[gnunet] 02/06: -sign rest api + unfinished test

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[gnunet] 02/06: -sign rest api + unfinished test

From:	gnunet
Subject:	[gnunet] 02/06: -sign rest api + unfinished test
Date:	Wed, 31 Aug 2022 17:04:40 +0200

This is an automated email from the git hooks/post-receive script.

martin-schanzenbach pushed a commit to branch master
in repository gnunet.

commit bece25385e2f0d4823de569b8d5c5fb5f50721d7
Author: Tristan Schwieren <tristan.schwieren@tum.de>
AuthorDate: Fri Aug 19 17:48:02 2022 +0200

    -sign rest api + unfinished test
---
 src/identity/plugin_rest_identity.c                | 10 +++--
 .../test_plugin_rest_identity_signature.sh         | 44 ++++++++++++++++++++++
 src/include/gnunet_crypto_lib.h                    | 24 ++++++++++++
 src/util/crypto_ecc.c                              | 34 ++++++++++++++---
 4 files changed, 102 insertions(+), 10 deletions(-)

diff --git a/src/identity/plugin_rest_identity.c 
b/src/identity/plugin_rest_identity.c
index ba0aa82f1..06ef7a174 100644
--- a/src/identity/plugin_rest_identity.c
+++ b/src/identity/plugin_rest_identity.c
@@ -1205,8 +1205,6 @@ ego_sign_data_cb (void *cls, struct GNUNET_IDENTITY_Ego 
*ego)
   char *data = (char *) ((struct ego_sign_data_cls *) cls)->data; // data is 
url decoded
   struct MHD_Response *resp;
   struct GNUNET_CRYPTO_EcdsaSignature sig;
-  struct GNUNET_IDENTITY_Signature sig_ident;
-  void *sig_buf;
   char *sig_str;
   char *result;
 
@@ -1230,16 +1228,20 @@ ego_sign_data_cb (void *cls, struct GNUNET_IDENTITY_Ego 
*ego)
   }
 
   // TODO: Encode the signature 
+  sig_str = malloc(64);
+  GNUNET_CRYPTO_ecdsa_signature_encode(
+    (const struct GNUNET_CRYPTO_EcdsaSignature *) &sig, 
+    &sig_str);
 
   GNUNET_asprintf (&result,
-                   "{\"data\": \"%s\", \"signature\": \"%s\"}",
-                   data,
+                   "{\"signature\": \"%s\"}",
                    sig_str);
 
   resp = GNUNET_REST_create_response (result);
   handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
 
   free (data);
+  free (sig_str);
   free (result);
   free (cls);
   GNUNET_SCHEDULER_add_now (&cleanup_handle, handle);
diff --git a/src/identity/test_plugin_rest_identity_signature.sh 
b/src/identity/test_plugin_rest_identity_signature.sh
new file mode 100755
index 000000000..2a56996d5
--- /dev/null
+++ b/src/identity/test_plugin_rest_identity_signature.sh
@@ -0,0 +1,44 @@
+#!/usr/bin/bash
+
+# https://www.rfc-editor.org/rfc/rfc7515#appendix-A.3
+
+header='{"alg":"ES256"}'
+payload='{"iss":"joe",\r\n "exp":1300819380,\r\n 
"http://example.com/is_root":true}'
+
+header_payload_test=(
+    101 121 74 104 98 71 99 105 79 105 74 70 85 122 73
+    49 78 105 74 57 46 101 121 74 112 99 51 77 105 79 105
+    74 113 98 50 85 105 76 65 48 75 73 67 74 108 101 72
+    65 105 79 106 69 122 77 68 65 52 77 84 107 122 79 68
+    65 115 68 81 111 103 73 109 104 48 100 72 65 54 76
+    121 57 108 101 71 70 116 99 71 120 108 76 109 78 118
+    98 83 57 112 99 49 57 121 98 50 57 48 73 106 112 48
+    99 110 86 108 102 81)
+
+base64url_encode () {
+    echo -n -e "$1" | base64 -w0 | tr '+/' '-_' | tr -d '='
+}
+
+# encode header_payload test vektor
+for i in "${header_payload_test[@]}"
+do 
+    header_payload_test_enc+=$(printf "\x$(printf %x $i)")
+done
+
+header_enc=$(base64url_encode "$header")
+payload_enc=$(base64url_encode "$payload")
+
+# test base64url encoding and header & payload concatenation
+if [ "$header_enc.$payload_enc" != $header_payload_test_enc ] ; 
+then 
+    exit 1
+fi
+
+signature_enc=$(curl -s 
"localhost:7776/sign?user=tristan&data=$header_payload_enc" | jq -r 
'.signature')
+echo "$header_enc.$payload_enc.$signature_enc"
+
+# TODO: Test Signature
+    # Gen key: Public Key GNS zone type value + d in crockford encoding
+    # Create new ego with key
+    # Check if signaure is valid using openssh
+    # Check if signaure is valid with test vektor
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 69ecf8432..1d5722450 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -1961,6 +1961,30 @@ GNUNET_CRYPTO_ecdsa_sign_raw (
   size_t len,
   struct GNUNET_CRYPTO_EcdsaSignature *sig);
 
+/**
+ * @brief 
+ * 
+ * @param sig 
+ * @param sig_str 
+ * @return enum GNUNET_GenericReturnValue 
+ */
+size_t
+GNUNET_CRYPTO_ecdsa_signature_encode(
+  const struct GNUNET_CRYPTO_EcdsaSignature *sig,
+  char **sig_str);
+
+/**
+ * @brief 
+ * 
+ * @param sig_str 
+ * @param sig 
+ * @return enum GNUNET_GenericReturnValue 
+ */
+size_t
+GNUNET_CRYPTO_ecdsa_signature_decode(
+  const char *sig_str,
+  struct GNUNET_CRYPTO_EcdsaSignature *sig);
+
 /**
  * @ingroup crypto
  * @brief ECDSA sign a given block.
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 11e882de1..36945e291 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -595,7 +595,7 @@ GNUNET_CRYPTO_ecdsa_sign_ (
 }
 
 // TODO: Code reuse with GNUNET_CRYPTO_ecdsa_sign_
-// Refactor above as a wrapper around raw 
+// Refactor above as a wrapper around raw
 enum GNUNET_GenericReturnValue
 GNUNET_CRYPTO_ecdsa_sign_raw (
   const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
@@ -616,11 +616,11 @@ GNUNET_CRYPTO_ecdsa_sign_raw (
   // Hash data
   GNUNET_CRYPTO_hash (data, len, &hash_code);
   if (0 != (error = gcry_sexp_build (&data_sexp,
-                                  NULL,
-                                  "(data(flags rfc6979)(hash %s %b))",
-                                  "sha512",
-                                  (int) sizeof(hash_code),
-                                  &hash_code)))
+                                     NULL,
+                                     "(data(flags rfc6979)(hash %s %b))",
+                                     "sha512",
+                                     (int) sizeof(hash_code),
+                                     &hash_code)))
   {
     LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", error);
     return GNUNET_SYSERR;
@@ -658,6 +658,28 @@ GNUNET_CRYPTO_ecdsa_sign_raw (
   return GNUNET_OK;
 }
 
+size_t
+GNUNET_CRYPTO_ecdsa_signature_encode (
+  const struct GNUNET_CRYPTO_EcdsaSignature *sig,
+  char **sig_str)
+{
+  return GNUNET_STRINGS_base64url_encode (
+    (void*) sig,
+    32,
+    sig_str);
+}
+
+size_t
+GNUNET_CRYPTO_ecdsa_signature_decode (
+  const char *sig_str,
+  struct GNUNET_CRYPTO_EcdsaSignature *sig)
+{
+  return GNUNET_STRINGS_base64url_decode (
+    sig_str, 
+    strlen (sig_str),
+    (void **) &sig);
+}
+
 
 enum GNUNET_GenericReturnValue
 GNUNET_CRYPTO_eddsa_sign_ (

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[gnunet] branch master updated (fcfa115e2 -> cc70504a2), gnunet, 2022/08/31
- [gnunet] 01/06: - siop for reclaim; A rest endpoint that signs stuff, gnunet, 2022/08/31
- [gnunet] 04/06: -switch to EdDSA egos only for signature rest endpoint, gnunet, 2022/08/31
- [gnunet] 02/06: -sign rest api + unfinished test, gnunet <=
- [gnunet] 03/06: - add to gitignore, gnunet, 2022/08/31
- [gnunet] 06/06: Merge branch 'dev/trizuz/siop', gnunet, 2022/08/31
- [gnunet] 05/06: - finished test for signature rest endpoint, gnunet, 2022/08/31

Prev by Date: [gnunet] 04/06: -switch to EdDSA egos only for signature rest endpoint
Next by Date: [gnunet] 03/06: - add to gitignore
Previous by thread: [gnunet] 04/06: -switch to EdDSA egos only for signature rest endpoint
Next by thread: [gnunet] 03/06: - add to gitignore
Index(es):
- Date
- Thread