[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] 03/07: - more fixes towards crypto agility
From: |
gnunet |
Subject: |
[gnunet] 03/07: - more fixes towards crypto agility |
Date: |
Thu, 15 Oct 2020 12:18:57 +0200 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
commit dba32dc385bf922c7cd91eecc209e1a37b96c137
Author: Martin Schanzenbach <mschanzenbach@posteo.de>
AuthorDate: Wed Oct 14 23:57:25 2020 +0200
- more fixes towards crypto agility
---
src/gns/gns_tld_api.c | 4 +
src/gns/gnunet-service-gns_resolver.c | 36 ++++-----
src/gns/plugin_block_gns.c | 12 ++-
src/gns/plugin_gnsrecord_gns.c | 10 ++-
src/gns/test_gns_dht_lookup.sh | 1 +
src/gnsrecord/gnsrecord_misc.c | 17 +++++
src/identity/identity_api.c | 88 ++++++++++------------
src/include/gnunet_gnsrecord_lib.h | 3 +
src/zonemaster/gnunet-service-zonemaster-monitor.c | 8 +-
src/zonemaster/gnunet-service-zonemaster.c | 8 +-
10 files changed, 98 insertions(+), 89 deletions(-)
diff --git a/src/gns/gns_tld_api.c b/src/gns/gns_tld_api.c
index 3eab6c109..b883662ad 100644
--- a/src/gns/gns_tld_api.c
+++ b/src/gns/gns_tld_api.c
@@ -263,6 +263,8 @@ GNUNET_GNS_lookup_with_tld (struct GNUNET_GNS_Handle
*handle,
if (GNUNET_OK ==
GNUNET_IDENTITY_public_key_from_string (tld, &pkey))
{
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "`%s' seems to be a valid zone key\n", tld);
eat_tld (ltr->name, tld);
lookup_with_public_key (ltr, &pkey);
return ltr;
@@ -303,6 +305,8 @@ GNUNET_GNS_lookup_with_tld (struct GNUNET_GNS_Handle
*handle,
}
GNUNET_free (dot_tld);
}
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "`%s' should be a valid ego\n", ltr->name);
ltr->id_co =
GNUNET_IDENTITY_ego_lookup_by_suffix (ltr->gns_handle->cfg,
ltr->name,
diff --git a/src/gns/gnunet-service-gns_resolver.c
b/src/gns/gnunet-service-gns_resolver.c
index b34402f81..09b7a0a85 100644
--- a/src/gns/gnunet-service-gns_resolver.c
+++ b/src/gns/gnunet-service-gns_resolver.c
@@ -1709,9 +1709,8 @@ recursive_pkey_resolution (struct GNS_ResolverHandle *rh,
ac = GNUNET_new (struct AuthorityChain);
ac->rh = rh;
ac->gns_authority = GNUNET_YES;
- GNUNET_memcpy (&ac->authority_info.gns_authority,
- rd->data,
- sizeof(struct GNUNET_IDENTITY_PublicKey));
+ GNUNET_GNSRECORD_record_to_identity_key (rd,
+ &ac->authority_info.gns_authority);
ac->label = resolver_lookup_get_next_label (rh);
/* add AC to tail */
GNUNET_CONTAINER_DLL_insert_tail (rh->ac_head,
@@ -2258,16 +2257,11 @@ handle_gns_resolution_result (void *cls,
case GNUNET_GNSRECORD_TYPE_PKEY:
{
- struct GNUNET_IDENTITY_PublicKey pub;
-
- if (rd[i].data_size != sizeof(struct GNUNET_IDENTITY_PublicKey))
+ if (rd[i].data_size != sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey))
{
GNUNET_break_op (0);
break;
}
- GNUNET_memcpy (&pub,
- rd[i].data,
- rd[i].data_size);
rd_off++;
if (GNUNET_GNSRECORD_TYPE_PKEY != rh->record_type)
{
@@ -2277,7 +2271,8 @@ handle_gns_resolution_result (void *cls,
ac = GNUNET_new (struct AuthorityChain);
ac->rh = rh;
ac->gns_authority = GNUNET_YES;
- ac->authority_info.gns_authority = pub;
+ GNUNET_GNSRECORD_record_to_identity_key (&rd[i],
+
&ac->authority_info.gns_authority);
ac->label = GNUNET_strdup (GNUNET_GNS_EMPTY_LABEL_AT);
GNUNET_CONTAINER_DLL_insert_tail (rh->ac_head,
rh->ac_tail,
@@ -2469,10 +2464,7 @@ handle_dht_response (void *cls,
return;
}
block = data;
- if (size !=
- ntohl (block->purpose.size)
- + sizeof(struct GNUNET_IDENTITY_PublicKey)
- + sizeof(struct GNUNET_CRYPTO_EcdsaSignature))
+ if (size != GNUNET_GNSRECORD_block_get_size (block))
{
/* how did this pass DHT block validation!? */
GNUNET_break (0);
@@ -2480,8 +2472,8 @@ handle_dht_response (void *cls,
return;
}
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Decrypting DHT block of size %u for `%s', expires %s\n",
- ntohl (block->purpose.size),
+ "Decrypting DHT block of size %lu for `%s', expires %s\n",
+ GNUNET_GNSRECORD_block_get_size (block),
rh->name,
GNUNET_STRINGS_absolute_time_to_string (exp));
if (GNUNET_OK !=
@@ -2495,8 +2487,8 @@ handle_dht_response (void *cls,
fail_resolution (rh);
return;
}
- if (0 == GNUNET_TIME_absolute_get_remaining (GNUNET_TIME_absolute_ntoh (
- block->expiration_time)).
+ if (0 == GNUNET_TIME_absolute_get_remaining (
+ GNUNET_GNSRECORD_block_get_expiration (block)).
rel_value_us)
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -2604,8 +2596,8 @@ handle_namecache_block_response (void *cls,
((GNUNET_GNS_LO_LOCAL_MASTER == rh->options) &&
(ac != rh->ac_head))) &&
((NULL == block) ||
- (0 == GNUNET_TIME_absolute_get_remaining (GNUNET_TIME_absolute_ntoh (
- block->expiration_time)).
+ (0 == GNUNET_TIME_absolute_get_remaining (
+ GNUNET_GNSRECORD_block_get_expiration (block)).
rel_value_us)))
{
/* namecache knows nothing; try DHT lookup */
@@ -2622,8 +2614,8 @@ handle_namecache_block_response (void *cls,
}
if ((NULL == block) ||
- (0 == GNUNET_TIME_absolute_get_remaining (GNUNET_TIME_absolute_ntoh (
- block->expiration_time)).
+ (0 == GNUNET_TIME_absolute_get_remaining (
+ GNUNET_GNSRECORD_block_get_expiration (block)).
rel_value_us))
{
/* DHT not permitted and no local result, fail */
diff --git a/src/gns/plugin_block_gns.c b/src/gns/plugin_block_gns.c
index 64390c5a0..9b58c9034 100644
--- a/src/gns/plugin_block_gns.c
+++ b/src/gns/plugin_block_gns.c
@@ -145,14 +145,13 @@ block_plugin_gns_evaluate (void *cls,
return GNUNET_BLOCK_EVALUATION_RESULT_INVALID;
}
block = reply_block;
- if (ntohl (block->purpose.size) >= reply_block_size)
+ if (GNUNET_GNSRECORD_block_get_size (block) > reply_block_size)
{
GNUNET_break_op (0);
return GNUNET_BLOCK_EVALUATION_RESULT_INVALID;
}
- GNUNET_CRYPTO_hash (&block->derived_key,
- sizeof(block->derived_key),
- &h);
+ GNUNET_GNSRECORD_query_from_block (block,
+ &h);
if (0 != GNUNET_memcmp (&h, query))
{
GNUNET_break_op (0);
@@ -203,9 +202,8 @@ block_plugin_gns_get_key (void *cls,
return GNUNET_BLOCK_EVALUATION_RESULT_INVALID;
}
block = reply_block;
- GNUNET_CRYPTO_hash (&block->derived_key,
- sizeof(block->derived_key),
- key);
+ GNUNET_GNSRECORD_query_from_block (block,
+ key);
return GNUNET_OK;
}
diff --git a/src/gns/plugin_gnsrecord_gns.c b/src/gns/plugin_gnsrecord_gns.c
index 81f2b9eff..0bd1d047f 100644
--- a/src/gns/plugin_gnsrecord_gns.c
+++ b/src/gns/plugin_gnsrecord_gns.c
@@ -50,13 +50,16 @@ gns_value_to_string (void *cls,
size_t data_size)
{
const char *cdata;
+ struct GNUNET_IDENTITY_PublicKey pk;
switch (type)
{
case GNUNET_GNSRECORD_TYPE_PKEY:
if (data_size != sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey))
return NULL;
- return GNUNET_CRYPTO_ecdsa_public_key_to_string (data);
+ pk.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY);
+ memcpy (&pk.ecdsa_key, data, sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
+ return GNUNET_IDENTITY_public_key_to_string (&pk);
case GNUNET_GNSRECORD_TYPE_NICK:
return GNUNET_strndup (data, data_size);
@@ -154,6 +157,7 @@ gns_string_to_value (void *cls,
size_t *data_size)
{
struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
+ struct GNUNET_IDENTITY_PublicKey pk;
if (NULL == s)
return GNUNET_SYSERR;
@@ -161,7 +165,7 @@ gns_string_to_value (void *cls,
{
case GNUNET_GNSRECORD_TYPE_PKEY:
if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdsa_public_key_from_string (s, strlen (s), &pkey))
+ GNUNET_IDENTITY_public_key_from_string (s, &pk))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
_ ("Unable to parse PKEY record `%s'\n"),
@@ -169,7 +173,7 @@ gns_string_to_value (void *cls,
return GNUNET_SYSERR;
}
*data = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
- GNUNET_memcpy (*data, &pkey, sizeof(pkey));
+ GNUNET_memcpy (*data, &pk.ecdsa_key, sizeof(pkey));
*data_size = sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey);
return GNUNET_OK;
diff --git a/src/gns/test_gns_dht_lookup.sh b/src/gns/test_gns_dht_lookup.sh
index d5516fd03..8d446c507 100755
--- a/src/gns/test_gns_dht_lookup.sh
+++ b/src/gns/test_gns_dht_lookup.sh
@@ -26,6 +26,7 @@ gnunet-arm -i datastore -c test_gns_lookup.conf
gnunet-identity -C $OTHER_EGO -c test_gns_lookup.conf
DELEGATED_PKEY=$(gnunet-identity -d -c test_gns_lookup.conf | grep $OTHER_EGO
| awk '{print $3}')
gnunet-identity -C $MY_EGO -c test_gns_lookup.conf
+echo "MYEGO: $MY_EGO OTHER_EGO: $DELEGATED_PKEY"
gnunet-namestore -p -z $MY_EGO -a -n b -t PKEY -V $DELEGATED_PKEY -e never -c
test_gns_lookup.conf
#This works
gnunet-namestore -p -z $OTHER_EGO -a -n www -t A -V $TEST_IP -e never -c
test_gns_lookup.conf
diff --git a/src/gnsrecord/gnsrecord_misc.c b/src/gnsrecord/gnsrecord_misc.c
index baf13e963..cfe310422 100644
--- a/src/gnsrecord/gnsrecord_misc.c
+++ b/src/gnsrecord/gnsrecord_misc.c
@@ -325,5 +325,22 @@ GNUNET_GNSRECORD_query_from_block (const struct
GNUNET_GNSRECORD_Block *block,
}
+enum GNUNET_GenericReturnValue
+GNUNET_GNSRECORD_record_to_identity_key (const struct GNUNET_GNSRECORD_Data
*rd,
+ struct GNUNET_IDENTITY_PublicKey *key)
+{
+ switch (ntohl (rd->record_type))
+ {
+ case GNUNET_GNSRECORD_TYPE_PKEY:
+ key->type = htonl (rd->record_type);
+ memcpy (&key->ecdsa_key, rd->data, sizeof (key->ecdsa_key));
+ return GNUNET_OK;
+ default:
+ return GNUNET_SYSERR;
+ }
+ return GNUNET_SYSERR;
+
+
+}
/* end of gnsrecord_misc.c */
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c
index 63fa4b919..213b6966e 100644
--- a/src/identity/identity_api.c
+++ b/src/identity/identity_api.c
@@ -953,6 +953,24 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle
*h)
GNUNET_free (h);
}
+ssize_t
+private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key)
+{
+ switch (ntohl (key->type))
+ {
+ case GNUNET_IDENTITY_TYPE_ECDSA:
+ return sizeof (key->type) + sizeof (key->ecdsa_key);
+ break;
+ case GNUNET_IDENTITY_TYPE_EDDSA:
+ return sizeof (key->type) + sizeof (key->eddsa_key);
+ break;
+ default:
+ GNUNET_break (0);
+ }
+ return -1;
+}
+
+
ssize_t
GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key)
@@ -976,13 +994,9 @@ char *
GNUNET_IDENTITY_public_key_to_string (const struct
GNUNET_IDENTITY_PublicKey *key)
{
- size_t size = 0;
- char *res;
- size = GNUNET_IDENTITY_key_get_length (key);
- GNUNET_STRINGS_base64_encode (key,
- size,
- &res);
- return res;
+ size_t size = GNUNET_IDENTITY_key_get_length (key);
+ return GNUNET_STRINGS_data_to_string_alloc (key,
+ size);
}
@@ -990,22 +1004,9 @@ char *
GNUNET_IDENTITY_private_key_to_string (const struct
GNUNET_IDENTITY_PrivateKey *key)
{
- size_t size = 0;
- char *res;
- size += sizeof (key->type);
- switch (ntohl (key->type))
- {
- case GNUNET_IDENTITY_TYPE_ECDSA:
- size += sizeof (key->ecdsa_key);
- break;
- case GNUNET_IDENTITY_TYPE_EDDSA:
- size += sizeof (key->eddsa_key);
- break;
- }
- size = GNUNET_STRINGS_base64_encode (key,
- size,
- &res);
- return res;
+ size_t size = private_key_get_length (key);
+ return GNUNET_STRINGS_data_to_string_alloc (key,
+ size);
}
@@ -1013,20 +1014,17 @@ enum GNUNET_GenericReturnValue
GNUNET_IDENTITY_public_key_from_string (const char *str,
struct GNUNET_IDENTITY_PublicKey *key)
{
- char *data = NULL;
- size_t size;
-
- size = GNUNET_STRINGS_base64_decode (str,
+ enum GNUNET_GenericReturnValue ret;
+ enum GNUNET_IDENTITY_KeyType ktype;
+ ret = GNUNET_STRINGS_string_to_data (str,
strlen (str),
- (void*) &data);
- if ((NULL == data) ||
- (size > sizeof (*key)))
- {
- GNUNET_free (data);
+ key,
+ sizeof (*key));
+ if (GNUNET_OK != ret)
return GNUNET_SYSERR;
- }
- memcpy (key, data, size);
- return GNUNET_OK;
+ ktype = ntohl (key->type);
+ return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR;
//FIXME other keys, cleaner way?
+
}
@@ -1034,20 +1032,16 @@ enum GNUNET_GenericReturnValue
GNUNET_IDENTITY_private_key_from_string (const char *str,
struct GNUNET_IDENTITY_PrivateKey
*key)
{
- char *data = NULL;
- size_t size;
-
- size = GNUNET_STRINGS_base64_decode (str,
+ enum GNUNET_GenericReturnValue ret;
+ enum GNUNET_IDENTITY_KeyType ktype;
+ ret = GNUNET_STRINGS_string_to_data (str,
strlen (str),
- (void*) &data);
- if ((NULL == data) ||
- (size > sizeof (*key)))
- {
- GNUNET_free (data);
+ key,
+ sizeof (*key));
+ if (GNUNET_OK != ret)
return GNUNET_SYSERR;
- }
- memcpy (key, data, size);
- return GNUNET_OK;
+ ktype = ntohl (key->type);
+ return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR;
//FIXME other keys, cleaner way?
}
diff --git a/src/include/gnunet_gnsrecord_lib.h
b/src/include/gnunet_gnsrecord_lib.h
index 20d8e2517..559208689 100644
--- a/src/include/gnunet_gnsrecord_lib.h
+++ b/src/include/gnunet_gnsrecord_lib.h
@@ -672,6 +672,9 @@ enum GNUNET_GenericReturnValue
GNUNET_GNSRECORD_query_from_block (const struct GNUNET_GNSRECORD_Block *block,
struct GNUNET_HashCode *query);
+enum GNUNET_GenericReturnValue
+GNUNET_GNSRECORD_record_to_identity_key (const struct GNUNET_GNSRECORD_Data
*rd,
+ struct GNUNET_IDENTITY_PublicKey
*key);
#if 0 /* keep Emacsens' auto-indent happy */
{
diff --git a/src/zonemaster/gnunet-service-zonemaster-monitor.c
b/src/zonemaster/gnunet-service-zonemaster-monitor.c
index 4a368048e..c6dd2b6ca 100644
--- a/src/zonemaster/gnunet-service-zonemaster-monitor.c
+++ b/src/zonemaster/gnunet-service-zonemaster-monitor.c
@@ -240,7 +240,7 @@ convert_records_for_export (const struct
GNUNET_GNSRECORD_Data *rd,
* @return DHT PUT handle, NULL on error
*/
static struct GNUNET_DHT_PutHandle *
-perform_dht_put (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
+perform_dht_put (const struct GNUNET_IDENTITY_PrivateKey *key,
const char *label,
const struct GNUNET_GNSRECORD_Data *rd_public,
unsigned int rd_public_count,
@@ -271,9 +271,7 @@ perform_dht_put (const struct GNUNET_CRYPTO_EcdsaPrivateKey
*key,
GNUNET_break (0);
return NULL; /* whoops */
}
- block_size = ntohl (block->purpose.size)
- + sizeof(struct GNUNET_CRYPTO_EcdsaSignature)
- + sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey);
+ block_size = GNUNET_GNSRECORD_block_get_size (block);
GNUNET_GNSRECORD_query_from_private_key (key,
label,
&query);
@@ -314,7 +312,7 @@ perform_dht_put (const struct GNUNET_CRYPTO_EcdsaPrivateKey
*key,
*/
static void
handle_monitor_event (void *cls,
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
+ const struct GNUNET_IDENTITY_PrivateKey *zone,
const char *label,
unsigned int rd_count,
const struct GNUNET_GNSRECORD_Data *rd)
diff --git a/src/zonemaster/gnunet-service-zonemaster.c
b/src/zonemaster/gnunet-service-zonemaster.c
index c5aab8d92..11fa9921d 100644
--- a/src/zonemaster/gnunet-service-zonemaster.c
+++ b/src/zonemaster/gnunet-service-zonemaster.c
@@ -579,7 +579,7 @@ convert_records_for_export (const struct
GNUNET_GNSRECORD_Data *rd,
* @return DHT PUT handle, NULL on error
*/
static struct GNUNET_DHT_PutHandle *
-perform_dht_put (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
+perform_dht_put (const struct GNUNET_IDENTITY_PrivateKey *key,
const char *label,
const struct GNUNET_GNSRECORD_Data *rd_public,
unsigned int rd_public_count,
@@ -610,9 +610,7 @@ perform_dht_put (const struct GNUNET_CRYPTO_EcdsaPrivateKey
*key,
GNUNET_break (0);
return NULL; /* whoops */
}
- block_size = ntohl (block->purpose.size)
- + sizeof(struct GNUNET_CRYPTO_EcdsaSignature)
- + sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey);
+ block_size = GNUNET_GNSRECORD_block_get_size (block);
GNUNET_GNSRECORD_query_from_private_key (key,
label,
&query);
@@ -725,7 +723,7 @@ zone_iteration_finished (void *cls)
*/
static void
put_gns_record (void *cls,
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
+ const struct GNUNET_IDENTITY_PrivateKey *key,
const char *label,
unsigned int rd_count,
const struct GNUNET_GNSRECORD_Data *rd)
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [gnunet] branch master updated (c14e3a276 -> 2014568d4), gnunet, 2020/10/15
- [gnunet] 02/07: - better wire format for rrblocks, gnunet, 2020/10/15
- [gnunet] 04/07: - fix gns, gnunet, 2020/10/15
- [gnunet] 03/07: - more fixes towards crypto agility,
gnunet <=
- [gnunet] 06/07: - fix revocation, gnunet, 2020/10/15
- [gnunet] 07/07: - fix dependency changes, gnunet, 2020/10/15
- [gnunet] 01/07: - towards crypto agility; wip, gnunet, 2020/10/15
- [gnunet] 05/07: - towards fix reclaim, gnunet, 2020/10/15