From b23b28b16d7d32b88b09015dde0f8de331d9723c Mon Sep 17 00:00:00 2001
From: gardners <paul@servalproject.org>
Date: Mon, 29 Oct 2012 16:07:42 +1030
Subject: [PATCH] Changed rhizome manifest signature block type code semantics
 to allow signature blocks of 256 bytes, and to allow multiple signature types
 with same length. #34

---
 rhizome.h                |  2 +-
 rhizome_crypto.c         | 16 ++++++----------
 serval_packetvisualise.c |  7 ++++---
 3 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/rhizome.h b/rhizome.h
index 6fa18a01..00ad0758 100644
--- a/rhizome.h
+++ b/rhizome.h
@@ -96,7 +96,7 @@ typedef struct rhizome_manifest {
   /* Parties who have signed this manifest (raw byte format) */
   unsigned char *signatories[MAX_MANIFEST_VARS];
   /*
-    0x61 = crypto_sign_edwards25519sha512batch()
+    0x17 = crypto_sign_edwards25519sha512batch()
   */
   unsigned char signatureTypes[MAX_MANIFEST_VARS];
 
diff --git a/rhizome_crypto.c b/rhizome_crypto.c
index 162545ce..2e4defcd 100644
--- a/rhizome_crypto.c
+++ b/rhizome_crypto.c
@@ -355,7 +355,7 @@ int rhizome_sign_hash_with_key(rhizome_manifest *m,const unsigned char *sk,
   bcopy(signatureBuffer, &out->signature[1], 64);
   bcopy(pk, &out->signature[65], crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES);
   out->signatureLength = 65 + crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES;
-  out->signature[0] = out->signatureLength;
+  out->signature[0] = 0x17; // CryptoSign
   RETURN(0);
 }
 
@@ -430,21 +430,17 @@ int rhizome_manifest_extract_signature(rhizome_manifest *m,int *ofs)
 
   if ((*ofs)>=m->manifest_all_bytes) { RETURN(0); }
 
-  int len=m->manifestdata[*ofs];
-  if (!len) { 
-    (*ofs)=m->manifest_bytes;
-    m->errors++;
-    RETURN(WHY("Zero byte signature blocks are not allowed, assuming signature section corrupt."));
-  }
+  int sigType=m->manifestdata[*ofs];
+  int len=(sigType&0x3f)*4+4+1;
 
   /* Each signature type is required to have a different length to detect it.
      At present only crypto_sign_edwards25519sha512batch() signatures are
      supported. */
   int r;
   if (m->sig_count<MAX_MANIFEST_VARS)
-    switch(len) 
+    switch(sigType) 
       {
-      case 0x61: /* crypto_sign_edwards25519sha512batch() */
+      case 0x17: /* crypto_sign_edwards25519sha512batch() */
 	/* Reconstitute signature block */
 	r=rhizome_manifest_lookup_signature_validity
 	  (m->manifesthash,&m->manifestdata[(*ofs)+1],96);
@@ -481,7 +477,7 @@ int rhizome_manifest_extract_signature(rhizome_manifest *m,int *ofs)
       default:
 	(*ofs)+=len;
 	m->errors++;
-	RETURN(WHY("Encountered illegal or malformed signature block"));
+	RETURN(WHYF("Encountered illegal or malformed signature block (unknown type=0x%02x @ offset 0x%x)",sigType,(*ofs)-len));
       }
   else
     {
diff --git a/serval_packetvisualise.c b/serval_packetvisualise.c
index 5018b2f2..33de0d04 100644
--- a/serval_packetvisualise.c
+++ b/serval_packetvisualise.c
@@ -383,9 +383,10 @@ int isOverlayPacket(XPRINTF xpf, const unsigned char *packet, size_t *ofs, size_
 		  xprintf(xpf,"%sManifest signature blocks\n",indent(12));
 		  for(;j<manifest_len;)
 		    {
-		      int sigLen=frame[i+j];
-		      switch(sigLen) {
-		      case 0x61: /* cryptosign signature */
+		      int sigType=frame[i+j];
+		      int sigLen=(sigType&0x3f)*4+4+1;
+		      switch(sigType) {
+		      case 0x17: /* cryptosign signature */
 			xprintf(xpf,"%sNaCl CryptoSign Generated Signature\n",indent(14));
 			xprintf(xpf,"%sPublic key of signatory = ",indent(16));
 			for(k=0;k<32;k++) xprintf(xpf,"%02X",frame[i+j+1+64+k]);