oweals/gnunet.git
8 years agoUse a uniform random number mod an RSA composites for both
Jeff Burdges [Mon, 30 May 2016 15:54:56 +0000 (15:54 +0000)]
Use a uniform random number mod an RSA composites for both
the blinding factor and the full domain hash.

This resolves an attack against the blinding factor in Taler:

There was  a call to GNUNET_CRYPTO_kdf in
  bkey = rsa_blinding_key_derive (len, bks);
that gives exactly len bits where
  len = GNUNET_CRYPTO_rsa_public_key_len (pkey);

Now r = 2^(len-1)/pkey.n is the probability that a set high bit being
okay, meaning bkey < pkey.n.  It follows that (1-r)/2 of the time bkey >
pkey.n making the effective bkey be
  bkey mod pkey.n = bkey - pkey.n
so the effective bkey has its high bit set with probability r/2.

We expect r to be close to 1/2 if the exchange is honest, but the
exchange can choose r otherwise.

In blind signing, the exchange sees
  B = bkey * S mod pkey.n
On deposit, the exchange sees S so they can compute bkey' = B/S mod
pkey.n for all B they recorded to see if bkey' has it's high bit set.
Also, note the exchange can compute 1/S efficiently since they know the
factors of pkey.n.

I suppose that happens with probability r/(1+r) if its the wrong B, not
completely sure.  If otoh we've the right B, then we've the probability
r/2 of a set high bit in the effective bkey.

Interestingly, r^2-r has a maximum at the default r=1/2 anyways, giving
the wrong and right probabilities 1/3 and 1/4, respectively.

I fear this gives the exchange a meaningful fraction of a bit of
information per coin involved in the transaction.  It sounds damaging if
numerous coins were involved.  And it could run across transactions in
some scenarios.

I suspect we need a more uniform deterministic pseudo-random number
generator for blinding factors.  Just fyi, our old call to
gcry_mpi_randomize had this same problem.

I do not believe this caused a problem for the full domain hash, but
we can fix it easily enough anyways.

8 years agocreate table for test case fixed
Christophe Genevey Metat [Mon, 30 May 2016 15:54:38 +0000 (15:54 +0000)]
create table for test case fixed

8 years ago- Fix #4532
Martin Schanzenbach [Sun, 29 May 2016 11:19:50 +0000 (11:19 +0000)]
- Fix #4532

8 years agobegin to rewritten test case
Christophe Genevey Metat [Fri, 27 May 2016 13:51:30 +0000 (13:51 +0000)]
begin to rewritten test case

8 years ago-fix
Martin Schanzenbach [Fri, 27 May 2016 11:22:25 +0000 (11:22 +0000)]
-fix

8 years ago-fix
Martin Schanzenbach [Fri, 27 May 2016 10:34:28 +0000 (10:34 +0000)]
-fix

8 years agofunction result helper rewritten
Christophe Genevey Metat [Thu, 26 May 2016 15:52:29 +0000 (15:52 +0000)]
function result helper rewritten

8 years agosketch envisioned API
Christian Grothoff [Thu, 26 May 2016 10:09:03 +0000 (10:09 +0000)]
sketch envisioned API

8 years ago-indent fixes
Christian Grothoff [Thu, 26 May 2016 10:05:04 +0000 (10:05 +0000)]
-indent fixes

8 years agofix #4536
Christian Grothoff [Wed, 25 May 2016 19:04:59 +0000 (19:04 +0000)]
fix #4536

8 years agofix warning compilation libgnunetmy
Christophe Genevey Metat [Wed, 25 May 2016 16:37:52 +0000 (16:37 +0000)]
fix warning compilation libgnunetmy

8 years ago- add peerstore tests
Martin Schanzenbach [Wed, 25 May 2016 09:54:46 +0000 (09:54 +0000)]
- add peerstore tests

8 years ago- jsonapi build fix, add peerstore flat (EXP)
Martin Schanzenbach [Tue, 24 May 2016 20:40:15 +0000 (20:40 +0000)]
- jsonapi build fix, add peerstore flat (EXP)

8 years agofixing #4483: optimize blinding key storage/transmission
Christian Grothoff [Tue, 24 May 2016 18:14:04 +0000 (18:14 +0000)]
fixing #4483: optimize blinding key storage/transmission

8 years agotest case for mysql
Christophe Genevey Metat [Tue, 24 May 2016 16:16:41 +0000 (16:16 +0000)]
test case for mysql

8 years agofix result and query helper
Christophe Genevey Metat [Tue, 24 May 2016 16:16:01 +0000 (16:16 +0000)]
fix result and query helper

8 years agolibgnunetmy begin result helper
Christophe Genevey Metat [Mon, 23 May 2016 15:40:28 +0000 (15:40 +0000)]
libgnunetmy begin result helper

8 years agosocial: put the sock in the right cupboard
Carlo von lynX [Mon, 23 May 2016 14:44:36 +0000 (14:44 +0000)]
social: put the sock in the right cupboard

8 years agosocial needs to start as user service, not system
Carlo von lynX [Mon, 23 May 2016 14:09:05 +0000 (14:09 +0000)]
social needs to start as user service, not system

8 years ago-rps: logging
Julius Bünger [Sun, 22 May 2016 07:12:56 +0000 (07:12 +0000)]
-rps: logging

8 years ago-rps: only insert online peers in the view
Julius Bünger [Sun, 22 May 2016 07:12:53 +0000 (07:12 +0000)]
-rps: only insert online peers in the view

8 years ago-rps: check knowledge of peer
Julius Bünger [Sun, 22 May 2016 07:12:51 +0000 (07:12 +0000)]
-rps: check knowledge of peer

8 years ago-rps: removing unused counter
Julius Bünger [Sun, 22 May 2016 07:12:48 +0000 (07:12 +0000)]
-rps: removing unused counter

8 years agodefine GNUNET_JSON_from_data_auto
Christian Grothoff [Sat, 21 May 2016 16:16:02 +0000 (16:16 +0000)]
define  GNUNET_JSON_from_data_auto

8 years agolibgnunetmy query helper
Christophe Genevey Metat [Fri, 20 May 2016 15:29:50 +0000 (15:29 +0000)]
libgnunetmy query helper

8 years agoGNUNET extract result libgnunetmy
Christophe Genevey Metat [Thu, 19 May 2016 16:30:11 +0000 (16:30 +0000)]
GNUNET extract result libgnunetmy

8 years agoextending MY api to cover result extraction
Christian Grothoff [Thu, 19 May 2016 13:30:48 +0000 (13:30 +0000)]
extending MY api to cover result extraction

8 years agoresult for libgnunetmy
Christophe Genevey Metat [Thu, 19 May 2016 13:15:51 +0000 (13:15 +0000)]
result for libgnunetmy

8 years agorename.sh GNUNET_CRYPTO_rsa_BlindingKey to GNUNET_CRYPTO_RsaBlindingKey following...
Christian Grothoff [Thu, 19 May 2016 13:08:53 +0000 (13:08 +0000)]
rename.sh GNUNET_CRYPTO_rsa_BlindingKey to GNUNET_CRYPTO_RsaBlindingKey following naming conventions

8 years agoforgot file
Christian Grothoff [Thu, 19 May 2016 11:48:46 +0000 (11:48 +0000)]
forgot file

8 years agostarting libgnunetmy
Christian Grothoff [Thu, 19 May 2016 10:05:51 +0000 (10:05 +0000)]
starting libgnunetmy

8 years ago-rps fix: check valid -> check online
Julius Bünger [Mon, 16 May 2016 21:18:47 +0000 (21:18 +0000)]
-rps fix: check valid -> check online

8 years ago-rps: rename and doxygen
Julius Bünger [Mon, 16 May 2016 21:18:43 +0000 (21:18 +0000)]
-rps: rename and doxygen

8 years agoonly run integration tests if libgnurl/libcurl was available
Christian Grothoff [Sun, 15 May 2016 22:37:09 +0000 (22:37 +0000)]
only run integration tests if libgnurl/libcurl was available

8 years agoadd missing options to rps.conf.in
Julius Bünger [Sun, 15 May 2016 14:27:14 +0000 (14:27 +0000)]
add missing options to rps.conf.in

8 years agorps.conf is generated from rps.conf.in
Christian Grothoff [Sun, 15 May 2016 09:56:55 +0000 (09:56 +0000)]
rps.conf is generated from rps.conf.in

8 years agowhat is the proper way to ensure identity service is running?
Carlo von lynX [Sun, 15 May 2016 08:32:20 +0000 (08:32 +0000)]
what is the proper way to ensure identity service is running?

8 years agorps: use stored peers at startup
Julius Bünger [Sat, 14 May 2016 19:41:37 +0000 (19:41 +0000)]
rps: use stored peers at startup

8 years ago-rps: fixed storing valid peers
Julius Bünger [Sat, 14 May 2016 17:29:48 +0000 (17:29 +0000)]
-rps: fixed storing valid peers

8 years ago-rps: try to avoid leaking memory
Julius Bünger [Fri, 13 May 2016 22:49:23 +0000 (22:49 +0000)]
-rps: try to avoid leaking memory

8 years ago-rps: logging
Julius Bünger [Fri, 13 May 2016 22:49:19 +0000 (22:49 +0000)]
-rps: logging

8 years agorps: add missing rps.conf
Julius Bünger [Fri, 13 May 2016 22:49:15 +0000 (22:49 +0000)]
rps: add missing rps.conf

8 years agorps: store valid peer ids in file
Julius Bünger [Fri, 13 May 2016 22:49:10 +0000 (22:49 +0000)]
rps: store valid peer ids in file

8 years ago-rps: logging
Julius Bünger [Fri, 13 May 2016 22:49:06 +0000 (22:49 +0000)]
-rps: logging

8 years agosocial: minor fixes
Carlo von lynX [Fri, 13 May 2016 07:33:16 +0000 (07:33 +0000)]
social: minor fixes

8 years agorps: keep track of valid peers in peermap
Julius Bünger [Thu, 12 May 2016 08:58:24 +0000 (08:58 +0000)]
rps: keep track of valid peers in peermap

8 years ago-rps: restructure service internals
Julius Bünger [Thu, 12 May 2016 08:58:20 +0000 (08:58 +0000)]
-rps: restructure service internals

8 years ago-rps: doxygen
Julius Bünger [Thu, 12 May 2016 08:58:17 +0000 (08:58 +0000)]
-rps: doxygen

8 years ago-rps: proper setting of "online" flag
Julius Bünger [Thu, 12 May 2016 08:58:14 +0000 (08:58 +0000)]
-rps: proper setting of "online" flag

8 years ago-rps: deleted redundant function call
Julius Bünger [Thu, 12 May 2016 08:58:10 +0000 (08:58 +0000)]
-rps: deleted redundant function call

8 years agosocial cli docs
Gabor X Toth [Thu, 12 May 2016 01:50:28 +0000 (01:50 +0000)]
social cli docs

8 years agopsyc/social: transmit fix
Gabor X Toth [Thu, 12 May 2016 00:21:25 +0000 (00:21 +0000)]
psyc/social: transmit fix

8 years agosocial cli: --host-assign option
Gabor X Toth [Wed, 11 May 2016 22:11:06 +0000 (22:11 +0000)]
social cli: --host-assign option

8 years agosocial cli: transmit fix, sig handlers
Gabor X Toth [Wed, 11 May 2016 20:12:08 +0000 (20:12 +0000)]
social cli: transmit fix, sig handlers

8 years agosocial: place load/save
Gabor X Toth [Wed, 11 May 2016 20:12:03 +0000 (20:12 +0000)]
social: place load/save

8 years agosocial api: app_disconnect callback
Gabor X Toth [Wed, 11 May 2016 20:11:55 +0000 (20:11 +0000)]
social api: app_disconnect callback

8 years agocmdline usability for gnunet-social
Carlo von lynX [Sun, 8 May 2016 10:06:53 +0000 (10:06 +0000)]
cmdline usability for gnunet-social

8 years agocmdline usability for gnunet-social
Carlo von lynX [Sun, 8 May 2016 10:06:50 +0000 (10:06 +0000)]
cmdline usability for gnunet-social

8 years agocurl: fix linking against libgnurl/libcurl
Daniel Golle [Sat, 7 May 2016 16:48:27 +0000 (16:48 +0000)]
curl: fix linking against libgnurl/libcurl

8 years agosocial cli
Gabor X Toth [Fri, 6 May 2016 20:30:18 +0000 (20:30 +0000)]
social cli

8 years agosocial: cli options
Gabor X Toth [Fri, 6 May 2016 20:30:08 +0000 (20:30 +0000)]
social: cli options

8 years agosocial: fix compiler warnings
Gabor X Toth [Fri, 6 May 2016 17:45:30 +0000 (17:45 +0000)]
social: fix compiler warnings

8 years agofix #4493
Christian Grothoff [Fri, 6 May 2016 15:25:44 +0000 (15:25 +0000)]
fix #4493

8 years agofix compiler warnings
Christian Grothoff [Fri, 6 May 2016 15:23:59 +0000 (15:23 +0000)]
fix compiler warnings

8 years agouse 'static' where applicable
Christian Grothoff [Fri, 6 May 2016 15:23:26 +0000 (15:23 +0000)]
use 'static' where applicable

8 years agofix compiler warnings
Christian Grothoff [Fri, 6 May 2016 15:21:51 +0000 (15:21 +0000)]
fix compiler warnings

8 years agofix compiler warnings
Christian Grothoff [Fri, 6 May 2016 15:20:10 +0000 (15:20 +0000)]
fix compiler warnings

8 years agofix compiler warnings
Christian Grothoff [Fri, 6 May 2016 15:01:44 +0000 (15:01 +0000)]
fix compiler warnings

8 years agofix ftbfs
Christian Grothoff [Fri, 6 May 2016 14:52:12 +0000 (14:52 +0000)]
fix ftbfs

8 years agofixing compiler warnings
Christian Grothoff [Fri, 6 May 2016 14:44:08 +0000 (14:44 +0000)]
fixing compiler warnings

8 years agoadd -w option to gnunet-config
Christian Grothoff [Thu, 5 May 2016 15:10:48 +0000 (15:10 +0000)]
add -w option to gnunet-config

8 years agosocial cli
Gabor X Toth [Thu, 5 May 2016 13:02:18 +0000 (13:02 +0000)]
social cli

8 years agosocial cli
Gabor X Toth [Thu, 5 May 2016 11:33:48 +0000 (11:33 +0000)]
social cli

8 years agosocial: app connected callback
Gabor X Toth [Thu, 5 May 2016 11:33:40 +0000 (11:33 +0000)]
social: app connected callback

8 years ago- add test, bugfix
Martin Schanzenbach [Thu, 5 May 2016 10:35:48 +0000 (10:35 +0000)]
- add test, bugfix

8 years ago- ignore
Martin Schanzenbach [Thu, 5 May 2016 10:18:01 +0000 (10:18 +0000)]
- ignore

8 years ago- refactor jsonpi utils, add test
Martin Schanzenbach [Thu, 5 May 2016 10:17:37 +0000 (10:17 +0000)]
- refactor jsonpi utils, add test

8 years ago- remove HAVE_REST, remove json reference from rest
Martin Schanzenbach [Thu, 5 May 2016 09:13:47 +0000 (09:13 +0000)]
- remove HAVE_REST, remove json reference from rest

8 years ago- build rest before jsonapi
Martin Schanzenbach [Wed, 4 May 2016 17:20:54 +0000 (17:20 +0000)]
- build rest before jsonapi

8 years agoUpdate jsonapi to current specs, refactor
Martin Schanzenbach [Wed, 4 May 2016 17:18:02 +0000 (17:18 +0000)]
Update jsonapi to current specs, refactor

8 years ago- fix string format
Martin Schanzenbach [Wed, 4 May 2016 09:46:17 +0000 (09:46 +0000)]
- fix string format

8 years ago- rework rest/jsonapi API; bugfixes
Martin Schanzenbach [Wed, 4 May 2016 09:44:35 +0000 (09:44 +0000)]
- rework rest/jsonapi API; bugfixes

8 years agodetect format string bugs
Christian Grothoff [Wed, 4 May 2016 09:24:35 +0000 (09:24 +0000)]
detect format string bugs

8 years agocadet.. it's no longer called mesh
Carlo von lynX [Tue, 3 May 2016 20:56:13 +0000 (20:56 +0000)]
cadet.. it's no longer called mesh

8 years agoparsing parameters for gnunet-social.c a bit
Carlo von lynX [Tue, 3 May 2016 20:39:58 +0000 (20:39 +0000)]
parsing parameters for gnunet-social.c a bit

8 years agomake gnunet-social.c build: resolve listen() collision
Carlo von lynX [Tue, 3 May 2016 20:04:26 +0000 (20:04 +0000)]
make gnunet-social.c build: resolve listen() collision

8 years agognunet-social cli
Gabor X Toth [Tue, 3 May 2016 19:04:54 +0000 (19:04 +0000)]
gnunet-social cli

8 years agoFix printf format causing SEISEGV
Bart Polot [Tue, 3 May 2016 18:38:44 +0000 (18:38 +0000)]
Fix printf format causing SEISEGV

8 years agoFix shutdown assertion failure in core_api: avoid double cancel of pending traffic
Bart Polot [Tue, 3 May 2016 18:38:43 +0000 (18:38 +0000)]
Fix shutdown assertion failure in core_api: avoid double cancel of pending traffic

8 years agomore psycey method names in test_social.c
Carlo von lynX [Tue, 3 May 2016 16:56:25 +0000 (16:56 +0000)]
more psycey method names in test_social.c

8 years ago- add jsonapi tests
Martin Schanzenbach [Tue, 3 May 2016 09:33:01 +0000 (09:33 +0000)]
- add jsonapi tests

8 years agoadd support for string results from PQ
Christian Grothoff [Tue, 3 May 2016 05:30:25 +0000 (05:30 +0000)]
add support for string results from PQ

8 years ago- missed file; bugfix
Martin Schanzenbach [Mon, 2 May 2016 16:45:26 +0000 (16:45 +0000)]
- missed file; bugfix

8 years ago- Refactor jsonapi into separate module
Martin Schanzenbach [Mon, 2 May 2016 16:32:36 +0000 (16:32 +0000)]
- Refactor jsonapi into separate module

8 years agofix #4478
Christian Grothoff [Mon, 2 May 2016 07:17:31 +0000 (07:17 +0000)]
fix #4478

8 years agofix API design issue
Christian Grothoff [Mon, 2 May 2016 06:15:26 +0000 (06:15 +0000)]
fix API design issue

8 years agoadd implementation of scheduler integration of curl context
Christian Grothoff [Mon, 2 May 2016 06:11:57 +0000 (06:11 +0000)]
add implementation of scheduler integration of curl context

8 years agoAPI update to fix #4479
Christian Grothoff [Mon, 2 May 2016 00:23:27 +0000 (00:23 +0000)]
API update to fix #4479

8 years agoimplementing new scheduler shutdown semantics
Christian Grothoff [Sat, 30 Apr 2016 08:17:37 +0000 (08:17 +0000)]
implementing new scheduler shutdown semantics

8 years agoexpand dollars in BINARY for service type 'simple'
Florian Dold [Tue, 26 Apr 2016 22:32:27 +0000 (22:32 +0000)]
expand dollars in BINARY for service type 'simple'