[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r36786 - gnunet/src/identity-token
From: |
gnunet |
Subject: |
[GNUnet-SVN] r36786 - gnunet/src/identity-token |
Date: |
Mon, 4 Jan 2016 16:39:46 +0100 |
Author: schanzen
Date: 2016-01-04 16:39:46 +0100 (Mon, 04 Jan 2016)
New Revision: 36786
Modified:
gnunet/src/identity-token/plugin_rest_identity_token.c
Log:
- verify ecdh signature in token code
Modified: gnunet/src/identity-token/plugin_rest_identity_token.c
===================================================================
--- gnunet/src/identity-token/plugin_rest_identity_token.c 2016-01-04
15:10:59 UTC (rev 36785)
+++ gnunet/src/identity-token/plugin_rest_identity_token.c 2016-01-04
15:39:46 UTC (rev 36786)
@@ -1286,7 +1286,9 @@
char* enc_meta;
char* meta_str;
char* token_code_decoded;
+ char* write_ptr;
size_t enc_meta_len;
+ struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
GNUNET_STRINGS_base64_decode (token_code, strlen (token_code),
&token_code_decoded);
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Token Code: %s\n", token_code_decoded);
@@ -1329,8 +1331,7 @@
strlen (enc_meta_str),
&enc_meta);
- //TODO: check signature here
-
+
if (GNUNET_OK != decrypt_str_ecdhe (priv_key,
ecdhe_pkey,
enc_meta,
@@ -1342,7 +1343,7 @@
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Metadata decryption failed\n");
return GNUNET_SYSERR;
}
- GNUNET_free (enc_meta);
+
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Metadata: %s\n", meta_str);
json_decref (root);
GNUNET_free (token_code_decoded);
@@ -1354,8 +1355,9 @@
GNUNET_free (meta_str);
return GNUNET_SYSERR;
}
- label_json = json_object_get (root, "label");
- if (!json_is_string (label_json))
+
+ identity_json = json_object_get (root, "identity");
+ if (!json_is_string (identity_json))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Error parsing metadata: %s\n", err_json.text);
@@ -1363,27 +1365,58 @@
GNUNET_free (meta_str);
return GNUNET_SYSERR;
}
+ identity_key_str = json_string_value (identity_json);
+ GNUNET_STRINGS_string_to_data (identity_key_str,
+ strlen (identity_key_str),
+ id_pkey,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
- label_str = json_string_value (label_json);
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Found label: %s\n", label_str);
- GNUNET_asprintf (label, "%s", label_str);
+ //TODO: check signature here
+ purpose =
+ GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
+ sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) + //E
+ enc_meta_len); // E_K (code_str)
+ purpose->size =
+ htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
+ sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) +
+ enc_meta_len);
+ purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN_CODE);
+ write_ptr = (char*) &purpose[1];
+ memcpy (write_ptr, ecdhe_pkey, sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
+ write_ptr += sizeof (struct GNUNET_CRYPTO_EcdhePublicKey);
+ memcpy (write_ptr, enc_meta, enc_meta_len);
- identity_json = json_object_get (root, "identity");
- if (!json_is_string (identity_json))
+ if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify
(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN_CODE,
+ purpose,
+ signature,
+ id_pkey))
{
+ json_decref (root);
+ GNUNET_free (meta_str);
+ GNUNET_free (purpose);
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Error verifying signature for token code\n");
+ return GNUNET_SYSERR;
+ }
+ GNUNET_free (purpose);
+
+ GNUNET_free (enc_meta);
+
+ label_json = json_object_get (root, "label");
+ if (!json_is_string (label_json))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Error parsing metadata: %s\n", err_json.text);
json_decref (root);
GNUNET_free (meta_str);
return GNUNET_SYSERR;
}
- identity_key_str = json_string_value (identity_json);
- GNUNET_STRINGS_string_to_data (identity_key_str,
- strlen (identity_key_str),
- id_pkey,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
- GNUNET_free (meta_str);
+ label_str = json_string_value (label_json);
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Found label: %s\n", label_str);
+ GNUNET_asprintf (label, "%s", label_str);
+
+ GNUNET_free (meta_str);
json_decref (root);
return GNUNET_OK;
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r36786 - gnunet/src/identity-token,
gnunet <=