[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r28166 - in gnunet/src: core include mesh util
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r28166 - in gnunet/src: core include mesh util |
|
Date: |
Thu, 18 Jul 2013 15:45:05 +0200 |
Author: grothoff
Date: 2013-07-18 15:45:05 +0200 (Thu, 18 Jul 2013)
New Revision: 28166
Removed:
gnunet/src/util/crypto_ksk.c
gnunet/src/util/crypto_rsa.c
gnunet/src/util/gnunet-rsa.c
gnunet/src/util/test_crypto_ksk.c
gnunet/src/util/test_crypto_rsa.c
Modified:
gnunet/src/core/test_core_defaults.conf
gnunet/src/include/gnunet_common.h
gnunet/src/include/gnunet_crypto_lib.h
gnunet/src/mesh/mesh_api.c
gnunet/src/util/Makefile.am
Log:
-removing last bits of RSA support, as this code is now dead
Modified: gnunet/src/core/test_core_defaults.conf
===================================================================
--- gnunet/src/core/test_core_defaults.conf 2013-07-18 13:40:50 UTC (rev
28165)
+++ gnunet/src/core/test_core_defaults.conf 2013-07-18 13:45:05 UTC (rev
28166)
@@ -71,3 +71,6 @@
[regex]
AUTOSTART = NO
+
+[identity]
+AUTOSTART = NO
Modified: gnunet/src/include/gnunet_common.h
===================================================================
--- gnunet/src/include/gnunet_common.h 2013-07-18 13:40:50 UTC (rev 28165)
+++ gnunet/src/include/gnunet_common.h 2013-07-18 13:45:05 UTC (rev 28166)
@@ -57,7 +57,7 @@
/**
* Version of the API (for entire gnunetutil.so library).
*/
-#define GNUNET_UTIL_VERSION 0x00090500
+#define GNUNET_UTIL_VERSION 0x00090501
/**
* Named constants for return values. The following
Modified: gnunet/src/include/gnunet_crypto_lib.h
===================================================================
--- gnunet/src/include/gnunet_crypto_lib.h 2013-07-18 13:40:50 UTC (rev
28165)
+++ gnunet/src/include/gnunet_crypto_lib.h 2013-07-18 13:45:05 UTC (rev
28166)
@@ -72,23 +72,6 @@
#define GNUNET_CRYPTO_AES_KEY_LENGTH (256/8)
/**
- * @brief Length of RSA encrypted data (2048 bit)
- *
- * We currently do not handle encryption of data
- * that can not be done in a single call to the
- * RSA methods (read: large chunks of data).
- * We should never need that, as we can use
- * the GNUNET_CRYPTO_hash for larger pieces of data for signing,
- * and for encryption, we only need to encode sessionkeys!
- */
-#define GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH 256
-
-/**
- * Length of an RSA KEY (n,e,len), 2048 bit (=256 octests) key n, 2 byte e
- */
-#define GNUNET_CRYPTO_RSA_KEY_LENGTH 258
-
-/**
* Length of a hash value
*/
#define GNUNET_CRYPTO_HASH_LENGTH (512/8)
@@ -106,44 +89,12 @@
/**
- * The private information of an RSA key pair.
- */
-struct GNUNET_CRYPTO_RsaPrivateKey;
-
-/**
* The private information of an ECC private key.
*/
struct GNUNET_CRYPTO_EccPrivateKey;
-GNUNET_NETWORK_STRUCT_BEGIN
-
/**
- * GNUnet mandates a certain format for the encoding
- * of private RSA key information that is provided
- * by the RSA implementations. This format is used
- * to serialize a private RSA key (typically when
- * writing it to disk).
- */
-struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded
-{
- /**
- * Total size of the structure, in bytes, in big-endian!
- */
- uint16_t len GNUNET_PACKED;
- uint16_t sizen GNUNET_PACKED; /* in big-endian! */
- uint16_t sizee GNUNET_PACKED; /* in big-endian! */
- uint16_t sized GNUNET_PACKED; /* in big-endian! */
- uint16_t sizep GNUNET_PACKED; /* in big-endian! */
- uint16_t sizeq GNUNET_PACKED; /* in big-endian! */
- uint16_t sizedmp1 GNUNET_PACKED; /* in big-endian! */
- uint16_t sizedmq1 GNUNET_PACKED; /* in big-endian! */
- /* followed by the actual values */
-};
-GNUNET_NETWORK_STRUCT_END
-
-
-/**
* @brief 0-terminated ASCII encoding of a struct GNUNET_HashCode.
*/
struct GNUNET_CRYPTO_HashAsciiEncoded
@@ -162,79 +113,10 @@
-/**
- * @brief an RSA signature
- */
-struct GNUNET_CRYPTO_RsaSignature
-{
- unsigned char sig[GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH];
-};
-
-
GNUNET_NETWORK_STRUCT_BEGIN
-/**
- * @brief header of what an RSA signature signs
- * this must be followed by "size - 8" bytes of
- * the actual signed data
- */
-struct GNUNET_CRYPTO_RsaSignaturePurpose
-{
- /**
- * How many bytes does this signature sign?
- * (including this purpose header); in network
- * byte order (!).
- */
- uint32_t size GNUNET_PACKED;
- /**
- * What does this signature vouch for? This
- * must contain a GNUNET_SIGNATURE_PURPOSE_XXX
- * constant (from gnunet_signatures.h). In
- * network byte order!
- */
- uint32_t purpose GNUNET_PACKED;
-
-};
-
-
/**
- * @brief A public key.
- */
-struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded
-{
- /**
- * In big-endian, must be GNUNET_CRYPTO_RSA_KEY_LENGTH+4
- */
- uint16_t len GNUNET_PACKED;
-
- /**
- * Size of n in key; in big-endian!
- */
- uint16_t sizen GNUNET_PACKED;
-
- /**
- * The key itself, contains n followed by e.
- */
- unsigned char key[GNUNET_CRYPTO_RSA_KEY_LENGTH];
-
- /**
- * Padding (must be 0)
- */
- uint16_t padding GNUNET_PACKED;
-};
-
-
-/**
- * RSA Encrypted data.
- */
-struct GNUNET_CRYPTO_RsaEncryptedData
-{
- unsigned char encoding[GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH];
-};
-
-
-/**
* @brief header of what an ECC signature signs
* this must be followed by "size - 8" bytes of
* the actual signed data
@@ -932,250 +814,6 @@
/**
- * Convert a public key to a string.
- *
- * @param pub key to convert
- * @return string representing 'pub'
- */
-char *
-GNUNET_CRYPTO_rsa_public_key_to_string (const struct
GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *pub);
-
-
-/**
- * Convert a string representing a public key to a public key.
- *
- * @param enc encoded public key
- * @param enclen number of bytes in enc (without 0-terminator)
- * @param pub where to store the public key
- * @return GNUNET_OK on success
- */
-int
-GNUNET_CRYPTO_rsa_public_key_from_string (const char *enc,
- size_t enclen,
- struct
GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *pub);
-
-
-/**
- * Encode the private key in a format suitable for
- * storing it into a file.
- * @return encoding of the private key
- */
-struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *
-GNUNET_CRYPTO_rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey
*hostkey);
-
-
-/**
- * Decode the private key from the data-format back
- * to the "normal", internal format.
- *
- * @param buf the buffer where the private key data is stored
- * @param len the length of the data in 'buffer'
- * @return NULL on error
- */
-struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len);
-
-
-/**
- * Create a new private key by reading it from a file. If the
- * files does not exist, create a new key and write it to the
- * file. Caller must free return value. Note that this function
- * can not guarantee that another process might not be trying
- * the same operation on the same file at the same time.
- * If the contents of the file
- * are invalid the old file is deleted and a fresh key is
- * created.
- *
- * @param filename name of file to use for storage
- * @return new private key, NULL on error (for example,
- * permission denied)
- * @deprecated use 'GNUNET_CRYPTO_rsa_key_create_start' instead
- */
-struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename);
-
-
-/**
- * Open existing private key file and read it. If the
- * file does not exist, or the contents of the file are
- * invalid, the function fails
- * Caller must free returned value.
- *
- * @return a private key, NULL on error (for example,
- * permission denied) or when file does not exist or contains invalid
- * data.
- */
-struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_key_create_from_existing_file (const char *filename);
-
-
-/**
- * Handle to cancel private key generation.
- */
-struct GNUNET_CRYPTO_RsaKeyGenerationContext;
-
-
-/**
- * Function called upon completion of 'GNUNET_CRYPTO_rsa_key_create_async'.
- *
- * @param cls closure
- * @param pk NULL on error, otherwise the private key (which must be free'd by
the callee)
- * @param emsg NULL on success, otherwise an error message
- */
-typedef void (*GNUNET_CRYPTO_RsaKeyCallback)(void *cls,
- struct GNUNET_CRYPTO_RsaPrivateKey
*pk,
- const char *emsg);
-
-
-/**
- * Create a new private key by reading it from a file. If the files
- * does not exist, create a new key and write it to the file. If the
- * contents of the file are invalid the old file is deleted and a
- * fresh key is created.
- *
- * @param filename name of file to use for storage
- * @param cont function to call when done (or on errors)
- * @param cont_cls closure for 'cont'
- * @return handle to abort operation, NULL on fatal errors (cont will not be
called if NULL is returned)
- */
-struct GNUNET_CRYPTO_RsaKeyGenerationContext *
-GNUNET_CRYPTO_rsa_key_create_start (const char *filename,
- GNUNET_CRYPTO_RsaKeyCallback cont,
- void *cont_cls);
-
-
-/**
- * Abort RSA key generation.
- *
- * @param gc key generation context to abort
- */
-void
-GNUNET_CRYPTO_rsa_key_create_stop (struct
GNUNET_CRYPTO_RsaKeyGenerationContext *gc);
-
-
-/**
- * Setup a hostkey file for a peer given the name of the
- * configuration file (!). This function is used so that
- * at a later point code can be certain that reading a
- * hostkey is fast (for example in time-dependent testcases).
- *
- * @param cfg_name name of the configuration file to use
- */
-void
-GNUNET_CRYPTO_rsa_setup_hostkey (const char *cfg_name);
-
-
-/**
- * Deterministically (!) create a private key using only the
- * given HashCode as input to the PRNG.
- *
- * @param hc "random" input to PRNG
- * @return some private key purely dependent on input
- */
-struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_key_create_from_hash (const struct GNUNET_HashCode *hc);
-
-
-/**
- * Free memory occupied by the private key.
- *
- * @param key pointer to the memory to free
- */
-void
-GNUNET_CRYPTO_rsa_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *key);
-
-
-/**
- * Extract the public key of the host.
- *
- * @param priv the private key
- * @param pub where to write the public key
- */
-void
-GNUNET_CRYPTO_rsa_key_get_public (const struct GNUNET_CRYPTO_RsaPrivateKey
- *priv,
- struct
GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded
- *pub);
-
-
-/**
- * Get hash of the public key that corresponds to a private key.
- *
- * @param key RSA private key
- * @param id buffer for hash of the public key
- */
-void
-GNUNET_CRYPTO_rsa_get_public_key_hash (struct GNUNET_CRYPTO_RsaPrivateKey *key,
- struct GNUNET_HashCode *id);
-
-
-/**
- * Encrypt a block with the public key of another host that uses the
- * same cyper.
- *
- * @param block the block to encrypt
- * @param size the size of block
- * @param publicKey the encoded public key used to encrypt
- * @param target where to store the encrypted block
- * @return GNUNET_SYSERR on error, GNUNET_OK if ok
- */
-int
-GNUNET_CRYPTO_rsa_encrypt (const void *block, size_t size,
- const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded
- *publicKey,
- struct GNUNET_CRYPTO_RsaEncryptedData *target);
-
-
-/**
- * Decrypt a given block with the hostkey.
- *
- * @param key the key to use
- * @param block the data to decrypt, encoded as returned by encrypt, not
consumed
- * @param result pointer to a location where the result can be stored
- * @param max how many bytes of a result are expected? Must be exact.
- * @return the size of the decrypted block (that is, size) or -1 on error
- */
-ssize_t
-GNUNET_CRYPTO_rsa_decrypt (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
- const struct GNUNET_CRYPTO_RsaEncryptedData *block,
- void *result, size_t max);
-
-
-/**
- * Sign a given block.
- *
- * @param key private key to use for the signing
- * @param purpose what to sign (size, purpose)
- * @param sig where to write the signature
- * @return GNUNET_SYSERR on error, GNUNET_OK on success
- */
-int
-GNUNET_CRYPTO_rsa_sign (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
- const struct GNUNET_CRYPTO_RsaSignaturePurpose
*purpose,
- struct GNUNET_CRYPTO_RsaSignature *sig);
-
-
-/**
- * Verify signature. Note that the caller MUST have already
- * checked that "validate->size" bytes are actually available.
- *
- * @param purpose what is the purpose that validate should have?
- * @param validate block to validate (size, purpose, data)
- * @param sig signature that is being validated
- * @param publicKey public key of the signer
- * @return GNUNET_OK if ok, GNUNET_SYSERR if invalid
- */
-int
-GNUNET_CRYPTO_rsa_verify (uint32_t purpose,
- const struct GNUNET_CRYPTO_RsaSignaturePurpose
- *validate,
- const struct GNUNET_CRYPTO_RsaSignature *sig,
- const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded
- *publicKey);
-
-
-
-/**
* Function called upon completion of 'GNUNET_CRYPTO_ecc_key_create_async'.
*
* @param cls closure
Modified: gnunet/src/mesh/mesh_api.c
===================================================================
--- gnunet/src/mesh/mesh_api.c 2013-07-18 13:40:50 UTC (rev 28165)
+++ gnunet/src/mesh/mesh_api.c 2013-07-18 13:45:05 UTC (rev 28166)
@@ -876,7 +876,6 @@
}
LOG (GNUNET_ERROR_TYPE_DEBUG, "tunnel %X destroyed\n", t->tid);
destroy_tunnel (t, GNUNET_YES);
- return;
}
Modified: gnunet/src/util/Makefile.am
===================================================================
--- gnunet/src/util/Makefile.am 2013-07-18 13:40:50 UTC (rev 28165)
+++ gnunet/src/util/Makefile.am 2013-07-18 13:45:05 UTC (rev 28166)
@@ -81,9 +81,7 @@
crypto_hash.c \
crypto_hkdf.c \
crypto_kdf.c \
- crypto_ksk.c \
crypto_random.c \
- crypto_rsa.c \
disk.c \
disk.h \
getopt.c \
@@ -136,7 +134,6 @@
gnunet-resolver \
gnunet-config \
$(GNUNET_ECC) \
- gnunet-rsa \
gnunet-uri
@@ -158,15 +155,6 @@
libgnunetutil.la
-gnunet_rsa_SOURCES = \
- gnunet-rsa.c
-gnunet_rsa_LDADD = \
- $(top_builddir)/src/util/libgnunetutil.la \
- $(GN_LIBINTL) -lgcrypt
-gnunet_rsa_DEPENDENCIES = \
- libgnunetutil.la
-
-
gnunet_ecc_SOURCES = \
gnunet-ecc.c
gnunet_ecc_LDADD = \
@@ -226,9 +214,7 @@
test_crypto_ecc \
test_crypto_hash \
test_crypto_hkdf \
- test_crypto_ksk \
test_crypto_random \
- test_crypto_rsa \
test_disk \
test_getopt \
test_connection \
@@ -369,21 +355,11 @@
test_crypto_hkdf_LDADD = \
$(top_builddir)/src/util/libgnunetutil.la
-test_crypto_ksk_SOURCES = \
- test_crypto_ksk.c
-test_crypto_ksk_LDADD = \
- $(top_builddir)/src/util/libgnunetutil.la
-
test_crypto_random_SOURCES = \
test_crypto_random.c
test_crypto_random_LDADD = \
$(top_builddir)/src/util/libgnunetutil.la
-test_crypto_rsa_SOURCES = \
- test_crypto_rsa.c
-test_crypto_rsa_LDADD = \
- $(top_builddir)/src/util/libgnunetutil.la
-
test_disk_SOURCES = \
test_disk.c
test_disk_LDADD = \
Deleted: gnunet/src/util/crypto_ksk.c
===================================================================
--- gnunet/src/util/crypto_ksk.c 2013-07-18 13:40:50 UTC (rev 28165)
+++ gnunet/src/util/crypto_ksk.c 2013-07-18 13:45:05 UTC (rev 28166)
@@ -1,632 +0,0 @@
-/*
- This file is part of GNUnet.
- Copyright (C) 1994, 1996, 1998, 2001, 2002, 2003 Free Software
Foundation, Inc.
- Copyright (C) 2004, 2005, 2006 Christian Grothoff (and other contributing
authors)
-
- GNUnet is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published
- by the Free Software Foundation; either version 2, or (at your
- option) any later version.
-
- GNUnet is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with GNUnet; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- Boston, MA 02111-1307, USA.
-
- Note: This code is based on code from libgcrypt
- The code was adapted for GNUnet to support RSA-key generation
- based on weak, pseudo-random keys. Do NOT use to generate
- ordinary RSA keys!
-*/
-
-
-/**
- * @file util/crypto_ksk.c
- * @brief implementation of RSA-Key generation for KBlocks
- * (do NOT use for pseudonyms or hostkeys!)
- * @author Christian Grothoff
- */
-
-#include "platform.h"
-#include "gnunet_common.h"
-#include "gnunet_crypto_lib.h"
-#include "gnunet_os_lib.h"
-#include <gcrypt.h>
-#include <limits.h>
-
-#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__)
-
-/**
- * Log an error message at log-level 'level' that indicates
- * a failure of the command 'cmd' with the message given
- * by gcry_strerror(rc).
- */
-#define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with
error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0);
-
-
-typedef struct
-{
- gcry_mpi_t n; /* public modulus */
- gcry_mpi_t e; /* public exponent */
- gcry_mpi_t d; /* exponent */
- gcry_mpi_t p; /* prime p. */
- gcry_mpi_t q; /* prime q. */
- gcry_mpi_t u; /* inverse of p mod q. */
-} KBlock_secret_key;
-
-/**
- * The private information of an RSA key pair.
- * NOTE: this must match the definition in crypto_rsa.c
- */
-struct GNUNET_CRYPTO_RsaPrivateKey
-{
- gcry_sexp_t sexp;
-};
-
-
-static void
-mpz_randomize (gcry_mpi_t n, unsigned int nbits, struct GNUNET_HashCode * rnd)
-{
- struct GNUNET_HashCode hc;
- struct GNUNET_HashCode tmp;
- int bits_per_hc = sizeof (struct GNUNET_HashCode) * 8;
- int cnt;
- int i;
-
- GNUNET_assert (nbits > 0);
- cnt = (nbits + bits_per_hc - 1) / bits_per_hc;
- gcry_mpi_set_ui (n, 0);
-
- tmp = *rnd;
- for (i = 0; i < cnt; i++)
- {
- int j;
-
- if (i > 0)
- GNUNET_CRYPTO_hash (&hc, sizeof (struct GNUNET_HashCode), &tmp);
- for (j = 0; j < sizeof (struct GNUNET_HashCode) / sizeof (uint32_t); j++)
- {
-#if HAVE_GCRY_MPI_LSHIFT
- gcry_mpi_lshift (n, n, sizeof (uint32_t) * 8);
-#else
- gcry_mpi_mul_ui (n, n, 1 << (sizeof (uint32_t) * 4));
- gcry_mpi_mul_ui (n, n, 1 << (sizeof (uint32_t) * 4));
-#endif
- gcry_mpi_add_ui (n, n, ntohl (((uint32_t *) & tmp)[j]));
- }
- hc = tmp;
- }
- GNUNET_CRYPTO_hash (&hc, sizeof (struct GNUNET_HashCode), rnd);
- i = gcry_mpi_get_nbits (n);
- while (i > nbits)
- gcry_mpi_clear_bit (n, --i);
-}
-
-static unsigned long
-mpz_trailing_zeroes (gcry_mpi_t n)
-{
- unsigned int idx, cnt;
-
- cnt = gcry_mpi_get_nbits (n);
- for (idx = 0; idx < cnt; idx++)
- {
- if (gcry_mpi_test_bit (n, idx) == 0)
- return idx;
- }
-
- return ULONG_MAX;
-}
-
-static void
-mpz_tdiv_q_2exp (gcry_mpi_t q, gcry_mpi_t n, unsigned int b)
-{
- gcry_mpi_t u, d;
-
- u = gcry_mpi_set_ui (NULL, 1);
- d = gcry_mpi_new (0);
- gcry_mpi_mul_2exp (d, u, b);
- gcry_mpi_div (q, NULL, n, d, 0);
-}
-
-/**
- * Return true if n is probably a prime
- */
-static int
-is_prime (gcry_mpi_t n, int steps, struct GNUNET_HashCode * hc)
-{
- gcry_mpi_t x;
- gcry_mpi_t y;
- gcry_mpi_t z;
- gcry_mpi_t nminus1;
- gcry_mpi_t a2;
- gcry_mpi_t q;
- unsigned int i, j, k;
- int rc = 0;
- unsigned int nbits;
-
- x = gcry_mpi_new (0);
- y = gcry_mpi_new (0);
- z = gcry_mpi_new (0);
- nminus1 = gcry_mpi_new (0);
- a2 = gcry_mpi_set_ui (NULL, 2);
-
- nbits = gcry_mpi_get_nbits (n);
- gcry_mpi_sub_ui (nminus1, n, 1);
-
- /* Find q and k, so that n = 1 + 2^k * q . */
- q = gcry_mpi_set (NULL, nminus1);
- k = mpz_trailing_zeroes (q);
- mpz_tdiv_q_2exp (q, q, k);
-
- for (i = 0; i < steps; i++)
- {
- if (!i)
- {
- gcry_mpi_set_ui (x, 2);
- }
- else
- {
- mpz_randomize (x, nbits - 1, hc);
- GNUNET_assert (gcry_mpi_cmp (x, nminus1) < 0);
- GNUNET_assert (gcry_mpi_cmp_ui (x, 1) > 0);
- }
- gcry_mpi_powm (y, x, q, n);
- if (gcry_mpi_cmp_ui (y, 1) && gcry_mpi_cmp (y, nminus1))
- {
- for (j = 1; j < k && gcry_mpi_cmp (y, nminus1); j++)
- {
- gcry_mpi_powm (y, y, a2, n);
- if (!gcry_mpi_cmp_ui (y, 1))
- goto leave; /* Not a prime. */
- }
- if (gcry_mpi_cmp (y, nminus1))
- goto leave; /* Not a prime. */
- }
- }
- rc = 1; /* May be a prime. */
-
-leave:
- gcry_mpi_release (x);
- gcry_mpi_release (y);
- gcry_mpi_release (z);
- gcry_mpi_release (nminus1);
- gcry_mpi_release (q);
- gcry_mpi_release (a2);
-
- return rc;
-}
-
-/**
- * If target != size, move target bytes to the
- * end of the size-sized buffer and zero out the
- * first target-size bytes.
- */
-static void
-adjust (unsigned char *buf, size_t size, size_t target)
-{
- if (size < target)
- {
- memmove (&buf[target - size], buf, size);
- memset (buf, 0, target - size);
- }
-}
-
-
-static void
-gen_prime (gcry_mpi_t * ptest, unsigned int nbits, struct GNUNET_HashCode * hc)
-{
- /* Note: 2 is not included because it can be tested more easily by
- * looking at bit 0. The last entry in this list is marked by a zero */
- static const uint16_t small_prime_numbers[] = {
- 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43,
- 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97, 101,
- 103, 107, 109, 113, 127, 131, 137, 139, 149, 151,
- 157, 163, 167, 173, 179, 181, 191, 193, 197, 199,
- 211, 223, 227, 229, 233, 239, 241, 251, 257, 263,
- 269, 271, 277, 281, 283, 293, 307, 311, 313, 317,
- 331, 337, 347, 349, 353, 359, 367, 373, 379, 383,
- 389, 397, 401, 409, 419, 421, 431, 433, 439, 443,
- 449, 457, 461, 463, 467, 479, 487, 491, 499, 503,
- 509, 521, 523, 541, 547, 557, 563, 569, 571, 577,
- 587, 593, 599, 601, 607, 613, 617, 619, 631, 641,
- 643, 647, 653, 659, 661, 673, 677, 683, 691, 701,
- 709, 719, 727, 733, 739, 743, 751, 757, 761, 769,
- 773, 787, 797, 809, 811, 821, 823, 827, 829, 839,
- 853, 857, 859, 863, 877, 881, 883, 887, 907, 911,
- 919, 929, 937, 941, 947, 953, 967, 971, 977, 983,
- 991, 997, 1009, 1013, 1019, 1021, 1031, 1033,
- 1039, 1049, 1051, 1061, 1063, 1069, 1087, 1091,
- 1093, 1097, 1103, 1109, 1117, 1123, 1129, 1151,
- 1153, 1163, 1171, 1181, 1187, 1193, 1201, 1213,
- 1217, 1223, 1229, 1231, 1237, 1249, 1259, 1277,
- 1279, 1283, 1289, 1291, 1297, 1301, 1303, 1307,
- 1319, 1321, 1327, 1361, 1367, 1373, 1381, 1399,
- 1409, 1423, 1427, 1429, 1433, 1439, 1447, 1451,
- 1453, 1459, 1471, 1481, 1483, 1487, 1489, 1493,
- 1499, 1511, 1523, 1531, 1543, 1549, 1553, 1559,
- 1567, 1571, 1579, 1583, 1597, 1601, 1607, 1609,
- 1613, 1619, 1621, 1627, 1637, 1657, 1663, 1667,
- 1669, 1693, 1697, 1699, 1709, 1721, 1723, 1733,
- 1741, 1747, 1753, 1759, 1777, 1783, 1787, 1789,
- 1801, 1811, 1823, 1831, 1847, 1861, 1867, 1871,
- 1873, 1877, 1879, 1889, 1901, 1907, 1913, 1931,
- 1933, 1949, 1951, 1973, 1979, 1987, 1993, 1997,
- 1999, 2003, 2011, 2017, 2027, 2029, 2039, 2053,
- 2063, 2069, 2081, 2083, 2087, 2089, 2099, 2111,
- 2113, 2129, 2131, 2137, 2141, 2143, 2153, 2161,
- 2179, 2203, 2207, 2213, 2221, 2237, 2239, 2243,
- 2251, 2267, 2269, 2273, 2281, 2287, 2293, 2297,
- 2309, 2311, 2333, 2339, 2341, 2347, 2351, 2357,
- 2371, 2377, 2381, 2383, 2389, 2393, 2399, 2411,
- 2417, 2423, 2437, 2441, 2447, 2459, 2467, 2473,
- 2477, 2503, 2521, 2531, 2539, 2543, 2549, 2551,
- 2557, 2579, 2591, 2593, 2609, 2617, 2621, 2633,
- 2647, 2657, 2659, 2663, 2671, 2677, 2683, 2687,
- 2689, 2693, 2699, 2707, 2711, 2713, 2719, 2729,
- 2731, 2741, 2749, 2753, 2767, 2777, 2789, 2791,
- 2797, 2801, 2803, 2819, 2833, 2837, 2843, 2851,
- 2857, 2861, 2879, 2887, 2897, 2903, 2909, 2917,
- 2927, 2939, 2953, 2957, 2963, 2969, 2971, 2999,
- 3001, 3011, 3019, 3023, 3037, 3041, 3049, 3061,
- 3067, 3079, 3083, 3089, 3109, 3119, 3121, 3137,
- 3163, 3167, 3169, 3181, 3187, 3191, 3203, 3209,
- 3217, 3221, 3229, 3251, 3253, 3257, 3259, 3271,
- 3299, 3301, 3307, 3313, 3319, 3323, 3329, 3331,
- 3343, 3347, 3359, 3361, 3371, 3373, 3389, 3391,
- 3407, 3413, 3433, 3449, 3457, 3461, 3463, 3467,
- 3469, 3491, 3499, 3511, 3517, 3527, 3529, 3533,
- 3539, 3541, 3547, 3557, 3559, 3571, 3581, 3583,
- 3593, 3607, 3613, 3617, 3623, 3631, 3637, 3643,
- 3659, 3671, 3673, 3677, 3691, 3697, 3701, 3709,
- 3719, 3727, 3733, 3739, 3761, 3767, 3769, 3779,
- 3793, 3797, 3803, 3821, 3823, 3833, 3847, 3851,
- 3853, 3863, 3877, 3881, 3889, 3907, 3911, 3917,
- 3919, 3923, 3929, 3931, 3943, 3947, 3967, 3989,
- 4001, 4003, 4007, 4013, 4019, 4021, 4027, 4049,
- 4051, 4057, 4073, 4079, 4091, 4093, 4099, 4111,
- 4127, 4129, 4133, 4139, 4153, 4157, 4159, 4177,
- 4201, 4211, 4217, 4219, 4229, 4231, 4241, 4243,
- 4253, 4259, 4261, 4271, 4273, 4283, 4289, 4297,
- 4327, 4337, 4339, 4349, 4357, 4363, 4373, 4391,
- 4397, 4409, 4421, 4423, 4441, 4447, 4451, 4457,
- 4463, 4481, 4483, 4493, 4507, 4513, 4517, 4519,
- 4523, 4547, 4549, 4561, 4567, 4583, 4591, 4597,
- 4603, 4621, 4637, 4639, 4643, 4649, 4651, 4657,
- 4663, 4673, 4679, 4691, 4703, 4721, 4723, 4729,
- 4733, 4751, 4759, 4783, 4787, 4789, 4793, 4799,
- 4801, 4813, 4817, 4831, 4861, 4871, 4877, 4889,
- 4903, 4909, 4919, 4931, 4933, 4937, 4943, 4951,
- 4957, 4967, 4969, 4973, 4987, 4993, 4999,
- 0
- };
-#define DIM(v) (sizeof(v)/sizeof((v)[0]))
- static int no_of_small_prime_numbers = DIM (small_prime_numbers) - 1;
-
- gcry_mpi_t prime, pminus1, val_2, val_3, result;
- unsigned int i;
- unsigned int step;
- unsigned int mods[no_of_small_prime_numbers];
- gcry_mpi_t tmp;
- gcry_mpi_t sp;
-
- GNUNET_assert (nbits >= 16);
-
- /* Make nbits fit into mpz_t implementation. */
- val_2 = gcry_mpi_set_ui (NULL, 2);
- val_3 = gcry_mpi_set_ui (NULL, 3);
- prime = gcry_mpi_snew (0);
- result = gcry_mpi_new (0);
- pminus1 = gcry_mpi_new (0);
- *ptest = gcry_mpi_new (0);
- tmp = gcry_mpi_new (0);
- sp = gcry_mpi_new (0);
- while (1)
- {
- /* generate a random number */
- mpz_randomize (prime, nbits, hc);
- /* Set high order bit to 1, set low order bit to 1. If we are
- * generating a secret prime we are most probably doing that
- * for RSA, to make sure that the modulus does have the
- * requested key size we set the 2 high order bits. */
- gcry_mpi_set_bit (prime, nbits - 1);
- gcry_mpi_set_bit (prime, nbits - 2);
- gcry_mpi_set_bit (prime, 0);
-
- /* Calculate all remainders. */
- for (i = 0; i < no_of_small_prime_numbers; i++)
- {
- size_t written;
-
- gcry_mpi_set_ui (sp, small_prime_numbers[i]);
- gcry_mpi_div (NULL, tmp, prime, sp, -1);
- mods[i] = 0;
- written = sizeof (unsigned int);
- GNUNET_assert (0 ==
- gcry_mpi_print (GCRYMPI_FMT_USG,
- (unsigned char *) &mods[i], written,
- &written, tmp));
- adjust ((unsigned char *) &mods[i], written, sizeof (unsigned int));
- mods[i] = ntohl (mods[i]);
- }
- /* Now try some primes starting with prime. */
- for (step = 0; step < 20000; step += 2)
- {
- /* Check against all the small primes we have in mods. */
- for (i = 0; i < no_of_small_prime_numbers; i++)
- {
- uint16_t x = small_prime_numbers[i];
-
- while (mods[i] + step >= x)
- mods[i] -= x;
- if (!(mods[i] + step))
- break;
- }
- if (i < no_of_small_prime_numbers)
- continue; /* Found a multiple of an already known prime.
*/
-
- gcry_mpi_add_ui (*ptest, prime, step);
- if (!gcry_mpi_test_bit (*ptest, nbits - 2))
- break;
-
- /* Do a fast Fermat test now. */
- gcry_mpi_sub_ui (pminus1, *ptest, 1);
- gcry_mpi_powm (result, val_2, pminus1, *ptest);
- if ((!gcry_mpi_cmp_ui (result, 1)) && (is_prime (*ptest, 5, hc)))
- {
- /* Got it. */
- gcry_mpi_release (sp);
- gcry_mpi_release (tmp);
- gcry_mpi_release (val_2);
- gcry_mpi_release (val_3);
- gcry_mpi_release (result);
- gcry_mpi_release (pminus1);
- gcry_mpi_release (prime);
- return;
- }
- }
- }
-}
-
-/**
- * Generate a key pair with a key of size NBITS.
- * @param sk where to store the key
- * @param nbits the number of bits to use
- * @param hc the HC to use for PRNG (modified!)
- */
-static void
-generate_kblock_key (KBlock_secret_key *sk, unsigned int nbits,
- struct GNUNET_HashCode * hc)
-{
- gcry_mpi_t t1, t2;
- gcry_mpi_t phi; /* helper: (p-1)(q-1) */
- gcry_mpi_t g;
- gcry_mpi_t f;
-
- /* make sure that nbits is even so that we generate p, q of equal size */
- if ((nbits & 1))
- nbits++;
-
- sk->e = gcry_mpi_set_ui (NULL, 257);
- sk->n = gcry_mpi_new (0);
- sk->p = gcry_mpi_new (0);
- sk->q = gcry_mpi_new (0);
- sk->d = gcry_mpi_new (0);
- sk->u = gcry_mpi_new (0);
-
- t1 = gcry_mpi_new (0);
- t2 = gcry_mpi_new (0);
- phi = gcry_mpi_new (0);
- g = gcry_mpi_new (0);
- f = gcry_mpi_new (0);
-
- do
- {
- do
- {
- gcry_mpi_release (sk->p);
- gcry_mpi_release (sk->q);
- gen_prime (&sk->p, nbits / 2, hc);
- gen_prime (&sk->q, nbits / 2, hc);
-
- if (gcry_mpi_cmp (sk->p, sk->q) > 0) /* p shall be smaller than q
(for calc of u) */
- gcry_mpi_swap (sk->p, sk->q);
- /* calculate the modulus */
- gcry_mpi_mul (sk->n, sk->p, sk->q);
- }
- while (gcry_mpi_get_nbits (sk->n) != nbits);
-
- /* calculate Euler totient: phi = (p-1)(q-1) */
- gcry_mpi_sub_ui (t1, sk->p, 1);
- gcry_mpi_sub_ui (t2, sk->q, 1);
- gcry_mpi_mul (phi, t1, t2);
- gcry_mpi_gcd (g, t1, t2);
- gcry_mpi_div (f, NULL, phi, g, 0);
- while (0 == gcry_mpi_gcd (t1, sk->e, phi))
- { /* (while gcd is not 1) */
- gcry_mpi_add_ui (sk->e, sk->e, 2);
- }
-
- /* calculate the secret key d = e^1 mod phi */
- }
- while ((0 == gcry_mpi_invm (sk->d, sk->e, f)) ||
- (0 == gcry_mpi_invm (sk->u, sk->p, sk->q)));
-
- gcry_mpi_release (t1);
- gcry_mpi_release (t2);
- gcry_mpi_release (phi);
- gcry_mpi_release (f);
- gcry_mpi_release (g);
-}
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Internal representation of the private key.
- */
-struct KskRsaPrivateKeyBinaryEncoded
-{
- /**
- * Total size of the structure, in bytes, in big-endian!
- */
- uint16_t len GNUNET_PACKED;
- uint16_t sizen GNUNET_PACKED; /* in big-endian! */
- uint16_t sizee GNUNET_PACKED; /* in big-endian! */
- uint16_t sized GNUNET_PACKED; /* in big-endian! */
- uint16_t sizep GNUNET_PACKED; /* in big-endian! */
- uint16_t sizeq GNUNET_PACKED; /* in big-endian! */
- uint16_t sizedmp1 GNUNET_PACKED; /* in big-endian! */
- uint16_t sizedmq1 GNUNET_PACKED; /* in big-endian! */
- /* followed by the actual values */
-};
-GNUNET_NETWORK_STRUCT_END
-
-/**
- * Deterministically (!) create a hostkey using only the
- * given HashCode as input to the PRNG.
- */
-static struct KskRsaPrivateKeyBinaryEncoded *
-makeKblockKeyInternal (const struct GNUNET_HashCode * hc)
-{
- KBlock_secret_key sk;
- struct GNUNET_HashCode hx;
- unsigned char *pbu[6];
- gcry_mpi_t *pkv[6];
- size_t sizes[6];
- struct KskRsaPrivateKeyBinaryEncoded *retval;
- int i;
- size_t size;
-
- hx = *hc;
- generate_kblock_key (&sk, 1024, /* at least 10x as fast than 2048 bits
- * -- we simply cannot afford 2048 bits
- * even on modern hardware, and
especially
- * not since clearly a dictionary
attack
- * will still be much cheaper
- * than breaking a 1024 bit RSA key.
- * If an adversary can spend the time
to
- * break a 1024 bit RSA key just to
forge
- * a signature -- SO BE IT. [ CG,
6/2005 ] */
- &hx);
- pkv[0] = &sk.n;
- pkv[1] = &sk.e;
- pkv[2] = &sk.d;
- pkv[3] = &sk.p;
- pkv[4] = &sk.q;
- pkv[5] = &sk.u;
- size = sizeof (struct KskRsaPrivateKeyBinaryEncoded);
- for (i = 0; i < 6; i++)
- {
- gcry_mpi_aprint (GCRYMPI_FMT_STD, &pbu[i], &sizes[i], *pkv[i]);
- size += sizes[i];
- }
- GNUNET_assert (size < 65536);
- retval = GNUNET_malloc (size);
- retval->len = htons (size);
- i = 0;
- retval->sizen = htons (sizes[0]);
- memcpy (&((char *) &retval[1])[i], pbu[0], sizes[0]);
- i += sizes[0];
- retval->sizee = htons (sizes[1]);
- memcpy (&((char *) &retval[1])[i], pbu[1], sizes[1]);
- i += sizes[1];
- retval->sized = htons (sizes[2]);
- memcpy (&((char *) &retval[1])[i], pbu[2], sizes[2]);
- i += sizes[2];
- /* swap p and q! */
- retval->sizep = htons (sizes[4]);
- memcpy (&((char *) &retval[1])[i], pbu[4], sizes[4]);
- i += sizes[4];
- retval->sizeq = htons (sizes[3]);
- memcpy (&((char *) &retval[1])[i], pbu[3], sizes[3]);
- i += sizes[3];
- retval->sizedmp1 = htons (0);
- retval->sizedmq1 = htons (0);
- memcpy (&((char *) &retval[1])[i], pbu[5], sizes[5]);
- for (i = 0; i < 6; i++)
- {
- gcry_mpi_release (*pkv[i]);
- free (pbu[i]);
- }
- return retval;
-}
-
-
-/**
- * Entry in the KSK cache.
- */
-struct KBlockKeyCacheLine
-{
- /**
- * Hash from which the key was generated.
- */
- struct GNUNET_HashCode hc;
-
- /**
- * The encoded key.
- */
- struct KskRsaPrivateKeyBinaryEncoded *pke;
-};
-
-
-/**
- * Cached KSK keys so that we don't have to recompute them
- * all the time.
- */
-static struct KBlockKeyCacheLine **cache;
-
-
-/**
- * Size of the 'cache' array.
- */
-static unsigned int cacheSize;
-
-
-/**
- * Deterministically (!) create a hostkey using only the
- * given HashCode as input to the PRNG.
- *
- * @param hc hash code to generate the key from
- * @return corresponding private key; must not be freed!
- */
-struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_key_create_from_hash (const struct GNUNET_HashCode * hc)
-{
- struct KBlockKeyCacheLine *line;
- unsigned int i;
-
- for (i = 0; i < cacheSize; i++)
- if (0 == memcmp (hc, &cache[i]->hc, sizeof (struct GNUNET_HashCode)))
- return GNUNET_CRYPTO_rsa_decode_key ((const char*) cache[i]->pke,
- ntohs (cache[i]->pke->len));
- line = GNUNET_malloc (sizeof (struct KBlockKeyCacheLine));
- line->hc = *hc;
- line->pke = makeKblockKeyInternal (hc);
- GNUNET_array_grow (cache, cacheSize, cacheSize + 1);
- cache[cacheSize - 1] = line;
- return GNUNET_CRYPTO_rsa_decode_key ((const char*) line->pke,
- ntohs (line->pke->len));
-}
-
-
-/**
- * Destructor that frees the KSK cache.
- */
-void __attribute__ ((destructor)) GNUNET_CRYPTO_ksk_fini ()
-{
- unsigned int i;
-
- for (i = 0; i < cacheSize; i++)
- {
- GNUNET_free (cache[i]->pke);
- GNUNET_free (cache[i]);
- }
- GNUNET_array_grow (cache, cacheSize, 0);
-}
-
-
-/* end of crypto_ksk.c */
Deleted: gnunet/src/util/crypto_rsa.c
===================================================================
--- gnunet/src/util/crypto_rsa.c 2013-07-18 13:40:50 UTC (rev 28165)
+++ gnunet/src/util/crypto_rsa.c 2013-07-18 13:45:05 UTC (rev 28166)
@@ -1,1386 +0,0 @@
-/*
- This file is part of GNUnet.
- (C) 2001, 2002, 2003, 2004, 2005, 2006, 2009 Christian Grothoff (and
other contributing authors)
-
- GNUnet is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published
- by the Free Software Foundation; either version 2, or (at your
- option) any later version.
-
- GNUnet is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with GNUnet; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- Boston, MA 02111-1307, USA.
-*/
-
-/**
- * @file util/crypto_rsa.c
- * @brief public key cryptography (RSA) with libgcrypt
- * @author Christian Grothoff
- */
-#include "platform.h"
-#include <gcrypt.h>
-#include "gnunet_common.h"
-#include "gnunet_util_lib.h"
-
-#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__)
-
-#define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util",
syscall)
-
-#define LOG_STRERROR_FILE(kind,syscall,filename) GNUNET_log_from_strerror_file
(kind, "util", syscall, filename)
-
-#define HOSTKEY_LEN 2048
-
-#define EXTRA_CHECKS ALLOW_EXTRA_CHECKS
-
-
-/**
- * The private information of an RSA key pair.
- * NOTE: this must match the definition in crypto_ksk.c and gnunet-rsa.c!
- */
-struct GNUNET_CRYPTO_RsaPrivateKey
-{
- /**
- * Libgcrypt S-expression for the ECC key.
- */
- gcry_sexp_t sexp;
-};
-
-/**
- * Log an error message at log-level 'level' that indicates
- * a failure of the command 'cmd' with the message given
- * by gcry_strerror(rc).
- */
-#define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with
error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0);
-
-/**
- * If target != size, move target bytes to the
- * end of the size-sized buffer and zero out the
- * first target-size bytes.
- *
- * @param buf original buffer
- * @param size number of bytes in the buffer
- * @param target target size of the buffer
- */
-static void
-adjust (unsigned char *buf, size_t size, size_t target)
-{
- if (size < target)
- {
- memmove (&buf[target - size], buf, size);
- memset (buf, 0, target - size);
- }
-}
-
-
-/**
- * Free memory occupied by RSA private key.
- *
- * @param key pointer to the memory to free
- */
-void
-GNUNET_CRYPTO_rsa_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *key)
-{
- gcry_sexp_release (key->sexp);
- GNUNET_free (key);
-}
-
-
-/**
- * Extract values from an S-expression.
- *
- * @param array where to store the result(s)
- * @param sexp S-expression to parse
- * @param topname top-level name in the S-expression that is of interest
- * @param elems names of the elements to extract
- * @return 0 on success
- */
-static int
-key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname,
- const char *elems)
-{
- gcry_sexp_t list;
- gcry_sexp_t l2;
- const char *s;
- unsigned int i;
- unsigned int idx;
-
- if (! (list = gcry_sexp_find_token (sexp, topname, 0)))
- return 1;
- l2 = gcry_sexp_cadr (list);
- gcry_sexp_release (list);
- list = l2;
- if (! list)
- return 2;
- idx = 0;
- for (s = elems; *s; s++, idx++)
- {
- if (! (l2 = gcry_sexp_find_token (list, s, 1)))
- {
- for (i = 0; i < idx; i++)
- {
- gcry_free (array[i]);
- array[i] = NULL;
- }
- gcry_sexp_release (list);
- return 3; /* required parameter not found */
- }
- array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG);
- gcry_sexp_release (l2);
- if (! array[idx])
- {
- for (i = 0; i < idx; i++)
- {
- gcry_free (array[i]);
- array[i] = NULL;
- }
- gcry_sexp_release (list);
- return 4; /* required parameter is invalid */
- }
- }
- gcry_sexp_release (list);
- return 0;
-}
-
-
-/**
- * Extract the public key of the host.
- *
- * @param priv the private key
- * @param pub where to write the public key
- */
-void
-GNUNET_CRYPTO_rsa_key_get_public (const struct GNUNET_CRYPTO_RsaPrivateKey
- *priv,
- struct
GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded
- *pub)
-{
- gcry_mpi_t skey[2];
- size_t size;
- int rc;
-
- rc = key_from_sexp (skey, priv->sexp, "public-key", "ne");
- if (0 != rc)
- rc = key_from_sexp (skey, priv->sexp, "private-key", "ne");
- if (0 != rc)
- rc = key_from_sexp (skey, priv->sexp, "rsa", "ne");
- GNUNET_assert (0 == rc);
- pub->len =
- htons (sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded) -
- sizeof (pub->padding));
- pub->sizen = htons (GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH);
- pub->padding = 0;
- size = GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH;
- GNUNET_assert (0 ==
- gcry_mpi_print (GCRYMPI_FMT_USG, &pub->key[0], size, &size,
- skey[0]));
- adjust (&pub->key[0], size, GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH);
- size = GNUNET_CRYPTO_RSA_KEY_LENGTH - GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH;
- GNUNET_assert (0 ==
- gcry_mpi_print (GCRYMPI_FMT_USG,
- &pub->key
- [GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH],
size,
- &size, skey[1]));
- adjust (&pub->key[GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH], size,
- GNUNET_CRYPTO_RSA_KEY_LENGTH -
- GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH);
- gcry_mpi_release (skey[0]);
- gcry_mpi_release (skey[1]);
-}
-
-
-/**
- * Get hash of the public key that corresponds to a private key.
- *
- * @param key RSA private key
- * @param id buffer for hash of the public key
- */
-void
-GNUNET_CRYPTO_rsa_get_public_key_hash (struct GNUNET_CRYPTO_RsaPrivateKey *key,
- struct GNUNET_HashCode *id)
-{
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pk;
- GNUNET_CRYPTO_rsa_key_get_public (key, &pk);
- GNUNET_CRYPTO_hash (&pk, sizeof (pk), id);
-}
-
-
-/**
- * Convert a public key to a string.
- *
- * @param pub key to convert
- * @return string representing 'pub'
- */
-char *
-GNUNET_CRYPTO_rsa_public_key_to_string (const struct
GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *pub)
-{
- char *pubkeybuf;
- size_t keylen = (sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)) *
8;
- char *end;
-
- if (keylen % 5 > 0)
- keylen += 5 - keylen % 5;
- keylen /= 5;
- pubkeybuf = GNUNET_malloc (keylen + 1);
- end = GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
- sizeof (struct
GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded),
- pubkeybuf,
- keylen);
- if (NULL == end)
- {
- GNUNET_free (pubkeybuf);
- return NULL;
- }
- *end = '\0';
- return pubkeybuf;
-}
-
-
-/**
- * Convert a string representing a public key to a public key.
- *
- * @param enc encoded public key
- * @param enclen number of bytes in enc (without 0-terminator)
- * @param pub where to store the public key
- * @return GNUNET_OK on success
- */
-int
-GNUNET_CRYPTO_rsa_public_key_from_string (const char *enc,
- size_t enclen,
- struct
GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *pub)
-{
- size_t keylen = (sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)) *
8;
-
- if (keylen % 5 > 0)
- keylen += 5 - keylen % 5;
- keylen /= 5;
- if (enclen != keylen)
- return GNUNET_SYSERR;
-
- if (GNUNET_OK != GNUNET_STRINGS_string_to_data (enc, enclen,
- (unsigned char*) pub,
- sizeof (struct
GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)))
- return GNUNET_SYSERR;
- if ( (ntohs (pub->len) != sizeof (struct
GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)) ||
- (ntohs (pub->padding) != 0) ||
- (ntohs (pub->sizen) != GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH) )
- return GNUNET_SYSERR;
- return GNUNET_OK;
-}
-
-
-/**
- * Convert the given public key from the network format to the
- * S-expression that can be used by libgcrypt.
- *
- * @param publicKey public key to decode
- * @return NULL on error
- */
-static gcry_sexp_t
-decode_public_key (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded
*publicKey)
-{
- gcry_sexp_t result;
- gcry_mpi_t n;
- gcry_mpi_t e;
- size_t size;
- size_t erroff;
- int rc;
-
- if ((ntohs (publicKey->sizen) != GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH) ||
- (ntohs (publicKey->len) !=
- sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded) -
- sizeof (publicKey->padding)))
- {
- GNUNET_break (0);
- return NULL;
- }
- size = GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH;
- if (0 != (rc = gcry_mpi_scan (&n, GCRYMPI_FMT_USG, &publicKey->key[0], size,
&size)))
- {
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
- return NULL;
- }
- size = GNUNET_CRYPTO_RSA_KEY_LENGTH - GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH;
- if (0 != (rc = gcry_mpi_scan (&e, GCRYMPI_FMT_USG,
-
&publicKey->key[GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH],
- size, &size)))
- {
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
- gcry_mpi_release (n);
- return NULL;
- }
- rc = gcry_sexp_build (&result, &erroff, "(public-key(rsa(n %m)(e %m)))", n,
- e);
- gcry_mpi_release (n);
- gcry_mpi_release (e);
- if (0 != rc)
- {
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); /* erroff
gives more info */
- return NULL;
- }
- return result;
-}
-
-
-/**
- * Encode the private key in a format suitable for
- * storing it into a file.
- *
- * @return encoding of the private key.
- * The first 4 bytes give the size of the array, as usual.
- */
-struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *
-GNUNET_CRYPTO_rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey
*hostkey)
-{
- struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *retval;
- gcry_mpi_t pkv[6];
- void *pbu[6];
- size_t sizes[6];
- int rc;
- int i;
- int size;
-
-#if EXTRA_CHECKS
- if (gcry_pk_testkey (hostkey->sexp))
- {
- GNUNET_break (0);
- return NULL;
- }
-#endif
-
- memset (pkv, 0, sizeof (gcry_mpi_t) * 6);
- rc = key_from_sexp (pkv, hostkey->sexp, "private-key", "nedpqu");
- if (rc)
- rc = key_from_sexp (pkv, hostkey->sexp, "rsa", "nedpqu");
- if (rc)
- rc = key_from_sexp (pkv, hostkey->sexp, "private-key", "nedpq");
- if (rc)
- rc = key_from_sexp (pkv, hostkey->sexp, "rsa", "nedpq");
- if (rc)
- rc = key_from_sexp (pkv, hostkey->sexp, "private-key", "ned");
- if (rc)
- rc = key_from_sexp (pkv, hostkey->sexp, "rsa", "ned");
- GNUNET_assert (0 == rc);
- size = sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded);
- for (i = 0; i < 6; i++)
- {
- if (NULL != pkv[i])
- {
- GNUNET_assert (0 ==
- gcry_mpi_aprint (GCRYMPI_FMT_USG,
- (unsigned char **) &pbu[i], &sizes[i],
- pkv[i]));
- size += sizes[i];
- }
- else
- {
- pbu[i] = NULL;
- sizes[i] = 0;
- }
- }
- GNUNET_assert (size < 65536);
- retval = GNUNET_malloc (size);
- retval->len = htons (size);
- i = 0;
- retval->sizen = htons (sizes[0]);
- memcpy (&((char *) (&retval[1]))[i], pbu[0], sizes[0]);
- i += sizes[0];
- retval->sizee = htons (sizes[1]);
- memcpy (&((char *) (&retval[1]))[i], pbu[1], sizes[1]);
- i += sizes[1];
- retval->sized = htons (sizes[2]);
- memcpy (&((char *) (&retval[1]))[i], pbu[2], sizes[2]);
- i += sizes[2];
- /* swap p and q! */
- retval->sizep = htons (sizes[4]);
- memcpy (&((char *) (&retval[1]))[i], pbu[4], sizes[4]);
- i += sizes[4];
- retval->sizeq = htons (sizes[3]);
- memcpy (&((char *) (&retval[1]))[i], pbu[3], sizes[3]);
- i += sizes[3];
- retval->sizedmp1 = htons (0);
- retval->sizedmq1 = htons (0);
- memcpy (&((char *) (&retval[1]))[i], pbu[5], sizes[5]);
- for (i = 0; i < 6; i++)
- {
- if (pkv[i] != NULL)
- gcry_mpi_release (pkv[i]);
- if (pbu[i] != NULL)
- free (pbu[i]);
- }
- return retval;
-}
-
-
-/**
- * Decode the private key from the file-format back
- * to the "normal", internal format.
- *
- * @param buf the buffer where the private key data is stored
- * @param len the length of the data in 'buffer'
- * @return NULL on error
- */
-struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len)
-{
- struct GNUNET_CRYPTO_RsaPrivateKey *ret;
- const struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *encoding =
- (const struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *) buf;
- gcry_sexp_t res;
- gcry_mpi_t n;
- gcry_mpi_t e;
- gcry_mpi_t d;
- gcry_mpi_t p;
- gcry_mpi_t q;
- gcry_mpi_t u;
- int rc;
- size_t size;
- size_t pos;
- uint16_t enc_len;
- size_t erroff;
-
- enc_len = ntohs (encoding->len);
- if (len != enc_len)
- return NULL;
-
- pos = 0;
- size = ntohs (encoding->sizen);
- rc = gcry_mpi_scan (&n, GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos], size,
- &size);
- pos += ntohs (encoding->sizen);
- if (0 != rc)
- {
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
- return NULL;
- }
- size = ntohs (encoding->sizee);
- rc = gcry_mpi_scan (&e, GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos], size,
- &size);
- pos += ntohs (encoding->sizee);
- if (0 != rc)
- {
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
- gcry_mpi_release (n);
- return NULL;
- }
- size = ntohs (encoding->sized);
- rc = gcry_mpi_scan (&d, GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos], size,
- &size);
- pos += ntohs (encoding->sized);
- if (0 != rc)
- {
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
- gcry_mpi_release (n);
- gcry_mpi_release (e);
- return NULL;
- }
- /* swap p and q! */
- size = ntohs (encoding->sizep);
- if (size > 0)
- {
- rc = gcry_mpi_scan (&q, GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos], size,
- &size);
- pos += ntohs (encoding->sizep);
- if (0 != rc)
- {
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
- gcry_mpi_release (n);
- gcry_mpi_release (e);
- gcry_mpi_release (d);
- return NULL;
- }
- }
- else
- q = NULL;
- size = ntohs (encoding->sizeq);
- if (size > 0)
- {
- rc = gcry_mpi_scan (&p, GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos], size,
- &size);
- pos += ntohs (encoding->sizeq);
- if (0 != rc)
- {
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
- gcry_mpi_release (n);
- gcry_mpi_release (e);
- gcry_mpi_release (d);
- if (NULL != q)
- gcry_mpi_release (q);
- return NULL;
- }
- }
- else
- p = NULL;
- pos += ntohs (encoding->sizedmp1);
- pos += ntohs (encoding->sizedmq1);
- size =
- ntohs (encoding->len) - sizeof (struct
GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded) - pos;
- if (size > 0)
- {
- rc = gcry_mpi_scan (&u, GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos], size,
- &size);
- if (0 != rc)
- {
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
- gcry_mpi_release (n);
- gcry_mpi_release (e);
- gcry_mpi_release (d);
- if (NULL != p)
- gcry_mpi_release (p);
- if (NULL != q)
- gcry_mpi_release (q);
- return NULL;
- }
- }
- else
- u = NULL;
-
- if ((NULL != p) && (NULL != q) && (NULL != u))
- {
- rc = gcry_sexp_build (&res, &erroff,
- "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)(u
%m)))",
- n, e, d, p, q, u);
- }
- else
- {
- if ((NULL != p) && (NULL != q))
- {
- rc = gcry_sexp_build (&res, &erroff,
- "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)))",
- n, e, d, p, q);
- }
- else
- {
- rc = gcry_sexp_build (&res, &erroff,
- "(private-key(rsa(n %m)(e %m)(d %m)))", n, e, d);
- }
- }
- gcry_mpi_release (n);
- gcry_mpi_release (e);
- gcry_mpi_release (d);
- if (NULL != p)
- gcry_mpi_release (p);
- if (NULL != q)
- gcry_mpi_release (q);
- if (NULL != u)
- gcry_mpi_release (u);
-
- if (0 != rc)
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
-#if EXTRA_CHECKS
- if (0 != (rc = gcry_pk_testkey (res)))
- {
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
- return NULL;
- }
-#endif
- ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey));
- ret->sexp = res;
- return ret;
-}
-
-
-/**
- * Create a new private key. Caller must free return value.
- *
- * @return fresh private key
- */
-static struct GNUNET_CRYPTO_RsaPrivateKey *
-rsa_key_create ()
-{
- struct GNUNET_CRYPTO_RsaPrivateKey *ret;
- gcry_sexp_t s_key;
- gcry_sexp_t s_keyparam;
-
- GNUNET_assert (0 ==
- gcry_sexp_build (&s_keyparam, NULL,
- "(genkey(rsa(nbits %d)(rsa-use-e 3:257)))",
- HOSTKEY_LEN));
- GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam));
- gcry_sexp_release (s_keyparam);
-#if EXTRA_CHECKS
- GNUNET_assert (0 == gcry_pk_testkey (s_key));
-#endif
- ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey));
- ret->sexp = s_key;
- return ret;
-}
-
-
-/**
- * Try to read the private key from the given file.
- *
- * @param filename file to read the key from
- * @return NULL on error
- */
-static struct GNUNET_CRYPTO_RsaPrivateKey *
-try_read_key (const char *filename)
-{
- struct GNUNET_CRYPTO_RsaPrivateKey *ret;
- struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *enc;
- struct GNUNET_DISK_FileHandle *fd;
- OFF_T fs;
- uint16_t len;
-
- if (GNUNET_YES != GNUNET_DISK_file_test (filename))
- return NULL;
-
- /* hostkey file exists already, read it! */
- if (NULL == (fd = GNUNET_DISK_file_open (filename, GNUNET_DISK_OPEN_READ,
- GNUNET_DISK_PERM_NONE)))
- {
- LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename);
- return NULL;
- }
- if (GNUNET_OK != (GNUNET_DISK_file_handle_size (fd, &fs)))
- {
- LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "stat", filename);
- (void) GNUNET_DISK_file_close (fd);
- return NULL;
- }
- if (0 == fs)
- {
- GNUNET_break (GNUNET_OK == GNUNET_DISK_file_close (fd));
- return NULL;
- }
- if (fs > UINT16_MAX)
- {
- LOG (GNUNET_ERROR_TYPE_ERROR,
- _("File `%s' does not contain a valid private key (too long, %llu
bytes). Renaming it.\n"),
- filename,
- (unsigned long long) fs);
- GNUNET_break (GNUNET_OK == GNUNET_DISK_file_close (fd));
- GNUNET_DISK_file_backup (filename);
- return NULL;
- }
-
- enc = GNUNET_malloc (fs);
- GNUNET_break (fs == GNUNET_DISK_file_read (fd, enc, fs));
- len = ntohs (enc->len);
- ret = NULL;
- if ((len != fs) ||
- (NULL == (ret = GNUNET_CRYPTO_rsa_decode_key ((char *) enc, len))))
- {
- LOG (GNUNET_ERROR_TYPE_ERROR,
- _("File `%s' does not contain a valid private key (failed decode,
%llu bytes). Deleting it.\n"),
- filename,
- (unsigned long long) fs);
- GNUNET_break (GNUNET_OK == GNUNET_DISK_file_close (fd));
- GNUNET_DISK_file_backup (filename);
- GNUNET_free (enc);
- return NULL;
- }
- GNUNET_free (enc);
-
- GNUNET_break (GNUNET_OK == GNUNET_DISK_file_close (fd));
- return ret;
-}
-
-
-/**
- * Wait for a short time (we're trying to lock a file or want
- * to give another process a shot at finishing a disk write, etc.).
- * Sleeps for 100ms (as that should be long enough for virtually all
- * modern systems to context switch and allow another process to do
- * some 'real' work).
- */
-static void
-short_wait ()
-{
- struct GNUNET_TIME_Relative timeout;
-
- timeout = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, 100);
- (void) GNUNET_NETWORK_socket_select (NULL, NULL, NULL, timeout);
-}
-
-
-/**
- * Open existing private key file and read it. If the
- * file does not exist, or the contents of the file are
- * invalid, the function fails
- * Caller must free returned value.
- *
- * @return a private key, NULL on error (for example,
- * permission denied) or when file does not exist or contains invalid
- * data.
- */
-struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_key_create_from_existing_file (const char *filename)
-{
- struct GNUNET_CRYPTO_RsaPrivateKey *ret;
- struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *enc;
- uint16_t len;
- struct GNUNET_DISK_FileHandle *fd;
- unsigned int cnt;
- int ec;
- uint64_t fs;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub;
- struct GNUNET_PeerIdentity pid;
-
- fd = GNUNET_DISK_file_open (filename, GNUNET_DISK_OPEN_READ,
- GNUNET_DISK_PERM_NONE);
- if (NULL == fd)
- {
- LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename);
- return NULL;
- }
- cnt = 0;
- while (1)
- {
- if (GNUNET_YES !=
- GNUNET_DISK_file_lock (fd, 0,
- sizeof (struct
GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded),
- GNUNET_NO))
- {
- if (0 == ++cnt % 60)
- {
- ec = errno;
- LOG (GNUNET_ERROR_TYPE_ERROR,
- _("Could not acquire lock on file `%s': %s...\n"), filename,
- STRERROR (ec));
- LOG (GNUNET_ERROR_TYPE_ERROR,
- _
- ("This may be ok if someone is currently generating a private
key.\n"));
- }
- short_wait ();
- continue;
- }
- if (GNUNET_YES != GNUNET_DISK_file_test (filename))
- {
- /* eh, what!? File we opened is now gone!? */
- LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "stat", filename);
- if (GNUNET_YES !=
- GNUNET_DISK_file_unlock (fd, 0,
- sizeof (struct
GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded)))
- LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
- GNUNET_assert (GNUNET_OK == GNUNET_DISK_file_close (fd));
-
- return NULL;
- }
- if (GNUNET_OK != GNUNET_DISK_file_size (filename, &fs, GNUNET_YES,
GNUNET_YES))
- fs = 0;
- if (fs < sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded))
- {
- /* maybe we got the read lock before the key generating
- * process had a chance to get the write lock; give it up! */
- if (GNUNET_YES !=
- GNUNET_DISK_file_unlock (fd, 0,
- sizeof (struct
GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded)))
- LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
- if (0 == ++cnt % 10)
- {
- LOG (GNUNET_ERROR_TYPE_ERROR,
- _
- ("When trying to read key file `%s' I found %u bytes but I need
at least %u.\n"),
- filename, (unsigned int) fs,
- (unsigned int) sizeof (struct
GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded));
- LOG (GNUNET_ERROR_TYPE_ERROR,
- _
- ("This may be ok if someone is currently generating a private
key.\n"));
- }
- short_wait (); /* wait a bit longer! */
- continue;
- }
- break;
- }
- enc = GNUNET_malloc (fs);
- GNUNET_assert (fs == GNUNET_DISK_file_read (fd, enc, fs));
- len = ntohs (enc->len);
- ret = NULL;
- if ((len != fs) ||
- (NULL == (ret = GNUNET_CRYPTO_rsa_decode_key ((char *) enc, len))))
- {
- LOG (GNUNET_ERROR_TYPE_ERROR,
- _("File `%s' does not contain a valid private key. Deleting it.\n"),
- filename);
- GNUNET_DISK_file_backup (filename);
- }
- GNUNET_free (enc);
- if (GNUNET_YES !=
- GNUNET_DISK_file_unlock (fd, 0,
- sizeof (struct
GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded)))
- LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
- GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd));
- if (ret != NULL)
- {
- GNUNET_CRYPTO_rsa_key_get_public (ret, &pub);
- GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey);
- }
- return ret;
-}
-
-/**
- * Create a new private key by reading it from a file. If the
- * files does not exist, create a new key and write it to the
- * file. Caller must free return value. Note that this function
- * can not guarantee that another process might not be trying
- * the same operation on the same file at the same time.
- * If the contents of the file
- * are invalid the old file is deleted and a fresh key is
- * created.
- *
- * @return new private key, NULL on error (for example,
- * permission denied)
- */
-struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename)
-{
- struct GNUNET_CRYPTO_RsaPrivateKey *ret;
- struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *enc;
- struct GNUNET_DISK_FileHandle *fd;
- unsigned int cnt;
- int ec;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub;
- struct GNUNET_PeerIdentity pid;
-
- if (GNUNET_SYSERR == GNUNET_DISK_directory_create_for_file (filename))
- return NULL;
-
- while (GNUNET_YES != GNUNET_DISK_file_test (filename))
- {
- fd = GNUNET_DISK_file_open (filename,
- GNUNET_DISK_OPEN_WRITE |
GNUNET_DISK_OPEN_CREATE
- | GNUNET_DISK_OPEN_FAILIFEXISTS,
- GNUNET_DISK_PERM_USER_READ |
- GNUNET_DISK_PERM_USER_WRITE);
- if (NULL == fd)
- {
- if (EEXIST == errno)
- {
- if (GNUNET_YES != GNUNET_DISK_file_test (filename))
- {
- /* must exist but not be accessible, fail for good! */
- if (0 != ACCESS (filename, R_OK))
- LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "access", filename);
- else
- GNUNET_break (0); /* what is going on!? */
- return NULL;
- }
- continue;
- }
- LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename);
- return NULL;
- }
- cnt = 0;
-
- while (GNUNET_YES !=
- GNUNET_DISK_file_lock (fd, 0,
- sizeof (struct
GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded),
- GNUNET_YES))
- {
- short_wait ();
- if (0 == ++cnt % 10)
- {
- ec = errno;
- LOG (GNUNET_ERROR_TYPE_ERROR,
- _("Could not acquire lock on file `%s': %s...\n"), filename,
- STRERROR (ec));
- }
- }
- LOG (GNUNET_ERROR_TYPE_INFO,
- _("Creating a new private key. This may take a while.\n"));
- ret = rsa_key_create ();
- GNUNET_assert (ret != NULL);
- enc = GNUNET_CRYPTO_rsa_encode_key (ret);
- GNUNET_assert (enc != NULL);
- GNUNET_assert (ntohs (enc->len) ==
- GNUNET_DISK_file_write (fd, enc, ntohs (enc->len)));
- GNUNET_free (enc);
-
- GNUNET_DISK_file_sync (fd);
- if (GNUNET_YES !=
- GNUNET_DISK_file_unlock (fd, 0,
- sizeof (struct
GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded)))
- LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
- GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd));
- GNUNET_CRYPTO_rsa_key_get_public (ret, &pub);
- GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey);
- return ret;
- }
- /* hostkey file exists already, read it! */
- return GNUNET_CRYPTO_rsa_key_create_from_existing_file (filename);
-}
-
-
-/**
- * Handle to cancel private key generation and state for the
- * key generation operation.
- */
-struct GNUNET_CRYPTO_RsaKeyGenerationContext
-{
-
- /**
- * Continuation to call upon completion.
- */
- GNUNET_CRYPTO_RsaKeyCallback cont;
-
- /**
- * Closure for 'cont'.
- */
- void *cont_cls;
-
- /**
- * Name of the file.
- */
- char *filename;
-
- /**
- * Handle to the helper process which does the key generation.
- */
- struct GNUNET_OS_Process *gnunet_rsa;
-
- /**
- * Handle to 'stdout' of gnunet-rsa. We 'read' on stdout to detect
- * process termination (instead of messing with SIGCHLD).
- */
- struct GNUNET_DISK_PipeHandle *gnunet_rsa_out;
-
- /**
- * Location where we store the private key if it already existed.
- * (if this is used, 'filename', 'gnunet_rsa' and 'gnunet_rsa_out' will
- * not be used).
- */
- struct GNUNET_CRYPTO_RsaPrivateKey *pk;
-
- /**
- * Task reading from 'gnunet_rsa_out' to wait for process termination.
- */
- GNUNET_SCHEDULER_TaskIdentifier read_task;
-
-};
-
-
-/**
- * Task called upon shutdown or process termination of 'gnunet-rsa' during
- * RSA key generation. Check where we are and perform the appropriate
- * action.
- *
- * @param cls the 'struct GNUNET_CRYPTO_RsaKeyGenerationContext'
- * @param tc scheduler context
- */
-static void
-check_key_generation_completion (void *cls,
- const struct GNUNET_SCHEDULER_TaskContext *tc)
-{
- struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc = cls;
- struct GNUNET_CRYPTO_RsaPrivateKey *pk;
-
- gc->read_task = GNUNET_SCHEDULER_NO_TASK;
- if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
- {
- gc->cont (gc->cont_cls, NULL, _("interrupted by shutdown"));
- GNUNET_CRYPTO_rsa_key_create_stop (gc);
- return;
- }
- GNUNET_assert (GNUNET_OK ==
- GNUNET_OS_process_wait (gc->gnunet_rsa));
- GNUNET_OS_process_destroy (gc->gnunet_rsa);
- gc->gnunet_rsa = NULL;
- if (NULL == (pk = try_read_key (gc->filename)))
- {
- GNUNET_break (0);
- gc->cont (gc->cont_cls, NULL, _("gnunet-rsa failed"));
- GNUNET_CRYPTO_rsa_key_create_stop (gc);
- return;
- }
- gc->cont (gc->cont_cls, pk, NULL);
- GNUNET_DISK_pipe_close (gc->gnunet_rsa_out);
- GNUNET_free (gc->filename);
- GNUNET_free (gc);
-}
-
-
-/**
- * Return the private RSA key which already existed on disk
- * (asynchronously) to the caller.
- *
- * @param cls the 'struct GNUNET_CRYPTO_RsaKeyGenerationContext'
- * @param tc scheduler context (unused)
- */
-static void
-async_return_key (void *cls,
- const struct GNUNET_SCHEDULER_TaskContext *tc)
-{
- struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc = cls;
-
- gc->cont (gc->cont_cls,
- gc->pk,
- NULL);
- GNUNET_free (gc);
-}
-
-
-/**
- * Create a new private key by reading it from a file. If the files
- * does not exist, create a new key and write it to the file. If the
- * contents of the file are invalid the old file is deleted and a
- * fresh key is created.
- *
- * @param filename name of file to use for storage
- * @param cont function to call when done (or on errors)
- * @param cont_cls closure for 'cont'
- * @return handle to abort operation, NULL on fatal errors (cont will not be
called if NULL is returned)
- */
-struct GNUNET_CRYPTO_RsaKeyGenerationContext *
-GNUNET_CRYPTO_rsa_key_create_start (const char *filename,
- GNUNET_CRYPTO_RsaKeyCallback cont,
- void *cont_cls)
-{
- struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc;
- struct GNUNET_CRYPTO_RsaPrivateKey *pk;
-
- if (NULL != (pk = try_read_key (filename)))
- {
- /* quick happy ending: key already exists! */
- gc = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaKeyGenerationContext));
- gc->pk = pk;
- gc->cont = cont;
- gc->cont_cls = cont_cls;
- gc->read_task = GNUNET_SCHEDULER_add_now (&async_return_key,
- gc);
- return gc;
- }
- gc = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaKeyGenerationContext));
- gc->filename = GNUNET_strdup (filename);
- gc->cont = cont;
- gc->cont_cls = cont_cls;
- gc->gnunet_rsa_out = GNUNET_DISK_pipe (GNUNET_NO,
- GNUNET_NO,
- GNUNET_NO,
- GNUNET_YES);
- if (NULL == gc->gnunet_rsa_out)
- {
- GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "pipe");
- GNUNET_free (gc->filename);
- GNUNET_free (gc);
- return NULL;
- }
- gc->gnunet_rsa = GNUNET_OS_start_process (GNUNET_NO,
- GNUNET_OS_INHERIT_STD_ERR,
- NULL,
- gc->gnunet_rsa_out,
- "gnunet-rsa",
- "gnunet-rsa",
- gc->filename,
- NULL);
- if (NULL == gc->gnunet_rsa)
- {
- GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "fork");
- GNUNET_DISK_pipe_close (gc->gnunet_rsa_out);
- GNUNET_free (gc->filename);
- GNUNET_free (gc);
- return NULL;
- }
- GNUNET_assert (GNUNET_OK ==
- GNUNET_DISK_pipe_close_end (gc->gnunet_rsa_out,
- GNUNET_DISK_PIPE_END_WRITE));
- gc->read_task = GNUNET_SCHEDULER_add_read_file (GNUNET_TIME_UNIT_FOREVER_REL,
- GNUNET_DISK_pipe_handle
(gc->gnunet_rsa_out,
-
GNUNET_DISK_PIPE_END_READ),
-
&check_key_generation_completion,
- gc);
- return gc;
-}
-
-
-/**
- * Abort RSA key generation.
- *
- * @param gc key generation context to abort
- */
-void
-GNUNET_CRYPTO_rsa_key_create_stop (struct
GNUNET_CRYPTO_RsaKeyGenerationContext *gc)
-{
- if (GNUNET_SCHEDULER_NO_TASK != gc->read_task)
- {
- GNUNET_SCHEDULER_cancel (gc->read_task);
- gc->read_task = GNUNET_SCHEDULER_NO_TASK;
- }
- if (NULL != gc->gnunet_rsa)
- {
- (void) GNUNET_OS_process_kill (gc->gnunet_rsa, SIGKILL);
- GNUNET_break (GNUNET_OK ==
- GNUNET_OS_process_wait (gc->gnunet_rsa));
- GNUNET_OS_process_destroy (gc->gnunet_rsa);
- GNUNET_DISK_pipe_close (gc->gnunet_rsa_out);
- }
-
- if (NULL != gc->filename)
- {
- if (0 != UNLINK (gc->filename))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "unlink",
gc->filename);
- GNUNET_free (gc->filename);
- }
- if (NULL != gc->pk)
- GNUNET_CRYPTO_rsa_key_free (gc->pk);
- GNUNET_free (gc);
-}
-
-
-/**
- * Setup a key file for a peer given the name of the
- * configuration file (!). This function is used so that
- * at a later point code can be certain that reading a
- * key is fast (for example in time-dependent testcases).
- *
- * @param cfg_name name of the configuration file to use
- */
-void
-GNUNET_CRYPTO_rsa_setup_hostkey (const char *cfg_name)
-{
- struct GNUNET_CONFIGURATION_Handle *cfg;
- struct GNUNET_CRYPTO_RsaPrivateKey *pk;
- char *fn;
-
- cfg = GNUNET_CONFIGURATION_create ();
- (void) GNUNET_CONFIGURATION_load (cfg, cfg_name);
- if (GNUNET_OK ==
- GNUNET_CONFIGURATION_get_value_filename (cfg, "GNUNETD", "HOSTKEY", &fn))
- {
- pk = GNUNET_CRYPTO_rsa_key_create_from_file (fn);
- if (NULL != pk)
- GNUNET_CRYPTO_rsa_key_free (pk);
- GNUNET_free (fn);
- }
- GNUNET_CONFIGURATION_destroy (cfg);
-}
-
-
-/**
- * Encrypt a block with the public key of another host that uses the
- * same cipher.
- *
- * @param block the block to encrypt
- * @param size the size of block
- * @param publicKey the encoded public key used to encrypt
- * @param target where to store the encrypted block
- * @returns GNUNET_SYSERR on error, GNUNET_OK if ok
- */
-int
-GNUNET_CRYPTO_rsa_encrypt (const void *block, size_t size,
- const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded
- *publicKey,
- struct GNUNET_CRYPTO_RsaEncryptedData *target)
-{
- gcry_sexp_t result;
- gcry_sexp_t data;
- gcry_sexp_t psexp;
- gcry_mpi_t val;
- gcry_mpi_t rval;
- size_t isize;
- size_t erroff;
-
- GNUNET_assert (size <= sizeof (struct GNUNET_HashCode));
- if (! (psexp = decode_public_key (publicKey)))
- return GNUNET_SYSERR;
- isize = size;
- GNUNET_assert (0 ==
- gcry_mpi_scan (&val, GCRYMPI_FMT_USG, block, isize, &isize));
- GNUNET_assert (0 ==
- gcry_sexp_build (&data, &erroff,
- "(data (flags pkcs1)(value %m))", val));
- gcry_mpi_release (val);
- GNUNET_assert (0 == gcry_pk_encrypt (&result, data, psexp));
- gcry_sexp_release (data);
- gcry_sexp_release (psexp);
- GNUNET_assert (0 == key_from_sexp (&rval, result, "rsa", "a"));
- gcry_sexp_release (result);
- isize = sizeof (struct GNUNET_CRYPTO_RsaEncryptedData);
- GNUNET_assert (0 ==
- gcry_mpi_print (GCRYMPI_FMT_USG, (unsigned char *) target,
- isize, &isize, rval));
- gcry_mpi_release (rval);
- adjust (&target->encoding[0], isize,
- sizeof (struct GNUNET_CRYPTO_RsaEncryptedData));
- return GNUNET_OK;
-}
-
-
-/**
- * Decrypt a given block with the key.
- *
- * @param key the key with which to decrypt this block
- * @param block the data to decrypt, encoded as returned by encrypt
- * @param result pointer to a location where the result can be stored
- * @param max the maximum number of bits to store for the result, if
- * the decrypted block is bigger, an error is returned
- * @return the size of the decrypted block, -1 on error
- */
-ssize_t
-GNUNET_CRYPTO_rsa_decrypt (const struct GNUNET_CRYPTO_RsaPrivateKey * key,
- const struct GNUNET_CRYPTO_RsaEncryptedData * block,
- void *result, size_t max)
-{
- gcry_sexp_t resultsexp;
- gcry_sexp_t data;
- size_t erroff;
- size_t size;
- gcry_mpi_t val;
- unsigned char *endp;
- unsigned char *tmp;
-
-#if EXTRA_CHECKS
- GNUNET_assert (0 == gcry_pk_testkey (key->sexp));
-#endif
- size = sizeof (struct GNUNET_CRYPTO_RsaEncryptedData);
- GNUNET_assert (0 ==
- gcry_mpi_scan (&val, GCRYMPI_FMT_USG, &block->encoding[0],
- size, &size));
- GNUNET_assert (0 ==
- gcry_sexp_build (&data, &erroff, "(enc-val(flags)(rsa(a
%m)))",
- val));
- gcry_mpi_release (val);
- GNUNET_assert (0 == gcry_pk_decrypt (&resultsexp, data, key->sexp));
- gcry_sexp_release (data);
- /* resultsexp has format "(value %m)" */
- GNUNET_assert (NULL !=
- (val = gcry_sexp_nth_mpi (resultsexp, 1, GCRYMPI_FMT_USG)));
- gcry_sexp_release (resultsexp);
- tmp = GNUNET_malloc (max + HOSTKEY_LEN / 8);
- size = max + HOSTKEY_LEN / 8;
- GNUNET_assert (0 == gcry_mpi_print (GCRYMPI_FMT_USG, tmp, size, &size, val));
- gcry_mpi_release (val);
- endp = tmp;
- endp += (size - max);
- size = max;
- memcpy (result, endp, size);
- GNUNET_free (tmp);
- return size;
-}
-
-
-/**
- * Convert the data specified in the given purpose argument to an
- * S-expression suitable for signature operations.
- *
- * @param purpose data to convert
- * @return converted s-expression
- */
-static gcry_sexp_t
-data_to_pkcs1 (const struct GNUNET_CRYPTO_RsaSignaturePurpose *purpose)
-{
- struct GNUNET_HashCode hc;
- size_t bufSize;
- gcry_sexp_t data;
-
- GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
-#define FORMATSTRING
"(4:data(5:flags5:pkcs1)(4:hash6:sha51264:0123456789012345678901234567890123456789012345678901234567890123))"
- bufSize = strlen (FORMATSTRING) + 1;
- {
- char buff[bufSize];
-
- memcpy (buff, FORMATSTRING, bufSize);
- memcpy (&buff
- [bufSize -
- strlen
-
("0123456789012345678901234567890123456789012345678901234567890123))")
- - 1], &hc, sizeof (struct GNUNET_HashCode));
- GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0));
- }
-#undef FORMATSTRING
- return data;
-}
-
-
-/**
- * Sign a given block.
- *
- * @param key private key to use for the signing
- * @param purpose what to sign (size, purpose)
- * @param sig where to write the signature
- * @return GNUNET_SYSERR on error, GNUNET_OK on success
- */
-int
-GNUNET_CRYPTO_rsa_sign (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
- const struct GNUNET_CRYPTO_RsaSignaturePurpose
*purpose,
- struct GNUNET_CRYPTO_RsaSignature *sig)
-{
- gcry_sexp_t result;
- gcry_sexp_t data;
- size_t ssize;
- gcry_mpi_t rval;
-
- data = data_to_pkcs1 (purpose);
- GNUNET_assert (0 == gcry_pk_sign (&result, data, key->sexp));
- gcry_sexp_release (data);
- GNUNET_assert (0 == key_from_sexp (&rval, result, "rsa", "s"));
- gcry_sexp_release (result);
- ssize = sizeof (struct GNUNET_CRYPTO_RsaSignature);
- GNUNET_assert (0 ==
- gcry_mpi_print (GCRYMPI_FMT_USG, (unsigned char *) sig, ssize,
- &ssize, rval));
- gcry_mpi_release (rval);
- adjust (sig->sig, ssize, sizeof (struct GNUNET_CRYPTO_RsaSignature));
- return GNUNET_OK;
-}
-
-
-/**
- * Verify signature.
- *
- * @param purpose what is the purpose that the signature should have?
- * @param validate block to validate (size, purpose, data)
- * @param sig signature that is being validated
- * @param publicKey public key of the signer
- * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid
- */
-int
-GNUNET_CRYPTO_rsa_verify (uint32_t purpose,
- const struct GNUNET_CRYPTO_RsaSignaturePurpose
- *validate,
- const struct GNUNET_CRYPTO_RsaSignature *sig,
- const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded
- *publicKey)
-{
- gcry_sexp_t data;
- gcry_sexp_t sigdata;
- size_t size;
- gcry_mpi_t val;
- gcry_sexp_t psexp;
- size_t erroff;
- int rc;
-
- if (purpose != ntohl (validate->purpose))
- return GNUNET_SYSERR; /* purpose mismatch */
- size = sizeof (struct GNUNET_CRYPTO_RsaSignature);
- GNUNET_assert (0 ==
- gcry_mpi_scan (&val, GCRYMPI_FMT_USG,
- (const unsigned char *) sig, size, &size));
- GNUNET_assert (0 ==
- gcry_sexp_build (&sigdata, &erroff, "(sig-val(rsa(s %m)))",
- val));
- gcry_mpi_release (val);
- data = data_to_pkcs1 (validate);
- if (! (psexp = decode_public_key (publicKey)))
- {
- gcry_sexp_release (data);
- gcry_sexp_release (sigdata);
- return GNUNET_SYSERR;
- }
- rc = gcry_pk_verify (sigdata, data, psexp);
- gcry_sexp_release (psexp);
- gcry_sexp_release (data);
- gcry_sexp_release (sigdata);
- if (rc)
- {
- LOG (GNUNET_ERROR_TYPE_WARNING,
- _("RSA signature verification failed at %s:%d: %s\n"), __FILE__,
- __LINE__, gcry_strerror (rc));
- return GNUNET_SYSERR;
- }
- return GNUNET_OK;
-}
-
-
-/* end of crypto_rsa.c */
Deleted: gnunet/src/util/gnunet-rsa.c
===================================================================
--- gnunet/src/util/gnunet-rsa.c 2013-07-18 13:40:50 UTC (rev 28165)
+++ gnunet/src/util/gnunet-rsa.c 2013-07-18 13:45:05 UTC (rev 28166)
@@ -1,138 +0,0 @@
-/*
- This file is part of GNUnet.
- (C) 2012 Christian Grothoff (and other contributing authors)
-
- GNUnet is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published
- by the Free Software Foundation; either version 3, or (at your
- option) any later version.
-
- GNUnet is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with GNUnet; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- Boston, MA 02111-1307, USA.
-*/
-
-/**
- * @file util/gnunet-rsa.c
- * @brief tool to manipulate RSA key files
- * @author Christian Grothoff
- */
-#include "platform.h"
-#include "gnunet_util_lib.h"
-#include <gcrypt.h>
-
-
-/**
- * Flag for printing public key.
- */
-static int print_public_key;
-
-/**
- * Flag for printing hash of public key.
- */
-static int print_peer_identity;
-
-/**
- * Flag for printing short hash of public key.
- */
-static int print_short_identity;
-
-
-/**
- * Main function that will be run by the scheduler.
- *
- * @param cls closure
- * @param args remaining command-line arguments
- * @param cfgfile name of the configuration file used (for saving, can be
NULL!)
- * @param cfg configuration
- */
-static void
-run (void *cls, char *const *args, const char *cfgfile,
- const struct GNUNET_CONFIGURATION_Handle *cfg)
-{
- struct GNUNET_CRYPTO_RsaPrivateKey *pk;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub;
- struct GNUNET_PeerIdentity pid;
-
- if (NULL == args[0])
- {
- fprintf (stderr, _("No hostkey file specified on command line\n"));
- return;
- }
- pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]);
- if (NULL == pk)
- return;
- if (print_public_key)
- {
- char *s;
-
- GNUNET_CRYPTO_rsa_key_get_public (pk, &pub);
- s = GNUNET_CRYPTO_rsa_public_key_to_string (&pub);
- fprintf (stdout, "%s\n", s);
- GNUNET_free (s);
- }
- if (print_peer_identity)
- {
- struct GNUNET_CRYPTO_HashAsciiEncoded enc;
-
- GNUNET_CRYPTO_rsa_key_get_public (pk, &pub);
- GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey);
- GNUNET_CRYPTO_hash_to_enc (&pid.hashPubKey, &enc);
- fprintf (stdout, "%s\n", enc.encoding);
- }
- if (print_short_identity)
- {
- struct GNUNET_CRYPTO_ShortHashAsciiEncoded enc;
- struct GNUNET_CRYPTO_ShortHashCode sh;
-
- GNUNET_CRYPTO_rsa_key_get_public (pk, &pub);
- GNUNET_CRYPTO_short_hash (&pub, sizeof (pub), &sh);
- GNUNET_CRYPTO_short_hash_to_enc (&sh, &enc);
- fprintf (stdout, "%s\n", enc.short_encoding);
- }
- GNUNET_CRYPTO_rsa_key_free (pk);
-}
-
-
-/**
- * Program to manipulate RSA key files.
- *
- * @param argc number of arguments from the command line
- * @param argv command line arguments
- * @return 0 ok, 1 on error
- */
-int
-main (int argc, char *const*argv)
-{
- static const struct GNUNET_GETOPT_CommandLineOption options[] = {
- { 'p', "print-public-key", NULL,
- gettext_noop ("print the public key in ASCII format"),
- 0, &GNUNET_GETOPT_set_one, &print_public_key },
- { 'P', "print-peer-identity", NULL,
- gettext_noop ("print the hash of the public key in ASCII format"),
- 0, &GNUNET_GETOPT_set_one, &print_peer_identity },
- { 's', "print-short-identity", NULL,
- gettext_noop ("print the short hash of the public key in ASCII format"),
- 0, &GNUNET_GETOPT_set_one, &print_short_identity },
- GNUNET_GETOPT_OPTION_END
- };
- int ret;
-
- if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
- return 2;
-
- ret = (GNUNET_OK ==
- GNUNET_PROGRAM_run (argc, argv, "gnunet-rsa [OPTIONS] keyfile",
- gettext_noop ("Manipulate GNUnet private RSA key
files"),
- options, &run, NULL)) ? 0 : 1;
- GNUNET_free ((void*) argv);
- return ret;
-}
-
-/* end of gnunet-rsa.c */
Deleted: gnunet/src/util/test_crypto_ksk.c
===================================================================
--- gnunet/src/util/test_crypto_ksk.c 2013-07-18 13:40:50 UTC (rev 28165)
+++ gnunet/src/util/test_crypto_ksk.c 2013-07-18 13:45:05 UTC (rev 28166)
@@ -1,261 +0,0 @@
-/*
- This file is part of GNUnet.
- Copyright (C) 2004, 2005, 2006 Christian Grothoff (and other contributing
authors)
-
- GNUnet is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published
- by the Free Software Foundation; either version 3, or (at your
- option) any later version.
-
- GNUnet is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with GNUnet; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- Boston, MA 02111-1307, USA.
-*/
-
-/**
- * @file util/test_crypto_ksk.c
- * @brief testcase for util/crypto_ksk.c
- * @author Christian Grothoff
- */
-#include "platform.h"
-#include "gnunet_common.h"
-#include "gnunet_util_lib.h"
-#include "gnunet_signatures.h"
-
-
-#define TESTSTRING "Hello World\0"
-#define MAX_TESTVAL 20
-#define UNIQUE_ITER 6
-#define ITER 25
-
-
-static int
-testCorrectKey ()
-{
- const char *want =
-
"010601000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b73c215f7a5e6b09bec55713c901786c09324a150980e014bdb0d04426934929c3b4971a9711af5455536cd6eeb8bfa004ee904972a737455f53c752987d8c82b755bc02882b44950c4acdc1672ba74c3b94d81a4c1ea3d74e7700ae5594c3a4f3c559e4bff2df6844fac302e4b66175e14dc8bad3ce44281d2fec1a1abef06301010000";
- struct GNUNET_HashCode in;
- struct GNUNET_CRYPTO_RsaPrivateKey *hostkey;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey;
- int i;
- char out[3];
-
- FPRINTF (stderr, "%s", "Testing KBlock key correctness");
- GNUNET_CRYPTO_hash ("X", strlen ("X"), &in);
- hostkey = GNUNET_CRYPTO_rsa_key_create_from_hash (&in);
- if (hostkey == NULL)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- GNUNET_CRYPTO_rsa_key_get_public (hostkey, &pkey);
- GNUNET_CRYPTO_rsa_key_free (hostkey);
-#if 0
- for (i = 0; i < sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded); i++)
- printf ("%02x", ((unsigned char *) &pkey)[i]);
- printf ("\n");
-#endif
- for (i = 0; i < sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded); i++)
- {
- snprintf (out, sizeof (out), "%02x", ((unsigned char *) &pkey)[i]);
- if (0 != strncmp (out, &want[i * 2], 2))
- {
- FPRINTF (stderr, " Failed! Wanted %.2s but got %2s at %d\n", &want[i *
2],
- out, i);
- return GNUNET_SYSERR;
- }
- }
- FPRINTF (stderr, "%s", " OK\n");
- return GNUNET_OK;
-}
-
-
-static int
-testMultiKey (const char *word)
-{
- struct GNUNET_HashCode in;
- struct GNUNET_CRYPTO_RsaPrivateKey *hostkey;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey1;
- int i;
-
- FPRINTF (stderr, "Testing KBlock key uniqueness (%s) ", word);
- GNUNET_CRYPTO_hash (word, strlen (word), &in);
- hostkey = GNUNET_CRYPTO_rsa_key_create_from_hash (&in);
- if (hostkey == NULL)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- GNUNET_CRYPTO_rsa_key_get_public (hostkey, &pkey);
- /*
- * for (i=0;i<sizeof(struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded);i++)
- * printf("%02x", ((unsigned char*) &pkey)[i]);
- * printf("\n"); */
- GNUNET_CRYPTO_rsa_key_free (hostkey);
- for (i = 0; i < UNIQUE_ITER; i++)
- {
- FPRINTF (stderr, "%s", ".");
- hostkey = GNUNET_CRYPTO_rsa_key_create_from_hash (&in);
- if (hostkey == NULL)
- {
- GNUNET_break (0);
- FPRINTF (stderr, "%s", " ERROR\n");
- return GNUNET_SYSERR;
- }
- GNUNET_CRYPTO_rsa_key_get_public (hostkey, &pkey1);
- GNUNET_CRYPTO_rsa_key_free (hostkey);
- if (0 !=
- memcmp (&pkey, &pkey1,
- sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)))
- {
- GNUNET_break (0);
- FPRINTF (stderr, "%s", " ERROR\n");
- return GNUNET_SYSERR;
- }
- }
- FPRINTF (stderr, "%s", " OK\n");
- return GNUNET_OK;
-}
-
-
-static int
-testEncryptDecrypt (struct GNUNET_CRYPTO_RsaPrivateKey *hostkey)
-{
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey;
- struct GNUNET_CRYPTO_RsaEncryptedData target;
- char result[MAX_TESTVAL];
- int i;
- struct GNUNET_TIME_Absolute start;
- int ok;
-
- FPRINTF (stderr, "%s", "W");
- GNUNET_CRYPTO_rsa_key_get_public (hostkey, &pkey);
-
- ok = 0;
- start = GNUNET_TIME_absolute_get ();
- for (i = 0; i < ITER; i++)
- {
- FPRINTF (stderr, "%s", ".");
- if (GNUNET_SYSERR ==
- GNUNET_CRYPTO_rsa_encrypt (TESTSTRING, strlen (TESTSTRING) + 1, &pkey,
- &target))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_encrypt returned SYSERR\n");
- ok++;
- continue;
- }
- if (-1 ==
- GNUNET_CRYPTO_rsa_decrypt (hostkey, &target, result,
- strlen (TESTSTRING) + 1))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_decrypt returned SYSERR\n");
- ok++;
- continue;
- }
- if (strncmp (TESTSTRING, result, strlen (TESTSTRING)) != 0)
- {
- printf ("%s != %.*s - testEncryptDecrypt failed!\n", TESTSTRING,
- MAX_TESTVAL, result);
- ok++;
- continue;
- }
- }
- printf ("%d RSA encrypt/decrypt operations %s (%d failures)\n",
- ITER,
- GNUNET_STRINGS_relative_time_to_string
(GNUNET_TIME_absolute_get_duration (start), GNUNET_YES),
- ok);
- if (ok == 0)
- return GNUNET_OK;
- else
- return GNUNET_SYSERR;
-}
-
-static int
-testSignVerify (struct GNUNET_CRYPTO_RsaPrivateKey *hostkey)
-{
- struct GNUNET_CRYPTO_RsaSignature sig;
- struct GNUNET_CRYPTO_RsaSignaturePurpose purp;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey;
- int i;
- struct GNUNET_TIME_Absolute start;
- int ok = GNUNET_OK;
-
- FPRINTF (stderr, "%s", "W");
- GNUNET_CRYPTO_rsa_key_get_public (hostkey, &pkey);
- start = GNUNET_TIME_absolute_get ();
- purp.size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose));
- purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
- for (i = 0; i < ITER; i++)
- {
- FPRINTF (stderr, "%s", ".");
- if (GNUNET_SYSERR == GNUNET_CRYPTO_rsa_sign (hostkey, &purp, &sig))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_sign returned SYSERR\n");
- ok = GNUNET_SYSERR;
- continue;
- }
- if (GNUNET_SYSERR ==
- GNUNET_CRYPTO_rsa_verify (GNUNET_SIGNATURE_PURPOSE_TEST, &purp, &sig,
- &pkey))
- {
- printf ("GNUNET_CRYPTO_rsa_verify failed!\n");
- ok = GNUNET_SYSERR;
- continue;
- }
- if (GNUNET_SYSERR !=
- GNUNET_CRYPTO_rsa_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN,
- &purp, &sig, &pkey))
- {
- printf ("GNUNET_CRYPTO_rsa_verify failed to fail!\n");
- ok = GNUNET_SYSERR;
- continue;
- }
- }
- printf ("%d RSA sign/verify operations %s\n",
- ITER,
- GNUNET_STRINGS_relative_time_to_string
(GNUNET_TIME_absolute_get_duration (start), GNUNET_YES));
- return ok;
-}
-
-
-int
-main (int argc, char *argv[])
-{
- int failureCount = 0;
- struct GNUNET_HashCode in;
- struct GNUNET_CRYPTO_RsaPrivateKey *hostkey;
-
- GNUNET_log_setup ("test-crypto-ksk", "WARNING", NULL);
- if (GNUNET_OK != testCorrectKey ())
- failureCount++;
- GNUNET_CRYPTO_hash_create_random (GNUNET_CRYPTO_QUALITY_WEAK, &in);
- hostkey = GNUNET_CRYPTO_rsa_key_create_from_hash (&in);
- if (hostkey == NULL)
- {
- printf ("\nGNUNET_CRYPTO_rsa_key_create_from_hash failed!\n");
- return 1;
- }
- if (GNUNET_OK != testMultiKey ("foo"))
- failureCount++;
- if (GNUNET_OK != testMultiKey ("bar"))
- failureCount++;
- if (GNUNET_OK != testEncryptDecrypt (hostkey))
- failureCount++;
- if (GNUNET_OK != testSignVerify (hostkey))
- failureCount++;
- GNUNET_CRYPTO_rsa_key_free (hostkey);
-
- if (failureCount != 0)
- {
- printf ("\n\n%d TESTS FAILED!\n\n", failureCount);
- return -1;
- }
- return 0;
-}
Deleted: gnunet/src/util/test_crypto_rsa.c
===================================================================
--- gnunet/src/util/test_crypto_rsa.c 2013-07-18 13:40:50 UTC (rev 28165)
+++ gnunet/src/util/test_crypto_rsa.c 2013-07-18 13:45:05 UTC (rev 28166)
@@ -1,352 +0,0 @@
-/*
- This file is part of GNUnet.
- (C) 2002, 2003, 2004, 2006, 2009 Christian Grothoff (and other
contributing authors)
-
- GNUnet is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published
- by the Free Software Foundation; either version 3, or (at your
- option) any later version.
-
- GNUnet is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with GNUnet; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- Boston, MA 02111-1307, USA.
-
-*/
-/**
- * @file util/test_crypto_rsa.c
- * @brief testcase for RSA public key crypto
- * @author Christian Grothoff
- */
-#include "platform.h"
-#include "gnunet_common.h"
-#include "gnunet_util_lib.h"
-#include "gnunet_signatures.h"
-
-#define TESTSTRING "Hello World\0"
-#define MAX_TESTVAL sizeof(struct GNUNET_CRYPTO_AesSessionKey)
-#define ITER 25
-#define KEYFILE "/tmp/test-gnunet-crypto-rsa.key"
-
-#define PERF GNUNET_YES
-
-static struct GNUNET_CRYPTO_RsaPrivateKey *key;
-
-
-static int
-testEncryptDecrypt ()
-{
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey;
- struct GNUNET_CRYPTO_RsaEncryptedData target;
- char result[MAX_TESTVAL];
- int i;
- struct GNUNET_TIME_Absolute start;
- int ok;
-
- FPRINTF (stderr, "%s", "W");
- GNUNET_CRYPTO_rsa_key_get_public (key, &pkey);
- ok = 0;
- start = GNUNET_TIME_absolute_get ();
- for (i = 0; i < ITER; i++)
- {
- FPRINTF (stderr, "%s", ".");
- if (GNUNET_SYSERR ==
- GNUNET_CRYPTO_rsa_encrypt (TESTSTRING, strlen (TESTSTRING) + 1, &pkey,
- &target))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_encrypt returned SYSERR\n");
- ok++;
- continue;
- }
- if (-1 ==
- GNUNET_CRYPTO_rsa_decrypt (key, &target, result,
- strlen (TESTSTRING) + 1))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_decrypt returned SYSERR\n");
- ok++;
- continue;
-
- }
- if (strncmp (TESTSTRING, result, strlen (TESTSTRING)) != 0)
- {
- printf ("%s != %.*s - testEncryptDecrypt failed!\n", TESTSTRING,
- (int) MAX_TESTVAL, result);
- ok++;
- continue;
- }
- }
- printf ("%d RSA encrypt/decrypt operations %s (%d failures)\n",
- ITER,
- GNUNET_STRINGS_relative_time_to_string
(GNUNET_TIME_absolute_get_duration (start), GNUNET_YES),
- ok);
- if (ok == 0)
- return GNUNET_OK;
- return GNUNET_SYSERR;
-}
-
-
-#if PERF
-static int
-testEncryptPerformance ()
-{
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey;
- struct GNUNET_CRYPTO_RsaEncryptedData target;
- int i;
- struct GNUNET_TIME_Absolute start;
- int ok;
-
- FPRINTF (stderr, "%s", "W");
- GNUNET_CRYPTO_rsa_key_get_public (key, &pkey);
- ok = 0;
- start = GNUNET_TIME_absolute_get ();
- for (i = 0; i < ITER; i++)
- {
- FPRINTF (stderr, "%s", ".");
- if (GNUNET_SYSERR ==
- GNUNET_CRYPTO_rsa_encrypt (TESTSTRING, strlen (TESTSTRING) + 1, &pkey,
- &target))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_encrypt returned SYSERR\n");
- ok++;
- continue;
- }
- }
- printf ("%d RSA encrypt operations %llu ms (%d failures)\n", ITER,
- (unsigned long long)
- GNUNET_TIME_absolute_get_duration (start).rel_value, ok);
- if (ok != 0)
- return GNUNET_SYSERR;
- return GNUNET_OK;
-}
-#endif
-
-static int
-testEncryptDecryptSK ()
-{
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey;
- struct GNUNET_CRYPTO_RsaEncryptedData target;
- struct GNUNET_CRYPTO_AesSessionKey insk;
- struct GNUNET_CRYPTO_AesSessionKey outsk;
- int i;
- struct GNUNET_TIME_Absolute start;
- int ok;
-
- FPRINTF (stderr, "%s", "W");
- GNUNET_CRYPTO_rsa_key_get_public (key, &pkey);
- ok = 0;
- start = GNUNET_TIME_absolute_get ();
- for (i = 0; i < ITER; i++)
- {
- FPRINTF (stderr, "%s", ".");
- GNUNET_CRYPTO_aes_create_session_key (&insk);
- if (GNUNET_SYSERR ==
- GNUNET_CRYPTO_rsa_encrypt (&insk,
- sizeof (struct GNUNET_CRYPTO_AesSessionKey),
- &pkey, &target))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_encrypt returned SYSERR\n");
- ok++;
- continue;
- }
- if (-1 ==
- GNUNET_CRYPTO_rsa_decrypt (key, &target, &outsk,
- sizeof (struct
GNUNET_CRYPTO_AesSessionKey)))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_decrypt returned SYSERR\n");
- ok++;
- continue;
- }
- if (0 !=
- memcmp (&insk, &outsk, sizeof (struct GNUNET_CRYPTO_AesSessionKey)))
- {
- printf ("testEncryptDecryptSK failed!\n");
- ok++;
- continue;
- }
- }
- printf ("%d RSA encrypt/decrypt SK operations %s (%d failures)\n",
- ITER,
- GNUNET_STRINGS_relative_time_to_string
(GNUNET_TIME_absolute_get_duration (start), GNUNET_YES),
- ok);
- if (ok != 0)
- return GNUNET_SYSERR;
- return GNUNET_OK;
-}
-
-
-static int
-testSignVerify ()
-{
- struct GNUNET_CRYPTO_RsaSignature sig;
- struct GNUNET_CRYPTO_RsaSignaturePurpose purp;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey;
- int i;
- struct GNUNET_TIME_Absolute start;
- int ok = GNUNET_OK;
-
- FPRINTF (stderr, "%s", "W");
- GNUNET_CRYPTO_rsa_key_get_public (key, &pkey);
- start = GNUNET_TIME_absolute_get ();
- purp.size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose));
- purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
-
- for (i = 0; i < ITER; i++)
- {
- FPRINTF (stderr, "%s", ".");
- if (GNUNET_SYSERR == GNUNET_CRYPTO_rsa_sign (key, &purp, &sig))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_sign returned SYSERR\n");
- ok = GNUNET_SYSERR;
- continue;
- }
- if (GNUNET_SYSERR ==
- GNUNET_CRYPTO_rsa_verify (GNUNET_SIGNATURE_PURPOSE_TEST, &purp, &sig,
- &pkey))
- {
- printf ("GNUNET_CRYPTO_rsa_verify failed!\n");
- ok = GNUNET_SYSERR;
- continue;
- }
- if (GNUNET_SYSERR !=
- GNUNET_CRYPTO_rsa_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN,
- &purp, &sig, &pkey))
- {
- printf ("GNUNET_CRYPTO_rsa_verify failed to fail!\n");
- ok = GNUNET_SYSERR;
- continue;
- }
- }
- printf ("%d RSA sign/verify operations %s\n", ITER,
- GNUNET_STRINGS_relative_time_to_string
(GNUNET_TIME_absolute_get_duration (start), GNUNET_YES));
- return ok;
-}
-
-
-#if PERF
-static int
-testSignPerformance ()
-{
- struct GNUNET_CRYPTO_RsaSignaturePurpose purp;
- struct GNUNET_CRYPTO_RsaSignature sig;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey;
- int i;
- struct GNUNET_TIME_Absolute start;
- int ok = GNUNET_OK;
-
- purp.size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose));
- purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
- FPRINTF (stderr, "%s", "W");
- GNUNET_CRYPTO_rsa_key_get_public (key, &pkey);
- start = GNUNET_TIME_absolute_get ();
- for (i = 0; i < ITER; i++)
- {
- FPRINTF (stderr, "%s", ".");
- if (GNUNET_SYSERR == GNUNET_CRYPTO_rsa_sign (key, &purp, &sig))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_sign returned SYSERR\n");
- ok = GNUNET_SYSERR;
- continue;
- }
- }
- printf ("%d RSA sign operations %llu ms\n", ITER,
- (unsigned long long)
- GNUNET_TIME_absolute_get_duration (start).rel_value);
- return ok;
-}
-#endif
-
-
-static int
-testCreateFromFile ()
-{
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded p1;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded p2;
-
- key = GNUNET_CRYPTO_rsa_key_create_from_file (KEYFILE);
- GNUNET_assert (NULL != key);
- GNUNET_CRYPTO_rsa_key_get_public (key, &p1);
- GNUNET_CRYPTO_rsa_key_free (key);
- key = GNUNET_CRYPTO_rsa_key_create_from_file (KEYFILE);
- GNUNET_assert (NULL != key);
- GNUNET_CRYPTO_rsa_key_get_public (key, &p2);
- GNUNET_assert (0 == memcmp (&p1, &p2, sizeof (p1)));
- GNUNET_CRYPTO_rsa_key_free (key);
- GNUNET_assert (0 == UNLINK (KEYFILE));
- key = GNUNET_CRYPTO_rsa_key_create_from_file (KEYFILE);
- GNUNET_assert (NULL != key);
- GNUNET_CRYPTO_rsa_key_get_public (key, &p2);
- GNUNET_assert (0 != memcmp (&p1, &p2, sizeof (p1)));
- return GNUNET_OK;
-}
-
-
-static void
-key_cont (void *cls,
- struct GNUNET_CRYPTO_RsaPrivateKey *pk,
- const char *emsg)
-{
- const char *txt = cls;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub1;
- struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub2;
-
- GNUNET_assert (0 == strcmp ("ok", txt));
- GNUNET_CRYPTO_rsa_key_get_public (pk, &pub1);
- GNUNET_CRYPTO_rsa_key_get_public (key, &pub2);
- GNUNET_assert (0 == memcmp (&pub1, &pub2,
- sizeof (pub1)));
- GNUNET_CRYPTO_rsa_key_free (pk);
-}
-
-
-static void
-test_async_creation (void *cls,
- const struct GNUNET_SCHEDULER_TaskContext *tc)
-{
- struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc;
-
- gc = GNUNET_CRYPTO_rsa_key_create_start (KEYFILE,
- &key_cont,
- (void*) "bug");
- GNUNET_CRYPTO_rsa_key_create_stop (gc);
- gc = GNUNET_CRYPTO_rsa_key_create_start (KEYFILE,
- &key_cont,
- (void*) "ok");
-}
-
-
-int
-main (int argc, char *argv[])
-{
- int failureCount = 0;
-
- GNUNET_log_setup ("test-crypto-rsa", "WARNING", NULL);
- if (GNUNET_OK != testCreateFromFile ())
- failureCount++;
- GNUNET_SCHEDULER_run (&test_async_creation, NULL);
-#if PERF
- if (GNUNET_OK != testEncryptPerformance ())
- failureCount++;
- if (GNUNET_OK != testSignPerformance ())
- failureCount++;
-#endif
- if (GNUNET_OK != testEncryptDecryptSK ())
- failureCount++;
- if (GNUNET_OK != testEncryptDecrypt ())
- failureCount++;
- if (GNUNET_OK != testSignVerify ())
- failureCount++;
- GNUNET_CRYPTO_rsa_key_free (key);
- GNUNET_assert (0 == UNLINK (KEYFILE));
-
- if (failureCount != 0)
- {
- printf ("\n\n%d TESTS FAILED!\n\n", failureCount);
- return -1;
- }
- return 0;
-} /* end of main */
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r28166 - in gnunet/src: core include mesh util,
gnunet <=