aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/identity/identity_api.c190
-rw-r--r--src/include/gnunet_identity_service.h89
-rw-r--r--src/include/gnunet_revocation_service.h7
-rw-r--r--src/revocation/revocation_api.c57
4 files changed, 187 insertions, 156 deletions
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c
index 6f7c5d860..f40472240 100644
--- a/src/identity/identity_api.c
+++ b/src/identity/identity_api.c
@@ -953,6 +953,7 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h)
953 GNUNET_free (h); 953 GNUNET_free (h);
954} 954}
955 955
956
956ssize_t 957ssize_t
957private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) 958private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key)
958{ 959{
@@ -971,7 +972,6 @@ private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key)
971} 972}
972 973
973 974
974
975ssize_t 975ssize_t
976GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) 976GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key)
977{ 977{
@@ -992,106 +992,116 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key)
992 992
993ssize_t 993ssize_t
994GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, 994GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key,
995 const void* buffer, 995 const void*buffer,
996 size_t len) 996 size_t len)
997{ 997{
998 if (len < sizeof (key->type)) 998 if (len < sizeof (key->type))
999 return -1; 999 return -1;
1000 GNUNET_memcpy(&(key->type), buffer, sizeof (key->type)); 1000 GNUNET_memcpy (&(key->type), buffer, sizeof (key->type));
1001 const ssize_t length = GNUNET_IDENTITY_key_get_length(key); 1001 const ssize_t length = GNUNET_IDENTITY_key_get_length (key);
1002 if (len < length) 1002 if (len < length)
1003 return -1; 1003 return -1;
1004 if (length < 0) 1004 if (length < 0)
1005 return -2; 1005 return -2;
1006 GNUNET_memcpy(&(key->ecdsa_key), buffer + sizeof (key->type), length - sizeof (key->type)); 1006 GNUNET_memcpy (&(key->ecdsa_key), buffer + sizeof (key->type), length
1007 - sizeof (key->type));
1007 return length; 1008 return length;
1008} 1009}
1009 1010
1010 1011
1011ssize_t 1012ssize_t
1012GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key, 1013GNUNET_IDENTITY_write_key_to_buffer (const struct
1013 void* buffer, 1014 GNUNET_IDENTITY_PublicKey *key,
1014 size_t len) 1015 void*buffer,
1016 size_t len)
1015{ 1017{
1016 const ssize_t length = GNUNET_IDENTITY_key_get_length(key); 1018 const ssize_t length = GNUNET_IDENTITY_key_get_length (key);
1017 if (len < length) 1019 if (len < length)
1018 return -1; 1020 return -1;
1019 if (length < 0) 1021 if (length < 0)
1020 return -2; 1022 return -2;
1021 GNUNET_memcpy(buffer, &(key->type), sizeof (key->type)); 1023 GNUNET_memcpy (buffer, key, length);
1022 GNUNET_memcpy(buffer + sizeof (key->type), &(key->ecdsa_key), length - sizeof (key->type));
1023 return length; 1024 return length;
1024} 1025}
1025 1026
1026 1027
1027ssize_t 1028ssize_t
1028GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig) 1029GNUNET_IDENTITY_signature_get_length (const struct
1030 GNUNET_IDENTITY_Signature *sig)
1029{ 1031{
1030 switch (ntohl (sig->type)) 1032 switch (ntohl (sig->type))
1031 { 1033 {
1032 case GNUNET_IDENTITY_TYPE_ECDSA: 1034 case GNUNET_IDENTITY_TYPE_ECDSA:
1033 return sizeof (sig->type) + sizeof (sig->ecdsa_signature); 1035 return sizeof (sig->type) + sizeof (sig->ecdsa_signature);
1034 break; 1036 break;
1035 case GNUNET_IDENTITY_TYPE_EDDSA: 1037 case GNUNET_IDENTITY_TYPE_EDDSA:
1036 return sizeof (sig->type) + sizeof (sig->eddsa_signature); 1038 return sizeof (sig->type) + sizeof (sig->eddsa_signature);
1037 break; 1039 break;
1038 default: 1040 default:
1039 GNUNET_break (0); 1041 GNUNET_break (0);
1040 } 1042 }
1041 return -1; 1043 return -1;
1042} 1044}
1043 1045
1044 1046
1045ssize_t 1047ssize_t
1046GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *sig, 1048GNUNET_IDENTITY_read_signature_from_buffer (struct
1047 const void* buffer, 1049 GNUNET_IDENTITY_Signature *sig,
1048 size_t len) 1050 const void*buffer,
1051 size_t len)
1049{ 1052{
1050 if (len < sizeof (sig->type)) 1053 if (len < sizeof (sig->type))
1051 return -1; 1054 return -1;
1052 GNUNET_memcpy(&(sig->type), buffer, sizeof (sig->type)); 1055 GNUNET_memcpy (&(sig->type), buffer, sizeof (sig->type));
1053 const ssize_t length = GNUNET_IDENTITY_signature_get_length(sig); 1056 const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig);
1054 if (len < length) 1057 if (len < length)
1055 return -1; 1058 return -1;
1056 if (length < 0) 1059 if (length < 0)
1057 return -2; 1060 return -2;
1058 GNUNET_memcpy(&(sig->ecdsa_signature), buffer + sizeof (sig->type), length - sizeof (sig->type)); 1061 GNUNET_memcpy (&(sig->ecdsa_signature), buffer + sizeof (sig->type), length
1062 - sizeof (sig->type));
1059 return length; 1063 return length;
1060} 1064}
1061 1065
1062 1066
1063ssize_t 1067ssize_t
1064GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signature *sig, 1068GNUNET_IDENTITY_write_signature_to_buffer (const struct
1065 void* buffer, 1069 GNUNET_IDENTITY_Signature *sig,
1066 size_t len) 1070 void*buffer,
1071 size_t len)
1067{ 1072{
1068 const ssize_t length = GNUNET_IDENTITY_signature_get_length(sig); 1073 const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig);
1069 if (len < length) 1074 if (len < length)
1070 return -1; 1075 return -1;
1071 if (length < 0) 1076 if (length < 0)
1072 return -2; 1077 return -2;
1073 GNUNET_memcpy(buffer, &(sig->type), sizeof (sig->type)); 1078 GNUNET_memcpy (buffer, &(sig->type), sizeof (sig->type));
1074 GNUNET_memcpy(buffer + sizeof (sig->type), &(sig->ecdsa_signature), length - sizeof (sig->type)); 1079 GNUNET_memcpy (buffer + sizeof (sig->type), &(sig->ecdsa_signature), length
1080 - sizeof (sig->type));
1075 return length; 1081 return length;
1076} 1082}
1077 1083
1078 1084
1079int 1085int
1080GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv, 1086GNUNET_IDENTITY_private_key_sign_ (const struct
1081 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, 1087 GNUNET_IDENTITY_PrivateKey *priv,
1082 struct GNUNET_IDENTITY_Signature *sig) 1088 const struct
1089 GNUNET_CRYPTO_EccSignaturePurpose *purpose,
1090 struct GNUNET_IDENTITY_Signature *sig)
1083{ 1091{
1084 sig->type = priv->type; 1092 sig->type = priv->type;
1085 switch (ntohl (priv->type)) 1093 switch (ntohl (priv->type))
1086 { 1094 {
1087 case GNUNET_IDENTITY_TYPE_ECDSA: 1095 case GNUNET_IDENTITY_TYPE_ECDSA:
1088 return GNUNET_CRYPTO_ecdsa_sign_ (& (priv->ecdsa_key), purpose, & (sig->ecdsa_signature)); 1096 return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose,
1089 break; 1097 &(sig->ecdsa_signature));
1098 break;
1090 case GNUNET_IDENTITY_TYPE_EDDSA: 1099 case GNUNET_IDENTITY_TYPE_EDDSA:
1091 return GNUNET_CRYPTO_eddsa_sign_ (& (priv->eddsa_key), purpose, & (sig->eddsa_signature)); 1100 return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose,
1092 break; 1101 &(sig->eddsa_signature));
1102 break;
1093 default: 1103 default:
1094 GNUNET_break (0); 1104 GNUNET_break (0);
1095 } 1105 }
1096 1106
1097 return GNUNET_SYSERR; 1107 return GNUNET_SYSERR;
@@ -1100,22 +1110,27 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv
1100 1110
1101int 1111int
1102GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, 1112GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose,
1103 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, 1113 const struct
1104 const struct GNUNET_IDENTITY_Signature *sig, 1114 GNUNET_CRYPTO_EccSignaturePurpose *validate,
1105 const struct GNUNET_IDENTITY_PublicKey *pub) 1115 const struct GNUNET_IDENTITY_Signature *sig,
1116 const struct GNUNET_IDENTITY_PublicKey *pub)
1106{ 1117{
1107 /* check type matching of 'sig' and 'pub' */ 1118 /* check type matching of 'sig' and 'pub' */
1108 GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); 1119 GNUNET_assert (ntohl (pub->type) == ntohl (sig->type));
1109 switch (ntohl (pub->type)) 1120 switch (ntohl (pub->type))
1110 { 1121 {
1111 case GNUNET_IDENTITY_TYPE_ECDSA: 1122 case GNUNET_IDENTITY_TYPE_ECDSA:
1112 return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, & (sig->ecdsa_signature), & (pub->ecdsa_key)); 1123 return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate,
1113 break; 1124 &(sig->ecdsa_signature),
1125 &(pub->ecdsa_key));
1126 break;
1114 case GNUNET_IDENTITY_TYPE_EDDSA: 1127 case GNUNET_IDENTITY_TYPE_EDDSA:
1115 return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, & (sig->eddsa_signature), & (pub->eddsa_key)); 1128 return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate,
1116 break; 1129 &(sig->eddsa_signature),
1130 &(pub->eddsa_key));
1131 break;
1117 default: 1132 default:
1118 GNUNET_break (0); 1133 GNUNET_break (0);
1119 } 1134 }
1120 1135
1121 return GNUNET_SYSERR; 1136 return GNUNET_SYSERR;
@@ -1123,56 +1138,64 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose,
1123 1138
1124 1139
1125ssize_t 1140ssize_t
1126GNUNET_IDENTITY_public_key_encrypt(const void *block, 1141GNUNET_IDENTITY_public_key_encrypt (const void *block,
1127 size_t size, 1142 size_t size,
1128 const struct GNUNET_IDENTITY_PublicKey *pub, 1143 const struct GNUNET_IDENTITY_PublicKey *pub,
1129 struct GNUNET_CRYPTO_EcdhePublicKey *ecc, 1144 struct GNUNET_CRYPTO_EcdhePublicKey *ecc,
1130 void *result) 1145 void *result)
1131{ 1146{
1132 struct GNUNET_CRYPTO_EcdhePrivateKey pk; 1147 struct GNUNET_CRYPTO_EcdhePrivateKey pk;
1133 GNUNET_CRYPTO_ecdhe_key_create(&pk); 1148 GNUNET_CRYPTO_ecdhe_key_create (&pk);
1134 struct GNUNET_HashCode hash; 1149 struct GNUNET_HashCode hash;
1135 switch (ntohl (pub->type)) 1150 switch (ntohl (pub->type))
1136 { 1151 {
1137 case GNUNET_IDENTITY_TYPE_ECDSA: 1152 case GNUNET_IDENTITY_TYPE_ECDSA:
1138 if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa(&pk, &(pub->ecdsa_key), &hash)) 1153 if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa (&pk, &(pub->ecdsa_key),
1154 &hash))
1139 return -1; 1155 return -1;
1140 break; 1156 break;
1141 case GNUNET_IDENTITY_TYPE_EDDSA: 1157 case GNUNET_IDENTITY_TYPE_EDDSA:
1142 if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa(&pk, &(pub->eddsa_key), &hash)) 1158 if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa (&pk, &(pub->eddsa_key),
1159 &hash))
1143 return -1; 1160 return -1;
1144 break; 1161 break;
1145 default: 1162 default:
1146 return -1; 1163 return -1;
1147 } 1164 }
1148 GNUNET_CRYPTO_ecdhe_key_get_public(&pk, ecc); 1165 GNUNET_CRYPTO_ecdhe_key_get_public (&pk, ecc);
1149 GNUNET_CRYPTO_ecdhe_key_clear(&pk); 1166 GNUNET_CRYPTO_ecdhe_key_clear (&pk);
1150 struct GNUNET_CRYPTO_SymmetricSessionKey key; 1167 struct GNUNET_CRYPTO_SymmetricSessionKey key;
1151 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 1168 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1152 GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); 1169 GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv);
1153 GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); 1170 GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash));
1154 const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt(block, size, &key, &iv, result); 1171 const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt (block, size, &key,
1155 GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); 1172 &iv, result);
1156 GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); 1173 GNUNET_CRYPTO_zero_keys (&key, sizeof(key));
1174 GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv));
1157 return encrypted; 1175 return encrypted;
1158} 1176}
1159 1177
1160 1178
1161ssize_t 1179ssize_t
1162GNUNET_IDENTITY_private_key_decrypt(const void *block, 1180GNUNET_IDENTITY_private_key_decrypt (const void *block,
1163 size_t size, 1181 size_t size,
1164 const struct GNUNET_IDENTITY_PrivateKey *priv, 1182 const struct
1165 const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, 1183 GNUNET_IDENTITY_PrivateKey *priv,
1166 void *result) { 1184 const struct
1185 GNUNET_CRYPTO_EcdhePublicKey *ecc,
1186 void *result)
1187{
1167 struct GNUNET_HashCode hash; 1188 struct GNUNET_HashCode hash;
1168 switch (ntohl (priv->type)) 1189 switch (ntohl (priv->type))
1169 { 1190 {
1170 case GNUNET_IDENTITY_TYPE_ECDSA: 1191 case GNUNET_IDENTITY_TYPE_ECDSA:
1171 if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh(&(priv->ecdsa_key), ecc, &hash)) 1192 if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh (&(priv->ecdsa_key), ecc,
1193 &hash))
1172 return -1; 1194 return -1;
1173 break; 1195 break;
1174 case GNUNET_IDENTITY_TYPE_EDDSA: 1196 case GNUNET_IDENTITY_TYPE_EDDSA:
1175 if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh(&(priv->eddsa_key), ecc, &hash)) 1197 if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh (&(priv->eddsa_key), ecc,
1198 &hash))
1176 return -1; 1199 return -1;
1177 break; 1200 break;
1178 default: 1201 default:
@@ -1180,11 +1203,12 @@ GNUNET_IDENTITY_private_key_decrypt(const void *block,
1180 } 1203 }
1181 struct GNUNET_CRYPTO_SymmetricSessionKey key; 1204 struct GNUNET_CRYPTO_SymmetricSessionKey key;
1182 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 1205 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1183 GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); 1206 GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv);
1184 GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); 1207 GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash));
1185 const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt(block, size, &key, &iv, result); 1208 const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt (block, size, &key,
1186 GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); 1209 &iv, result);
1187 GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); 1210 GNUNET_CRYPTO_zero_keys (&key, sizeof(key));
1211 GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv));
1188 return decrypted; 1212 return decrypted;
1189} 1213}
1190 1214
@@ -1222,7 +1246,7 @@ GNUNET_IDENTITY_public_key_from_string (const char *str,
1222 if (GNUNET_OK != ret) 1246 if (GNUNET_OK != ret)
1223 return GNUNET_SYSERR; 1247 return GNUNET_SYSERR;
1224 ktype = ntohl (key->type); 1248 ktype = ntohl (key->type);
1225 return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? 1249 return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way?
1226 1250
1227} 1251}
1228 1252
@@ -1240,7 +1264,7 @@ GNUNET_IDENTITY_private_key_from_string (const char *str,
1240 if (GNUNET_OK != ret) 1264 if (GNUNET_OK != ret)
1241 return GNUNET_SYSERR; 1265 return GNUNET_SYSERR;
1242 ktype = ntohl (key->type); 1266 ktype = ntohl (key->type);
1243 return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? 1267 return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way?
1244} 1268}
1245 1269
1246 1270
diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h
index 66761e526..0174e52aa 100644
--- a/src/include/gnunet_identity_service.h
+++ b/src/include/gnunet_identity_service.h
@@ -151,9 +151,9 @@ struct GNUNET_IDENTITY_Signature
151 151
152 union 152 union
153 { 153 {
154 /** 154 /**
155 * An ECDSA signature 155 * An ECDSA signature
156 */ 156 */
157 struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature; 157 struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature;
158 158
159 /** 159 /**
@@ -419,8 +419,8 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key);
419 */ 419 */
420ssize_t 420ssize_t
421GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, 421GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key,
422 const void* buffer, 422 const void*buffer,
423 size_t len); 423 size_t len);
424 424
425 425
426/** 426/**
@@ -436,9 +436,10 @@ GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key,
436 * @return -1 or -2 on error, else the amount of bytes written to the buffer 436 * @return -1 or -2 on error, else the amount of bytes written to the buffer
437 */ 437 */
438ssize_t 438ssize_t
439GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key, 439GNUNET_IDENTITY_write_key_to_buffer (const struct
440 void* buffer, 440 GNUNET_IDENTITY_PublicKey *key,
441 size_t len); 441 void*buffer,
442 size_t len);
442 443
443 444
444/** 445/**
@@ -452,7 +453,8 @@ GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key
452 * @return -1 on error, else the compacted length of the signature. 453 * @return -1 on error, else the compacted length of the signature.
453 */ 454 */
454ssize_t 455ssize_t
455GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig); 456GNUNET_IDENTITY_signature_get_length (const struct
457 GNUNET_IDENTITY_Signature *sig);
456 458
457 459
458/** 460/**
@@ -468,9 +470,10 @@ GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *si
468 * @return -1 or -2 on error, else the amount of bytes read from the buffer 470 * @return -1 or -2 on error, else the amount of bytes read from the buffer
469 */ 471 */
470ssize_t 472ssize_t
471GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *sig, 473GNUNET_IDENTITY_read_signature_from_buffer (struct
472 const void* buffer, 474 GNUNET_IDENTITY_Signature *sig,
473 size_t len); 475 const void*buffer,
476 size_t len);
474 477
475 478
476/** 479/**
@@ -486,9 +489,10 @@ GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *si
486 * @return -1 or -2 on error, else the amount of bytes written to the buffer 489 * @return -1 or -2 on error, else the amount of bytes written to the buffer
487 */ 490 */
488ssize_t 491ssize_t
489GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signature *sig, 492GNUNET_IDENTITY_write_signature_to_buffer (const struct
490 void* buffer, 493 GNUNET_IDENTITY_Signature *sig,
491 size_t len); 494 void*buffer,
495 size_t len);
492 496
493 497
494/** 498/**
@@ -505,9 +509,11 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signatur
505 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 509 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
506 */ 510 */
507int 511int
508GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv, 512GNUNET_IDENTITY_private_key_sign_ (const struct
509 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, 513 GNUNET_IDENTITY_PrivateKey *priv,
510 struct GNUNET_IDENTITY_Signature *sig); 514 const struct
515 GNUNET_CRYPTO_EccSignaturePurpose *purpose,
516 struct GNUNET_IDENTITY_Signature *sig);
511 517
512 518
513/** 519/**
@@ -528,9 +534,9 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv
528 GNUNET_static_assert (((void*) (ps)) == \ 534 GNUNET_static_assert (((void*) (ps)) == \
529 ((void*) &(ps)->purpose)); \ 535 ((void*) &(ps)->purpose)); \
530 GNUNET_assert (GNUNET_OK == \ 536 GNUNET_assert (GNUNET_OK == \
531 GNUNET_IDENTITY_private_key_sign_ (priv, \ 537 GNUNET_IDENTITY_private_key_sign_ (priv, \
532 &(ps)->purpose, \ 538 &(ps)->purpose, \
533 sig)); \ 539 sig)); \
534} while (0) 540} while (0)
535 541
536 542
@@ -553,9 +559,11 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv
553 */ 559 */
554int 560int
555GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, 561GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose,
556 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, 562 const struct
557 const struct GNUNET_IDENTITY_Signature *sig, 563 GNUNET_CRYPTO_EccSignaturePurpose *validate,
558 const struct GNUNET_IDENTITY_PublicKey *pub); 564 const struct GNUNET_IDENTITY_Signature *sig,
565 const struct
566 GNUNET_IDENTITY_PublicKey *pub);
559 567
560 568
561/** 569/**
@@ -577,10 +585,10 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose,
577 /* check 'ps' begins with the purpose */ \ 585 /* check 'ps' begins with the purpose */ \
578 GNUNET_static_assert (((void*) (ps)) == \ 586 GNUNET_static_assert (((void*) (ps)) == \
579 ((void*) &(ps)->purpose)); \ 587 ((void*) &(ps)->purpose)); \
580 GNUNET_IDENTITY_public_key_verify_(purp, \ 588 GNUNET_IDENTITY_public_key_verify_ (purp, \
581 &(ps)->purpose, \ 589 &(ps)->purpose, \
582 sig, \ 590 sig, \
583 pub); \ 591 pub); \
584 }) 592 })
585 593
586 594
@@ -600,11 +608,11 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose,
600 * this size should be the same as @c len. 608 * this size should be the same as @c len.
601 */ 609 */
602ssize_t 610ssize_t
603GNUNET_IDENTITY_public_key_encrypt(const void *block, 611GNUNET_IDENTITY_public_key_encrypt (const void *block,
604 size_t size, 612 size_t size,
605 const struct GNUNET_IDENTITY_PublicKey *pub, 613 const struct GNUNET_IDENTITY_PublicKey *pub,
606 struct GNUNET_CRYPTO_EcdhePublicKey *ecc, 614 struct GNUNET_CRYPTO_EcdhePublicKey *ecc,
607 void *result); 615 void *result);
608 616
609 617
610/** 618/**
@@ -622,11 +630,13 @@ GNUNET_IDENTITY_public_key_encrypt(const void *block,
622 * this size should be the same as @c size. 630 * this size should be the same as @c size.
623 */ 631 */
624ssize_t 632ssize_t
625GNUNET_IDENTITY_private_key_decrypt(const void *block, 633GNUNET_IDENTITY_private_key_decrypt (const void *block,
626 size_t size, 634 size_t size,
627 const struct GNUNET_IDENTITY_PrivateKey *priv, 635 const struct
628 const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, 636 GNUNET_IDENTITY_PrivateKey *priv,
629 void *result); 637 const struct
638 GNUNET_CRYPTO_EcdhePublicKey *ecc,
639 void *result);
630 640
631 641
632/** 642/**
@@ -689,7 +699,8 @@ GNUNET_IDENTITY_private_key_from_string (const char*str,
689 * @return GNUNET_SYSERR on error. 699 * @return GNUNET_SYSERR on error.
690 */ 700 */
691enum GNUNET_GenericReturnValue 701enum GNUNET_GenericReturnValue
692GNUNET_IDENTITY_key_get_public (const struct GNUNET_IDENTITY_PrivateKey *privkey, 702GNUNET_IDENTITY_key_get_public (const struct
703 GNUNET_IDENTITY_PrivateKey *privkey,
693 struct GNUNET_IDENTITY_PublicKey *key); 704 struct GNUNET_IDENTITY_PublicKey *key);
694 705
695 706
diff --git a/src/include/gnunet_revocation_service.h b/src/include/gnunet_revocation_service.h
index 3ad8f864b..d56116914 100644
--- a/src/include/gnunet_revocation_service.h
+++ b/src/include/gnunet_revocation_service.h
@@ -103,14 +103,11 @@ struct GNUNET_REVOCATION_SignaturePurposePS
103 struct GNUNET_CRYPTO_EccSignaturePurpose purpose; 103 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
104 104
105 /** 105 /**
106 * The revoked public key
107 */
108 struct GNUNET_IDENTITY_PublicKey key;
109
110 /**
111 * The timestamp of the revocation 106 * The timestamp of the revocation
112 */ 107 */
113 struct GNUNET_TIME_AbsoluteNBO timestamp; 108 struct GNUNET_TIME_AbsoluteNBO timestamp;
109
110 /** Followed by the zone public key type and key **/
114}; 111};
115 112
116GNUNET_NETWORK_STRUCT_END 113GNUNET_NETWORK_STRUCT_END
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c
index ee0150064..44c42ae49 100644
--- a/src/revocation/revocation_api.c
+++ b/src/revocation/revocation_api.c
@@ -426,7 +426,7 @@ enum GNUNET_GenericReturnValue
426check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, 426check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow,
427 const struct GNUNET_IDENTITY_PublicKey *key) 427 const struct GNUNET_IDENTITY_PublicKey *key)
428{ 428{
429 struct GNUNET_REVOCATION_SignaturePurposePS spurp; 429 struct GNUNET_REVOCATION_SignaturePurposePS *spurp;
430 struct GNUNET_IDENTITY_Signature *sig; 430 struct GNUNET_IDENTITY_Signature *sig;
431 const struct GNUNET_IDENTITY_PublicKey *pk; 431 const struct GNUNET_IDENTITY_PublicKey *pk;
432 size_t ksize; 432 size_t ksize;
@@ -434,19 +434,20 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow,
434 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; 434 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1];
435 ksize = GNUNET_IDENTITY_key_get_length (pk); 435 ksize = GNUNET_IDENTITY_key_get_length (pk);
436 436
437 spurp.key = *pk; 437 spurp = GNUNET_malloc (sizeof (*spurp) + ksize);
438 spurp.timestamp = pow->timestamp; 438 spurp->timestamp = pow->timestamp;
439 spurp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); 439 spurp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION);
440 spurp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) 440 spurp->purpose.size = htonl (sizeof(*spurp) + ksize);
441 + GNUNET_IDENTITY_key_get_length (pk) 441 GNUNET_IDENTITY_write_key_to_buffer (pk,
442 + sizeof (struct GNUNET_TIME_AbsoluteNBO)); 442 (char*) &spurp[1],
443 ksize);
443 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 444 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
444 "Expected signature payload len: %u\n", 445 "Expected signature payload len: %u\n",
445 ntohl (spurp.purpose.size)); 446 ntohl (spurp->purpose.size));
446 sig = (struct GNUNET_CRYPTO_EcdsaSignature *) ((char*)&pow[1] + ksize); 447 sig = (struct GNUNET_IDENTITY_Signature *) ((char*)&pow[1] + ksize);
447 if (GNUNET_OK != 448 if (GNUNET_OK !=
448 GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, 449 GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION,
449 &spurp.purpose, 450 &spurp->purpose,
450 sig, 451 sig,
451 key)) 452 key))
452 { 453 {
@@ -572,7 +573,7 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key,
572 struct GNUNET_REVOCATION_PowP *pow) 573 struct GNUNET_REVOCATION_PowP *pow)
573{ 574{
574 struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); 575 struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get ();
575 struct GNUNET_REVOCATION_SignaturePurposePS rp; 576 struct GNUNET_REVOCATION_SignaturePurposePS *rp;
576 const struct GNUNET_IDENTITY_PublicKey *pk; 577 const struct GNUNET_IDENTITY_PublicKey *pk;
577 size_t ksize; 578 size_t ksize;
578 char *sig; 579 char *sig;
@@ -586,18 +587,19 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key,
586 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; 587 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1];
587 ksize = GNUNET_IDENTITY_key_get_length (pk); 588 ksize = GNUNET_IDENTITY_key_get_length (pk);
588 pow->timestamp = GNUNET_TIME_absolute_hton (ts); 589 pow->timestamp = GNUNET_TIME_absolute_hton (ts);
589 rp.timestamp = pow->timestamp; 590 rp = GNUNET_malloc (sizeof (*rp) + ksize);
590 rp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); 591 rp->timestamp = pow->timestamp;
591 rp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) 592 rp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION);
592 + ksize 593 rp->purpose.size = htonl (sizeof(*rp) + ksize);
593 + sizeof (struct GNUNET_TIME_AbsoluteNBO));
594 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 594 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
595 "Signature payload len: %u\n", 595 "Signature payload len: %u\n",
596 ntohl (rp.purpose.size)); 596 ntohl (rp->purpose.size));
597 rp.key = *pk; 597 GNUNET_IDENTITY_write_key_to_buffer (pk,
598 ((char*)&rp[1]),
599 ksize);
598 sig = ((char*)&pow[1]) + ksize; 600 sig = ((char*)&pow[1]) + ksize;
599 int result = GNUNET_IDENTITY_private_key_sign_ (key, 601 int result = GNUNET_IDENTITY_private_key_sign_ (key,
600 &rp.purpose, 602 &rp->purpose,
601 (void*) sig); 603 (void*) sig);
602 if (result == GNUNET_SYSERR) return GNUNET_NO; 604 if (result == GNUNET_SYSERR) return GNUNET_NO;
603 else return result; 605 else return result;
@@ -762,20 +764,17 @@ size_t
762GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow) 764GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow)
763{ 765{
764 size_t size; 766 size_t size;
767 size_t ksize;
765 const struct GNUNET_IDENTITY_PublicKey *pk; 768 const struct GNUNET_IDENTITY_PublicKey *pk;
769 const struct GNUNET_IDENTITY_Signature *sig;
766 770
767 size = sizeof (struct GNUNET_REVOCATION_PowP); 771 size = sizeof (struct GNUNET_REVOCATION_PowP);
768 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; 772 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1];
769 size += GNUNET_IDENTITY_key_get_length (pk); 773 ksize = GNUNET_IDENTITY_key_get_length (pk);
770 774 size += ksize;
771 switch (ntohl (pk->type)) 775 sig = (struct GNUNET_IDENTITY_Signature *) ((char*)&pow[1] + ksize);
772 { 776 size += GNUNET_IDENTITY_signature_get_length (sig);
773 case GNUNET_IDENTITY_TYPE_ECDSA: 777 return size;
774 return size + sizeof (struct GNUNET_CRYPTO_EcdsaSignature);
775 default:
776 return 0;
777 }
778 return 0;
779} 778}
780 779
781 780