- add signature check

diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index 4f06806d1e2cce8c85f1949c8f0848415b8f7bfc..272ccebdf20f0cb87c5a7fa1679a715a1f5388f4 100644 (file)
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -434,7 +434,7 @@ handle_credential_query (void* cls,
     GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head,
                                       vrh->cred_chain_tail,
                                       cr_entry);
-    /*if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL, 
+    if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL, 
                                                &crd->purpose,
                                                &crd->sig,
                                                &crd->issuer_key))
@@ -442,7 +442,7 @@ handle_credential_query (void* cls,
       GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
                   "Invalid credential found\n");
       continue;
-    }*/
+    }
     if (0 != memcmp (&crd->issuer_key,
                      &vrh->issuer_key,
                      sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))

diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
index ff95ec119bab0078a1912a97a16cc2b740aea72d..90ac393d017d3d2f62da4128b798dae19dfb6a77 100644 (file)
--- a/src/credential/plugin_gnsrecord_credential.c
+++ b/src/credential/plugin_gnsrecord_credential.c
@@ -182,8 +182,8 @@ credential_string_to_value (void *cls,
         cred->sig = *sig;
         cred->expiration = GNUNET_htonll (etime_abs.abs_value_us);
         cred->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
-        cred->purpose.size = strlen (name) + 1 + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
-                             sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey) + sizeof (uint64_t);
+        cred->purpose.size = htonl (strlen (name) + 1 + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
+                             sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey) + sizeof (uint64_t));
         GNUNET_free (sig);
         GNUNET_memcpy (&cred[1],
                        name,

diff --git a/src/credential/test_credential_verify_simple.sh b/src/credential/test_credential_verify_simple.sh
index ce0a2207af5d34d4144c846b14de8e2fc32bd5aa..2fac4659e959f75521fc184aa7ffc565f1924a15 100755 (executable)
--- a/src/credential/test_credential_verify_simple.sh
+++ b/src/credential/test_credential_verify_simple.sh
@@ -19,7 +19,7 @@ rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
 
 
 which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
-gnunet-arm -s -c test_credential_lookup.conf
+#gnunet-arm -s -c test_credential_lookup.conf
 gnunet-identity -C testissuer -c test_credential_lookup.conf
 gnunet-identity -C testsubject -c test_credential_lookup.conf
 
@@ -45,6 +45,6 @@ if [ "$RES_CRED" == "Successful." ]
 then
   exit 0
 else
-  echo "FAIL: Failed to verify credential $RES_IP."
+  echo "FAIL: Failed to verify credential."
   exit 1
 fi