2 This file is part of GNUnet
3 (C) 2003, 2004, 2005, 2006, 2007, 2008, 2013 Christian Grothoff (and other contributing authors)
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 2, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
21 * @file util/pseudonym.c
22 * @brief helper functions
23 * @author Christian Grothoff
26 * - all cryptographic operations are currently NOT implemented and
27 * provided by stubs that merely pretend to work!
30 #include "gnunet_common.h"
31 #include "gnunet_container_lib.h"
32 #include "gnunet_disk_lib.h"
33 #include "gnunet_pseudonym_lib.h"
34 #include "gnunet_bio_lib.h"
37 #define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__)
39 #define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", syscall)
41 #define LOG_STRERROR_FILE(kind,syscall,filename) GNUNET_log_from_strerror_file (kind, "util", syscall, filename)
44 * Log an error message at log-level 'level' that indicates
45 * a failure of the command 'cmd' with the message given
46 * by gcry_strerror(rc).
48 #define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0);
51 * Name of the directory which stores meta data for pseudonym
53 #define PS_METADATA_DIR DIR_SEPARATOR_STR "data" DIR_SEPARATOR_STR "pseudonym" DIR_SEPARATOR_STR "metadata" DIR_SEPARATOR_STR
56 * Name of the directory which stores names for pseudonyms
58 #define PS_NAMES_DIR DIR_SEPARATOR_STR "data" DIR_SEPARATOR_STR "pseudonym" DIR_SEPARATOR_STR "names" DIR_SEPARATOR_STR
62 * Configuration section we use.
64 #define GNUNET_CLIENT_SERVICE_NAME "client"
67 /* ************************* Disk operations (pseudonym data mgmt) **************** */
70 * Registered callbacks for discovery of pseudonyms.
72 struct GNUNET_PSEUDONYM_DiscoveryHandle
75 * This is a doubly linked list.
77 struct GNUNET_PSEUDONYM_DiscoveryHandle *next;
80 * This is a doubly linked list.
82 struct GNUNET_PSEUDONYM_DiscoveryHandle *prev;
85 * Function to call each time a pseudonym is discovered.
87 GNUNET_PSEUDONYM_Iterator callback;
90 * Closure for callback.
97 * Head of the linked list of functions to call when
98 * new pseudonyms are added.
100 static struct GNUNET_PSEUDONYM_DiscoveryHandle *disco_head;
103 * Tail of the linked list of functions to call when
104 * new pseudonyms are added.
106 static struct GNUNET_PSEUDONYM_DiscoveryHandle *disco_tail;
110 * Internal notification about new tracked URI.
112 * @param pseudonym public key of the pseudonym
113 * @param md meta data to be written
114 * @param rating rating of pseudonym
117 internal_notify (const struct GNUNET_PseudonymIdentifier *pseudonym,
118 const struct GNUNET_CONTAINER_MetaData *md, int rating)
120 struct GNUNET_PSEUDONYM_DiscoveryHandle *pos;
122 for (pos = disco_head; NULL != pos; pos = pos->next)
123 pos->callback (pos->callback_cls, pseudonym, NULL, NULL, md, rating);
128 * Register callback to be invoked whenever we discover
130 * Will immediately call provided iterator callback for all
131 * already discovered pseudonyms.
133 * @param cfg configuration to use
134 * @param iterator iterator over pseudonym
135 * @param iterator_cls point to a closure
136 * @return registration handle
138 struct GNUNET_PSEUDONYM_DiscoveryHandle *
139 GNUNET_PSEUDONYM_discovery_callback_register (const struct
140 GNUNET_CONFIGURATION_Handle *cfg,
141 GNUNET_PSEUDONYM_Iterator iterator,
144 struct GNUNET_PSEUDONYM_DiscoveryHandle *dh;
146 dh = GNUNET_malloc (sizeof (struct GNUNET_PSEUDONYM_DiscoveryHandle));
147 dh->callback = iterator;
148 dh->callback_cls = iterator_cls;
149 GNUNET_CONTAINER_DLL_insert (disco_head, disco_tail, dh);
150 GNUNET_PSEUDONYM_list_all (cfg, iterator, iterator_cls);
156 * Unregister pseudonym discovery callback.
158 * @param dh registration to unregister
161 GNUNET_PSEUDONYM_discovery_callback_unregister (struct GNUNET_PSEUDONYM_DiscoveryHandle *dh)
163 GNUNET_CONTAINER_DLL_remove (disco_head, disco_tail, dh);
169 * Get the filename (or directory name) for the given
170 * pseudonym identifier and directory prefix.
172 * @param cfg configuration to use
173 * @param prefix path components to append to the private directory name
174 * @param pseudonym the pseudonym, can be NULL
175 * @return filename of the pseudonym (if pseudonym != NULL) or directory with the data (if pseudonym == NULL)
178 get_data_filename (const struct GNUNET_CONFIGURATION_Handle *cfg,
180 const struct GNUNET_PseudonymIdentifier *pseudonym)
182 struct GNUNET_CRYPTO_HashAsciiEncoded enc;
183 struct GNUNET_HashCode psid;
185 if (NULL != pseudonym)
187 GNUNET_CRYPTO_hash (pseudonym,
188 sizeof (struct GNUNET_PseudonymIdentifier),
190 GNUNET_CRYPTO_hash_to_enc (&psid, &enc);
192 return GNUNET_DISK_get_home_filename (cfg,
193 GNUNET_CLIENT_SERVICE_NAME, prefix,
196 : (const char *) &enc,
202 * Get the filename (or directory name) for the given
203 * hash code and directory prefix.
205 * @param cfg configuration to use
206 * @param prefix path components to append to the private directory name
207 * @param hc some hash code
208 * @return filename of the pseudonym (if hc != NULL) or directory with the data (if hc == NULL)
211 get_data_filename_hash (const struct GNUNET_CONFIGURATION_Handle *cfg,
213 const struct GNUNET_HashCode *hc)
215 struct GNUNET_CRYPTO_HashAsciiEncoded enc;
218 GNUNET_CRYPTO_hash_to_enc (hc, &enc);
219 return GNUNET_DISK_get_home_filename (cfg,
220 GNUNET_CLIENT_SERVICE_NAME, prefix,
223 : (const char *) &enc,
229 * Set the pseudonym metadata, rank and name.
230 * Writes the pseudonym infomation into a file
232 * @param cfg overall configuration
233 * @param pseudonym id of the pseudonym
234 * @param name name to set. Must be the non-unique version of it.
235 * May be NULL, in which case it erases pseudonym's name!
236 * @param md metadata to set
237 * May be NULL, in which case it erases pseudonym's metadata!
238 * @param rank rank to assign
239 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
242 GNUNET_PSEUDONYM_set_info (const struct GNUNET_CONFIGURATION_Handle *cfg,
243 const struct GNUNET_PseudonymIdentifier *pseudonym,
245 const struct GNUNET_CONTAINER_MetaData *md,
249 struct GNUNET_BIO_WriteHandle *fileW;
251 fn = get_data_filename (cfg, PS_METADATA_DIR, pseudonym);
252 if (NULL == (fileW = GNUNET_BIO_write_open (fn)))
255 return GNUNET_SYSERR;
257 if ((GNUNET_OK != GNUNET_BIO_write (fileW, pseudonym,
258 sizeof (struct GNUNET_PseudonymIdentifier))) ||
259 (GNUNET_OK != GNUNET_BIO_write_int32 (fileW, rank)) ||
260 (GNUNET_OK != GNUNET_BIO_write_string (fileW, name)) ||
261 (GNUNET_OK != GNUNET_BIO_write_meta_data (fileW, md)))
263 (void) GNUNET_BIO_write_close (fileW);
264 GNUNET_break (GNUNET_OK == GNUNET_DISK_directory_remove (fn));
266 return GNUNET_SYSERR;
268 if (GNUNET_OK != GNUNET_BIO_write_close (fileW))
270 GNUNET_break (GNUNET_OK == GNUNET_DISK_directory_remove (fn));
272 return GNUNET_SYSERR;
275 /* create entry for pseudonym name in names */
277 GNUNET_free_non_null (GNUNET_PSEUDONYM_name_uniquify (cfg, pseudonym,
284 * Read pseudonym infomation from a file
286 * @param cfg configuration to use
287 * @param pseudonym hash code of a pseudonym
288 * @param meta meta data to be read from a file
289 * @param rank rank of a pseudonym
290 * @param ns_name name of a pseudonym
291 * @return GNUNET_OK on success, GNUNET_SYSERR on error
294 read_info (const struct GNUNET_CONFIGURATION_Handle *cfg,
295 const struct GNUNET_PseudonymIdentifier *pseudonym,
296 struct GNUNET_CONTAINER_MetaData **meta,
300 struct GNUNET_PseudonymIdentifier pd;
303 struct GNUNET_BIO_ReadHandle *fileR;
305 fn = get_data_filename (cfg, PS_METADATA_DIR, pseudonym);
307 GNUNET_DISK_file_test (fn))
310 return GNUNET_SYSERR;
312 if (NULL == (fileR = GNUNET_BIO_read_open (fn)))
315 return GNUNET_SYSERR;
319 if ( (GNUNET_OK != GNUNET_BIO_read (fileR, "pseudonym", &pd, sizeof (pd))) ||
320 (0 != memcmp (&pd, pseudonym, sizeof (pd))) ||
321 (GNUNET_OK != GNUNET_BIO_read_int32 (fileR, rank)) ||
323 GNUNET_BIO_read_string (fileR, "Read string error!", ns_name, 200)) ||
325 GNUNET_BIO_read_meta_data (fileR, "Read meta data error!", meta)) )
327 (void) GNUNET_BIO_read_close (fileR, &emsg);
328 GNUNET_free_non_null (emsg);
329 GNUNET_free_non_null (*ns_name);
331 GNUNET_break (GNUNET_OK == GNUNET_DISK_directory_remove (fn));
333 return GNUNET_SYSERR;
335 if (GNUNET_OK != GNUNET_BIO_read_close (fileR, &emsg))
337 LOG (GNUNET_ERROR_TYPE_WARNING,
338 _("Failed to parse metadata about pseudonym from file `%s': %s\n"), fn,
340 GNUNET_break (GNUNET_OK == GNUNET_DISK_directory_remove (fn));
341 GNUNET_CONTAINER_meta_data_destroy (*meta);
343 GNUNET_free_non_null (*ns_name);
345 GNUNET_free_non_null (emsg);
347 return GNUNET_SYSERR;
355 * Return unique variant of the namespace name. Use it after
356 * GNUNET_PSEUDONYM_get_info() to make sure that name is unique.
358 * @param cfg configuration
359 * @param pseudonym public key of the pseudonym
360 * @param name name to uniquify
361 * @param suffix if not NULL, filled with the suffix value
362 * @return NULL on failure (should never happen), name on success.
363 * Free the name with GNUNET_free().
366 GNUNET_PSEUDONYM_name_uniquify (const struct GNUNET_CONFIGURATION_Handle *cfg,
367 const struct GNUNET_PseudonymIdentifier *pseudonym,
369 unsigned int *suffix)
371 struct GNUNET_HashCode nh;
372 struct GNUNET_PseudonymIdentifier pi;
375 struct GNUNET_DISK_FileHandle *fh;
381 GNUNET_CRYPTO_hash (name, strlen (name), &nh);
382 fn = get_data_filename_hash (cfg, PS_NAMES_DIR, &nh);
384 if (0 == STAT (fn, &sbuf))
385 GNUNET_break (GNUNET_OK == GNUNET_DISK_file_size (fn, &len, GNUNET_YES, GNUNET_YES));
386 fh = GNUNET_DISK_file_open (fn,
387 GNUNET_DISK_OPEN_CREATE |
388 GNUNET_DISK_OPEN_READWRITE,
389 GNUNET_DISK_PERM_USER_READ |
390 GNUNET_DISK_PERM_USER_WRITE);
393 while ((len >= sizeof (struct GNUNET_PseudonymIdentifier)) &&
394 (sizeof (struct GNUNET_PseudonymIdentifier) ==
395 GNUNET_DISK_file_read (fh, &pi, sizeof (struct GNUNET_PseudonymIdentifier))))
397 if (0 == memcmp (&pi, pseudonym, sizeof (struct GNUNET_PseudonymIdentifier)))
403 len -= sizeof (struct GNUNET_HashCode);
408 if (sizeof (struct GNUNET_PseudonymIdentifier) !=
409 GNUNET_DISK_file_write (fh, pseudonym, sizeof (struct GNUNET_PseudonymIdentifier)))
410 LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "write", fn);
412 GNUNET_DISK_file_close (fh);
413 ret = GNUNET_malloc (strlen (name) + 32);
414 GNUNET_snprintf (ret, strlen (name) + 32, "%s-%u", name, idx);
423 * Get namespace name, metadata and rank
424 * This is a wrapper around internal read_info() call, and ensures that
425 * returned data is not invalid (not NULL).
427 * @param cfg configuration
428 * @param pseudonym public key of the pseudonym
429 * @param ret_meta a location to store metadata pointer. NULL, if metadata
430 * is not needed. Destroy with GNUNET_CONTAINER_meta_data_destroy().
431 * @param ret_rank a location to store rank. NULL, if rank not needed.
432 * @param ret_name a location to store human-readable name. Name is not unique.
433 * NULL, if name is not needed. Free with GNUNET_free().
434 * @param name_is_a_dup is set to GNUNET_YES, if ret_name was filled with
435 * a duplicate of a "no-name" placeholder
436 * @return GNUNET_OK on success. GNUENT_SYSERR if the data was
437 * unobtainable (in that case ret_* are filled with placeholders -
438 * empty metadata container, rank -1 and a "no-name" name).
441 GNUNET_PSEUDONYM_get_info (const struct GNUNET_CONFIGURATION_Handle *cfg,
442 const struct GNUNET_PseudonymIdentifier *pseudonym,
443 struct GNUNET_CONTAINER_MetaData **ret_meta,
448 struct GNUNET_CONTAINER_MetaData *meta;
454 if (GNUNET_OK == read_info (cfg, pseudonym, &meta, &rank, &name))
456 if ((meta != NULL) && (name == NULL))
458 GNUNET_CONTAINER_meta_data_get_first_by_types (meta,
459 EXTRACTOR_METATYPE_TITLE,
460 EXTRACTOR_METATYPE_GNUNET_ORIGINAL_FILENAME,
461 EXTRACTOR_METATYPE_FILENAME,
462 EXTRACTOR_METATYPE_DESCRIPTION,
463 EXTRACTOR_METATYPE_SUBJECT,
464 EXTRACTOR_METATYPE_PUBLISHER,
465 EXTRACTOR_METATYPE_AUTHOR_NAME,
466 EXTRACTOR_METATYPE_COMMENT,
467 EXTRACTOR_METATYPE_SUMMARY,
469 if (ret_name != NULL)
473 name = GNUNET_strdup (_("no-name"));
474 if (name_is_a_dup != NULL)
475 *name_is_a_dup = GNUNET_YES;
477 else if (name_is_a_dup != NULL)
478 *name_is_a_dup = GNUNET_NO;
481 else if (name != NULL)
484 if (ret_meta != NULL)
487 meta = GNUNET_CONTAINER_meta_data_create ();
490 else if (meta != NULL)
491 GNUNET_CONTAINER_meta_data_destroy (meta);
493 if (ret_rank != NULL)
498 if (ret_name != NULL)
499 *ret_name = GNUNET_strdup (_("no-name"));
500 if (ret_meta != NULL)
501 *ret_meta = GNUNET_CONTAINER_meta_data_create ();
502 if (ret_rank != NULL)
504 if (name_is_a_dup != NULL)
505 *name_is_a_dup = GNUNET_YES;
506 return GNUNET_SYSERR;
511 * Get the namespace ID belonging to the given namespace name.
513 * @param cfg configuration to use
514 * @param ns_uname unique (!) human-readable name for the namespace
515 * @param pseudonym set to public key of pseudonym based on 'ns_uname'
516 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
519 GNUNET_PSEUDONYM_name_to_id (const struct GNUNET_CONFIGURATION_Handle *cfg,
520 const char *ns_uname,
521 struct GNUNET_PseudonymIdentifier *pseudonym)
527 struct GNUNET_HashCode nh;
529 struct GNUNET_DISK_FileHandle *fh;
532 slen = strlen (ns_uname);
533 while ((slen > 0) && (1 != SSCANF (&ns_uname[slen - 1], "-%u", &idx)))
536 return GNUNET_SYSERR;
537 name = GNUNET_strdup (ns_uname);
538 name[slen - 1] = '\0';
540 GNUNET_CRYPTO_hash (name, strlen (name), &nh);
542 fn = get_data_filename_hash (cfg, PS_NAMES_DIR, &nh);
544 if ((GNUNET_OK != GNUNET_DISK_file_test (fn) ||
545 (GNUNET_OK != GNUNET_DISK_file_size (fn, &len, GNUNET_YES, GNUNET_YES))) ||
546 ((idx + 1) * sizeof (struct GNUNET_PseudonymIdentifier) > len))
549 return GNUNET_SYSERR;
551 fh = GNUNET_DISK_file_open (fn,
552 GNUNET_DISK_OPEN_CREATE |
553 GNUNET_DISK_OPEN_READWRITE,
554 GNUNET_DISK_PERM_USER_READ |
555 GNUNET_DISK_PERM_USER_WRITE);
558 GNUNET_DISK_file_seek (fh, idx * sizeof (struct GNUNET_PseudonymIdentifier),
559 GNUNET_DISK_SEEK_SET))
561 GNUNET_DISK_file_close (fh);
562 return GNUNET_SYSERR;
564 if (sizeof (struct GNUNET_PseudonymIdentifier) !=
565 GNUNET_DISK_file_read (fh, pseudonym, sizeof (struct GNUNET_PseudonymIdentifier)))
567 GNUNET_DISK_file_close (fh);
568 return GNUNET_SYSERR;
570 GNUNET_DISK_file_close (fh);
577 * struct used to list the pseudonym
579 struct ListPseudonymClosure
583 * iterator over pseudonym
585 GNUNET_PSEUDONYM_Iterator iterator;
588 * Closure for iterator.
593 * Configuration to use.
595 const struct GNUNET_CONFIGURATION_Handle *cfg;
601 * Helper function to list all available pseudonyms
603 * @param cls point to a struct ListPseudonymClosure
604 * @param fullname name of pseudonym
607 list_pseudonym_helper (void *cls, const char *fullname)
609 struct ListPseudonymClosure *lpc = cls;
610 struct GNUNET_PseudonymIdentifier pd;
612 struct GNUNET_BIO_ReadHandle *fileR;
615 struct GNUNET_CONTAINER_MetaData *meta;
619 if (NULL == (fileR = GNUNET_BIO_read_open (fullname)))
620 return GNUNET_SYSERR;
623 if ( (GNUNET_OK != GNUNET_BIO_read (fileR, "pseudonym", &pd, sizeof (pd))) ||
624 (GNUNET_OK != GNUNET_BIO_read_int32 (fileR, &rank)) ||
626 GNUNET_BIO_read_string (fileR, "Read string error!", &ns_name, 200)) ||
628 GNUNET_BIO_read_meta_data (fileR, "Read meta data error!", &meta)) )
630 (void) GNUNET_BIO_read_close (fileR, &emsg);
631 GNUNET_free_non_null (emsg);
632 GNUNET_free_non_null (ns_name);
633 GNUNET_break (GNUNET_OK == GNUNET_DISK_directory_remove (fullname));
634 return GNUNET_SYSERR;
637 ns_name = GNUNET_strdup (_("no-name"));
638 if (GNUNET_OK != GNUNET_BIO_read_close (fileR, &emsg))
640 LOG (GNUNET_ERROR_TYPE_WARNING,
641 _("Failed to parse metadata about pseudonym from file `%s': %s\n"), fullname,
643 GNUNET_break (GNUNET_OK == GNUNET_DISK_directory_remove (fullname));
644 GNUNET_CONTAINER_meta_data_destroy (meta);
645 GNUNET_free (ns_name);
646 GNUNET_free_non_null (emsg);
647 return GNUNET_SYSERR;
650 name_unique = GNUNET_PSEUDONYM_name_uniquify (lpc->cfg, &pd, ns_name, NULL);
651 if (NULL != lpc->iterator)
652 ret = lpc->iterator (lpc->iterator_cls, &pd, ns_name, name_unique, meta, rank);
653 GNUNET_free (ns_name);
654 GNUNET_free_non_null (name_unique);
655 GNUNET_CONTAINER_meta_data_destroy (meta);
661 * List all available pseudonyms.
663 * @param cfg overall configuration
664 * @param iterator function to call for each pseudonym
665 * @param iterator_cls closure for iterator
666 * @return number of pseudonyms found
669 GNUNET_PSEUDONYM_list_all (const struct GNUNET_CONFIGURATION_Handle *cfg,
670 GNUNET_PSEUDONYM_Iterator iterator,
673 struct ListPseudonymClosure cls;
677 cls.iterator = iterator;
678 cls.iterator_cls = iterator_cls;
680 fn = get_data_filename (cfg, PS_METADATA_DIR, NULL);
681 GNUNET_assert (fn != NULL);
682 GNUNET_DISK_directory_create (fn);
683 ret = GNUNET_DISK_directory_scan (fn, &list_pseudonym_helper, &cls);
690 * Change the rank of a pseudonym.
692 * @param cfg overall configuration
693 * @param pseudonym the pseudonym
694 * @param delta by how much should the rating be changed?
695 * @return new rating of the pseudonym
698 GNUNET_PSEUDONYM_rank (const struct GNUNET_CONFIGURATION_Handle *cfg,
699 const struct GNUNET_PseudonymIdentifier *pseudonym,
702 struct GNUNET_CONTAINER_MetaData *meta;
708 ret = read_info (cfg, pseudonym, &meta, &rank, &name);
709 if (ret == GNUNET_SYSERR)
712 meta = GNUNET_CONTAINER_meta_data_create ();
715 GNUNET_PSEUDONYM_set_info (cfg, pseudonym, name, meta, rank);
716 GNUNET_CONTAINER_meta_data_destroy (meta);
717 GNUNET_free_non_null (name);
723 * Add a pseudonym to the set of known pseudonyms.
724 * For all pseudonym advertisements that we discover
725 * FS should automatically call this function.
727 * @param cfg overall configuration
728 * @param pseudonym the pseudonym to add
729 * @param meta metadata for the pseudonym
730 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
733 GNUNET_PSEUDONYM_add (const struct GNUNET_CONFIGURATION_Handle *cfg,
734 const struct GNUNET_PseudonymIdentifier *pseudonym,
735 const struct GNUNET_CONTAINER_MetaData *meta)
739 struct GNUNET_CONTAINER_MetaData *old;
745 fn = get_data_filename (cfg, PS_METADATA_DIR, pseudonym);
746 GNUNET_assert (fn != NULL);
748 if ((0 == STAT (fn, &sbuf)) &&
749 (GNUNET_OK == read_info (cfg, pseudonym, &old, &rank, &name)))
751 GNUNET_CONTAINER_meta_data_merge (old, meta);
752 ret = GNUNET_PSEUDONYM_set_info (cfg, pseudonym, name, old, rank);
753 GNUNET_CONTAINER_meta_data_destroy (old);
754 GNUNET_free_non_null (name);
758 ret = GNUNET_PSEUDONYM_set_info (cfg, pseudonym, NULL, meta, rank);
761 internal_notify (pseudonym, meta, rank);
766 /* ***************************** cryptographic operations ************************* */
769 * Handle for a pseudonym (private key).
771 struct GNUNET_PseudonymHandle
774 * 256-bit 'd' secret value (mod 'n', where n is 256-bit for NIST P-256).
776 unsigned char d[256 / 8];
779 * Public key corresponding to the private key.
781 struct GNUNET_PseudonymIdentifier public_key;
786 * If target != size, move target bytes to the end of the size-sized
787 * buffer and zero out the first target-size bytes.
789 * @param buf original buffer
790 * @param size number of bytes in the buffer
791 * @param target target size of the buffer
794 adjust (unsigned char *buf, size_t size, size_t target)
798 memmove (&buf[target - size], buf, size);
799 memset (buf, 0, target - size);
805 * Extract values from an S-expression.
807 * @param array where to store the result(s)
808 * @param sexp S-expression to parse
809 * @param topname top-level name in the S-expression that is of interest
810 * @param elems names of the elements to extract
811 * @return 0 on success
814 key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname,
823 if (! (list = gcry_sexp_find_token (sexp, topname, 0)))
825 l2 = gcry_sexp_cadr (list);
826 gcry_sexp_release (list);
831 for (s = elems; *s; s++, idx++)
833 if (! (l2 = gcry_sexp_find_token (list, s, 1)))
835 for (i = 0; i < idx; i++)
837 gcry_free (array[i]);
840 gcry_sexp_release (list);
841 return 3; /* required parameter not found */
843 array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG);
844 gcry_sexp_release (l2);
847 for (i = 0; i < idx; i++)
849 gcry_free (array[i]);
852 gcry_sexp_release (list);
853 return 4; /* required parameter is invalid */
856 gcry_sexp_release (list);
862 * Create a pseudonym.
864 * @param filename name of the file to use for storage, NULL for in-memory only
865 * @return handle to the private key of the pseudonym
867 struct GNUNET_PseudonymHandle *
868 GNUNET_PSEUDONYM_create (const char *filename)
870 struct GNUNET_PseudonymHandle *ph;
882 ph = GNUNET_malloc (sizeof (struct GNUNET_PseudonymHandle));
883 if ( (NULL != filename) &&
884 (GNUNET_YES == GNUNET_DISK_file_test (filename)) )
886 ret = GNUNET_DISK_fn_read (filename, ph,
887 sizeof (struct GNUNET_PseudonymHandle));
888 /* Note: we don't do any validation here, maybe we should? */
889 if (sizeof (struct GNUNET_PseudonymHandle) == ret)
892 if (0 != (rc = gcry_sexp_build (¶ms, NULL,
893 "(genkey(ecdsa(curve \"NIST P-256\")))")))
895 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
898 if (0 != (rc = gcry_pk_genkey (&r_key, params)))
900 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_genkey", rc);
901 gcry_sexp_release (r_key);
904 /* extract "d" (secret key) from r_key */
905 rc = key_from_sexp (&d, r_key, "private-key", "d");
907 rc = key_from_sexp (&d, r_key, "private-key", "d");
909 rc = key_from_sexp (&d, r_key, "ecc", "d");
912 gcry_sexp_release (r_key);
913 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "key_from_sexp", rc);
916 size = sizeof (ph->d);
918 gcry_mpi_print (GCRYMPI_FMT_USG, ph->d, size, &size,
920 gcry_mpi_release (d);
921 adjust (ph->d, size, sizeof (ph->d));
923 /* extract 'q' (public key) from r_key */
924 if (0 != (rc = gcry_mpi_ec_new (&ctx, r_key, NULL)))
926 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_ec_new", rc); /* erroff gives more info */
927 gcry_sexp_release (r_key);
930 gcry_sexp_release (r_key);
931 q = gcry_mpi_ec_get_point ("q", ctx, 0);
932 q_x = gcry_mpi_new (256);
933 q_y = gcry_mpi_new (256);
934 gcry_mpi_ec_get_affine (q_x, q_y, q, ctx);
935 gcry_mpi_point_release (q);
937 /* store q_x/q_y in public key */
938 size = sizeof (ph->public_key.q_x);
940 gcry_mpi_print (GCRYMPI_FMT_USG, ph->public_key.q_x, size, &size,
943 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_print", rc);
944 gcry_mpi_release (q_x);
945 gcry_mpi_release (q_y);
949 adjust (ph->public_key.q_x, size, sizeof (ph->public_key.q_x));
950 gcry_mpi_release (q_x);
952 size = sizeof (ph->public_key.q_y);
954 gcry_mpi_print (GCRYMPI_FMT_USG, ph->public_key.q_y, size, &size,
957 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_print", rc);
958 gcry_mpi_release (q_y);
961 adjust (ph->public_key.q_y, size, sizeof (ph->public_key.q_y));
962 gcry_mpi_release (q_y);
965 if (NULL != filename)
967 ret = GNUNET_DISK_fn_write (filename, ph, sizeof (struct GNUNET_PseudonymHandle),
968 GNUNET_DISK_PERM_USER_READ | GNUNET_DISK_PERM_USER_WRITE);
969 if (sizeof (struct GNUNET_PseudonymHandle) != ret)
980 * Create a pseudonym, from a file that must already exist.
982 * @param filename name of the file to use for storage, NULL for in-memory only
983 * @return handle to the private key of the pseudonym
985 struct GNUNET_PseudonymHandle *
986 GNUNET_PSEUDONYM_create_from_existing_file (const char *filename)
988 struct GNUNET_PseudonymHandle *ph;
991 ph = GNUNET_malloc (sizeof (struct GNUNET_PseudonymHandle));
992 ret = GNUNET_DISK_fn_read (filename, ph,
993 sizeof (struct GNUNET_PseudonymHandle));
994 if (sizeof (struct GNUNET_PseudonymHandle) != ret)
999 /* Note: we don't do any validation here; maybe we should? */
1005 * Get the handle for the 'anonymous' pseudonym shared by all users.
1006 * That pseudonym uses a fixed 'secret' for the private key; this
1007 * construction is useful to make anonymous and pseudonymous APIs
1008 * (and packets) indistinguishable on the network. See #2564.
1010 * @return handle to the (non-secret) private key of the 'anonymous' pseudonym
1012 struct GNUNET_PseudonymHandle *
1013 GNUNET_PSEUDONYM_get_anonymous_pseudonym_handle ()
1015 struct GNUNET_PseudonymHandle *ph;
1017 ph = GNUNET_malloc (sizeof (struct GNUNET_PseudonymHandle));
1018 /* Note if we use 'd=0' for the anonymous handle (as per#2564),
1019 then I believe the public key should be also zero, as Q=0P=0;
1020 so setting everything to all-zeros (as per GNUNET_malloc)
1021 should be all that is needed here).
1028 * Destroy a pseudonym handle. Does NOT remove the private key from
1031 * @param ph pseudonym handle to destroy
1034 GNUNET_PSEUDONYM_destroy (struct GNUNET_PseudonymHandle *ph)
1041 * Convert the data specified in the given purpose argument to an
1042 * S-expression suitable for signature operations.
1044 * @param purpose data to convert
1045 * @return converted s-expression
1048 data_to_pkcs1 (const struct GNUNET_PseudonymSignaturePurpose *purpose)
1050 struct GNUNET_CRYPTO_ShortHashCode hc;
1054 GNUNET_CRYPTO_short_hash (purpose, ntohl (purpose->size), &hc);
1055 #define FORMATSTRING "(4:data(5:flags3:raw)(5:value32:01234567890123456789012345678901))"
1056 bufSize = strlen (FORMATSTRING) + 1;
1060 memcpy (buff, FORMATSTRING, bufSize);
1064 ("01234567890123456789012345678901))")
1065 - 1], &hc, sizeof (struct GNUNET_CRYPTO_ShortHashCode));
1066 GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0));
1074 * Cryptographically sign some data with the pseudonym.
1076 * @param ph private key used for signing (corresponds to 'x' in #2564)
1077 * @param purpose data to sign
1078 * @param seed hash of the plaintext of the data that we are signing,
1079 * used for deterministic PRNG for anonymous signing;
1080 * corresponds to 'k' in section 2.7 of #2564
1081 * @param signing_key modifier to apply to the private key for signing;
1082 * corresponds to 'h' in section 2.3 of #2564.
1083 * @param signature where to store the signature
1084 * @return GNUNET_SYSERR on failure
1087 GNUNET_PSEUDONYM_sign (struct GNUNET_PseudonymHandle *ph,
1088 const struct GNUNET_PseudonymSignaturePurpose *purpose,
1089 const struct GNUNET_HashCode *seed,
1090 const struct GNUNET_HashCode *signing_key,
1091 struct GNUNET_PseudonymSignature *signature)
1099 gcry_mpi_t n; /* n from P-256 */
1106 /* get private key 'x' from pseudonym */
1107 size = sizeof (ph->d);
1108 if (0 != (rc = gcry_mpi_scan (&x, GCRYMPI_FMT_USG,
1112 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1113 return GNUNET_SYSERR;
1115 /* get 'h' value from signing key */
1116 size = sizeof (struct GNUNET_HashCode);
1117 if (0 != (rc = gcry_mpi_scan (&h, GCRYMPI_FMT_USG,
1121 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1122 gcry_mpi_release (x);
1123 return GNUNET_SYSERR;
1126 /* initialize 'n' from P-256; hex copied from libgcrypt code */
1127 if (0 != (rc = gcry_mpi_scan (&n, GCRYMPI_FMT_HEX,
1128 "0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", 0, NULL)))
1130 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1131 gcry_mpi_release (x);
1132 gcry_mpi_release (h);
1133 return GNUNET_SYSERR;
1136 /* calculate d = x + h mod n */
1137 d = gcry_mpi_new (256);
1138 gcry_mpi_addm (d, x, h, n);
1139 gcry_mpi_release (x);
1140 gcry_mpi_release (h);
1141 gcry_mpi_release (n);
1143 /* now build sexpression with the signing key;
1144 NOTE: libgcrypt docs say that we should specify 'Q', but hopefully soon
1145 libgcrypt will derive it from 'd' for us... */
1146 if (0 != (rc = gcry_sexp_build (&spriv, &erroff,
1147 "(private-key(ecc(curve \"NIST P-256\")(d %m)))",
1150 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
1151 gcry_mpi_release (d);
1152 return GNUNET_SYSERR;
1154 gcry_mpi_release (d);
1155 /* prepare data for signing */
1156 data = data_to_pkcs1 (purpose);
1158 /* get 'k' value from seed, if available */
1161 size = sizeof (struct GNUNET_HashCode);
1162 if (0 != (rc = gcry_mpi_scan (&k, GCRYMPI_FMT_USG,
1166 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1167 gcry_mpi_release (x);
1168 return GNUNET_SYSERR;
1172 /* actually create signature */
1173 /* FIXME: need API to pass 'k' if 'seed' was non-NULL! */
1174 if (0 != (rc = gcry_pk_sign (&result, data, spriv)))
1176 LOG (GNUNET_ERROR_TYPE_WARNING,
1177 _("ECC signing failed at %s:%d: %s\n"), __FILE__,
1178 __LINE__, gcry_strerror (rc));
1179 gcry_sexp_release (data);
1180 gcry_sexp_release (spriv);
1182 gcry_mpi_release (k);
1183 memset (signature, 0, sizeof (struct GNUNET_PseudonymSignature));
1184 return GNUNET_SYSERR;
1187 gcry_mpi_release (k);
1188 gcry_sexp_release (data);
1189 gcry_sexp_release (spriv);
1191 /* extract 'r' and 's' values from sexpression 'result' and store in 'signature' */
1192 if (0 != (rc = key_from_sexp (rs, result, "ecdsa", "rs")))
1195 gcry_sexp_release (result);
1196 return GNUNET_SYSERR;
1198 gcry_sexp_release (result);
1199 size = sizeof (signature->sig_r);
1200 if (0 != (rc = gcry_mpi_print (GCRYMPI_FMT_USG, signature->sig_r, size,
1203 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_print", rc);
1204 gcry_mpi_release (rs[0]);
1205 gcry_mpi_release (rs[1]);
1206 return GNUNET_SYSERR;
1208 gcry_mpi_release (rs[0]);
1209 size = sizeof (signature->sig_s);
1210 if (0 != (rc = gcry_mpi_print (GCRYMPI_FMT_USG, signature->sig_s, size,
1213 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_print", rc);
1214 gcry_mpi_release (rs[1]);
1215 return GNUNET_SYSERR;
1217 gcry_mpi_release (rs[1]);
1223 * Get an ECC context (with Q set to the respective public key) from
1226 * @param pseudonym with information on 'q'
1227 * @return curve context
1230 get_context_from_pseudonym (struct GNUNET_PseudonymIdentifier *pseudonym)
1240 /* extract 'q' from pseudonym */
1241 size = sizeof (pseudonym->q_x);
1242 if (0 != (rc = gcry_mpi_scan (&q_x, GCRYMPI_FMT_USG, pseudonym->q_x, size, &size)))
1244 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1247 size = sizeof (pseudonym->q_y);
1248 if (0 != (rc = gcry_mpi_scan (&q_y, GCRYMPI_FMT_USG, pseudonym->q_y, size, &size)))
1250 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1251 gcry_mpi_release (q_x);
1254 q = gcry_mpi_point_new (256);
1255 ONE = gcry_mpi_new (1);
1256 gcry_mpi_set_ui (ONE, 1);
1257 gcry_mpi_point_set (q, q_x, q_y, ONE); /* FIXME: convenience function 'set_affine'? */
1258 gcry_mpi_release (ONE);
1259 gcry_mpi_release (q_x);
1260 gcry_mpi_release (q_y);
1262 /* create basic ECC context */
1263 if (0 != (rc = gcry_mpi_ec_new (&ctx, NULL, "NIST P-256")))
1265 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_ec_new", rc); /* erroff gives more info */
1266 gcry_mpi_point_release (q);
1269 /* initialize 'ctx' with 'q' */
1270 gcry_mpi_ec_set_point ("q", q, ctx);
1271 gcry_mpi_point_release (q);
1277 * Given a pseudonym and a signing key, derive the corresponding public
1278 * key that would be used to verify the resulting signature.
1280 * @param pseudonym the public key (g^x in DSA, dQ in ECDSA)
1281 * @param signing_key input to derive 'h' (see section 2.4 of #2564)
1282 * @param verification_key resulting public key to verify the signature
1283 * created from the 'ph' of 'pseudonym' and the 'signing_key';
1284 * the value stored here can then be given to GNUNET_PSEUDONYM_verify.
1285 * @return GNUNET_OK on success, GNUNET_SYSERR on error
1288 GNUNET_PSEUDONYM_derive_verification_key (struct GNUNET_PseudonymIdentifier *pseudonym,
1289 const struct GNUNET_HashCode *signing_key,
1290 struct GNUNET_PseudonymIdentifier *verification_key)
1298 gcry_mpi_point_t hg;
1303 /* get 'h' value from signing key */
1304 size = sizeof (struct GNUNET_HashCode);
1305 if (0 != (rc = gcry_mpi_scan (&h, GCRYMPI_FMT_USG,
1309 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1310 return GNUNET_SYSERR;
1312 /* create ECC context based on Q from pseudonym */
1313 if (NULL == (ctx = get_context_from_pseudonym (pseudonym)))
1315 gcry_mpi_release (h);
1316 return GNUNET_SYSERR;
1319 g = gcry_mpi_ec_get_point ("g", ctx, 0);
1321 /* then call the 'multiply' function, to compute the product hG */
1322 hg = gcry_mpi_point_new (0);
1323 gcry_mpi_ec_mul (hg, h, g, ctx);
1324 gcry_mpi_release (h);
1326 /* get Q = dG from 'pseudonym' */
1327 q = gcry_mpi_ec_get_point ("q", ctx, 0);
1329 /* calculate V = q + hG = dG + hG */
1330 v = gcry_mpi_point_new (0);
1331 gcry_mpi_ec_add (v, q, hg, ctx);
1333 /* store 'v' point in "verification_key" */
1334 v_x = gcry_mpi_new (256);
1335 v_y = gcry_mpi_new (256);
1336 gcry_mpi_ec_get_affine (v_x, v_y, v, ctx);
1337 gcry_mpi_point_release (v);
1338 gcry_ctx_release (ctx);
1340 size = sizeof (verification_key->q_x);
1341 if (0 != (rc = gcry_mpi_print (GCRYMPI_FMT_USG, verification_key->q_x, size,
1344 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_print", rc);
1345 gcry_mpi_release (v_x);
1346 gcry_mpi_release (v_y);
1347 return GNUNET_SYSERR;
1349 gcry_mpi_release (v_x);
1350 size = sizeof (verification_key->q_y);
1351 if (0 != (rc = gcry_mpi_print (GCRYMPI_FMT_USG, verification_key->q_y, size,
1354 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_print", rc);
1355 gcry_mpi_release (v_y);
1356 return GNUNET_SYSERR;
1358 gcry_mpi_release (v_y);
1364 * Verify a signature made with a pseudonym.
1366 * @param purpose data that was signed
1367 * @param signature signature to verify
1368 * @param verification_key public key to use for checking the signature;
1369 * corresponds to 'g^(x+h)' in section 2.4 of #2564.
1370 * @return GNUNET_OK on success (signature valid, 'pseudonym' set),
1371 * GNUNET_SYSERR if the signature is invalid
1374 GNUNET_PSEUDONYM_verify (const struct GNUNET_PseudonymSignaturePurpose *purpose,
1375 const struct GNUNET_PseudonymSignature *signature,
1376 const struct GNUNET_PseudonymIdentifier *verification_key)
1380 gcry_sexp_t sig_sexpr;
1381 gcry_sexp_t pk_sexpr;
1393 /* build s-expression for signature */
1394 size = sizeof (signature->sig_r);
1395 if (0 != (rc = gcry_mpi_scan (&r, GCRYMPI_FMT_USG,
1396 signature->sig_r, size, &size)))
1398 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1399 return GNUNET_SYSERR;
1401 size = sizeof (signature->sig_s);
1402 if (0 != (rc = gcry_mpi_scan (&s, GCRYMPI_FMT_USG,
1403 signature->sig_s, size, &size)))
1405 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1406 gcry_mpi_release (r);
1407 return GNUNET_SYSERR;
1409 if (0 != (rc = gcry_sexp_build (&sig_sexpr, &erroff, "(sig-val(ecdsa(r %m)(s %m)))",
1412 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
1413 gcry_mpi_release (r);
1414 gcry_mpi_release (s);
1415 return GNUNET_SYSERR;
1417 gcry_mpi_release (r);
1418 gcry_mpi_release (s);
1420 /* build s-expression for data that was signed */
1421 data = data_to_pkcs1 (purpose);
1423 /* create context of public key and initialize Q */
1424 size = sizeof (verification_key->q_x);
1425 if (0 != (rc = gcry_mpi_scan (&q_x, GCRYMPI_FMT_USG,
1426 verification_key->q_x, size, &size)))
1428 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1429 gcry_sexp_release (data);
1430 gcry_sexp_release (sig_sexpr);
1431 return GNUNET_SYSERR;
1433 size = sizeof (verification_key->q_y);
1434 if (0 != (rc = gcry_mpi_scan (&q_y, GCRYMPI_FMT_USG,
1435 verification_key->q_y, size, &size)))
1437 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1438 gcry_sexp_release (data);
1439 gcry_sexp_release (sig_sexpr);
1440 gcry_mpi_release (q_x);
1441 return GNUNET_SYSERR;
1443 q = gcry_mpi_point_new (256);
1444 ONE = gcry_mpi_new (1);
1445 gcry_mpi_set_ui (ONE, 1);
1446 gcry_mpi_point_set (q, q_x, q_y, ONE); /* FIXME: convenience function 'set_affine'? */
1447 gcry_mpi_release (ONE);
1448 gcry_mpi_release (q_x);
1449 gcry_mpi_release (q_y);
1451 /* create basic ECC context */
1452 if (0 != (rc = gcry_mpi_ec_new (&ctx, NULL, "NIST P-256")))
1454 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_ec_new", rc); /* erroff gives more info */
1455 gcry_sexp_release (data);
1456 gcry_sexp_release (sig_sexpr);
1457 gcry_mpi_point_release (q);
1458 return GNUNET_SYSERR;
1460 /* initialize 'ctx' with 'q' */
1461 gcry_mpi_ec_set_point ("q", q, ctx);
1462 gcry_mpi_point_release (q);
1464 /* convert 'ctx' to 'sexp' (this hurts) */
1465 if (0 != (rc = gcry_sexp_from_context (&pk_sexpr, ctx)))
1467 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_from_context", rc);
1468 gcry_ctx_release (ctx);
1469 gcry_sexp_release (data);
1470 gcry_sexp_release (sig_sexpr);
1471 return GNUNET_SYSERR;
1473 gcry_ctx_release (ctx);
1475 /* finally, verify the signature */
1476 rc = gcry_pk_verify (sig_sexpr, data, pk_sexpr);
1477 gcry_sexp_release (sig_sexpr);
1478 gcry_sexp_release (data);
1479 gcry_sexp_release (pk_sexpr);
1482 LOG (GNUNET_ERROR_TYPE_WARNING,
1483 _("ECDSA signature verification failed at %s:%d: %s\n"), __FILE__,
1484 __LINE__, gcry_strerror (rc));
1485 return GNUNET_SYSERR;
1495 * Get the identifier (public key) of a pseudonym.
1497 * @param ph pseudonym handle with the private key
1498 * @param pseudonym pseudonym identifier (set based on 'ph')
1501 GNUNET_PSEUDONYM_get_identifier (struct GNUNET_PseudonymHandle *ph,
1502 struct GNUNET_PseudonymIdentifier *pseudonym)
1504 memcpy (pseudonym, &ph->public_key,
1505 sizeof (struct GNUNET_PseudonymIdentifier));
1510 * Remove pseudonym from the set of known pseudonyms.
1512 * @param cfg overall configuration
1513 * @param id the pseudonym identifier
1514 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
1517 GNUNET_PSEUDONYM_remove (const struct GNUNET_CONFIGURATION_Handle *cfg,
1518 const struct GNUNET_PseudonymIdentifier *id)
1523 fn = get_data_filename (cfg, PS_METADATA_DIR, id);
1525 return GNUNET_SYSERR;
1526 result = UNLINK (fn);
1528 return (0 == result) ? GNUNET_OK : GNUNET_SYSERR;
1531 /* end of pseudonym.c */