aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/fs/gnunet-publish.c9
-rw-r--r--src/identity/identity_api.c20
-rw-r--r--src/include/gnunet_identity_service.h46
-rw-r--r--src/pt/test_gns_vpn.c2
-rw-r--r--src/reclaim/oidc_helper.c47
-rw-r--r--src/revocation/revocation_api.c30
-rw-r--r--src/testbed/test_testbed_api_template.conf2
7 files changed, 83 insertions, 73 deletions
diff --git a/src/fs/gnunet-publish.c b/src/fs/gnunet-publish.c
index 518192283..dea467669 100644
--- a/src/fs/gnunet-publish.c
+++ b/src/fs/gnunet-publish.c
@@ -591,13 +591,12 @@ directory_trim_complete (struct GNUNET_FS_ShareTreeItem *directory_scan_result)
591 GNUNET_SCHEDULER_shutdown (); 591 GNUNET_SCHEDULER_shutdown ();
592 return; 592 return;
593 } 593 }
594 if (NULL == namespace) 594 priv = NULL;
595 priv = NULL; 595 if (NULL != namespace)
596 else
597 { 596 {
598 pk = GNUNET_IDENTITY_ego_get_private_key (namespace); 597 pk = GNUNET_IDENTITY_ego_get_private_key (namespace);
599 if (GNUNET_IDENTITY_TYPE_ECDSA == ntohl (pk->type)) 598 GNUNET_assert (GNUNET_IDENTITY_TYPE_ECDSA == ntohl (pk->type));
600 priv = &pk->ecdsa_key; 599 priv = &pk->ecdsa_key;
601 } 600 }
602 pc = GNUNET_FS_publish_start (ctx, 601 pc = GNUNET_FS_publish_start (ctx,
603 fi, 602 fi,
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c
index f40472240..d44e8da96 100644
--- a/src/identity/identity_api.c
+++ b/src/identity/identity_api.c
@@ -1083,11 +1083,11 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct
1083 1083
1084 1084
1085int 1085int
1086GNUNET_IDENTITY_private_key_sign_ (const struct 1086GNUNET_IDENTITY_sign_ (const struct
1087 GNUNET_IDENTITY_PrivateKey *priv, 1087 GNUNET_IDENTITY_PrivateKey *priv,
1088 const struct 1088 const struct
1089 GNUNET_CRYPTO_EccSignaturePurpose *purpose, 1089 GNUNET_CRYPTO_EccSignaturePurpose *purpose,
1090 struct GNUNET_IDENTITY_Signature *sig) 1090 struct GNUNET_IDENTITY_Signature *sig)
1091{ 1091{
1092 sig->type = priv->type; 1092 sig->type = priv->type;
1093 switch (ntohl (priv->type)) 1093 switch (ntohl (priv->type))
@@ -1109,11 +1109,11 @@ GNUNET_IDENTITY_private_key_sign_ (const struct
1109 1109
1110 1110
1111int 1111int
1112GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, 1112GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
1113 const struct 1113 const struct
1114 GNUNET_CRYPTO_EccSignaturePurpose *validate, 1114 GNUNET_CRYPTO_EccSignaturePurpose *validate,
1115 const struct GNUNET_IDENTITY_Signature *sig, 1115 const struct GNUNET_IDENTITY_Signature *sig,
1116 const struct GNUNET_IDENTITY_PublicKey *pub) 1116 const struct GNUNET_IDENTITY_PublicKey *pub)
1117{ 1117{
1118 /* check type matching of 'sig' and 'pub' */ 1118 /* check type matching of 'sig' and 'pub' */
1119 GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); 1119 GNUNET_assert (ntohl (pub->type) == ntohl (sig->type));
diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h
index 0174e52aa..e59cf65af 100644
--- a/src/include/gnunet_identity_service.h
+++ b/src/include/gnunet_identity_service.h
@@ -501,7 +501,7 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct
501 * The @a purpose data is the beginning of the data of which the signature is 501 * The @a purpose data is the beginning of the data of which the signature is
502 * to be created. The `size` field in @a purpose must correctly indicate the 502 * to be created. The `size` field in @a purpose must correctly indicate the
503 * number of bytes of the data structure, including its header. If possible, 503 * number of bytes of the data structure, including its header. If possible,
504 * use #GNUNET_IDENTITY_private_key_sign() instead of this function. 504 * use #GNUNET_IDENTITY_sign() instead of this function.
505 * 505 *
506 * @param priv private key to use for the signing 506 * @param priv private key to use for the signing
507 * @param purpose what to sign (size, purpose) 507 * @param purpose what to sign (size, purpose)
@@ -509,7 +509,7 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct
509 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 509 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
510 */ 510 */
511int 511int
512GNUNET_IDENTITY_private_key_sign_ (const struct 512GNUNET_IDENTITY_sign_ (const struct
513 GNUNET_IDENTITY_PrivateKey *priv, 513 GNUNET_IDENTITY_PrivateKey *priv,
514 const struct 514 const struct
515 GNUNET_CRYPTO_EccSignaturePurpose *purpose, 515 GNUNET_CRYPTO_EccSignaturePurpose *purpose,
@@ -527,7 +527,7 @@ GNUNET_IDENTITY_private_key_sign_ (const struct
527 * @param ps packed struct with what to sign, MUST begin with a purpose 527 * @param ps packed struct with what to sign, MUST begin with a purpose
528 * @param[out] sig where to write the signature 528 * @param[out] sig where to write the signature
529 */ 529 */
530#define GNUNET_IDENTITY_private_key_sign(priv,ps,sig) do { \ 530#define GNUNET_IDENTITY_sign(priv,ps,sig) do { \
531 /* check size is set correctly */ \ 531 /* check size is set correctly */ \
532 GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ 532 GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \
533 /* check 'ps' begins with the purpose */ \ 533 /* check 'ps' begins with the purpose */ \
@@ -548,7 +548,7 @@ GNUNET_IDENTITY_private_key_sign_ (const struct
548 * the number of bytes of the data structure, including its header. If @a 548 * the number of bytes of the data structure, including its header. If @a
549 * purpose does not match the purpose given in @a validate (the latter must be 549 * purpose does not match the purpose given in @a validate (the latter must be
550 * in big endian), signature verification fails. If possible, 550 * in big endian), signature verification fails. If possible,
551 * use #GNUNET_IDENTITY_public_key_verify() instead of this function (only if @a validate 551 * use #GNUNET_IDENTITY_signature_verify() instead of this function (only if @a validate
552 * is not fixed-size, you must use this function directly). 552 * is not fixed-size, you must use this function directly).
553 * 553 *
554 * @param purpose what is the purpose that the signature should have? 554 * @param purpose what is the purpose that the signature should have?
@@ -558,12 +558,12 @@ GNUNET_IDENTITY_private_key_sign_ (const struct
558 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid 558 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
559 */ 559 */
560int 560int
561GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, 561GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
562 const struct 562 const struct
563 GNUNET_CRYPTO_EccSignaturePurpose *validate, 563 GNUNET_CRYPTO_EccSignaturePurpose *validate,
564 const struct GNUNET_IDENTITY_Signature *sig, 564 const struct GNUNET_IDENTITY_Signature *sig,
565 const struct 565 const struct
566 GNUNET_IDENTITY_PublicKey *pub); 566 GNUNET_IDENTITY_PublicKey *pub);
567 567
568 568
569/** 569/**
@@ -579,7 +579,7 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose,
579 * @param sig where to read the signature from 579 * @param sig where to read the signature from
580 * @param pub public key to use for the verifying 580 * @param pub public key to use for the verifying
581 */ 581 */
582#define GNUNET_IDENTITY_public_key_verify(purp,ps,sig,pub) ({ \ 582#define GNUNET_IDENTITY_signature_verify(purp,ps,sig,pub) ({ \
583 /* check size is set correctly */ \ 583 /* check size is set correctly */ \
584 GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ 584 GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \
585 /* check 'ps' begins with the purpose */ \ 585 /* check 'ps' begins with the purpose */ \
@@ -608,11 +608,11 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose,
608 * this size should be the same as @c len. 608 * this size should be the same as @c len.
609 */ 609 */
610ssize_t 610ssize_t
611GNUNET_IDENTITY_public_key_encrypt (const void *block, 611GNUNET_IDENTITY_encrypt (const void *block,
612 size_t size, 612 size_t size,
613 const struct GNUNET_IDENTITY_PublicKey *pub, 613 const struct GNUNET_IDENTITY_PublicKey *pub,
614 struct GNUNET_CRYPTO_EcdhePublicKey *ecc, 614 struct GNUNET_CRYPTO_EcdhePublicKey *ecc,
615 void *result); 615 void *result);
616 616
617 617
618/** 618/**
@@ -630,13 +630,13 @@ GNUNET_IDENTITY_public_key_encrypt (const void *block,
630 * this size should be the same as @c size. 630 * this size should be the same as @c size.
631 */ 631 */
632ssize_t 632ssize_t
633GNUNET_IDENTITY_private_key_decrypt (const void *block, 633GNUNET_IDENTITY_decrypt (const void *block,
634 size_t size, 634 size_t size,
635 const struct 635 const struct
636 GNUNET_IDENTITY_PrivateKey *priv, 636 GNUNET_IDENTITY_PrivateKey *priv,
637 const struct 637 const struct
638 GNUNET_CRYPTO_EcdhePublicKey *ecc, 638 GNUNET_CRYPTO_EcdhePublicKey *ecc,
639 void *result); 639 void *result);
640 640
641 641
642/** 642/**
diff --git a/src/pt/test_gns_vpn.c b/src/pt/test_gns_vpn.c
index cf0455477..7b4abaec2 100644
--- a/src/pt/test_gns_vpn.c
+++ b/src/pt/test_gns_vpn.c
@@ -560,7 +560,7 @@ identity_cb (void *cls,
560 void **ctx, 560 void **ctx,
561 const char *name) 561 const char *name)
562{ 562{
563 const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key; 563 const struct GNUNET_IDENTITY_PrivateKey *zone_key;
564 struct GNUNET_GNSRECORD_Data rd; 564 struct GNUNET_GNSRECORD_Data rd;
565 char *rd_string; 565 char *rd_string;
566 char *peername; 566 char *peername;
diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c
index 0caa46b90..c6d56e02d 100644
--- a/src/reclaim/oidc_helper.c
+++ b/src/reclaim/oidc_helper.c
@@ -154,10 +154,12 @@ fix_base64 (char *str)
154 replace_char (str, '/', '_'); 154 replace_char (str, '/', '_');
155} 155}
156 156
157
157static json_t* 158static json_t*
158generate_userinfo_json(const struct GNUNET_IDENTITY_PublicKey *sub_key, 159generate_userinfo_json (const struct GNUNET_IDENTITY_PublicKey *sub_key,
159 const struct GNUNET_RECLAIM_AttributeList *attrs, 160 const struct GNUNET_RECLAIM_AttributeList *attrs,
160 const struct GNUNET_RECLAIM_PresentationList *presentations) 161 const struct
162 GNUNET_RECLAIM_PresentationList *presentations)
161{ 163{
162 struct GNUNET_RECLAIM_AttributeListEntry *le; 164 struct GNUNET_RECLAIM_AttributeListEntry *le;
163 struct GNUNET_RECLAIM_PresentationListEntry *ple; 165 struct GNUNET_RECLAIM_PresentationListEntry *ple;
@@ -206,7 +208,8 @@ generate_userinfo_json(const struct GNUNET_IDENTITY_PublicKey *sub_key,
206 ple->presentation->data, 208 ple->presentation->data,
207 ple->presentation->data_size); 209 ple->presentation->data_size);
208 json_object_set_new (aggr_sources_jwt, 210 json_object_set_new (aggr_sources_jwt,
209 GNUNET_RECLAIM_presentation_number_to_typename (ple->presentation->type), 211 GNUNET_RECLAIM_presentation_number_to_typename (
212 ple->presentation->type),
210 json_string (pres_val_str) ); 213 json_string (pres_val_str) );
211 json_object_set_new (aggr_sources, source_name, aggr_sources_jwt); 214 json_object_set_new (aggr_sources, source_name, aggr_sources_jwt);
212 GNUNET_free (pres_val_str); 215 GNUNET_free (pres_val_str);
@@ -286,6 +289,7 @@ generate_userinfo_json(const struct GNUNET_IDENTITY_PublicKey *sub_key,
286 return body; 289 return body;
287} 290}
288 291
292
289/** 293/**
290 * Generate userinfo JSON as string 294 * Generate userinfo JSON as string
291 * 295 *
@@ -297,12 +301,13 @@ generate_userinfo_json(const struct GNUNET_IDENTITY_PublicKey *sub_key,
297char * 301char *
298OIDC_generate_userinfo (const struct GNUNET_IDENTITY_PublicKey *sub_key, 302OIDC_generate_userinfo (const struct GNUNET_IDENTITY_PublicKey *sub_key,
299 const struct GNUNET_RECLAIM_AttributeList *attrs, 303 const struct GNUNET_RECLAIM_AttributeList *attrs,
300 const struct GNUNET_RECLAIM_PresentationList *presentations) 304 const struct
305 GNUNET_RECLAIM_PresentationList *presentations)
301{ 306{
302 char *body_str; 307 char *body_str;
303 json_t* body = generate_userinfo_json (sub_key, 308 json_t*body = generate_userinfo_json (sub_key,
304 attrs, 309 attrs,
305 presentations); 310 presentations);
306 body_str = json_dumps (body, JSON_INDENT (0) | JSON_COMPACT); 311 body_str = json_dumps (body, JSON_INDENT (0) | JSON_COMPACT);
307 json_decref (body); 312 json_decref (body);
308 return body_str; 313 return body_str;
@@ -324,7 +329,8 @@ char *
324OIDC_generate_id_token (const struct GNUNET_IDENTITY_PublicKey *aud_key, 329OIDC_generate_id_token (const struct GNUNET_IDENTITY_PublicKey *aud_key,
325 const struct GNUNET_IDENTITY_PublicKey *sub_key, 330 const struct GNUNET_IDENTITY_PublicKey *sub_key,
326 const struct GNUNET_RECLAIM_AttributeList *attrs, 331 const struct GNUNET_RECLAIM_AttributeList *attrs,
327 const struct GNUNET_RECLAIM_PresentationList *presentations, 332 const struct
333 GNUNET_RECLAIM_PresentationList *presentations,
328 const struct GNUNET_TIME_Relative *expiration_time, 334 const struct GNUNET_TIME_Relative *expiration_time,
329 const char *nonce, 335 const char *nonce,
330 const char *secret_key) 336 const char *secret_key)
@@ -441,7 +447,8 @@ char *
441OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer, 447OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer,
442 const struct GNUNET_RECLAIM_Ticket *ticket, 448 const struct GNUNET_RECLAIM_Ticket *ticket,
443 const struct GNUNET_RECLAIM_AttributeList *attrs, 449 const struct GNUNET_RECLAIM_AttributeList *attrs,
444 const struct GNUNET_RECLAIM_PresentationList *presentations, 450 const struct
451 GNUNET_RECLAIM_PresentationList *presentations,
445 const char *nonce_str, 452 const char *nonce_str,
446 const char *code_challenge) 453 const char *code_challenge)
447{ 454{
@@ -544,10 +551,10 @@ OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer,
544 buf_ptr += payload_len; 551 buf_ptr += payload_len;
545 // Sign and store signature 552 // Sign and store signature
546 if (GNUNET_SYSERR == 553 if (GNUNET_SYSERR ==
547 GNUNET_IDENTITY_private_key_sign_ (issuer, 554 GNUNET_IDENTITY_sign_ (issuer,
548 purpose, 555 purpose,
549 (struct GNUNET_IDENTITY_Signature *) 556 (struct GNUNET_IDENTITY_Signature *)
550 buf_ptr)) 557 buf_ptr))
551 { 558 {
552 GNUNET_break (0); 559 GNUNET_break (0);
553 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Unable to sign code\n"); 560 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Unable to sign code\n");
@@ -684,10 +691,11 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience,
684 return GNUNET_SYSERR; 691 return GNUNET_SYSERR;
685 } 692 }
686 if (GNUNET_OK != 693 if (GNUNET_OK !=
687 GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN, 694 GNUNET_IDENTITY_signature_verify_ (
688 purpose, 695 GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN,
689 signature, 696 purpose,
690 &(ticket->identity))) 697 signature,
698 &(ticket->identity)))
691 { 699 {
692 GNUNET_free (code_payload); 700 GNUNET_free (code_payload);
693 if (NULL != *nonce_str) 701 if (NULL != *nonce_str)
@@ -840,7 +848,8 @@ OIDC_check_scopes_for_claim_request (const char*scopes,
840 } 848 }
841 } 849 }
842 850
843 } else if (0 == strcmp (attr, scope_variable)) 851 }
852 else if (0 == strcmp (attr, scope_variable))
844 { 853 {
845 /** attribute matches requested scope **/ 854 /** attribute matches requested scope **/
846 GNUNET_free (scope_variables); 855 GNUNET_free (scope_variables);
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c
index 44c42ae49..791c3d008 100644
--- a/src/revocation/revocation_api.c
+++ b/src/revocation/revocation_api.c
@@ -444,12 +444,12 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow,
444 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 444 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
445 "Expected signature payload len: %u\n", 445 "Expected signature payload len: %u\n",
446 ntohl (spurp->purpose.size)); 446 ntohl (spurp->purpose.size));
447 sig = (struct GNUNET_IDENTITY_Signature *) ((char*)&pow[1] + ksize); 447 sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize);
448 if (GNUNET_OK != 448 if (GNUNET_OK !=
449 GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, 449 GNUNET_IDENTITY_signature_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION,
450 &spurp->purpose, 450 &spurp->purpose,
451 sig, 451 sig,
452 key)) 452 key))
453 { 453 {
454 return GNUNET_SYSERR; 454 return GNUNET_SYSERR;
455 } 455 }
@@ -570,7 +570,7 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_PowP *pow,
570 570
571enum GNUNET_GenericReturnValue 571enum GNUNET_GenericReturnValue
572sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, 572sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key,
573 struct GNUNET_REVOCATION_PowP *pow) 573 struct GNUNET_REVOCATION_PowP *pow)
574{ 574{
575 struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); 575 struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get ();
576 struct GNUNET_REVOCATION_SignaturePurposePS *rp; 576 struct GNUNET_REVOCATION_SignaturePurposePS *rp;
@@ -595,14 +595,16 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key,
595 "Signature payload len: %u\n", 595 "Signature payload len: %u\n",
596 ntohl (rp->purpose.size)); 596 ntohl (rp->purpose.size));
597 GNUNET_IDENTITY_write_key_to_buffer (pk, 597 GNUNET_IDENTITY_write_key_to_buffer (pk,
598 ((char*)&rp[1]), 598 ((char*) &rp[1]),
599 ksize); 599 ksize);
600 sig = ((char*)&pow[1]) + ksize; 600 sig = ((char*) &pow[1]) + ksize;
601 int result = GNUNET_IDENTITY_private_key_sign_ (key, 601 int result = GNUNET_IDENTITY_sign_ (key,
602 &rp->purpose, 602 &rp->purpose,
603 (void*) sig); 603 (void*) sig);
604 if (result == GNUNET_SYSERR) return GNUNET_NO; 604 if (result == GNUNET_SYSERR)
605 else return result; 605 return GNUNET_NO;
606 else
607 return result;
606} 608}
607 609
608 610
@@ -772,7 +774,7 @@ GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow)
772 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; 774 pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1];
773 ksize = GNUNET_IDENTITY_key_get_length (pk); 775 ksize = GNUNET_IDENTITY_key_get_length (pk);
774 size += ksize; 776 size += ksize;
775 sig = (struct GNUNET_IDENTITY_Signature *) ((char*)&pow[1] + ksize); 777 sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize);
776 size += GNUNET_IDENTITY_signature_get_length (sig); 778 size += GNUNET_IDENTITY_signature_get_length (sig);
777 return size; 779 return size;
778} 780}
diff --git a/src/testbed/test_testbed_api_template.conf b/src/testbed/test_testbed_api_template.conf
index 255c1b766..ae0368a8b 100644
--- a/src/testbed/test_testbed_api_template.conf
+++ b/src/testbed/test_testbed_api_template.conf
@@ -32,7 +32,7 @@ WAN_QUOTA_IN = 3932160
32USE_EPHEMERAL_KEYS = NO 32USE_EPHEMERAL_KEYS = NO
33IMMEDIATE_START = YES 33IMMEDIATE_START = YES
34 34
35[transport-udp] 35[transport-tcp]
36TIMEOUT = 300 s 36TIMEOUT = 300 s
37 37
38[PATHS] 38[PATHS]