From 5306c3356854b535fe09654b270f06615bf94e94 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Tue, 10 Nov 2020 09:01:17 +0900 Subject: -fix signatures in revocation --- po/POTFILES.in | 102 ++++++++--------- src/identity/identity_api.c | 190 ++++++++++++++++++-------------- src/include/gnunet_identity_service.h | 89 ++++++++------- src/include/gnunet_revocation_service.h | 7 +- src/revocation/revocation_api.c | 57 +++++----- 5 files changed, 238 insertions(+), 207 deletions(-) diff --git a/po/POTFILES.in b/po/POTFILES.in index 1f577e139..35bd71771 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -10,21 +10,13 @@ src/arm/arm_monitor_api.c src/arm/gnunet-arm.c src/arm/gnunet-service-arm.c src/arm/mockup-service.c -src/ats-tests/ats-testing-experiment.c -src/ats-tests/ats-testing-log.c -src/ats-tests/ats-testing-preferences.c -src/ats-tests/ats-testing-traffic.c -src/ats-tests/ats-testing.c -src/ats-tests/gnunet-ats-sim.c -src/ats-tests/gnunet-solver-eval.c -src/ats-tool/gnunet-ats.c src/ats/ats_api_connectivity.c src/ats/ats_api_performance.c src/ats/ats_api_scanner.c src/ats/ats_api_scheduling.c src/ats/gnunet-ats-solver-eval.c -src/ats/gnunet-service-ats.c src/ats/gnunet-service-ats_addresses.c +src/ats/gnunet-service-ats.c src/ats/gnunet-service-ats_connectivity.c src/ats/gnunet-service-ats_normalization.c src/ats/gnunet-service-ats_performance.c @@ -33,6 +25,14 @@ src/ats/gnunet-service-ats_preferences.c src/ats/gnunet-service-ats_reservations.c src/ats/gnunet-service-ats_scheduling.c src/ats/plugin_ats_proportional.c +src/ats-tests/ats-testing.c +src/ats-tests/ats-testing-experiment.c +src/ats-tests/ats-testing-log.c +src/ats-tests/ats-testing-preferences.c +src/ats-tests/ats-testing-traffic.c +src/ats-tests/gnunet-ats-sim.c +src/ats-tests/gnunet-solver-eval.c +src/ats-tool/gnunet-ats.c src/auction/gnunet-auction-create.c src/auction/gnunet-auction-info.c src/auction/gnunet-auction-join.c @@ -50,8 +50,8 @@ src/cadet/cadet_api_list_peers.c src/cadet/cadet_api_list_tunnels.c src/cadet/cadet_test_lib.c src/cadet/desirability_table.c -src/cadet/gnunet-cadet-profiler.c src/cadet/gnunet-cadet.c +src/cadet/gnunet-cadet-profiler.c src/cadet/gnunet-service-cadet.c src/cadet/gnunet-service-cadet_channel.c src/cadet/gnunet-service-cadet_connection.c @@ -67,15 +67,15 @@ src/consensus/gnunet-service-consensus.c src/consensus/plugin_block_consensus.c src/conversation/conversation_api.c src/conversation/conversation_api_call.c -src/conversation/gnunet-conversation-test.c src/conversation/gnunet-conversation.c -src/conversation/gnunet-helper-audio-playback-gst.c +src/conversation/gnunet-conversation-test.c +src/conversation/gnunet_gst.c +src/conversation/gnunet_gst_test.c src/conversation/gnunet-helper-audio-playback.c -src/conversation/gnunet-helper-audio-record-gst.c +src/conversation/gnunet-helper-audio-playback-gst.c src/conversation/gnunet-helper-audio-record.c +src/conversation/gnunet-helper-audio-record-gst.c src/conversation/gnunet-service-conversation.c -src/conversation/gnunet_gst.c -src/conversation/gnunet_gst_test.c src/conversation/microphone.c src/conversation/plugin_gnsrecord_conversation.c src/conversation/speaker.c @@ -105,6 +105,7 @@ src/dht/dht_api.c src/dht/dht_test_lib.c src/dht/gnunet-dht-get.c src/dht/gnunet-dht-monitor.c +src/dht/gnunet_dht_profiler.c src/dht/gnunet-dht-put.c src/dht/gnunet-service-dht.c src/dht/gnunet-service-dht_clients.c @@ -113,7 +114,6 @@ src/dht/gnunet-service-dht_hello.c src/dht/gnunet-service-dht_neighbours.c src/dht/gnunet-service-dht_nse.c src/dht/gnunet-service-dht_routing.c -src/dht/gnunet_dht_profiler.c src/dht/plugin_block_dht.c src/dns/dns_api.c src/dns/gnunet-dns-monitor.c @@ -148,8 +148,8 @@ src/fs/gnunet-auto-share.c src/fs/gnunet-daemon-fsprofiler.c src/fs/gnunet-directory.c src/fs/gnunet-download.c -src/fs/gnunet-fs-profiler.c src/fs/gnunet-fs.c +src/fs/gnunet-fs-profiler.c src/fs/gnunet-helper-fs-publish.c src/fs/gnunet-publish.c src/fs/gnunet-search.c @@ -169,9 +169,9 @@ src/gns/gns_tld_api.c src/gns/gnunet-bcd.c src/gns/gnunet-dns2gns.c src/gns/gnunet-gns-benchmark.c +src/gns/gnunet-gns.c src/gns/gnunet-gns-import.c src/gns/gnunet-gns-proxy.c -src/gns/gnunet-gns.c src/gns/gnunet-service-gns.c src/gns/gnunet-service-gns_interceptor.c src/gns/gnunet-service-gns_resolver.c @@ -189,8 +189,8 @@ src/gnsrecord/json_gnsrecord.c src/gnsrecord/plugin_gnsrecord_dns.c src/hello/address.c src/hello/gnunet-hello.c -src/hello/hello-ng.c src/hello/hello.c +src/hello/hello-ng.c src/hostlist/gnunet-daemon-hostlist.c src/hostlist/gnunet-daemon-hostlist_client.c src/hostlist/gnunet-daemon-hostlist_server.c @@ -214,8 +214,8 @@ src/namecache/namecache_api.c src/namecache/plugin_namecache_flat.c src/namecache/plugin_namecache_postgres.c src/namecache/plugin_namecache_sqlite.c -src/namestore/gnunet-namestore-fcfsd.c src/namestore/gnunet-namestore.c +src/namestore/gnunet-namestore-fcfsd.c src/namestore/gnunet-service-namestore.c src/namestore/gnunet-zoneimport.c src/namestore/namestore_api.c @@ -241,17 +241,17 @@ src/nat/gnunet-service-nat_mini.c src/nat/gnunet-service-nat_stun.c src/nat/nat_api.c src/nat/nat_api_stun.c -src/nse/gnunet-nse-profiler.c src/nse/gnunet-nse.c +src/nse/gnunet-nse-profiler.c src/nse/gnunet-service-nse.c src/nse/nse_api.c src/nt/nt.c -src/peerinfo-tool/gnunet-peerinfo.c -src/peerinfo-tool/gnunet-peerinfo_plugins.c -src/peerinfo-tool/plugin_rest_peerinfo.c src/peerinfo/gnunet-service-peerinfo.c src/peerinfo/peerinfo_api.c src/peerinfo/peerinfo_api_notify.c +src/peerinfo-tool/gnunet-peerinfo.c +src/peerinfo-tool/gnunet-peerinfo_plugins.c +src/peerinfo-tool/plugin_rest_peerinfo.c src/peerstore/gnunet-peerstore.c src/peerstore/gnunet-service-peerstore.c src/peerstore/peerstore_api.c @@ -297,27 +297,27 @@ src/rest/gnunet-rest-server.c src/rest/plugin_rest_config.c src/rest/plugin_rest_copying.c src/rest/rest.c -src/revocation/gnunet-revocation-tvg.c src/revocation/gnunet-revocation.c +src/revocation/gnunet-revocation-tvg.c src/revocation/gnunet-service-revocation.c src/revocation/plugin_block_revocation.c src/revocation/revocation_api.c -src/rps/gnunet-rps-profiler.c src/rps/gnunet-rps.c +src/rps/gnunet-rps-profiler.c src/rps/gnunet-service-rps.c src/rps/gnunet-service-rps_custommap.c src/rps/gnunet-service-rps_sampler.c src/rps/gnunet-service-rps_sampler_elem.c src/rps/gnunet-service-rps_view.c +src/rps/rps_api.c src/rps/rps-sampler_client.c src/rps/rps-sampler_common.c src/rps/rps-test_util.c -src/rps/rps_api.c src/scalarproduct/gnunet-scalarproduct.c -src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c -src/scalarproduct/gnunet-service-scalarproduct-ecc_bob.c src/scalarproduct/gnunet-service-scalarproduct_alice.c src/scalarproduct/gnunet-service-scalarproduct_bob.c +src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c +src/scalarproduct/gnunet-service-scalarproduct-ecc_bob.c src/scalarproduct/scalarproduct_api.c src/secretsharing/gnunet-secretsharing-profiler.c src/secretsharing/gnunet-service-secretsharing.c @@ -331,12 +331,12 @@ src/set/gnunet-set-ibf-profiler.c src/set/gnunet-set-profiler.c src/set/ibf.c src/set/ibf_sim.c -src/set/plugin_block_set_test.c -src/set/set_api.c src/seti/gnunet-service-seti.c src/seti/gnunet-seti-profiler.c src/seti/plugin_block_seti_test.c src/seti/seti_api.c +src/set/plugin_block_set_test.c +src/set/set_api.c src/setu/gnunet-service-setu.c src/setu/gnunet-service-setu_strata_estimator.c src/setu/gnunet-setu-ibf-profiler.c @@ -355,16 +355,15 @@ src/statistics/gnunet-statistics.c src/statistics/statistics_api.c src/template/gnunet-service-template.c src/template/gnunet-template.c -src/testbed-logger/gnunet-service-testbed-logger.c -src/testbed-logger/testbed_logger_api.c src/testbed/generate-underlay-topology.c src/testbed/gnunet-daemon-latency-logger.c src/testbed/gnunet-daemon-testbed-blacklist.c src/testbed/gnunet-daemon-testbed-underlay.c src/testbed/gnunet-helper-testbed.c +src/testbed/gnunet_mpi_test.c src/testbed/gnunet-service-test-barriers.c -src/testbed/gnunet-service-testbed.c src/testbed/gnunet-service-testbed_barriers.c +src/testbed/gnunet-service-testbed.c src/testbed/gnunet-service-testbed_cache.c src/testbed/gnunet-service-testbed_connectionpool.c src/testbed/gnunet-service-testbed_cpustatus.c @@ -372,19 +371,20 @@ src/testbed/gnunet-service-testbed_links.c src/testbed/gnunet-service-testbed_meminfo.c src/testbed/gnunet-service-testbed_oc.c src/testbed/gnunet-service-testbed_peers.c -src/testbed/gnunet-testbed-profiler.c -src/testbed/gnunet_mpi_test.c src/testbed/gnunet_testbed_mpi_spawn.c -src/testbed/testbed_api.c +src/testbed/gnunet-testbed-profiler.c +src/testbed-logger/gnunet-service-testbed-logger.c +src/testbed-logger/testbed_logger_api.c src/testbed/testbed_api_barriers.c +src/testbed/testbed_api.c src/testbed/testbed_api_hosts.c src/testbed/testbed_api_operations.c src/testbed/testbed_api_peers.c src/testbed/testbed_api_sd.c src/testbed/testbed_api_services.c src/testbed/testbed_api_statistics.c -src/testbed/testbed_api_test.c src/testbed/testbed_api_testbed.c +src/testbed/testbed_api_test.c src/testbed/testbed_api_topology.c src/testbed/testbed_api_underlay.c src/testing/gnunet-testing.c @@ -396,40 +396,34 @@ src/transport/gnunet-communicator-tcp.c src/transport/gnunet-communicator-udp.c src/transport/gnunet-communicator-unix.c src/transport/gnunet-helper-transport-bluetooth.c -src/transport/gnunet-helper-transport-wlan-dummy.c src/transport/gnunet-helper-transport-wlan.c +src/transport/gnunet-helper-transport-wlan-dummy.c src/transport/gnunet-service-tng.c -src/transport/gnunet-service-transport.c src/transport/gnunet-service-transport_ats.c +src/transport/gnunet-service-transport.c src/transport/gnunet-service-transport_hello.c src/transport/gnunet-service-transport_manipulation.c src/transport/gnunet-service-transport_neighbours.c src/transport/gnunet-service-transport_plugins.c src/transport/gnunet-service-transport_validation.c +src/transport/gnunet-transport.c src/transport/gnunet-transport-profiler.c src/transport/gnunet-transport-wlan-receiver.c src/transport/gnunet-transport-wlan-sender.c -src/transport/gnunet-transport.c src/transport/plugin_transport_http_client.c src/transport/plugin_transport_http_common.c src/transport/plugin_transport_http_server.c src/transport/plugin_transport_smtp.c src/transport/plugin_transport_tcp.c src/transport/plugin_transport_template.c -src/transport/plugin_transport_udp.c src/transport/plugin_transport_udp_broadcasting.c +src/transport/plugin_transport_udp.c src/transport/plugin_transport_unix.c src/transport/plugin_transport_wlan.c src/transport/tcp_connection_legacy.c src/transport/tcp_server_legacy.c src/transport/tcp_server_mst_legacy.c src/transport/tcp_service_legacy.c -src/transport/transport-testing-filenames.c -src/transport/transport-testing-loggers.c -src/transport/transport-testing-main.c -src/transport/transport-testing-send.c -src/transport/transport-testing.c -src/transport/transport-testing2.c src/transport/transport_api2_application.c src/transport/transport_api2_communication.c src/transport/transport_api2_core.c @@ -442,6 +436,12 @@ src/transport/transport_api_manipulation.c src/transport/transport_api_monitor_peers.c src/transport/transport_api_monitor_plugins.c src/transport/transport_api_offer_hello.c +src/transport/transport-testing2.c +src/transport/transport-testing.c +src/transport/transport-testing-filenames.c +src/transport/transport-testing-loggers.c +src/transport/transport-testing-main.c +src/transport/transport-testing-send.c src/util/bandwidth.c src/util/benchmark.c src/util/bio.c @@ -456,8 +456,8 @@ src/util/consttime_memcmp.c src/util/container_bloomfilter.c src/util/container_heap.c src/util/container_meta_data.c -src/util/container_multihashmap.c src/util/container_multihashmap32.c +src/util/container_multihashmap.c src/util/container_multipeermap.c src/util/container_multishortmap.c src/util/container_multiuuidmap.c @@ -481,8 +481,8 @@ src/util/dnsparser.c src/util/dnsstub.c src/util/getopt.c src/util/getopt_helpers.c -src/util/gnunet-config-diff.c src/util/gnunet-config.c +src/util/gnunet-config-diff.c src/util/gnunet-crypto-tvg.c src/util/gnunet-ecc.c src/util/gnunet-qr.c @@ -520,8 +520,8 @@ src/vpn/gnunet-helper-vpn.c src/vpn/gnunet-service-vpn.c src/vpn/gnunet-vpn.c src/vpn/vpn_api.c -src/zonemaster/gnunet-service-zonemaster-monitor.c src/zonemaster/gnunet-service-zonemaster.c +src/zonemaster/gnunet-service-zonemaster-monitor.c src/fs/fs_api.h src/include/gnunet_identity_service.h src/testbed/testbed_api.h diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c index 6f7c5d860..f40472240 100644 --- a/src/identity/identity_api.c +++ b/src/identity/identity_api.c @@ -953,6 +953,7 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h) GNUNET_free (h); } + ssize_t private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) { @@ -971,7 +972,6 @@ private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) } - ssize_t GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) { @@ -992,106 +992,116 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) ssize_t GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, - const void* buffer, - size_t len) + const void*buffer, + size_t len) { if (len < sizeof (key->type)) return -1; - GNUNET_memcpy(&(key->type), buffer, sizeof (key->type)); - const ssize_t length = GNUNET_IDENTITY_key_get_length(key); + GNUNET_memcpy (&(key->type), buffer, sizeof (key->type)); + const ssize_t length = GNUNET_IDENTITY_key_get_length (key); if (len < length) - return -1; + return -1; if (length < 0) return -2; - GNUNET_memcpy(&(key->ecdsa_key), buffer + sizeof (key->type), length - sizeof (key->type)); + GNUNET_memcpy (&(key->ecdsa_key), buffer + sizeof (key->type), length + - sizeof (key->type)); return length; } ssize_t -GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key, - void* buffer, - size_t len) +GNUNET_IDENTITY_write_key_to_buffer (const struct + GNUNET_IDENTITY_PublicKey *key, + void*buffer, + size_t len) { - const ssize_t length = GNUNET_IDENTITY_key_get_length(key); + const ssize_t length = GNUNET_IDENTITY_key_get_length (key); if (len < length) - return -1; + return -1; if (length < 0) - return -2; - GNUNET_memcpy(buffer, &(key->type), sizeof (key->type)); - GNUNET_memcpy(buffer + sizeof (key->type), &(key->ecdsa_key), length - sizeof (key->type)); + return -2; + GNUNET_memcpy (buffer, key, length); return length; } ssize_t -GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig) +GNUNET_IDENTITY_signature_get_length (const struct + GNUNET_IDENTITY_Signature *sig) { switch (ntohl (sig->type)) { case GNUNET_IDENTITY_TYPE_ECDSA: - return sizeof (sig->type) + sizeof (sig->ecdsa_signature); - break; + return sizeof (sig->type) + sizeof (sig->ecdsa_signature); + break; case GNUNET_IDENTITY_TYPE_EDDSA: - return sizeof (sig->type) + sizeof (sig->eddsa_signature); - break; + return sizeof (sig->type) + sizeof (sig->eddsa_signature); + break; default: - GNUNET_break (0); + GNUNET_break (0); } return -1; } ssize_t -GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *sig, - const void* buffer, - size_t len) +GNUNET_IDENTITY_read_signature_from_buffer (struct + GNUNET_IDENTITY_Signature *sig, + const void*buffer, + size_t len) { if (len < sizeof (sig->type)) - return -1; - GNUNET_memcpy(&(sig->type), buffer, sizeof (sig->type)); - const ssize_t length = GNUNET_IDENTITY_signature_get_length(sig); + return -1; + GNUNET_memcpy (&(sig->type), buffer, sizeof (sig->type)); + const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); if (len < length) - return -1; + return -1; if (length < 0) - return -2; - GNUNET_memcpy(&(sig->ecdsa_signature), buffer + sizeof (sig->type), length - sizeof (sig->type)); + return -2; + GNUNET_memcpy (&(sig->ecdsa_signature), buffer + sizeof (sig->type), length + - sizeof (sig->type)); return length; } ssize_t -GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signature *sig, - void* buffer, - size_t len) +GNUNET_IDENTITY_write_signature_to_buffer (const struct + GNUNET_IDENTITY_Signature *sig, + void*buffer, + size_t len) { - const ssize_t length = GNUNET_IDENTITY_signature_get_length(sig); + const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); if (len < length) - return -1; + return -1; if (length < 0) - return -2; - GNUNET_memcpy(buffer, &(sig->type), sizeof (sig->type)); - GNUNET_memcpy(buffer + sizeof (sig->type), &(sig->ecdsa_signature), length - sizeof (sig->type)); + return -2; + GNUNET_memcpy (buffer, &(sig->type), sizeof (sig->type)); + GNUNET_memcpy (buffer + sizeof (sig->type), &(sig->ecdsa_signature), length + - sizeof (sig->type)); return length; } int -GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv, - const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, - struct GNUNET_IDENTITY_Signature *sig) +GNUNET_IDENTITY_private_key_sign_ (const struct + GNUNET_IDENTITY_PrivateKey *priv, + const struct + GNUNET_CRYPTO_EccSignaturePurpose *purpose, + struct GNUNET_IDENTITY_Signature *sig) { sig->type = priv->type; switch (ntohl (priv->type)) { case GNUNET_IDENTITY_TYPE_ECDSA: - return GNUNET_CRYPTO_ecdsa_sign_ (& (priv->ecdsa_key), purpose, & (sig->ecdsa_signature)); - break; + return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose, + &(sig->ecdsa_signature)); + break; case GNUNET_IDENTITY_TYPE_EDDSA: - return GNUNET_CRYPTO_eddsa_sign_ (& (priv->eddsa_key), purpose, & (sig->eddsa_signature)); - break; + return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose, + &(sig->eddsa_signature)); + break; default: - GNUNET_break (0); + GNUNET_break (0); } return GNUNET_SYSERR; @@ -1100,22 +1110,27 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv int GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, - const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, - const struct GNUNET_IDENTITY_Signature *sig, - const struct GNUNET_IDENTITY_PublicKey *pub) + const struct + GNUNET_CRYPTO_EccSignaturePurpose *validate, + const struct GNUNET_IDENTITY_Signature *sig, + const struct GNUNET_IDENTITY_PublicKey *pub) { /* check type matching of 'sig' and 'pub' */ GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); switch (ntohl (pub->type)) { case GNUNET_IDENTITY_TYPE_ECDSA: - return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, & (sig->ecdsa_signature), & (pub->ecdsa_key)); - break; + return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, + &(sig->ecdsa_signature), + &(pub->ecdsa_key)); + break; case GNUNET_IDENTITY_TYPE_EDDSA: - return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, & (sig->eddsa_signature), & (pub->eddsa_key)); - break; + return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, + &(sig->eddsa_signature), + &(pub->eddsa_key)); + break; default: - GNUNET_break (0); + GNUNET_break (0); } return GNUNET_SYSERR; @@ -1123,56 +1138,64 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, ssize_t -GNUNET_IDENTITY_public_key_encrypt(const void *block, - size_t size, - const struct GNUNET_IDENTITY_PublicKey *pub, - struct GNUNET_CRYPTO_EcdhePublicKey *ecc, - void *result) +GNUNET_IDENTITY_public_key_encrypt (const void *block, + size_t size, + const struct GNUNET_IDENTITY_PublicKey *pub, + struct GNUNET_CRYPTO_EcdhePublicKey *ecc, + void *result) { struct GNUNET_CRYPTO_EcdhePrivateKey pk; - GNUNET_CRYPTO_ecdhe_key_create(&pk); + GNUNET_CRYPTO_ecdhe_key_create (&pk); struct GNUNET_HashCode hash; switch (ntohl (pub->type)) { case GNUNET_IDENTITY_TYPE_ECDSA: - if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa(&pk, &(pub->ecdsa_key), &hash)) + if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa (&pk, &(pub->ecdsa_key), + &hash)) return -1; break; case GNUNET_IDENTITY_TYPE_EDDSA: - if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa(&pk, &(pub->eddsa_key), &hash)) + if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa (&pk, &(pub->eddsa_key), + &hash)) return -1; break; default: return -1; } - GNUNET_CRYPTO_ecdhe_key_get_public(&pk, ecc); - GNUNET_CRYPTO_ecdhe_key_clear(&pk); + GNUNET_CRYPTO_ecdhe_key_get_public (&pk, ecc); + GNUNET_CRYPTO_ecdhe_key_clear (&pk); struct GNUNET_CRYPTO_SymmetricSessionKey key; struct GNUNET_CRYPTO_SymmetricInitializationVector iv; - GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); - GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); - const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt(block, size, &key, &iv, result); - GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); - GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); + GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); + GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); + const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt (block, size, &key, + &iv, result); + GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); + GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); return encrypted; } ssize_t -GNUNET_IDENTITY_private_key_decrypt(const void *block, - size_t size, - const struct GNUNET_IDENTITY_PrivateKey *priv, - const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, - void *result) { +GNUNET_IDENTITY_private_key_decrypt (const void *block, + size_t size, + const struct + GNUNET_IDENTITY_PrivateKey *priv, + const struct + GNUNET_CRYPTO_EcdhePublicKey *ecc, + void *result) +{ struct GNUNET_HashCode hash; switch (ntohl (priv->type)) { case GNUNET_IDENTITY_TYPE_ECDSA: - if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh(&(priv->ecdsa_key), ecc, &hash)) + if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh (&(priv->ecdsa_key), ecc, + &hash)) return -1; break; case GNUNET_IDENTITY_TYPE_EDDSA: - if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh(&(priv->eddsa_key), ecc, &hash)) + if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh (&(priv->eddsa_key), ecc, + &hash)) return -1; break; default: @@ -1180,11 +1203,12 @@ GNUNET_IDENTITY_private_key_decrypt(const void *block, } struct GNUNET_CRYPTO_SymmetricSessionKey key; struct GNUNET_CRYPTO_SymmetricInitializationVector iv; - GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); - GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); - const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt(block, size, &key, &iv, result); - GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); - GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); + GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); + GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); + const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt (block, size, &key, + &iv, result); + GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); + GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); return decrypted; } @@ -1222,7 +1246,7 @@ GNUNET_IDENTITY_public_key_from_string (const char *str, if (GNUNET_OK != ret) return GNUNET_SYSERR; ktype = ntohl (key->type); - return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? + return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? } @@ -1240,7 +1264,7 @@ GNUNET_IDENTITY_private_key_from_string (const char *str, if (GNUNET_OK != ret) return GNUNET_SYSERR; ktype = ntohl (key->type); - return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? + return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? } diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h index 66761e526..0174e52aa 100644 --- a/src/include/gnunet_identity_service.h +++ b/src/include/gnunet_identity_service.h @@ -151,9 +151,9 @@ struct GNUNET_IDENTITY_Signature union { - /** - * An ECDSA signature - */ + /** + * An ECDSA signature + */ struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature; /** @@ -419,8 +419,8 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key); */ ssize_t GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, - const void* buffer, - size_t len); + const void*buffer, + size_t len); /** @@ -436,9 +436,10 @@ GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, * @return -1 or -2 on error, else the amount of bytes written to the buffer */ ssize_t -GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key, - void* buffer, - size_t len); +GNUNET_IDENTITY_write_key_to_buffer (const struct + GNUNET_IDENTITY_PublicKey *key, + void*buffer, + size_t len); /** @@ -452,7 +453,8 @@ GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key * @return -1 on error, else the compacted length of the signature. */ ssize_t -GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig); +GNUNET_IDENTITY_signature_get_length (const struct + GNUNET_IDENTITY_Signature *sig); /** @@ -468,9 +470,10 @@ GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *si * @return -1 or -2 on error, else the amount of bytes read from the buffer */ ssize_t -GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *sig, - const void* buffer, - size_t len); +GNUNET_IDENTITY_read_signature_from_buffer (struct + GNUNET_IDENTITY_Signature *sig, + const void*buffer, + size_t len); /** @@ -486,9 +489,10 @@ GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *si * @return -1 or -2 on error, else the amount of bytes written to the buffer */ ssize_t -GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signature *sig, - void* buffer, - size_t len); +GNUNET_IDENTITY_write_signature_to_buffer (const struct + GNUNET_IDENTITY_Signature *sig, + void*buffer, + size_t len); /** @@ -505,9 +509,11 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signatur * @return #GNUNET_SYSERR on error, #GNUNET_OK on success */ int -GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv, - const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, - struct GNUNET_IDENTITY_Signature *sig); +GNUNET_IDENTITY_private_key_sign_ (const struct + GNUNET_IDENTITY_PrivateKey *priv, + const struct + GNUNET_CRYPTO_EccSignaturePurpose *purpose, + struct GNUNET_IDENTITY_Signature *sig); /** @@ -528,9 +534,9 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv GNUNET_static_assert (((void*) (ps)) == \ ((void*) &(ps)->purpose)); \ GNUNET_assert (GNUNET_OK == \ - GNUNET_IDENTITY_private_key_sign_ (priv, \ - &(ps)->purpose, \ - sig)); \ + GNUNET_IDENTITY_private_key_sign_ (priv, \ + &(ps)->purpose, \ + sig)); \ } while (0) @@ -553,9 +559,11 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv */ int GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, - const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, - const struct GNUNET_IDENTITY_Signature *sig, - const struct GNUNET_IDENTITY_PublicKey *pub); + const struct + GNUNET_CRYPTO_EccSignaturePurpose *validate, + const struct GNUNET_IDENTITY_Signature *sig, + const struct + GNUNET_IDENTITY_PublicKey *pub); /** @@ -577,10 +585,10 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, /* check 'ps' begins with the purpose */ \ GNUNET_static_assert (((void*) (ps)) == \ ((void*) &(ps)->purpose)); \ - GNUNET_IDENTITY_public_key_verify_(purp, \ - &(ps)->purpose, \ - sig, \ - pub); \ + GNUNET_IDENTITY_public_key_verify_ (purp, \ + &(ps)->purpose, \ + sig, \ + pub); \ }) @@ -600,11 +608,11 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, * this size should be the same as @c len. */ ssize_t -GNUNET_IDENTITY_public_key_encrypt(const void *block, - size_t size, - const struct GNUNET_IDENTITY_PublicKey *pub, - struct GNUNET_CRYPTO_EcdhePublicKey *ecc, - void *result); +GNUNET_IDENTITY_public_key_encrypt (const void *block, + size_t size, + const struct GNUNET_IDENTITY_PublicKey *pub, + struct GNUNET_CRYPTO_EcdhePublicKey *ecc, + void *result); /** @@ -622,11 +630,13 @@ GNUNET_IDENTITY_public_key_encrypt(const void *block, * this size should be the same as @c size. */ ssize_t -GNUNET_IDENTITY_private_key_decrypt(const void *block, - size_t size, - const struct GNUNET_IDENTITY_PrivateKey *priv, - const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, - void *result); +GNUNET_IDENTITY_private_key_decrypt (const void *block, + size_t size, + const struct + GNUNET_IDENTITY_PrivateKey *priv, + const struct + GNUNET_CRYPTO_EcdhePublicKey *ecc, + void *result); /** @@ -689,7 +699,8 @@ GNUNET_IDENTITY_private_key_from_string (const char*str, * @return GNUNET_SYSERR on error. */ enum GNUNET_GenericReturnValue -GNUNET_IDENTITY_key_get_public (const struct GNUNET_IDENTITY_PrivateKey *privkey, +GNUNET_IDENTITY_key_get_public (const struct + GNUNET_IDENTITY_PrivateKey *privkey, struct GNUNET_IDENTITY_PublicKey *key); diff --git a/src/include/gnunet_revocation_service.h b/src/include/gnunet_revocation_service.h index 3ad8f864b..d56116914 100644 --- a/src/include/gnunet_revocation_service.h +++ b/src/include/gnunet_revocation_service.h @@ -102,15 +102,12 @@ struct GNUNET_REVOCATION_SignaturePurposePS */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - /** - * The revoked public key - */ - struct GNUNET_IDENTITY_PublicKey key; - /** * The timestamp of the revocation */ struct GNUNET_TIME_AbsoluteNBO timestamp; + + /** Followed by the zone public key type and key **/ }; GNUNET_NETWORK_STRUCT_END diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index ee0150064..44c42ae49 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c @@ -426,7 +426,7 @@ enum GNUNET_GenericReturnValue check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, const struct GNUNET_IDENTITY_PublicKey *key) { - struct GNUNET_REVOCATION_SignaturePurposePS spurp; + struct GNUNET_REVOCATION_SignaturePurposePS *spurp; struct GNUNET_IDENTITY_Signature *sig; const struct GNUNET_IDENTITY_PublicKey *pk; size_t ksize; @@ -434,19 +434,20 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; ksize = GNUNET_IDENTITY_key_get_length (pk); - spurp.key = *pk; - spurp.timestamp = pow->timestamp; - spurp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); - spurp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) - + GNUNET_IDENTITY_key_get_length (pk) - + sizeof (struct GNUNET_TIME_AbsoluteNBO)); + spurp = GNUNET_malloc (sizeof (*spurp) + ksize); + spurp->timestamp = pow->timestamp; + spurp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); + spurp->purpose.size = htonl (sizeof(*spurp) + ksize); + GNUNET_IDENTITY_write_key_to_buffer (pk, + (char*) &spurp[1], + ksize); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Expected signature payload len: %u\n", - ntohl (spurp.purpose.size)); - sig = (struct GNUNET_CRYPTO_EcdsaSignature *) ((char*)&pow[1] + ksize); + ntohl (spurp->purpose.size)); + sig = (struct GNUNET_IDENTITY_Signature *) ((char*)&pow[1] + ksize); if (GNUNET_OK != GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, - &spurp.purpose, + &spurp->purpose, sig, key)) { @@ -572,7 +573,7 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_REVOCATION_PowP *pow) { struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); - struct GNUNET_REVOCATION_SignaturePurposePS rp; + struct GNUNET_REVOCATION_SignaturePurposePS *rp; const struct GNUNET_IDENTITY_PublicKey *pk; size_t ksize; char *sig; @@ -586,18 +587,19 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; ksize = GNUNET_IDENTITY_key_get_length (pk); pow->timestamp = GNUNET_TIME_absolute_hton (ts); - rp.timestamp = pow->timestamp; - rp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); - rp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) - + ksize - + sizeof (struct GNUNET_TIME_AbsoluteNBO)); + rp = GNUNET_malloc (sizeof (*rp) + ksize); + rp->timestamp = pow->timestamp; + rp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); + rp->purpose.size = htonl (sizeof(*rp) + ksize); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Signature payload len: %u\n", - ntohl (rp.purpose.size)); - rp.key = *pk; + ntohl (rp->purpose.size)); + GNUNET_IDENTITY_write_key_to_buffer (pk, + ((char*)&rp[1]), + ksize); sig = ((char*)&pow[1]) + ksize; int result = GNUNET_IDENTITY_private_key_sign_ (key, - &rp.purpose, + &rp->purpose, (void*) sig); if (result == GNUNET_SYSERR) return GNUNET_NO; else return result; @@ -762,20 +764,17 @@ size_t GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow) { size_t size; + size_t ksize; const struct GNUNET_IDENTITY_PublicKey *pk; + const struct GNUNET_IDENTITY_Signature *sig; size = sizeof (struct GNUNET_REVOCATION_PowP); pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; - size += GNUNET_IDENTITY_key_get_length (pk); - - switch (ntohl (pk->type)) - { - case GNUNET_IDENTITY_TYPE_ECDSA: - return size + sizeof (struct GNUNET_CRYPTO_EcdsaSignature); - default: - return 0; - } - return 0; + ksize = GNUNET_IDENTITY_key_get_length (pk); + size += ksize; + sig = (struct GNUNET_IDENTITY_Signature *) ((char*)&pow[1] + ksize); + size += GNUNET_IDENTITY_signature_get_length (sig); + return size; } -- cgit v1.2.3