* @param key public key of the key to revoke
* @param sig signature to use on the revocation (should have been
* created using #GNUNET_REVOCATION_sign_revocation).
+ * @param ts revocation timestamp
* @param pow proof of work to use (should have been created by
* iteratively calling #GNUNET_REVOCATION_check_pow)
* @param func funtion to call with the result of the check
GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg,
const struct GNUNET_CRYPTO_EcdsaPublicKey *key,
const struct GNUNET_CRYPTO_EcdsaSignature *sig,
+ const struct GNUNET_TIME_Absolute *ts,
uint64_t pow,
GNUNET_REVOCATION_Callback func, void *func_cls);
* would be acceptable for revoking the given key.
*
* @param key key to check for
+ * @param ts revocation timestamp
* @param pow proof of work value
* @param matching_bits how many bits must match (configuration)
* @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not
*/
int
GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EcdsaPublicKey *key,
+ const struct GNUNET_TIME_Absolute *ts,
uint64_t pow,
unsigned int matching_bits);
*/
struct GNUNET_CRYPTO_EcdsaSignature sig;
+ /**
+ * Time of revocation
+ */
+ struct GNUNET_TIME_AbsoluteNBO ts;
+
/**
* Proof of work (in NBO).
*/
static void
perform_revocation (const struct RevocationData *rd)
{
+ struct GNUNET_TIME_Absolute ts;
+
+ ts = GNUNET_TIME_absolute_ntoh (rd->ts);
h = GNUNET_REVOCATION_revoke (cfg,
&rd->key,
&rd->sig,
+ &ts,
rd->pow,
&print_revocation_result,
NULL);
calculate_pow (void *cls)
{
struct RevocationData *rd = cls;
+ struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_ntoh (rd->ts);
/* store temporary results */
pow_task = NULL;
/* actually do POW calculation */
rd->pow++;
if (GNUNET_OK == GNUNET_REVOCATION_check_pow (&rd->key,
+ &ts,
rd->pow,
(unsigned int) matching_bits))
{
{
struct RevocationData *rd;
struct GNUNET_CRYPTO_EcdsaPublicKey key;
+ struct GNUNET_TIME_Absolute ts;
el = NULL;
if (NULL == ego)
ego),
&rd->sig);
rd->key = key;
+ rd->ts = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ());
}
+ ts = GNUNET_TIME_absolute_ntoh (rd->ts);
if (GNUNET_YES ==
- GNUNET_REVOCATION_check_pow (&key, rd->pow, (unsigned int) matching_bits))
+ GNUNET_REVOCATION_check_pow (&key,
+ &ts,
+ rd->pow,
+ (unsigned int) matching_bits))
{
fprintf (stderr, "%s", _ ("Revocation certificate ready\n"));
if (perform)
{
struct GNUNET_CRYPTO_EcdsaPublicKey pk;
struct RevocationData rd;
+ struct GNUNET_TIME_Absolute ts;
cfg = c;
if (NULL != test_ego)
return;
}
GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
+ ts = GNUNET_TIME_absolute_ntoh (rd.ts);
if (GNUNET_YES !=
GNUNET_REVOCATION_check_pow (&rd.key,
+ &ts,
rd.pow,
(unsigned int) matching_bits))
{
static int
verify_revoke_message (const struct RevokeMessage *rm)
{
+ struct GNUNET_TIME_Absolute ts;
+ ts = GNUNET_TIME_absolute_ntoh (rm->ts);
if (GNUNET_YES !=
GNUNET_REVOCATION_check_pow (&rm->public_key,
+ &ts,
rm->proof_of_work,
(unsigned int) revocation_work_required))
{
struct InternalContext *ic = cls;
struct GNUNET_HashCode chash;
const struct RevokeMessage *rm = reply_block;
+ struct GNUNET_TIME_Absolute ts;
if (NULL == reply_block)
return GNUNET_BLOCK_EVALUATION_REQUEST_VALID;
GNUNET_break_op (0);
return GNUNET_BLOCK_EVALUATION_RESULT_INVALID;
}
+ ts = GNUNET_TIME_absolute_ntoh (rm->ts);
if (GNUNET_YES !=
GNUNET_REVOCATION_check_pow (&rm->public_key,
+ &ts,
rm->proof_of_work,
ic->matching_bits))
{
*/
uint32_t reserved GNUNET_PACKED;
+ /**
+ * Timestamp
+ */
+ struct GNUNET_TIME_AbsoluteNBO ts;
+
/**
* Number that causes a hash collision with the @e public_key.
*/
* @param key public key of the key to revoke
* @param sig signature to use on the revocation (should have been
* created using #GNUNET_REVOCATION_sign_revocation).
+ * @param ts revocation timestamp
* @param pow proof of work to use (should have been created by
* iteratively calling #GNUNET_REVOCATION_check_pow)
* @param func funtion to call with the result of the check
GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg,
const struct GNUNET_CRYPTO_EcdsaPublicKey *key,
const struct GNUNET_CRYPTO_EcdsaSignature *sig,
+ const struct GNUNET_TIME_Absolute *ts,
uint64_t pow,
GNUNET_REVOCATION_Callback func,
void *func_cls)
&matching_bits)) &&
(GNUNET_YES !=
GNUNET_REVOCATION_check_pow (key,
+ ts,
pow,
(unsigned int) matching_bits)))
{
* would be acceptable for revoking the given key.
*
* @param key key to check for
+ * @param ts revocation timestamp
* @param pow proof of work value
* @param matching_bits how many bits must match (configuration)
* @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not
*/
int
GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EcdsaPublicKey *key,
+ const struct GNUNET_TIME_Absolute *ts,
uint64_t pow,
unsigned int matching_bits)
{
char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)
- + sizeof(pow)] GNUNET_ALIGN;
+ + sizeof(pow)
+ + sizeof (struct GNUNET_TIME_AbsoluteNBO)] GNUNET_ALIGN;
struct GNUNET_HashCode result;
+ struct GNUNET_TIME_AbsoluteNBO ts_nbo;
- GNUNET_memcpy (buf, &pow, sizeof(pow));
+ ts_nbo = GNUNET_TIME_absolute_hton (*ts);
+
+ GNUNET_memcpy (buf, &pow, sizeof(pow)) ;
GNUNET_memcpy (&buf[sizeof(pow)], key,
sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey));
+ GNUNET_memcpy (&buf[sizeof(pow) + sizeof (struct GNUNET_TIME_AbsoluteNBO)],
+ &ts_nbo,
+ sizeof (struct GNUNET_TIME_AbsoluteNBO));
+
GNUNET_CRYPTO_pow_hash ("gnunet-revocation-proof-of-work",
buf,
sizeof(buf),
struct GNUNET_HashCode *result)
{
#ifdef LSD0001
- char twofish_iv[128 / 8]; // 128 bit IV
- char twofish_key[256 / 8]; // 256 bit Key
- char rbuf[buf_len];
- int rc;
- gcry_cipher_hd_t handle;
-
GNUNET_break (ARGON2_OK == argon2d_hash_raw (3, /* iterations */
1024, /* memory (1 MiB) */
1, /* threads */
buf_len,
salt,
strlen (salt),
- &twofish_key,
- sizeof (twofish_key)));
-
- GNUNET_CRYPTO_kdf (twofish_iv,
- sizeof (twofish_iv),
- "gnunet-proof-of-work-iv",
- strlen ("gnunet-proof-of-work-iv"),
- twofish_key,
- sizeof(twofish_key),
- salt,
- strlen (salt),
- NULL, 0);
- GNUNET_assert (0 ==
- gcry_cipher_open (&handle, GCRY_CIPHER_TWOFISH,
- GCRY_CIPHER_MODE_CFB, 0));
- rc = gcry_cipher_setkey (handle,
- twofish_key,
- sizeof(twofish_key));
- GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
- rc = gcry_cipher_setiv (handle,
- twofish_iv,
- sizeof(twofish_iv));
- GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
- GNUNET_assert (0 == gcry_cipher_encrypt (handle, &rbuf, buf_len, buf,
- buf_len));
- gcry_cipher_close (handle);
- GNUNET_break (ARGON2_OK == argon2d_hash_raw (3, /* iterations */
- 1024, /* memory (1 MiB) */
- 1, /* threads */
- rbuf,
- buf_len,
- salt,
- strlen (salt),
result,
sizeof (struct
GNUNET_HashCode)));
projects / oweals / gnunet.git / commitdiff