From bd73336f5d7168f92574cf19703ec242c97e6062 Mon Sep 17 00:00:00 2001 From: TheJackiMonster Date: Thu, 5 Nov 2020 22:04:41 +0100 Subject: revocation and reclaim updated verification Signed-off-by: TheJackiMonster --- src/include/gnunet_revocation_service.h | 9 ++---- src/reclaim/oidc_helper.c | 26 ++++++++-------- src/revocation/revocation_api.c | 53 ++++++++++++--------------------- 3 files changed, 34 insertions(+), 54 deletions(-) diff --git a/src/include/gnunet_revocation_service.h b/src/include/gnunet_revocation_service.h index 18c1f2674..3ad8f864b 100644 --- a/src/include/gnunet_revocation_service.h +++ b/src/include/gnunet_revocation_service.h @@ -95,22 +95,17 @@ struct GNUNET_REVOCATION_PowP /** * The signature object we use for the PoW */ -struct GNUNET_REVOCATION_EcdsaSignaturePurposePS +struct GNUNET_REVOCATION_SignaturePurposePS { /** * The signature purpose */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - /** - * Type of the key - */ - uint32_t ktype; - /** * The revoked public key */ - struct GNUNET_CRYPTO_EcdsaPublicKey key; + struct GNUNET_IDENTITY_PublicKey key; /** * The timestamp of the revocation diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c index c3ff07976..0caa46b90 100644 --- a/src/reclaim/oidc_helper.c +++ b/src/reclaim/oidc_helper.c @@ -525,7 +525,7 @@ OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer, // Get length code_payload_len = sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) + payload_len + sizeof(struct - GNUNET_CRYPTO_EcdsaSignature); + GNUNET_IDENTITY_Signature); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Length of data to encode: %lu\n", code_payload_len); @@ -544,10 +544,10 @@ OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer, buf_ptr += payload_len; // Sign and store signature if (GNUNET_SYSERR == - GNUNET_CRYPTO_ecdsa_sign_ (&issuer->ecdsa_key, - purpose, - (struct GNUNET_CRYPTO_EcdsaSignature *) - buf_ptr)) + GNUNET_IDENTITY_private_key_sign_ (issuer, + purpose, + (struct GNUNET_IDENTITY_Signature *) + buf_ptr)) { GNUNET_break (0); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Unable to sign code\n"); @@ -593,7 +593,7 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience, char *code_challenge; char *code_verifier_hash; struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; - struct GNUNET_CRYPTO_EcdsaSignature *signature; + struct GNUNET_IDENTITY_Signature *signature; uint32_t code_challenge_len; uint32_t attrs_ser_len; uint32_t pres_ser_len; @@ -609,7 +609,7 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience, (void **) &code_payload); if (code_payload_len < sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) + sizeof(struct OIDC_Parameters) - + sizeof(struct GNUNET_CRYPTO_EcdsaSignature)) + + sizeof(struct GNUNET_IDENTITY_Signature)) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Authorization code malformed\n"); GNUNET_free (code_payload); @@ -620,10 +620,10 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience, plaintext_len = code_payload_len; plaintext_len -= sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose); ptr = (char *) &purpose[1]; - plaintext_len -= sizeof(struct GNUNET_CRYPTO_EcdsaSignature); + plaintext_len -= sizeof(struct GNUNET_IDENTITY_Signature); plaintext = ptr; ptr += plaintext_len; - signature = (struct GNUNET_CRYPTO_EcdsaSignature *) ptr; + signature = (struct GNUNET_IDENTITY_Signature *) ptr; params = (struct OIDC_Parameters *) plaintext; // cmp code_challenge code_verifier @@ -684,10 +684,10 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *audience, return GNUNET_SYSERR; } if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN, - purpose, - signature, - &ticket->identity.ecdsa_key)) + GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN, + purpose, + signature, + &(ticket->identity))) { GNUNET_free (code_payload); if (NULL != *nonce_str) diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index 94fbc7022..ee0150064 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c @@ -423,19 +423,18 @@ calculate_score (const struct GNUNET_REVOCATION_PowCalculationHandle *ph) enum GNUNET_GenericReturnValue -check_signature_ecdsa (const struct GNUNET_REVOCATION_PowP *pow, - const struct GNUNET_CRYPTO_EcdsaPublicKey *key) +check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, + const struct GNUNET_IDENTITY_PublicKey *key) { - struct GNUNET_REVOCATION_EcdsaSignaturePurposePS spurp; - struct GNUNET_CRYPTO_EcdsaSignature *sig; + struct GNUNET_REVOCATION_SignaturePurposePS spurp; + struct GNUNET_IDENTITY_Signature *sig; const struct GNUNET_IDENTITY_PublicKey *pk; size_t ksize; pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; ksize = GNUNET_IDENTITY_key_get_length (pk); - spurp.ktype = pk->type; - spurp.key = pk->ecdsa_key; + spurp.key = *pk; spurp.timestamp = pow->timestamp; spurp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); spurp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) @@ -446,10 +445,10 @@ check_signature_ecdsa (const struct GNUNET_REVOCATION_PowP *pow, ntohl (spurp.purpose.size)); sig = (struct GNUNET_CRYPTO_EcdsaSignature *) ((char*)&pow[1] + ksize); if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, - &spurp.purpose, - sig, - key)) + GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, + &spurp.purpose, + sig, + key)) { return GNUNET_SYSERR; } @@ -463,14 +462,7 @@ check_signature (const struct GNUNET_REVOCATION_PowP *pow) const struct GNUNET_IDENTITY_PublicKey *pk; pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; - switch (ntohl (pk->type)) - { - case GNUNET_IDENTITY_TYPE_ECDSA: - return check_signature_ecdsa (pow, &pk->ecdsa_key); - default: - return GNUNET_SYSERR; - } - return GNUNET_SYSERR; + return check_signature_identity (pow, pk); } @@ -576,11 +568,11 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_PowP *pow, enum GNUNET_GenericReturnValue -sign_pow_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, +sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_REVOCATION_PowP *pow) { struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); - struct GNUNET_REVOCATION_EcdsaSignaturePurposePS rp; + struct GNUNET_REVOCATION_SignaturePurposePS rp; const struct GNUNET_IDENTITY_PublicKey *pk; size_t ksize; char *sig; @@ -602,13 +594,13 @@ sign_pow_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Signature payload len: %u\n", ntohl (rp.purpose.size)); - rp.ktype = pk->type; - rp.key = pk->ecdsa_key; + rp.key = *pk; sig = ((char*)&pow[1]) + ksize; - return GNUNET_CRYPTO_ecdsa_sign_ (key, - &rp.purpose, - (void*) sig); - + int result = GNUNET_IDENTITY_private_key_sign_ (key, + &rp.purpose, + (void*) sig); + if (result == GNUNET_SYSERR) return GNUNET_NO; + else return result; } @@ -620,14 +612,7 @@ sign_pow (const struct GNUNET_IDENTITY_PrivateKey *key, pk = (struct GNUNET_IDENTITY_PublicKey *) &pow[1]; GNUNET_IDENTITY_key_get_public (key, pk); - switch (ntohl (pk->type)) - { - case GNUNET_IDENTITY_TYPE_ECDSA: - return sign_pow_ecdsa (&key->ecdsa_key, pow); - default: - return GNUNET_NO; - } - return GNUNET_NO; + return sign_pow_identity (key, pow); } -- cgit v1.2.3