From e96a8d741c57ea09b80ed7686f1a635a2c0def60 Mon Sep 17 00:00:00 2001 From: Gian Demarmels Date: Wed, 26 Jan 2022 22:41:40 +0100 Subject: added CS test vectors --- src/util/.gitignore | 3 + src/util/gnunet-crypto-tvg.c | 401 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 404 insertions(+) diff --git a/src/util/.gitignore b/src/util/.gitignore index 7c7b7045d..51eab71db 100644 --- a/src/util/.gitignore +++ b/src/util/.gitignore @@ -43,6 +43,7 @@ test_crypto_kdf test_crypto_paillier test_crypto_random test_crypto_rsa +test_crypto_cs test_crypto_symmetric test_disk test_getopt @@ -70,7 +71,9 @@ perf_crypto_asymmetric perf_crypto_hash perf_crypto_symmetric perf_crypto_rsa +perf_crypto_cs perf_crypto_ecc_dlog +perf_crypto_paillier test_hexcoder test_regex test_tun diff --git a/src/util/gnunet-crypto-tvg.c b/src/util/gnunet-crypto-tvg.c index 28e44e28b..6b2a7f472 100644 --- a/src/util/gnunet-crypto-tvg.c +++ b/src/util/gnunet-crypto-tvg.c @@ -672,6 +672,263 @@ checkvec (const char *operation, GNUNET_free (sig_enc_data); GNUNET_free (skey); } + else if (0 == strcmp (operation, "cs_blind_signing")) + { + struct GNUNET_CRYPTO_CsPrivateKey priv; + struct GNUNET_CRYPTO_CsPublicKey pub; + struct GNUNET_CRYPTO_CsBlindingSecret bs[2]; + struct GNUNET_CRYPTO_CsRSecret r_priv[2]; + struct GNUNET_CRYPTO_CsRPublic r_pub[2]; + struct GNUNET_CRYPTO_CsRPublic r_pub_blind[2]; + struct GNUNET_CRYPTO_CsC c[2]; + struct GNUNET_CRYPTO_CsS signature_scalar; + struct GNUNET_CRYPTO_CsBlindS blinded_s; + struct GNUNET_CRYPTO_CsSignature sig; + struct GNUNET_CRYPTO_CsNonce nonce; + struct GNUNET_HashCode message_hash; + unsigned int b; + + if (GNUNET_OK != expect_data_fixed (vec, + "message_hash", + &message_hash, + sizeof (message_hash))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_public_key", + &pub, + sizeof (pub))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + + if (GNUNET_OK != expect_data_fixed (vec, + "cs_private_key", + &priv, + sizeof (priv))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_nonce", + &nonce, + sizeof (nonce))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_r_priv_0", + &r_priv[0], + sizeof (r_priv[0]))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_r_priv_1", + &r_priv[1], + sizeof (r_priv[1]))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_r_pub_0", + &r_pub[0], + sizeof (r_pub[0]))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_r_pub_1", + &r_pub[1], + sizeof (r_pub[1]))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + + if (GNUNET_OK != expect_data_fixed (vec, + "cs_bs_alpha_0", + &bs[0].alpha, + sizeof (bs[0].alpha))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_bs_alpha_1", + &bs[1].alpha, + sizeof (bs[1].alpha))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_bs_beta_0", + &bs[0].beta, + sizeof (bs[0].beta))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_bs_beta_1", + &bs[1].beta, + sizeof (bs[1].beta))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_r_pub_blind_0", + &r_pub_blind[0], + sizeof (r_pub_blind[0]))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_r_pub_blind_1", + &r_pub_blind[1], + sizeof (r_pub_blind[1]))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_c_0", + &c[0], + sizeof (c[0]))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_c_1", + &c[1], + sizeof (c[1]))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_blind_s", + &blinded_s, + sizeof (blinded_s))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_b", + &b, + sizeof (b))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != expect_data_fixed (vec, + "cs_sig_s", + &signature_scalar, + sizeof (signature_scalar))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + sig.s_scalar = signature_scalar; + if (GNUNET_OK != expect_data_fixed (vec, + "cs_sig_R", + &sig.r_point, + sizeof (sig.r_point))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + + if ((b != 1)&& (b != 0)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + + struct GNUNET_CRYPTO_CsRSecret r_priv_comp[2]; + struct GNUNET_CRYPTO_CsRPublic r_pub_comp[2]; + struct GNUNET_CRYPTO_CsBlindingSecret bs_comp[2]; + struct GNUNET_CRYPTO_CsC c_comp[2]; + struct GNUNET_CRYPTO_CsRPublic r_pub_blind_comp[2]; + struct GNUNET_CRYPTO_CsBlindS blinded_s_comp; + struct GNUNET_CRYPTO_CsS signature_scalar_comp; + struct GNUNET_CRYPTO_CsSignature sig_comp; + unsigned int b_comp; + + + GNUNET_CRYPTO_cs_r_derive (&nonce, &priv, r_priv_comp); + GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[0], &r_pub_comp[0]); + GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[1], &r_pub_comp[1]); + GNUNET_assert (0 == memcmp (&r_priv_comp, + &r_priv, + sizeof(struct GNUNET_CRYPTO_CsRSecret) * 2)); + GNUNET_assert (0 == memcmp (&r_pub_comp, + &r_pub, + sizeof(struct GNUNET_CRYPTO_CsRPublic) * 2)); + + GNUNET_CRYPTO_cs_blinding_secrets_derive (&nonce, + bs_comp); + GNUNET_assert (0 == memcmp (&bs_comp, + &bs, + sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) + * 2)); + GNUNET_CRYPTO_cs_calc_blinded_c (bs_comp, + r_pub_comp, + &pub, + &message_hash, + sizeof(message_hash), + c_comp, + r_pub_blind_comp); + GNUNET_assert (0 == memcmp (&c_comp, + &c, + sizeof(struct GNUNET_CRYPTO_CsC) * 2)); + GNUNET_assert (0 == memcmp (&r_pub_blind_comp, + &r_pub_blind, + sizeof(struct GNUNET_CRYPTO_CsRPublic) * 2)); + b_comp = GNUNET_CRYPTO_cs_sign_derive (&priv, + r_priv_comp, + c_comp, + &nonce, + &blinded_s_comp); + GNUNET_assert (0 == memcmp (&blinded_s_comp, + &blinded_s, + sizeof(blinded_s))); + GNUNET_assert (0 == memcmp (&b_comp, + &b, + sizeof(b))); + GNUNET_CRYPTO_cs_unblind (&blinded_s_comp, + &bs_comp[b_comp], + &signature_scalar_comp); + GNUNET_assert (0 == memcmp (&signature_scalar_comp, + &signature_scalar, + sizeof(signature_scalar_comp))); + sig_comp.r_point = r_pub_blind_comp[b_comp]; + sig_comp.s_scalar = signature_scalar_comp; + GNUNET_assert (0 == memcmp (&sig_comp, + &sig, + sizeof(sig_comp))); + if (GNUNET_OK != GNUNET_CRYPTO_cs_verify (&sig_comp, + &pub, + &message_hash, + sizeof(message_hash))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + } else { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, @@ -1025,6 +1282,150 @@ output_vectors () GNUNET_free (secret_enc_data); } + { + json_t *vec = vec_for (vecs, "cs_blind_signing"); + + struct GNUNET_CRYPTO_CsPrivateKey priv; + struct GNUNET_CRYPTO_CsPublicKey pub; + struct GNUNET_CRYPTO_CsBlindingSecret bs[2]; + struct GNUNET_CRYPTO_CsRSecret r_priv[2]; + struct GNUNET_CRYPTO_CsRPublic r_pub[2]; + struct GNUNET_CRYPTO_CsRPublic r_pub_blind[2]; + struct GNUNET_CRYPTO_CsC c[2]; + struct GNUNET_CRYPTO_CsS signature_scalar; + struct GNUNET_CRYPTO_CsBlindS blinded_s; + struct GNUNET_CRYPTO_CsSignature sig; + struct GNUNET_CRYPTO_CsNonce nonce; + unsigned int b; + struct GNUNET_HashCode message_hash; + + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, + &message_hash, + sizeof (struct GNUNET_HashCode)); + + GNUNET_CRYPTO_cs_private_key_generate (&priv); + GNUNET_CRYPTO_cs_private_key_get_public (&priv, &pub); + + GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_hkdf (nonce.nonce, + sizeof(nonce.nonce), + GCRY_MD_SHA512, + GCRY_MD_SHA256, + "nonce", + strlen ("nonce"), + "nonce_secret", + strlen ("nonce_secret"), + NULL, + 0)); + GNUNET_CRYPTO_cs_r_derive (&nonce, &priv, r_priv); + GNUNET_CRYPTO_cs_r_get_public (&r_priv[0], &r_pub[0]); + GNUNET_CRYPTO_cs_r_get_public (&r_priv[1], &r_pub[1]); + GNUNET_CRYPTO_cs_blinding_secrets_derive (&nonce, + bs); + GNUNET_CRYPTO_cs_calc_blinded_c (bs, + r_pub, + &pub, + &message_hash, + sizeof(message_hash), + c, + r_pub_blind); + b = GNUNET_CRYPTO_cs_sign_derive (&priv, + r_priv, + c, + &nonce, + &blinded_s); + GNUNET_CRYPTO_cs_unblind (&blinded_s, &bs[b], &signature_scalar); + sig.r_point = r_pub_blind[b]; + sig.s_scalar = signature_scalar; + if (GNUNET_OK != GNUNET_CRYPTO_cs_verify (&sig, + &pub, + &message_hash, + sizeof(message_hash))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + d2j (vec, + "message_hash", + &message_hash, + sizeof (struct GNUNET_HashCode)); + d2j (vec, + "cs_public_key", + &pub, + sizeof(pub)); + d2j (vec, + "cs_private_key", + &priv, + sizeof(priv)); + d2j (vec, + "cs_nonce", + &nonce, + sizeof(nonce)); + d2j (vec, + "cs_r_priv_0", + &r_priv[0], + sizeof(r_priv[0])); + d2j (vec, + "cs_r_priv_1", + &r_priv[1], + sizeof(r_priv[1])); + d2j (vec, + "cs_r_pub_0", + &r_pub[0], + sizeof(r_pub[0])); + d2j (vec, + "cs_r_pub_1", + &r_pub[1], + sizeof(r_pub[1])); + d2j (vec, + "cs_bs_alpha_0", + &bs[0].alpha, + sizeof(bs[0].alpha)); + d2j (vec, + "cs_bs_alpha_1", + &bs[1].alpha, + sizeof(bs[1].alpha)); + d2j (vec, + "cs_bs_beta_0", + &bs[0].beta, + sizeof(bs[0].beta)); + d2j (vec, + "cs_bs_beta_1", + &bs[1].beta, + sizeof(bs[1].beta)); + d2j (vec, + "cs_r_pub_blind_0", + &r_pub_blind[0], + sizeof(r_pub_blind[0])); + d2j (vec, + "cs_r_pub_blind_1", + &r_pub_blind[1], + sizeof(r_pub_blind[1])); + d2j (vec, + "cs_c_0", + &c[0], + sizeof(c[0])); + d2j (vec, + "cs_c_1", + &c[1], + sizeof(c[1])); + d2j (vec, + "cs_blind_s", + &blinded_s, + sizeof(blinded_s)); + d2j (vec, + "cs_b", + &b, + sizeof(b)); + d2j (vec, + "cs_sig_s", + &signature_scalar, + sizeof(signature_scalar)); + d2j (vec, + "cs_sig_R", + &r_pub_blind[b], + sizeof(r_pub_blind[b])); + } + json_dumpf (vecfile, stdout, JSON_INDENT (2)); json_decref (vecfile); printf ("\n"); -- cgit v1.2.3 From 491ccf4877956fb705aff38869b0dc1f477c4298 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Sat, 29 Jan 2022 18:12:55 +0100 Subject: -fix --- src/gnsrecord/gnunet-gnsrecord-tvg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index 16a360bdc..ea2c6e3bb 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c @@ -133,7 +133,7 @@ run_pkey (void) print_record (&rd[0]); rd[1].data = &pkey_data; - rd[1].data_size = sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey); + rd[1].data_size = sizeof (struct GNUNET_IDENTITY_PublicKey); rd[1].expiration_time = exp_abs.abs_value_us; rd[1].record_type = GNUNET_GNSRECORD_TYPE_PKEY; rd[1].flags = GNUNET_GNSRECORD_RF_PRIVATE; @@ -235,7 +235,7 @@ run_edkey (void) print_record (&rd[0]); rd[1].data = &pkey_data; - rd[1].data_size = sizeof (struct GNUNET_CRYPTO_EddsaPublicKey); + rd[1].data_size = sizeof (struct GNUNET_IDENTITY_PublicKey); rd[1].expiration_time = exp_abs.abs_value_us; rd[1].record_type = GNUNET_GNSRECORD_TYPE_EDKEY; rd[1].flags = GNUNET_GNSRECORD_RF_PRIVATE; -- cgit v1.2.3 From 8087e6b2c9eb6a13daa0f605182329eaf1b3a8c6 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Sun, 30 Jan 2022 23:10:08 +0100 Subject: -fix tvg gns --- src/gnsrecord/gnunet-gnsrecord-tvg.c | 46 ++++++++++++++++++++++++++---------- 1 file changed, 34 insertions(+), 12 deletions(-) diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index ea2c6e3bb..f1420d2d0 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c @@ -37,9 +37,10 @@ #define TEST_RRCOUNT 2 static void -print_bytes (void *buf, +print_bytes_ (void *buf, size_t buf_len, - int fold) + int fold, + int in_be) { int i; @@ -47,11 +48,22 @@ print_bytes (void *buf, { if ((0 != i) && (0 != fold) && (i % fold == 0)) printf ("\n"); - printf ("%02x", ((unsigned char*) buf)[i]); + if (in_be) + printf ("%02x", ((unsigned char*) buf)[buf_len - 1 - i]); + else + printf ("%02x", ((unsigned char*) buf)[i]); } printf ("\n"); } +static void +print_bytes (void *buf, + size_t buf_len, + int fold) +{ + print_bytes_ (buf, buf_len, fold, 0); +} + static void print_record (const struct GNUNET_GNSRECORD_Data *rd) @@ -95,6 +107,7 @@ run_pkey (void) size_t data_size; char *rdata; size_t rdata_size; + uint32_t rd_count_nbo; char ztld[128]; id_priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); @@ -102,10 +115,10 @@ run_pkey (void) GNUNET_IDENTITY_key_get_public (&id_priv, &id_pub); fprintf (stdout, - "Zone private key (d, little-endian, with ztype prepended):\n"); - print_bytes (&id_priv, GNUNET_IDENTITY_key_get_length (&id_pub), 8); // FIXME length for privkey? + "Zone private key (d, big-endian):\n"); + print_bytes_ (&id_priv.ecdsa_key, sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), 8, 1); fprintf (stdout, "\n"); - fprintf (stdout, "Zone identifier (zid):\n"); + fprintf (stdout, "Zone identifier (ztype|zkey):\n"); print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); GNUNET_STRINGS_data_to_string (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), @@ -143,10 +156,14 @@ run_pkey (void) rdata_size = GNUNET_GNSRECORD_records_get_size (2, rd); rdata = GNUNET_malloc (rdata_size); + rd_count_nbo = htonl(2); + GNUNET_memcpy (rdata, + &rd_count_nbo, + sizeof (uint32_t)); GNUNET_GNSRECORD_records_serialize (2, rd, rdata_size, - rdata); + rdata + sizeof (uint32_t)); fprintf (stdout, "RDATA:\n"); print_bytes (rdata, rdata_size, 8); fprintf (stdout, "\n"); @@ -197,6 +214,7 @@ run_edkey (void) size_t data_size; char *rdata; size_t rdata_size; + uint32_t rd_count_nbo; char ztld[128]; id_priv.type = htonl (GNUNET_IDENTITY_TYPE_EDDSA); @@ -204,10 +222,10 @@ run_edkey (void) GNUNET_IDENTITY_key_get_public (&id_priv, &id_pub); fprintf (stdout, - "Zone private key (d, little-endian, with ztype prepended):\n"); - print_bytes (&id_priv, GNUNET_IDENTITY_key_get_length (&id_pub), 8); // FIXME length for privkey? + "Zone private key (d, big-endian):\n"); + print_bytes_ (&id_priv.eddsa_key, sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey), 8, 1); fprintf (stdout, "\n"); - fprintf (stdout, "Zone identifier (zid):\n"); + fprintf (stdout, "Zone identifier (ztype|zkey):\n"); print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); GNUNET_STRINGS_data_to_string (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), @@ -244,11 +262,15 @@ run_edkey (void) rdata_size = GNUNET_GNSRECORD_records_get_size (2, rd); - rdata = GNUNET_malloc (rdata_size); + rdata = GNUNET_malloc (sizeof (uint32_t) + rdata_size); + rd_count_nbo = htonl(2); + GNUNET_memcpy (rdata, + &rd_count_nbo, + sizeof (uint32_t)); GNUNET_GNSRECORD_records_serialize (2, rd, rdata_size, - rdata); + rdata + sizeof (uint32_t)); fprintf (stdout, "RDATA:\n"); print_bytes (rdata, rdata_size, 8); fprintf (stdout, "\n"); -- cgit v1.2.3 From 3fe64a38f7c3a4aeaab3a00cb8e04672e91515fd Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Sun, 30 Jan 2022 23:28:44 +0100 Subject: -not a scalar/int --- src/gnsrecord/gnunet-gnsrecord-tvg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index f1420d2d0..bdb995a50 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c @@ -222,8 +222,8 @@ run_edkey (void) GNUNET_IDENTITY_key_get_public (&id_priv, &id_pub); fprintf (stdout, - "Zone private key (d, big-endian):\n"); - print_bytes_ (&id_priv.eddsa_key, sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey), 8, 1); + "Zone private key (d):\n"); + print_bytes (&id_priv.eddsa_key, sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey), 8); fprintf (stdout, "\n"); fprintf (stdout, "Zone identifier (ztype|zkey):\n"); print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); -- cgit v1.2.3 From f70367271434cbb80e7f51665925ac7240adab10 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 31 Jan 2022 10:05:15 +0100 Subject: -fix big endian again; add test vector consumer --- src/gnsrecord/Makefile.am | 9 ++++++ src/gnsrecord/gnunet-gnsrecord-tvg.c | 60 +++++++++++++++++++++++++++++------- 2 files changed, 58 insertions(+), 11 deletions(-) diff --git a/src/gnsrecord/Makefile.am b/src/gnsrecord/Makefile.am index 42ac4ede4..4308d9c1a 100644 --- a/src/gnsrecord/Makefile.am +++ b/src/gnsrecord/Makefile.am @@ -20,6 +20,7 @@ check_PROGRAMS = \ test_gnsrecord_crypto \ test_gnsrecord_serialization \ test_gnsrecord_block_expiration \ + test_gnsrecord_testvectors \ perf_gnsrecord_crypto if ENABLE_TEST_RUN @@ -85,6 +86,14 @@ libgnunet_plugin_gnsrecord_dns_la_LDFLAGS = \ EXTRA_DIST = \ $(check_SCRIPTS) +test_gnsrecord_testvectors_SOURCES = \ + test_gnsrecord_testvectors.c +test_gnsrecord_testvectors_LDADD = \ + $(top_builddir)/src/testing/libgnunettesting.la \ + $(top_builddir)/src/identity/libgnunetidentity.la \ + libgnunetgnsrecord.la \ + $(top_builddir)/src/util/libgnunetutil.la + test_gnsrecord_serialization_SOURCES = \ test_gnsrecord_serialization.c diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index bdb995a50..9e3dea921 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c @@ -96,7 +96,12 @@ static void run_pkey (void) { struct GNUNET_GNSRECORD_Data rd[2]; - struct GNUNET_TIME_Absolute exp_abs = GNUNET_TIME_absolute_get (); + struct GNUNET_TIME_Absolute expire; + struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get (); + struct GNUNET_TIME_Absolute exp1; + struct GNUNET_TIME_Absolute exp2; + struct GNUNET_TIME_Relative delta1; + struct GNUNET_TIME_Relative delta2; struct GNUNET_GNSRECORD_Block *rrblock; char *bdata; struct GNUNET_IDENTITY_PrivateKey id_priv; @@ -110,13 +115,23 @@ run_pkey (void) uint32_t rd_count_nbo; char ztld[128]; + /* + * Make two different expiration times + */ + delta1 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, + 420); //420 years + delta2 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, + 777); //777 years + exp1 = GNUNET_TIME_absolute_add (now, delta1); + exp2 = GNUNET_TIME_absolute_add (now, delta2); + id_priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key); GNUNET_IDENTITY_key_get_public (&id_priv, &id_pub); fprintf (stdout, "Zone private key (d, big-endian):\n"); - print_bytes_ (&id_priv.ecdsa_key, sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), 8, 1); + print_bytes (&id_priv.ecdsa_key, sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), 8); fprintf (stdout, "\n"); fprintf (stdout, "Zone identifier (ztype|zkey):\n"); print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); @@ -140,20 +155,20 @@ run_pkey (void) GNUNET_DNSPARSER_TYPE_A, TEST_RECORD_A, &data, &data_size)); rd[0].data = data; rd[0].data_size = data_size; - rd[0].expiration_time = exp_abs.abs_value_us; + rd[0].expiration_time = exp1.abs_value_us; rd[0].record_type = GNUNET_DNSPARSER_TYPE_A; fprintf (stdout, "Record #0\n"); print_record (&rd[0]); rd[1].data = &pkey_data; rd[1].data_size = sizeof (struct GNUNET_IDENTITY_PublicKey); - rd[1].expiration_time = exp_abs.abs_value_us; + rd[1].expiration_time = exp2.abs_value_us; rd[1].record_type = GNUNET_GNSRECORD_TYPE_PKEY; rd[1].flags = GNUNET_GNSRECORD_RF_PRIVATE; fprintf (stdout, "Record #1\n"); print_record (&rd[1]); - rdata_size = GNUNET_GNSRECORD_records_get_size (2, + rdata_size = GNUNET_GNSRECORD_records_get_size (TEST_RRCOUNT, rd); rdata = GNUNET_malloc (rdata_size); rd_count_nbo = htonl(2); @@ -167,8 +182,9 @@ run_pkey (void) fprintf (stdout, "RDATA:\n"); print_bytes (rdata, rdata_size, 8); fprintf (stdout, "\n"); + expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, rd); rrblock = GNUNET_GNSRECORD_block_create (&id_priv, - exp_abs, + expire, TEST_RECORD_LABEL, rd, TEST_RRCOUNT); @@ -203,7 +219,12 @@ static void run_edkey (void) { struct GNUNET_GNSRECORD_Data rd[2]; - struct GNUNET_TIME_Absolute exp_abs = GNUNET_TIME_absolute_get (); + struct GNUNET_TIME_Absolute expire; + struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get (); + struct GNUNET_TIME_Absolute exp1; + struct GNUNET_TIME_Absolute exp2; + struct GNUNET_TIME_Relative delta1; + struct GNUNET_TIME_Relative delta2; struct GNUNET_GNSRECORD_Block *rrblock; char *bdata; struct GNUNET_IDENTITY_PrivateKey id_priv; @@ -217,6 +238,21 @@ run_edkey (void) uint32_t rd_count_nbo; char ztld[128]; + /* + * Make two different expiration times + */ + delta1 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, + 420); //420 years + delta2 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, + 777); //777 years + exp1 = GNUNET_TIME_absolute_add (now, delta1); + exp2 = GNUNET_TIME_absolute_add (now, delta2); + + id_priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); + GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key); + GNUNET_IDENTITY_key_get_public (&id_priv, + &id_pub); + id_priv.type = htonl (GNUNET_IDENTITY_TYPE_EDDSA); GNUNET_CRYPTO_eddsa_key_create (&id_priv.eddsa_key); GNUNET_IDENTITY_key_get_public (&id_priv, @@ -247,21 +283,23 @@ run_edkey (void) GNUNET_DNSPARSER_TYPE_A, TEST_RECORD_A, &data, &data_size)); rd[0].data = data; rd[0].data_size = data_size; - rd[0].expiration_time = exp_abs.abs_value_us; + rd[0].expiration_time = exp1.abs_value_us; rd[0].record_type = GNUNET_DNSPARSER_TYPE_A; fprintf (stdout, "Record #0\n"); print_record (&rd[0]); rd[1].data = &pkey_data; rd[1].data_size = sizeof (struct GNUNET_IDENTITY_PublicKey); - rd[1].expiration_time = exp_abs.abs_value_us; + rd[1].expiration_time = exp2.abs_value_us; rd[1].record_type = GNUNET_GNSRECORD_TYPE_EDKEY; rd[1].flags = GNUNET_GNSRECORD_RF_PRIVATE; fprintf (stdout, "Record #1\n"); print_record (&rd[1]); - rdata_size = GNUNET_GNSRECORD_records_get_size (2, + rdata_size = GNUNET_GNSRECORD_records_get_size (TEST_RRCOUNT, rd); + expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, + rd); rdata = GNUNET_malloc (sizeof (uint32_t) + rdata_size); rd_count_nbo = htonl(2); GNUNET_memcpy (rdata, @@ -275,7 +313,7 @@ run_edkey (void) print_bytes (rdata, rdata_size, 8); fprintf (stdout, "\n"); rrblock = GNUNET_GNSRECORD_block_create (&id_priv, - exp_abs, + expire, TEST_RECORD_LABEL, rd, TEST_RRCOUNT); -- cgit v1.2.3 From b1b33aa38f25b9b3182163a2fd44a60784e7dadc Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 31 Jan 2022 10:06:02 +0100 Subject: -forgot file --- src/gnsrecord/test_gnsrecord_testvectors.c | 135 +++++++++++++++++++++++++++++ 1 file changed, 135 insertions(+) create mode 100644 src/gnsrecord/test_gnsrecord_testvectors.c diff --git a/src/gnsrecord/test_gnsrecord_testvectors.c b/src/gnsrecord/test_gnsrecord_testvectors.c new file mode 100644 index 000000000..67085c089 --- /dev/null +++ b/src/gnsrecord/test_gnsrecord_testvectors.c @@ -0,0 +1,135 @@ +#include "platform.h" +#include "gnunet_util_lib.h" +#include "gnunet_signatures.h" +#include "gnunet_gns_service.h" +#include "gnunet_gnsrecord_lib.h" +#include "gnunet_dnsparser_lib.h" +#include "gnunet_testing_lib.h" +#include + + + +static char *d = +"f81e0165a9d95177" +"8e1210715f6b38a0" +"3df791ac1b75cd1e" +"dba5de4546ba565f"; + + +static char *zid = +"00010000d4d4dd1b" +"2671d5e181dc17b4" +"5d7e511d5de03a1f" +"bdcf2e8791cfd4e5" +"d11b6c3b"; + +#define RRCOUNT 2 +#define LABEL "test" + +#define R0_EXPIRATION 14888738786885085 +#define R0_DATA_SIZE 4 +#define R0_TYPE 1 +#define R0_FLAGS 0 +#define R0_DATA "01020304" + +/* Record #1*/ +#define R1_EXPIRATION 26147090786885085 +#define R1_DATA_SIZE 36 +#define R1_TYPE 65536 +#define R1_FLAGS 2 +#define R1_DATA \ + "00010000060aa8a60cb0f2b039fa3e2208c9d0e7def84d793a695fd8743fd1e0317a84ee" + +#define R1_RRBLOCK \ +"0001000040d538f47218b3a3559f6123fd7daf0313851d3ea99e95a24e50bd389453235009f3782627f1854d12ef4af86a2c614620b6af6f6f9666f12db4352a22a40b3903180c9b8707546be464b821960e3c908bfa135b4e5453b8c41377f6d9666901000000940000000f0034e53aa28bbddd43b26fb37089034819e6e4facf3036b270d761bbaddd9f44d2293dc25fc3bc405092786138215dc1c5a988b741892c5d191687acbedfa21d3baee4325c176742ec8f29c576a8ed684d28934ab671b47e44424fd453476071b9412b6b77da4cb9c24b9da6de79e74b6e44fee012091edd2ea441dc1b0ce3c608a4438ec2abaec699c0d006" + +int parsehex(char *src, char *dst, size_t dstlen, int invert) +{ + char *line = src; + char *data = line; + int off; + int read_byte; + int data_len = 0; + + while (sscanf(data, " %02x%n", &read_byte, &off) == 1) { + if (invert) + dst[dstlen - 1 - data_len++] = read_byte; + else + dst[data_len++] = read_byte; + data += off; + } + return data_len; +} + +void +res_checker (void *cls, + unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd) +{ + int r0_found = 0; + int r1_found = 0; + char r0_data[R0_DATA_SIZE]; + char r1_data[R1_DATA_SIZE]; + parsehex(R0_DATA, (char*)r0_data, 0, 0); + parsehex(R1_DATA, (char*)r1_data, 0, 0); + GNUNET_assert (rd_count == RRCOUNT); + for (int i = 0; i < RRCOUNT; i++) + { + if (rd[i].record_type == R0_TYPE) + { + if (0 != memcmp (rd[i].data, r0_data, R0_DATA_SIZE)) + { + printf ("R0 Data mismatch\n"); + continue; + } + if (rd[i].expiration_time != R0_EXPIRATION) + { + printf ("R0 expiration mismatch\n"); + continue; + } + r0_found = 1; + } + if (rd[i].record_type == R1_TYPE) + { + if (0 != memcmp (rd[i].data, r1_data, R1_DATA_SIZE)) + { + printf ("R1 Data mismatch\n"); + continue; + } + if (rd[i].expiration_time != R1_EXPIRATION) + { + printf ("R1 expiration mismatch\n"); + continue; + } + + r1_found = 1; + } + + } + GNUNET_assert (r0_found); + GNUNET_assert (r1_found); +} + + +int +main() +{ + struct GNUNET_IDENTITY_PrivateKey priv; + struct GNUNET_IDENTITY_PublicKey pub; + struct GNUNET_IDENTITY_PublicKey pub_parsed; + struct GNUNET_GNSRECORD_Block *rrblock; + char *bdata; + + parsehex(d,(char*)&priv.ecdsa_key, sizeof (priv.ecdsa_key), 0); + priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); + parsehex(zid,(char*)&pub_parsed, 0, 0); + GNUNET_IDENTITY_key_get_public(&priv, &pub); + GNUNET_assert (0 == memcmp (&pub, &pub_parsed, sizeof (pub))); + rrblock = GNUNET_malloc (strlen (R1_RRBLOCK) / 2); + parsehex(R1_RRBLOCK, (char*)rrblock, 0, 0); + GNUNET_GNSRECORD_block_decrypt (rrblock, + &pub_parsed, + LABEL, + &res_checker, + NULL); + return 0; +} -- cgit v1.2.3 From b3c486bfa32ed6d0c62c0cbbb6f0ce8489271f6e Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 31 Jan 2022 11:10:53 +0100 Subject: -output IVs and Ks for symmetric encryption GNS --- contrib/gana | 2 +- po/POTFILES.in | 2 + src/gnsrecord/gnsrecord_crypto.c | 252 ++++++++++++++++------------------- src/gnsrecord/gnunet-gnsrecord-tvg.c | 60 +++++++-- 4 files changed, 165 insertions(+), 151 deletions(-) diff --git a/contrib/gana b/contrib/gana index c12314df0..3a71278a2 160000 --- a/contrib/gana +++ b/contrib/gana @@ -1 +1 @@ -Subproject commit c12314df0f82e192c6829a9c6cf3e9663b586da1 +Subproject commit 3a71278a2aab67f9a1888af172b507d6e08364cf diff --git a/po/POTFILES.in b/po/POTFILES.in index ffa06a484..ad5c68056 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -183,6 +183,7 @@ src/gnsrecord/gnsrecord_serialization.c src/gnsrecord/gnunet-gnsrecord-tvg.c src/gnsrecord/json_gnsrecord.c src/gnsrecord/plugin_gnsrecord_dns.c +src/gnsrecord/test.c src/hello/address.c src/hello/gnunet-hello.c src/hello/hello-ng.c @@ -314,6 +315,7 @@ src/reclaim/plugin_rest_reclaim.c src/reclaim/reclaim_api.c src/reclaim/reclaim_attribute.c src/reclaim/reclaim_credential.c +src/reclaim/test.c src/regex/gnunet-daemon-regexprofiler.c src/regex/gnunet-regex-profiler.c src/regex/gnunet-regex-simulation-profiler.c diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index fe7db88b9..58feaee74 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c @@ -25,15 +25,7 @@ * @author Matthias Wachs * @author Christian Grothoff */ -#include "platform.h" -#include "gnunet_util_lib.h" -#include "gnunet_constants.h" -#include "gnunet_signatures.h" -#include "gnunet_arm_service.h" -#include "gnunet_gnsrecord_lib.h" -#include "gnunet_dnsparser_lib.h" -#include "gnunet_tun_lib.h" - +#include "gnsrecord_crypto.h" #define LOG(kind, ...) GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__) @@ -104,7 +96,7 @@ eddsa_symmetric_decrypt ( return GNUNET_SYSERR; if (0 != crypto_secretbox_open_detached (result, block, // Ciphertext - ((unsigned char*)block) + ctlen, // TAG + ((unsigned char*) block) + ctlen, // TAG ctlen, nonce, key)) { @@ -131,20 +123,12 @@ eddsa_symmetric_encrypt ( } -/** - * Derive session key and iv from label and public key. - * - * @param iv initialization vector to initialize - * @param skey session key to initialize - * @param label label to use for KDF - * @param pub public key to use for KDF - */ -static void -derive_block_aes_key (unsigned char *ctr, - unsigned char *key, - const char *label, - uint64_t exp, - const struct GNUNET_CRYPTO_EcdsaPublicKey *pub) +void +GNR_derive_block_aes_key (unsigned char *ctr, + unsigned char *key, + const char *label, + uint64_t exp, + const struct GNUNET_CRYPTO_EcdsaPublicKey *pub) { static const char ctx_key[] = "gns-aes-ctx-key"; static const char ctx_iv[] = "gns-aes-ctx-iv"; @@ -168,20 +152,12 @@ derive_block_aes_key (unsigned char *ctr, } -/** - * Derive session key and iv from label and public key. - * - * @param nonce initialization vector to initialize - * @param skey session key to initialize - * @param label label to use for KDF - * @param pub public key to use for KDF - */ -static void -derive_block_xsalsa_key (unsigned char *nonce, - unsigned char *key, - const char *label, - uint64_t exp, - const struct GNUNET_CRYPTO_EddsaPublicKey *pub) +void +GNR_derive_block_xsalsa_key (unsigned char *nonce, + unsigned char *key, + const char *label, + uint64_t exp, + const struct GNUNET_CRYPTO_EddsaPublicKey *pub) { static const char ctx_key[] = "gns-aes-ctx-key"; static const char ctx_iv[] = "gns-aes-ctx-iv"; @@ -291,11 +267,11 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, "gns"); GNUNET_CRYPTO_ecdsa_key_get_public (dkey, &ecblock->derived_key); - derive_block_aes_key (ctr, - skey, - label, - ecblock->expiration_time.abs_value_us__, - pkey); + GNR_derive_block_aes_key (ctr, + skey, + label, + ecblock->expiration_time.abs_value_us__, + pkey); GNUNET_break (payload_len + sizeof(uint32_t) == ecdsa_symmetric_encrypt (payload, payload_len @@ -409,11 +385,11 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, &dkey); GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dkey, &edblock->derived_key); - derive_block_xsalsa_key (nonce, - skey, - label, - edblock->expiration_time.abs_value_us__, - pkey); + GNR_derive_block_xsalsa_key (nonce, + skey, + label, + edblock->expiration_time.abs_value_us__, + pkey); GNUNET_break (GNUNET_OK == eddsa_symmetric_encrypt (payload, payload_len @@ -456,24 +432,24 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, switch (ntohl (key->type)) { - case GNUNET_GNSRECORD_TYPE_PKEY: - res = block_create_ecdsa (&key->ecdsa_key, - &pkey.ecdsa_key, - expire, - norm_label, - rd, - rd_count); - break; - case GNUNET_GNSRECORD_TYPE_EDKEY: - res = block_create_eddsa (&key->eddsa_key, - &pkey.eddsa_key, - expire, - norm_label, - rd, - rd_count); - break; - default: - GNUNET_assert (0); + case GNUNET_GNSRECORD_TYPE_PKEY: + res = block_create_ecdsa (&key->ecdsa_key, + &pkey.ecdsa_key, + expire, + norm_label, + rd, + rd_count); + break; + case GNUNET_GNSRECORD_TYPE_EDKEY: + res = block_create_eddsa (&key->eddsa_key, + &pkey.eddsa_key, + expire, + norm_label, + rd, + rd_count); + break; + default: + GNUNET_assert (0); } GNUNET_free (norm_label); return res; @@ -576,20 +552,20 @@ GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block) { switch (ntohl (block->type)) { - case GNUNET_GNSRECORD_TYPE_PKEY: - return GNUNET_CRYPTO_ecdsa_verify_ ( - GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, - &block->ecdsa_block.purpose, - &block->ecdsa_block.signature, - &block->ecdsa_block.derived_key); - case GNUNET_GNSRECORD_TYPE_EDKEY: - return GNUNET_CRYPTO_eddsa_verify_ ( - GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, - &block->eddsa_block.purpose, - &block->eddsa_block.signature, - &block->eddsa_block.derived_key); - default: - return GNUNET_NO; + case GNUNET_GNSRECORD_TYPE_PKEY: + return GNUNET_CRYPTO_ecdsa_verify_ ( + GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, + &block->ecdsa_block.purpose, + &block->ecdsa_block.signature, + &block->ecdsa_block.derived_key); + case GNUNET_GNSRECORD_TYPE_EDKEY: + return GNUNET_CRYPTO_eddsa_verify_ ( + GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, + &block->eddsa_block.purpose, + &block->eddsa_block.signature, + &block->eddsa_block.derived_key); + default: + return GNUNET_NO; } } @@ -603,8 +579,8 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, void *proc_cls) { size_t payload_len = ntohl (block->purpose.size) - - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) - - sizeof(struct GNUNET_TIME_AbsoluteNBO); + - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) + - sizeof(struct GNUNET_TIME_AbsoluteNBO); unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH]; @@ -615,11 +591,11 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, GNUNET_break_op (0); return GNUNET_SYSERR; } - derive_block_aes_key (ctr, - key, - label, - block->expiration_time.abs_value_us__, - zone_key); + GNR_derive_block_aes_key (ctr, + key, + label, + block->expiration_time.abs_value_us__, + zone_key); { char payload[payload_len]; uint32_t rd_count; @@ -731,8 +707,8 @@ block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, void *proc_cls) { size_t payload_len = ntohl (block->purpose.size) - - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) - - sizeof(struct GNUNET_TIME_AbsoluteNBO); + - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) + - sizeof(struct GNUNET_TIME_AbsoluteNBO); unsigned char nonce[crypto_secretbox_NONCEBYTES]; unsigned char key[crypto_secretbox_KEYBYTES]; @@ -743,11 +719,11 @@ block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, GNUNET_break_op (0); return GNUNET_SYSERR; } - derive_block_xsalsa_key (nonce, - key, - label, - block->expiration_time.abs_value_us__, - zone_key); + GNR_derive_block_xsalsa_key (nonce, + key, + label, + block->expiration_time.abs_value_us__, + zone_key); { char payload[payload_len]; uint32_t rd_count; @@ -875,16 +851,18 @@ GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block, norm_label = GNUNET_GNSRECORD_string_normalize (label); switch (ntohl (zone_key->type)) { - case GNUNET_IDENTITY_TYPE_ECDSA: - res = block_decrypt_ecdsa (&block->ecdsa_block, - &zone_key->ecdsa_key, norm_label, proc, proc_cls); - break; - case GNUNET_IDENTITY_TYPE_EDDSA: - res = block_decrypt_eddsa (&block->eddsa_block, - &zone_key->eddsa_key, norm_label, proc, proc_cls); - break; - default: - return GNUNET_SYSERR; + case GNUNET_IDENTITY_TYPE_ECDSA: + res = block_decrypt_ecdsa (&block->ecdsa_block, + &zone_key->ecdsa_key, norm_label, proc, + proc_cls); + break; + case GNUNET_IDENTITY_TYPE_EDDSA: + res = block_decrypt_eddsa (&block->eddsa_block, + &zone_key->eddsa_key, norm_label, proc, + proc_cls); + break; + default: + return GNUNET_SYSERR; } GNUNET_free (norm_label); return res; @@ -910,17 +888,17 @@ GNUNET_GNSRECORD_query_from_private_key (const struct norm_label = GNUNET_GNSRECORD_string_normalize (label); switch (ntohl (zone->type)) { - case GNUNET_GNSRECORD_TYPE_PKEY: - case GNUNET_GNSRECORD_TYPE_EDKEY: - - GNUNET_IDENTITY_key_get_public (zone, - &pub); - GNUNET_GNSRECORD_query_from_public_key (&pub, - norm_label, - query); - break; - default: - GNUNET_assert (0); + case GNUNET_GNSRECORD_TYPE_PKEY: + case GNUNET_GNSRECORD_TYPE_EDKEY: + + GNUNET_IDENTITY_key_get_public (zone, + &pub); + GNUNET_GNSRECORD_query_from_public_key (&pub, + norm_label, + query); + break; + default: + GNUNET_assert (0); } GNUNET_free (norm_label); } @@ -947,28 +925,28 @@ GNUNET_GNSRECORD_query_from_public_key (const struct switch (ntohl (pub->type)) { - case GNUNET_GNSRECORD_TYPE_PKEY: - pd.type = pub->type; - GNUNET_CRYPTO_ecdsa_public_key_derive (&pub->ecdsa_key, - norm_label, - "gns", - &pd.ecdsa_key); - GNUNET_CRYPTO_hash (&pd.ecdsa_key, - sizeof (pd.ecdsa_key), - query); - break; - case GNUNET_GNSRECORD_TYPE_EDKEY: - pd.type = pub->type; - GNUNET_CRYPTO_eddsa_public_key_derive (&pub->eddsa_key, - norm_label, - "gns", - &(pd.eddsa_key)); - GNUNET_CRYPTO_hash (&pd.eddsa_key, - sizeof (pd.eddsa_key), - query); - break; - default: - GNUNET_assert (0); + case GNUNET_GNSRECORD_TYPE_PKEY: + pd.type = pub->type; + GNUNET_CRYPTO_ecdsa_public_key_derive (&pub->ecdsa_key, + norm_label, + "gns", + &pd.ecdsa_key); + GNUNET_CRYPTO_hash (&pd.ecdsa_key, + sizeof (pd.ecdsa_key), + query); + break; + case GNUNET_GNSRECORD_TYPE_EDKEY: + pd.type = pub->type; + GNUNET_CRYPTO_eddsa_public_key_derive (&pub->eddsa_key, + norm_label, + "gns", + &(pd.eddsa_key)); + GNUNET_CRYPTO_hash (&pd.eddsa_key, + sizeof (pd.eddsa_key), + query); + break; + default: + GNUNET_assert (0); } GNUNET_free (norm_label); } diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index 9e3dea921..7a78580d2 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c @@ -31,6 +31,7 @@ #include "gnunet_dnsparser_lib.h" #include "gnunet_testing_lib.h" #include +#include "gnsrecord_crypto.h" #define TEST_RECORD_LABEL "test" #define TEST_RECORD_A "1.2.3.4" @@ -38,9 +39,9 @@ static void print_bytes_ (void *buf, - size_t buf_len, - int fold, - int in_be) + size_t buf_len, + int fold, + int in_be) { int i; @@ -114,14 +115,16 @@ run_pkey (void) size_t rdata_size; uint32_t rd_count_nbo; char ztld[128]; + unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; + unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH]; /* * Make two different expiration times */ delta1 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, - 420); //420 years + 420); // 420 years delta2 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, - 777); //777 years + 777); // 777 years exp1 = GNUNET_TIME_absolute_add (now, delta1); exp2 = GNUNET_TIME_absolute_add (now, delta2); @@ -131,7 +134,8 @@ run_pkey (void) &id_pub); fprintf (stdout, "Zone private key (d, big-endian):\n"); - print_bytes (&id_priv.ecdsa_key, sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), 8); + print_bytes (&id_priv.ecdsa_key, sizeof (struct + GNUNET_CRYPTO_EcdsaPrivateKey), 8); fprintf (stdout, "\n"); fprintf (stdout, "Zone identifier (ztype|zkey):\n"); print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); @@ -171,7 +175,7 @@ run_pkey (void) rdata_size = GNUNET_GNSRECORD_records_get_size (TEST_RRCOUNT, rd); rdata = GNUNET_malloc (rdata_size); - rd_count_nbo = htonl(2); + rd_count_nbo = htonl (2); GNUNET_memcpy (rdata, &rd_count_nbo, sizeof (uint32_t)); @@ -183,6 +187,20 @@ run_pkey (void) print_bytes (rdata, rdata_size, 8); fprintf (stdout, "\n"); expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, rd); + GNR_derive_block_aes_key (ctr, + skey, + TEST_RECORD_LABEL, + GNUNET_TIME_absolute_hton ( + expire).abs_value_us__, + &id_pub.ecdsa_key); + + fprintf (stdout, "Encryption NONCE|EXPIRATION|BLOCK COUNTER:\n"); + print_bytes (ctr, sizeof (ctr), 8); + fprintf (stdout, "\n"); + fprintf (stdout, "Encryption key (K):\n"); + print_bytes (skey, sizeof (skey), 8); + + rrblock = GNUNET_GNSRECORD_block_create (&id_priv, expire, TEST_RECORD_LABEL, @@ -237,14 +255,16 @@ run_edkey (void) size_t rdata_size; uint32_t rd_count_nbo; char ztld[128]; + unsigned char nonce[crypto_secretbox_NONCEBYTES]; + unsigned char skey[crypto_secretbox_KEYBYTES]; /* * Make two different expiration times */ delta1 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, - 420); //420 years + 420); // 420 years delta2 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, - 777); //777 years + 777); // 777 years exp1 = GNUNET_TIME_absolute_add (now, delta1); exp2 = GNUNET_TIME_absolute_add (now, delta2); @@ -259,7 +279,8 @@ run_edkey (void) &id_pub); fprintf (stdout, "Zone private key (d):\n"); - print_bytes (&id_priv.eddsa_key, sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey), 8); + print_bytes (&id_priv.eddsa_key, sizeof (struct + GNUNET_CRYPTO_EddsaPrivateKey), 8); fprintf (stdout, "\n"); fprintf (stdout, "Zone identifier (ztype|zkey):\n"); print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); @@ -301,7 +322,7 @@ run_edkey (void) expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, rd); rdata = GNUNET_malloc (sizeof (uint32_t) + rdata_size); - rd_count_nbo = htonl(2); + rd_count_nbo = htonl (2); GNUNET_memcpy (rdata, &rd_count_nbo, sizeof (uint32_t)); @@ -312,6 +333,19 @@ run_edkey (void) fprintf (stdout, "RDATA:\n"); print_bytes (rdata, rdata_size, 8); fprintf (stdout, "\n"); + GNR_derive_block_xsalsa_key (nonce, + skey, + TEST_RECORD_LABEL, + GNUNET_TIME_absolute_hton ( + expire).abs_value_us__, + &id_pub.eddsa_key); + fprintf (stdout, "Encryption NONCE|EXPIRATION:\n"); + print_bytes (nonce, sizeof (nonce), 8); + fprintf (stdout, "\n"); + fprintf (stdout, "Encryption key (K):\n"); + print_bytes (skey, sizeof (skey), 8); + fprintf (stdout, "\n"); + rrblock = GNUNET_GNSRECORD_block_create (&id_priv, expire, TEST_RECORD_LABEL, @@ -350,8 +384,8 @@ run (void *cls, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *cfg) { - run_pkey(); - run_edkey(); + run_pkey (); + run_edkey (); } -- cgit v1.2.3 From 738a92c317c1e09ea3e5b5286e88ca28abdd9b8b Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 31 Jan 2022 11:14:44 +0100 Subject: -be again --- src/gnsrecord/gnunet-gnsrecord-tvg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index 7a78580d2..26a177331 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c @@ -134,8 +134,8 @@ run_pkey (void) &id_pub); fprintf (stdout, "Zone private key (d, big-endian):\n"); - print_bytes (&id_priv.ecdsa_key, sizeof (struct - GNUNET_CRYPTO_EcdsaPrivateKey), 8); + print_bytes_ (&id_priv.ecdsa_key, + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), 8, 1); fprintf (stdout, "\n"); fprintf (stdout, "Zone identifier (ztype|zkey):\n"); print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); -- cgit v1.2.3 From ada24f74b9292cb08d0c5f20280e7fb5ac205caa Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 31 Jan 2022 11:21:42 +0100 Subject: -fix testvectors --- src/gnsrecord/test_gnsrecord_testvectors.c | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/src/gnsrecord/test_gnsrecord_testvectors.c b/src/gnsrecord/test_gnsrecord_testvectors.c index 67085c089..153c56261 100644 --- a/src/gnsrecord/test_gnsrecord_testvectors.c +++ b/src/gnsrecord/test_gnsrecord_testvectors.c @@ -10,38 +10,31 @@ static char *d = -"f81e0165a9d95177" -"8e1210715f6b38a0" -"3df791ac1b75cd1e" -"dba5de4546ba565f"; +"50d7b652a4efeadff37396909785e5952171a02178c8e7d450fa907925fafd98"; static char *zid = -"00010000d4d4dd1b" -"2671d5e181dc17b4" -"5d7e511d5de03a1f" -"bdcf2e8791cfd4e5" -"d11b6c3b"; +"00010000677c477d2d93097c85b195c6f96d84ff61f5982c2c4fe02d5a11fedfb0c2901f"; #define RRCOUNT 2 #define LABEL "test" -#define R0_EXPIRATION 14888738786885085 +#define R0_EXPIRATION 14888744139323793 #define R0_DATA_SIZE 4 #define R0_TYPE 1 #define R0_FLAGS 0 #define R0_DATA "01020304" /* Record #1*/ -#define R1_EXPIRATION 26147090786885085 +#define R1_EXPIRATION 26147096139323793 #define R1_DATA_SIZE 36 #define R1_TYPE 65536 #define R1_FLAGS 2 #define R1_DATA \ - "00010000060aa8a60cb0f2b039fa3e2208c9d0e7def84d793a695fd8743fd1e0317a84ee" +"000100000e601be42eb57fb4697610cf3a3b18347b65a33f025b5b174abefb30807bfecf" #define R1_RRBLOCK \ -"0001000040d538f47218b3a3559f6123fd7daf0313851d3ea99e95a24e50bd389453235009f3782627f1854d12ef4af86a2c614620b6af6f6f9666f12db4352a22a40b3903180c9b8707546be464b821960e3c908bfa135b4e5453b8c41377f6d9666901000000940000000f0034e53aa28bbddd43b26fb37089034819e6e4facf3036b270d761bbaddd9f44d2293dc25fc3bc405092786138215dc1c5a988b741892c5d191687acbedfa21d3baee4325c176742ec8f29c576a8ed684d28934ab671b47e44424fd453476071b9412b6b77da4cb9c24b9da6de79e74b6e44fee012091edd2ea441dc1b0ce3c608a4438ec2abaec699c0d006" +"000100008e16da87203b5159c5538e9b765742e968c54af9afbc0890dc80205ad14c84e107b0c115fc0089aa38b9c7ab9cbe1d77040d282a51a2ad493f61f3495f02d8170fe473a55ec6bdf9a509ab1701ffc37ea3bb4cac4a672520986df96e67cc1a73000000940000000f0034e53be193799100e4837eb5d04f92903de4b5234e8ccac5736c9793379a59c33375fc8951aca2eb7aad067bf9af60bf26758646a17f5e5c3b6215f94079545b1c4d4f1b2ebb22c2b4dad44126817b6f001530d476401dd67ac0148554e806353da9e4298079f3e1b16942c48d90c4360c61238c40d9d52911aea52cc0037ac7160bb3cf5b2f4a722fd96b" int parsehex(char *src, char *dst, size_t dstlen, int invert) { @@ -119,7 +112,7 @@ main() struct GNUNET_GNSRECORD_Block *rrblock; char *bdata; - parsehex(d,(char*)&priv.ecdsa_key, sizeof (priv.ecdsa_key), 0); + parsehex(d,(char*)&priv.ecdsa_key, sizeof (priv.ecdsa_key), 1); priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); parsehex(zid,(char*)&pub_parsed, 0, 0); GNUNET_IDENTITY_key_get_public(&priv, &pub); -- cgit v1.2.3 From adbb9ce3f1f77d812686ef001cfa8e1d0c137fd8 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 31 Jan 2022 11:23:25 +0100 Subject: -fix --- src/gnsrecord/gnunet-gnsrecord-tvg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index 26a177331..3804ad458 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c @@ -199,7 +199,7 @@ run_pkey (void) fprintf (stdout, "\n"); fprintf (stdout, "Encryption key (K):\n"); print_bytes (skey, sizeof (skey), 8); - + fprintf (stdout, "\n"); rrblock = GNUNET_GNSRECORD_block_create (&id_priv, expire, -- cgit v1.2.3 From ff4f990b11c7da2ef082aee3be9bea3957abe8e5 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 31 Jan 2022 16:07:51 +0100 Subject: -ftbfs --- src/gnsrecord/gnsrecord_crypto.h | 67 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 src/gnsrecord/gnsrecord_crypto.h diff --git a/src/gnsrecord/gnsrecord_crypto.h b/src/gnsrecord/gnsrecord_crypto.h new file mode 100644 index 000000000..be762f1b5 --- /dev/null +++ b/src/gnsrecord/gnsrecord_crypto.h @@ -0,0 +1,67 @@ +/* + This file is part of GNUnet. + Copyright (C) 2009-2013, 2018 GNUnet e.V. + + GNUnet is free software: you can redistribute it and/or modify it + under the terms of the GNU Affero General Public License as published + by the Free Software Foundation, either version 3 of the License, + or (at your option) any later version. + + GNUnet is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . + + SPDX-License-Identifier: AGPL3.0-or-later + */ + +/** + * @file gnsrecord/gnsrecord_crypto.h + * @brief API for GNS record-related crypto + * @author Martin Schanzenbach + * @author Matthias Wachs + * @author Christian Grothoff + */ +#include "platform.h" +#include "gnunet_util_lib.h" +#include "gnunet_constants.h" +#include "gnunet_signatures.h" +#include "gnunet_arm_service.h" +#include "gnunet_gnsrecord_lib.h" +#include "gnunet_dnsparser_lib.h" +#include "gnunet_tun_lib.h" + +/** + * Derive session key and iv from label and public key. + * + * @param iv initialization vector to initialize + * @param skey session key to initialize + * @param label label to use for KDF + * @param pub public key to use for KDF + */ +void +GNR_derive_block_aes_key (unsigned char *ctr, + unsigned char *key, + const char *label, + uint64_t exp, + const struct GNUNET_CRYPTO_EcdsaPublicKey *pub); + + +/** + * Derive session key and iv from label and public key. + * + * @param nonce initialization vector to initialize + * @param skey session key to initialize + * @param label label to use for KDF + * @param pub public key to use for KDF + */ +void +GNR_derive_block_xsalsa_key (unsigned char *nonce, + unsigned char *key, + const char *label, + uint64_t exp, + const struct GNUNET_CRYPTO_EddsaPublicKey *pub); + -- cgit v1.2.3 From 5714237a181997af7ad432e3f4f46e28b7ab3610 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 31 Jan 2022 16:49:19 +0100 Subject: -include storage key in tvg --- src/gnsrecord/gnunet-gnsrecord-tvg.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index 3804ad458..1af1a2920 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c @@ -109,6 +109,7 @@ run_pkey (void) struct GNUNET_IDENTITY_PublicKey id_pub; struct GNUNET_IDENTITY_PrivateKey pkey_data_p; struct GNUNET_IDENTITY_PublicKey pkey_data; + struct GNUNET_HashCode query; void *data; size_t data_size; char *rdata; @@ -200,6 +201,12 @@ run_pkey (void) fprintf (stdout, "Encryption key (K):\n"); print_bytes (skey, sizeof (skey), 8); fprintf (stdout, "\n"); + GNUNET_GNSRECORD_query_from_public_key (&id_pub, + TEST_RECORD_LABEL, + &query); + fprintf (stdout, "Storage key (q):\n"); + print_bytes (&query, sizeof (query), 8); + fprintf (stdout, "\n"); rrblock = GNUNET_GNSRECORD_block_create (&id_priv, expire, @@ -249,6 +256,7 @@ run_edkey (void) struct GNUNET_IDENTITY_PublicKey id_pub; struct GNUNET_IDENTITY_PrivateKey pkey_data_p; struct GNUNET_IDENTITY_PublicKey pkey_data; + struct GNUNET_HashCode query; void *data; size_t data_size; char *rdata; @@ -345,6 +353,12 @@ run_edkey (void) fprintf (stdout, "Encryption key (K):\n"); print_bytes (skey, sizeof (skey), 8); fprintf (stdout, "\n"); + GNUNET_GNSRECORD_query_from_public_key (&id_pub, + TEST_RECORD_LABEL, + &query); + fprintf (stdout, "Storage key (q):\n"); + print_bytes (&query, sizeof (query), 8); + fprintf (stdout, "\n"); rrblock = GNUNET_GNSRECORD_block_create (&id_priv, expire, -- cgit v1.2.3 From 8b456153847db2e4cf51c4f924021af40bbbe68b Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 31 Jan 2022 16:53:49 +0100 Subject: -update revocation test vector --- src/revocation/gnunet-revocation-tvg.c | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/src/revocation/gnunet-revocation-tvg.c b/src/revocation/gnunet-revocation-tvg.c index cb5e31fcd..71d74ea5e 100644 --- a/src/revocation/gnunet-revocation-tvg.c +++ b/src/revocation/gnunet-revocation-tvg.c @@ -35,9 +35,10 @@ #define TEST_DIFFICULTY 5 static void -print_bytes (void *buf, +print_bytes_ (void *buf, size_t buf_len, - int fold) + int fold, + int in_be) { int i; @@ -45,11 +46,23 @@ print_bytes (void *buf, { if ((0 != i) && (0 != fold) && (i % fold == 0)) printf ("\n"); - printf ("%02x", ((unsigned char*) buf)[i]); + if (in_be) + printf ("%02x", ((unsigned char*) buf)[buf_len - 1 - i]); + else + printf ("%02x", ((unsigned char*) buf)[i]); } printf ("\n"); } +static void +print_bytes (void *buf, + size_t buf_len, + int fold) +{ + print_bytes_ (buf, buf_len, fold, 0); +} + + /** * Main function that will be run. @@ -80,8 +93,8 @@ run (void *cls, GNUNET_IDENTITY_key_get_length (&id_pub), ztld, sizeof (ztld)); - fprintf (stdout, "Zone private key (d, little-endian scalar, with ztype prepended):\n"); - print_bytes (&id_priv, sizeof(id_priv), 8); + fprintf (stdout, "Zone private key (d, big-endian scalar, with ztype prepended):\n"); + print_bytes_ (&id_priv.ecdsa_key, sizeof(id_priv.ecdsa_key), 8, 1); fprintf (stdout, "\n"); fprintf (stdout, "Zone identifier (zid):\n"); print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); -- cgit v1.2.3 From 40b1c094ccd5977ca2bb614fde19305ebde4b4a2 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 31 Jan 2022 17:47:24 +0100 Subject: -minor --- src/revocation/gnunet-revocation-tvg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/revocation/gnunet-revocation-tvg.c b/src/revocation/gnunet-revocation-tvg.c index 71d74ea5e..6e6d36fd4 100644 --- a/src/revocation/gnunet-revocation-tvg.c +++ b/src/revocation/gnunet-revocation-tvg.c @@ -96,7 +96,7 @@ run (void *cls, fprintf (stdout, "Zone private key (d, big-endian scalar, with ztype prepended):\n"); print_bytes_ (&id_priv.ecdsa_key, sizeof(id_priv.ecdsa_key), 8, 1); fprintf (stdout, "\n"); - fprintf (stdout, "Zone identifier (zid):\n"); + fprintf (stdout, "Zone identifier (ztype|zkey):\n"); print_bytes (&id_pub, GNUNET_IDENTITY_key_get_length (&id_pub), 8); fprintf (stdout, "\n"); fprintf (stdout, "Encoded zone identifier (zkl = zTLD):\n"); -- cgit v1.2.3 From d66fc0956fc3179f99db6e05137825bd1c06408a Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Mon, 31 Jan 2022 18:16:22 +0100 Subject: -fix --- src/revocation/gnunet-revocation-tvg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/revocation/gnunet-revocation-tvg.c b/src/revocation/gnunet-revocation-tvg.c index 6e6d36fd4..0838cecc4 100644 --- a/src/revocation/gnunet-revocation-tvg.c +++ b/src/revocation/gnunet-revocation-tvg.c @@ -93,7 +93,7 @@ run (void *cls, GNUNET_IDENTITY_key_get_length (&id_pub), ztld, sizeof (ztld)); - fprintf (stdout, "Zone private key (d, big-endian scalar, with ztype prepended):\n"); + fprintf (stdout, "Zone private key (d, big-endian scalar):\n"); print_bytes_ (&id_priv.ecdsa_key, sizeof(id_priv.ecdsa_key), 8, 1); fprintf (stdout, "\n"); fprintf (stdout, "Zone identifier (ztype|zkey):\n"); -- cgit v1.2.3 From 13a46a8f0136d98d52a48b642f2e0d78892d2c80 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Tue, 1 Feb 2022 11:39:22 +0100 Subject: -fix tvs --- src/gnsrecord/gnunet-gnsrecord-tvg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index 1af1a2920..96159d4b3 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c @@ -185,7 +185,7 @@ run_pkey (void) rdata_size, rdata + sizeof (uint32_t)); fprintf (stdout, "RDATA:\n"); - print_bytes (rdata, rdata_size, 8); + print_bytes (rdata, rdata_size + sizeof (uint32_t), 8); fprintf (stdout, "\n"); expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, rd); GNR_derive_block_aes_key (ctr, @@ -339,7 +339,7 @@ run_edkey (void) rdata_size, rdata + sizeof (uint32_t)); fprintf (stdout, "RDATA:\n"); - print_bytes (rdata, rdata_size, 8); + print_bytes (rdata, rdata_size + sizeof (uint32_t), 8); fprintf (stdout, "\n"); GNR_derive_block_xsalsa_key (nonce, skey, -- cgit v1.2.3 From 8e8f974d798b20e298de6583e8ad0b07ef9b0992 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Tue, 1 Feb 2022 13:05:58 +0100 Subject: -make tvs deterministic --- src/gnsrecord/gnunet-gnsrecord-tvg.c | 61 ++++++++++++++++++++++++++---------- 1 file changed, 45 insertions(+), 16 deletions(-) diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index 96159d4b3..91c6608cd 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c @@ -37,6 +37,31 @@ #define TEST_RECORD_A "1.2.3.4" #define TEST_RRCOUNT 2 +static char *d_pkey = +"50d7b652a4efeadff37396909785e5952171a02178c8e7d450fa907925fafd98"; + +static char *d_edkey = +"5af7020ee19160328832352bbc6a68a8d71a7cbe1b929969a7c66d415a0d8f65"; + +int parsehex(char *src, char *dst, size_t dstlen, int invert) +{ + char *line = src; + char *data = line; + int off; + int read_byte; + int data_len = 0; + + while (sscanf(data, " %02x%n", &read_byte, &off) == 1) { + if (invert) + dst[dstlen - 1 - data_len++] = read_byte; + else + dst[data_len++] = read_byte; + data += off; + } + return data_len; +} + + static void print_bytes_ (void *buf, size_t buf_len, @@ -122,15 +147,18 @@ run_pkey (void) /* * Make two different expiration times */ - delta1 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, - 420); // 420 years - delta2 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, - 777); // 777 years - exp1 = GNUNET_TIME_absolute_add (now, delta1); - exp2 = GNUNET_TIME_absolute_add (now, delta2); + GNUNET_STRINGS_fancy_time_to_absolute ("2048-01-23 10:51:34", + &exp1); + GNUNET_STRINGS_fancy_time_to_absolute ("3540-05-22 07:55:01", + &exp2); + id_priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key); + parsehex(d_pkey, + (char*)&id_priv.ecdsa_key, + sizeof (id_priv.ecdsa_key), 1); + GNUNET_IDENTITY_key_get_public (&id_priv, &id_pub); fprintf (stdout, @@ -165,10 +193,10 @@ run_pkey (void) fprintf (stdout, "Record #0\n"); print_record (&rd[0]); - rd[1].data = &pkey_data; + rd[1].data = "Some nick"; rd[1].data_size = sizeof (struct GNUNET_IDENTITY_PublicKey); rd[1].expiration_time = exp2.abs_value_us; - rd[1].record_type = GNUNET_GNSRECORD_TYPE_PKEY; + rd[1].record_type = GNUNET_GNSRECORD_TYPE_NICK; rd[1].flags = GNUNET_GNSRECORD_RF_PRIVATE; fprintf (stdout, "Record #1\n"); print_record (&rd[1]); @@ -269,12 +297,10 @@ run_edkey (void) /* * Make two different expiration times */ - delta1 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, - 420); // 420 years - delta2 = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, - 777); // 777 years - exp1 = GNUNET_TIME_absolute_add (now, delta1); - exp2 = GNUNET_TIME_absolute_add (now, delta2); + GNUNET_STRINGS_fancy_time_to_absolute ("%2048-01-23 10:51:34", + &exp1); + GNUNET_STRINGS_fancy_time_to_absolute ("3540-05-22 07:55:01", + &exp2); id_priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key); @@ -283,6 +309,9 @@ run_edkey (void) id_priv.type = htonl (GNUNET_IDENTITY_TYPE_EDDSA); GNUNET_CRYPTO_eddsa_key_create (&id_priv.eddsa_key); + parsehex(d_edkey, + (char*)&id_priv.eddsa_key, + sizeof (id_priv.eddsa_key), 0); GNUNET_IDENTITY_key_get_public (&id_priv, &id_pub); fprintf (stdout, @@ -317,10 +346,10 @@ run_edkey (void) fprintf (stdout, "Record #0\n"); print_record (&rd[0]); - rd[1].data = &pkey_data; + rd[1].data = "My Nick"; rd[1].data_size = sizeof (struct GNUNET_IDENTITY_PublicKey); rd[1].expiration_time = exp2.abs_value_us; - rd[1].record_type = GNUNET_GNSRECORD_TYPE_EDKEY; + rd[1].record_type = GNUNET_GNSRECORD_TYPE_NICK; rd[1].flags = GNUNET_GNSRECORD_RF_PRIVATE; fprintf (stdout, "Record #1\n"); print_record (&rd[1]); -- cgit v1.2.3 From 816bab695d6a7f4e359865e83b687d45ff66a2b1 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Tue, 1 Feb 2022 15:48:52 +0100 Subject: GNS: Fix revocation wire format --- src/identity/identity_api.c | 75 ++++++++++++++++++++++++++++++++++ src/include/gnunet_identity_service.h | 59 ++++++++++++++++++++++++++ src/revocation/gnunet-revocation-tvg.c | 23 +++++++++++ src/revocation/revocation_api.c | 20 ++++----- 4 files changed, 167 insertions(+), 10 deletions(-) diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c index 4a7a69211..471569cb3 100644 --- a/src/identity/identity_api.c +++ b/src/identity/identity_api.c @@ -1062,6 +1062,25 @@ GNUNET_IDENTITY_signature_get_length (const struct } +ssize_t +GNUNET_IDENTITY_signature_get_raw_length_by_type (uint32_t type) +{ + switch (ntohl (type)) + { + case GNUNET_IDENTITY_TYPE_ECDSA: + return sizeof (struct GNUNET_CRYPTO_EcdsaSignature); + break; + case GNUNET_IDENTITY_TYPE_EDDSA: + return sizeof (struct GNUNET_CRYPTO_EddsaSignature); + break; + default: + GNUNET_break (0); + } + return -1; +} + + + ssize_t GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *sig, @@ -1099,6 +1118,31 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct return length; } +enum GNUNET_GenericReturnValue +GNUNET_IDENTITY_sign_raw_ (const struct + GNUNET_IDENTITY_PrivateKey *priv, + const struct + GNUNET_CRYPTO_EccSignaturePurpose *purpose, + unsigned char *sig) +{ + switch (ntohl (priv->type)) + { + case GNUNET_IDENTITY_TYPE_ECDSA: + return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose, + (struct GNUNET_CRYPTO_EcdsaSignature*)sig); + break; + case GNUNET_IDENTITY_TYPE_EDDSA: + return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose, + (struct GNUNET_CRYPTO_EddsaSignature*)sig); + break; + default: + GNUNET_break (0); + } + + return GNUNET_SYSERR; +} + + enum GNUNET_GenericReturnValue GNUNET_IDENTITY_sign_ (const struct @@ -1155,6 +1199,37 @@ GNUNET_IDENTITY_signature_verify_ (uint32_t purpose, } +enum GNUNET_GenericReturnValue +GNUNET_IDENTITY_signature_verify_raw_ (uint32_t purpose, + const struct + GNUNET_CRYPTO_EccSignaturePurpose * + validate, + const unsigned char *sig, + const struct + GNUNET_IDENTITY_PublicKey *pub) +{ + switch (ntohl (pub->type)) + { + case GNUNET_IDENTITY_TYPE_ECDSA: + return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, + (struct GNUNET_CRYPTO_EcdsaSignature*)sig, + &(pub->ecdsa_key)); + break; + case GNUNET_IDENTITY_TYPE_EDDSA: + return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, + (struct GNUNET_CRYPTO_EddsaSignature*)sig, + &(pub->eddsa_key)); + break; + default: + GNUNET_break (0); + } + + return GNUNET_SYSERR; +} + + + + ssize_t GNUNET_IDENTITY_encrypt (const void *block, size_t size, diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h index b2a45577f..227c7f486 100644 --- a/src/include/gnunet_identity_service.h +++ b/src/include/gnunet_identity_service.h @@ -458,6 +458,21 @@ GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig); +/** + * Get the compacted length of a signature by type. + * Compacted means that it returns the minimum number of bytes this + * signature is long, as opposed to the union structure inside + * #GNUNET_IDENTITY_Signature. + * Useful for compact serializations. + * + * @param sig the signature. + * @return -1 on error, else the compacted length of the signature. + */ +ssize_t +GNUNET_IDENTITY_signature_get_raw_length_by_type (const uint32_t type); + + + /** * Reads a #GNUNET_IDENTITY_Signature from a compact buffer. * The buffer has to contain at least the compacted length of @@ -516,6 +531,26 @@ GNUNET_IDENTITY_sign_ (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_IDENTITY_Signature *sig); +/** + * @brief Sign a given block. + * + * The @a purpose data is the beginning of the data of which the signature is + * to be created. The `size` field in @a purpose must correctly indicate the + * number of bytes of the data structure, including its header. + * The signature payload and length depends on the key type. + * + * @param priv private key to use for the signing + * @param purpose what to sign (size, purpose) + * @param[out] sig where to write the signature + * @return #GNUNET_SYSERR on error, #GNUNET_OK on success + */ +enum GNUNET_GenericReturnValue +GNUNET_IDENTITY_sign_raw_ (const struct + GNUNET_IDENTITY_PrivateKey *priv, + const struct + GNUNET_CRYPTO_EccSignaturePurpose *purpose, + unsigned char *sig); + /** * @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey. @@ -566,6 +601,30 @@ GNUNET_IDENTITY_signature_verify_ (uint32_t purpose, const struct GNUNET_IDENTITY_PublicKey *pub); +/** + * @brief Verify a given signature. + * + * The @a validate data is the beginning of the data of which the signature + * is to be verified. The `size` field in @a validate must correctly indicate + * the number of bytes of the data structure, including its header. If @a + * purpose does not match the purpose given in @a validate (the latter must be + * in big endian), signature verification fails. + * + * @param purpose what is the purpose that the signature should have? + * @param validate block to validate (size, purpose, data) + * @param sig signature that is being validated + * @param pub public key of the signer + * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid + */ +enum GNUNET_GenericReturnValue +GNUNET_IDENTITY_signature_verify_raw_ (uint32_t purpose, + const struct + GNUNET_CRYPTO_EccSignaturePurpose * + validate, + const unsigned char *sig, + const struct + GNUNET_IDENTITY_PublicKey *pub); + /** * @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey. diff --git a/src/revocation/gnunet-revocation-tvg.c b/src/revocation/gnunet-revocation-tvg.c index 0838cecc4..f1d4b0334 100644 --- a/src/revocation/gnunet-revocation-tvg.c +++ b/src/revocation/gnunet-revocation-tvg.c @@ -34,6 +34,28 @@ #define TEST_EPOCHS 2 #define TEST_DIFFICULTY 5 +static char* d_pkey = +"6fea32c05af58bfa979553d188605fd57d8bf9cc263b78d5f7478c07b998ed70"; + +int parsehex(char *src, char *dst, size_t dstlen, int invert) +{ + char *line = src; + char *data = line; + int off; + int read_byte; + int data_len = 0; + + while (sscanf(data, " %02x%n", &read_byte, &off) == 1) { + if (invert) + dst[dstlen - 1 - data_len++] = read_byte; + else + dst[data_len++] = read_byte; + data += off; + } + return data_len; +} + + static void print_bytes_ (void *buf, size_t buf_len, @@ -87,6 +109,7 @@ run (void *cls, id_priv.type = htonl (GNUNET_IDENTITY_TYPE_ECDSA); GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key); + parsehex(d_pkey,(char*)&id_priv.ecdsa_key, sizeof (id_priv.ecdsa_key), 1); GNUNET_IDENTITY_key_get_public (&id_priv, &id_pub); GNUNET_STRINGS_data_to_string (&id_pub, diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index d5bd53e56..8f05b88fd 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c @@ -410,7 +410,7 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, const struct GNUNET_IDENTITY_PublicKey *key) { struct GNUNET_REVOCATION_SignaturePurposePS *spurp; - struct GNUNET_IDENTITY_Signature *sig; + unsigned char *sig; const struct GNUNET_IDENTITY_PublicKey *pk; size_t ksize; @@ -427,12 +427,12 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Expected signature payload len: %u\n", ntohl (spurp->purpose.size)); - sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize); + sig = ((unsigned char*) &pow[1] + ksize); if (GNUNET_OK != - GNUNET_IDENTITY_signature_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, - &spurp->purpose, - sig, - key)) + GNUNET_IDENTITY_signature_verify_raw_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, + &spurp->purpose, + sig, + key)) { return GNUNET_SYSERR; } @@ -588,9 +588,9 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, ((char*) &rp[1]), ksize); sig = ((char*) &pow[1]) + ksize; - int result = GNUNET_IDENTITY_sign_ (key, - &rp->purpose, - (void*) sig); + int result = GNUNET_IDENTITY_sign_raw_ (key, + &rp->purpose, + (void*) sig); if (result == GNUNET_SYSERR) return GNUNET_NO; else @@ -768,7 +768,7 @@ GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow) ksize = GNUNET_IDENTITY_key_get_length (pk); size += ksize; sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize); - size += GNUNET_IDENTITY_signature_get_length (sig); + size += GNUNET_IDENTITY_signature_get_raw_length_by_type (pk->type); return size; } -- cgit v1.2.3 From 4f07822ff0f5c13ff6052f531da249363d5116f8 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Tue, 1 Feb 2022 17:52:33 +0100 Subject: GNS: Fix context strings in key derivation according to LSD0001 --- src/gnsrecord/gnsrecord_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index 58feaee74..24f4c48ca 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c @@ -159,8 +159,8 @@ GNR_derive_block_xsalsa_key (unsigned char *nonce, uint64_t exp, const struct GNUNET_CRYPTO_EddsaPublicKey *pub) { - static const char ctx_key[] = "gns-aes-ctx-key"; - static const char ctx_iv[] = "gns-aes-ctx-iv"; + static const char ctx_key[] = "gns-xsalsa-ctx-key"; + static const char ctx_iv[] = "gns-xsalsa-ctx-iv"; GNUNET_CRYPTO_kdf (key, crypto_secretbox_KEYBYTES, ctx_key, strlen (ctx_key), -- cgit v1.2.3 From ad6bc2037ffee49f6df1a3ac87fa507581af2365 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Tue, 1 Feb 2022 21:10:09 +0100 Subject: - add plaintext message to revocation tvg --- src/revocation/gnunet-revocation-tvg.c | 10 ++++++++++ src/revocation/revocation.h | 8 ++++++++ src/revocation/revocation_api.c | 35 ++++++++++++++++------------------ 3 files changed, 34 insertions(+), 19 deletions(-) diff --git a/src/revocation/gnunet-revocation-tvg.c b/src/revocation/gnunet-revocation-tvg.c index f1d4b0334..3ba5b56fa 100644 --- a/src/revocation/gnunet-revocation-tvg.c +++ b/src/revocation/gnunet-revocation-tvg.c @@ -29,6 +29,7 @@ #include "gnunet_revocation_service.h" #include "gnunet_dnsparser_lib.h" #include "gnunet_testing_lib.h" +#include "revocation.h" #include #define TEST_EPOCHS 2 @@ -140,6 +141,15 @@ run (void *cls, { pow_passes++; } + struct GNUNET_REVOCATION_SignaturePurposePS *purp; + purp = REV_create_signature_message (pow); + fprintf (stdout, "Signed message:\n"); + print_bytes (purp, + ntohl (purp->purpose.size), + 8); + printf ("\n"); + GNUNET_free (purp); + exp = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_YEARS, TEST_EPOCHS); GNUNET_assert (GNUNET_OK == GNUNET_REVOCATION_check_pow (pow, diff --git a/src/revocation/revocation.h b/src/revocation/revocation.h index c3a9c9e6b..490abf180 100644 --- a/src/revocation/revocation.h +++ b/src/revocation/revocation.h @@ -113,5 +113,13 @@ struct RevocationResponseMessage GNUNET_NETWORK_STRUCT_END +/** + * Create the revocation metadata to sign for a revocation message + * + * @param pow the PoW to sign + * @return the signature purpose + */ +struct GNUNET_REVOCATION_SignaturePurposePS * +REV_create_signature_message (const struct GNUNET_REVOCATION_PowP *pow); #endif diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index 8f05b88fd..bc5dae021 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c @@ -404,19 +404,15 @@ calculate_score (const struct GNUNET_REVOCATION_PowCalculationHandle *ph) return avg; } - -enum GNUNET_GenericReturnValue -check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, - const struct GNUNET_IDENTITY_PublicKey *key) +struct GNUNET_REVOCATION_SignaturePurposePS * +REV_create_signature_message (const struct GNUNET_REVOCATION_PowP *pow) { struct GNUNET_REVOCATION_SignaturePurposePS *spurp; - unsigned char *sig; const struct GNUNET_IDENTITY_PublicKey *pk; size_t ksize; pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; ksize = GNUNET_IDENTITY_key_get_length (pk); - spurp = GNUNET_malloc (sizeof (*spurp) + ksize); spurp->timestamp = pow->timestamp; spurp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); @@ -424,9 +420,19 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, GNUNET_IDENTITY_write_key_to_buffer (pk, (char*) &spurp[1], ksize); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Expected signature payload len: %u\n", - ntohl (spurp->purpose.size)); + return spurp; +} + +enum GNUNET_GenericReturnValue +check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, + const struct GNUNET_IDENTITY_PublicKey *key) +{ + struct GNUNET_REVOCATION_SignaturePurposePS *spurp; + unsigned char *sig; + size_t ksize; + + ksize = GNUNET_IDENTITY_key_get_length (key); + spurp = REV_create_signature_message (pow); sig = ((unsigned char*) &pow[1] + ksize); if (GNUNET_OK != GNUNET_IDENTITY_signature_verify_raw_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, @@ -577,16 +583,7 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; ksize = GNUNET_IDENTITY_key_get_length (pk); pow->timestamp = GNUNET_TIME_absolute_hton (ts); - rp = GNUNET_malloc (sizeof (*rp) + ksize); - rp->timestamp = pow->timestamp; - rp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); - rp->purpose.size = htonl (sizeof(*rp) + ksize); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Signature payload len: %u\n", - ntohl (rp->purpose.size)); - GNUNET_IDENTITY_write_key_to_buffer (pk, - ((char*) &rp[1]), - ksize); + rp = REV_create_signature_message (pow); sig = ((char*) &pow[1]) + ksize; int result = GNUNET_IDENTITY_sign_raw_ (key, &rp->purpose, -- cgit v1.2.3 From 112ef3796314122465f23215233d8b7dd7a15a0b Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Thu, 3 Feb 2022 09:25:12 +0100 Subject: GNS: Rework GNS block wire format --- src/gnsrecord/gnsrecord_crypto.c | 311 ++++++++++++++++++-------------- src/gnsrecord/gnsrecord_crypto.h | 20 ++ src/gnsrecord/gnsrecord_misc.c | 19 +- src/gnsrecord/gnsrecord_serialization.c | 56 +++++- src/gnsrecord/gnunet-gnsrecord-tvg.c | 82 ++++----- src/gnsrecord/test_gnsrecord_crypto.c | 12 +- src/include/gnunet_gnsrecord_lib.h | 76 +++++--- 7 files changed, 337 insertions(+), 239 deletions(-) diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index 24f4c48ca..890ddb011 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c @@ -95,8 +95,8 @@ eddsa_symmetric_decrypt ( if (ctlen < 0) return GNUNET_SYSERR; if (0 != crypto_secretbox_open_detached (result, - block, // Ciphertext - ((unsigned char*) block) + ctlen, // TAG + ((unsigned char*) block) + crypto_secretbox_MACBYTES, // Ciphertext + block, // Tag ctlen, nonce, key)) { @@ -116,8 +116,8 @@ eddsa_symmetric_encrypt ( { if (size > crypto_secretbox_MESSAGEBYTES_MAX) return GNUNET_SYSERR; - crypto_secretbox_detached (result, // Ciphertext - result + size, // TAG + crypto_secretbox_detached (result + crypto_secretbox_MACBYTES, // Ciphertext + result, // TAG block, size, nonce, key); return GNUNET_OK; } @@ -180,6 +180,20 @@ GNR_derive_block_xsalsa_key (unsigned char *nonce, } +static ssize_t +block_get_size_ecdsa (const struct GNUNET_GNSRECORD_Data *rd, + unsigned int rd_count) +{ + ssize_t len; + + len = GNUNET_GNSRECORD_records_get_size (rd_count, rd); + if (len < 0) + return -1; + len += sizeof(struct GNUNET_GNSRECORD_Block); + return len; +} + + /** * Sign name and records * @@ -189,20 +203,22 @@ GNR_derive_block_xsalsa_key (unsigned char *nonce, * @param label the name for the records * @param rd record data * @param rd_count number of records - * @return NULL on error (block too large) + * @param block the block result. Must be allocated sufficiently. + * @return GNUNET_SYSERR on error (otherwise GNUNET_OK) */ -static struct GNUNET_GNSRECORD_Block * +static enum GNUNET_GenericReturnValue block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, - unsigned int rd_count) + unsigned int rd_count, + struct GNUNET_GNSRECORD_Block **block) { ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, rd); - struct GNUNET_GNSRECORD_Block *block; struct GNUNET_GNSRECORD_EcdsaBlock *ecblock; + struct GNRBlockPS *gnr_block; struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH]; @@ -213,12 +229,12 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, if (payload_len < 0) { GNUNET_break (0); - return NULL; + return GNUNET_SYSERR; } if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) { GNUNET_break (0); - return NULL; + return GNUNET_SYSERR; } /* convert relative to absolute times */ now = GNUNET_TIME_absolute_get (); @@ -236,31 +252,25 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, } } /* serialize */ + *block = GNUNET_malloc (sizeof (struct GNUNET_GNSRECORD_Block) + payload_len); + (*block)->size = htonl(sizeof (struct GNUNET_GNSRECORD_Block) + payload_len); rd_count_nbo = htonl (rd_count); { - char payload[sizeof(uint32_t) + payload_len]; + char payload[payload_len]; - GNUNET_memcpy (payload, - &rd_count_nbo, - sizeof(uint32_t)); GNUNET_assert (payload_len == GNUNET_GNSRECORD_records_serialize (rd_count, rdc, payload_len, - &payload[sizeof(uint32_t) - ])); - block = GNUNET_malloc (sizeof(struct GNUNET_GNSRECORD_Block) - + sizeof(uint32_t) - + payload_len); - ecblock = &block->ecdsa_block; - block->type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); - ecblock->purpose.size = htonl (sizeof(uint32_t) - + payload_len - + sizeof(struct - GNUNET_CRYPTO_EccSignaturePurpose) - + sizeof(struct GNUNET_TIME_AbsoluteNBO)); - ecblock->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); - ecblock->expiration_time = GNUNET_TIME_absolute_hton (expire); + payload)); + gnr_block = GNUNET_malloc (sizeof (struct GNRBlockPS) + payload_len); + ecblock = &(*block)->ecdsa_block; + (*block)->type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); + gnr_block->purpose.size = htonl (sizeof(struct GNRBlockPS) + payload_len); + gnr_block->purpose.purpose = + htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); + gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); + ecblock->expiration_time = gnr_block->expiration_time; /* encrypt and sign */ dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, label, @@ -272,26 +282,40 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, label, ecblock->expiration_time.abs_value_us__, pkey); - GNUNET_break (payload_len + sizeof(uint32_t) == + GNUNET_break (payload_len == ecdsa_symmetric_encrypt (payload, - payload_len - + sizeof(uint32_t), + payload_len, skey, ctr, &ecblock[1])); + GNUNET_memcpy (&gnr_block[1], &ecblock[1], payload_len); } if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_sign_ (dkey, - &ecblock->purpose, + &gnr_block->purpose, &ecblock->signature)) { GNUNET_break (0); + GNUNET_free (*block); GNUNET_free (dkey); - GNUNET_free (block); - return NULL; + return GNUNET_SYSERR; } GNUNET_free (dkey); - return block; + return GNUNET_OK; +} + +static ssize_t +block_get_size_eddsa (const struct GNUNET_GNSRECORD_Data *rd, + unsigned int rd_count) +{ + ssize_t len; + + len = GNUNET_GNSRECORD_records_get_size (rd_count, rd); + if (len < 0) + return -1; + len += sizeof(struct GNUNET_GNSRECORD_Block); + len += crypto_secretbox_MACBYTES; + return len; } @@ -304,20 +328,22 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, * @param label the name for the records * @param rd record data * @param rd_count number of records - * @return NULL on error (block too large) + * @param block where to store the block. Must be allocated sufficiently. + * @return GNUNET_SYSERR on error (otherwise GNUNET_OK) */ -static struct GNUNET_GNSRECORD_Block * +enum GNUNET_GenericReturnValue block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, - unsigned int rd_count) + unsigned int rd_count, + struct GNUNET_GNSRECORD_Block **block) { ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count, rd); - struct GNUNET_GNSRECORD_Block *block; struct GNUNET_GNSRECORD_EddsaBlock *edblock; + struct GNRBlockPS *gnr_block; struct GNUNET_CRYPTO_EddsaPrivateScalar dkey; unsigned char nonce[crypto_secretbox_NONCEBYTES]; unsigned char skey[crypto_secretbox_KEYBYTES]; @@ -328,12 +354,12 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, if (payload_len < 0) { GNUNET_break (0); - return NULL; + return GNUNET_SYSERR; } if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE) { GNUNET_break (0); - return NULL; + return GNUNET_SYSERR; } /* convert relative to absolute times */ now = GNUNET_TIME_absolute_get (); @@ -351,33 +377,32 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, } } /* serialize */ + *block = GNUNET_malloc (sizeof (struct GNUNET_GNSRECORD_Block) + + payload_len + crypto_secretbox_MACBYTES); + (*block)->size = htonl(sizeof (struct GNUNET_GNSRECORD_Block) + + payload_len + crypto_secretbox_MACBYTES); rd_count_nbo = htonl (rd_count); { - char payload[sizeof(uint32_t) + payload_len]; + char payload[payload_len]; - GNUNET_memcpy (payload, - &rd_count_nbo, - sizeof(uint32_t)); GNUNET_assert (payload_len == GNUNET_GNSRECORD_records_serialize (rd_count, rdc, payload_len, - &payload[sizeof(uint32_t) - ])); - block = GNUNET_malloc (sizeof(struct GNUNET_GNSRECORD_Block) - + sizeof(uint32_t) - + payload_len - + crypto_secretbox_MACBYTES); - edblock = &block->eddsa_block; - block->type = htonl (GNUNET_GNSRECORD_TYPE_EDKEY); - edblock->purpose.size = htonl (sizeof(uint32_t) - + payload_len - + sizeof(struct - GNUNET_CRYPTO_EccSignaturePurpose) - + sizeof(struct GNUNET_TIME_AbsoluteNBO) - + crypto_secretbox_MACBYTES); - edblock->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); - edblock->expiration_time = GNUNET_TIME_absolute_hton (expire); + payload)); + gnr_block = GNUNET_malloc (sizeof (struct GNRBlockPS) + + payload_len + + crypto_secretbox_MACBYTES); + edblock = &(*block)->eddsa_block; + (*block)->type = htonl (GNUNET_GNSRECORD_TYPE_EDKEY); + gnr_block->purpose.size = + htonl (sizeof(struct GNRBlockPS) + + payload_len + + crypto_secretbox_MACBYTES); + gnr_block->purpose.purpose = + htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); + gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); + edblock->expiration_time = gnr_block->expiration_time; /* encrypt and sign */ GNUNET_CRYPTO_eddsa_private_key_derive (key, label, @@ -392,38 +417,56 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, pkey); GNUNET_break (GNUNET_OK == eddsa_symmetric_encrypt (payload, - payload_len - + sizeof(uint32_t), + payload_len, skey, nonce, &edblock[1])); + GNUNET_memcpy (&gnr_block[1], &edblock[1], + payload_len + crypto_secretbox_MACBYTES); + + GNUNET_CRYPTO_eddsa_sign_with_scalar (&dkey, + &gnr_block->purpose, + &edblock->signature); } - GNUNET_CRYPTO_eddsa_sign_with_scalar (&dkey, - &edblock->purpose, - &edblock->signature); - return block; + return GNUNET_OK; } +ssize_t +GNUNET_GNSRECORD_block_calculate_size (const struct + GNUNET_IDENTITY_PrivateKey *key, + const struct GNUNET_GNSRECORD_Data *rd, + unsigned int rd_count) +{ + struct GNUNET_IDENTITY_PublicKey pkey; + ssize_t res; -/** - * Sign name and records - * - * @param key the private key - * @param expire block expiration - * @param label the name for the records - * @param rd record data - * @param rd_count number of records - * @return NULL on error (block too large) - */ -struct GNUNET_GNSRECORD_Block * + GNUNET_IDENTITY_key_get_public (key, + &pkey); + switch (ntohl (key->type)) + { + case GNUNET_GNSRECORD_TYPE_PKEY: + res = block_get_size_ecdsa (rd, rd_count); + break; + case GNUNET_GNSRECORD_TYPE_EDKEY: + res = block_get_size_eddsa (rd, rd_count); + break; + default: + GNUNET_assert (0); + } + return -1; + +} + +enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, - unsigned int rd_count) + unsigned int rd_count, + struct GNUNET_GNSRECORD_Block **result) { struct GNUNET_IDENTITY_PublicKey pkey; - struct GNUNET_GNSRECORD_Block *res = NULL; + enum GNUNET_GenericReturnValue res = GNUNET_SYSERR; char *norm_label; GNUNET_IDENTITY_key_get_public (key, @@ -438,7 +481,8 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, expire, norm_label, rd, - rd_count); + rd_count, + result); break; case GNUNET_GNSRECORD_TYPE_EDKEY: res = block_create_eddsa (&key->eddsa_key, @@ -446,7 +490,8 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, expire, norm_label, rd, - rd_count); + rd_count, + result); break; default: GNUNET_assert (0); @@ -473,28 +518,17 @@ struct KeyCacheLine }; -/** - * Sign name and records, cache derived public key (also keeps the - * private key in static memory, so do not use this function if - * keeping the private key in the process'es RAM is a major issue). - * - * @param key the private key - * @param expire block expiration - * @param label the name for the records - * @param rd record data - * @param rd_count number of records - * @return NULL on error (block too large) - */ -struct GNUNET_GNSRECORD_Block * +enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, - unsigned int rd_count) + unsigned int rd_count, + struct GNUNET_GNSRECORD_Block **result) { const struct GNUNET_CRYPTO_EcdsaPrivateKey *key; struct GNUNET_CRYPTO_EddsaPublicKey edpubkey; - struct GNUNET_GNSRECORD_Block *res = NULL; + enum GNUNET_GenericReturnValue res = GNUNET_SYSERR; char *norm_label; norm_label = GNUNET_GNSRECORD_string_normalize (label); @@ -522,7 +556,8 @@ GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, expire, norm_label, rd, - rd_count); + rd_count, + result); } else if (GNUNET_IDENTITY_TYPE_EDDSA == ntohl (pkey->type)) { @@ -533,7 +568,8 @@ GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, expire, norm_label, rd, - rd_count); + rd_count, + result); } GNUNET_free (norm_label); return res; @@ -550,41 +586,55 @@ GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block) { + struct GNRBlockPS *purp; + size_t payload_len = ntohl (block->size) + - sizeof (struct GNUNET_GNSRECORD_Block); + enum GNUNET_GenericReturnValue res = GNUNET_NO; + purp = GNUNET_malloc (sizeof (struct GNRBlockPS) + payload_len); + purp->purpose.size = htonl (sizeof (struct GNRBlockPS) + payload_len); + purp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN); + GNUNET_memcpy (&purp[1], &block[1], payload_len); + switch (ntohl (block->type)) { case GNUNET_GNSRECORD_TYPE_PKEY: - return GNUNET_CRYPTO_ecdsa_verify_ ( + purp->expiration_time = block->ecdsa_block.expiration_time; + res = GNUNET_CRYPTO_ecdsa_verify_ ( GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, - &block->ecdsa_block.purpose, + &purp->purpose, &block->ecdsa_block.signature, &block->ecdsa_block.derived_key); + break; case GNUNET_GNSRECORD_TYPE_EDKEY: - return GNUNET_CRYPTO_eddsa_verify_ ( + purp->expiration_time = block->eddsa_block.expiration_time; + res = GNUNET_CRYPTO_eddsa_verify_ ( GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, - &block->eddsa_block.purpose, + &purp->purpose, &block->eddsa_block.signature, &block->eddsa_block.derived_key); + break; default: - return GNUNET_NO; + res = GNUNET_NO; } + GNUNET_free (purp); + return res; } enum GNUNET_GenericReturnValue -block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, +block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_EcdsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls) { - size_t payload_len = ntohl (block->purpose.size) - - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) - - sizeof(struct GNUNET_TIME_AbsoluteNBO); + size_t payload_len = ntohl (block->size) - sizeof (struct + GNUNET_GNSRECORD_Block); unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH]; - if (ntohl (block->purpose.size) < + if (ntohl (block->size) < sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) + sizeof(struct GNUNET_TIME_AbsoluteNBO)) { @@ -594,20 +644,18 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, GNR_derive_block_aes_key (ctr, key, label, - block->expiration_time.abs_value_us__, + block->ecdsa_block.expiration_time.abs_value_us__, zone_key); { char payload[payload_len]; - uint32_t rd_count; + unsigned int rd_count; GNUNET_break (payload_len == ecdsa_symmetric_decrypt (&block[1], payload_len, key, ctr, payload)); - GNUNET_memcpy (&rd_count, - payload, - sizeof(uint32_t)); - rd_count = ntohl (rd_count); + rd_count = GNUNET_GNSRECORD_records_deserialize_get_size (payload_len, + payload); if (rd_count > 2048) { /* limit to sane value */ @@ -620,8 +668,8 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, struct GNUNET_TIME_Absolute now; if (GNUNET_OK != - GNUNET_GNSRECORD_records_deserialize (payload_len - sizeof(uint32_t), - &payload[sizeof(uint32_t)], + GNUNET_GNSRECORD_records_deserialize (payload_len, + payload, rd_count, rd)) { @@ -699,20 +747,20 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, enum GNUNET_GenericReturnValue -block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, +block_decrypt_eddsa (const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_EddsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls) { - size_t payload_len = ntohl (block->purpose.size) - - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) - - sizeof(struct GNUNET_TIME_AbsoluteNBO); + const struct GNUNET_GNSRECORD_EddsaBlock *edblock = &block->eddsa_block; + size_t payload_len = ntohl (block->size) - sizeof (struct + GNUNET_GNSRECORD_Block); unsigned char nonce[crypto_secretbox_NONCEBYTES]; unsigned char key[crypto_secretbox_KEYBYTES]; - if (ntohl (block->purpose.size) < + if (ntohl (block->size) < sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) + sizeof(struct GNUNET_TIME_AbsoluteNBO)) { @@ -722,20 +770,19 @@ block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, GNR_derive_block_xsalsa_key (nonce, key, label, - block->expiration_time.abs_value_us__, + block->eddsa_block.expiration_time.abs_value_us__, zone_key); { char payload[payload_len]; - uint32_t rd_count; + unsigned int rd_count; GNUNET_break (GNUNET_OK == eddsa_symmetric_decrypt (&block[1], payload_len, key, nonce, payload)); - GNUNET_memcpy (&rd_count, - payload, - sizeof(uint32_t)); - rd_count = ntohl (rd_count); + payload_len -= crypto_secretbox_MACBYTES; + rd_count = GNUNET_GNSRECORD_records_deserialize_get_size (payload_len, + payload); if (rd_count > 2048) { /* limit to sane value */ @@ -748,8 +795,8 @@ block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, struct GNUNET_TIME_Absolute now; if (GNUNET_OK != - GNUNET_GNSRECORD_records_deserialize (payload_len - sizeof(uint32_t), - &payload[sizeof(uint32_t)], + GNUNET_GNSRECORD_records_deserialize (payload_len, + payload, rd_count, rd)) { @@ -852,12 +899,12 @@ GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block, switch (ntohl (zone_key->type)) { case GNUNET_IDENTITY_TYPE_ECDSA: - res = block_decrypt_ecdsa (&block->ecdsa_block, + res = block_decrypt_ecdsa (block, &zone_key->ecdsa_key, norm_label, proc, proc_cls); break; case GNUNET_IDENTITY_TYPE_EDDSA: - res = block_decrypt_eddsa (&block->eddsa_block, + res = block_decrypt_eddsa (block, &zone_key->eddsa_key, norm_label, proc, proc_cls); break; diff --git a/src/gnsrecord/gnsrecord_crypto.h b/src/gnsrecord/gnsrecord_crypto.h index be762f1b5..79a7e6fb9 100644 --- a/src/gnsrecord/gnsrecord_crypto.h +++ b/src/gnsrecord/gnsrecord_crypto.h @@ -34,6 +34,26 @@ #include "gnunet_dnsparser_lib.h" #include "gnunet_tun_lib.h" +/** + * Information we have in an encrypted block with record data (i.e. in the DHT). + */ +struct GNRBlockPS +{ + /** + * Number of bytes signed; also specifies the number of bytes + * of encrypted data that follow. + */ + struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + + /** + * Expiration time of the block. + */ + struct GNUNET_TIME_AbsoluteNBO expiration_time; + + /* followed by encrypted data */ +}; + + /** * Derive session key and iv from label and public key. * diff --git a/src/gnsrecord/gnsrecord_misc.c b/src/gnsrecord/gnsrecord_misc.c index c6f07ccd0..61604c730 100644 --- a/src/gnsrecord/gnsrecord_misc.c +++ b/src/gnsrecord/gnsrecord_misc.c @@ -334,24 +334,7 @@ GNUNET_GNSRECORD_is_zonekey_type (uint32_t type) size_t GNUNET_GNSRECORD_block_get_size (const struct GNUNET_GNSRECORD_Block *block) { - switch (ntohl (block->type)) - { - case GNUNET_GNSRECORD_TYPE_PKEY: - return sizeof (uint32_t) /* zone type */ - + sizeof (block->ecdsa_block) /* EcdsaBlock */ - + ntohl (block->ecdsa_block.purpose.size) /* Length of signed data */ - - sizeof (block->ecdsa_block.purpose); /* Purpose already in EcdsaBlock */ - break; - case GNUNET_GNSRECORD_TYPE_EDKEY: - return sizeof (uint32_t) /* zone type */ - + sizeof (block->eddsa_block) /* EddsaBlock */ - + ntohl (block->eddsa_block.purpose.size) /* Length of signed data */ - - sizeof (block->ecdsa_block.purpose); /* Purpose already in EcdsaBlock */ - - default: - return 0; - } - return 0; + return ntohl (block->size); } diff --git a/src/gnsrecord/gnsrecord_serialization.c b/src/gnsrecord/gnsrecord_serialization.c index cb6957605..eaa3a9ab2 100644 --- a/src/gnsrecord/gnsrecord_serialization.c +++ b/src/gnsrecord/gnsrecord_serialization.c @@ -60,17 +60,18 @@ struct NetworkRecord /** * Number of bytes in 'data', network byte order. */ - uint32_t data_size GNUNET_PACKED; + uint16_t data_size GNUNET_PACKED; /** - * Type of the GNS/DNS record, network byte order. + * Flags for the record, network byte order. */ - uint32_t record_type GNUNET_PACKED; + uint16_t flags GNUNET_PACKED; /** - * Flags for the record, network byte order. + * Type of the GNS/DNS record, network byte order. */ - uint32_t flags GNUNET_PACKED; + uint32_t record_type GNUNET_PACKED; + }; GNUNET_NETWORK_STRUCT_END @@ -169,9 +170,9 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count, rd[i].flags, (unsigned long long) rd[i].expiration_time); rec.expiration_time = GNUNET_htonll (rd[i].expiration_time); - rec.data_size = htonl ((uint32_t) rd[i].data_size); + rec.data_size = htons ((uint16_t) rd[i].data_size); rec.record_type = htonl (rd[i].record_type); - rec.flags = htonl (rd[i].flags); + rec.flags = htons (rd[i].flags); if ((off + sizeof(rec) > dest_size) || (off + sizeof(rec) < off)) { @@ -214,13 +215,48 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count, return dest_size; } +unsigned int +GNUNET_GNSRECORD_records_deserialize_get_size (size_t len, + const char *src) +{ + struct NetworkRecord rec; + struct NetworkRecord rec_zero; + size_t off; + unsigned int rd_count = 0; + + memset (&rec_zero, 0, sizeof (rec_zero)); + + off = 0; + for (off = 0; (off + sizeof(rec) <= len) && (off + sizeof(rec) >= off);) + { + /* + * If we have found a byte string of zeroes, we have reached + * the padding + */ + if (0 == GNUNET_memcmp (&rec, &rec_zero)) + break; + GNUNET_memcpy (&rec, + &src[off], + sizeof(rec)); + off += sizeof(rec); + if ((off + ntohs ((uint16_t) rec.data_size) > len) || + (off + ntohs ((uint16_t) rec.data_size) < off)) + { + GNUNET_break_op (0); + return 0; + } + off += ntohs ((uint16_t) rec.data_size); + rd_count++; + } + return rd_count; +} /** * Deserialize the given records to the given destination. * * @param len size of the serialized record data * @param src the serialized record data - * @param rd_count number of records in the rd array + * @param rd_count number of records parsed * @param dest where to put the data * @return #GNUNET_OK on success, #GNUNET_SYSERR on error */ @@ -246,9 +282,9 @@ GNUNET_GNSRECORD_records_deserialize (size_t len, &src[off], sizeof(rec)); dest[i].expiration_time = GNUNET_ntohll (rec.expiration_time); - dest[i].data_size = ntohl ((uint32_t) rec.data_size); + dest[i].data_size = ntohs ((uint16_t) rec.data_size); dest[i].record_type = ntohl (rec.record_type); - dest[i].flags = ntohl (rec.flags); + dest[i].flags = ntohs (rec.flags); off += sizeof(rec); if ((off + dest[i].data_size > len) || (off + dest[i].data_size < off)) diff --git a/src/gnsrecord/gnunet-gnsrecord-tvg.c b/src/gnsrecord/gnunet-gnsrecord-tvg.c index 91c6608cd..f9b83e48b 100644 --- a/src/gnsrecord/gnunet-gnsrecord-tvg.c +++ b/src/gnsrecord/gnunet-gnsrecord-tvg.c @@ -38,12 +38,12 @@ #define TEST_RRCOUNT 2 static char *d_pkey = -"50d7b652a4efeadff37396909785e5952171a02178c8e7d450fa907925fafd98"; + "50d7b652a4efeadff37396909785e5952171a02178c8e7d450fa907925fafd98"; static char *d_edkey = -"5af7020ee19160328832352bbc6a68a8d71a7cbe1b929969a7c66d415a0d8f65"; + "5af7020ee19160328832352bbc6a68a8d71a7cbe1b929969a7c66d415a0d8f65"; -int parsehex(char *src, char *dst, size_t dstlen, int invert) +int parsehex (char *src, char *dst, size_t dstlen, int invert) { char *line = src; char *data = line; @@ -51,7 +51,8 @@ int parsehex(char *src, char *dst, size_t dstlen, int invert) int read_byte; int data_len = 0; - while (sscanf(data, " %02x%n", &read_byte, &off) == 1) { + while (sscanf (data, " %02x%n", &read_byte, &off) == 1) + { if (invert) dst[dstlen - 1 - data_len++] = read_byte; else @@ -155,9 +156,9 @@ run_pkey (void) id_priv.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key); - parsehex(d_pkey, - (char*)&id_priv.ecdsa_key, - sizeof (id_priv.ecdsa_key), 1); + parsehex (d_pkey, + (char*) &id_priv.ecdsa_key, + sizeof (id_priv.ecdsa_key), 1); GNUNET_IDENTITY_key_get_public (&id_priv, &id_pub); @@ -204,16 +205,12 @@ run_pkey (void) rdata_size = GNUNET_GNSRECORD_records_get_size (TEST_RRCOUNT, rd); rdata = GNUNET_malloc (rdata_size); - rd_count_nbo = htonl (2); - GNUNET_memcpy (rdata, - &rd_count_nbo, - sizeof (uint32_t)); GNUNET_GNSRECORD_records_serialize (2, rd, rdata_size, - rdata + sizeof (uint32_t)); + rdata); fprintf (stdout, "RDATA:\n"); - print_bytes (rdata, rdata_size + sizeof (uint32_t), 8); + print_bytes (rdata, rdata_size, 8); fprintf (stdout, "\n"); expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, rd); GNR_derive_block_aes_key (ctr, @@ -235,26 +232,20 @@ run_pkey (void) fprintf (stdout, "Storage key (q):\n"); print_bytes (&query, sizeof (query), 8); fprintf (stdout, "\n"); - - rrblock = GNUNET_GNSRECORD_block_create (&id_priv, - expire, - TEST_RECORD_LABEL, - rd, - TEST_RRCOUNT); - size_t bdata_size = ntohl (rrblock->ecdsa_block.purpose.size) - - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) - - sizeof(struct GNUNET_TIME_AbsoluteNBO); - size_t ecblock_size = ntohl (rrblock->ecdsa_block.purpose.size) - + sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) - + sizeof(struct GNUNET_CRYPTO_EcdsaSignature); - size_t block_size = ecblock_size + sizeof (uint32_t); + GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (&id_priv, + expire, + TEST_RECORD_LABEL, + rd, + TEST_RRCOUNT, + &rrblock)); + size_t bdata_size = ntohl(rrblock->size) - sizeof (struct GNUNET_GNSRECORD_Block); bdata = (char*) &(&rrblock->ecdsa_block)[1]; fprintf (stdout, "BDATA:\n"); print_bytes (bdata, bdata_size, 8); fprintf (stdout, "\n"); fprintf (stdout, "RRBLOCK:\n"); - print_bytes (rrblock, block_size, 8); + print_bytes (rrblock, ntohl(rrblock->size), 8); fprintf (stdout, "\n"); GNUNET_free (rdata); } @@ -309,9 +300,9 @@ run_edkey (void) id_priv.type = htonl (GNUNET_IDENTITY_TYPE_EDDSA); GNUNET_CRYPTO_eddsa_key_create (&id_priv.eddsa_key); - parsehex(d_edkey, - (char*)&id_priv.eddsa_key, - sizeof (id_priv.eddsa_key), 0); + parsehex (d_edkey, + (char*) &id_priv.eddsa_key, + sizeof (id_priv.eddsa_key), 0); GNUNET_IDENTITY_key_get_public (&id_priv, &id_pub); fprintf (stdout, @@ -358,17 +349,13 @@ run_edkey (void) rd); expire = GNUNET_GNSRECORD_record_get_expiration_time (TEST_RRCOUNT, rd); - rdata = GNUNET_malloc (sizeof (uint32_t) + rdata_size); - rd_count_nbo = htonl (2); - GNUNET_memcpy (rdata, - &rd_count_nbo, - sizeof (uint32_t)); + rdata = GNUNET_malloc (rdata_size); GNUNET_GNSRECORD_records_serialize (2, rd, rdata_size, - rdata + sizeof (uint32_t)); + rdata); fprintf (stdout, "RDATA:\n"); - print_bytes (rdata, rdata_size + sizeof (uint32_t), 8); + print_bytes (rdata, rdata_size, 8); fprintf (stdout, "\n"); GNR_derive_block_xsalsa_key (nonce, skey, @@ -389,25 +376,20 @@ run_edkey (void) print_bytes (&query, sizeof (query), 8); fprintf (stdout, "\n"); - rrblock = GNUNET_GNSRECORD_block_create (&id_priv, - expire, - TEST_RECORD_LABEL, - rd, - TEST_RRCOUNT); - size_t bdata_size = ntohl (rrblock->eddsa_block.purpose.size) - - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) - - sizeof(struct GNUNET_TIME_AbsoluteNBO); - size_t ecblock_size = ntohl (rrblock->eddsa_block.purpose.size) - + sizeof(struct GNUNET_CRYPTO_EddsaPublicKey) - + sizeof(struct GNUNET_CRYPTO_EddsaSignature); - size_t block_size = ecblock_size + sizeof (uint32_t); + GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (&id_priv, + expire, + TEST_RECORD_LABEL, + rd, + TEST_RRCOUNT, + &rrblock)); + size_t bdata_size = ntohl(rrblock->size) - sizeof (struct GNUNET_GNSRECORD_Block); bdata = (char*) &(&rrblock->eddsa_block)[1]; fprintf (stdout, "BDATA:\n"); print_bytes (bdata, bdata_size, 8); fprintf (stdout, "\n"); fprintf (stdout, "RRBLOCK:\n"); - print_bytes (rrblock, block_size, 8); + print_bytes (rrblock, ntohl(rrblock->size), 8); fprintf (stdout, "\n"); GNUNET_free (rdata); } diff --git a/src/gnsrecord/test_gnsrecord_crypto.c b/src/gnsrecord/test_gnsrecord_crypto.c index 9e5a1aa7e..ee14fa904 100644 --- a/src/gnsrecord/test_gnsrecord_crypto.c +++ b/src/gnsrecord/test_gnsrecord_crypto.c @@ -123,12 +123,12 @@ test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey) s_rd = create_record (RECORDS); /* Create block */ - GNUNET_assert (NULL != (block = - GNUNET_GNSRECORD_block_create (privkey, - expire, - s_name, - s_rd, - RECORDS))); + GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (privkey, + expire, + s_name, + s_rd, + RECORDS, + &block)); GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_query_from_block (block, &query_block)); diff --git a/src/include/gnunet_gnsrecord_lib.h b/src/include/gnunet_gnsrecord_lib.h index 94e20323d..fdbac3cf5 100644 --- a/src/include/gnunet_gnsrecord_lib.h +++ b/src/include/gnunet_gnsrecord_lib.h @@ -61,6 +61,7 @@ extern "C" { /** * Flags that can be set for a record. + * MUST fit into 16 bit. */ enum GNUNET_GNSRECORD_Flags { @@ -70,10 +71,17 @@ enum GNUNET_GNSRECORD_Flags GNUNET_GNSRECORD_RF_NONE = 0, /** - * This is a private record of this peer and it should - * thus not be handed out to other peers. + * This record is critical. If it cannot be processed + * (for example beacuse the record type is unknown) + * resolution MUST fail */ - GNUNET_GNSRECORD_RF_PRIVATE = 2, + GNUNET_GNSRECORD_RF_CRITICAL = 1, + + /** + * This record should not be used unless all (other) records with an absolute + * expiration time have expired. + */ + GNUNET_GNSRECORD_RF_SHADOW_RECORD = 2, /** * This is a supplemental record. @@ -84,13 +92,14 @@ enum GNUNET_GNSRECORD_Flags * This expiration time of the record is a relative * time (not an absolute time). */ - GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION = 8, + GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION = 16384, /* 2^14 */ /** - * This record should not be used unless all (other) records with an absolute - * expiration time have expired. + * This is a private record of this peer and it should + * thus not be handed out to other peers. */ - GNUNET_GNSRECORD_RF_SHADOW_RECORD = 16 + GNUNET_GNSRECORD_RF_PRIVATE = 32768, /* 2^15 */ + /** * When comparing flags for record equality for removal, @@ -183,12 +192,6 @@ struct GNUNET_GNSRECORD_EcdsaBlock */ struct GNUNET_CRYPTO_EcdsaSignature signature; - /** - * Number of bytes signed; also specifies the number of bytes - * of encrypted data that follow. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - /** * Expiration time of the block. */ @@ -213,23 +216,26 @@ struct GNUNET_GNSRECORD_EddsaBlock */ struct GNUNET_CRYPTO_EddsaSignature signature; - /** - * Number of bytes signed; also specifies the number of bytes - * of encrypted data that follow. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - /** * Expiration time of the block. */ struct GNUNET_TIME_AbsoluteNBO expiration_time; + /* followed by encrypted data */ }; struct GNUNET_GNSRECORD_Block { + /** + * Size of the block. + */ + uint32_t size; + + /** + * The zone type (GNUNET_GNSRECORD_TYPE_PKEY) + */ uint32_t type; union @@ -387,6 +393,9 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd, size_t dest_size, char *dest); +unsigned int +GNUNET_GNSRECORD_records_deserialize_get_size (size_t len, + const char *src); /** * Deserialize the given records to the given destination. @@ -502,6 +511,21 @@ GNUNET_GNSRECORD_query_from_public_key ( struct GNUNET_HashCode *query); +/** + * Get size of buffer for block creation. + * + * @param key the zone key + * @param rd record data + * @param rd_count number of records + * @return -1 on error (otherwise the length of the block) + */ +ssize_t +GNUNET_GNSRECORD_block_calculate_size (const struct + GNUNET_IDENTITY_PrivateKey *key, + const struct GNUNET_GNSRECORD_Data *rd, + unsigned int rd_count); + + /** * Sign name and records * @@ -510,13 +534,16 @@ GNUNET_GNSRECORD_query_from_public_key ( * @param label the name for the records * @param rd record data * @param rd_count number of records in @a rd + * @param result the block buffer. Will be allocated. + * @return GNUNET_OK on success */ -struct GNUNET_GNSRECORD_Block * +enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, - unsigned int rd_count); + unsigned int rd_count, + struct GNUNET_GNSRECORD_Block **block); /** @@ -529,13 +556,16 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, * @param label the name for the records * @param rd record data * @param rd_count number of records in @a rd + * @param result the block buffer. Will be allocated. + * @return GNUNET_OK on success. */ -struct GNUNET_GNSRECORD_Block * +enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, - unsigned int rd_count); + unsigned int rd_count, + struct GNUNET_GNSRECORD_Block **result); /** -- cgit v1.2.3 From 650d46465cb97229c6fc8f171b082fc3cb2003aa Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Thu, 3 Feb 2022 09:34:26 +0100 Subject: -ftbfs --- src/namestore/gnunet-service-namestore.c | 10 ++++++---- src/zonemaster/gnunet-service-zonemaster-monitor.c | 22 ++++++++++++---------- src/zonemaster/gnunet-service-zonemaster.c | 10 ++++++---- 3 files changed, 24 insertions(+), 18 deletions(-) diff --git a/src/namestore/gnunet-service-namestore.c b/src/namestore/gnunet-service-namestore.c index cf1b555a5..9b2d9b6f3 100644 --- a/src/namestore/gnunet-service-namestore.c +++ b/src/namestore/gnunet-service-namestore.c @@ -950,11 +950,13 @@ refresh_block (struct NamestoreClient *nc, } exp_time = GNUNET_GNSRECORD_record_get_expiration_time (res_count, res); if (cache_keys) - block = - GNUNET_GNSRECORD_block_create2 (zone_key, exp_time, name, res, res_count); + GNUNET_assert (GNUNET_OK == + GNUNET_GNSRECORD_block_create2 (zone_key, exp_time, name, + res, res_count, &block)); else - block = - GNUNET_GNSRECORD_block_create (zone_key, exp_time, name, res, res_count); + GNUNET_assert (GNUNET_OK == + GNUNET_GNSRECORD_block_create (zone_key, exp_time, name, + res, res_count, &block)); GNUNET_assert (NULL != block); GNUNET_IDENTITY_key_get_public (zone_key, &pkey); GNUNET_log ( diff --git a/src/zonemaster/gnunet-service-zonemaster-monitor.c b/src/zonemaster/gnunet-service-zonemaster-monitor.c index 7e8c1fb8b..3392a19d7 100644 --- a/src/zonemaster/gnunet-service-zonemaster-monitor.c +++ b/src/zonemaster/gnunet-service-zonemaster-monitor.c @@ -255,17 +255,19 @@ perform_dht_put (const struct GNUNET_IDENTITY_PrivateKey *key, expire = GNUNET_GNSRECORD_record_get_expiration_time (rd_public_count, rd_public); if (cache_keys) - block = GNUNET_GNSRECORD_block_create2 (key, - expire, - label, - rd_public, - rd_public_count); + GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create2 (key, + expire, + label, + rd_public, + rd_public_count, + &block)); else - block = GNUNET_GNSRECORD_block_create (key, - expire, - label, - rd_public, - rd_public_count); + GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (key, + expire, + label, + rd_public, + rd_public_count, + &block)); if (NULL == block) { GNUNET_break (0); diff --git a/src/zonemaster/gnunet-service-zonemaster.c b/src/zonemaster/gnunet-service-zonemaster.c index 2957cfee2..bacafb97c 100644 --- a/src/zonemaster/gnunet-service-zonemaster.c +++ b/src/zonemaster/gnunet-service-zonemaster.c @@ -594,17 +594,19 @@ perform_dht_put (const struct GNUNET_IDENTITY_PrivateKey *key, expire = GNUNET_GNSRECORD_record_get_expiration_time (rd_public_count, rd_public); if (cache_keys) - block = GNUNET_GNSRECORD_block_create2 (key, + GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create2 (key, expire, label, rd_public, - rd_public_count); + rd_public_count, + &block)); else - block = GNUNET_GNSRECORD_block_create (key, + GNUNET_assert (GNUNET_OK == GNUNET_GNSRECORD_block_create (key, expire, label, rd_public, - rd_public_count); + rd_public_count, + &block)); if (NULL == block) { GNUNET_break (0); -- cgit v1.2.3