From 6d61330e3ae457a27f10247cd9caf53987604143 Mon Sep 17 00:00:00 2001 From: "Schanzenbach, Martin" Date: Mon, 20 Apr 2020 08:24:06 +0200 Subject: [PATCH] evaluate epochs --- src/include/gnunet_revocation_service.h | 2 +- src/revocation/gnunet-revocation.c | 31 +++++++++++++++++++--- src/revocation/gnunet-service-revocation.c | 3 +-- src/revocation/plugin_block_revocation.c | 2 +- src/revocation/revocation_api.c | 14 ++++------ 5 files changed, 36 insertions(+), 16 deletions(-) diff --git a/src/include/gnunet_revocation_service.h b/src/include/gnunet_revocation_service.h index a5a014708..226dce357 100644 --- a/src/include/gnunet_revocation_service.h +++ b/src/include/gnunet_revocation_service.h @@ -184,7 +184,7 @@ GNUNET_REVOCATION_revoke_cancel (struct GNUNET_REVOCATION_Handle *h); * @param ts revocation timestamp * @param pow proof of work value * @param matching_bits how many bits must match (configuration) - * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not + * @return number of epochs valid if the @a pow is acceptable, -1 if not */ int GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow, diff --git a/src/revocation/gnunet-revocation.c b/src/revocation/gnunet-revocation.c index 5566162f4..c33f12c90 100644 --- a/src/revocation/gnunet-revocation.c +++ b/src/revocation/gnunet-revocation.c @@ -83,6 +83,11 @@ static const struct GNUNET_CONFIGURATION_Handle *cfg; */ static unsigned long long matching_bits; +/** + * Epoch length + */ +static struct GNUNET_TIME_Relative epoch_length; + /** * Task used for proof-of-work calculation. */ @@ -341,6 +346,7 @@ ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego) struct GNUNET_REVOCATION_Pow *pow; struct GNUNET_CRYPTO_EcdsaPublicKey key; struct GNUNET_REVOCATION_PowCalculationHandle *ph = NULL; + int epochs; el = NULL; if (NULL == ego) @@ -365,11 +371,19 @@ ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego) GNUNET_free (pow); return; } - if (GNUNET_YES == + if (0 < (epochs = GNUNET_REVOCATION_check_pow (pow, - (unsigned int) matching_bits)) + (unsigned int) matching_bits))) { + struct GNUNET_TIME_Absolute ts; + struct GNUNET_TIME_Relative ttl; + ts = GNUNET_TIME_absolute_ntoh (pow->timestamp); + ttl = GNUNET_TIME_relative_multiply (epoch_length, + epochs); fprintf (stderr, "%s", _ ("Revocation certificate ready\n")); + fprintf (stderr, "%s %s for %s\n", _ ("Valid from"), + GNUNET_STRINGS_absolute_time_to_string (ts), + GNUNET_STRINGS_relative_time_to_string (ttl, GNUNET_NO)); if (perform) perform_revocation (pow); else @@ -448,6 +462,17 @@ run (void *cls, "WORKBITS"); return; } + if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_time (cfg, + "REVOCATION", + "EPOCH_LENGTH", + &epoch_length)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "REVOCATION", + "EPOCH_LENGTH"); + return; + } + if (NULL != revoke_ego) { if (! perform && (NULL == filename)) @@ -472,7 +497,7 @@ run (void *cls, return; } GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); - if (GNUNET_YES != + if (0 >= GNUNET_REVOCATION_check_pow (&pow, (unsigned int) matching_bits)) { diff --git a/src/revocation/gnunet-service-revocation.c b/src/revocation/gnunet-service-revocation.c index 420cb392f..4746a7698 100644 --- a/src/revocation/gnunet-service-revocation.c +++ b/src/revocation/gnunet-service-revocation.c @@ -167,8 +167,7 @@ new_peer_entry (const struct GNUNET_PeerIdentity *peer) static int verify_revoke_message (const struct RevokeMessage *rm) { - if (GNUNET_YES != - GNUNET_REVOCATION_check_pow (&rm->proof_of_work, + if (0 >= GNUNET_REVOCATION_check_pow (&rm->proof_of_work, (unsigned int) revocation_work_required)) { GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, diff --git a/src/revocation/plugin_block_revocation.c b/src/revocation/plugin_block_revocation.c index a57a933c3..934c8d8c9 100644 --- a/src/revocation/plugin_block_revocation.c +++ b/src/revocation/plugin_block_revocation.c @@ -142,7 +142,7 @@ block_plugin_revocation_evaluate (void *cls, GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } - if (GNUNET_YES != + if (0 >= GNUNET_REVOCATION_check_pow (&rm->proof_of_work, ic->matching_bits)) { diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index 565ce9d0d..f2261ff4f 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c @@ -319,9 +319,7 @@ GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, "REVOCATION", "WORKBITS", &matching_bits)) && - (GNUNET_YES != - GNUNET_REVOCATION_check_pow (pow, - (unsigned int) matching_bits))) + (0 >= GNUNET_REVOCATION_check_pow (pow, (unsigned int) matching_bits))) { GNUNET_break (0); GNUNET_free (h); @@ -410,7 +408,7 @@ calculate_score (const struct GNUNET_REVOCATION_PowCalculationHandle *ph) * @param ts revocation timestamp * @param pow proof of work value * @param matching_bits how many bits must match (configuration) - * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not + * @return number of epochs valid if the @a pow is acceptable, -1 if not */ int GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow, @@ -433,7 +431,7 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow, for (unsigned int j = i + 1; j < POW_COUNT; j++) { if (pow->pow[i] == pow->pow[j]) - return GNUNET_NO; + return -1; } } GNUNET_memcpy (&buf[sizeof(uint64_t)], @@ -460,10 +458,8 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow, score = score / POW_COUNT; if (score < difficulty) return GNUNET_NO; - // TODO verfiy signature? - epochs = score - difficulty + 1; - // TODO verify expiration - return GNUNET_YES; + epochs = score - difficulty; + return epochs; } -- 2.25.1