*
* @param pow proof of work
* @param matching_bits how many bits must match (configuration)
- * @return number of epochs valid if the @a pow is acceptable, -1 if not
+ * @param epoch_length length of single epoch in configuration
+ * @return GNUNET_YES if the @a pow is acceptable, GNUNET_NO if not
*/
int
GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
- unsigned int matching_bits);
+ unsigned int matching_bits,
+ struct GNUNET_TIME_Relative epoch_length);
struct GNUNET_CRYPTO_EcdsaPublicKey key;
const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
struct GNUNET_REVOCATION_PowCalculationHandle *ph = NULL;
- int epochs;
el = NULL;
if (NULL == ego)
GNUNET_free (pow);
return;
}
- if (0 < (epochs =
+ if (GNUNET_YES ==
GNUNET_REVOCATION_check_pow (pow,
- (unsigned int) matching_bits)))
+ (unsigned int) matching_bits,
+ epoch_length))
{
- struct GNUNET_TIME_Absolute ts;
- struct GNUNET_TIME_Relative ttl;
- ts = GNUNET_TIME_absolute_ntoh (pow->timestamp);
- ttl = GNUNET_TIME_relative_multiply (epoch_length,
- epochs);
fprintf (stderr, "%s", _ ("Revocation certificate ready\n"));
- fprintf (stderr, "%s %s for %s\n", _ ("Valid from"),
- GNUNET_STRINGS_absolute_time_to_string (ts),
- GNUNET_STRINGS_relative_time_to_string (ttl, GNUNET_NO));
if (perform)
perform_revocation (pow);
else
return;
}
GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
- if (0 >=
+ if (GNUNET_YES !=
GNUNET_REVOCATION_check_pow (&pow,
- (unsigned int) matching_bits))
+ (unsigned int) matching_bits,
+ epoch_length))
{
struct GNUNET_REVOCATION_PowCalculationHandle *ph;
ph = GNUNET_REVOCATION_pow_init2 (&pow,
*/
static unsigned long long revocation_work_required;
+/**
+ * Length of an expiration expoch
+ */
+static struct GNUNET_TIME_Relative epoch_length;
+
/**
* Our application ID for set union operations. Must be the
* same for all (compatible) peers.
static int
verify_revoke_message (const struct RevokeMessage *rm)
{
- if (0 >= GNUNET_REVOCATION_check_pow (&rm->proof_of_work,
- (unsigned int) revocation_work_required))
+ if (GNUNET_YES != GNUNET_REVOCATION_check_pow (&rm->proof_of_work,
+ (unsigned int) revocation_work_required,
+ epoch_length))
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Proof of work invalid!\n");
GNUNET_free (fn);
return;
}
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_time (cfg,
+ "REVOCATION",
+ "EPOCH_LENGTH",
+ &epoch_length))
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+ "REVOCATION",
+ "EPOCH_LENGTH");
+ GNUNET_SCHEDULER_shutdown ();
+ GNUNET_free (fn);
+ return;
+ }
+
revocation_set = GNUNET_SET_create (cfg,
GNUNET_SET_OPERATION_UNION);
revocation_union_listen_handle
struct InternalContext
{
unsigned int matching_bits;
+ struct GNUNET_TIME_Relative epoch_length;
};
}
if (0 >=
GNUNET_REVOCATION_check_pow (&rm->proof_of_work,
- ic->matching_bits))
+ ic->matching_bits,
+ ic->epoch_length))
{
GNUNET_break_op (0);
return GNUNET_BLOCK_EVALUATION_RESULT_INVALID;
struct GNUNET_BLOCK_PluginFunctions *api;
struct InternalContext *ic;
unsigned long long matching_bits;
+ struct GNUNET_TIME_Relative epoch_length;
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_number (cfg,
"WORKBITS",
&matching_bits))
return NULL;
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_time (cfg,
+ "REVOCATION",
+ "EPOCH_LENGTH",
+ &epoch_length))
+ return NULL;
api = GNUNET_new (struct GNUNET_BLOCK_PluginFunctions);
api->evaluate = &block_plugin_revocation_evaluate;
api->types = types;
ic = GNUNET_new (struct InternalContext);
ic->matching_bits = (unsigned int) matching_bits;
+ ic->epoch_length = epoch_length;
api->cls = ic;
return api;
}
GNUNET_MQ_handler_end ()
};
unsigned long long matching_bits;
+ struct GNUNET_TIME_Relative epoch_length;
struct RevokeMessage *rm;
struct GNUNET_MQ_Envelope *env;
- if ((GNUNET_OK ==
+ if ((GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_number (cfg,
"REVOCATION",
"WORKBITS",
- &matching_bits)) &&
- (0 >= GNUNET_REVOCATION_check_pow (pow, (unsigned int) matching_bits)))
+ &matching_bits)))
+ {
+ GNUNET_break (0);
+ GNUNET_free (h);
+ return NULL;
+ }
+ if ((GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_time (cfg,
+ "REVOCATION",
+ "EPOCH_LENGTH",
+ &epoch_length)))
+ {
+ GNUNET_break (0);
+ GNUNET_free (h);
+ return NULL;
+ }
+ if (GNUNET_YES != GNUNET_REVOCATION_check_pow (pow,
+ (unsigned int) matching_bits,
+ epoch_length))
{
GNUNET_break (0);
GNUNET_free (h);
return NULL;
}
+
+
h->mq = GNUNET_CLIENT_connect (cfg,
"revocation",
handlers,
* @param ts revocation timestamp
* @param pow proof of work value
* @param matching_bits how many bits must match (configuration)
- * @return number of epochs valid if the @a pow is acceptable, -1 if not
+ * @return GNUNET_YES if the @a pow is acceptable, GNUNET_NO if not
*/
int
GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
- unsigned int difficulty)
+ unsigned int difficulty,
+ struct GNUNET_TIME_Relative epoch_length)
{
char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)
+ sizeof (uint64_t)
+ sizeof (uint64_t)] GNUNET_ALIGN;
struct GNUNET_HashCode result;
+ struct GNUNET_TIME_Absolute ts;
+ struct GNUNET_TIME_Absolute exp;
+ struct GNUNET_TIME_Relative ttl;
+ struct GNUNET_TIME_Relative buffer;
unsigned int score = 0;
unsigned int tmp_score = 0;
unsigned int epochs;
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Proof of work signature invalid!\n");
- return -1;
+ return GNUNET_NO;
}
/**
for (unsigned int j = i + 1; j < POW_COUNT; j++)
{
if (pow->pow[i] == pow->pow[j])
- return -1;
+ return GNUNET_NO;
}
}
GNUNET_memcpy (&buf[sizeof(uint64_t)],
}
score = score / POW_COUNT;
if (score < difficulty)
- return -1;
+ return GNUNET_NO;
epochs = score - difficulty;
- return epochs;
+
+ /**
+ * Check expiration
+ */
+ ts = GNUNET_TIME_absolute_ntoh (pow->timestamp);
+ ttl = GNUNET_TIME_relative_multiply (epoch_length,
+ epochs);
+ /**
+ * Extend by 10% for unsynchronized clocks
+ */
+ buffer = GNUNET_TIME_relative_divide (epoch_length,
+ 10);
+ ts = GNUNET_TIME_absolute_subtract (ts,
+ buffer);
+
+ if (0 != GNUNET_TIME_absolute_get_remaining (ts).rel_value_us)
+ return GNUNET_NO; /* Not yet valid. */
+ /* Revert to actual start time */
+ ts = GNUNET_TIME_absolute_add (ts,
+ buffer);
+
+ exp = GNUNET_TIME_absolute_add (ts, ttl);
+ exp = GNUNET_TIME_absolute_add (exp,
+ buffer);
+
+ if (0 == GNUNET_TIME_absolute_get_remaining (exp).rel_value_us)
+ return GNUNET_NO; /* expired */
+ return GNUNET_YES;
}
projects / oweals / gnunet.git / commitdiff