From 5306c3356854b535fe09654b270f06615bf94e94 Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Tue, 10 Nov 2020 09:01:17 +0900 Subject: -fix signatures in revocation --- src/identity/identity_api.c | 190 ++++++++++++++++++-------------- src/include/gnunet_identity_service.h | 89 ++++++++------- src/include/gnunet_revocation_service.h | 7 +- src/revocation/revocation_api.c | 57 +++++----- 4 files changed, 187 insertions(+), 156 deletions(-) (limited to 'src') diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c index 6f7c5d860..f40472240 100644 --- a/src/identity/identity_api.c +++ b/src/identity/identity_api.c @@ -953,6 +953,7 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h) GNUNET_free (h); } + ssize_t private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) { @@ -971,7 +972,6 @@ private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) } - ssize_t GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) { @@ -992,106 +992,116 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) ssize_t GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, - const void* buffer, - size_t len) + const void*buffer, + size_t len) { if (len < sizeof (key->type)) return -1; - GNUNET_memcpy(&(key->type), buffer, sizeof (key->type)); - const ssize_t length = GNUNET_IDENTITY_key_get_length(key); + GNUNET_memcpy (&(key->type), buffer, sizeof (key->type)); + const ssize_t length = GNUNET_IDENTITY_key_get_length (key); if (len < length) - return -1; + return -1; if (length < 0) return -2; - GNUNET_memcpy(&(key->ecdsa_key), buffer + sizeof (key->type), length - sizeof (key->type)); + GNUNET_memcpy (&(key->ecdsa_key), buffer + sizeof (key->type), length + - sizeof (key->type)); return length; } ssize_t -GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key, - void* buffer, - size_t len) +GNUNET_IDENTITY_write_key_to_buffer (const struct + GNUNET_IDENTITY_PublicKey *key, + void*buffer, + size_t len) { - const ssize_t length = GNUNET_IDENTITY_key_get_length(key); + const ssize_t length = GNUNET_IDENTITY_key_get_length (key); if (len < length) - return -1; + return -1; if (length < 0) - return -2; - GNUNET_memcpy(buffer, &(key->type), sizeof (key->type)); - GNUNET_memcpy(buffer + sizeof (key->type), &(key->ecdsa_key), length - sizeof (key->type)); + return -2; + GNUNET_memcpy (buffer, key, length); return length; } ssize_t -GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig) +GNUNET_IDENTITY_signature_get_length (const struct + GNUNET_IDENTITY_Signature *sig) { switch (ntohl (sig->type)) { case GNUNET_IDENTITY_TYPE_ECDSA: - return sizeof (sig->type) + sizeof (sig->ecdsa_signature); - break; + return sizeof (sig->type) + sizeof (sig->ecdsa_signature); + break; case GNUNET_IDENTITY_TYPE_EDDSA: - return sizeof (sig->type) + sizeof (sig->eddsa_signature); - break; + return sizeof (sig->type) + sizeof (sig->eddsa_signature); + break; default: - GNUNET_break (0); + GNUNET_break (0); } return -1; } ssize_t -GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *sig, - const void* buffer, - size_t len) +GNUNET_IDENTITY_read_signature_from_buffer (struct + GNUNET_IDENTITY_Signature *sig, + const void*buffer, + size_t len) { if (len < sizeof (sig->type)) - return -1; - GNUNET_memcpy(&(sig->type), buffer, sizeof (sig->type)); - const ssize_t length = GNUNET_IDENTITY_signature_get_length(sig); + return -1; + GNUNET_memcpy (&(sig->type), buffer, sizeof (sig->type)); + const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); if (len < length) - return -1; + return -1; if (length < 0) - return -2; - GNUNET_memcpy(&(sig->ecdsa_signature), buffer + sizeof (sig->type), length - sizeof (sig->type)); + return -2; + GNUNET_memcpy (&(sig->ecdsa_signature), buffer + sizeof (sig->type), length + - sizeof (sig->type)); return length; } ssize_t -GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signature *sig, - void* buffer, - size_t len) +GNUNET_IDENTITY_write_signature_to_buffer (const struct + GNUNET_IDENTITY_Signature *sig, + void*buffer, + size_t len) { - const ssize_t length = GNUNET_IDENTITY_signature_get_length(sig); + const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); if (len < length) - return -1; + return -1; if (length < 0) - return -2; - GNUNET_memcpy(buffer, &(sig->type), sizeof (sig->type)); - GNUNET_memcpy(buffer + sizeof (sig->type), &(sig->ecdsa_signature), length - sizeof (sig->type)); + return -2; + GNUNET_memcpy (buffer, &(sig->type), sizeof (sig->type)); + GNUNET_memcpy (buffer + sizeof (sig->type), &(sig->ecdsa_signature), length + - sizeof (sig->type)); return length; } int -GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv, - const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, - struct GNUNET_IDENTITY_Signature *sig) +GNUNET_IDENTITY_private_key_sign_ (const struct + GNUNET_IDENTITY_PrivateKey *priv, + const struct + GNUNET_CRYPTO_EccSignaturePurpose *purpose, + struct GNUNET_IDENTITY_Signature *sig) { sig->type = priv->type; switch (ntohl (priv->type)) { case GNUNET_IDENTITY_TYPE_ECDSA: - return GNUNET_CRYPTO_ecdsa_sign_ (& (priv->ecdsa_key), purpose, & (sig->ecdsa_signature)); - break; + return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose, + &(sig->ecdsa_signature)); + break; case GNUNET_IDENTITY_TYPE_EDDSA: - return GNUNET_CRYPTO_eddsa_sign_ (& (priv->eddsa_key), purpose, & (sig->eddsa_signature)); - break; + return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose, + &(sig->eddsa_signature)); + break; default: - GNUNET_break (0); + GNUNET_break (0); } return GNUNET_SYSERR; @@ -1100,22 +1110,27 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv int GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, - const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, - const struct GNUNET_IDENTITY_Signature *sig, - const struct GNUNET_IDENTITY_PublicKey *pub) + const struct + GNUNET_CRYPTO_EccSignaturePurpose *validate, + const struct GNUNET_IDENTITY_Signature *sig, + const struct GNUNET_IDENTITY_PublicKey *pub) { /* check type matching of 'sig' and 'pub' */ GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); switch (ntohl (pub->type)) { case GNUNET_IDENTITY_TYPE_ECDSA: - return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, & (sig->ecdsa_signature), & (pub->ecdsa_key)); - break; + return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, + &(sig->ecdsa_signature), + &(pub->ecdsa_key)); + break; case GNUNET_IDENTITY_TYPE_EDDSA: - return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, & (sig->eddsa_signature), & (pub->eddsa_key)); - break; + return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, + &(sig->eddsa_signature), + &(pub->eddsa_key)); + break; default: - GNUNET_break (0); + GNUNET_break (0); } return GNUNET_SYSERR; @@ -1123,56 +1138,64 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, ssize_t -GNUNET_IDENTITY_public_key_encrypt(const void *block, - size_t size, - const struct GNUNET_IDENTITY_PublicKey *pub, - struct GNUNET_CRYPTO_EcdhePublicKey *ecc, - void *result) +GNUNET_IDENTITY_public_key_encrypt (const void *block, + size_t size, + const struct GNUNET_IDENTITY_PublicKey *pub, + struct GNUNET_CRYPTO_EcdhePublicKey *ecc, + void *result) { struct GNUNET_CRYPTO_EcdhePrivateKey pk; - GNUNET_CRYPTO_ecdhe_key_create(&pk); + GNUNET_CRYPTO_ecdhe_key_create (&pk); struct GNUNET_HashCode hash; switch (ntohl (pub->type)) { case GNUNET_IDENTITY_TYPE_ECDSA: - if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa(&pk, &(pub->ecdsa_key), &hash)) + if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa (&pk, &(pub->ecdsa_key), + &hash)) return -1; break; case GNUNET_IDENTITY_TYPE_EDDSA: - if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa(&pk, &(pub->eddsa_key), &hash)) + if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa (&pk, &(pub->eddsa_key), + &hash)) return -1; break; default: return -1; } - GNUNET_CRYPTO_ecdhe_key_get_public(&pk, ecc); - GNUNET_CRYPTO_ecdhe_key_clear(&pk); + GNUNET_CRYPTO_ecdhe_key_get_public (&pk, ecc); + GNUNET_CRYPTO_ecdhe_key_clear (&pk); struct GNUNET_CRYPTO_SymmetricSessionKey key; struct GNUNET_CRYPTO_SymmetricInitializationVector iv; - GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); - GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); - const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt(block, size, &key, &iv, result); - GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); - GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); + GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); + GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); + const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt (block, size, &key, + &iv, result); + GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); + GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); return encrypted; } ssize_t -GNUNET_IDENTITY_private_key_decrypt(const void *block, - size_t size, - const struct GNUNET_IDENTITY_PrivateKey *priv, - const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, - void *result) { +GNUNET_IDENTITY_private_key_decrypt (const void *block, + size_t size, + const struct + GNUNET_IDENTITY_PrivateKey *priv, + const struct + GNUNET_CRYPTO_EcdhePublicKey *ecc, + void *result) +{ struct GNUNET_HashCode hash; switch (ntohl (priv->type)) { case GNUNET_IDENTITY_TYPE_ECDSA: - if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh(&(priv->ecdsa_key), ecc, &hash)) + if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh (&(priv->ecdsa_key), ecc, + &hash)) return -1; break; case GNUNET_IDENTITY_TYPE_EDDSA: - if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh(&(priv->eddsa_key), ecc, &hash)) + if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh (&(priv->eddsa_key), ecc, + &hash)) return -1; break; default: @@ -1180,11 +1203,12 @@ GNUNET_IDENTITY_private_key_decrypt(const void *block, } struct GNUNET_CRYPTO_SymmetricSessionKey key; struct GNUNET_CRYPTO_SymmetricInitializationVector iv; - GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); - GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); - const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt(block, size, &key, &iv, result); - GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); - GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); + GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); + GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); + const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt (block, size, &key, + &iv, result); + GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); + GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); return decrypted; } @@ -1222,7 +1246,7 @@ GNUNET_IDENTITY_public_key_from_string (const char *str, if (GNUNET_OK != ret) return GNUNET_SYSERR; ktype = ntohl (key->type); - return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? + return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? } @@ -1240,7 +1264,7 @@ GNUNET_IDENTITY_private_key_from_string (const char *str, if (GNUNET_OK != ret) return GNUNET_SYSERR; ktype = ntohl (key->type); - return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? + return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? } diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h index 66761e526..0174e52aa 100644 --- a/src/include/gnunet_identity_service.h +++ b/src/include/gnunet_identity_service.h @@ -151,9 +151,9 @@ struct GNUNET_IDENTITY_Signature union { - /** - * An ECDSA signature - */ + /** + * An ECDSA signature + */ struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature; /** @@ -419,8 +419,8 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key); */ ssize_t GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, - const void* buffer, - size_t len); + const void*buffer, + size_t len); /** @@ -436,9 +436,10 @@ GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, * @return -1 or -2 on error, else the amount of bytes written to the buffer */ ssize_t -GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key, - void* buffer, - size_t len); +GNUNET_IDENTITY_write_key_to_buffer (const struct + GNUNET_IDENTITY_PublicKey *key, + void*buffer, + size_t len); /** @@ -452,7 +453,8 @@ GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key * @return -1 on error, else the compacted length of the signature. */ ssize_t -GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig); +GNUNET_IDENTITY_signature_get_length (const struct + GNUNET_IDENTITY_Signature *sig); /** @@ -468,9 +470,10 @@ GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *si * @return -1 or -2 on error, else the amount of bytes read from the buffer */ ssize_t -GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *sig, - const void* buffer, - size_t len); +GNUNET_IDENTITY_read_signature_from_buffer (struct + GNUNET_IDENTITY_Signature *sig, + const void*buffer, + size_t len); /** @@ -486,9 +489,10 @@ GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *si * @return -1 or -2 on error, else the amount of bytes written to the buffer */ ssize_t -GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signature *sig, - void* buffer, - size_t len); +GNUNET_IDENTITY_write_signature_to_buffer (const struct + GNUNET_IDENTITY_Signature *sig, + void*buffer, + size_t len); /** @@ -505,9 +509,11 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signatur * @return #GNUNET_SYSERR on error, #GNUNET_OK on success */ int -GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv, - const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, - struct GNUNET_IDENTITY_Signature *sig); +GNUNET_IDENTITY_private_key_sign_ (const struct + GNUNET_IDENTITY_PrivateKey *priv, + const struct + GNUNET_CRYPTO_EccSignaturePurpose *purpose, + struct GNUNET_IDENTITY_Signature *sig); /** @@ -528,9 +534,9 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv GNUNET_static_assert (((void*) (ps)) == \ ((void*) &(ps)->purpose)); \ GNUNET_assert (GNUNET_OK == \ - GNUNET_IDENTITY_private_key_sign_ (priv, \ - &(ps)->purpose, \ - sig)); \ + GNUNET_IDENTITY_private_key_sign_ (priv, \ + &(ps)->purpose, \ + sig)); \ } while (0) @@ -553,9 +559,11 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv */ int GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, - const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, - const struct GNUNET_IDENTITY_Signature *sig, - const struct GNUNET_IDENTITY_PublicKey *pub); + const struct + GNUNET_CRYPTO_EccSignaturePurpose *validate, + const struct GNUNET_IDENTITY_Signature *sig, + const struct + GNUNET_IDENTITY_PublicKey *pub); /** @@ -577,10 +585,10 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, /* check 'ps' begins with the purpose */ \ GNUNET_static_assert (((void*) (ps)) == \ ((void*) &(ps)->purpose)); \ - GNUNET_IDENTITY_public_key_verify_(purp, \ - &(ps)->purpose, \ - sig, \ - pub); \ + GNUNET_IDENTITY_public_key_verify_ (purp, \ + &(ps)->purpose, \ + sig, \ + pub); \ }) @@ -600,11 +608,11 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, * this size should be the same as @c len. */ ssize_t -GNUNET_IDENTITY_public_key_encrypt(const void *block, - size_t size, - const struct GNUNET_IDENTITY_PublicKey *pub, - struct GNUNET_CRYPTO_EcdhePublicKey *ecc, - void *result); +GNUNET_IDENTITY_public_key_encrypt (const void *block, + size_t size, + const struct GNUNET_IDENTITY_PublicKey *pub, + struct GNUNET_CRYPTO_EcdhePublicKey *ecc, + void *result); /** @@ -622,11 +630,13 @@ GNUNET_IDENTITY_public_key_encrypt(const void *block, * this size should be the same as @c size. */ ssize_t -GNUNET_IDENTITY_private_key_decrypt(const void *block, - size_t size, - const struct GNUNET_IDENTITY_PrivateKey *priv, - const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, - void *result); +GNUNET_IDENTITY_private_key_decrypt (const void *block, + size_t size, + const struct + GNUNET_IDENTITY_PrivateKey *priv, + const struct + GNUNET_CRYPTO_EcdhePublicKey *ecc, + void *result); /** @@ -689,7 +699,8 @@ GNUNET_IDENTITY_private_key_from_string (const char*str, * @return GNUNET_SYSERR on error. */ enum GNUNET_GenericReturnValue -GNUNET_IDENTITY_key_get_public (const struct GNUNET_IDENTITY_PrivateKey *privkey, +GNUNET_IDENTITY_key_get_public (const struct + GNUNET_IDENTITY_PrivateKey *privkey, struct GNUNET_IDENTITY_PublicKey *key); diff --git a/src/include/gnunet_revocation_service.h b/src/include/gnunet_revocation_service.h index 3ad8f864b..d56116914 100644 --- a/src/include/gnunet_revocation_service.h +++ b/src/include/gnunet_revocation_service.h @@ -102,15 +102,12 @@ struct GNUNET_REVOCATION_SignaturePurposePS */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - /** - * The revoked public key - */ - struct GNUNET_IDENTITY_PublicKey key; - /** * The timestamp of the revocation */ struct GNUNET_TIME_AbsoluteNBO timestamp; + + /** Followed by the zone public key type and key **/ }; GNUNET_NETWORK_STRUCT_END diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index ee0150064..44c42ae49 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c @@ -426,7 +426,7 @@ enum GNUNET_GenericReturnValue check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, const struct GNUNET_IDENTITY_PublicKey *key) { - struct GNUNET_REVOCATION_SignaturePurposePS spurp; + struct GNUNET_REVOCATION_SignaturePurposePS *spurp; struct GNUNET_IDENTITY_Signature *sig; const struct GNUNET_IDENTITY_PublicKey *pk; size_t ksize; @@ -434,19 +434,20 @@ check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; ksize = GNUNET_IDENTITY_key_get_length (pk); - spurp.key = *pk; - spurp.timestamp = pow->timestamp; - spurp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); - spurp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) - + GNUNET_IDENTITY_key_get_length (pk) - + sizeof (struct GNUNET_TIME_AbsoluteNBO)); + spurp = GNUNET_malloc (sizeof (*spurp) + ksize); + spurp->timestamp = pow->timestamp; + spurp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); + spurp->purpose.size = htonl (sizeof(*spurp) + ksize); + GNUNET_IDENTITY_write_key_to_buffer (pk, + (char*) &spurp[1], + ksize); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Expected signature payload len: %u\n", - ntohl (spurp.purpose.size)); - sig = (struct GNUNET_CRYPTO_EcdsaSignature *) ((char*)&pow[1] + ksize); + ntohl (spurp->purpose.size)); + sig = (struct GNUNET_IDENTITY_Signature *) ((char*)&pow[1] + ksize); if (GNUNET_OK != GNUNET_IDENTITY_public_key_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION, - &spurp.purpose, + &spurp->purpose, sig, key)) { @@ -572,7 +573,7 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_REVOCATION_PowP *pow) { struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); - struct GNUNET_REVOCATION_SignaturePurposePS rp; + struct GNUNET_REVOCATION_SignaturePurposePS *rp; const struct GNUNET_IDENTITY_PublicKey *pk; size_t ksize; char *sig; @@ -586,18 +587,19 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; ksize = GNUNET_IDENTITY_key_get_length (pk); pow->timestamp = GNUNET_TIME_absolute_hton (ts); - rp.timestamp = pow->timestamp; - rp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); - rp.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) - + ksize - + sizeof (struct GNUNET_TIME_AbsoluteNBO)); + rp = GNUNET_malloc (sizeof (*rp) + ksize); + rp->timestamp = pow->timestamp; + rp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); + rp->purpose.size = htonl (sizeof(*rp) + ksize); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Signature payload len: %u\n", - ntohl (rp.purpose.size)); - rp.key = *pk; + ntohl (rp->purpose.size)); + GNUNET_IDENTITY_write_key_to_buffer (pk, + ((char*)&rp[1]), + ksize); sig = ((char*)&pow[1]) + ksize; int result = GNUNET_IDENTITY_private_key_sign_ (key, - &rp.purpose, + &rp->purpose, (void*) sig); if (result == GNUNET_SYSERR) return GNUNET_NO; else return result; @@ -762,20 +764,17 @@ size_t GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow) { size_t size; + size_t ksize; const struct GNUNET_IDENTITY_PublicKey *pk; + const struct GNUNET_IDENTITY_Signature *sig; size = sizeof (struct GNUNET_REVOCATION_PowP); pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; - size += GNUNET_IDENTITY_key_get_length (pk); - - switch (ntohl (pk->type)) - { - case GNUNET_IDENTITY_TYPE_ECDSA: - return size + sizeof (struct GNUNET_CRYPTO_EcdsaSignature); - default: - return 0; - } - return 0; + ksize = GNUNET_IDENTITY_key_get_length (pk); + size += ksize; + sig = (struct GNUNET_IDENTITY_Signature *) ((char*)&pow[1] + ksize); + size += GNUNET_IDENTITY_signature_get_length (sig); + return size; } -- cgit v1.2.3