commit 45e698414fa2010fd6aa083e942f6b302897e23d
parent 65f1f9c357307b92a7ee3fc1327f34eb24135667
Author: Bernd Fix <brf@hoi-polloi.org>
Date: Fri, 20 Dec 2019 18:18:03 +0100
Removed obsolete files.
Diffstat:
7 files changed, 0 insertions(+), 614 deletions(-)
diff --git a/README.md b/README.md
@@ -80,8 +80,6 @@ and GNS).
## Documentation
-* papers: 3rd party papers on GNUnet and crypto (mostly academic)
* raw: raw ASCII protocol definition
-* reports: findings in the GNUnet source code
* specification: texinfo protocol definition
diff --git a/src/gnunet/enums/block.go b/src/gnunet/enums/block.go
@@ -1,22 +0,0 @@
-package enums
-
-var (
- BLOCK_TYPE_ANY = 0 // Any type of block, used as a wildcard when searching.
- BLOCK_TYPE_FS_DBLOCK = 1 // Data block (leaf) in the CHK tree.
- BLOCK_TYPE_FS_IBLOCK = 2 // Inner block in the CHK tree.
- BLOCK_TYPE_FS_KBLOCK = 3 // Legacy type, no longer in use.
- BLOCK_TYPE_FS_SBLOCK = 4 // Legacy type, no longer in use.
- BLOCK_TYPE_FS_NBLOCK = 5 // Legacy type, no longer in use.
- BLOCK_TYPE_FS_ONDEMAND = 6 // Type of a block representing a block to be encoded on demand from disk.
- BLOCK_TYPE_DHT_HELLO = 7 // Type of a block that contains a HELLO for a peer
- BLOCK_TYPE_TEST = 8 // Block for testing.
- BLOCK_TYPE_FS_UBLOCK = 9 // Type of a block representing any type of search result (universal).
- BLOCK_TYPE_DNS = 10 // Block for storing DNS exit service advertisements.
- BLOCK_TYPE_GNS_NAMERECORD = 11 // Block for storing record data
- BLOCK_TYPE_REVOCATION = 12 // Block type for a revocation message by which a key is revoked.
-
- BLOCK_TYPE_REGEX = 22 // Block to store a cadet regex state
- BLOCK_TYPE_REGEX_ACCEPT = 23 // Block to store a cadet regex accepting state
- BLOCK_TYPE_SET_TEST = 24 // Block for testing set/consensus.
- BLOCK_TYPE_CONSENSUS_ELEMENT = 25 // Block type for consensus elements.
-)
diff --git a/src/gnunet/service/gns/crypto.go b/src/gnunet/service/gns/crypto.go
@@ -1,34 +0,0 @@
-package gns
-
-import (
- "crypto/sha256"
- "crypto/sha512"
-
- "github.com/bfix/gospel/crypto/ed25519"
- "gnunet/crypto"
- "golang.org/x/crypto/hkdf"
-)
-
-// DeriveBlockKey returns a symmetric key to decipher a GNS block
-func DeriveBlockKey(label string, pub *ed25519.PublicKey) (iv *crypto.SymmetricIV, skey *crypto.SymmetricKey) {
- // generate symmetric key
- prk := hkdf.Extract(sha512.New, []byte(label), pub.Bytes())
- rdr := hkdf.Expand(sha256.New, prk, []byte("gns-aes-ctx-key"))
- skey = crypto.NewSymmetricKey()
- rdr.Read(skey.AESKey)
- rdr.Read(skey.TwofishKey)
- // generate initialization vector
- rdr = hkdf.Expand(sha256.New, prk, []byte("gns-aes-ctx-iv"))
- iv = crypto.NewSymmetricIV()
- rdr.Read(iv.AESIv)
- rdr.Read(iv.TwofishIv)
- return
-}
-
-// DecryptBlock for a given zone and label.
-func DecryptBlock(data []byte, zoneKey *ed25519.PublicKey, label string) (out []byte, err error) {
- // derive key material for decryption
- iv, skey := DeriveBlockKey(label, zoneKey)
- // perform decryption
- return crypto.SymmetricDecrypt(data, skey, iv)
-}
diff --git a/src/gnunet/service/gns/crypto_test.go b/src/gnunet/service/gns/crypto_test.go
@@ -1,150 +0,0 @@
-package gns
-
-import (
- "bytes"
- "encoding/hex"
- "testing"
-
- "github.com/bfix/gospel/crypto/ed25519"
-)
-
-var (
- PUB = []byte{
- 0x93, 0x34, 0x71, 0xF6, 0x99, 0x19, 0x0C, 0x62,
- 0x85, 0xC7, 0x9B, 0x83, 0x9D, 0xCA, 0x83, 0x91,
- 0x38, 0xFA, 0x87, 0xFB, 0xB8, 0xD4, 0xF6, 0xF0,
- 0xF0, 0x4B, 0x7F, 0x0A, 0x48, 0xBF, 0x95, 0xF7,
- }
- LABEL = "home"
-)
-
-func TestDeriveBlockKey(t *testing.T) {
- var (
- SKEY = []byte{
- 0x1D, 0x86, 0x8E, 0xF7, 0x30, 0x96, 0x3B, 0x39,
- 0x66, 0xE6, 0x49, 0xD8, 0xF1, 0x13, 0x18, 0x39,
- 0x8A, 0x7A, 0xB0, 0xF3, 0xDC, 0xF6, 0xE7, 0x2A,
- 0xF6, 0x65, 0xDE, 0x86, 0x47, 0x7B, 0x20, 0x1B,
-
- 0x21, 0xA6, 0xFA, 0x55, 0x7C, 0x29, 0xF5, 0x94,
- 0x8E, 0x9A, 0x80, 0xB0, 0xB6, 0xD5, 0x4D, 0x38,
- 0x0E, 0x6A, 0x0F, 0x42, 0x4B, 0x27, 0xBB, 0x6A,
- 0x1E, 0xD1, 0x33, 0x08, 0xD6, 0x2E, 0x21, 0x8C,
- }
- IV = []byte{
- 0xAC, 0x18, 0x03, 0xB7, 0x8B, 0x1E, 0x09, 0xA9,
- 0xD0, 0x20, 0x47, 0x2B, 0x1B, 0x23, 0xE8, 0x24,
-
- 0xC9, 0x23, 0x9E, 0x61, 0x3A, 0x8D, 0x95, 0xA9,
- 0x3F, 0x6C, 0x1C, 0xC8, 0xCB, 0xD1, 0xBD, 0x6B,
- }
- )
-
- iv, skey := deriveBlockKey(LABEL, ed25519.NewPublicKeyFromBytes(PUB))
-
- if bytes.Compare(IV[:16], iv.AESIv) != 0 {
- t.Logf("AES_IV(computed) = %s\n", hex.EncodeToString(iv.AESIv))
- t.Logf("AES_IV(expected) = %s\n", hex.EncodeToString(IV[:16]))
- t.Fatal("AES IV mismatch")
- }
- if bytes.Compare(IV[16:], iv.TwofishIv) != 0 {
- t.Logf("Twofish_IV(computed) = %s\n", hex.EncodeToString(iv.TwofishIv))
- t.Logf("Twofish_IV(expected) = %s\n", hex.EncodeToString(IV[16:]))
- t.Fatal("Twofish IV mismatch")
- }
-
- if bytes.Compare(SKEY[:32], skey.AESKey) != 0 {
- t.Logf("AES_KEY(computed) = %s\n", hex.EncodeToString(skey.AESKey))
- t.Logf("AES_KEY(expected) = %s\n", hex.EncodeToString(SKEY[:32]))
- t.Fatal("AES KEY mismatch")
- }
- if bytes.Compare(SKEY[32:], skey.TwofishKey) != 0 {
- t.Logf("Twofish_KEY(computed) = %s\n", hex.EncodeToString(skey.TwofishKey))
- t.Logf("Twofish_KEY(expected) = %s\n", hex.EncodeToString(SKEY[32:]))
- t.Fatal("Twofish KEY mismatch")
- }
-}
-
-func TestDecryptBlock(t *testing.T) {
- var (
- DATA = []byte{
- 0xAC, 0xA5, 0x3C, 0x55, 0x63, 0x21, 0x31, 0x1F,
- 0x11, 0x6E, 0xEF, 0x48, 0xED, 0x53, 0x46, 0x31,
- 0x7C, 0x50, 0xFB, 0x6B, 0xA6, 0xC8, 0x6C, 0x46,
- 0x1E, 0xE3, 0xCA, 0x45, 0xCD, 0x5B, 0xD6, 0x86,
- 0x42, 0x87, 0xEF, 0x18, 0xCE, 0x8E, 0x83, 0x21,
- 0x04, 0xCB, 0xCF, 0x40, 0x7E, 0x0F, 0x51, 0x54,
- 0xE2, 0x3C, 0xDE, 0xE9, 0x22, 0x00, 0xFF, 0x40,
- 0xBB, 0x53, 0xE3, 0x69, 0x99, 0x92, 0x47, 0x97,
- 0xF0, 0x4E, 0x3B, 0x70,
- }
- OUT = []byte{
- 0x00, 0x00, 0x00, 0x01, 0x00, 0x05, 0xAD, 0x0E,
- 0x60, 0x28, 0xFE, 0x80, 0x00, 0x00, 0x00, 0x10,
- 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x00,
- 0x0A, 0x68, 0x6F, 0x69, 0x2D, 0x70, 0x6F, 0x6C,
- 0x6C, 0x6F, 0x69, 0x03, 0x6F, 0x72, 0x67, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00,
- }
- )
-
- out, err := DecryptBlock(DATA, ed25519.NewPublicKeyFromBytes(PUB), LABEL)
- if err != nil {
- t.Fatal(err)
- }
- if bytes.Compare(out, OUT) != 0 {
- t.Logf("Decrypt(computed) = %s\n", hex.EncodeToString(out))
- t.Logf("Decrypt(expected) = %s\n", hex.EncodeToString(OUT))
- t.Fatal("Decryptions failed")
- }
-}
-
-func TestVerifyBlock(t *testing.T) {
- var (
- SIGNED = []byte{
- 0x00, 0x00, 0x00, 0x54, 0x00, 0x00, 0x00, 0x0f,
- 0x00, 0x05, 0xad, 0x0e, 0x60, 0x28, 0xfe, 0x80,
- 0xac, 0xa5, 0x3c, 0x55, 0x63, 0x21, 0x31, 0x1f,
- 0x11, 0x6e, 0xef, 0x48, 0xed, 0x53, 0x46, 0x31,
- 0x7c, 0x50, 0xfb, 0x6b, 0xa6, 0xc8, 0x6c, 0x46,
- 0x1e, 0xe3, 0xca, 0x45, 0xcd, 0x5b, 0xd6, 0x86,
- 0x42, 0x87, 0xef, 0x18, 0xce, 0x8e, 0x83, 0x21,
- 0x04, 0xcb, 0xcf, 0x40, 0x7e, 0x0f, 0x51, 0x54,
- 0xe2, 0x3c, 0xde, 0xe9, 0x22, 0x00, 0xff, 0x40,
- 0xbb, 0x53, 0xe3, 0x69, 0x99, 0x92, 0x47, 0x97,
- 0xf0, 0x4e, 0x3b, 0x70,
- }
- SIG = []byte{
- 0x09, 0xc9, 0x6a, 0xda, 0x69, 0xce, 0x7c, 0x91,
- 0xbd, 0xa4, 0x59, 0xdc, 0xc9, 0x76, 0xf4, 0x6c,
- 0x62, 0xb7, 0x79, 0x3f, 0x94, 0xb2, 0xf6, 0xf0,
- 0x90, 0x17, 0x4e, 0x2f, 0x68, 0x49, 0xf8, 0xcc,
-
- 0x0b, 0x77, 0x32, 0x32, 0x28, 0x77, 0x2d, 0x2a,
- 0x31, 0x31, 0xc1, 0x2c, 0x44, 0x18, 0xf2, 0x5f,
- 0x1a, 0xe9, 0x8b, 0x2e, 0x65, 0xca, 0x1d, 0xe8,
- 0x22, 0x82, 0x6a, 0x06, 0xe0, 0x6a, 0x5a, 0xe5,
- }
- PUB = []byte{
- 0x26, 0x84, 0x1b, 0x24, 0x35, 0xa4, 0x63, 0xe9,
- 0xf0, 0x48, 0xae, 0x3e, 0xf7, 0xe8, 0x1b, 0xca,
- 0x55, 0x9f, 0x4c, 0x1e, 0x16, 0x18, 0xa6, 0xd3,
- 0x5b, 0x91, 0x0d, 0x54, 0x31, 0x6e, 0xbf, 0x97,
- }
- )
- sig, err := ed25519.NewEcSignatureFromBytes(SIG)
- if err != nil {
- t.Fatal(err)
- }
- dkey := ed25519.NewPublicKeyFromBytes(PUB)
- ok, err := dkey.EcVerify(SIGNED, sig)
- if err != nil {
- t.Fatal(err)
- }
- if !ok {
- t.Fatal("EcDSA verify failed")
- }
-}
diff --git a/src/gnunet/service/gns/gns.go b/src/gnunet/service/gns/gns.go
@@ -1,279 +0,0 @@
-package gns
-
-import (
- "encoding/hex"
- "io"
-
- "github.com/bfix/gospel/crypto/ed25519"
- "github.com/bfix/gospel/data"
- "github.com/bfix/gospel/logger"
- "gnunet/config"
- "gnunet/crypto"
- "gnunet/enums"
- "gnunet/message"
- "gnunet/service"
- "gnunet/transport"
- "gnunet/util"
-)
-
-//----------------------------------------------------------------------
-// "GNUnet Name System" service implementation
-//----------------------------------------------------------------------
-
-// GNSService
-type GNSService struct {
-}
-
-// NewGNSService
-func NewGNSService() service.Service {
- return &GNSService{}
-}
-
-// Start the GNS service
-func (s *GNSService) Start(spec string) error {
- return nil
-}
-
-// Stop the GNS service
-func (s *GNSService) Stop() error {
- return nil
-}
-
-// Serve a client channel.
-func (s *GNSService) ServeClient(mc *transport.MsgChannel) {
- for {
- // receive next message from client
- msg, err := mc.Receive()
- if err != nil {
- if err == io.EOF {
- logger.Println(logger.INFO, "[gns] Client channel closed.")
- } else {
- logger.Printf(logger.ERROR, "[gns] Message-receive failed: %s\n", err.Error())
- }
- break
- }
- logger.Printf(logger.INFO, "[gns] Received msg: %v\n", msg)
-
- // perform lookup
- var resp message.Message
- switch m := msg.(type) {
- case *message.GNSLookupMsg:
- //----------------------------------------------------------
- // GNS_LOOKUP
- //----------------------------------------------------------
- logger.Println(logger.INFO, "[gns] Lookup request received.")
- respX := message.NewGNSLookupResultMsg(m.Id)
- resp = respX
-
- // perform lookup on block (either from Namecache or DHT)
- // TODO: run code in a go routine concurrently (would need
- // access to the message channel to send responses)
- block, err := s.Lookup(m)
- if err != nil {
- logger.Printf(logger.ERROR, "[gns] Failed to lookup block: %s\n", err.Error())
- break
- }
- // handle block
- if block != nil {
- logger.Printf(logger.DBG, "[gns] Received block data: %s\n", hex.EncodeToString(block.Block.data))
-
- // get records from block
- records, err := block.Records()
- if err != nil {
- logger.Printf(logger.ERROR, "[gns] Failed to extract records: %s\n", err.Error())
- break
- }
- if len(records) == 0 {
- logger.Println(logger.WARN, "[gns] No records in block")
- break
- }
- // process records
- for i, rec := range records {
- logger.Printf(logger.DBG, "[gns] Record #%d: %v\n", i, rec)
-
- // is this the record type we are looking for?
- if rec.Type == m.Type || int(m.Type) == enums.GNS_TYPE_ANY {
- // add it to the response message
- respX.AddRecord(rec)
- }
- }
- }
-
- default:
- //----------------------------------------------------------
- // UNKNOWN message type received
- //----------------------------------------------------------
- logger.Printf(logger.ERROR, "[gns] Unhandled message of type (%d)\n", msg.Header().MsgType)
- continue
- }
-
- // send response
- if err := mc.Send(resp); err != nil {
- logger.Printf(logger.ERROR, "[gns] Failed to send response: %s\n", err.Error())
- }
-
- }
- // close client connection
- mc.Close()
-}
-
-// Lookup handles GNU_LOOKUP messages
-func (s *GNSService) Lookup(m *message.GNSLookupMsg) (block *GNSBlock, err error) {
- // create DHT/NAMECACHE query
- pkey := ed25519.NewPublicKeyFromBytes(m.Zone)
- label := m.GetName()
- query := QueryFromPublickeyDerive(pkey, label)
-
- // try namecache lookup first
- if block, err = s.LookupNamecache(query, pkey, label); err != nil {
- logger.Printf(logger.ERROR, "[gns] Lookup(Namecache): %s\n", err.Error())
- block = nil
- return
- }
- if block == nil {
- logger.Println(logger.DBG, "[gns] Lookup(Namecache): no block found")
- if int(m.Options) == enums.GNS_LO_DEFAULT {
- // get the block from the DHT
- if block, err = s.LookupDHT(query, pkey, label); err != nil || block == nil {
- if err != nil {
- logger.Printf(logger.ERROR, "[gns] Lookup(DHT): %s\n", err.Error())
- block = nil
- } else {
- logger.Println(logger.DBG, "[gns] Lookup(DHT): no block found")
- }
- // lookup fails completely -- no result
- }
- }
- }
- return
-}
-
-// LookupNamecache
-func (s *GNSService) LookupNamecache(query *crypto.HashCode, zoneKey *ed25519.PublicKey, label string) (block *GNSBlock, err error) {
- logger.Printf(logger.DBG, "[gns] LookupNamecache(%s)...\n", hex.EncodeToString(query.Bits))
-
- // assemble Namecache request
- req := message.NewNamecacheLookupMsg(query)
- req.Id = uint32(util.NextID())
- block = nil
-
- // get response from Namecache service
- var resp message.Message
- if resp, err = service.ServiceRequestResponse("gns", "Namecache", config.Cfg.Namecache.Endpoint, req); err != nil {
- return
- }
-
- // handle message depending on its type
- logger.Println(logger.DBG, "[gns] Handling response from Namecache service")
- switch m := resp.(type) {
- case *message.NamecacheLookupResultMsg:
- // check for matching IDs
- if m.Id != req.Id {
- logger.Println(logger.ERROR, "[gns] Got response for unknown ID")
- break
- }
- // check if block was found
- if len(m.EncData) == 0 {
- logger.Println(logger.DBG, "[gns] block not found in namecache")
- break
- }
- // check if record has expired
- if m.Expire.Expired() {
- logger.Printf(logger.ERROR, "[gns] block expired at %s\n", m.Expire)
- break
- }
-
- // assemble GNSBlock from message
- block = new(GNSBlock)
- block.Signature = m.Signature
- block.DerivedKey = m.DerivedKey
- sb := new(SignedBlockData)
- sb.Purpose = new(crypto.SignaturePurpose)
- sb.Purpose.Purpose = enums.SIG_GNS_RECORD_SIGN
- sb.Purpose.Size = uint32(16 + len(m.EncData))
- sb.Expire = m.Expire
- sb.EncData = m.EncData
- block.Block = sb
-
- // verify and decrypt block
- if err = block.Verify(zoneKey, label); err != nil {
- break
- }
- if err = block.Decrypt(zoneKey, label); err != nil {
- break
- }
- }
- return
-}
-
-// StoreNamecache
-func (s *GNSService) StoreNamecache(query *crypto.HashCode, block *GNSBlock) error {
- logger.Println(logger.WARN, "[gns] StoreNamecache() not implemented yet!")
- return nil
-}
-
-// LookupDHT
-func (s *GNSService) LookupDHT(query *crypto.HashCode, zoneKey *ed25519.PublicKey, label string) (block *GNSBlock, err error) {
- logger.Printf(logger.DBG, "[gns] LookupDHT(%s)...\n", hex.EncodeToString(query.Bits))
-
- // assemble DHT request
- req := message.NewDHTClientGetMsg(query)
- req.Id = uint64(util.NextID())
- req.ReplLevel = uint32(enums.DHT_GNS_REPLICATION_LEVEL)
- req.Type = uint32(enums.BLOCK_TYPE_GNS_NAMERECORD)
- req.Options = uint32(enums.DHT_RO_DEMULTIPLEX_EVERYWHERE)
- block = nil
-
- // get response from DHT service
- var resp message.Message
- if resp, err = service.ServiceRequestResponse("gns", "DHT", config.Cfg.DHT.Endpoint, req); err != nil {
- return
- }
-
- // handle message depending on its type
- logger.Println(logger.DBG, "[gns] Handling response from DHT service")
- switch m := resp.(type) {
- case *message.DHTClientResultMsg:
- // check for matching IDs
- if m.Id != req.Id {
- logger.Println(logger.ERROR, "[gns] Got response for unknown ID")
- break
- }
- // check if block was found
- if len(m.Data) == 0 {
- logger.Println(logger.DBG, "[gns] block not found in DHT")
- break
- }
- // check if record has expired
- if m.Expire.Expired() {
- logger.Printf(logger.ERROR, "[gns] block expired at %s\n", m.Expire)
- break
- }
- // check if result is of requested type
- if int(m.Type) != enums.BLOCK_TYPE_GNS_NAMERECORD {
- logger.Println(logger.ERROR, "[gns] DHT response has wrong type")
- break
- }
-
- // get GNSBlock from message
- block = NewGNSBlock()
- if err = data.Unmarshal(block, m.Data); err != nil {
- logger.Printf(logger.ERROR, "[gns] can't read GNS block: %s\n", err.Error())
- break
- }
- // verify and decrypt block
- if err = block.Verify(zoneKey, label); err != nil {
- break
- }
- if err = block.Decrypt(zoneKey, label); err != nil {
- break
- }
-
- // we got a result from DHT that was not in the namecache,
- // so store it there now.
- if err = s.StoreNamecache(query, block); err != nil {
- logger.Printf(logger.ERROR, "[gns] can't store block in Namecache: %s\n", err.Error())
- }
- }
- return
-}
diff --git a/src/gnunet/service/gns/record.go b/src/gnunet/service/gns/record.go
@@ -1,124 +0,0 @@
-package gns
-
-import (
- "fmt"
-
- "github.com/bfix/gospel/crypto/ed25519"
- "github.com/bfix/gospel/data"
- "gnunet/crypto"
- "gnunet/message"
- "gnunet/util"
-)
-
-var (
- ErrBlockNotDecrypted = fmt.Errorf("GNS block not decrypted")
-)
-
-type GNSRecordSet struct {
- Count uint32 `order:"big"` // number of resource records
- Records []*message.GNSResourceRecord `size:"Count"` // list of resource records
- Padding []byte `size:"*"` // padding
-}
-
-func NewGNSRecordSet() *GNSRecordSet {
- return &GNSRecordSet{
- Count: 0,
- Records: make([]*message.GNSResourceRecord, 0),
- Padding: make([]byte, 0),
- }
-}
-
-func (rs *GNSRecordSet) AddRecord(rec *message.GNSResourceRecord) {
- rs.Count++
- rs.Records = append(rs.Records, rec)
-}
-
-type SignedBlockData struct {
- Purpose *crypto.SignaturePurpose // Size and purpose of signature (8 bytes)
- Expire util.AbsoluteTime // Expiration time of the block.
- EncData []byte `size:"*"` // encrypted GNSRecordSet
-
- // transient data (not serialized)
- data []byte // unencrypted GNSRecord set
-}
-
-type GNSBlock struct {
- Signature []byte `size:"64"` // Signature of the block.
- DerivedKey []byte `size:"32"` // Derived key used for signing
- Block *SignedBlockData
-
- // transient data (not serialized)
- checked bool // block integrity checked
- verified bool // block signature verified (internal)
- decrypted bool // block data decrypted (internal)
-}
-
-func (b *GNSBlock) String() string {
- return fmt.Sprintf("GNSBlock{Verified=%v,Decrypted=%v,data=[%d]}",
- b.verified, b.decrypted, len(b.Block.EncData))
-}
-
-func (b *GNSBlock) Records() ([]*message.GNSResourceRecord, error) {
- // check if block is decrypted
- if !b.decrypted {
- return nil, ErrBlockNotDecrypted
- }
- // parse block data into record set
- rs := NewGNSRecordSet()
- if err := data.Unmarshal(rs, b.Block.data); err != nil {
- return nil, err
- }
- return rs.Records, nil
-}
-
-func (b *GNSBlock) Verify(zoneKey *ed25519.PublicKey, label string) (err error) {
- // Integrity check performed
- b.checked = true
-
- // verify derived key
- dkey := ed25519.NewPublicKeyFromBytes(b.DerivedKey)
- dkey2 := crypto.DerivePublicKey(zoneKey, label, "gns")
- if !dkey.Q.Equals(dkey2.Q) {
- return fmt.Errorf("Invalid signature key for GNS Block")
- }
- // verify signature
- var (
- sig *ed25519.EcSignature
- buf []byte
- ok bool
- )
- if sig, err = ed25519.NewEcSignatureFromBytes(b.Signature); err != nil {
- return
- }
- if buf, err = data.Marshal(b.Block); err != nil {
- return
- }
- if ok, err = dkey.EcVerify(buf, sig); err == nil && !ok {
- err = fmt.Errorf("Signature verification failed for GNS block")
- }
- b.verified = true
- return
-}
-
-func (b *GNSBlock) Decrypt(zoneKey *ed25519.PublicKey, label string) (err error) {
- // decrypt payload
- b.Block.data, err = DecryptBlock(b.Block.EncData, zoneKey, label)
- b.decrypted = true
- return
-}
-
-func NewGNSBlock() *GNSBlock {
- return &GNSBlock{
- Signature: make([]byte, 64),
- DerivedKey: make([]byte, 32),
- Block: &SignedBlockData{
- Purpose: new(crypto.SignaturePurpose),
- Expire: *new(util.AbsoluteTime),
- EncData: nil,
- data: nil,
- },
- checked: false,
- verified: false,
- decrypted: false,
- }
-}
diff --git a/src/gnunet/util/msg_queue.go b/src/gnunet/util/msg_queue.go
@@ -1,3 +0,0 @@
-package util
-
-import ()
