[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] 02/06: -sign rest api + unfinished test
From: |
gnunet |
Subject: |
[gnunet] 02/06: -sign rest api + unfinished test |
Date: |
Wed, 31 Aug 2022 17:04:40 +0200 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
commit bece25385e2f0d4823de569b8d5c5fb5f50721d7
Author: Tristan Schwieren <tristan.schwieren@tum.de>
AuthorDate: Fri Aug 19 17:48:02 2022 +0200
-sign rest api + unfinished test
---
src/identity/plugin_rest_identity.c | 10 +++--
.../test_plugin_rest_identity_signature.sh | 44 ++++++++++++++++++++++
src/include/gnunet_crypto_lib.h | 24 ++++++++++++
src/util/crypto_ecc.c | 34 ++++++++++++++---
4 files changed, 102 insertions(+), 10 deletions(-)
diff --git a/src/identity/plugin_rest_identity.c
b/src/identity/plugin_rest_identity.c
index ba0aa82f1..06ef7a174 100644
--- a/src/identity/plugin_rest_identity.c
+++ b/src/identity/plugin_rest_identity.c
@@ -1205,8 +1205,6 @@ ego_sign_data_cb (void *cls, struct GNUNET_IDENTITY_Ego
*ego)
char *data = (char *) ((struct ego_sign_data_cls *) cls)->data; // data is
url decoded
struct MHD_Response *resp;
struct GNUNET_CRYPTO_EcdsaSignature sig;
- struct GNUNET_IDENTITY_Signature sig_ident;
- void *sig_buf;
char *sig_str;
char *result;
@@ -1230,16 +1228,20 @@ ego_sign_data_cb (void *cls, struct GNUNET_IDENTITY_Ego
*ego)
}
// TODO: Encode the signature
+ sig_str = malloc(64);
+ GNUNET_CRYPTO_ecdsa_signature_encode(
+ (const struct GNUNET_CRYPTO_EcdsaSignature *) &sig,
+ &sig_str);
GNUNET_asprintf (&result,
- "{\"data\": \"%s\", \"signature\": \"%s\"}",
- data,
+ "{\"signature\": \"%s\"}",
sig_str);
resp = GNUNET_REST_create_response (result);
handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
free (data);
+ free (sig_str);
free (result);
free (cls);
GNUNET_SCHEDULER_add_now (&cleanup_handle, handle);
diff --git a/src/identity/test_plugin_rest_identity_signature.sh
b/src/identity/test_plugin_rest_identity_signature.sh
new file mode 100755
index 000000000..2a56996d5
--- /dev/null
+++ b/src/identity/test_plugin_rest_identity_signature.sh
@@ -0,0 +1,44 @@
+#!/usr/bin/bash
+
+# https://www.rfc-editor.org/rfc/rfc7515#appendix-A.3
+
+header='{"alg":"ES256"}'
+payload='{"iss":"joe",\r\n "exp":1300819380,\r\n
"http://example.com/is_root":true}'
+
+header_payload_test=(
+ 101 121 74 104 98 71 99 105 79 105 74 70 85 122 73
+ 49 78 105 74 57 46 101 121 74 112 99 51 77 105 79 105
+ 74 113 98 50 85 105 76 65 48 75 73 67 74 108 101 72
+ 65 105 79 106 69 122 77 68 65 52 77 84 107 122 79 68
+ 65 115 68 81 111 103 73 109 104 48 100 72 65 54 76
+ 121 57 108 101 71 70 116 99 71 120 108 76 109 78 118
+ 98 83 57 112 99 49 57 121 98 50 57 48 73 106 112 48
+ 99 110 86 108 102 81)
+
+base64url_encode () {
+ echo -n -e "$1" | base64 -w0 | tr '+/' '-_' | tr -d '='
+}
+
+# encode header_payload test vektor
+for i in "${header_payload_test[@]}"
+do
+ header_payload_test_enc+=$(printf "\x$(printf %x $i)")
+done
+
+header_enc=$(base64url_encode "$header")
+payload_enc=$(base64url_encode "$payload")
+
+# test base64url encoding and header & payload concatenation
+if [ "$header_enc.$payload_enc" != $header_payload_test_enc ] ;
+then
+ exit 1
+fi
+
+signature_enc=$(curl -s
"localhost:7776/sign?user=tristan&data=$header_payload_enc" | jq -r
'.signature')
+echo "$header_enc.$payload_enc.$signature_enc"
+
+# TODO: Test Signature
+ # Gen key: Public Key GNS zone type value + d in crockford encoding
+ # Create new ego with key
+ # Check if signaure is valid using openssh
+ # Check if signaure is valid with test vektor
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 69ecf8432..1d5722450 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -1961,6 +1961,30 @@ GNUNET_CRYPTO_ecdsa_sign_raw (
size_t len,
struct GNUNET_CRYPTO_EcdsaSignature *sig);
+/**
+ * @brief
+ *
+ * @param sig
+ * @param sig_str
+ * @return enum GNUNET_GenericReturnValue
+ */
+size_t
+GNUNET_CRYPTO_ecdsa_signature_encode(
+ const struct GNUNET_CRYPTO_EcdsaSignature *sig,
+ char **sig_str);
+
+/**
+ * @brief
+ *
+ * @param sig_str
+ * @param sig
+ * @return enum GNUNET_GenericReturnValue
+ */
+size_t
+GNUNET_CRYPTO_ecdsa_signature_decode(
+ const char *sig_str,
+ struct GNUNET_CRYPTO_EcdsaSignature *sig);
+
/**
* @ingroup crypto
* @brief ECDSA sign a given block.
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 11e882de1..36945e291 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -595,7 +595,7 @@ GNUNET_CRYPTO_ecdsa_sign_ (
}
// TODO: Code reuse with GNUNET_CRYPTO_ecdsa_sign_
-// Refactor above as a wrapper around raw
+// Refactor above as a wrapper around raw
enum GNUNET_GenericReturnValue
GNUNET_CRYPTO_ecdsa_sign_raw (
const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
@@ -616,11 +616,11 @@ GNUNET_CRYPTO_ecdsa_sign_raw (
// Hash data
GNUNET_CRYPTO_hash (data, len, &hash_code);
if (0 != (error = gcry_sexp_build (&data_sexp,
- NULL,
- "(data(flags rfc6979)(hash %s %b))",
- "sha512",
- (int) sizeof(hash_code),
- &hash_code)))
+ NULL,
+ "(data(flags rfc6979)(hash %s %b))",
+ "sha512",
+ (int) sizeof(hash_code),
+ &hash_code)))
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", error);
return GNUNET_SYSERR;
@@ -658,6 +658,28 @@ GNUNET_CRYPTO_ecdsa_sign_raw (
return GNUNET_OK;
}
+size_t
+GNUNET_CRYPTO_ecdsa_signature_encode (
+ const struct GNUNET_CRYPTO_EcdsaSignature *sig,
+ char **sig_str)
+{
+ return GNUNET_STRINGS_base64url_encode (
+ (void*) sig,
+ 32,
+ sig_str);
+}
+
+size_t
+GNUNET_CRYPTO_ecdsa_signature_decode (
+ const char *sig_str,
+ struct GNUNET_CRYPTO_EcdsaSignature *sig)
+{
+ return GNUNET_STRINGS_base64url_decode (
+ sig_str,
+ strlen (sig_str),
+ (void **) &sig);
+}
+
enum GNUNET_GenericReturnValue
GNUNET_CRYPTO_eddsa_sign_ (
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [gnunet] branch master updated (fcfa115e2 -> cc70504a2), gnunet, 2022/08/31
- [gnunet] 01/06: - siop for reclaim; A rest endpoint that signs stuff, gnunet, 2022/08/31
- [gnunet] 04/06: -switch to EdDSA egos only for signature rest endpoint, gnunet, 2022/08/31
- [gnunet] 02/06: -sign rest api + unfinished test,
gnunet <=
- [gnunet] 03/06: - add to gitignore, gnunet, 2022/08/31
- [gnunet] 06/06: Merge branch 'dev/trizuz/siop', gnunet, 2022/08/31
- [gnunet] 05/06: - finished test for signature rest endpoint, gnunet, 2022/08/31