31#define LOG(kind, ...) GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__)
40 static const char ctx_key[] =
"gns-aes-ctx-key";
41 static const char ctx_iv[] =
"gns-aes-ctx-iv";
44 ctx_key, strlen (ctx_key),
51 ctx_iv, strlen (ctx_iv),
56 memcpy (ctr + 4, &exp,
sizeof (exp));
69 static const char ctx_key[] =
"gns-xsalsa-ctx-key";
70 static const char ctx_iv[] =
"gns-xsalsa-ctx-iv";
73 key, crypto_secretbox_KEYBYTES,
74 ctx_key, strlen (ctx_key),
77 memset (nonce, 0, crypto_secretbox_NONCEBYTES);
80 nonce, (crypto_secretbox_NONCEBYTES -
sizeof (exp)),
81 ctx_iv, strlen (ctx_iv),
85 memcpy (nonce + (crypto_secretbox_NONCEBYTES -
sizeof (exp)),
100 size_t size = ntohl (block->
size) -
sizeof (*block) +
sizeof (*gnr_block);
103 ecblock = &(block)->ecdsa_block;
110 size -
sizeof (*gnr_block));
141 size_t size = ntohl (block->
size) -
sizeof (*block) +
sizeof (*gnr_block);
143 edblock = &(block)->eddsa_block;
149 size -
sizeof (*gnr_block));
179 switch (ntohl (
key->type))
244 for (
unsigned int i = 0; i <
rd_count; i++)
252 rdc[i].
flags &= ~GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
268 ecblock = &(*block)->ecdsa_block;
321 unsigned char nonce[crypto_secretbox_NONCEBYTES];
322 unsigned char skey[crypto_secretbox_KEYBYTES];
338 for (
unsigned int i = 0; i <
rd_count; i++)
346 rdc[i].
flags &= ~GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
353 + payload_len + crypto_secretbox_MACBYTES);
355 + payload_len + crypto_secretbox_MACBYTES);
364 edblock = &(*block)->eddsa_block;
404 switch (ntohl (
key->type))
475 if (0 != memcmp (&
line->key,
561 size_t payload_len = ntohl (block->
size)
565 if (ntohl (block->
size) <
578 switch (ntohl (block->
type))
612 size_t payload_len = ntohl (block->
size)
617 if (ntohl (block->
size) <
663 for (
unsigned int i = 0; i <
rd_count; i++)
676 for (
unsigned int k = 0; k <
rd_count; k++)
682 if ((
rd[k].record_type ==
rd[i].record_type) &&
688 "Ignoring shadow record\n");
713 "Excluding record that expired %s (%llu ago)\n",
715 (
unsigned long long)
rd[i].expiration_time
738 size_t payload_len = ntohl (block->
size)
740 unsigned char nonce[crypto_secretbox_NONCEBYTES];
741 unsigned char key[crypto_secretbox_KEYBYTES];
743 if (ntohl (block->
size) <
762 (
unsigned char*) &block[1],
766 payload_len -= crypto_secretbox_MACBYTES;
792 for (
unsigned int i = 0; i <
rd_count; i++)
805 for (
unsigned int k = 0; k <
rd_count; k++)
811 if ((
rd[k].record_type ==
rd[i].record_type) &&
817 "Ignoring shadow record\n");
842 "Excluding record that expired %s (%llu ago)\n",
844 (
unsigned long long)
rd[i].expiration_time
877 switch (ntohl (zone->
type))
906 switch (ntohl (
pub->type))
1035 switch (ntohl (
sk->
type))
static enum GNUNET_GenericReturnValue block_seal_not_implemented(void *cls, const char *label, struct GNUNET_TIME_Absolute expire, unsigned int rd_count, const struct GNUNET_GNSRECORD_Data rd[rd_count], struct GNUNET_GNSRECORD_Block **result)
static enum GNUNET_GenericReturnValue block_seal(void *cls, const char *label, struct GNUNET_TIME_Absolute expire, unsigned int rd_count, const struct GNUNET_GNSRECORD_Data rd[rd_count], struct GNUNET_GNSRECORD_Block **result)
static enum GNUNET_GenericReturnValue block_sign_ecdsa(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, const char *label, struct GNUNET_GNSRECORD_Block *block)
static enum GNUNET_GenericReturnValue block_create2(const struct GNUNET_CRYPTO_BlindablePrivateKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count, struct GNUNET_GNSRECORD_Block **result, int sign)
static enum GNUNET_GenericReturnValue block_open_eddsa(void *cls, const char *label, const struct GNUNET_GNSRECORD_Block *block, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
void GNR_derive_block_xsalsa_key(unsigned char *nonce, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Derive session key and iv from label and public key.
static enum GNUNET_GenericReturnValue block_open_ecdsa(void *cls, const char *label, const struct GNUNET_GNSRECORD_Block *block, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
static enum GNUNET_GenericReturnValue block_create_ecdsa(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count, struct GNUNET_GNSRECORD_Block **block, int sign)
Sign name and records.
static enum GNUNET_GenericReturnValue block_create_eddsa(const struct GNUNET_CRYPTO_EddsaPrivateKey *key, const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count, struct GNUNET_GNSRECORD_Block **block, int sign)
Sign name and records (EDDSA version)
void GNR_derive_block_aes_key(unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Derive session key and iv from label and public key.
static enum GNUNET_GenericReturnValue block_sign_eddsa(const struct GNUNET_CRYPTO_EddsaPrivateKey *key, const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, const char *label, struct GNUNET_GNSRECORD_Block *block)
static enum GNUNET_GenericReturnValue block_decrypt_eddsa(const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_EddsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
static enum GNUNET_GenericReturnValue block_decrypt_ecdsa(const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_EcdsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
API for GNS record-related crypto.
#define GNUNET_GNSRECORD_TYPE_PKEY
WARNING: This header is generated! In order to add GNS record types, you must register them in GANA,...
#define GNUNET_GNSRECORD_TYPE_EDKEY
GNS zone delegation (EDKEY)
static int ret
Final status code.
static char * line
Desired phone line (string to be converted to a hash).
struct GNUNET_HashCode key
The key used in the DHT.
static char * expire
DID Document expiration Date Attribute String.
static char * pkey
Public key of the zone to look in, in ASCII.
static struct GNUNET_SCHEDULER_Task * t
Main task.
static unsigned int rd_count
Number of records for currently parsed set.
static char * res
Currently read line or NULL on EOF.
static struct GNUNET_GNSRECORD_Data rd[50]
The record data under a single label.
static int result
Global testing status.
static struct GNUNET_CRYPTO_EddsaPublicKey pub
static unsigned long long payload
How much data are we currently storing in the database?
#define GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN
GNS record set signature (GNS)
void GNUNET_CRYPTO_ecdsa_public_key_derive(const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, const char *label, const char *context, struct GNUNET_CRYPTO_EcdsaPublicKey *result)
Derive a public key from a given public key and a label.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_verify_(uint32_t purpose, const struct GNUNET_CRYPTO_SignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Verify EdDSA signature.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_xsalsa20poly1305_encrypt(size_t in_buf_len, const unsigned char in_buf[in_buf_len], const unsigned char key[crypto_secretbox_xsalsa20poly1305_KEYBYTES], const unsigned char nonce[crypto_secretbox_xsalsa20poly1305_NONCEBYTES], void *out_buf)
Encrypt the given data using XSalsa20-Poly1305.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_xsalsa20poly1305_decrypt(size_t in_buf_len, const unsigned char in_buf[in_buf_len], const unsigned char key[crypto_secretbox_xsalsa20poly1305_KEYBYTES], const unsigned char nonce[crypto_secretbox_xsalsa20poly1305_NONCEBYTES], void *out_buf)
Encrypt the given data using XSalsa20-Poly1305.
void GNUNET_CRYPTO_eddsa_public_key_derive(const struct GNUNET_CRYPTO_EddsaPublicKey *pub, const char *label, const char *context, struct GNUNET_CRYPTO_EddsaPublicKey *result)
Derive a public key from a given public key and a label.
void GNUNET_CRYPTO_aes_ctr(const void *in_buf, size_t in_buf_len, const unsigned char key[(256/8)], const unsigned char iv[(128/8)], void *out_buf)
Decrypt or encrypt a given block using a symmetric key using AES in counter mode.
void GNUNET_CRYPTO_ecdsa_key_get_public(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Derive key.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_verify_(uint32_t purpose, const struct GNUNET_CRYPTO_SignaturePurpose *validate, const struct GNUNET_CRYPTO_EcdsaSignature *sig, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Verify ECDSA signature.
void GNUNET_GNSRECORD_query_from_private_key(const struct GNUNET_CRYPTO_BlindablePrivateKey *zone, const char *label, struct GNUNET_HashCode *query)
Calculate the DHT query for a given label in a given zone.
#define GNUNET_GNSRECORD_MAX_BLOCK_SIZE
Maximum size of a value that can be stored in a GNS block.
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_create2(const struct GNUNET_CRYPTO_BlindablePrivateKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count, struct GNUNET_GNSRECORD_Block **result)
Sign name and records, cache derived public key (also keeps the private key in static memory,...
int GNUNET_GNSRECORD_records_deserialize(size_t len, const char *src, unsigned int rd_count, struct GNUNET_GNSRECORD_Data *dest)
Deserialize the given records to the given destination.
ssize_t GNUNET_GNSRECORD_records_serialize(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd, size_t dest_size, char *dest)
Serialize the given records to the given destination buffer.
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_create(const struct GNUNET_CRYPTO_BlindablePrivateKey *key, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count, struct GNUNET_GNSRECORD_Block **result)
Sign name and records.
void GNUNET_GNSRECORD_encryption_context_destroy(struct GNUNET_GNSRECORD_EncryptionContext *ec)
Cleanup and free the encryption context.
struct GNUNET_GNSRECORD_EncryptionContext * GNUNET_GNSRECORD_encryption_context_setup_resolver(const struct GNUNET_CRYPTO_BlindablePublicKey *zkey)
Create a new encryption context for a resolver.
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_verify(const struct GNUNET_GNSRECORD_Block *block)
Check if a signature is valid.
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_decrypt(const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_BlindablePublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
Decrypt block.
unsigned int GNUNET_GNSRECORD_records_deserialize_get_size(size_t len, const char *src)
void(* GNUNET_GNSRECORD_RecordCallback)(void *cls, unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Process a records that were decrypted from a block.
ssize_t GNUNET_GNSRECORD_records_get_size(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Calculate how many bytes we will need to serialize the given records.
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_sign(const struct GNUNET_CRYPTO_BlindablePrivateKey *key, const char *label, struct GNUNET_GNSRECORD_Block *block)
Sign a block create with GNUNET_GNSRECORD_block_create_unsigned.
void GNUNET_GNSRECORD_query_from_public_key(const struct GNUNET_CRYPTO_BlindablePublicKey *pub, const char *label, struct GNUNET_HashCode *query)
Calculate the DHT query for a given label in a given zone.
struct GNUNET_GNSRECORD_EncryptionContext * GNUNET_GNSRECORD_encryption_context_setup_owner(const struct GNUNET_CRYPTO_BlindablePrivateKey *sk)
Create a new encryption context for the zone owner.
char * GNUNET_GNSRECORD_string_normalize(const char *src)
Normalize a UTF-8 string to a GNS name.
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_create_unsigned(const struct GNUNET_CRYPTO_BlindablePrivateKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count, struct GNUNET_GNSRECORD_Block **result)
Create name and records but do not sign! Sign later with GNUNET_GNSRECORD_block_sign().
@ GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION
This expiration time of the record is a relative time (not an absolute time).
@ GNUNET_GNSRECORD_RF_SHADOW
This record should not be used unless all (other) records in the set with an absolute expiration time...
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
#define GNUNET_CRYPTO_hkdf_gnunet(result, out_len, xts, xts_len, skm, skm_len,...)
A peculiar HKDF instantiation that tried to mimic Truncated NMAC.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_blindable_key_get_public(const struct GNUNET_CRYPTO_BlindablePrivateKey *privkey, struct GNUNET_CRYPTO_BlindablePublicKey *key)
Retrieves the public key representation of a private key.
#define GNUNET_log(kind,...)
#define GNUNET_NZL(l)
Macro used to avoid using 0 for the length of a variable-size array (Non-Zero-Length).
#define GNUNET_CRYPTO_kdf_arg_string(d)
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_sign_derived(const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey, const char *label, const char *context, const struct GNUNET_CRYPTO_SignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
This is a signature function for ECDSA which takes a private key, derives/blinds it and signs the mes...
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_sign_derived(const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey, const char *label, const char *context, const struct GNUNET_CRYPTO_SignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
This is a signature function for EdDSA which takes a private key and derives it using the label and c...
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
ssize_t GNUNET_CRYPTO_blindable_sk_get_length(const struct GNUNET_CRYPTO_BlindablePrivateKey *key)
Get the compacted length of a GNUNET_CRYPTO_BlindablePrivateKey.
GNUNET_GenericReturnValue
Named constants for return values.
ssize_t GNUNET_CRYPTO_blindable_pk_get_length(const struct GNUNET_CRYPTO_BlindablePublicKey *key)
Get the compacted length of a GNUNET_CRYPTO_BlindablePublicKey.
@ GNUNET_PUBLIC_KEY_TYPE_EDDSA
EDDSA identity.
@ GNUNET_PUBLIC_KEY_TYPE_ECDSA
The identity type.
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur.
#define GNUNET_malloc(size)
Wrapper around malloc.
#define GNUNET_free(ptr)
Wrapper around free.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
const char * GNUNET_STRINGS_absolute_time_to_string(struct GNUNET_TIME_Absolute t)
Like asctime, except for GNUnet time.
static unsigned int size
Size of the "table".
struct GNUNET_CRYPTO_BlindablePrivateKey * sk
struct GNUNET_CRYPTO_BlindablePublicKey zkey
Information we have in an encrypted block with record data (i.e.
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
struct GNUNET_CRYPTO_SignaturePurpose purpose
Number of bytes signed; also specifies the number of bytes of encrypted data that follow.
A private key for an identity as per LSD0001.
uint32_t type
Type of public key.
An identity key as per LSD0001.
uint32_t type
Type of public key.
struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_key
An ECDSA identity key.
struct GNUNET_CRYPTO_EddsaPublicKey eddsa_key
AN EdDSA identtiy key.
Private ECC key encoded for transmission.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Private ECC key encoded for transmission.
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!...
uint32_t type
The zone type (GNUNET_GNSRECORD_TYPE_PKEY)
struct GNUNET_GNSRECORD_EcdsaBlock ecdsa_block
struct GNUNET_GNSRECORD_EddsaBlock eddsa_block
uint32_t size
Size of the block.
enum GNUNET_GNSRECORD_Flags flags
Flags for the record.
uint64_t expiration_time
Expiration time for the DNS record.
Information we have in an encrypted block with record data (i.e.
struct GNUNET_CRYPTO_EcdsaSignature signature
Signature of the block.
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
struct GNUNET_CRYPTO_EcdsaPublicKey derived_key
Derived key used for signing; hash of this is the query.
Information we have in an encrypted block with record data (i.e.
struct GNUNET_CRYPTO_EddsaPublicKey derived_key
Derived key used for signing; hash of this is the query.
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
struct GNUNET_CRYPTO_EddsaSignature signature
Signature of the block.
The GNSRECORD encryption context.
enum GNUNET_GenericReturnValue(* open)(void *cls, const char *label, const struct GNUNET_GNSRECORD_Block *block, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
Open a record set.
void * cls
Private data of the context.
enum GNUNET_GenericReturnValue(* seal)(void *cls, const char *label, struct GNUNET_TIME_Absolute expire, unsigned int rd_count, const struct GNUNET_GNSRECORD_Data rd[rd_count], struct GNUNET_GNSRECORD_Block **result)
Seal a record set.
uint64_t abs_value_us__
The actual value (in network byte order).
Time for absolute times used by GNUnet, in microseconds.
uint64_t abs_value_us
The actual value.
Time for relative time used by GNUnet, in microseconds.
Line in cache mapping private keys to public keys.
struct GNUNET_CRYPTO_EcdsaPublicKey pkey
Associated public key.
struct GNUNET_CRYPTO_EcdsaPrivateKey key
A private key.
1.9.8