From c4e9ba925ffd758aaa3feee2ccfc0b76f26fe207 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 5 Oct 2019 15:09:28 +0200 Subject: global reindent, now with uncrustify hook enabled --- src/util/crypto_rsa.c | 994 +++++++++++++++++++++++++------------------------- 1 file changed, 502 insertions(+), 492 deletions(-) (limited to 'src/util/crypto_rsa.c') diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index 0a20fdffa..edabcd6d5 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c @@ -30,13 +30,14 @@ #include "gnunet_crypto_lib.h" #include "benchmark.h" -#define LOG(kind, ...) GNUNET_log_from(kind, "util-crypto-rsa", __VA_ARGS__) +#define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-rsa", __VA_ARGS__) /** * The private information of an RSA key pair. */ -struct GNUNET_CRYPTO_RsaPrivateKey { +struct GNUNET_CRYPTO_RsaPrivateKey +{ /** * Libgcrypt S-expression for the RSA private key. */ @@ -47,7 +48,8 @@ struct GNUNET_CRYPTO_RsaPrivateKey { /** * The public information of an RSA key pair. */ -struct GNUNET_CRYPTO_RsaPublicKey { +struct GNUNET_CRYPTO_RsaPublicKey +{ /** * Libgcrypt S-expression for the RSA public key. */ @@ -58,7 +60,8 @@ struct GNUNET_CRYPTO_RsaPublicKey { /** * @brief an RSA signature */ -struct GNUNET_CRYPTO_RsaSignature { +struct GNUNET_CRYPTO_RsaSignature +{ /** * Libgcrypt S-expression for the RSA signature. */ @@ -69,7 +72,8 @@ struct GNUNET_CRYPTO_RsaSignature { /** * @brief RSA blinding key */ -struct RsaBlindingKey { +struct RsaBlindingKey +{ /** * Random value used for blinding. */ @@ -87,50 +91,50 @@ struct RsaBlindingKey { * @return 0 on success */ static int -key_from_sexp(gcry_mpi_t *array, - gcry_sexp_t sexp, - const char *topname, - const char *elems) +key_from_sexp (gcry_mpi_t *array, + gcry_sexp_t sexp, + const char *topname, + const char *elems) { gcry_sexp_t list; gcry_sexp_t l2; const char *s; unsigned int idx; - if (!(list = gcry_sexp_find_token(sexp, topname, 0))) + if (! (list = gcry_sexp_find_token (sexp, topname, 0))) return 1; - l2 = gcry_sexp_cadr(list); - gcry_sexp_release(list); + l2 = gcry_sexp_cadr (list); + gcry_sexp_release (list); list = l2; - if (!list) + if (! list) return 2; idx = 0; for (s = elems; *s; s++, idx++) + { + if (! (l2 = gcry_sexp_find_token (list, s, 1))) { - if (!(l2 = gcry_sexp_find_token(list, s, 1))) - { - for (unsigned int i = 0; i < idx; i++) - { - gcry_free(array[i]); - array[i] = NULL; - } - gcry_sexp_release(list); - return 3; /* required parameter not found */ - } - array[idx] = gcry_sexp_nth_mpi(l2, 1, GCRYMPI_FMT_USG); - gcry_sexp_release(l2); - if (!array[idx]) - { - for (unsigned int i = 0; i < idx; i++) - { - gcry_free(array[i]); - array[i] = NULL; - } - gcry_sexp_release(list); - return 4; /* required parameter is invalid */ - } + for (unsigned int i = 0; i < idx; i++) + { + gcry_free (array[i]); + array[i] = NULL; + } + gcry_sexp_release (list); + return 3; /* required parameter not found */ } - gcry_sexp_release(list); + array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (l2); + if (! array[idx]) + { + for (unsigned int i = 0; i < idx; i++) + { + gcry_free (array[i]); + array[i] = NULL; + } + gcry_sexp_release (list); + return 4; /* required parameter is invalid */ + } + } + gcry_sexp_release (list); return 0; } @@ -142,30 +146,30 @@ key_from_sexp(gcry_mpi_t *array, * @return fresh private key */ struct GNUNET_CRYPTO_RsaPrivateKey * -GNUNET_CRYPTO_rsa_private_key_create(unsigned int len) +GNUNET_CRYPTO_rsa_private_key_create (unsigned int len) { struct GNUNET_CRYPTO_RsaPrivateKey *ret; gcry_sexp_t s_key; gcry_sexp_t s_keyparam; - BENCHMARK_START(rsa_private_key_create); - - GNUNET_assert(0 == - gcry_sexp_build(&s_keyparam, - NULL, - "(genkey(rsa(nbits %d)))", - len)); - GNUNET_assert(0 == - gcry_pk_genkey(&s_key, - s_keyparam)); - gcry_sexp_release(s_keyparam); + BENCHMARK_START (rsa_private_key_create); + + GNUNET_assert (0 == + gcry_sexp_build (&s_keyparam, + NULL, + "(genkey(rsa(nbits %d)))", + len)); + GNUNET_assert (0 == + gcry_pk_genkey (&s_key, + s_keyparam)); + gcry_sexp_release (s_keyparam); #if EXTRA_CHECKS - GNUNET_assert(0 == - gcry_pk_testkey(s_key)); + GNUNET_assert (0 == + gcry_pk_testkey (s_key)); #endif - ret = GNUNET_new(struct GNUNET_CRYPTO_RsaPrivateKey); + ret = GNUNET_new (struct GNUNET_CRYPTO_RsaPrivateKey); ret->sexp = s_key; - BENCHMARK_END(rsa_private_key_create); + BENCHMARK_END (rsa_private_key_create); return ret; } @@ -176,10 +180,10 @@ GNUNET_CRYPTO_rsa_private_key_create(unsigned int len) * @param key pointer to the memory to free */ void -GNUNET_CRYPTO_rsa_private_key_free(struct GNUNET_CRYPTO_RsaPrivateKey *key) +GNUNET_CRYPTO_rsa_private_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *key) { - gcry_sexp_release(key->sexp); - GNUNET_free(key); + gcry_sexp_release (key->sexp); + GNUNET_free (key); } @@ -192,22 +196,23 @@ GNUNET_CRYPTO_rsa_private_key_free(struct GNUNET_CRYPTO_RsaPrivateKey *key) * @return size of memory allocated in @a buffer */ size_t -GNUNET_CRYPTO_rsa_private_key_encode(const struct GNUNET_CRYPTO_RsaPrivateKey *key, - char **buffer) +GNUNET_CRYPTO_rsa_private_key_encode (const struct + GNUNET_CRYPTO_RsaPrivateKey *key, + char **buffer) { size_t n; char *b; - n = gcry_sexp_sprint(key->sexp, - GCRYSEXP_FMT_DEFAULT, - NULL, - 0); - b = GNUNET_malloc(n); - GNUNET_assert((n - 1) == /* since the last byte is \0 */ - gcry_sexp_sprint(key->sexp, - GCRYSEXP_FMT_DEFAULT, - b, - n)); + n = gcry_sexp_sprint (key->sexp, + GCRYSEXP_FMT_DEFAULT, + NULL, + 0); + b = GNUNET_malloc (n); + GNUNET_assert ((n - 1) == /* since the last byte is \0 */ + gcry_sexp_sprint (key->sexp, + GCRYSEXP_FMT_DEFAULT, + b, + n)); *buffer = b; return n; } @@ -222,30 +227,30 @@ GNUNET_CRYPTO_rsa_private_key_encode(const struct GNUNET_CRYPTO_RsaPrivateKey *k * @return NULL on error */ struct GNUNET_CRYPTO_RsaPrivateKey * -GNUNET_CRYPTO_rsa_private_key_decode(const char *buf, - size_t len) +GNUNET_CRYPTO_rsa_private_key_decode (const char *buf, + size_t len) { struct GNUNET_CRYPTO_RsaPrivateKey *key; - key = GNUNET_new(struct GNUNET_CRYPTO_RsaPrivateKey); + key = GNUNET_new (struct GNUNET_CRYPTO_RsaPrivateKey); if (0 != - gcry_sexp_new(&key->sexp, - buf, - len, - 0)) - { - LOG(GNUNET_ERROR_TYPE_WARNING, - "Decoded private key is not valid\n"); - GNUNET_free(key); - return NULL; - } - if (0 != gcry_pk_testkey(key->sexp)) - { - LOG(GNUNET_ERROR_TYPE_WARNING, - "Decoded private key is not valid\n"); - GNUNET_CRYPTO_rsa_private_key_free(key); - return NULL; - } + gcry_sexp_new (&key->sexp, + buf, + len, + 0)) + { + LOG (GNUNET_ERROR_TYPE_WARNING, + "Decoded private key is not valid\n"); + GNUNET_free (key); + return NULL; + } + if (0 != gcry_pk_testkey (key->sexp)) + { + LOG (GNUNET_ERROR_TYPE_WARNING, + "Decoded private key is not valid\n"); + GNUNET_CRYPTO_rsa_private_key_free (key); + return NULL; + } return key; } @@ -257,35 +262,36 @@ GNUNET_CRYPTO_rsa_private_key_decode(const char *buf, * @retur NULL on error, otherwise the public key */ struct GNUNET_CRYPTO_RsaPublicKey * -GNUNET_CRYPTO_rsa_private_key_get_public(const struct GNUNET_CRYPTO_RsaPrivateKey *priv) +GNUNET_CRYPTO_rsa_private_key_get_public (const struct + GNUNET_CRYPTO_RsaPrivateKey *priv) { struct GNUNET_CRYPTO_RsaPublicKey *pub; gcry_mpi_t ne[2]; int rc; gcry_sexp_t result; - BENCHMARK_START(rsa_private_key_get_public); + BENCHMARK_START (rsa_private_key_get_public); - rc = key_from_sexp(ne, priv->sexp, "public-key", "ne"); + rc = key_from_sexp (ne, priv->sexp, "public-key", "ne"); if (0 != rc) - rc = key_from_sexp(ne, priv->sexp, "private-key", "ne"); + rc = key_from_sexp (ne, priv->sexp, "private-key", "ne"); if (0 != rc) - rc = key_from_sexp(ne, priv->sexp, "rsa", "ne"); + rc = key_from_sexp (ne, priv->sexp, "rsa", "ne"); if (0 != rc) - { - GNUNET_break_op(0); - return NULL; - } - rc = gcry_sexp_build(&result, - NULL, - "(public-key(rsa(n %m)(e %m)))", - ne[0], - ne[1]); - gcry_mpi_release(ne[0]); - gcry_mpi_release(ne[1]); - pub = GNUNET_new(struct GNUNET_CRYPTO_RsaPublicKey); + { + GNUNET_break_op (0); + return NULL; + } + rc = gcry_sexp_build (&result, + NULL, + "(public-key(rsa(n %m)(e %m)))", + ne[0], + ne[1]); + gcry_mpi_release (ne[0]); + gcry_mpi_release (ne[1]); + pub = GNUNET_new (struct GNUNET_CRYPTO_RsaPublicKey); pub->sexp = result; - BENCHMARK_END(rsa_private_key_get_public); + BENCHMARK_END (rsa_private_key_get_public); return pub; } @@ -296,10 +302,10 @@ GNUNET_CRYPTO_rsa_private_key_get_public(const struct GNUNET_CRYPTO_RsaPrivateKe * @param key pointer to the memory to free */ void -GNUNET_CRYPTO_rsa_public_key_free(struct GNUNET_CRYPTO_RsaPublicKey *key) +GNUNET_CRYPTO_rsa_public_key_free (struct GNUNET_CRYPTO_RsaPublicKey *key) { - gcry_sexp_release(key->sexp); - GNUNET_free(key); + gcry_sexp_release (key->sexp); + GNUNET_free (key); } @@ -312,22 +318,23 @@ GNUNET_CRYPTO_rsa_public_key_free(struct GNUNET_CRYPTO_RsaPublicKey *key) * @return size of memory allocated in @a buffer */ size_t -GNUNET_CRYPTO_rsa_public_key_encode(const struct GNUNET_CRYPTO_RsaPublicKey *key, - char **buffer) +GNUNET_CRYPTO_rsa_public_key_encode (const struct + GNUNET_CRYPTO_RsaPublicKey *key, + char **buffer) { size_t n; char *b; - n = gcry_sexp_sprint(key->sexp, - GCRYSEXP_FMT_ADVANCED, - NULL, - 0); - b = GNUNET_malloc(n); - GNUNET_assert((n - 1) == /* since the last byte is \0 */ - gcry_sexp_sprint(key->sexp, - GCRYSEXP_FMT_ADVANCED, - b, - n)); + n = gcry_sexp_sprint (key->sexp, + GCRYSEXP_FMT_ADVANCED, + NULL, + 0); + b = GNUNET_malloc (n); + GNUNET_assert ((n - 1) == /* since the last byte is \0 */ + gcry_sexp_sprint (key->sexp, + GCRYSEXP_FMT_ADVANCED, + b, + n)); *buffer = b; return n; } @@ -340,18 +347,18 @@ GNUNET_CRYPTO_rsa_public_key_encode(const struct GNUNET_CRYPTO_RsaPublicKey *key * @param hc where to store the hash code */ void -GNUNET_CRYPTO_rsa_public_key_hash(const struct GNUNET_CRYPTO_RsaPublicKey *key, - struct GNUNET_HashCode *hc) +GNUNET_CRYPTO_rsa_public_key_hash (const struct GNUNET_CRYPTO_RsaPublicKey *key, + struct GNUNET_HashCode *hc) { char *buf; size_t buf_size; - buf_size = GNUNET_CRYPTO_rsa_public_key_encode(key, - &buf); - GNUNET_CRYPTO_hash(buf, - buf_size, - hc); - GNUNET_free(buf); + buf_size = GNUNET_CRYPTO_rsa_public_key_encode (key, + &buf); + GNUNET_CRYPTO_hash (buf, + buf_size, + hc); + GNUNET_free (buf); } @@ -364,37 +371,37 @@ GNUNET_CRYPTO_rsa_public_key_hash(const struct GNUNET_CRYPTO_RsaPublicKey *key, * @return NULL on error */ struct GNUNET_CRYPTO_RsaPublicKey * -GNUNET_CRYPTO_rsa_public_key_decode(const char *buf, - size_t len) +GNUNET_CRYPTO_rsa_public_key_decode (const char *buf, + size_t len) { struct GNUNET_CRYPTO_RsaPublicKey *key; gcry_mpi_t n; int ret; - key = GNUNET_new(struct GNUNET_CRYPTO_RsaPublicKey); + key = GNUNET_new (struct GNUNET_CRYPTO_RsaPublicKey); if (0 != - gcry_sexp_new(&key->sexp, - buf, - len, - 0)) - { - GNUNET_break_op(0); - GNUNET_free(key); - return NULL; - } + gcry_sexp_new (&key->sexp, + buf, + len, + 0)) + { + GNUNET_break_op (0); + GNUNET_free (key); + return NULL; + } /* verify that this is an RSA public key */ - ret = key_from_sexp(&n, key->sexp, "public-key", "n"); + ret = key_from_sexp (&n, key->sexp, "public-key", "n"); if (0 != ret) - ret = key_from_sexp(&n, key->sexp, "rsa", "n"); + ret = key_from_sexp (&n, key->sexp, "rsa", "n"); if (0 != ret) - { - /* this is no public RSA key */ - GNUNET_break(0); - gcry_sexp_release(key->sexp); - GNUNET_free(key); - return NULL; - } - gcry_mpi_release(n); + { + /* this is no public RSA key */ + GNUNET_break (0); + gcry_sexp_release (key->sexp); + GNUNET_free (key); + return NULL; + } + gcry_mpi_release (n); return key; } @@ -411,14 +418,14 @@ GNUNET_CRYPTO_rsa_public_key_decode(const char *buf, * @return True if gcd(r,n) = 1, False means RSA key is malicious */ static int -rsa_gcd_validate(gcry_mpi_t r, gcry_mpi_t n) +rsa_gcd_validate (gcry_mpi_t r, gcry_mpi_t n) { gcry_mpi_t g; int t; - g = gcry_mpi_new(0); - t = gcry_mpi_gcd(g, r, n); - gcry_mpi_release(g); + g = gcry_mpi_new (0); + t = gcry_mpi_gcd (g, r, n); + gcry_mpi_release (g); return t; } @@ -431,33 +438,33 @@ rsa_gcd_validate(gcry_mpi_t r, gcry_mpi_t n) * @return the newly created blinding key, NULL if RSA key is malicious */ static struct RsaBlindingKey * -rsa_blinding_key_derive(const struct GNUNET_CRYPTO_RsaPublicKey *pkey, - const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks) +rsa_blinding_key_derive (const struct GNUNET_CRYPTO_RsaPublicKey *pkey, + const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks) { char *xts = "Blinding KDF extrator HMAC key"; /* Trusts bks' randomness more */ struct RsaBlindingKey *blind; gcry_mpi_t n; - blind = GNUNET_new(struct RsaBlindingKey); - GNUNET_assert(NULL != blind); + blind = GNUNET_new (struct RsaBlindingKey); + GNUNET_assert (NULL != blind); /* Extract the composite n from the RSA public key */ - GNUNET_assert(0 == key_from_sexp(&n, pkey->sexp, "rsa", "n")); + GNUNET_assert (0 == key_from_sexp (&n, pkey->sexp, "rsa", "n")); /* Assert that it at least looks like an RSA key */ - GNUNET_assert(0 == gcry_mpi_get_flag(n, GCRYMPI_FLAG_OPAQUE)); - - GNUNET_CRYPTO_kdf_mod_mpi(&blind->r, - n, - xts, strlen(xts), - bks, sizeof(*bks), - "Blinding KDF"); - if (0 == rsa_gcd_validate(blind->r, n)) - { - GNUNET_free(blind); - blind = NULL; - } - - gcry_mpi_release(n); + GNUNET_assert (0 == gcry_mpi_get_flag (n, GCRYMPI_FLAG_OPAQUE)); + + GNUNET_CRYPTO_kdf_mod_mpi (&blind->r, + n, + xts, strlen (xts), + bks, sizeof(*bks), + "Blinding KDF"); + if (0 == rsa_gcd_validate (blind->r, n)) + { + GNUNET_free (blind); + blind = NULL; + } + + gcry_mpi_release (n); return blind; } @@ -513,8 +520,8 @@ rsa_blinding_key_derive(const struct GNUNET_CRYPTO_RsaPublicKey *pkey, * @return 0 if the two are equal */ int -GNUNET_CRYPTO_rsa_signature_cmp(struct GNUNET_CRYPTO_RsaSignature *s1, - struct GNUNET_CRYPTO_RsaSignature *s2) +GNUNET_CRYPTO_rsa_signature_cmp (struct GNUNET_CRYPTO_RsaSignature *s1, + struct GNUNET_CRYPTO_RsaSignature *s2) { char *b1; char *b2; @@ -522,18 +529,18 @@ GNUNET_CRYPTO_rsa_signature_cmp(struct GNUNET_CRYPTO_RsaSignature *s1, size_t z2; int ret; - z1 = GNUNET_CRYPTO_rsa_signature_encode(s1, - &b1); - z2 = GNUNET_CRYPTO_rsa_signature_encode(s2, - &b2); + z1 = GNUNET_CRYPTO_rsa_signature_encode (s1, + &b1); + z2 = GNUNET_CRYPTO_rsa_signature_encode (s2, + &b2); if (z1 != z2) ret = 1; else - ret = memcmp(b1, - b2, - z1); - GNUNET_free(b1); - GNUNET_free(b2); + ret = memcmp (b1, + b2, + z1); + GNUNET_free (b1); + GNUNET_free (b2); return ret; } @@ -546,8 +553,8 @@ GNUNET_CRYPTO_rsa_signature_cmp(struct GNUNET_CRYPTO_RsaSignature *s1, * @return 0 if the two are equal */ int -GNUNET_CRYPTO_rsa_public_key_cmp(struct GNUNET_CRYPTO_RsaPublicKey *p1, - struct GNUNET_CRYPTO_RsaPublicKey *p2) +GNUNET_CRYPTO_rsa_public_key_cmp (struct GNUNET_CRYPTO_RsaPublicKey *p1, + struct GNUNET_CRYPTO_RsaPublicKey *p2) { char *b1; char *b2; @@ -555,18 +562,18 @@ GNUNET_CRYPTO_rsa_public_key_cmp(struct GNUNET_CRYPTO_RsaPublicKey *p1, size_t z2; int ret; - z1 = GNUNET_CRYPTO_rsa_public_key_encode(p1, - &b1); - z2 = GNUNET_CRYPTO_rsa_public_key_encode(p2, - &b2); + z1 = GNUNET_CRYPTO_rsa_public_key_encode (p1, + &b1); + z2 = GNUNET_CRYPTO_rsa_public_key_encode (p2, + &b2); if (z1 != z2) ret = 1; else - ret = memcmp(b1, - b2, - z1); - GNUNET_free(b1); - GNUNET_free(b2); + ret = memcmp (b1, + b2, + z1); + GNUNET_free (b1); + GNUNET_free (b2); return ret; } @@ -579,8 +586,8 @@ GNUNET_CRYPTO_rsa_public_key_cmp(struct GNUNET_CRYPTO_RsaPublicKey *p1, * @return 0 if the two are equal */ int -GNUNET_CRYPTO_rsa_private_key_cmp(struct GNUNET_CRYPTO_RsaPrivateKey *p1, - struct GNUNET_CRYPTO_RsaPrivateKey *p2) +GNUNET_CRYPTO_rsa_private_key_cmp (struct GNUNET_CRYPTO_RsaPrivateKey *p1, + struct GNUNET_CRYPTO_RsaPrivateKey *p2) { char *b1; char *b2; @@ -588,18 +595,18 @@ GNUNET_CRYPTO_rsa_private_key_cmp(struct GNUNET_CRYPTO_RsaPrivateKey *p1, size_t z2; int ret; - z1 = GNUNET_CRYPTO_rsa_private_key_encode(p1, - &b1); - z2 = GNUNET_CRYPTO_rsa_private_key_encode(p2, - &b2); + z1 = GNUNET_CRYPTO_rsa_private_key_encode (p1, + &b1); + z2 = GNUNET_CRYPTO_rsa_private_key_encode (p2, + &b2); if (z1 != z2) ret = 1; else - ret = memcmp(b1, - b2, - z1); - GNUNET_free(b1); - GNUNET_free(b2); + ret = memcmp (b1, + b2, + z1); + GNUNET_free (b1); + GNUNET_free (b2); return ret; } @@ -611,18 +618,18 @@ GNUNET_CRYPTO_rsa_private_key_cmp(struct GNUNET_CRYPTO_RsaPrivateKey *p1, * @return length of the key in bits */ unsigned int -GNUNET_CRYPTO_rsa_public_key_len(const struct GNUNET_CRYPTO_RsaPublicKey *key) +GNUNET_CRYPTO_rsa_public_key_len (const struct GNUNET_CRYPTO_RsaPublicKey *key) { gcry_mpi_t n; unsigned int rval; - if (0 != key_from_sexp(&n, key->sexp, "rsa", "n")) - { /* Not an RSA public key */ - GNUNET_break(0); - return 0; - } - rval = gcry_mpi_get_nbits(n); - gcry_mpi_release(n); + if (0 != key_from_sexp (&n, key->sexp, "rsa", "n")) + { /* Not an RSA public key */ + GNUNET_break (0); + return 0; + } + rval = gcry_mpi_get_nbits (n); + gcry_mpi_release (n); return rval; } @@ -633,10 +640,10 @@ GNUNET_CRYPTO_rsa_public_key_len(const struct GNUNET_CRYPTO_RsaPublicKey *key) * @param bkey the blinding key to destroy */ static void -rsa_blinding_key_free(struct RsaBlindingKey *bkey) +rsa_blinding_key_free (struct RsaBlindingKey *bkey) { - gcry_mpi_release(bkey->r); - GNUNET_free(bkey); + gcry_mpi_release (bkey->r); + GNUNET_free (bkey); } @@ -648,25 +655,25 @@ rsa_blinding_key_free(struct RsaBlindingKey *bkey) * @return number of bytes stored in @a buffer */ static size_t -numeric_mpi_alloc_n_print(gcry_mpi_t v, - char **buffer) +numeric_mpi_alloc_n_print (gcry_mpi_t v, + char **buffer) { size_t n; char *b; size_t rsize; - gcry_mpi_print(GCRYMPI_FMT_USG, - NULL, - 0, - &n, - v); - b = GNUNET_malloc(n); - GNUNET_assert(0 == - gcry_mpi_print(GCRYMPI_FMT_USG, - (unsigned char *)b, - n, - &rsize, - v)); + gcry_mpi_print (GCRYMPI_FMT_USG, + NULL, + 0, + &n, + v); + b = GNUNET_malloc (n); + GNUNET_assert (0 == + gcry_mpi_print (GCRYMPI_FMT_USG, + (unsigned char *) b, + n, + &rsize, + v)); *buffer = b; return n; } @@ -685,8 +692,8 @@ numeric_mpi_alloc_n_print(gcry_mpi_t v, * @return MPI value set to the FDH, NULL if RSA key is malicious */ static gcry_mpi_t -rsa_full_domain_hash(const struct GNUNET_CRYPTO_RsaPublicKey *pkey, - const struct GNUNET_HashCode *hash) +rsa_full_domain_hash (const struct GNUNET_CRYPTO_RsaPublicKey *pkey, + const struct GNUNET_HashCode *hash) { gcry_mpi_t r, n; char *xts; @@ -694,28 +701,28 @@ rsa_full_domain_hash(const struct GNUNET_CRYPTO_RsaPublicKey *pkey, int ok; /* Extract the composite n from the RSA public key */ - GNUNET_assert(0 == key_from_sexp(&n, pkey->sexp, "rsa", "n")); + GNUNET_assert (0 == key_from_sexp (&n, pkey->sexp, "rsa", "n")); /* Assert that it at least looks like an RSA key */ - GNUNET_assert(0 == gcry_mpi_get_flag(n, GCRYMPI_FLAG_OPAQUE)); + GNUNET_assert (0 == gcry_mpi_get_flag (n, GCRYMPI_FLAG_OPAQUE)); /* We key with the public denomination key as a homage to RSA-PSS by * * Mihir Bellare and Phillip Rogaway. Doing this lowers the degree * * of the hypothetical polyomial-time attack on RSA-KTI created by a * * polynomial-time one-more forgary attack. Yey seeding! */ - xts_len = GNUNET_CRYPTO_rsa_public_key_encode(pkey, &xts); + xts_len = GNUNET_CRYPTO_rsa_public_key_encode (pkey, &xts); - GNUNET_CRYPTO_kdf_mod_mpi(&r, - n, - xts, xts_len, - hash, sizeof(*hash), - "RSA-FDA FTpsW!"); - GNUNET_free(xts); + GNUNET_CRYPTO_kdf_mod_mpi (&r, + n, + xts, xts_len, + hash, sizeof(*hash), + "RSA-FDA FTpsW!"); + GNUNET_free (xts); - ok = rsa_gcd_validate(r, n); - gcry_mpi_release(n); + ok = rsa_gcd_validate (r, n); + gcry_mpi_release (n); if (ok) return r; - gcry_mpi_release(r); + gcry_mpi_release (r); return NULL; } @@ -731,10 +738,10 @@ rsa_full_domain_hash(const struct GNUNET_CRYPTO_RsaPublicKey *pkey, * @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious */ int -GNUNET_CRYPTO_rsa_blind(const struct GNUNET_HashCode *hash, - const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, - struct GNUNET_CRYPTO_RsaPublicKey *pkey, - char **buf, size_t *buf_size) +GNUNET_CRYPTO_rsa_blind (const struct GNUNET_HashCode *hash, + const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, + struct GNUNET_CRYPTO_RsaPublicKey *pkey, + char **buf, size_t *buf_size) { struct RsaBlindingKey *bkey; gcry_mpi_t data; @@ -743,59 +750,59 @@ GNUNET_CRYPTO_rsa_blind(const struct GNUNET_HashCode *hash, gcry_mpi_t data_r_e; int ret; - BENCHMARK_START(rsa_blind); + BENCHMARK_START (rsa_blind); - GNUNET_assert(buf != NULL && buf_size != NULL); - ret = key_from_sexp(ne, pkey->sexp, "public-key", "ne"); + GNUNET_assert (buf != NULL && buf_size != NULL); + ret = key_from_sexp (ne, pkey->sexp, "public-key", "ne"); if (0 != ret) - ret = key_from_sexp(ne, pkey->sexp, "rsa", "ne"); + ret = key_from_sexp (ne, pkey->sexp, "rsa", "ne"); if (0 != ret) - { - GNUNET_break(0); - *buf = NULL; - *buf_size = 0; - return 0; - } - - data = rsa_full_domain_hash(pkey, hash); + { + GNUNET_break (0); + *buf = NULL; + *buf_size = 0; + return 0; + } + + data = rsa_full_domain_hash (pkey, hash); if (NULL == data) goto rsa_gcd_validate_failure; - bkey = rsa_blinding_key_derive(pkey, bks); + bkey = rsa_blinding_key_derive (pkey, bks); if (NULL == bkey) - { - gcry_mpi_release(data); - goto rsa_gcd_validate_failure; - } - - r_e = gcry_mpi_new(0); - gcry_mpi_powm(r_e, - bkey->r, - ne[1], - ne[0]); - data_r_e = gcry_mpi_new(0); - gcry_mpi_mulm(data_r_e, - data, - r_e, - ne[0]); - gcry_mpi_release(data); - gcry_mpi_release(ne[0]); - gcry_mpi_release(ne[1]); - gcry_mpi_release(r_e); - rsa_blinding_key_free(bkey); - - *buf_size = numeric_mpi_alloc_n_print(data_r_e, buf); - gcry_mpi_release(data_r_e); - - BENCHMARK_END(rsa_blind); + { + gcry_mpi_release (data); + goto rsa_gcd_validate_failure; + } + + r_e = gcry_mpi_new (0); + gcry_mpi_powm (r_e, + bkey->r, + ne[1], + ne[0]); + data_r_e = gcry_mpi_new (0); + gcry_mpi_mulm (data_r_e, + data, + r_e, + ne[0]); + gcry_mpi_release (data); + gcry_mpi_release (ne[0]); + gcry_mpi_release (ne[1]); + gcry_mpi_release (r_e); + rsa_blinding_key_free (bkey); + + *buf_size = numeric_mpi_alloc_n_print (data_r_e, buf); + gcry_mpi_release (data_r_e); + + BENCHMARK_END (rsa_blind); return GNUNET_YES; rsa_gcd_validate_failure: /* We know the RSA key is malicious here, so warn the wallet. */ /* GNUNET_break_op (0); */ - gcry_mpi_release(ne[0]); - gcry_mpi_release(ne[1]); + gcry_mpi_release (ne[0]); + gcry_mpi_release (ne[1]); *buf = NULL; *buf_size = 0; return GNUNET_NO; @@ -809,15 +816,15 @@ rsa_gcd_validate_failure: * @return converted s-expression */ static gcry_sexp_t -mpi_to_sexp(gcry_mpi_t value) +mpi_to_sexp (gcry_mpi_t value) { gcry_sexp_t data = NULL; - GNUNET_assert(0 == - gcry_sexp_build(&data, - NULL, - "(data (flags raw) (value %M))", - value)); + GNUNET_assert (0 == + gcry_sexp_build (&data, + NULL, + "(data (flags raw) (value %M))", + value)); return data; } @@ -830,53 +837,54 @@ mpi_to_sexp(gcry_mpi_t value) * @return NULL on error, signature on success */ static struct GNUNET_CRYPTO_RsaSignature * -rsa_sign_mpi(const struct GNUNET_CRYPTO_RsaPrivateKey *key, - gcry_mpi_t value) +rsa_sign_mpi (const struct GNUNET_CRYPTO_RsaPrivateKey *key, + gcry_mpi_t value) { struct GNUNET_CRYPTO_RsaSignature *sig; gcry_sexp_t data; gcry_sexp_t result; int rc; - data = mpi_to_sexp(value); + data = mpi_to_sexp (value); if (0 != - (rc = gcry_pk_sign(&result, - data, - key->sexp))) - { - LOG(GNUNET_ERROR_TYPE_WARNING, - _("RSA signing failed at %s:%d: %s\n"), - __FILE__, - __LINE__, - gcry_strerror(rc)); - GNUNET_break(0); - return NULL; - } + (rc = gcry_pk_sign (&result, + data, + key->sexp))) + { + LOG (GNUNET_ERROR_TYPE_WARNING, + _ ("RSA signing failed at %s:%d: %s\n"), + __FILE__, + __LINE__, + gcry_strerror (rc)); + GNUNET_break (0); + return NULL; + } /* Lenstra protection was first added to libgcrypt 1.6.4 * with commit c17f84bd02d7ee93845e92e20f6ddba814961588. */ #if GCRYPT_VERSION_NUMBER < 0x010604 /* verify signature (guards against Lenstra's attack with fault injection...) */ - struct GNUNET_CRYPTO_RsaPublicKey *public_key = GNUNET_CRYPTO_rsa_private_key_get_public(key); + struct GNUNET_CRYPTO_RsaPublicKey *public_key = + GNUNET_CRYPTO_rsa_private_key_get_public (key); if (0 != - gcry_pk_verify(result, - data, - public_key->sexp)) - { - GNUNET_break(0); - GNUNET_CRYPTO_rsa_public_key_free(public_key); - gcry_sexp_release(data); - gcry_sexp_release(result); - return NULL; - } - GNUNET_CRYPTO_rsa_public_key_free(public_key); + gcry_pk_verify (result, + data, + public_key->sexp)) + { + GNUNET_break (0); + GNUNET_CRYPTO_rsa_public_key_free (public_key); + gcry_sexp_release (data); + gcry_sexp_release (result); + return NULL; + } + GNUNET_CRYPTO_rsa_public_key_free (public_key); #endif /* return signature */ - gcry_sexp_release(data); - sig = GNUNET_new(struct GNUNET_CRYPTO_RsaSignature); + gcry_sexp_release (data); + sig = GNUNET_new (struct GNUNET_CRYPTO_RsaSignature); sig->sexp = result; return sig; } @@ -891,25 +899,25 @@ rsa_sign_mpi(const struct GNUNET_CRYPTO_RsaPrivateKey *key, * @return NULL on error, signature on success */ struct GNUNET_CRYPTO_RsaSignature * -GNUNET_CRYPTO_rsa_sign_blinded(const struct GNUNET_CRYPTO_RsaPrivateKey *key, - const void *msg, - size_t msg_len) +GNUNET_CRYPTO_rsa_sign_blinded (const struct GNUNET_CRYPTO_RsaPrivateKey *key, + const void *msg, + size_t msg_len) { gcry_mpi_t v = NULL; struct GNUNET_CRYPTO_RsaSignature *sig; - BENCHMARK_START(rsa_sign_blinded); + BENCHMARK_START (rsa_sign_blinded); - GNUNET_assert(0 == - gcry_mpi_scan(&v, - GCRYMPI_FMT_USG, - msg, - msg_len, - NULL)); + GNUNET_assert (0 == + gcry_mpi_scan (&v, + GCRYMPI_FMT_USG, + msg, + msg_len, + NULL)); - sig = rsa_sign_mpi(key, v); - gcry_mpi_release(v); - BENCHMARK_END(rsa_sign_blinded); + sig = rsa_sign_mpi (key, v); + gcry_mpi_release (v); + BENCHMARK_END (rsa_sign_blinded); return sig; } @@ -922,21 +930,21 @@ GNUNET_CRYPTO_rsa_sign_blinded(const struct GNUNET_CRYPTO_RsaPrivateKey *key, * @return NULL on error, including a malicious RSA key, signature on success */ struct GNUNET_CRYPTO_RsaSignature * -GNUNET_CRYPTO_rsa_sign_fdh(const struct GNUNET_CRYPTO_RsaPrivateKey *key, - const struct GNUNET_HashCode *hash) +GNUNET_CRYPTO_rsa_sign_fdh (const struct GNUNET_CRYPTO_RsaPrivateKey *key, + const struct GNUNET_HashCode *hash) { struct GNUNET_CRYPTO_RsaPublicKey *pkey; gcry_mpi_t v = NULL; struct GNUNET_CRYPTO_RsaSignature *sig; - pkey = GNUNET_CRYPTO_rsa_private_key_get_public(key); - v = rsa_full_domain_hash(pkey, hash); - GNUNET_CRYPTO_rsa_public_key_free(pkey); + pkey = GNUNET_CRYPTO_rsa_private_key_get_public (key); + v = rsa_full_domain_hash (pkey, hash); + GNUNET_CRYPTO_rsa_public_key_free (pkey); if (NULL == v) /* rsa_gcd_validate failed meaning */ return NULL; /* our *own* RSA key is malicious. */ - sig = rsa_sign_mpi(key, v); - gcry_mpi_release(v); + sig = rsa_sign_mpi (key, v); + gcry_mpi_release (v); return sig; } @@ -947,10 +955,10 @@ GNUNET_CRYPTO_rsa_sign_fdh(const struct GNUNET_CRYPTO_RsaPrivateKey *key, * @param sig memory to freee */ void -GNUNET_CRYPTO_rsa_signature_free(struct GNUNET_CRYPTO_RsaSignature *sig) +GNUNET_CRYPTO_rsa_signature_free (struct GNUNET_CRYPTO_RsaSignature *sig) { - gcry_sexp_release(sig->sexp); - GNUNET_free(sig); + gcry_sexp_release (sig->sexp); + GNUNET_free (sig); } @@ -962,22 +970,23 @@ GNUNET_CRYPTO_rsa_signature_free(struct GNUNET_CRYPTO_RsaSignature *sig) * @return size of memory allocated in @a buffer */ size_t -GNUNET_CRYPTO_rsa_signature_encode(const struct GNUNET_CRYPTO_RsaSignature *sig, - char **buffer) +GNUNET_CRYPTO_rsa_signature_encode (const struct + GNUNET_CRYPTO_RsaSignature *sig, + char **buffer) { size_t n; char *b; - n = gcry_sexp_sprint(sig->sexp, - GCRYSEXP_FMT_ADVANCED, - NULL, - 0); - b = GNUNET_malloc(n); - GNUNET_assert((n - 1) == /* since the last byte is \0 */ - gcry_sexp_sprint(sig->sexp, - GCRYSEXP_FMT_ADVANCED, - b, - n)); + n = gcry_sexp_sprint (sig->sexp, + GCRYSEXP_FMT_ADVANCED, + NULL, + 0); + b = GNUNET_malloc (n); + GNUNET_assert ((n - 1) == /* since the last byte is \0 */ + gcry_sexp_sprint (sig->sexp, + GCRYSEXP_FMT_ADVANCED, + b, + n)); *buffer = b; return n; } @@ -992,37 +1001,37 @@ GNUNET_CRYPTO_rsa_signature_encode(const struct GNUNET_CRYPTO_RsaSignature *sig, * @return NULL on error */ struct GNUNET_CRYPTO_RsaSignature * -GNUNET_CRYPTO_rsa_signature_decode(const char *buf, - size_t len) +GNUNET_CRYPTO_rsa_signature_decode (const char *buf, + size_t len) { struct GNUNET_CRYPTO_RsaSignature *sig; int ret; gcry_mpi_t s; - sig = GNUNET_new(struct GNUNET_CRYPTO_RsaSignature); + sig = GNUNET_new (struct GNUNET_CRYPTO_RsaSignature); if (0 != - gcry_sexp_new(&sig->sexp, - buf, - len, - 0)) - { - GNUNET_break_op(0); - GNUNET_free(sig); - return NULL; - } + gcry_sexp_new (&sig->sexp, + buf, + len, + 0)) + { + GNUNET_break_op (0); + GNUNET_free (sig); + return NULL; + } /* verify that this is an RSA signature */ - ret = key_from_sexp(&s, sig->sexp, "sig-val", "s"); + ret = key_from_sexp (&s, sig->sexp, "sig-val", "s"); if (0 != ret) - ret = key_from_sexp(&s, sig->sexp, "rsa", "s"); + ret = key_from_sexp (&s, sig->sexp, "rsa", "s"); if (0 != ret) - { - /* this is no RSA Signature */ - GNUNET_break_op(0); - gcry_sexp_release(sig->sexp); - GNUNET_free(sig); - return NULL; - } - gcry_mpi_release(s); + { + /* this is no RSA Signature */ + GNUNET_break_op (0); + gcry_sexp_release (sig->sexp); + GNUNET_free (sig); + return NULL; + } + gcry_mpi_release (s); return sig; } @@ -1034,19 +1043,19 @@ GNUNET_CRYPTO_rsa_signature_decode(const char *buf, * @return the duplicate key; NULL upon error */ struct GNUNET_CRYPTO_RsaPublicKey * -GNUNET_CRYPTO_rsa_public_key_dup(const struct GNUNET_CRYPTO_RsaPublicKey *key) +GNUNET_CRYPTO_rsa_public_key_dup (const struct GNUNET_CRYPTO_RsaPublicKey *key) { struct GNUNET_CRYPTO_RsaPublicKey *dup; gcry_sexp_t dup_sexp; size_t erroff; /* check if we really are exporting a public key */ - dup_sexp = gcry_sexp_find_token(key->sexp, "public-key", 0); - GNUNET_assert(NULL != dup_sexp); - gcry_sexp_release(dup_sexp); + dup_sexp = gcry_sexp_find_token (key->sexp, "public-key", 0); + GNUNET_assert (NULL != dup_sexp); + gcry_sexp_release (dup_sexp); /* copy the sexp */ - GNUNET_assert(0 == gcry_sexp_build(&dup_sexp, &erroff, "%S", key->sexp)); - dup = GNUNET_new(struct GNUNET_CRYPTO_RsaPublicKey); + GNUNET_assert (0 == gcry_sexp_build (&dup_sexp, &erroff, "%S", key->sexp)); + dup = GNUNET_new (struct GNUNET_CRYPTO_RsaPublicKey); dup->sexp = dup_sexp; return dup; } @@ -1063,9 +1072,9 @@ GNUNET_CRYPTO_rsa_public_key_dup(const struct GNUNET_CRYPTO_RsaPublicKey *key) * @return unblinded signature on success, NULL if RSA key is bad or malicious. */ struct GNUNET_CRYPTO_RsaSignature * -GNUNET_CRYPTO_rsa_unblind(const struct GNUNET_CRYPTO_RsaSignature *sig, - const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, - struct GNUNET_CRYPTO_RsaPublicKey *pkey) +GNUNET_CRYPTO_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig, + const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, + struct GNUNET_CRYPTO_RsaPublicKey *pkey) { struct RsaBlindingKey *bkey; gcry_mpi_t n; @@ -1075,70 +1084,70 @@ GNUNET_CRYPTO_rsa_unblind(const struct GNUNET_CRYPTO_RsaSignature *sig, int ret; struct GNUNET_CRYPTO_RsaSignature *sret; - BENCHMARK_START(rsa_unblind); + BENCHMARK_START (rsa_unblind); - ret = key_from_sexp(&n, pkey->sexp, "public-key", "n"); + ret = key_from_sexp (&n, pkey->sexp, "public-key", "n"); if (0 != ret) - ret = key_from_sexp(&n, pkey->sexp, "rsa", "n"); + ret = key_from_sexp (&n, pkey->sexp, "rsa", "n"); if (0 != ret) - { - GNUNET_break_op(0); - return NULL; - } - ret = key_from_sexp(&s, sig->sexp, "sig-val", "s"); + { + GNUNET_break_op (0); + return NULL; + } + ret = key_from_sexp (&s, sig->sexp, "sig-val", "s"); if (0 != ret) - ret = key_from_sexp(&s, sig->sexp, "rsa", "s"); + ret = key_from_sexp (&s, sig->sexp, "rsa", "s"); if (0 != ret) - { - gcry_mpi_release(n); - GNUNET_break_op(0); - return NULL; - } + { + gcry_mpi_release (n); + GNUNET_break_op (0); + return NULL; + } - bkey = rsa_blinding_key_derive(pkey, bks); + bkey = rsa_blinding_key_derive (pkey, bks); if (NULL == bkey) - { - /* RSA key is malicious since rsa_gcd_validate failed here. - * It should have failed during GNUNET_CRYPTO_rsa_blind too though, - * so the exchange is being malicious in an unfamilair way, maybe - * just trying to crash us. */ - GNUNET_break_op(0); - gcry_mpi_release(n); - gcry_mpi_release(s); - return NULL; - } - - r_inv = gcry_mpi_new(0); + { + /* RSA key is malicious since rsa_gcd_validate failed here. + * It should have failed during GNUNET_CRYPTO_rsa_blind too though, + * so the exchange is being malicious in an unfamilair way, maybe + * just trying to crash us. */ + GNUNET_break_op (0); + gcry_mpi_release (n); + gcry_mpi_release (s); + return NULL; + } + + r_inv = gcry_mpi_new (0); if (1 != - gcry_mpi_invm(r_inv, - bkey->r, - n)) - { - /* We cannot find r mod n, so gcd(r,n) != 1, which should get * - * caught above, but we handle it the same here. */ - GNUNET_break_op(0); - gcry_mpi_release(r_inv); - rsa_blinding_key_free(bkey); - gcry_mpi_release(n); - gcry_mpi_release(s); - return NULL; - } - - ubsig = gcry_mpi_new(0); - gcry_mpi_mulm(ubsig, s, r_inv, n); - gcry_mpi_release(n); - gcry_mpi_release(r_inv); - gcry_mpi_release(s); - rsa_blinding_key_free(bkey); - - sret = GNUNET_new(struct GNUNET_CRYPTO_RsaSignature); - GNUNET_assert(0 == - gcry_sexp_build(&sret->sexp, - NULL, - "(sig-val (rsa (s %M)))", - ubsig)); - gcry_mpi_release(ubsig); - BENCHMARK_END(rsa_unblind); + gcry_mpi_invm (r_inv, + bkey->r, + n)) + { + /* We cannot find r mod n, so gcd(r,n) != 1, which should get * + * caught above, but we handle it the same here. */ + GNUNET_break_op (0); + gcry_mpi_release (r_inv); + rsa_blinding_key_free (bkey); + gcry_mpi_release (n); + gcry_mpi_release (s); + return NULL; + } + + ubsig = gcry_mpi_new (0); + gcry_mpi_mulm (ubsig, s, r_inv, n); + gcry_mpi_release (n); + gcry_mpi_release (r_inv); + gcry_mpi_release (s); + rsa_blinding_key_free (bkey); + + sret = GNUNET_new (struct GNUNET_CRYPTO_RsaSignature); + GNUNET_assert (0 == + gcry_sexp_build (&sret->sexp, + NULL, + "(sig-val (rsa (s %M)))", + ubsig)); + gcry_mpi_release (ubsig); + BENCHMARK_END (rsa_unblind); return sret; } @@ -1153,47 +1162,47 @@ GNUNET_CRYPTO_rsa_unblind(const struct GNUNET_CRYPTO_RsaSignature *sig, * @returns #GNUNET_YES if ok, #GNUNET_NO if RSA key is malicious, #GNUNET_SYSERR if signature is invalid */ int -GNUNET_CRYPTO_rsa_verify(const struct GNUNET_HashCode *hash, - const struct GNUNET_CRYPTO_RsaSignature *sig, - const struct GNUNET_CRYPTO_RsaPublicKey *pkey) +GNUNET_CRYPTO_rsa_verify (const struct GNUNET_HashCode *hash, + const struct GNUNET_CRYPTO_RsaSignature *sig, + const struct GNUNET_CRYPTO_RsaPublicKey *pkey) { gcry_sexp_t data; gcry_mpi_t r; int rc; - BENCHMARK_START(rsa_verify); + BENCHMARK_START (rsa_verify); - r = rsa_full_domain_hash(pkey, hash); + r = rsa_full_domain_hash (pkey, hash); if (NULL == r) - { - GNUNET_break_op(0); - /* RSA key is malicious since rsa_gcd_validate failed here. - * It should have failed during GNUNET_CRYPTO_rsa_blind too though, - * so the exchange is being malicious in an unfamilair way, maybe - * just trying to crash us. Arguably, we've only an internal error - * though because we should've detected this in our previous call - * to GNUNET_CRYPTO_rsa_unblind. */ - return GNUNET_NO; - } - - data = mpi_to_sexp(r); - gcry_mpi_release(r); - - rc = gcry_pk_verify(sig->sexp, - data, - pkey->sexp); - gcry_sexp_release(data); + { + GNUNET_break_op (0); + /* RSA key is malicious since rsa_gcd_validate failed here. + * It should have failed during GNUNET_CRYPTO_rsa_blind too though, + * so the exchange is being malicious in an unfamilair way, maybe + * just trying to crash us. Arguably, we've only an internal error + * though because we should've detected this in our previous call + * to GNUNET_CRYPTO_rsa_unblind. */ + return GNUNET_NO; + } + + data = mpi_to_sexp (r); + gcry_mpi_release (r); + + rc = gcry_pk_verify (sig->sexp, + data, + pkey->sexp); + gcry_sexp_release (data); if (0 != rc) - { - LOG(GNUNET_ERROR_TYPE_WARNING, - _("RSA signature verification failed at %s:%d: %s\n"), - __FILE__, - __LINE__, - gcry_strerror(rc)); - return GNUNET_SYSERR; - BENCHMARK_END(rsa_verify); - } - BENCHMARK_END(rsa_verify); + { + LOG (GNUNET_ERROR_TYPE_WARNING, + _ ("RSA signature verification failed at %s:%d: %s\n"), + __FILE__, + __LINE__, + gcry_strerror (rc)); + return GNUNET_SYSERR; + BENCHMARK_END (rsa_verify); + } + BENCHMARK_END (rsa_verify); return GNUNET_OK; } @@ -1205,19 +1214,20 @@ GNUNET_CRYPTO_rsa_verify(const struct GNUNET_HashCode *hash, * @return the duplicate key; NULL upon error */ struct GNUNET_CRYPTO_RsaPrivateKey * -GNUNET_CRYPTO_rsa_private_key_dup(const struct GNUNET_CRYPTO_RsaPrivateKey *key) +GNUNET_CRYPTO_rsa_private_key_dup (const struct + GNUNET_CRYPTO_RsaPrivateKey *key) { struct GNUNET_CRYPTO_RsaPrivateKey *dup; gcry_sexp_t dup_sexp; size_t erroff; /* check if we really are exporting a private key */ - dup_sexp = gcry_sexp_find_token(key->sexp, "private-key", 0); - GNUNET_assert(NULL != dup_sexp); - gcry_sexp_release(dup_sexp); + dup_sexp = gcry_sexp_find_token (key->sexp, "private-key", 0); + GNUNET_assert (NULL != dup_sexp); + gcry_sexp_release (dup_sexp); /* copy the sexp */ - GNUNET_assert(0 == gcry_sexp_build(&dup_sexp, &erroff, "%S", key->sexp)); - dup = GNUNET_new(struct GNUNET_CRYPTO_RsaPrivateKey); + GNUNET_assert (0 == gcry_sexp_build (&dup_sexp, &erroff, "%S", key->sexp)); + dup = GNUNET_new (struct GNUNET_CRYPTO_RsaPrivateKey); dup->sexp = dup_sexp; return dup; } @@ -1230,7 +1240,7 @@ GNUNET_CRYPTO_rsa_private_key_dup(const struct GNUNET_CRYPTO_RsaPrivateKey *key) * @return the duplicate key; NULL upon error */ struct GNUNET_CRYPTO_RsaSignature * -GNUNET_CRYPTO_rsa_signature_dup(const struct GNUNET_CRYPTO_RsaSignature *sig) +GNUNET_CRYPTO_rsa_signature_dup (const struct GNUNET_CRYPTO_RsaSignature *sig) { struct GNUNET_CRYPTO_RsaSignature *dup; gcry_sexp_t dup_sexp; @@ -1239,14 +1249,14 @@ GNUNET_CRYPTO_rsa_signature_dup(const struct GNUNET_CRYPTO_RsaSignature *sig) int ret; /* verify that this is an RSA signature */ - ret = key_from_sexp(&s, sig->sexp, "sig-val", "s"); + ret = key_from_sexp (&s, sig->sexp, "sig-val", "s"); if (0 != ret) - ret = key_from_sexp(&s, sig->sexp, "rsa", "s"); - GNUNET_assert(0 == ret); - gcry_mpi_release(s); + ret = key_from_sexp (&s, sig->sexp, "rsa", "s"); + GNUNET_assert (0 == ret); + gcry_mpi_release (s); /* copy the sexp */ - GNUNET_assert(0 == gcry_sexp_build(&dup_sexp, &erroff, "%S", sig->sexp)); - dup = GNUNET_new(struct GNUNET_CRYPTO_RsaSignature); + GNUNET_assert (0 == gcry_sexp_build (&dup_sexp, &erroff, "%S", sig->sexp)); + dup = GNUNET_new (struct GNUNET_CRYPTO_RsaSignature); dup->sexp = dup_sexp; return dup; } -- cgit v1.2.3