | * Compacted means that it returns the minimum number of bytes this | ||
448 | * signature is long, as opposed to the union structure inside | ||
449 | * #GNUNET_IDENTITY_Signature. | ||
450 | * Useful for compact serializations. | ||
451 | * | ||
452 | * @param sig the signature. | ||
453 | * @return -1 on error, else the compacted length of the signature. | ||
454 | */ | ||
455 | ssize_t | ||
456 | GNUNET_IDENTITY_signature_get_length (const struct | ||
457 | GNUNET_IDENTITY_Signature *sig); | ||
458 | |||
459 | |||
460 | /** | ||
461 | * Reads a #GNUNET_IDENTITY_Signature from a compact buffer. | ||
462 | * The buffer has to contain at least the compacted length of | ||
463 | * a #GNUNET_IDENTITY_Signature in bytes. | ||
464 | * If the buffer is too small, the function returns -1 as error. | ||
465 | * If the buffer does not contain a valid key, it returns -2 as error. | ||
466 | * | ||
467 | * @param sig the signature | ||
468 | * @param buffer the buffer | ||
469 | * @param len the length of buffer | ||
470 | * @return -1 or -2 on error, else the amount of bytes read from the buffer | ||
471 | */ | ||
472 | ssize_t | ||
473 | GNUNET_IDENTITY_read_signature_from_buffer (struct | ||
474 | GNUNET_IDENTITY_Signature *sig, | ||
475 | const void*buffer, | ||
476 | size_t len); | ||
477 | |||
478 | |||
479 | /** | ||
480 | * Writes a #GNUNET_IDENTITY_Signature to a compact buffer. | ||
481 | * The buffer requires space for at least the compacted length of | ||
482 | * a #GNUNET_IDENTITY_Signature in bytes. | ||
483 | * If the buffer is too small, the function returns -1 as error. | ||
484 | * If the key is not valid, it returns -2 as error. | ||
485 | * | ||
486 | * @param sig the signature | ||
487 | * @param buffer the buffer | ||
488 | * @param len the length of buffer | ||
489 | * @return -1 or -2 on error, else the amount of bytes written to the buffer | ||
490 | */ | ||
491 | ssize_t | ||
492 | GNUNET_IDENTITY_write_signature_to_buffer (const struct | ||
493 | GNUNET_IDENTITY_Signature *sig, | ||
494 | void*buffer, | ||
495 | size_t len); | ||
496 | |||
497 | |||
498 | /** | ||
499 | * @brief Sign a given block. | ||
500 | * | ||
501 | * The @a purpose data is the beginning of the data of which the signature is | ||
502 | * to be created. The `size` field in @a purpose must correctly indicate the | ||
503 | * number of bytes of the data structure, including its header. If possible, | ||
504 | * use #GNUNET_IDENTITY_sign() instead of this function. | ||
505 | * | ||
506 | * @param priv private key to use for the signing | ||
507 | * @param purpose what to sign (size, purpose) | ||
508 | * @param[out] sig where to write the signature | ||
509 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
510 | */ | ||
511 | int | ||
512 | GNUNET_IDENTITY_sign_ (const struct | ||
513 | GNUNET_IDENTITY_PrivateKey *priv, | ||
514 | const struct | ||
515 | GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
516 | struct GNUNET_IDENTITY_Signature *sig); | ||
517 | |||
518 | |||
519 | /** | ||
520 | * @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey. | ||
521 | * | ||
522 | * The @a ps data must be a fixed-size struct for which the signature is to be | ||
523 | * created. The `size` field in @a ps->purpose must correctly indicate the | ||
524 | * number of bytes of the data structure, including its header. | ||
525 | * | ||
526 | * @param priv private key to use for the signing | ||
527 | * @param ps packed struct with what to sign, MUST begin with a purpose | ||
528 | * @param[out] sig where to write the signature | ||
529 | */ | ||
530 | #define GNUNET_IDENTITY_sign(priv,ps,sig) do { \ | ||
531 | /* check size is set correctly */ \ | ||
532 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | ||
533 | /* check 'ps' begins with the purpose */ \ | ||
534 | GNUNET_static_assert (((void*) (ps)) == \ | ||
535 | ((void*) &(ps)->purpose)); \ | ||
536 | GNUNET_assert (GNUNET_OK == \ | ||
537 | GNUNET_IDENTITY_sign_ (priv, \ | ||
538 | &(ps)->purpose, \ | ||
539 | sig)); \ | ||
540 | } while (0) | ||
541 | |||
542 | |||
543 | /** | ||
544 | * @brief Verify a given signature. | ||
545 | * | ||
546 | * The @a validate data is the beginning of the data of which the signature | ||
547 | * is to be verified. The `size` field in @a validate must correctly indicate | ||
548 | * the number of bytes of the data structure, including its header. If @a | ||
549 | * purpose does not match the purpose given in @a validate (the latter must be | ||
550 | * in big endian), signature verification fails. If possible, | ||
551 | * use #GNUNET_IDENTITY_signature_verify() instead of this function (only if @a validate | ||
552 | * is not fixed-size, you must use this function directly). | ||
553 | * | ||
554 | * @param purpose what is the purpose that the signature should have? | ||
555 | * @param validate block to validate (size, purpose, data) | ||
556 | * @param sig signature that is being validated | ||
557 | * @param pub public key of the signer | ||
558 | * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid | ||
559 | */ | ||
560 | int | ||
561 | GNUNET_IDENTITY_signature_verify_ (uint32_t purpose, | ||
562 | const struct | ||
563 | GNUNET_CRYPTO_EccSignaturePurpose *validate, | ||
564 | const struct GNUNET_IDENTITY_Signature *sig, | ||
565 | const struct | ||
566 | GNUNET_IDENTITY_PublicKey *pub); | ||
567 | |||
568 | |||
569 | /** | ||
570 | * @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey. | ||
571 | * | ||
572 | * The @a ps data must be a fixed-size struct for which the signature is to be | ||
573 | * created. The `size` field in @a ps->purpose must correctly indicate the | ||
574 | * number of bytes of the data structure, including its header. | ||
575 | * | ||
576 | * @param purp purpose of the signature, must match 'ps->purpose.purpose' | ||
577 | * (except in host byte order) | ||
578 | * @param ps packed struct with what to sign, MUST begin with a purpose | ||
579 | * @param sig where to read the signature from | ||
580 | * @param pub public key to use for the verifying | ||
581 | */ | ||
582 | #define GNUNET_IDENTITY_signature_verify(purp,ps,sig,pub) ({ \ | ||
583 | /* check size is set correctly */ \ | ||
584 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | ||
585 | /* check 'ps' begins with the purpose */ \ | ||
586 | GNUNET_static_assert (((void*) (ps)) == \ | ||
587 | ((void*) &(ps)->purpose)); \ | ||
588 | GNUNET_IDENTITY_signature_verify_ (purp, \ | ||
589 | &(ps)->purpose, \ | ||
590 | sig, \ | ||
591 | pub); \ | ||
592 | }) | ||
593 | |||
594 | |||
595 | /** | ||
596 | * Encrypt a block with #GNUNET_IDENTITY_PublicKey and derives a | ||
597 | * #GNUNET_CRYPTO_EcdhePublicKey which is required for decryption | ||
598 | * using ecdh to derive a symmetric key. | ||
599 | * | ||
600 | * @param block the block to encrypt | ||
601 | * @param size the size of the @a block | ||
602 | * @param pub public key to use for ecdh | ||
603 | * @param ecc where to write the ecc public key | ||
604 | * @param result the output parameter in which to store the encrypted result | ||
605 | * can be the same or overlap with @c block | ||
606 | * @returns the size of the encrypted block, -1 for errors. | ||
607 | * Due to the use of CFB and therefore an effective stream cipher, | ||
608 | * this size should be the same as @c len. | ||
609 | */ | ||
610 | ssize_t | ||
611 | GNUNET_IDENTITY_encrypt (const void *block, | ||
612 | size_t size, | ||
613 | const struct GNUNET_IDENTITY_PublicKey *pub, | ||
614 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
615 | void *result); | ||
616 | |||
617 | |||
618 | /** | ||
619 | * Decrypt a given block with #GNUNET_IDENTITY_PrivateKey and a given | ||
620 | * #GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key. | ||
621 | * | ||
622 | * @param block the data to decrypt, encoded as returned by encrypt | ||
623 | * @param size the size of the @a block to decrypt | ||
624 | * @param priv private key to use for ecdh | ||
625 | * @param ecc the ecc public key | ||
626 | * @param result address to store the result at | ||
627 | * can be the same or overlap with @c block | ||
628 | * @return -1 on failure, size of decrypted block on success. | ||
629 | * Due to the use of CFB and therefore an effective stream cipher, | ||
630 | * this size should be the same as @c size. | ||
631 | */ | ||
632 | ssize_t | ||
633 | GNUNET_IDENTITY_decrypt (const void *block, | ||
634 | size_t size, | ||
635 | const struct | ||
636 | GNUNET_IDENTITY_PrivateKey *priv, | ||
637 | const struct | ||
638 | GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
639 | void *result); | ||
640 | |||
641 | |||
642 | /** | ||
382 | * Creates a (Base32) string representation of the public key. | 643 | * Creates a (Base32) string representation of the public key. |
383 | * The resulting string encodes a compacted representation of the key. | 644 | * The resulting string encodes a compacted representation of the key. |
384 | * See also #GNUNET_IDENTITY_key_get_length. | 645 | * See also #GNUNET_IDENTITY_key_get_length. |
@@ -438,7 +699,8 @@ GNUNET_IDENTITY_private_key_from_string (const char*str, | |||
438 | * @return GNUNET_SYSERR on error. | 699 | * @return GNUNET_SYSERR on error. |
439 | */ | 700 | */ |
440 | enum GNUNET_GenericReturnValue | 701 | enum GNUNET_GenericReturnValue |
441 | GNUNET_IDENTITY_key_get_public (const struct GNUNET_IDENTITY_PrivateKey *privkey, | 702 | GNUNET_IDENTITY_key_get_public (const struct |
703 | GNUNET_IDENTITY_PrivateKey *privkey, | ||
442 | struct GNUNET_IDENTITY_PublicKey *key); | 704 | struct GNUNET_IDENTITY_PublicKey *key); |
443 | 705 | ||
444 | 706 | ||
diff --git a/src/include/gnunet_revocation_service.h b/src/include/gnunet_revocation_service.h index 18c1f2674..d56116914 100644 --- a/src/include/gnunet_revocation_service.h +++ b/src/include/gnunet_revocation_service.h | |||
@@ -95,7 +95,7 @@ struct GNUNET_REVOCATION_PowP | |||
95 | /** | 95 | /** |
96 | * The signature object we use for the PoW | 96 | * The signature object we use for the PoW |
97 | */ | 97 | */ |
98 | struct GNUNET_REVOCATION_EcdsaSignaturePurposePS | 98 | struct GNUNET_REVOCATION_SignaturePurposePS |
99 | { | 99 | { |
100 | /** | 100 | /** |
101 | * The signature purpose | 101 | * The signature purpose |
@@ -103,19 +103,11 @@ struct GNUNET_REVOCATION_EcdsaSignaturePurposePS | |||
103 | struct GNUNET_CRYPTO_EccSignaturePurpose purpose; | 103 | struct GNUNET_CRYPTO_EccSignaturePurpose purpose; |
104 | 104 | ||
105 | /** | 105 | /** |
106 | * Type of the key | ||
107 | */ | ||
108 | uint32_t ktype; | ||
109 | |||
110 | /** | ||
111 | * The revoked public key | ||
112 | */ | ||
113 | struct GNUNET_CRYPTO_EcdsaPublicKey key; | ||
114 | |||
115 | /** | ||
116 | * The timestamp of the revocation | 106 | * The timestamp of the revocation |
117 | */ | 107 | */ |
118 | struct GNUNET_TIME_AbsoluteNBO timestamp; | 108 | struct GNUNET_TIME_AbsoluteNBO timestamp; |
109 | |||
110 | /** Followed by the zone public key type and key **/ | ||
119 | }; | 111 | }; |
120 | 112 | ||
121 | GNUNET_NETWORK_STRUCT_END | 113 | GNUNET_NETWORK_STRUCT_END |
diff --git a/src/namestore/test_namestore_api_zone_to_name.c b/src/namestore/test_namestore_api_zone_to_name.c index e5ede6bcd..3fd10e4a1 100644 --- a/src/namestore/test_namestore_api_zone_to_name.c +++ b/src/namestore/test_namestore_api_zone_to_name.c | |||
@@ -212,12 +212,13 @@ run (void *cls, | |||
212 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, | 212 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, |
213 | &s_zone_value, | 213 | &s_zone_value, |
214 | sizeof(s_zone_value)); | 214 | sizeof(s_zone_value)); |
215 | s_zone_value.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); | ||
215 | { | 216 | { |
216 | struct GNUNET_GNSRECORD_Data rd; | 217 | struct GNUNET_GNSRECORD_Data rd; |
217 | 218 | ||
218 | rd.expiration_time = GNUNET_TIME_absolute_get ().abs_value_us; | 219 | rd.expiration_time = GNUNET_TIME_absolute_get ().abs_value_us; |
219 | rd.record_type = GNUNET_GNSRECORD_TYPE_PKEY; | 220 | rd.record_type = GNUNET_GNSRECORD_TYPE_PKEY; |
220 | rd.data_size = sizeof(s_zone_value); | 221 | rd.data_size = GNUNET_IDENTITY_key_get_length (&s_zone_value); |
221 | rd.data = &s_zone_value; | 222 | rd.data = &s_zone_value; |
222 | rd.flags = 0; | 223 | rd.flags = 0; |
223 | 224 | ||
diff --git a/src/namestore/test_plugin_rest_namestore.sh b/src/namestore/test_plugin_rest_namestore.sh index 12a7fa50c..8a45cebf5 100755 --- a/src/namestore/test_plugin_rest_namestore.sh +++ b/src/namestore/test_plugin_rest_namestore.sh | |||
@@ -84,14 +84,15 @@ gnunet-identity -C $TEST_ID -c test_namestore_api.conf | |||
84 | test="$(gnunet-namestore -D -z $TEST_ID -c test_namestore_api.conf)" | 84 | test="$(gnunet-namestore -D -z $TEST_ID -c test_namestore_api.conf)" |
85 | name=$TEST_ID | 85 | name=$TEST_ID |
86 | public="$(gnunet-identity -d -c test_namestore_api.conf | grep $TEST_ID | awk 'NR==1{print $3}')" | 86 | public="$(gnunet-identity -d -c test_namestore_api.conf | grep $TEST_ID | awk 'NR==1{print $3}')" |
87 | gnunet-namestore -z $name -p -a -n "test_entry" -e "1d" -V "HVX38H2CB7WJM0WCPWT9CFX6GASMYJVR65RN75SJSSKAYVYXHMRG" -t "PKEY" -c test_namestore_api.conf | 87 | echo "$name $public" |
88 | valgrind gnunet-namestore -z $name -p -a -n "test_entry" -e "1d" -V "000G006WVZ8HQ5YTVFNX09HK0VJVVQ9ZCBYDSCH3ERT04N5ZRBKEB82EP8" -t "PKEY" -c test_namestore_api.conf | ||
88 | #curl_get "${namestore_link}" "HTTP/1.1 200 OK" | 89 | #curl_get "${namestore_link}" "HTTP/1.1 200 OK" |
89 | curl_get "${namestore_link}/$name" "HTTP/1.1 200 OK" | 90 | curl_get "${namestore_link}/$name" "HTTP/1.1 200 OK" |
90 | curl_get "${namestore_link}/$public" "error" | 91 | curl_get "${namestore_link}/$public" "error" |
91 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf | 92 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf |
92 | 93 | ||
93 | #Test POST with NAME | 94 | #Test POST with NAME |
94 | curl_post "${namestore_link}/$name" '{"data": [{"value":"HVX38H2CB7WJM0WCPWT9CFX6GASMYJVR65RN75SJSSKAYVYXHMRG", "record_type":"PKEY", "expiration_time":"1d","private": false, "relative_expiration": false, "supplemental": false, "shadow": false}],"record_name":"test_entry"}' "HTTP/1.1 204 No Content" | 95 | curl_post "${namestore_link}/$name" '{"data": [{"value":"000G006WVZ8HQ5YTVFNX09HK0VJVVQ9ZCBYDSCH3ERT04N5ZRBKEB82EP8", "record_type":"PKEY", "expiration_time":"1d","private": false, "relative_expiration": false, "supplemental": false, "shadow": false}],"record_name":"test_entry"}' "HTTP/1.1 204 No Content" |
95 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 | 96 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 |
96 | 97 | ||
97 | # invalid values | 98 | # invalid values |
@@ -106,29 +107,29 @@ curl_post "${namestore_link}/$name" '{"data": [{"record_type":"PKEY", "expiratio | |||
106 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 | 107 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 |
107 | 108 | ||
108 | #expirations | 109 | #expirations |
109 | curl_post "${namestore_link}/$name" '{"data": [{"value":"HVX38H2CB7WJM0WCPWT9CFX6GASMYJVR65RN75SJSSKAYVYXHMRG", "record_type":"PKEY", "expiration_time":"0d","private": false, "relative_expiration": true, "supplemental": false, "shadow": false}],"record_name":"test_entry"}' "HTTP/1.1 204" | 110 | curl_post "${namestore_link}/$name" '{"data": [{"value":"000G006WVZ8HQ5YTVFNX09HK0VJVVQ9ZCBYDSCH3ERT04N5ZRBKEB82EP8", "record_type":"PKEY", "expiration_time":"0d","private": false, "relative_expiration": true, "supplemental": false, "shadow": false}],"record_name":"test_entry"}' "HTTP/1.1 204" |
110 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 | 111 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 |
111 | 112 | ||
112 | curl_post "${namestore_link}/$name" '{"data": [{"value":"HVX38H2CB7WJM0WCPWT9CFX6GASMYJVR65RN75SJSSKAYVYXHMRG", "record_type":"PKEY", "expiration_time":"10000d","private": false, "relative_expiration": true, "supplemental": false, "shadow": false}],"record_name":"test_entry"}' "HTTP/1.1 204" | 113 | curl_post "${namestore_link}/$name" '{"data": [{"value":"000G006WVZ8HQ5YTVFNX09HK0VJVVQ9ZCBYDSCH3ERT04N5ZRBKEB82EP8", "record_type":"PKEY", "expiration_time":"10000d","private": false, "relative_expiration": true, "supplemental": false, "shadow": false}],"record_name":"test_entry"}' "HTTP/1.1 204" |
113 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 | 114 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 |
114 | 115 | ||
115 | curl_post "${namestore_link}/$name" '{"data": [{"value":"HVX38H2CB7WJM0WCPWT9CFX6GASMYJVR65RN75SJSSKAYVYXHMRG", "record_type":"PKEY", "expiration_time":"now","private": false, "relative_expiration": false, "supplemental": false, "shadow": false}],"record_name":"test_entry"}' "error" | 116 | curl_post "${namestore_link}/$name" '{"data": [{"value":"000G006WVZ8HQ5YTVFNX09HK0VJVVQ9ZCBYDSCH3ERT04N5ZRBKEB82EP8", "record_type":"PKEY", "expiration_time":"now","private": false, "relative_expiration": false, "supplemental": false, "shadow": false}],"record_name":"test_entry"}' "error" |
116 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 | 117 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 |
117 | 118 | ||
118 | curl_post "${namestore_link}/$name" '{"data": [{"value":"HVX38H2CB7WJM0WCPWT9CFX6GASMYJVR65RN75SJSSKAYVYXHMRG", "record_type":"PKEY", "expiration_time_missing":"1d","private": false, "relative_expiration": false, "supplemental": false, "shadow": false}],"record_name":"test_entry"}' "error" | 119 | curl_post "${namestore_link}/$name" '{"data": [{"value":"000G006WVZ8HQ5YTVFNX09HK0VJVVQ9ZCBYDSCH3ERT04N5ZRBKEB82EP8", "record_type":"PKEY", "expiration_time_missing":"1d","private": false, "relative_expiration": false, "supplemental": false, "shadow": false}],"record_name":"test_entry"}' "error" |
119 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 | 120 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 |
120 | 121 | ||
121 | #record_name | 122 | #record_name |
122 | curl_post "${namestore_link}/$name" '{"data": [{"value":"HVX38H2CB7WJM0WCPWT9CFX6GASMYJVR65RN75SJSSKAYVYXHMRG", "record_type":"PKEY", "expiration_time":"1d","private": false, "relative_expiration": false, "supplemental": false, "shadow": false}],"record_name":""}' "error" | 123 | curl_post "${namestore_link}/$name" '{"data": [{"value":"000G006WVZ8HQ5YTVFNX09HK0VJVVQ9ZCBYDSCH3ERT04N5ZRBKEB82EP8", "record_type":"PKEY", "expiration_time":"1d","private": false, "relative_expiration": false, "supplemental": false, "shadow": false}],"record_name":""}' "error" |
123 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 | 124 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 |
124 | curl_post "${namestore_link}/$name" '{"data": [{"value":"HVX38H2CB7WJM0WCPWT9CFX6GASMYJVR65RN75SJSSKAYVYXHMRG", "record_type":"PKEY", "expiration_time":"1d","private": false, "relative_expiration": false, "supplemental": false, "shadow": false}],"record_name_missing":"test_entry"}' "error" | 125 | curl_post "${namestore_link}/$name" '{"data": [{"value":"000G006WVZ8HQ5YTVFNX09HK0VJVVQ9ZCBYDSCH3ERT04N5ZRBKEB82EP8", "record_type":"PKEY", "expiration_time":"1d","private": false, "relative_expiration": false, "supplemental": false, "shadow": false}],"record_name_missing":"test_entry"}' "error" |
125 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 | 126 | gnunet-namestore -z $name -d -n "test_entry" -c test_namestore_api.conf > /dev/null 2>&1 |
126 | 127 | ||
127 | #Test DELETE | 128 | #Test DELETE |
128 | gnunet-namestore -z $name -p -a -n "test_entry" -e "1d" -V "HVX38H2CB7WJM0WCPWT9CFX6GASMYJVR65RN75SJSSKAYVYXHMRG" -t "PKEY" -c test_namestore_api.conf | 129 | gnunet-namestore -z $name -p -a -n "test_entry" -e "1d" -V "000G006WVZ8HQ5YTVFNX09HK0VJVVQ9ZCBYDSCH3ERT04N5ZRBKEB82EP8" -t "PKEY" -c test_namestore_api.conf |
129 | curl_delete "${namestore_link}/$name/test_entry" "HTTP/1.1 204" | 130 | curl_delete "${namestore_link}/$name/test_entry" "HTTP/1.1 204" |
130 | curl_delete "${namestore_link}/$name/test_entry" "error" | 131 | curl_delete "${namestore_link}/$name/test_entry" "error" |
131 | gnunet-namestore -z $name -p -a -n "test_entry" -e "1d" -V "HVX38H2CB7WJM0WCPWT9CFX6GASMYJVR65RN75SJSSKAYVYXHMRG" -t "PKEY" -c test_namestore_api.conf | 132 | gnunet-namestore -z $name -p -a -n "test_entry" -e "1d" -V "000G006WVZ8HQ5YTVFNX09HK0VJVVQ9ZCBYDSCH3ERT04N5ZRBKEB82EP8" -t "PKEY" -c test_namestore_api.conf |
132 | curl_delete "${namestore_link}/$public/test_entry" "error" | 133 | curl_delete "${namestore_link}/$public/test_entry" "error" |
133 | 134 | ||
134 | gnunet-arm -e -c test_namestore_api.conf | 135 | gnunet-arm -e -c test_namestore_api.conf |
diff --git a/src/pt/test_gns_vpn.c b/src/pt/test_gns_vpn.c index cf0455477..7b4abaec2 100644 --- a/src/pt/test_gns_vpn.c +++ b/src/pt/test_gns_vpn.c | |||
@@ -560,7 +560,7 @@ identity_cb (void *cls, | |||
560 | void **ctx, | 560 | void **ctx, |
561 | const char *name) | 561 | const char *name) |
562 | { | 562 | { |
563 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key; | 563 | const struct GNUNET_IDENTITY_PrivateKey *zone_key; |
564 | struct GNUNET_GNSRECORD_Data rd; | 564 | struct GNUNET_GNSRECORD_Data rd; |
565 | char *rd_string; | 565 | char *rd_string; |
566 | char *peername; | 566 | char *peername; |
diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c index c3ff07976..c6d56e02d 100644 --- a/src/reclaim/oidc_helper.c +++ b/src/reclaim/oidc_helper.c | |||
@@ -154,10 +154,12 @@ fix_base64 (char *str) | |||
154 | replace_char (str, '/', '_'); | 154 | replace_char (str, '/', '_'); |
155 | } | 155 | } |
156 | 156 | ||
157 | |||
157 | static json_t* | 158 | static json_t* |
158 | generate_userinfo_json(const struct GNUNET_IDENTITY_PublicKey *sub_key, | 159 | generate_userinfo_json (const struct GNUNET_IDENTITY_PublicKey *sub_key, |
159 | const struct GNUNET_RECLAIM_AttributeList *attrs, | 160 | const struct GNUNET_RECLAIM_AttributeList *attrs, |
160 | const struct GNUNET_RECLAIM_PresentationList *presentations) | 161 | const struct |
162 | GNUNET_RECLAIM_PresentationList *presentations) | ||
161 | { | 163 | { |
162 | struct GNUNET_RECLAIM_AttributeListEntry *le; | 164 | struct GNUNET_RECLAIM_AttributeListEntry *le; |
163 | struct GNUNET_RECLAIM_PresentationListEntry *ple; | 165 | struct GNUNET_RECLAIM_PresentationListEntry *ple; |
@@ -206,7 +208,8 @@ generate_userinfo_json(const struct GNUNET_IDENTITY_PublicKey *sub_key, | |||
206 | ple->presentation->data, | 208 | ple->presentation->data, |
207 | ple->presentation->data_size); | 209 | ple->presentation->data_size); |
208 | json_object_set_new (aggr_sources_jwt, | 210 | json_object_set_new (aggr_sources_jwt, |
209 | GNUNET_RECLAIM_presentation_number_to_typename (ple->presentation->type), | 211 | GNUNET_RECLAIM_presentation_number_to_typename ( |
212 | ple->presentation->type), | ||
210 | json_string (pres_val_str) ); | 213 | json_string (pres_val_str) ); |
211 | json_object_set_new (aggr_sources, source_name, aggr_sources_jwt); | 214 | json_object_set_new (aggr_sources, source_name, aggr_sources_jwt); |
212 | GNUNET_free (pres_val_str); | 215 | GNUNET_free (pres_val_str); |
@@ -286,6 +289,7 @@ generate_userinfo_json(const struct GNUNET_IDENTITY_PublicKey *sub_key, | |||
286 | return body; | 289 | return body; |
287 | } | 290 | } |
288 | 291 | ||
292 | |||
289 | /** | 293 | /** |
290 | * Generate userinfo JSON as string | 294 | * Generate userinfo JSON as string |
291 | * | 295 | * |
@@ -297,12 +301,13 @@ generate_userinfo_json(const struct GNUNET_IDENTITY_PublicKey *sub_key, | |||
297 | char * | 301 | char * |
298 | OIDC_generate_userinfo (const struct GNUNET_IDENTITY_PublicKey *sub_key, | 302 | OIDC_generate_userinfo (const struct GNUNET_IDENTITY_PublicKey *sub_key, |
299 | const struct GNUNET_RECLAIM_AttributeList *attrs, | 303 | const struct GNUNET_RECLAIM_AttributeList *attrs, |
300 | const struct GNUNET_RECLAIM_PresentationList *presentations) | 304 | const struct |
305 | GNUNET_RECLAIM_PresentationList *presentations) | ||
301 | { | 306 | { |
302 | char *body_str; | 307 | char *body_str; |
303 | json_t* body = generate_userinfo_json (sub_key, | 308 | json_t*body = generate_userinfo_json (sub_key, |
304 | attrs, | 309 | attrs, |
305 | presentations); | 310 | presentations); |
306 | body_str = json_dumps (body, JSON_INDENT (0) | JSON_COMPACT); | 311 | body_str = json_dumps (body, JSON_INDENT (0) | JSON_COMPACT); |
307 | json_decref (body); | 312 | json_decref (body); |
308 | return body_str; | 313 | return body_str; |
@@ -324,7 +329,8 @@ char * | |||
324 | OIDC_generate_id_token (const struct GNUNET_IDENTITY_PublicKey *aud_key, | 329 | OIDC_generate_id_token (const struct GNUNET_IDENTITY_PublicKey *aud_key, |
325 | const struct GNUNET_IDENTITY_PublicKey *sub_key, | 330 | const struct GNUNET_IDENTITY_PublicKey *sub_key, |
326 | const struct GNUNET_RECLAIM_AttributeList *attrs, | 331 | const struct GNUNET_RECLAIM_AttributeList *attrs, |
327 | const struct GNUNET_RECLAIM_PresentationList *presentations, | 332 | const struct |
333 | GNUNET_RECLAIM_PresentationList *presentations, | ||
328 | const struct GNUNET_TIME_Relative *expiration_time, | 334 | const struct GNUNET_TIME_Relative *expiration_time, |
329 | const char *nonce, | 335 | const char *nonce, |
330 | const char *secret_key) | 336 | const char *secret_key) |
@@ -441,7 +447,8 @@ char * | |||
441 | OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer, | 447 | OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer, |
442 | const struct GNUNET_RECLAIM_Ticket *ticket, | 448 | const struct GNUNET_RECLAIM_Ticket *ticket, |
443 | const struct GNUNET_RECLAIM_AttributeList *attrs, | 449 | const struct GNUNET_RECLAIM_AttributeList *attrs, |
444 | const struct GNUNET_RECLAIM_PresentationList *presentations, | 450 | const struct |
451 | GNUNET_RECLAIM_PresentationList *presentations, | ||
445 | const char *nonce_str, | 452 | const char *nonce_str, |
446 | const char *code_challenge) | 453 | const char *code_challenge) |
447 | { | 454 | { |
@@ -525,7 +532,7 @@ OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer, | |||
525 | // Get length | 532 | // Get length |
526 | code_payload_len = sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 533 | code_payload_len = sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) |
527 | + payload_len + sizeof(struct | 534 | + payload_len + sizeof(struct |
528 | GNUNET_CRYPTO_EcdsaSignature); | 535 | GNUNET_IDENTITY_Signature); |
529 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 536 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
530 | "Length of data to encode: %lu\n", | 537 | "Length of data to encode: %lu\n", |
531 | code_payload_len); | 538 | code_payload_len); |
@@ -544,10 +551,10 @@ OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer, | |||
544 | buf_ptr += payload_len; | 551 | buf_ptr += payload_len; |
545 | // Sign and store signature | 552 | // Sign and store signature |
546 | if (GNUNET_SYSERR == | 553 | if (GNUNET_SYSERR == |
547 | GNUNET_CRYPTO_ecdsa_sign_ (&issuer->ecdsa_key, | 554 | GNUNET_IDENTITY_sign_ (issuer, |
548 | purpose, | 555 | purpose, |
549 | (struct GNUNET_CRYPTO_EcdsaSignature *) | 556 | (struct GNUNET_IDENTITY_Signature *) |
550 | buf_ptr)) | 557 | buf_ptr)) |
551 | { | 558 | { |
552 | GNUNET_break (0); | 559 | GNUNET_break (0); |
553 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Unable to sign code\n"); | 560 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Unable to sign code\n"); |
@@ -593,7 +600,7 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience, | |||
593 | char *code_challenge; | 600 | char *code_challenge; |
594 | char *code_verifier_hash; | 601 | char *code_verifier_hash; |
595 | struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; | 602 | struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; |
596 | struct GNUNET_CRYPTO_EcdsaSignature *signature; | 603 | struct GNUNET_IDENTITY_Signature *signature; |
597 | uint32_t code_challenge_len; | 604 | uint32_t code_challenge_len; |
598 | uint32_t attrs_ser_len; | 605 | uint32_t attrs_ser_len; |
599 | uint32_t pres_ser_len; | 606 | uint32_t pres_ser_len; |
@@ -609,7 +616,7 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience, | |||
609 | (void **) &code_payload); | 616 | (void **) &code_payload); |
610 | if (code_payload_len < sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 617 | if (code_payload_len < sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) |
611 | + sizeof(struct OIDC_Parameters) | 618 | + sizeof(struct OIDC_Parameters) |
612 | + sizeof(struct GNUNET_CRYPTO_EcdsaSignature)) | 619 | + sizeof(struct GNUNET_IDENTITY_Signature)) |
613 | { | 620 | { |
614 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Authorization code malformed\n"); | 621 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Authorization code malformed\n"); |
615 | GNUNET_free (code_payload); | 622 | GNUNET_free (code_payload); |
@@ -620,10 +627,10 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience, | |||
620 | plaintext_len = code_payload_len; | 627 | plaintext_len = code_payload_len; |
621 | plaintext_len -= sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose); | 628 | plaintext_len -= sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose); |
622 | ptr = (char *) &purpose[1]; | 629 | ptr = (char *) &purpose[1]; |
623 | plaintext_len -= sizeof(struct GNUNET_CRYPTO_EcdsaSignature); | 630 | plaintext_len -= sizeof(struct GNUNET_IDENTITY_Signature); |
624 | plaintext = ptr; | 631 | plaintext = ptr; |
625 | ptr += plaintext_len; | 632 | ptr += plaintext_len; |
626 | signature = (struct GNUNET_CRYPTO_EcdsaSignature *) ptr; | 633 | signature = (struct GNUNET_IDENTITY_Signature *) ptr; |
627 | params = (struct OIDC_Parameters *) plaintext; | 634 | params = (struct OIDC_Parameters *) plaintext; |
628 | 635 | ||
629 | // cmp code_challenge code_verifier | 636 | // cmp code_challenge code_verifier |
@@ -684,10 +691,11 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience, | |||
684 | return GNUNET_SYSERR; | 691 | return GNUNET_SYSERR; |
685 | } | 692 | } |
686 | if (GNUNET_OK != | 693 | if (GNUNET_OK != |
687 | GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN, | 694 | GNUNET_IDENTITY_signature_verify_ ( |
688 | purpose, | 695 | GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN, |
689 | signature, | 696 | purpose, |
690 | &ticket->identity.ecdsa_key)) | 697 | signature, |
698 | &(ticket->identity))) | ||
691 | { | 699 | { |
692 | GNUNET_free (code_payload); | 700 | GNUNET_free (code_payload); |
693 | if (NULL != *nonce_str) | 701 | if (NULL != *nonce_str) |
@@ -840,7 +848,8 @@ OIDC_check_scopes_for_claim_request (const char*scopes, | |||
840 | } | 848 | } |
841 | } | 849 | } |
842 | 850 | ||
843 | } else if (0 == strcmp (attr, scope_variable)) | 851 | } |
852 | else if (0 == strcmp (attr, scope_variable)) | ||
844 | { | 853 | { |
845 | /** attribute matches requested scope **/ | 854 | /** attribute matches requested scope **/ |
846 | GNUNET_free (scope_variables); | 855 | GNUNET_free (scope_variables); |
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index 94fbc7022..791c3d008 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c | |||
@@ -423,33 +423,33 @@ calculate_score (const struct GNUNET_REVOCATION_PowCalculationHandle *ph) | |||
423 | 423 | ||
424 | 424 | ||
425 | enum GNUNET_GenericReturnValue | 425 | enum GNUNET_GenericReturnValue |
426 | check_signature_ecdsa (const struct GNUNET_REVOCATION_PowP *pow, | 426 | check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, |
427 | const struct GNUNET_CRYPTO_EcdsaPublicKey *key) | 427 | const struct GNUNET_IDENTITY_PublicKey *key) |
428 | { | 428 | { |
429 | struct GNUNET_REVOCATION_EcdsaSignaturePurposePS spurp; | 429 | struct GNUNET_REVOCATION_SignaturePurposePS *spurp; |
430 | struct GNUNET_CRYPTO_EcdsaSignature *sig; | 430 | struct GNUNET_IDENTITY_Signature *sig; |
431 | const struct GNUNET_IDENTITY_PublicKey *pk; | 431 | const struct GNUNET_IDENTITY_PublicKey *pk; |
432 | size_t ksize; | 432 | size_t ksize; |
433 | 433 | ||
434 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | 434 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
435 | ksize = GNUNET_IDENTITY_key_get_length (pk); | 435 | ksize = GNUNET_IDENTITY_key_get_length (pk); |
436 | 436 | ||
437 | spurp.ktype = pk->type; | 437 | spurp = GNUNET_malloc (sizeof (*spurp) + ksize); |
438 | spurp.key = pk->ecdsa_key; | 438 | spurp->timestamp = pow->timestamp; |
439 | spurp.timestamp = pow->timestamp; | 439 | spurp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); |
440 | spurp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); | 440 | spurp->purpose.size = htonl (sizeof(*spurp) + ksize); |
441 | spurp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 441 | GNUNET_IDENTITY_write_key_to_buffer (pk, |
442 | + GNUNET_IDENTITY_key_get_length (pk) | 442 | (char*) &spurp[1], |
443 | + sizeof (struct GNUNET_TIME_AbsoluteNBO)); | 443 | ksize); |
444 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 444 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
445 | "Expected signature payload len: %u\n", | 445 | "Expected signature payload len: %u\n", |
446 | ntohl (spurp.purpose.size)); | 446 | ntohl (spurp->purpose.size)); |
447 | sig = (struct GNUNET_CRYPTO_EcdsaSignature *) ((char*)&pow[1] + ksize); | 447 | sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize); |
448 | if (GNUNET_OK != | 448 | if (GNUNET_OK != |
449 | GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, | 449 | GNUNET_IDENTITY_signature_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, |
450 | &spurp.purpose, | 450 | &spurp->purpose, |
451 | sig, | 451 | sig, |
452 | key)) | 452 | key)) |
453 | { | 453 | { |
454 | return GNUNET_SYSERR; | 454 | return GNUNET_SYSERR; |
455 | } | 455 | } |
@@ -463,14 +463,7 @@ check_signature (const struct GNUNET_REVOCATION_PowP *pow) | |||
463 | const struct GNUNET_IDENTITY_PublicKey *pk; | 463 | const struct GNUNET_IDENTITY_PublicKey *pk; |
464 | 464 | ||
465 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | 465 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
466 | switch (ntohl (pk->type)) | 466 | return check_signature_identity (pow, pk); |
467 | { | ||
468 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
469 | return check_signature_ecdsa (pow, &pk->ecdsa_key); | ||
470 | default: | ||
471 | return GNUNET_SYSERR; | ||
472 | } | ||
473 | return GNUNET_SYSERR; | ||
474 | } | 467 | } |
475 | 468 | ||
476 | 469 | ||
@@ -576,11 +569,11 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_PowP *pow, | |||
576 | 569 | ||
577 | 570 | ||
578 | enum GNUNET_GenericReturnValue | 571 | enum GNUNET_GenericReturnValue |
579 | sign_pow_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | 572 | sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, |
580 | struct GNUNET_REVOCATION_PowP *pow) | 573 | struct GNUNET_REVOCATION_PowP *pow) |
581 | { | 574 | { |
582 | struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); | 575 | struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); |
583 | struct GNUNET_REVOCATION_EcdsaSignaturePurposePS rp; | 576 | struct GNUNET_REVOCATION_SignaturePurposePS *rp; |
584 | const struct GNUNET_IDENTITY_PublicKey *pk; | 577 | const struct GNUNET_IDENTITY_PublicKey *pk; |
585 | size_t ksize; | 578 | size_t ksize; |
586 | char *sig; | 579 | char *sig; |
@@ -594,21 +587,24 @@ sign_pow_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
594 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | 587 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
595 | ksize = GNUNET_IDENTITY_key_get_length (pk); | 588 | ksize = GNUNET_IDENTITY_key_get_length (pk); |
596 | pow->timestamp = GNUNET_TIME_absolute_hton (ts); | 589 | pow->timestamp = GNUNET_TIME_absolute_hton (ts); |
597 | rp.timestamp = pow->timestamp; | 590 | rp = GNUNET_malloc (sizeof (*rp) + ksize); |
598 | rp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); | 591 | rp->timestamp = pow->timestamp; |
599 | rp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 592 | rp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); |
600 | + ksize | 593 | rp->purpose.size = htonl (sizeof(*rp) + ksize); |
601 | + sizeof (struct GNUNET_TIME_AbsoluteNBO)); | ||
602 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 594 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
603 | "Signature payload len: %u\n", | 595 | "Signature payload len: %u\n", |
604 | ntohl (rp.purpose.size)); | 596 | ntohl (rp->purpose.size)); |
605 | rp.ktype = pk->type; | 597 | GNUNET_IDENTITY_write_key_to_buffer (pk, |
606 | rp.key = pk->ecdsa_key; | 598 | ((char*) &rp[1]), |
607 | sig = ((char*)&pow[1]) + ksize; | 599 | ksize); |
608 | return GNUNET_CRYPTO_ecdsa_sign_ (key, | 600 | sig = ((char*) &pow[1]) + ksize; |
609 | &rp.purpose, | 601 | int result = GNUNET_IDENTITY_sign_ (key, |
610 | (void*) sig); | 602 | &rp->purpose, |
611 | 603 | (void*) sig); | |
604 | if (result == GNUNET_SYSERR) | ||
605 | return GNUNET_NO; | ||
606 | else | ||
607 | return result; | ||
612 | } | 608 | } |
613 | 609 | ||
614 | 610 | ||
@@ -620,14 +616,7 @@ sign_pow (const struct GNUNET_IDENTITY_PrivateKey *key, | |||
620 | 616 | ||
621 | pk = (struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | 617 | pk = (struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
622 | GNUNET_IDENTITY_key_get_public (key, pk); | 618 | GNUNET_IDENTITY_key_get_public (key, pk); |
623 | switch (ntohl (pk->type)) | 619 | return sign_pow_identity (key, pow); |
624 | { | ||
625 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
626 | return sign_pow_ecdsa (&key->ecdsa_key, pow); | ||
627 | default: | ||
628 | return GNUNET_NO; | ||
629 | } | ||
630 | return GNUNET_NO; | ||
631 | } | 620 | } |
632 | 621 | ||
633 | 622 | ||
@@ -777,20 +766,17 @@ size_t | |||
777 | GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow) | 766 | GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow) |
778 | { | 767 | { |
779 | size_t size; | 768 | size_t size; |
769 | size_t ksize; | ||
780 | const struct GNUNET_IDENTITY_PublicKey *pk; | 770 | const struct GNUNET_IDENTITY_PublicKey *pk; |
771 | const struct GNUNET_IDENTITY_Signature *sig; | ||
781 | 772 | ||
782 | size = sizeof (struct GNUNET_REVOCATION_PowP); | 773 | size = sizeof (struct GNUNET_REVOCATION_PowP); |
783 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | 774 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
784 | size += GNUNET_IDENTITY_key_get_length (pk); | 775 | ksize = GNUNET_IDENTITY_key_get_length (pk); |
785 | 776 | size += ksize; | |
786 | switch (ntohl (pk->type)) | 777 | sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize); |
787 | { | 778 | size += GNUNET_IDENTITY_signature_get_length (sig); |
788 | case GNUNET_IDENTITY_TYPE_ECDSA: | 779 | return size; |
789 | return size + sizeof (struct GNUNET_CRYPTO_EcdsaSignature); | ||
790 | default: | ||
791 | return 0; | ||
792 | } | ||
793 | return 0; | ||
794 | } | 780 | } |
795 | 781 | ||
796 | 782 | ||
diff --git a/src/testbed/test_testbed_api_template.conf b/src/testbed/test_testbed_api_template.conf index 255c1b766..ae0368a8b 100644 --- a/src/testbed/test_testbed_api_template.conf +++ b/src/testbed/test_testbed_api_template.conf | |||
@@ -32,7 +32,7 @@ WAN_QUOTA_IN = 3932160 | |||
32 | USE_EPHEMERAL_KEYS = NO | 32 | USE_EPHEMERAL_KEYS = NO |
33 | IMMEDIATE_START = YES | 33 | IMMEDIATE_START = YES |
34 | 34 | ||
35 | [transport-udp] | 35 | [transport-tcp] |
36 | TIMEOUT = 300 s | 36 | TIMEOUT = 300 s |
37 | 37 | ||
38 | [PATHS] | 38 | [PATHS] |