[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] branch master updated: GNS: Fix revocation wire format
|
From: |
gnunet |
|
Subject: |
[gnunet] branch master updated: GNS: Fix revocation wire format |
|
Date: |
Tue, 01 Feb 2022 15:48:56 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new 816bab695 GNS: Fix revocation wire format
816bab695 is described below
commit 816bab695d6a7f4e359865e83b687d45ff66a2b1
Author: Martin Schanzenbach <schanzen@gnunet.org>
AuthorDate: Tue Feb 1 15:48:52 2022 +0100
GNS: Fix revocation wire format
---
src/identity/identity_api.c | 75 ++++++++++++++++++++++++++++++++++
src/include/gnunet_identity_service.h | 59 ++++++++++++++++++++++++++
src/revocation/gnunet-revocation-tvg.c | 23 +++++++++++
src/revocation/revocation_api.c | 20 ++++-----
4 files changed, 167 insertions(+), 10 deletions(-)
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c
index 4a7a69211..471569cb3 100644
--- a/src/identity/identity_api.c
+++ b/src/identity/identity_api.c
@@ -1062,6 +1062,25 @@ GNUNET_IDENTITY_signature_get_length (const struct
}
+ssize_t
+GNUNET_IDENTITY_signature_get_raw_length_by_type (uint32_t type)
+{
+ switch (ntohl (type))
+ {
+ case GNUNET_IDENTITY_TYPE_ECDSA:
+ return sizeof (struct GNUNET_CRYPTO_EcdsaSignature);
+ break;
+ case GNUNET_IDENTITY_TYPE_EDDSA:
+ return sizeof (struct GNUNET_CRYPTO_EddsaSignature);
+ break;
+ default:
+ GNUNET_break (0);
+ }
+ return -1;
+}
+
+
+
ssize_t
GNUNET_IDENTITY_read_signature_from_buffer (struct
GNUNET_IDENTITY_Signature *sig,
@@ -1099,6 +1118,31 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct
return length;
}
+enum GNUNET_GenericReturnValue
+GNUNET_IDENTITY_sign_raw_ (const struct
+ GNUNET_IDENTITY_PrivateKey *priv,
+ const struct
+ GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ unsigned char *sig)
+{
+ switch (ntohl (priv->type))
+ {
+ case GNUNET_IDENTITY_TYPE_ECDSA:
+ return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose,
+ (struct
GNUNET_CRYPTO_EcdsaSignature*)sig);
+ break;
+ case GNUNET_IDENTITY_TYPE_EDDSA:
+ return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose,
+ (struct
GNUNET_CRYPTO_EddsaSignature*)sig);
+ break;
+ default:
+ GNUNET_break (0);
+ }
+
+ return GNUNET_SYSERR;
+}
+
+
enum GNUNET_GenericReturnValue
GNUNET_IDENTITY_sign_ (const struct
@@ -1155,6 +1199,37 @@ GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
}
+enum GNUNET_GenericReturnValue
+GNUNET_IDENTITY_signature_verify_raw_ (uint32_t purpose,
+ const struct
+ GNUNET_CRYPTO_EccSignaturePurpose *
+ validate,
+ const unsigned char *sig,
+ const struct
+ GNUNET_IDENTITY_PublicKey *pub)
+{
+ switch (ntohl (pub->type))
+ {
+ case GNUNET_IDENTITY_TYPE_ECDSA:
+ return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate,
+ (struct
GNUNET_CRYPTO_EcdsaSignature*)sig,
+ &(pub->ecdsa_key));
+ break;
+ case GNUNET_IDENTITY_TYPE_EDDSA:
+ return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate,
+ (struct
GNUNET_CRYPTO_EddsaSignature*)sig,
+ &(pub->eddsa_key));
+ break;
+ default:
+ GNUNET_break (0);
+ }
+
+ return GNUNET_SYSERR;
+}
+
+
+
+
ssize_t
GNUNET_IDENTITY_encrypt (const void *block,
size_t size,
diff --git a/src/include/gnunet_identity_service.h
b/src/include/gnunet_identity_service.h
index b2a45577f..227c7f486 100644
--- a/src/include/gnunet_identity_service.h
+++ b/src/include/gnunet_identity_service.h
@@ -458,6 +458,21 @@ GNUNET_IDENTITY_signature_get_length (const struct
GNUNET_IDENTITY_Signature *sig);
+/**
+ * Get the compacted length of a signature by type.
+ * Compacted means that it returns the minimum number of bytes this
+ * signature is long, as opposed to the union structure inside
+ * #GNUNET_IDENTITY_Signature.
+ * Useful for compact serializations.
+ *
+ * @param sig the signature.
+ * @return -1 on error, else the compacted length of the signature.
+ */
+ssize_t
+GNUNET_IDENTITY_signature_get_raw_length_by_type (const uint32_t type);
+
+
+
/**
* Reads a #GNUNET_IDENTITY_Signature from a compact buffer.
* The buffer has to contain at least the compacted length of
@@ -516,6 +531,26 @@ GNUNET_IDENTITY_sign_ (const struct
GNUNET_CRYPTO_EccSignaturePurpose *purpose,
struct GNUNET_IDENTITY_Signature *sig);
+/**
+ * @brief Sign a given block.
+ *
+ * The @a purpose data is the beginning of the data of which the signature is
+ * to be created. The `size` field in @a purpose must correctly indicate the
+ * number of bytes of the data structure, including its header.
+ * The signature payload and length depends on the key type.
+ *
+ * @param priv private key to use for the signing
+ * @param purpose what to sign (size, purpose)
+ * @param[out] sig where to write the signature
+ * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_IDENTITY_sign_raw_ (const struct
+ GNUNET_IDENTITY_PrivateKey *priv,
+ const struct
+ GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ unsigned char *sig);
+
/**
* @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey.
@@ -566,6 +601,30 @@ GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
const struct
GNUNET_IDENTITY_PublicKey *pub);
+/**
+ * @brief Verify a given signature.
+ *
+ * The @a validate data is the beginning of the data of which the signature
+ * is to be verified. The `size` field in @a validate must correctly indicate
+ * the number of bytes of the data structure, including its header. If @a
+ * purpose does not match the purpose given in @a validate (the latter must be
+ * in big endian), signature verification fails.
+ *
+ * @param purpose what is the purpose that the signature should have?
+ * @param validate block to validate (size, purpose, data)
+ * @param sig signature that is being validated
+ * @param pub public key of the signer
+ * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_IDENTITY_signature_verify_raw_ (uint32_t purpose,
+ const struct
+ GNUNET_CRYPTO_EccSignaturePurpose *
+ validate,
+ const unsigned char *sig,
+ const struct
+ GNUNET_IDENTITY_PublicKey *pub);
+
/**
* @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey.
diff --git a/src/revocation/gnunet-revocation-tvg.c
b/src/revocation/gnunet-revocation-tvg.c
index 0838cecc4..f1d4b0334 100644
--- a/src/revocation/gnunet-revocation-tvg.c
+++ b/src/revocation/gnunet-revocation-tvg.c
@@ -34,6 +34,28 @@
#define TEST_EPOCHS 2
#define TEST_DIFFICULTY 5
+static char* d_pkey =
+"6fea32c05af58bfa979553d188605fd57d8bf9cc263b78d5f7478c07b998ed70";
+
+int parsehex(char *src, char *dst, size_t dstlen, int invert)
+{
+ char *line = src;
+ char *data = line;
+ int off;
+ int read_byte;
+ int data_len = 0;
+
+ while (sscanf(data, " %02x%n", &read_byte, &off) == 1) {
+ if (invert)
+ dst[dstlen - 1 - data_len++] = read_byte;
+ else
+ dst[data_len++] = read_byte;
+ data += off;
+ }
+ return data_len;
+}
+
+
static void
print_bytes_ (void *buf,
size_t buf_len,
@@ -87,6 +109,7 @@ run (void *cls,
id_priv.type = htonl (GNUNET_IDENTITY_TYPE_ECDSA);
GNUNET_CRYPTO_ecdsa_key_create (&id_priv.ecdsa_key);
+ parsehex(d_pkey,(char*)&id_priv.ecdsa_key, sizeof (id_priv.ecdsa_key), 1);
GNUNET_IDENTITY_key_get_public (&id_priv,
&id_pub);
GNUNET_STRINGS_data_to_string (&id_pub,
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c
index d5bd53e56..8f05b88fd 100644
--- a/src/revocation/revocation_api.c
+++ b/src/revocation/revocation_api.c
@@ -410,7 +410,7 @@ check_signature_identity (const struct
GNUNET_REVOCATION_PowP *pow,
const struct GNUNET_IDENTITY_PublicKey *key)
{
struct GNUNET_REVOCATION_SignaturePurposePS *spurp;
- struct GNUNET_IDENTITY_Signature *sig;
+ unsigned char *sig;
const struct GNUNET_IDENTITY_PublicKey *pk;
size_t ksize;
@@ -427,12 +427,12 @@ check_signature_identity (const struct
GNUNET_REVOCATION_PowP *pow,
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Expected signature payload len: %u\n",
ntohl (spurp->purpose.size));
- sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize);
+ sig = ((unsigned char*) &pow[1] + ksize);
if (GNUNET_OK !=
- GNUNET_IDENTITY_signature_verify_ (GNUNET_SIGNATURE_PURPOSE_REVOCATION,
- &spurp->purpose,
- sig,
- key))
+ GNUNET_IDENTITY_signature_verify_raw_
(GNUNET_SIGNATURE_PURPOSE_REVOCATION,
+ &spurp->purpose,
+ sig,
+ key))
{
return GNUNET_SYSERR;
}
@@ -588,9 +588,9 @@ sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey
*key,
((char*) &rp[1]),
ksize);
sig = ((char*) &pow[1]) + ksize;
- int result = GNUNET_IDENTITY_sign_ (key,
- &rp->purpose,
- (void*) sig);
+ int result = GNUNET_IDENTITY_sign_raw_ (key,
+ &rp->purpose,
+ (void*) sig);
if (result == GNUNET_SYSERR)
return GNUNET_NO;
else
@@ -768,7 +768,7 @@ GNUNET_REVOCATION_proof_get_size (const struct
GNUNET_REVOCATION_PowP *pow)
ksize = GNUNET_IDENTITY_key_get_length (pk);
size += ksize;
sig = (struct GNUNET_IDENTITY_Signature *) ((char*) &pow[1] + ksize);
- size += GNUNET_IDENTITY_signature_get_length (sig);
+ size += GNUNET_IDENTITY_signature_get_raw_length_by_type (pk->type);
return size;
}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [gnunet] branch master updated: GNS: Fix revocation wire format,
gnunet <=