[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] 01/06: - siop for reclaim; A rest endpoint that signs stuff
From: |
gnunet |
Subject: |
[gnunet] 01/06: - siop for reclaim; A rest endpoint that signs stuff |
Date: |
Wed, 31 Aug 2022 17:04:39 +0200 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
commit 3eab839a585eb5db577a276bad7840f8c4f7c51f
Author: Tristan Schwieren <tristan.schwieren@tum.de>
AuthorDate: Thu Aug 11 16:45:12 2022 +0200
- siop for reclaim; A rest endpoint that signs stuff
---
src/identity/plugin_rest_identity.c | 119 ++++++++++++++++++++++++++++++++++++
src/include/gnunet_crypto_lib.h | 15 +++++
src/util/Makefile.am | 6 ++
src/util/crypto_ecc.c | 64 +++++++++++++++++++
src/util/test_crypto_ecc.c | 57 +++++++++++++++++
5 files changed, 261 insertions(+)
diff --git a/src/identity/plugin_rest_identity.c
b/src/identity/plugin_rest_identity.c
index d7cd0e826..ba0aa82f1 100644
--- a/src/identity/plugin_rest_identity.c
+++ b/src/identity/plugin_rest_identity.c
@@ -28,6 +28,8 @@
#include "gnunet_rest_plugin.h"
#include "gnunet_identity_service.h"
#include "gnunet_rest_lib.h"
+#include "identity.h"
+#include "gnunet_crypto_lib.h"
#include "microhttpd.h"
#include <jansson.h>
@@ -51,6 +53,11 @@
*/
#define GNUNET_REST_API_NS_IDENTITY_SUBSYSTEM "/identity/subsystem"
+/**
+ * Identity Namespace with sign specifier
+ */
+#define GNUNET_REST_API_NS_SIGN "/sign"
+
/**
* Parameter public key
*/
@@ -1185,6 +1192,117 @@ ego_delete_name (struct GNUNET_REST_RequestHandle
*con_handle,
handle);
}
+struct ego_sign_data_cls
+{
+ void *data;
+ struct RequestHandle *handle;
+};
+
+void
+ego_sign_data_cb (void *cls, struct GNUNET_IDENTITY_Ego *ego)
+{
+ struct RequestHandle *handle = ((struct ego_sign_data_cls *) cls)->handle;
+ char *data = (char *) ((struct ego_sign_data_cls *) cls)->data; // data is
url decoded
+ struct MHD_Response *resp;
+ struct GNUNET_CRYPTO_EcdsaSignature sig;
+ struct GNUNET_IDENTITY_Signature sig_ident;
+ void *sig_buf;
+ char *sig_str;
+ char *result;
+
+ if (ego == NULL)
+ {
+ handle->response_code = MHD_HTTP_BAD_REQUEST;
+ handle->emsg = GNUNET_strdup ("Ego not found");
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
+
+ if ( GNUNET_OK != GNUNET_CRYPTO_ecdsa_sign_raw (&(ego->pk.ecdsa_key),
+ (void *) data,
+ strlen (data),
+ &sig))
+ {
+ handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
+ handle->emsg = GNUNET_strdup ("Signature creation failed");
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
+
+ // TODO: Encode the signature
+
+ GNUNET_asprintf (&result,
+ "{\"data\": \"%s\", \"signature\": \"%s\"}",
+ data,
+ sig_str);
+
+ resp = GNUNET_REST_create_response (result);
+ handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
+
+ free (data);
+ free (result);
+ free (cls);
+ GNUNET_SCHEDULER_add_now (&cleanup_handle, handle);
+}
+
+/**
+ *
+ * @param con_handle the connection handle
+ * @param url the url
+ * @param cls the RequestHandle
+ */
+void
+ego_sign_data (struct GNUNET_REST_RequestHandle *con_handle,
+ const char *url,
+ void *cls)
+{
+ // TODO: replace with precompiler #define
+ const char *username_key = "user";
+ const char *data_key = "data";
+
+ struct RequestHandle *handle = cls;
+ struct MHD_Response *resp;
+ struct GNUNET_HashCode cache_key_username;
+ struct GNUNET_HashCode cache_key_data;
+ char *username;
+ char *data;
+ char *result;
+
+ struct ego_sign_data_cls *cls2;
+
+ GNUNET_CRYPTO_hash (username_key, strlen (username_key),
&cache_key_username);
+ GNUNET_CRYPTO_hash (data_key, strlen (data_key), &cache_key_data);
+
+ if ((GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (
+ handle->rest_handle->url_param_map,
+ &cache_key_username)) ||
+ (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (
+ handle->rest_handle->url_param_map,
+ &cache_key_data)))
+ {
+ handle->response_code = MHD_HTTP_BAD_REQUEST;
+ handle->emsg = GNUNET_strdup ("URL parameter missing");
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
+
+ username = (char *) GNUNET_CONTAINER_multihashmap_get (
+ handle->rest_handle->url_param_map,
+ &cache_key_username);
+
+ data = (char *) GNUNET_CONTAINER_multihashmap_get (
+ handle->rest_handle->url_param_map,
+ &cache_key_data);
+
+ cls2 = malloc (sizeof(struct ego_sign_data_cls));
+ cls2->data = (void *) GNUNET_strdup (data);
+ cls2->handle = handle;
+
+ GNUNET_IDENTITY_ego_lookup (cfg,
+ username,
+ ego_sign_data_cb,
+ cls2);
+}
/**
* Respond to OPTIONS request
@@ -1335,6 +1453,7 @@ rest_process_request (struct GNUNET_REST_RequestHandle
*rest_handle,
GNUNET_REST_API_NS_IDENTITY_NAME,
&ego_delete_name },
{ MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_IDENTITY, &options_cont },
+ { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_SIGN, &ego_sign_data},
GNUNET_REST_HANDLER_END };
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 2737ee0e9..69ecf8432 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -1945,6 +1945,21 @@ GNUNET_CRYPTO_ecdsa_sign_ (
const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
struct GNUNET_CRYPTO_EcdsaSignature *sig);
+/**
+ * @brief
+ *
+ * @param priv
+ * @param data
+ * @param len
+ * @param sig
+ * @return enum GNUNET_GenericReturnValue
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_ecdsa_sign_raw (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ void *data,
+ size_t len,
+ struct GNUNET_CRYPTO_EcdsaSignature *sig);
/**
* @ingroup crypto
diff --git a/src/util/Makefile.am b/src/util/Makefile.am
index 9cb7da15b..b86fa0f12 100644
--- a/src/util/Makefile.am
+++ b/src/util/Makefile.am
@@ -292,6 +292,7 @@ check_PROGRAMS = \
test_container_heap \
test_crypto_symmetric \
test_crypto_crc \
+ test_crypto_ecc \
test_crypto_cs \
test_crypto_ecdsa \
test_crypto_eddsa \
@@ -460,6 +461,11 @@ test_crypto_cs_LDADD = \
libgnunetutil.la \
-lsodium
+test_crypto_ecc_SOURCES = \
+ test_crypto_ecc.c
+test_crypto_ecc_LDADD = \
+ libgnunetutil.la
+
test_crypto_ecdsa_SOURCES = \
test_crypto_ecdsa.c
test_crypto_ecdsa_LDADD = \
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 5b1b579ec..11e882de1 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -594,6 +594,70 @@ GNUNET_CRYPTO_ecdsa_sign_ (
return GNUNET_OK;
}
+// TODO: Code reuse with GNUNET_CRYPTO_ecdsa_sign_
+// Refactor above as a wrapper around raw
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_ecdsa_sign_raw (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ void *data,
+ size_t len,
+ struct GNUNET_CRYPTO_EcdsaSignature *sig)
+{
+ struct GNUNET_HashCode hash_code;
+ gcry_sexp_t skey_sexp;
+ gcry_sexp_t sig_sexp;
+ gcry_sexp_t data_sexp;
+ gcry_error_t error;
+ gcry_mpi_t rs[2];
+
+ // Decode private key
+ skey_sexp = decode_private_ecdsa_key (priv);
+
+ // Hash data
+ GNUNET_CRYPTO_hash (data, len, &hash_code);
+ if (0 != (error = gcry_sexp_build (&data_sexp,
+ NULL,
+ "(data(flags rfc6979)(hash %s %b))",
+ "sha512",
+ (int) sizeof(hash_code),
+ &hash_code)))
+ {
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", error);
+ return GNUNET_SYSERR;
+ }
+
+ // Sign Hash
+ if (0 != (error = gcry_pk_sign (&sig_sexp, data_sexp, skey_sexp)))
+ {
+ LOG (GNUNET_ERROR_TYPE_WARNING,
+ _ ("ECC signing failed at %s:%d: %s\n"),
+ __FILE__,
+ __LINE__,
+ gcry_strerror (error));
+ gcry_sexp_release (data_sexp);
+ gcry_sexp_release (skey_sexp);
+ return GNUNET_SYSERR;
+ }
+ gcry_sexp_release (skey_sexp);
+ gcry_sexp_release (data_sexp);
+
+ /* extract 'r' and 's' values from sexpression 'sig_sexp' and store in
+ 'signature' */
+ if (0 != (error = key_from_sexp (rs, sig_sexp, "sig-val", "rs")))
+ {
+ GNUNET_break (0);
+ gcry_sexp_release (sig_sexp);
+ return GNUNET_SYSERR;
+ }
+ gcry_sexp_release (sig_sexp);
+ GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof(sig->r), rs[0]);
+ GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof(sig->s), rs[1]);
+ gcry_mpi_release (rs[0]);
+ gcry_mpi_release (rs[1]);
+
+ return GNUNET_OK;
+}
+
enum GNUNET_GenericReturnValue
GNUNET_CRYPTO_eddsa_sign_ (
diff --git a/src/util/test_crypto_ecc.c b/src/util/test_crypto_ecc.c
new file mode 100644
index 000000000..ebfa04c45
--- /dev/null
+++ b/src/util/test_crypto_ecc.c
@@ -0,0 +1,57 @@
+/*
+ This file is part of GNUnet.
+ Copyright (C) 2002-2015 GNUnet e.V.
+
+ GNUnet is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License,
+ or (at your option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+ SPDX-License-Identifier: AGPL3.0-or-later
+
+ */
+/**
+ * @file util/test_crypto_ecc.c
+ * @brief test case for crypto_ecc.c GNUNET_CRYPTO_ecdsa_sign_raw() function
+ * @author Tristan Schwieren
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+
+static int
+test_GNUNET_CRYPTO_ecdsa_sign_raw ()
+{
+ struct GNUNET_CRYPTO_EcdsaPrivateKey skey;
+ struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
+ struct GNUNET_CRYPTO_EcdsaSignature sig;
+ const char *test_data = "Hello World!";
+
+ /* Generate keys */
+ GNUNET_CRYPTO_ecdsa_key_create (&skey);
+ GNUNET_CRYPTO_ecdsa_key_get_public (&skey, &pkey);
+
+ GNUNET_assert (GNUNET_OK ==
+ GNUNET_CRYPTO_ecdsa_sign_raw (&skey,
+ test_data,
+ strlen (test_data),
+ &sig));
+
+ return 0;
+}
+
+int
+main (int argc, char *argv[])
+{
+ return test_GNUNET_CRYPTO_ecdsa_sign_raw ();
+}
+
+
+/* end of test_crypto_ecc.c */
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [gnunet] branch master updated (fcfa115e2 -> cc70504a2), gnunet, 2022/08/31
- [gnunet] 01/06: - siop for reclaim; A rest endpoint that signs stuff,
gnunet <=
- [gnunet] 04/06: -switch to EdDSA egos only for signature rest endpoint, gnunet, 2022/08/31
- [gnunet] 02/06: -sign rest api + unfinished test, gnunet, 2022/08/31
- [gnunet] 03/06: - add to gitignore, gnunet, 2022/08/31
- [gnunet] 06/06: Merge branch 'dev/trizuz/siop', gnunet, 2022/08/31
- [gnunet] 05/06: - finished test for signature rest endpoint, gnunet, 2022/08/31