31#define LOG(kind, ...) GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__)
38#pragma GCC diagnostic push
39#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
47 static const char ctx_key[] =
"gns-aes-ctx-key";
48 static const char ctx_iv[] =
"gns-aes-ctx-iv";
51 ctx_key, strlen (ctx_key),
58 ctx_iv, strlen (ctx_iv),
63 memcpy (ctr + 4, &exp,
sizeof (exp));
76 static const char ctx_key[] =
"gns-xsalsa-ctx-key";
77 static const char ctx_iv[] =
"gns-xsalsa-ctx-iv";
80 key, crypto_secretbox_KEYBYTES,
81 ctx_key, strlen (ctx_key),
84 memset (nonce, 0, crypto_secretbox_NONCEBYTES);
87 nonce, (crypto_secretbox_NONCEBYTES -
sizeof (exp)),
88 ctx_iv, strlen (ctx_iv),
92 memcpy (&nonce->
nonce[crypto_secretbox_NONCEBYTES - sizeof (exp)],
108 size_t size = ntohl (block->
size) -
sizeof (*block) +
sizeof (*gnr_block);
111 ecblock = &(block)->ecdsa_block;
118 size -
sizeof (*gnr_block));
149 size_t size = ntohl (block->
size) -
sizeof (*block) +
sizeof (*gnr_block);
151 edblock = &(block)->eddsa_block;
157 size -
sizeof (*gnr_block));
187 switch (ntohl (
key->type))
227 const unsigned char *rdata,
245 ecblock = &(*block)->ecdsa_block;
290 const unsigned char *rdata,
306 + rdata_len + crypto_secretbox_MACBYTES);
308 + rdata_len + crypto_secretbox_MACBYTES);
310 edblock = &(*block)->eddsa_block;
321 (
unsigned char*) rdata,
353 const unsigned char *rdata,
373 if (0 != memcmp (&
line->key,
421 size_t payload_len = ntohl (block->
size)
425 if (ntohl (block->
size) <
438 switch (ntohl (block->
type))
472 size_t payload_len = ntohl (block->
size)
477 if (ntohl (block->
size) <
523 for (
unsigned int i = 0; i <
rd_count; i++)
536 for (
unsigned int k = 0; k <
rd_count; k++)
542 if ((
rd[k].record_type ==
rd[i].record_type) &&
548 "Ignoring shadow record\n");
573 "Excluding record that expired %s (%llu ago)\n",
575 (
unsigned long long)
rd[i].expiration_time
598 size_t payload_len = ntohl (block->
size)
604 if (ntohl (block->
size) <
623 (
unsigned char*) &block[1],
627 payload_len -= crypto_secretbox_MACBYTES;
653 for (
unsigned int i = 0; i <
rd_count; i++)
666 for (
unsigned int k = 0; k <
rd_count; k++)
672 if ((
rd[k].record_type ==
rd[i].record_type) &&
678 "Ignoring shadow record\n");
703 "Excluding record that expired %s (%llu ago)\n",
705 (
unsigned long long)
rd[i].expiration_time
720#pragma GCC diagnostic pop
740 switch (ntohl (zone->
type))
758#pragma GCC diagnostic push
759#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
771 switch (ntohl (
pub->type))
800#pragma GCC diagnostic pop
856 unsigned char *rdata,
869 unsigned char *rdata,
static enum GNUNET_GenericReturnValue block_sign_ecdsa(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, const char *label, struct GNUNET_GNSRECORD_Block *block)
static enum GNUNET_GenericReturnValue block_open_eddsa(void *cls, const char *label, const struct GNUNET_GNSRECORD_Block *block, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
static enum GNUNET_GenericReturnValue block_seal_not_implemented(void *cls, const char *label, struct GNUNET_TIME_Absolute expire, unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **result)
static enum GNUNET_GenericReturnValue block_create_ecdsa(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **block, int sign)
Sign name and records.
static enum GNUNET_GenericReturnValue block_seal(void *cls, const char *label, struct GNUNET_TIME_Absolute expire, unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **result)
static enum GNUNET_GenericReturnValue block_open_ecdsa(void *cls, const char *label, const struct GNUNET_GNSRECORD_Block *block, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
static enum GNUNET_GenericReturnValue block_create2(const struct GNUNET_CRYPTO_BlindablePrivateKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **result, int sign)
void GNR_derive_block_aes_key(unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
We disable deprecation warnings because we implement RFC9408/LSD0001 record types here.
static enum GNUNET_GenericReturnValue block_sign_eddsa(const struct GNUNET_CRYPTO_EddsaPrivateKey *key, const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, const char *label, struct GNUNET_GNSRECORD_Block *block)
static enum GNUNET_GenericReturnValue block_decrypt_eddsa(const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_EddsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
void GNR_derive_block_xsalsa_key(struct GNUNET_CRYPTO_XSalsa20Nonce *nonce, struct GNUNET_CRYPTO_XSalsa20SecretKey *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Derive session key and iv from label and public key.
static enum GNUNET_GenericReturnValue block_decrypt_ecdsa(const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_EcdsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
static enum GNUNET_GenericReturnValue block_create_eddsa(const struct GNUNET_CRYPTO_EddsaPrivateKey *key, const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **block, int sign)
Sign name and records (EDDSA version)
API for GNS record-related crypto.
#define GNUNET_GNSRECORD_TYPE_PKEY
WARNING: This header is generated! In order to add GNS record types, you must register them in GANA,...
#define GNUNET_GNSRECORD_TYPE_EDKEY
GNS zone delegation (EDKEY)
static int ret
Final status code.
static char * line
Desired phone line (string to be converted to a hash).
struct GNUNET_HashCode key
The key used in the DHT.
static char * expire
DID Document expiration Date Attribute String.
static char * pkey
Public key of the zone to look in, in ASCII.
static unsigned int rd_count
Number of records for currently parsed set.
static char * res
Currently read line or NULL on EOF.
static struct GNUNET_GNSRECORD_Data rd[50]
The record data under a single label.
static int result
Global testing status.
static struct GNUNET_CRYPTO_EddsaPublicKey pub
static unsigned long long payload
How much data are we currently storing in the database?
#define GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN
GNS record set signature (GNS)
void GNUNET_CRYPTO_ecdsa_public_key_derive(const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, const char *label, const char *context, struct GNUNET_CRYPTO_EcdsaPublicKey *result)
Derive a public key from a given public key and a label.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_verify_(uint32_t purpose, const struct GNUNET_CRYPTO_SignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Verify EdDSA signature.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
void GNUNET_CRYPTO_eddsa_public_key_derive(const struct GNUNET_CRYPTO_EddsaPublicKey *pub, const char *label, const char *context, struct GNUNET_CRYPTO_EddsaPublicKey *result)
Derive a public key from a given public key and a label.
void GNUNET_CRYPTO_aes_ctr(const void *in_buf, size_t in_buf_len, const unsigned char key[(256/8)], const unsigned char iv[(128/8)], void *out_buf)
Decrypt or encrypt a given block using a symmetric key using AES in counter mode.
void GNUNET_CRYPTO_ecdsa_key_get_public(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Derive key.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_xsalsa20poly1305_decrypt(size_t in_buf_len, const unsigned char in_buf[in_buf_len], const struct GNUNET_CRYPTO_XSalsa20SecretKey *key, const struct GNUNET_CRYPTO_XSalsa20Nonce *nonce, void *out_buf)
Encrypt the given data using XSalsa20-Poly1305.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_xsalsa20poly1305_encrypt(size_t in_buf_len, const unsigned char in_buf[in_buf_len], const struct GNUNET_CRYPTO_XSalsa20SecretKey *key, const struct GNUNET_CRYPTO_XSalsa20Nonce *nonce, void *out_buf)
Encrypt the given data using XSalsa20-Poly1305.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_verify_(uint32_t purpose, const struct GNUNET_CRYPTO_SignaturePurpose *validate, const struct GNUNET_CRYPTO_EcdsaSignature *sig, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Verify ECDSA signature.
void GNUNET_GNSRECORD_query_from_private_key(const struct GNUNET_CRYPTO_BlindablePrivateKey *zone, const char *label, struct GNUNET_HashCode *query)
Calculate the DHT query for a given label in a given zone.
#define GNUNET_GNSRECORD_MAX_BLOCK_SIZE
Maximum size of a value that can be stored in a GNS block.
int GNUNET_GNSRECORD_records_deserialize(size_t len, const char *src, unsigned int rd_count, struct GNUNET_GNSRECORD_Data *dest)
Deserialize the given records to the given destination.
void GNUNET_GNSRECORD_encryption_context_destroy(struct GNUNET_GNSRECORD_EncryptionContext *ec)
Cleanup and free the encryption context.
struct GNUNET_GNSRECORD_EncryptionContext * GNUNET_GNSRECORD_encryption_context_setup_resolver(const struct GNUNET_CRYPTO_BlindablePublicKey *zkey)
Create a new encryption context for a resolver.
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_verify(const struct GNUNET_GNSRECORD_Block *block)
Check if a signature is valid.
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_decrypt(const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_BlindablePublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
Decrypt block.
unsigned int GNUNET_GNSRECORD_records_deserialize_get_size(size_t len, const char *src)
void(* GNUNET_GNSRECORD_RecordCallback)(void *cls, unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Process a records that were decrypted from a block.
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_sign(const struct GNUNET_CRYPTO_BlindablePrivateKey *key, const char *label, struct GNUNET_GNSRECORD_Block *block)
Sign a block create with GNUNET_GNSRECORD_block_create_unsigned.
void GNUNET_GNSRECORD_query_from_public_key(const struct GNUNET_CRYPTO_BlindablePublicKey *pub, const char *label, struct GNUNET_HashCode *query)
Calculate the DHT query for a given label in a given zone.
struct GNUNET_GNSRECORD_EncryptionContext * GNUNET_GNSRECORD_encryption_context_setup_owner(const struct GNUNET_CRYPTO_BlindablePrivateKey *sk)
Create a new encryption context for the zone owner.
char * GNUNET_GNSRECORD_string_normalize(const char *src)
Normalize a UTF-8 string to a GNS name.
@ GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION
This expiration time of the record is a relative time (not an absolute time).
@ GNUNET_GNSRECORD_RF_SHADOW
This record should not be used unless all (other) records in the set with an absolute expiration time...
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
#define GNUNET_CRYPTO_hkdf_gnunet(result, out_len, xts, xts_len, skm, skm_len,...)
A peculiar HKDF instantiation that tried to mimic Truncated NMAC.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_blindable_key_get_public(const struct GNUNET_CRYPTO_BlindablePrivateKey *privkey, struct GNUNET_CRYPTO_BlindablePublicKey *key)
Retrieves the public key representation of a private key.
#define GNUNET_log(kind,...)
#define GNUNET_NZL(l)
Macro used to avoid using 0 for the length of a variable-size array (Non-Zero-Length).
#define GNUNET_CRYPTO_kdf_arg_string(d)
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_sign_derived(const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey, const char *label, const char *context, const struct GNUNET_CRYPTO_SignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
This is a signature function for ECDSA which takes a private key, derives/blinds it and signs the mes...
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_sign_derived(const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey, const char *label, const char *context, const struct GNUNET_CRYPTO_SignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
This is a signature function for EdDSA which takes a private key and derives it using the label and c...
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
ssize_t GNUNET_CRYPTO_blindable_sk_get_length(const struct GNUNET_CRYPTO_BlindablePrivateKey *key)
Get the compacted length of a GNUNET_CRYPTO_BlindablePrivateKey.
GNUNET_GenericReturnValue
Named constants for return values.
ssize_t GNUNET_CRYPTO_blindable_pk_get_length(const struct GNUNET_CRYPTO_BlindablePublicKey *key)
Get the compacted length of a GNUNET_CRYPTO_BlindablePublicKey.
@ GNUNET_PUBLIC_KEY_TYPE_EDDSA
EDDSA identity.
@ GNUNET_PUBLIC_KEY_TYPE_ECDSA
The identity type.
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur.
#define GNUNET_malloc(size)
Wrapper around malloc.
#define GNUNET_free(ptr)
Wrapper around free.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
const char * GNUNET_STRINGS_absolute_time_to_string(struct GNUNET_TIME_Absolute t)
Like asctime, except for GNUnet time.
static unsigned int size
Size of the "table".
struct GNUNET_CRYPTO_BlindablePrivateKey * sk
struct GNUNET_CRYPTO_BlindablePublicKey zkey
Information we have in an encrypted block with record data (i.e.
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
struct GNUNET_CRYPTO_SignaturePurpose purpose
Number of bytes signed; also specifies the number of bytes of encrypted data that follow.
A private key for an identity as per LSD0001.
uint32_t type
Type of public key.
An identity key as per LSD0001.
uint32_t type
Type of public key.
struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_key
An ECDSA identity key.
struct GNUNET_CRYPTO_EddsaPublicKey eddsa_key
AN EdDSA identtiy key.
Private ECC key encoded for transmission.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Private ECC key encoded for transmission.
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!...
unsigned char nonce[24]
Initialization vector.
uint32_t type
The zone type (GNUNET_GNSRECORD_TYPE_PKEY)
struct GNUNET_GNSRECORD_EcdsaBlock ecdsa_block
struct GNUNET_GNSRECORD_EddsaBlock eddsa_block
uint32_t size
Size of the block.
enum GNUNET_GNSRECORD_Flags flags
Flags for the record.
uint64_t expiration_time
Expiration time for the DNS record.
Information we have in an encrypted block with record data (i.e.
struct GNUNET_CRYPTO_EcdsaSignature signature
Signature of the block.
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
struct GNUNET_CRYPTO_EcdsaPublicKey derived_key
Derived key used for signing; hash of this is the query.
Information we have in an encrypted block with record data (i.e.
struct GNUNET_CRYPTO_EddsaPublicKey derived_key
Derived key used for signing; hash of this is the query.
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
struct GNUNET_CRYPTO_EddsaSignature signature
Signature of the block.
The GNSRECORD encryption context.
enum GNUNET_GenericReturnValue(* open)(void *cls, const char *label, const struct GNUNET_GNSRECORD_Block *block, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
Open a record set.
void * cls
Private data of the context.
enum GNUNET_GenericReturnValue(* seal)(void *cls, const char *label, struct GNUNET_TIME_Absolute expire, unsigned char *rdata, size_t rdata_len, struct GNUNET_GNSRECORD_Block **result)
Seal a record set.
uint64_t abs_value_us__
The actual value (in network byte order).
Time for absolute times used by GNUnet, in microseconds.
uint64_t abs_value_us
The actual value.
Line in cache mapping private keys to public keys.
struct GNUNET_CRYPTO_EcdsaPublicKey pkey
Associated public key.
struct GNUNET_CRYPTO_EcdsaPrivateKey key
A private key.
1.9.8