diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/identity/identity_api.c | 190 | ||||
-rw-r--r-- | src/include/gnunet_identity_service.h | 89 | ||||
-rw-r--r-- | src/include/gnunet_revocation_service.h | 7 | ||||
-rw-r--r-- | src/revocation/revocation_api.c | 57 |
4 files changed, 187 insertions, 156 deletions
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c index 6f7c5d860..f40472240 100644 --- a/src/identity/identity_api.c +++ b/src/identity/identity_api.c | |||
@@ -953,6 +953,7 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h) | |||
953 | GNUNET_free (h); | 953 | GNUNET_free (h); |
954 | } | 954 | } |
955 | 955 | ||
956 | |||
956 | ssize_t | 957 | ssize_t |
957 | private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) | 958 | private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) |
958 | { | 959 | { |
@@ -971,7 +972,6 @@ private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) | |||
971 | } | 972 | } |
972 | 973 | ||
973 | 974 | ||
974 | |||
975 | ssize_t | 975 | ssize_t |
976 | GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) | 976 | GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) |
977 | { | 977 | { |
@@ -992,106 +992,116 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) | |||
992 | 992 | ||
993 | ssize_t | 993 | ssize_t |
994 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, | 994 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, |
995 | const void* buffer, | 995 | const void*buffer, |
996 | size_t len) | 996 | size_t len) |
997 | { | 997 | { |
998 | if (len < sizeof (key->type)) | 998 | if (len < sizeof (key->type)) |
999 | return -1; | 999 | return -1; |
1000 | GNUNET_memcpy(&(key->type), buffer, sizeof (key->type)); | 1000 | GNUNET_memcpy (&(key->type), buffer, sizeof (key->type)); |
1001 | const ssize_t length = GNUNET_IDENTITY_key_get_length(key); | 1001 | const ssize_t length = GNUNET_IDENTITY_key_get_length (key); |
1002 | if (len < length) | 1002 | if (len < length) |
1003 | return -1; | 1003 | return -1; |
1004 | if (length < 0) | 1004 | if (length < 0) |
1005 | return -2; | 1005 | return -2; |
1006 | GNUNET_memcpy(&(key->ecdsa_key), buffer + sizeof (key->type), length - sizeof (key->type)); | 1006 | GNUNET_memcpy (&(key->ecdsa_key), buffer + sizeof (key->type), length |
1007 | - sizeof (key->type)); | ||
1007 | return length; | 1008 | return length; |
1008 | } | 1009 | } |
1009 | 1010 | ||
1010 | 1011 | ||
1011 | ssize_t | 1012 | ssize_t |
1012 | GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key, | 1013 | GNUNET_IDENTITY_write_key_to_buffer (const struct |
1013 | void* buffer, | 1014 | GNUNET_IDENTITY_PublicKey *key, |
1014 | size_t len) | 1015 | void*buffer, |
1016 | size_t len) | ||
1015 | { | 1017 | { |
1016 | const ssize_t length = GNUNET_IDENTITY_key_get_length(key); | 1018 | const ssize_t length = GNUNET_IDENTITY_key_get_length (key); |
1017 | if (len < length) | 1019 | if (len < length) |
1018 | return -1; | 1020 | return -1; |
1019 | if (length < 0) | 1021 | if (length < 0) |
1020 | return -2; | 1022 | return -2; |
1021 | GNUNET_memcpy(buffer, &(key->type), sizeof (key->type)); | 1023 | GNUNET_memcpy (buffer, key, length); |
1022 | GNUNET_memcpy(buffer + sizeof (key->type), &(key->ecdsa_key), length - sizeof (key->type)); | ||
1023 | return length; | 1024 | return length; |
1024 | } | 1025 | } |
1025 | 1026 | ||
1026 | 1027 | ||
1027 | ssize_t | 1028 | ssize_t |
1028 | GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig) | 1029 | GNUNET_IDENTITY_signature_get_length (const struct |
1030 | GNUNET_IDENTITY_Signature *sig) | ||
1029 | { | 1031 | { |
1030 | switch (ntohl (sig->type)) | 1032 | switch (ntohl (sig->type)) |
1031 | { | 1033 | { |
1032 | case GNUNET_IDENTITY_TYPE_ECDSA: | 1034 | case GNUNET_IDENTITY_TYPE_ECDSA: |
1033 | return sizeof (sig->type) + sizeof (sig->ecdsa_signature); | 1035 | return sizeof (sig->type) + sizeof (sig->ecdsa_signature); |
1034 | break; | 1036 | break; |
1035 | case GNUNET_IDENTITY_TYPE_EDDSA: | 1037 | case GNUNET_IDENTITY_TYPE_EDDSA: |
1036 | return sizeof (sig->type) + sizeof (sig->eddsa_signature); | 1038 | return sizeof (sig->type) + sizeof (sig->eddsa_signature); |
1037 | break; | 1039 | break; |
1038 | default: | 1040 | default: |
1039 | GNUNET_break (0); | 1041 | GNUNET_break (0); |
1040 | } | 1042 | } |
1041 | return -1; | 1043 | return -1; |
1042 | } | 1044 | } |
1043 | 1045 | ||
1044 | 1046 | ||
1045 | ssize_t | 1047 | ssize_t |
1046 | GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *sig, | 1048 | GNUNET_IDENTITY_read_signature_from_buffer (struct |
1047 | const void* buffer, | 1049 | GNUNET_IDENTITY_Signature *sig, |
1048 | size_t len) | 1050 | const void*buffer, |
1051 | size_t len) | ||
1049 | { | 1052 | { |
1050 | if (len < sizeof (sig->type)) | 1053 | if (len < sizeof (sig->type)) |
1051 | return -1; | 1054 | return -1; |
1052 | GNUNET_memcpy(&(sig->type), buffer, sizeof (sig->type)); | 1055 | GNUNET_memcpy (&(sig->type), buffer, sizeof (sig->type)); |
1053 | const ssize_t length = GNUNET_IDENTITY_signature_get_length(sig); | 1056 | const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); |
1054 | if (len < length) | 1057 | if (len < length) |
1055 | return -1; | 1058 | return -1; |
1056 | if (length < 0) | 1059 | if (length < 0) |
1057 | return -2; | 1060 | return -2; |
1058 | GNUNET_memcpy(&(sig->ecdsa_signature), buffer + sizeof (sig->type), length - sizeof (sig->type)); | 1061 | GNUNET_memcpy (&(sig->ecdsa_signature), buffer + sizeof (sig->type), length |
1062 | - sizeof (sig->type)); | ||
1059 | return length; | 1063 | return length; |
1060 | } | 1064 | } |
1061 | 1065 | ||
1062 | 1066 | ||
1063 | ssize_t | 1067 | ssize_t |
1064 | GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signature *sig, | 1068 | GNUNET_IDENTITY_write_signature_to_buffer (const struct |
1065 | void* buffer, | 1069 | GNUNET_IDENTITY_Signature *sig, |
1066 | size_t len) | 1070 | void*buffer, |
1071 | size_t len) | ||
1067 | { | 1072 | { |
1068 | const ssize_t length = GNUNET_IDENTITY_signature_get_length(sig); | 1073 | const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); |
1069 | if (len < length) | 1074 | if (len < length) |
1070 | return -1; | 1075 | return -1; |
1071 | if (length < 0) | 1076 | if (length < 0) |
1072 | return -2; | 1077 | return -2; |
1073 | GNUNET_memcpy(buffer, &(sig->type), sizeof (sig->type)); | 1078 | GNUNET_memcpy (buffer, &(sig->type), sizeof (sig->type)); |
1074 | GNUNET_memcpy(buffer + sizeof (sig->type), &(sig->ecdsa_signature), length - sizeof (sig->type)); | 1079 | GNUNET_memcpy (buffer + sizeof (sig->type), &(sig->ecdsa_signature), length |
1080 | - sizeof (sig->type)); | ||
1075 | return length; | 1081 | return length; |
1076 | } | 1082 | } |
1077 | 1083 | ||
1078 | 1084 | ||
1079 | int | 1085 | int |
1080 | GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv, | 1086 | GNUNET_IDENTITY_private_key_sign_ (const struct |
1081 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | 1087 | GNUNET_IDENTITY_PrivateKey *priv, |
1082 | struct GNUNET_IDENTITY_Signature *sig) | 1088 | const struct |
1089 | GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
1090 | struct GNUNET_IDENTITY_Signature *sig) | ||
1083 | { | 1091 | { |
1084 | sig->type = priv->type; | 1092 | sig->type = priv->type; |
1085 | switch (ntohl (priv->type)) | 1093 | switch (ntohl (priv->type)) |
1086 | { | 1094 | { |
1087 | case GNUNET_IDENTITY_TYPE_ECDSA: | 1095 | case GNUNET_IDENTITY_TYPE_ECDSA: |
1088 | return GNUNET_CRYPTO_ecdsa_sign_ (& (priv->ecdsa_key), purpose, & (sig->ecdsa_signature)); | 1096 | return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose, |
1089 | break; | 1097 | &(sig->ecdsa_signature)); |
1098 | break; | ||
1090 | case GNUNET_IDENTITY_TYPE_EDDSA: | 1099 | case GNUNET_IDENTITY_TYPE_EDDSA: |
1091 | return GNUNET_CRYPTO_eddsa_sign_ (& (priv->eddsa_key), purpose, & (sig->eddsa_signature)); | 1100 | return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose, |
1092 | break; | 1101 | &(sig->eddsa_signature)); |
1102 | break; | ||
1093 | default: | 1103 | default: |
1094 | GNUNET_break (0); | 1104 | GNUNET_break (0); |
1095 | } | 1105 | } |
1096 | 1106 | ||
1097 | return GNUNET_SYSERR; | 1107 | return GNUNET_SYSERR; |
@@ -1100,22 +1110,27 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv | |||
1100 | 1110 | ||
1101 | int | 1111 | int |
1102 | GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, | 1112 | GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, |
1103 | const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, | 1113 | const struct |
1104 | const struct GNUNET_IDENTITY_Signature *sig, | 1114 | GNUNET_CRYPTO_EccSignaturePurpose *validate, |
1105 | const struct GNUNET_IDENTITY_PublicKey *pub) | 1115 | const struct GNUNET_IDENTITY_Signature *sig, |
1116 | const struct GNUNET_IDENTITY_PublicKey *pub) | ||
1106 | { | 1117 | { |
1107 | /* check type matching of 'sig' and 'pub' */ | 1118 | /* check type matching of 'sig' and 'pub' */ |
1108 | GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); | 1119 | GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); |
1109 | switch (ntohl (pub->type)) | 1120 | switch (ntohl (pub->type)) |
1110 | { | 1121 | { |
1111 | case GNUNET_IDENTITY_TYPE_ECDSA: | 1122 | case GNUNET_IDENTITY_TYPE_ECDSA: |
1112 | return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, & (sig->ecdsa_signature), & (pub->ecdsa_key)); | 1123 | return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, |
1113 | break; | 1124 | &(sig->ecdsa_signature), |
1125 | &(pub->ecdsa_key)); | ||
1126 | break; | ||
1114 | case GNUNET_IDENTITY_TYPE_EDDSA: | 1127 | case GNUNET_IDENTITY_TYPE_EDDSA: |
1115 | return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, & (sig->eddsa_signature), & (pub->eddsa_key)); | 1128 | return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, |
1116 | break; | 1129 | &(sig->eddsa_signature), |
1130 | &(pub->eddsa_key)); | ||
1131 | break; | ||
1117 | default: | 1132 | default: |
1118 | GNUNET_break (0); | 1133 | GNUNET_break (0); |
1119 | } | 1134 | } |
1120 | 1135 | ||
1121 | return GNUNET_SYSERR; | 1136 | return GNUNET_SYSERR; |
@@ -1123,56 +1138,64 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, | |||
1123 | 1138 | ||
1124 | 1139 | ||
1125 | ssize_t | 1140 | ssize_t |
1126 | GNUNET_IDENTITY_public_key_encrypt(const void *block, | 1141 | GNUNET_IDENTITY_public_key_encrypt (const void *block, |
1127 | size_t size, | 1142 | size_t size, |
1128 | const struct GNUNET_IDENTITY_PublicKey *pub, | 1143 | const struct GNUNET_IDENTITY_PublicKey *pub, |
1129 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | 1144 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, |
1130 | void *result) | 1145 | void *result) |
1131 | { | 1146 | { |
1132 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; | 1147 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; |
1133 | GNUNET_CRYPTO_ecdhe_key_create(&pk); | 1148 | GNUNET_CRYPTO_ecdhe_key_create (&pk); |
1134 | struct GNUNET_HashCode hash; | 1149 | struct GNUNET_HashCode hash; |
1135 | switch (ntohl (pub->type)) | 1150 | switch (ntohl (pub->type)) |
1136 | { | 1151 | { |
1137 | case GNUNET_IDENTITY_TYPE_ECDSA: | 1152 | case GNUNET_IDENTITY_TYPE_ECDSA: |
1138 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa(&pk, &(pub->ecdsa_key), &hash)) | 1153 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa (&pk, &(pub->ecdsa_key), |
1154 | &hash)) | ||
1139 | return -1; | 1155 | return -1; |
1140 | break; | 1156 | break; |
1141 | case GNUNET_IDENTITY_TYPE_EDDSA: | 1157 | case GNUNET_IDENTITY_TYPE_EDDSA: |
1142 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa(&pk, &(pub->eddsa_key), &hash)) | 1158 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa (&pk, &(pub->eddsa_key), |
1159 | &hash)) | ||
1143 | return -1; | 1160 | return -1; |
1144 | break; | 1161 | break; |
1145 | default: | 1162 | default: |
1146 | return -1; | 1163 | return -1; |
1147 | } | 1164 | } |
1148 | GNUNET_CRYPTO_ecdhe_key_get_public(&pk, ecc); | 1165 | GNUNET_CRYPTO_ecdhe_key_get_public (&pk, ecc); |
1149 | GNUNET_CRYPTO_ecdhe_key_clear(&pk); | 1166 | GNUNET_CRYPTO_ecdhe_key_clear (&pk); |
1150 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | 1167 | struct GNUNET_CRYPTO_SymmetricSessionKey key; |
1151 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 1168 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
1152 | GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); | 1169 | GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); |
1153 | GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); | 1170 | GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); |
1154 | const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt(block, size, &key, &iv, result); | 1171 | const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt (block, size, &key, |
1155 | GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); | 1172 | &iv, result); |
1156 | GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); | 1173 | GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); |
1174 | GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); | ||
1157 | return encrypted; | 1175 | return encrypted; |
1158 | } | 1176 | } |
1159 | 1177 | ||
1160 | 1178 | ||
1161 | ssize_t | 1179 | ssize_t |
1162 | GNUNET_IDENTITY_private_key_decrypt(const void *block, | 1180 | GNUNET_IDENTITY_private_key_decrypt (const void *block, |
1163 | size_t size, | 1181 | size_t size, |
1164 | const struct GNUNET_IDENTITY_PrivateKey *priv, | 1182 | const struct |
1165 | const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | 1183 | GNUNET_IDENTITY_PrivateKey *priv, |
1166 | void *result) { | 1184 | const struct |
1185 | GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
1186 | void *result) | ||
1187 | { | ||
1167 | struct GNUNET_HashCode hash; | 1188 | struct GNUNET_HashCode hash; |
1168 | switch (ntohl (priv->type)) | 1189 | switch (ntohl (priv->type)) |
1169 | { | 1190 | { |
1170 | case GNUNET_IDENTITY_TYPE_ECDSA: | 1191 | case GNUNET_IDENTITY_TYPE_ECDSA: |
1171 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh(&(priv->ecdsa_key), ecc, &hash)) | 1192 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh (&(priv->ecdsa_key), ecc, |
1193 | &hash)) | ||
1172 | return -1; | 1194 | return -1; |
1173 | break; | 1195 | break; |
1174 | case GNUNET_IDENTITY_TYPE_EDDSA: | 1196 | case GNUNET_IDENTITY_TYPE_EDDSA: |
1175 | if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh(&(priv->eddsa_key), ecc, &hash)) | 1197 | if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh (&(priv->eddsa_key), ecc, |
1198 | &hash)) | ||
1176 | return -1; | 1199 | return -1; |
1177 | break; | 1200 | break; |
1178 | default: | 1201 | default: |
@@ -1180,11 +1203,12 @@ GNUNET_IDENTITY_private_key_decrypt(const void *block, | |||
1180 | } | 1203 | } |
1181 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | 1204 | struct GNUNET_CRYPTO_SymmetricSessionKey key; |
1182 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 1205 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
1183 | GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); | 1206 | GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); |
1184 | GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); | 1207 | GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); |
1185 | const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt(block, size, &key, &iv, result); | 1208 | const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt (block, size, &key, |
1186 | GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); | 1209 | &iv, result); |
1187 | GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); | 1210 | GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); |
1211 | GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); | ||
1188 | return decrypted; | 1212 | return decrypted; |
1189 | } | 1213 | } |
1190 | 1214 | ||
@@ -1222,7 +1246,7 @@ GNUNET_IDENTITY_public_key_from_string (const char *str, | |||
1222 | if (GNUNET_OK != ret) | 1246 | if (GNUNET_OK != ret) |
1223 | return GNUNET_SYSERR; | 1247 | return GNUNET_SYSERR; |
1224 | ktype = ntohl (key->type); | 1248 | ktype = ntohl (key->type); |
1225 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? | 1249 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? |
1226 | 1250 | ||
1227 | } | 1251 | } |
1228 | 1252 | ||
@@ -1240,7 +1264,7 @@ GNUNET_IDENTITY_private_key_from_string (const char *str, | |||
1240 | if (GNUNET_OK != ret) | 1264 | if (GNUNET_OK != ret) |
1241 | return GNUNET_SYSERR; | 1265 | return GNUNET_SYSERR; |
1242 | ktype = ntohl (key->type); | 1266 | ktype = ntohl (key->type); |
1243 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? | 1267 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? |
1244 | } | 1268 | } |
1245 | 1269 | ||
1246 | 1270 | ||
diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h index 66761e526..0174e52aa 100644 --- a/src/include/gnunet_identity_service.h +++ b/src/include/gnunet_identity_service.h | |||
@@ -151,9 +151,9 @@ struct GNUNET_IDENTITY_Signature | |||
151 | 151 | ||
152 | union | 152 | union |
153 | { | 153 | { |
154 | /** | 154 | /** |
155 | * An ECDSA signature | 155 | * An ECDSA signature |
156 | */ | 156 | */ |
157 | struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature; | 157 | struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature; |
158 | 158 | ||
159 | /** | 159 | /** |
@@ -419,8 +419,8 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key); | |||
419 | */ | 419 | */ |
420 | ssize_t | 420 | ssize_t |
421 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, | 421 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, |
422 | const void* buffer, | 422 | const void*buffer, |
423 | size_t len); | 423 | size_t len); |
424 | 424 | ||
425 | 425 | ||
426 | /** | 426 | /** |
@@ -436,9 +436,10 @@ GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, | |||
436 | * @return -1 or -2 on error, else the amount of bytes written to the buffer | 436 | * @return -1 or -2 on error, else the amount of bytes written to the buffer |
437 | */ | 437 | */ |
438 | ssize_t | 438 | ssize_t |
439 | GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key, | 439 | GNUNET_IDENTITY_write_key_to_buffer (const struct |
440 | void* buffer, | 440 | GNUNET_IDENTITY_PublicKey *key, |
441 | size_t len); | 441 | void*buffer, |
442 | size_t len); | ||
442 | 443 | ||
443 | 444 | ||
444 | /** | 445 | /** |
@@ -452,7 +453,8 @@ GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key | |||
452 | * @return -1 on error, else the compacted length of the signature. | 453 | * @return -1 on error, else the compacted length of the signature. |
453 | */ | 454 | */ |
454 | ssize_t | 455 | ssize_t |
455 | GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig); | 456 | GNUNET_IDENTITY_signature_get_length (const struct |
457 | GNUNET_IDENTITY_Signature *sig); | ||
456 | 458 | ||
457 | 459 | ||
458 | /** | 460 | /** |
@@ -468,9 +470,10 @@ GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *si | |||
468 | * @return -1 or -2 on error, else the amount of bytes read from the buffer | 470 | * @return -1 or -2 on error, else the amount of bytes read from the buffer |
469 | */ | 471 | */ |
470 | ssize_t | 472 | ssize_t |
471 | GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *sig, | 473 | GNUNET_IDENTITY_read_signature_from_buffer (struct |
472 | const void* buffer, | 474 | GNUNET_IDENTITY_Signature *sig, |
473 | size_t len); | 475 | const void*buffer, |
476 | size_t len); | ||
474 | 477 | ||
475 | 478 | ||
476 | /** | 479 | /** |
@@ -486,9 +489,10 @@ GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *si | |||
486 | * @return -1 or -2 on error, else the amount of bytes written to the buffer | 489 | * @return -1 or -2 on error, else the amount of bytes written to the buffer |
487 | */ | 490 | */ |
488 | ssize_t | 491 | ssize_t |
489 | GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signature *sig, | 492 | GNUNET_IDENTITY_write_signature_to_buffer (const struct |
490 | void* buffer, | 493 | GNUNET_IDENTITY_Signature *sig, |
491 | size_t len); | 494 | void*buffer, |
495 | size_t len); | ||
492 | 496 | ||
493 | 497 | ||
494 | /** | 498 | /** |
@@ -505,9 +509,11 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signatur | |||
505 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | 509 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success |
506 | */ | 510 | */ |
507 | int | 511 | int |
508 | GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv, | 512 | GNUNET_IDENTITY_private_key_sign_ (const struct |
509 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | 513 | GNUNET_IDENTITY_PrivateKey *priv, |
510 | struct GNUNET_IDENTITY_Signature *sig); | 514 | const struct |
515 | GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
516 | struct GNUNET_IDENTITY_Signature *sig); | ||
511 | 517 | ||
512 | 518 | ||
513 | /** | 519 | /** |
@@ -528,9 +534,9 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv | |||
528 | GNUNET_static_assert (((void*) (ps)) == \ | 534 | GNUNET_static_assert (((void*) (ps)) == \ |
529 | ((void*) &(ps)->purpose)); \ | 535 | ((void*) &(ps)->purpose)); \ |
530 | GNUNET_assert (GNUNET_OK == \ | 536 | GNUNET_assert (GNUNET_OK == \ |
531 | GNUNET_IDENTITY_private_key_sign_ (priv, \ | 537 | GNUNET_IDENTITY_private_key_sign_ (priv, \ |
532 | &(ps)->purpose, \ | 538 | &(ps)->purpose, \ |
533 | sig)); \ | 539 | sig)); \ |
534 | } while (0) | 540 | } while (0) |
535 | 541 | ||
536 | 542 | ||
@@ -553,9 +559,11 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv | |||
553 | */ | 559 | */ |
554 | int | 560 | int |
555 | GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, | 561 | GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, |
556 | const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, | 562 | const struct |
557 | const struct GNUNET_IDENTITY_Signature *sig, | 563 | GNUNET_CRYPTO_EccSignaturePurpose *validate, |
558 | const struct GNUNET_IDENTITY_PublicKey *pub); | 564 | const struct GNUNET_IDENTITY_Signature *sig, |
565 | const struct | ||
566 | GNUNET_IDENTITY_PublicKey *pub); | ||
559 | 567 | ||
560 | 568 | ||
561 | /** | 569 | /** |
@@ -577,10 +585,10 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, | |||
577 | /* check 'ps' begins with the purpose */ \ | 585 | /* check 'ps' begins with the purpose */ \ |
578 | GNUNET_static_assert (((void*) (ps)) == \ | 586 | GNUNET_static_assert (((void*) (ps)) == \ |
579 | ((void*) &(ps)->purpose)); \ | 587 | ((void*) &(ps)->purpose)); \ |
580 | GNUNET_IDENTITY_public_key_verify_(purp, \ | 588 | GNUNET_IDENTITY_public_key_verify_ (purp, \ |
581 | &(ps)->purpose, \ | 589 | &(ps)->purpose, \ |
582 | sig, \ | 590 | sig, \ |
583 | pub); \ | 591 | pub); \ |
584 | }) | 592 | }) |
585 | 593 | ||
586 | 594 | ||
@@ -600,11 +608,11 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, | |||
600 | * this size should be the same as @c len. | 608 | * this size should be the same as @c len. |
601 | */ | 609 | */ |
602 | ssize_t | 610 | ssize_t |
603 | GNUNET_IDENTITY_public_key_encrypt(const void *block, | 611 | GNUNET_IDENTITY_public_key_encrypt (const void *block, |
604 | size_t size, | 612 | size_t size, |
605 | const struct GNUNET_IDENTITY_PublicKey *pub, | 613 | const struct GNUNET_IDENTITY_PublicKey *pub, |
606 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | 614 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, |
607 | void *result); | 615 | void *result); |
608 | 616 | ||
609 | 617 | ||
610 | /** | 618 | /** |
@@ -622,11 +630,13 @@ GNUNET_IDENTITY_public_key_encrypt(const void *block, | |||
622 | * this size should be the same as @c size. | 630 | * this size should be the same as @c size. |
623 | */ | 631 | */ |
624 | ssize_t | 632 | ssize_t |
625 | GNUNET_IDENTITY_private_key_decrypt(const void *block, | 633 | GNUNET_IDENTITY_private_key_decrypt (const void *block, |
626 | size_t size, | 634 | size_t size, |
627 | const struct GNUNET_IDENTITY_PrivateKey *priv, | 635 | const struct |
628 | const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | 636 | GNUNET_IDENTITY_PrivateKey *priv, |
629 | void *result); | 637 | const struct |
638 | GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
639 | void *result); | ||
630 | 640 | ||
631 | 641 | ||
632 | /** | 642 | /** |
@@ -689,7 +699,8 @@ GNUNET_IDENTITY_private_key_from_string (const char*str, | |||
689 | * @return GNUNET_SYSERR on error. | 699 | * @return GNUNET_SYSERR on error. |
690 | */ | 700 | */ |
691 | enum GNUNET_GenericReturnValue | 701 | enum GNUNET_GenericReturnValue |
692 | GNUNET_IDENTITY_key_get_public (const struct GNUNET_IDENTITY_PrivateKey *privkey, | 702 | GNUNET_IDENTITY_key_get_public (const struct |
703 | GNUNET_IDENTITY_PrivateKey *privkey, | ||
693 | struct GNUNET_IDENTITY_PublicKey *key); | 704 | struct GNUNET_IDENTITY_PublicKey *key); |
694 | 705 | ||
695 | 706 | ||
diff --git a/src/include/gnunet_revocation_service.h b/src/include/gnunet_revocation_service.h index 3ad8f864b..d56116914 100644 --- a/src/include/gnunet_revocation_service.h +++ b/src/include/gnunet_revocation_service.h | |||
@@ -103,14 +103,11 @@ struct GNUNET_REVOCATION_SignaturePurposePS | |||
103 | struct GNUNET_CRYPTO_EccSignaturePurpose purpose; | 103 | struct GNUNET_CRYPTO_EccSignaturePurpose purpose; |
104 | 104 | ||
105 | /** | 105 | /** |
106 | * The revoked public key | ||
107 | */ | ||
108 | struct GNUNET_IDENTITY_PublicKey key; | ||
109 | |||
110 | /** | ||
111 | * The timestamp of the revocation | 106 | * The timestamp of the revocation |
112 | */ | 107 | */ |
113 | struct GNUNET_TIME_AbsoluteNBO timestamp; | 108 | struct GNUNET_TIME_AbsoluteNBO timestamp; |
109 | |||
110 | /** Followed by the zone public key type and key **/ | ||
114 | }; | 111 | }; |
115 | 112 | ||
116 | GNUNET_NETWORK_STRUCT_END | 113 | GNUNET_NETWORK_STRUCT_END |
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index ee0150064..44c42ae49 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c | |||
@@ -426,7 +426,7 @@ enum GNUNET_GenericReturnValue | |||
426 | check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, | 426 | check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, |
427 | const struct GNUNET_IDENTITY_PublicKey *key) | 427 | const struct GNUNET_IDENTITY_PublicKey *key) |
428 | { | 428 | { |
429 | struct GNUNET_REVOCATION_SignaturePurposePS spurp; | 429 | struct GNUNET_REVOCATION_SignaturePurposePS *spurp; |
430 | struct GNUNET_IDENTITY_Signature *sig; | 430 | struct GNUNET_IDENTITY_Signature *sig; |
431 | const struct GNUNET_IDENTITY_PublicKey *pk; | 431 | const struct GNUNET_IDENTITY_PublicKey *pk; |
432 | size_t ksize; | 432 | size_t ksize; |
@@ -434,19 +434,20 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, | |||
434 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | 434 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
435 | ksize = GNUNET_IDENTITY_key_get_length (pk); | 435 | ksize = GNUNET_IDENTITY_key_get_length (pk); |
436 | 436 | ||
437 | spurp.key = *pk; | 437 | spurp = GNUNET_malloc (sizeof (*spurp) + ksize); |
438 | spurp.timestamp = pow->timestamp; | 438 | spurp->timestamp = pow->timestamp; |
439 | spurp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); | 439 | spurp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); |
440 | spurp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 440 | spurp->purpose.size = htonl (sizeof(*spurp) + ksize); |
441 | + GNUNET_IDENTITY_key_get_length (pk) | 441 | GNUNET_IDENTITY_write_key_to_buffer (pk, |
442 | + sizeof (struct GNUNET_TIME_AbsoluteNBO)); | 442 | (char*) &spurp[1], |
443 | ksize); | ||
443 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 444 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
444 | "Expected signature payload len: %u\n", | 445 | "Expected signature payload len: %u\n", |
445 | ntohl (spurp.purpose.size)); | 446 | ntohl (spurp->purpose.size)); |
446 | sig = (struct GNUNET_CRYPTO_EcdsaSignature *) ((char*)&pow[1] + ksize); | 447 | sig = (struct GNUNET_IDENTITY_Signature *) ((char*)&pow[1] + ksize); |
447 | if (GNUNET_OK != | 448 | if (GNUNET_OK != |
448 | GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, | 449 | GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, |
449 | &spurp.purpose, | 450 | &spurp->purpose, |
450 | sig, | 451 | sig, |
451 | key)) | 452 | key)) |
452 | { | 453 | { |
@@ -572,7 +573,7 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, | |||
572 | struct GNUNET_REVOCATION_PowP *pow) | 573 | struct GNUNET_REVOCATION_PowP *pow) |
573 | { | 574 | { |
574 | struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); | 575 | struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); |
575 | struct GNUNET_REVOCATION_SignaturePurposePS rp; | 576 | struct GNUNET_REVOCATION_SignaturePurposePS *rp; |
576 | const struct GNUNET_IDENTITY_PublicKey *pk; | 577 | const struct GNUNET_IDENTITY_PublicKey *pk; |
577 | size_t ksize; | 578 | size_t ksize; |
578 | char *sig; | 579 | char *sig; |
@@ -586,18 +587,19 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, | |||
586 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | 587 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
587 | ksize = GNUNET_IDENTITY_key_get_length (pk); | 588 | ksize = GNUNET_IDENTITY_key_get_length (pk); |
588 | pow->timestamp = GNUNET_TIME_absolute_hton (ts); | 589 | pow->timestamp = GNUNET_TIME_absolute_hton (ts); |
589 | rp.timestamp = pow->timestamp; | 590 | rp = GNUNET_malloc (sizeof (*rp) + ksize); |
590 | rp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); | 591 | rp->timestamp = pow->timestamp; |
591 | rp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 592 | rp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); |
592 | + ksize | 593 | rp->purpose.size = htonl (sizeof(*rp) + ksize); |
593 | + sizeof (struct GNUNET_TIME_AbsoluteNBO)); | ||
594 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 594 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
595 | "Signature payload len: %u\n", | 595 | "Signature payload len: %u\n", |
596 | ntohl (rp.purpose.size)); | 596 | ntohl (rp->purpose.size)); |
597 | rp.key = *pk; | 597 | GNUNET_IDENTITY_write_key_to_buffer (pk, |
598 | ((char*)&rp[1]), | ||
599 | ksize); | ||
598 | sig = ((char*)&pow[1]) + ksize; | 600 | sig = ((char*)&pow[1]) + ksize; |
599 | int result = GNUNET_IDENTITY_private_key_sign_ (key, | 601 | int result = GNUNET_IDENTITY_private_key_sign_ (key, |
600 | &rp.purpose, | 602 | &rp->purpose, |
601 | (void*) sig); | 603 | (void*) sig); |
602 | if (result == GNUNET_SYSERR) return GNUNET_NO; | 604 | if (result == GNUNET_SYSERR) return GNUNET_NO; |
603 | else return result; | 605 | else return result; |
@@ -762,20 +764,17 @@ size_t | |||
762 | GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow) | 764 | GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow) |
763 | { | 765 | { |
764 | size_t size; | 766 | size_t size; |
767 | size_t ksize; | ||
765 | const struct GNUNET_IDENTITY_PublicKey *pk; | 768 | const struct GNUNET_IDENTITY_PublicKey *pk; |
769 | const struct GNUNET_IDENTITY_Signature *sig; | ||
766 | 770 | ||
767 | size = sizeof (struct GNUNET_REVOCATION_PowP); | 771 | size = sizeof (struct GNUNET_REVOCATION_PowP); |
768 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | 772 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
769 | size += GNUNET_IDENTITY_key_get_length (pk); | 773 | ksize = GNUNET_IDENTITY_key_get_length (pk); |
770 | 774 | size += ksize; | |
771 | switch (ntohl (pk->type)) | 775 | sig = (struct GNUNET_IDENTITY_Signature *) ((char*)&pow[1] + ksize); |
772 | { | 776 | size += GNUNET_IDENTITY_signature_get_length (sig); |
773 | case GNUNET_IDENTITY_TYPE_ECDSA: | 777 | return size; |
774 | return size + sizeof (struct GNUNET_CRYPTO_EcdsaSignature); | ||
775 | default: | ||
776 | return 0; | ||
777 | } | ||
778 | return 0; | ||
779 | } | 778 | } |
780 | 779 | ||
781 | 780 | ||