[gnunet] branch master updated: -export routine for path verification (u

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[gnunet] branch master updated: -export routine for path verification (u

From:	gnunet
Subject:	[gnunet] branch master updated: -export routine for path verification (untested)
Date:	Mon, 10 Jan 2022 10:43:09 +0100

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository gnunet.

The following commit(s) were added to refs/heads/master by this push:
     new 5982cb44b -export routine for path verification (untested)
5982cb44b is described below

commit 5982cb44ba9b28751b69a818d32afe2d2b99db1c
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Mon Jan 10 10:43:06 2022 +0100

    -export routine for path verification (untested)
---
 src/dht/dht_api.c                | 37 +++++++++++++++++++++++++++++++++++++
 src/include/gnunet_dht_service.h | 29 ++++++++++++++++++++++++++++-
 2 files changed, 65 insertions(+), 1 deletion(-)

diff --git a/src/dht/dht_api.c b/src/dht/dht_api.c
index 1ba2f7277..af3c7d685 100644
--- a/src/dht/dht_api.c
+++ b/src/dht/dht_api.c
@@ -28,6 +28,7 @@
 #include "platform.h"
 #include "gnunet_util_lib.h"
 #include "gnunet_constants.h"
+#include "gnunet_signatures.h"
 #include "gnunet_arm_service.h"
 #include "gnunet_hello_lib.h"
 #include "gnunet_protocols.h"
@@ -1189,7 +1190,43 @@ GNUNET_DHT_pp2s (const struct GNUNET_DHT_PathElement 
*path,
                             (i == path_len - 1) ? "" : "-");
   }
   return buf;
+}
+
 
+unsigned int
+GNUNET_DHT_verify_path (const struct GNUNET_HashCode *key,
+                        const void *data,
+                        size_t data_size,
+                        struct GNUNET_TIME_Absolute exp_time,
+                        const struct GNUNET_DHT_PathElement *path,
+                        unsigned int path_len,
+                        const struct GNUNET_PeerIdentity *me)
+{
+
+  struct GNUNET_DHT_HopSignature hs = {
+    .purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DHT_HOP),
+    .purpose.size = htonl (sizeof (hs)),
+    .expiration_time = GNUNET_TIME_absolute_hton (exp_time),
+    .key = *key,
+  };
+  unsigned int i = path_len - 1;
+
+  GNUNET_CRYPTO_hash (data,
+                      data_size,
+                      &hs.h_data);
+  while (i > 0)
+  {
+    hs.pred = path[i - 1].pred;
+    hs.succ = (path_len == i + 1) ? *me : path[i + 1].pred;
+    if (GNUNET_OK !=
+        GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_DHT_HOP,
+                                    &hs,
+                                    &path[i - 1].sig,
+                                    &path[i].pred.public_key))
+      return i;
+    i--;
+  }
+  return i;
 }
 
 
diff --git a/src/include/gnunet_dht_service.h b/src/include/gnunet_dht_service.h
index 7376dd5f4..5c365639a 100644
--- a/src/include/gnunet_dht_service.h
+++ b/src/include/gnunet_dht_service.h
@@ -473,7 +473,7 @@ GNUNET_DHT_monitor_stop (struct GNUNET_DHT_MonitorHandle 
*handle);
  * Convert a peer path to a human-readable string.
  *
  * @param path array of path elements to convert to a string
- * @param num_pids length of the @a pids array
+ * @param path_len length of the @a path array
  * @return string representing the array of @a pids
  */
 char *
@@ -481,6 +481,33 @@ GNUNET_DHT_pp2s (const struct GNUNET_DHT_PathElement *path,
                  unsigned int path_len);
 
 
+/**
+ * Verify signatures on a @a path, in reverse order (starting at
+ * the last element of the path).  Note that the last signature
+ * on the path is never verified as that is the slot where our
+ * peer (@a me) would need to sign.
+ *
+ * @param key key of the data (not necessarily the query hash)
+ * @param data payload (the block)
+ * @param data_size number of bytes in @a data
+ * @param exp_time expiration time of @a data
+ * @param path array of path elements to verify
+ * @param path_len length of the @a path array
+ * @param me our own peer identity (needed to verify the last element)
+ * @return 0 on success, otherwise the index of
+ *         the last path element that succeeded with verification;
+ *         @a path_len -1 if no signature was valid
+ */
+unsigned int
+GNUNET_DHT_verify_path (const struct GNUNET_HashCode *key,
+                        const void *data,
+                        size_t data_size,
+                        struct GNUNET_TIME_Absolute exp_time,
+                        const struct GNUNET_DHT_PathElement *path,
+                        unsigned int path_len,
+                        const struct GNUNET_PeerIdentity *me);
+
+
 #if 0                           /* keep Emacsens' auto-indent happy */
 {
 #endif

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[gnunet] branch master updated: -export routine for path verification (untested), gnunet <=

Prev by Date: [gnunet] branch master updated: add more information to ensure signatures are fresh and request-specific
Next by Date: [libmicrohttpd] 02/03: configure: detect unimplemented pipe2() on GNU/kFreeBSD
Previous by thread: [gnunet] branch master updated: add more information to ensure signatures are fresh and request-specific
Next by thread: [libmicrohttpd] branch master updated (0a76e006 -> a623db03)
Index(es):
- Date
- Thread