rd.data_size = sizeof(struct in_addr);
rd.data = web;
rd.record_type = GNUNET_DNSPARSER_TYPE_A;
- sig = GNUNET_NAMESTORE_create_signature(bob_key, TEST_RECORD_NAME,
+
+ sig = GNUNET_NAMESTORE_create_signature(bob_key, GNUNET_TIME_absolute_get_forever(), TEST_RECORD_NAME,
&rd, 1);
rd_payload_length = GNUNET_NAMESTORE_records_get_size (1, &rd);
nrb = GNUNET_malloc(rd_payload_length + strlen(TEST_RECORD_NAME) + 1
/* put alice into bobs zone */
GNUNET_CRYPTO_hash(&alice_pkey, sizeof(alice_pkey), &alice_hash);
rd.data = &alice_hash;
- sig = GNUNET_NAMESTORE_create_signature(bob_key, TEST_AUTHORITY_ALICE,
+ sig = GNUNET_NAMESTORE_create_signature(bob_key, GNUNET_TIME_absolute_get_forever(), TEST_AUTHORITY_ALICE,
&rd, 1);
GNUNET_NAMESTORE_record_put (namestore_handle,
rd.data_size = sizeof(struct in_addr);
rd.data = web;
rd.record_type = GNUNET_DNSPARSER_TYPE_A;
- sig = GNUNET_NAMESTORE_create_signature(alice_key, TEST_RECORD_NAME,
+ sig = GNUNET_NAMESTORE_create_signature(alice_key,GNUNET_TIME_absolute_get_forever(), TEST_RECORD_NAME,
&rd, 1);
GNUNET_NAMESTORE_record_put (namestore_handle,
rd.record_type = GNUNET_GNS_RECORD_PSEU;
GNUNET_free(sig);
- sig = GNUNET_NAMESTORE_create_signature(alice_key, "",
+ sig = GNUNET_NAMESTORE_create_signature(alice_key,GNUNET_TIME_absolute_get_forever(), "",
&rd, 1);
GNUNET_NAMESTORE_record_put (namestore_handle,
* to validate signatures received from the network.
*
* @param public_key public key of the zone
+ * @param expire block expiration
* @param name name that is being mapped (at most 255 characters long)
* @param rd_count number of entries in 'rd' array
* @param rd array of records with data to store
*/
int
GNUNET_NAMESTORE_verify_signature (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *public_key,
- const char *name,
- unsigned int rd_count,
- const struct GNUNET_NAMESTORE_RecordData *rd,
- const struct GNUNET_CRYPTO_RsaSignature *signature);
+ const struct GNUNET_TIME_Absolute expire,
+ const char *name,
+ unsigned int rd_count,
+ const struct GNUNET_NAMESTORE_RecordData *rd,
+ const struct GNUNET_CRYPTO_RsaSignature *signature);
/**
}
+struct GNUNET_TIME_Absolute
+get_block_expiration_time (unsigned int rd_count, const struct GNUNET_NAMESTORE_RecordData *rd)
+{
+ int c;
+ struct GNUNET_TIME_Absolute expire = GNUNET_TIME_absolute_get_forever();
+ if (NULL == rd)
+ return GNUNET_TIME_absolute_get_zero();
+ for (c = 0; c < rd_count; c++)
+ {
+ if (rd[c].expiration.abs_value < expire.abs_value)
+ expire = rd[c].expiration;
+ }
+ return expire;
+}
+
/**
* Task run during shutdown.
*
snc = NULL;
GNUNET_CONTAINER_multihashmap_iterate(zonekeys, &zone_to_disk_it, NULL);
+ GNUNET_CONTAINER_multihashmap_destroy(zonekeys);
for (nc = client_head; nc != NULL; nc = next)
{
struct GNUNET_NAMESTORE_RecordData *rd_selected = NULL;
struct GNUNET_NAMESTORE_CryptoContainer *cc;
struct GNUNET_CRYPTO_RsaSignature *signature_new = NULL;
+ struct GNUNET_TIME_Absolute e;
GNUNET_HashCode zone_key_hash;
char *rd_tmp;
char *name_tmp;
if (GNUNET_CONTAINER_multihashmap_contains(zonekeys, &zone_key_hash))
{
cc = GNUNET_CONTAINER_multihashmap_get(zonekeys, &zone_key_hash);
- signature_new = GNUNET_NAMESTORE_create_signature(cc->privkey, name, rd, rd_count);
+ e = get_block_expiration_time(rd_count, rd);
+ signature_new = GNUNET_NAMESTORE_create_signature(cc->privkey, e, name, rd, rd_count);
GNUNET_assert (signature_new != NULL);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating signature for name `%s' with %u records in zone `%s'\n",name, copied_elements, GNUNET_h2s(&zone_key_hash));
authoritative = GNUNET_YES;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "I am not authoritative for name `%s' in zone `%s'\n",name, GNUNET_h2s(&zone_key_hash));
}
- if (rd_selected != rd)
- GNUNET_free (rd_selected);
-
r_size = sizeof (struct LookupNameResponseMessage) +
sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded) +
name_len +
lnr_msg->rd_count = htons (copied_elements);
lnr_msg->rd_len = htons (rd_ser_len);
lnr_msg->name_len = htons (name_len);
- lnr_msg->expire = GNUNET_TIME_absolute_hton(expire);
+ lnr_msg->expire = GNUNET_TIME_absolute_hton(get_block_expiration_time(copied_elements, rd_selected));
+
+ if (rd_selected != rd)
+ GNUNET_free (rd_selected);
if (zone_key != NULL)
lnr_msg->public_key = (*zone_key);
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received `%s' message\n", "NAMESTORE_RECORD_CREATE");
struct GNUNET_NAMESTORE_Client *nc;
+ struct GNUNET_NAMESTORE_CryptoContainer *cc;
struct CreateRecordContext crc;
struct GNUNET_CRYPTO_RsaPrivateKey *pkey;
struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub;
GNUNET_CRYPTO_rsa_key_get_public(pkey, &pub);
GNUNET_CRYPTO_hash (&pub, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &pubkey_hash);
+ if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains(zonekeys, &pubkey_hash))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received new private key for zone `%s'\n",GNUNET_h2s(&pubkey_hash));
+
+ cc = GNUNET_malloc (sizeof (struct GNUNET_NAMESTORE_CryptoContainer));
+ cc->privkey = GNUNET_CRYPTO_rsa_decode_key((char *) pkey_tmp, key_len);
+ cc->pubkey = GNUNET_malloc(sizeof (pub));
+ memcpy (cc->pubkey, &pub, sizeof(pub));
+ cc->zone = pubkey_hash;
+
+ GNUNET_CONTAINER_multihashmap_put(zonekeys, &pubkey_hash, cc, GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
+ }
+
crc.expire = GNUNET_TIME_absolute_ntoh(rp_msg->expire);
crc.res = GNUNET_SYSERR;
crc.pkey = pkey;
if (res != GNUNET_SYSERR)
res = GNUNET_OK;
GNUNET_CRYPTO_rsa_key_free(pkey);
+ pkey = NULL;
/* Send response */
send:
struct GNUNET_NAMESTORE_Client *nc;
struct RecordRemoveResponseMessage rrr_msg;
struct GNUNET_CRYPTO_RsaPrivateKey *pkey;
+ struct GNUNET_NAMESTORE_CryptoContainer *cc = NULL;
struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub;
GNUNET_HashCode pubkey_hash;
char * pkey_tmp = NULL;
GNUNET_CRYPTO_rsa_key_get_public(pkey, &pub);
GNUNET_CRYPTO_hash (&pub, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &pubkey_hash);
+ if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains(zonekeys, &pubkey_hash))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received new private key for zone `%s'\n",GNUNET_h2s(&pubkey_hash));
+ cc = GNUNET_malloc (sizeof (struct GNUNET_NAMESTORE_CryptoContainer));
+ cc->privkey = GNUNET_CRYPTO_rsa_decode_key((char *) pkey_tmp, key_len);
+ cc->pubkey = GNUNET_malloc(sizeof (pub));
+ memcpy (cc->pubkey, &pub, sizeof(pub));
+ cc->zone = pubkey_hash;
+
+ GNUNET_CONTAINER_multihashmap_put(zonekeys, &pubkey_hash, cc, GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
+ }
+
struct GNUNET_NAMESTORE_RecordData rd[rd_count];
res = GNUNET_NAMESTORE_records_deserialize(rd_ser_len, rd_ser, rd_count, rd);
if ((res != GNUNET_OK) || (rd_count != 1))
struct GNUNET_NAMESTORE_Client *nc = zi->client;
struct GNUNET_NAMESTORE_CryptoContainer * cc;
struct GNUNET_CRYPTO_RsaSignature *signature_new = NULL;
+ struct GNUNET_TIME_Absolute e;
GNUNET_HashCode zone_key_hash;
int authoritative = GNUNET_NO;
if (GNUNET_CONTAINER_multihashmap_contains(zonekeys, &zone_key_hash))
{
cc = GNUNET_CONTAINER_multihashmap_get(zonekeys, &zone_key_hash);
- signature_new = GNUNET_NAMESTORE_create_signature(cc->privkey, name, rd, rd_count);
+ e = get_block_expiration_time(rd_count, rd);
+ expire = e;
+ signature_new = GNUNET_NAMESTORE_create_signature(cc->privkey, e, name, rd, rd_count);
GNUNET_assert (signature_new != NULL);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating signature for name `%s' with %u records in zone `%s'\n",name, rd_count, GNUNET_h2s(&zone_key_hash));
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating signature for `%s' in zone `%s' with %u records and expiration %llu\n", name, GNUNET_h2s(&zone_key_hash), rd_count, e.abs_value);
authoritative = GNUNET_YES;
}
#define GNUNET_MESSAGE_TYPE_NAMESTORE_ZONE_ITERATION_STOP 448
/**
- * Create a signature based on name and records
+ * Sign name and records
*
* @param key the private key
+ * @param expire block expiration
* @param name the name
* @param rd record data
* @param rd_count number of records
*/
struct GNUNET_CRYPTO_RsaSignature *
GNUNET_NAMESTORE_create_signature (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
- const char *name,
- const struct GNUNET_NAMESTORE_RecordData *rd,
- unsigned int rd_count);
+ struct GNUNET_TIME_Absolute expire,
+ const char *name,
+ const struct GNUNET_NAMESTORE_RecordData *rd,
+ unsigned int rd_count);
/**
* Compares if two records are equal
* to validate signatures received from the network.
*
* @param public_key public key of the zone
+ * @param expire block expiration
* @param name name that is being mapped (at most 255 characters long)
* @param rd_count number of entries in 'rd' array
* @param rd array of records with data to store
*/
int
GNUNET_NAMESTORE_verify_signature (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *public_key,
+ const struct GNUNET_TIME_Absolute expire,
const char *name,
unsigned int rd_count,
const struct GNUNET_NAMESTORE_RecordData *rd,
char * name_tmp;
char * rd_tmp;
struct GNUNET_CRYPTO_RsaSignaturePurpose *sig_purpose;
+ struct GNUNET_TIME_AbsoluteNBO *expire_tmp;
+ struct GNUNET_TIME_AbsoluteNBO expire_nbo = GNUNET_TIME_absolute_hton(expire);
GNUNET_assert (public_key != NULL);
GNUNET_assert (name != NULL);
return GNUNET_SYSERR;
}
- sig_purpose = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + rd_ser_len + name_len);
+ sig_purpose = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + sizeof (struct GNUNET_TIME_AbsoluteNBO) + rd_ser_len + name_len);
sig_purpose->size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose)+ rd_ser_len + name_len);
sig_purpose->purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN);
- name_tmp = (char *) &sig_purpose[1];
+ expire_tmp = (struct GNUNET_TIME_AbsoluteNBO *) &sig_purpose[1];
+ name_tmp = (char *) &expire_tmp[1];
rd_tmp = &name_tmp[name_len];
+ memcpy (expire_tmp, &expire_nbo, sizeof (struct GNUNET_TIME_AbsoluteNBO));
memcpy (name_tmp, name, name_len);
memcpy (rd_tmp, rd_ser, rd_ser_len);
* Sign name and records
*
* @param key the private key
+ * @param expire block expiration
* @param name the name
* @param rd record data
* @param rd_count number of records
*/
struct GNUNET_CRYPTO_RsaSignature *
GNUNET_NAMESTORE_create_signature (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
+ struct GNUNET_TIME_Absolute expire,
const char *name,
const struct GNUNET_NAMESTORE_RecordData *rd,
unsigned int rd_count)
{
struct GNUNET_CRYPTO_RsaSignature *sig = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignature));
struct GNUNET_CRYPTO_RsaSignaturePurpose *sig_purpose;
+ struct GNUNET_TIME_AbsoluteNBO expire_nbo = GNUNET_TIME_absolute_hton(expire);
size_t rd_ser_len;
size_t name_len;
+
+ struct GNUNET_TIME_AbsoluteNBO *expire_tmp;
char * name_tmp;
char * rd_tmp;
int res;
char rd_ser[rd_ser_len];
GNUNET_NAMESTORE_records_serialize(rd_count, rd, rd_ser_len, rd_ser);
- sig_purpose = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + rd_ser_len + name_len);
-
+ sig_purpose = GNUNET_malloc(sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + sizeof (struct GNUNET_TIME_AbsoluteNBO) + rd_ser_len + name_len);
sig_purpose->size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose)+ rd_ser_len + name_len);
sig_purpose->purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN);
- name_tmp = (char *) &sig_purpose[1];
+ expire_tmp = (struct GNUNET_TIME_AbsoluteNBO *) &sig_purpose[1];
+ name_tmp = (char *) &expire_tmp[1];
rd_tmp = &name_tmp[name_len];
+ memcpy (expire_tmp, &expire_nbo, sizeof (struct GNUNET_TIME_AbsoluteNBO));
memcpy (name_tmp, name, name_len);
memcpy (rd_tmp, rd_ser, rd_ser_len);
}
}
- if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, n, rd_count, rd, signature))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, expire, n, rd_count, rd, signature))
{
GNUNET_break (0);
failed = GNUNET_YES;
}
- if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, n, rd_count, rd, signature))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, n, rd_count, rd, signature))
{
GNUNET_break (0);
failed = GNUNET_YES;
struct GNUNET_NAMESTORE_RecordData rd_new[2];
rd_new[0] = *s_first_record;
rd_new[1] = *s_second_record;
- s_signature_updated = GNUNET_NAMESTORE_create_signature(privkey, s_name, rd_new, 2);
+ s_signature_updated = GNUNET_NAMESTORE_create_signature(privkey, expire, s_name, rd_new, 2);
if (0 != memcmp (s_signature_updated, signature, sizeof (struct GNUNET_CRYPTO_RsaSignature)))
{
}
}
- if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, n, rd_count, rd, signature))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire,n, rd_count, rd, signature))
{
GNUNET_break (0);
failed = GNUNET_YES;
char rd_ser[rd_ser_len];
GNUNET_NAMESTORE_records_serialize(1, s_first_record, rd_ser_len, rd_ser);
- s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_first_record, 1);
+ s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_first_record->expiration, s_name, s_first_record, 1);
/* create random zone hash */
GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone);
}
}
- if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, n, rd_count, rd, signature))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, n, rd_count, rd, signature))
{
GNUNET_break (0);
failed = GNUNET_YES;
struct GNUNET_NAMESTORE_RecordData rd_new[2];
rd_new[0] = *s_first_record;
rd_new[1] = *s_second_record;
- s_signature_updated = GNUNET_NAMESTORE_create_signature(privkey, s_name, rd_new, 2);
+ s_signature_updated = GNUNET_NAMESTORE_create_signature(privkey, expire, s_name, rd_new, 2);
if (0 != memcmp (s_signature_updated, signature, sizeof (struct GNUNET_CRYPTO_RsaSignature)))
{
}
}
- if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, n, rd_count, rd, signature))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, n, rd_count, rd, signature))
{
GNUNET_break (0);
failed = GNUNET_YES;
char rd_ser[rd_ser_len];
GNUNET_NAMESTORE_records_serialize(1, s_first_record, rd_ser_len, rd_ser);
- s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_first_record, 1);
+ s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_first_record->expiration, s_name, s_first_record, 1);
/* create random zone hash */
GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone);
GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser);
/* sign */
- s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_rd, RECORDS);
+ s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_rd[0].expiration, s_name, s_rd, RECORDS);
/* create random zone hash */
GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone);
for (c = 0; c < RECORDS-1; c++)
{
- rd[c].expiration = GNUNET_TIME_absolute_get();
+ rd[c].expiration = GNUNET_TIME_absolute_get_zero();
rd[c].record_type = 1;
rd[c].data_size = TEST_RECORD_DATALEN;
rd[c].data = GNUNET_malloc(TEST_RECORD_DATALEN);
GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser);
/* sign */
- s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_rd, RECORDS);
+ s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_rd[RECORDS -1].expiration, s_name, s_rd, RECORDS);
/* create random zone hash */
GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone);
char * s_name = "dummy.dummy.gnunet";
s_rd = create_record (RECORDS);
- signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_rd, RECORDS);
+ signature = GNUNET_NAMESTORE_create_signature(privkey, s_rd[0].expiration, s_name, s_rd, RECORDS);
GNUNET_break (s_rd != NULL);
GNUNET_break (s_name != NULL);
}
}
- if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, n, rd_count, rd, signature))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, n, rd_count, rd, signature))
{
GNUNET_break (0);
failed = GNUNET_YES;
for (c = 1; c < RECORDS; c++)
{
- rd[c].expiration = GNUNET_TIME_absolute_get();
+ rd[c].expiration = GNUNET_TIME_absolute_get_zero();
rd[c].record_type = TEST_RECORD_TYPE;
rd[c].data_size = TEST_RECORD_DATALEN;
rd[c].data = GNUNET_malloc(TEST_RECORD_DATALEN);
GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser);
/* sign */
- s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_rd, RECORDS);
+ s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_rd[0].expiration, s_name, s_rd, RECORDS);
/* create random zone hash */
GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone);
GNUNET_NAMESTORE_records_serialize(RECORDS, s_rd, rd_ser_len, rd_ser);
/* sign */
- s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, s_rd, RECORDS);
+ s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_rd[0].expiration, s_name, s_rd, RECORDS);
/* create random zone hash */
GNUNET_CRYPTO_hash (&pubkey, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &s_zone);
privkey = GNUNET_CRYPTO_rsa_key_create_from_file(hostkey_file);
GNUNET_free (hostkey_file);
GNUNET_assert (privkey != NULL);
+ struct GNUNET_TIME_Absolute expire = GNUNET_TIME_absolute_get();
/* get public key */
GNUNET_CRYPTO_rsa_key_get_public(privkey, &pubkey);
s_name = "dummy.dummy.gnunet";
s_rd = create_record (RECORDS);
- signature = GNUNET_NAMESTORE_create_signature (privkey, s_name, s_rd, RECORDS);
+ signature = GNUNET_NAMESTORE_create_signature (privkey, expire, s_name, s_rd, RECORDS);
GNUNET_assert (signature != NULL);
- res_c = GNUNET_NAMESTORE_verify_signature(&pubkey, s_name, RECORDS, s_rd, signature);
+ res_c = GNUNET_NAMESTORE_verify_signature(&pubkey, expire, s_name, RECORDS, s_rd, signature);
GNUNET_break (res == GNUNET_OK);
GNUNET_free (signature);
- signature = GNUNET_NAMESTORE_create_signature (privkey, s_name, s_rd, RECORDS);
+ signature = GNUNET_NAMESTORE_create_signature (privkey, expire, s_name, s_rd, RECORDS);
GNUNET_break (signature != NULL);
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "FYI: The next warning is intended!\n");
- res_w = GNUNET_NAMESTORE_verify_signature(&pubkey, s_name, RECORDS - 1, s_rd, signature);
+ res_w = GNUNET_NAMESTORE_verify_signature(&pubkey, expire, s_name, RECORDS - 1, s_rd, signature);
GNUNET_break (res_w == GNUNET_SYSERR);
GNUNET_free (signature);
else
{
/* verify signature returned from name store */
- if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, name, rd_count, rd, signature))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature (zone_key, expire, name, rd_count, rd, signature))
{
+ GNUNET_HashCode zone_key_hash;
+ GNUNET_CRYPTO_hash (zone_key, sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &zone_key_hash);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Verifying signature for `%s' in zone `%s' with %u records and expiration %llu failed\n", name, GNUNET_h2s(&zone_key_hash), rd_count, expire.abs_value);
+
failed = GNUNET_YES;
GNUNET_break (0);
}
failed = GNUNET_YES;
GNUNET_break (0);
}
- if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, name, rd_count, rd, signature))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, expire, name, rd_count, rd, signature))
{
failed = GNUNET_YES;
GNUNET_break (0);
GNUNET_asprintf(&s_name_1, "dummy1");
s_rd_1 = create_record(1);
- sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_name_1, s_rd_1, 1);
+ sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_1->expiration, s_name_1, s_rd_1, 1);
GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_1, s_rd_1, &put_cont, NULL);
GNUNET_asprintf(&s_name_2, "dummy2");
s_rd_2 = create_record(1);
- sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_name_2, s_rd_2, 1);
+ sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_2->expiration, s_name_2, s_rd_2, 1);
GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_2, s_rd_2, &put_cont, NULL);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Created record 3\n");
/* name in different zone */
GNUNET_asprintf(&s_name_3, "dummy3");
s_rd_3 = create_record(1);
- sig_3 = GNUNET_NAMESTORE_create_signature(privkey2, s_name_3, s_rd_3, 1);
+ sig_3 = GNUNET_NAMESTORE_create_signature(privkey2, s_rd_3->expiration, s_name_3, s_rd_3, 1);
GNUNET_NAMESTORE_record_put (nsh, &pubkey2, s_name_3, GNUNET_TIME_absolute_get_forever(), 1, s_rd_3, sig_3, &put_cont, NULL);
}
GNUNET_asprintf(&s_name_1, "dummy1");
s_rd_1 = create_record(1);
- sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_name_1, s_rd_1, 1);
+ sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_1[0].expiration ,s_name_1, s_rd_1, 1);
GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_1, s_rd_1, &put_cont, NULL);
GNUNET_asprintf(&s_name_2, "dummy2");
s_rd_2 = create_record(1);
- sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_name_2, s_rd_2, 1);
+ sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_2[0].expiration, s_name_2, s_rd_2, 1);
GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_2, s_rd_2, &put_cont, NULL);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Created record 3\n");
/* name in different zone */
GNUNET_asprintf(&s_name_3, "dummy3");
s_rd_3 = create_record(1);
- sig_3 = GNUNET_NAMESTORE_create_signature(privkey, s_name_3, s_rd_3, 1);
+ sig_3 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_3[0].expiration, s_name_3, s_rd_3, 1);
GNUNET_NAMESTORE_record_put (nsh, &pubkey2, s_name_3, GNUNET_TIME_absolute_get_forever(), 1, s_rd_3, sig_3, &put_cont, NULL);
}
{
/* verify signature returned from name store */
- if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, name, rd_count, rd, signature))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(zone_key, expire, name, rd_count, rd, signature))
{
failed = GNUNET_YES;
GNUNET_break (0);
failed = GNUNET_YES;
GNUNET_break (0);
}
- if (0 != memcmp (signature, sig_1, sizeof (struct GNUNET_CRYPTO_RsaSignature)))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, s_name_1, 1, s_rd_1, signature))
{
failed = GNUNET_YES;
GNUNET_break (0);
GNUNET_break (0);
}
- if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey2, s_name_2, 1, s_rd_2, signature))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey, expire, s_name_2, 1, s_rd_2, signature))
{
failed = GNUNET_YES;
GNUNET_break (0);
failed = GNUNET_YES;
GNUNET_break (0);
}
- if (0 != memcmp (signature, sig_3, sizeof (struct GNUNET_CRYPTO_RsaSignature)))
+ if (GNUNET_OK != GNUNET_NAMESTORE_verify_signature(&pubkey2, expire, s_name_3, 1, s_rd_3, signature))
{
failed = GNUNET_YES;
GNUNET_break (0);
GNUNET_asprintf(&s_name_1, "dummy1");
s_rd_1 = create_record(1);
- sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_name_1, s_rd_1, 1);
+ sig_1 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_1[0].expiration, s_name_1, s_rd_1, 1);
GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_1, s_rd_1, &put_cont, NULL);
GNUNET_asprintf(&s_name_2, "dummy2");
s_rd_2 = create_record(1);
- sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_name_2, s_rd_2, 1);
+ sig_2 = GNUNET_NAMESTORE_create_signature(privkey, s_rd_2[0].expiration, s_name_2, s_rd_2, 1);
GNUNET_NAMESTORE_record_create(nsh, privkey, s_name_2, s_rd_2, &put_cont, NULL);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Created record 3\n");
/* name in different zone */
GNUNET_asprintf(&s_name_3, "dummy3");
s_rd_3 = create_record(1);
- sig_3 = GNUNET_NAMESTORE_create_signature(privkey2, s_name_3, s_rd_3, 1);
+ sig_3 = GNUNET_NAMESTORE_create_signature(privkey2, s_rd_3[0].expiration, s_name_3, s_rd_3, 1);
GNUNET_NAMESTORE_record_put (nsh, &pubkey2, s_name_3, GNUNET_TIME_absolute_get_forever(), 1, s_rd_3, sig_3, &put_cont, NULL);
}
GNUNET_break (NULL != nsh);
expire = GNUNET_TIME_absolute_get ();
- s_signature = GNUNET_NAMESTORE_create_signature(privkey, s_name, &rd, 1);
+ s_signature = GNUNET_NAMESTORE_create_signature(privkey, rd.expiration, s_name, &rd, 1);
GNUNET_NAMESTORE_record_put(nsh, &pubkey, s_name, expire, 1, &rd, s_signature, put_cont, NULL);
GNUNET_free ((void *) rd.data);
projects / oweals / gnunet.git / commitdiff