diff --git a/rhizome_crypto.c b/rhizome_crypto.c index 502cf807..0d88a269 100644 --- a/rhizome_crypto.c +++ b/rhizome_crypto.c @@ -87,21 +87,22 @@ int rhizome_bk_xor(const unsigned char *authorSid, // binary unsigned char bkin[crypto_sign_edwards25519sha512batch_SECRETKEYBYTES], unsigned char bkout[crypto_sign_edwards25519sha512batch_SECRETKEYBYTES]) { + IN(); if (crypto_sign_edwards25519sha512batch_SECRETKEYBYTES > crypto_hash_sha512_BYTES) - return WHY("BK needs to be longer than it can be"); + { RETURN(WHY("BK needs to be longer than it can be")); } int cn=0,in=0,kp=0; if (!keyring_find_sid(keyring,&cn,&in,&kp,authorSid)) { if (debug & DEBUG_RHIZOME) DEBUG("identity not in keyring"); - return 1; + { RETURN(1); } } kp = keyring_identity_find_keytype(keyring, cn, in, KEYTYPE_RHIZOME); if (kp == -1) { if (debug & DEBUG_RHIZOME) DEBUG("identity has no Rhizome Secret"); - return 2; + RETURN(2); } int rs_len=keyring->contexts[cn]->identities[in]->keypairs[kp]->private_key_len; if (rs_len<16||rs_len>1024) - return WHYF("invalid Rhizome Secret: length=%d", rs_len); + { RETURN(WHYF("invalid Rhizome Secret: length=%d", rs_len)); } unsigned char *rs=keyring->contexts[cn]->identities[in]->keypairs[kp]->private_key; int combined_len=rs_len+crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES; unsigned char buffer[combined_len]; @@ -114,7 +115,7 @@ int rhizome_bk_xor(const unsigned char *authorSid, // binary bkout[i]=bkin[i]^hash[i]; bzero(&buffer[0],combined_len); bzero(&hash[0],crypto_hash_sha512_BYTES); - return 0; + RETURN(0); } /* See if the manifest has a BK entry, and if so, use it to obtain the @@ -131,18 +132,20 @@ int rhizome_bk_xor(const unsigned char *authorSid, // binary */ int rhizome_extract_privatekey(rhizome_manifest *m, const unsigned char *authorSid) { + IN(); + char desc[1024]; char *bk = rhizome_manifest_get(m, "BK", NULL, 0); - if (!bk) return WHY("missing BK field"); + if (!bk) { RETURN(WHY("missing BK field")); } unsigned char bkBytes[RHIZOME_BUNDLE_KEY_BYTES]; if (fromhexstr(bkBytes, bk, RHIZOME_BUNDLE_KEY_BYTES) == -1) - return WHYF("invalid BK field: %s", bk); + { RETURN(WHYF("invalid BK field: %s", bk)); } switch (rhizome_bk_xor(authorSid, m->cryptoSignPublic, bkBytes, m->cryptoSignSecret)) { case -1: - return WHY("rhizome_bk_xor() failed"); + RETURN(WHY("rhizome_bk_xor() failed")); case 0: - return rhizome_verify_bundle_privatekey(m); + RETURN(rhizome_verify_bundle_privatekey(m)); } - return WHYF("Rhizome secret for %s not found. (Have you unlocked the identity?)", alloca_tohex_sid(authorSid)); + RETURN(WHYF("Rhizome secret for %s not found. (Have you unlocked the identity?)", alloca_tohex_sid(authorSid))); } /* @@ -155,14 +158,15 @@ int rhizome_extract_privatekey(rhizome_manifest *m, const unsigned char *authorS */ int rhizome_is_self_signed(rhizome_manifest *m) { + IN(); char *bk = rhizome_manifest_get(m, "BK", NULL, 0); if (!bk) { if (debug & DEBUG_RHIZOME) DEBUGF("missing BK field"); - return 1; + RETURN(1); } unsigned char bkBytes[RHIZOME_BUNDLE_KEY_BYTES]; if (fromhexstr(bkBytes, bk, RHIZOME_BUNDLE_KEY_BYTES) == -1) - return WHYF("invalid BK field: %s", bk); + { RETURN(WHYF("invalid BK field: %s", bk)); } int cn = 0, in = 0, kp = 0; for (; keyring_next_identity(keyring, &cn, &in, &kp); ++kp) { const unsigned char *authorSid = keyring->contexts[cn]->identities[in]->keypairs[kp]->public_key; @@ -171,15 +175,15 @@ int rhizome_is_self_signed(rhizome_manifest *m) if (rkp != -1) { switch (rhizome_bk_xor(authorSid, m->cryptoSignPublic, bkBytes, m->cryptoSignSecret)) { case -1: - return WHY("rhizome_bk_xor() failed"); + RETURN(WHY("rhizome_bk_xor() failed")); case 0: if (rhizome_verify_bundle_privatekey(m) == 0) - return 0; // bingo + RETURN(0); // bingo break; } } } - return 2; // not self signed + RETURN(2); // not self signed } /* Verify the validity of the manifest's sccret key. @@ -189,6 +193,7 @@ int rhizome_is_self_signed(rhizome_manifest *m) */ int rhizome_verify_bundle_privatekey(rhizome_manifest *m) { + IN(); #ifdef HAVE_CRYPTO_SIGN_NACL_GE25519_H # include "crypto_sign_edwards25519sha512batch_ref/ge25519.h" #else @@ -207,31 +212,32 @@ int rhizome_verify_bundle_privatekey(rhizome_manifest *m) bzero(&scsk,sizeof(scsk)); if (memcmp(pk, m->cryptoSignPublic, crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES) == 0) { m->haveSecret = 1; - return 0; // valid + RETURN(0); // valid } m->haveSecret = 0; if (debug & DEBUG_RHIZOME) { DEBUGF(" stored public key = %s*", alloca_tohex(m->cryptoSignPublic, 8)); DEBUGF("computed public key = %s*", alloca_tohex(pk, 8)); } - return 1; // invalid + RETURN(1); // invalid #else //!ge25519 /* XXX Need to test key by signing and testing signature validity. */ /* For the time being barf so that the caller does not think we have a validated BK when in fact we do not. */ m->haveSecret=0; - return WHY("ge25519 function not available"); + RETURN(WHY("ge25519 function not available")); #endif //!ge25519 } rhizome_signature *rhizome_sign_hash(rhizome_manifest *m, const unsigned char *authorSid) { + IN(); unsigned char *hash=m->manifesthash; unsigned char *publicKeyBytes=m->cryptoSignPublic; if (!m->haveSecret && rhizome_extract_privatekey(m, authorSid)) { WHY("Cannot find secret key to sign manifest data."); - return NULL; + RETURN(NULL); } /* Signature is formed by running crypto_sign_edwards25519sha512batch() on the @@ -245,7 +251,7 @@ rhizome_signature *rhizome_sign_hash(rhizome_manifest *m, const unsigned char *a &hash[0],mLen,m->cryptoSignSecret); if (r) { WHY("crypto_sign() failed."); - return NULL; + RETURN(NULL); } rhizome_signature *out=calloc(sizeof(rhizome_signature),1); @@ -261,23 +267,24 @@ rhizome_signature *rhizome_sign_hash(rhizome_manifest *m, const unsigned char *a out->signature[0]=out->signatureLength; - return out; + RETURN(out); } int rhizome_manifest_extract_signature(rhizome_manifest *m,int *ofs) { + IN(); unsigned char sigBuf[256]; unsigned char verifyBuf[256]; unsigned char publicKey[256]; - if (!m) return WHY("NULL pointer passed in as manifest"); + if (!m) { RETURN(WHY("NULL pointer passed in as manifest")); } - if ((*ofs)>=m->manifest_all_bytes) return 0; + if ((*ofs)>=m->manifest_all_bytes) { RETURN(0); } int len=m->manifestdata[*ofs]; if (!len) { (*ofs)=m->manifest_bytes; m->errors++; - return WHY("Zero byte signature blocks are not allowed, assuming signature section corrupt."); + RETURN(WHY("Zero byte signature blocks are not allowed, assuming signature section corrupt.")); } /* Each signature type is required to have a different length to detect it. @@ -301,7 +308,7 @@ int rhizome_manifest_extract_signature(rhizome_manifest *m,int *ofs) if (r) { (*ofs)+=len; m->errors++; - return WHY("Error in signature block (verification failed)."); + RETURN(WHY("Error in signature block (verification failed).")); } else { /* Signature block passes, so add to list of signatures */ m->signatureTypes[m->sig_count]=len; @@ -309,7 +316,7 @@ int rhizome_manifest_extract_signature(rhizome_manifest *m,int *ofs) =malloc(crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES); if(!m->signatories[m->sig_count]) { (*ofs)+=len; - return WHY("malloc() failed when reading signature block"); + RETURN(WHY("malloc() failed when reading signature block")); } bcopy(&publicKey[0],m->signatories[m->sig_count], crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES); @@ -320,7 +327,7 @@ int rhizome_manifest_extract_signature(rhizome_manifest *m,int *ofs) default: (*ofs)+=len; m->errors++; - return WHY("Encountered illegal or malformed signature block"); + RETURN(WHY("Encountered illegal or malformed signature block")); } else { @@ -330,5 +337,5 @@ int rhizome_manifest_extract_signature(rhizome_manifest *m,int *ofs) } (*ofs)+=len; - return 0; + RETURN(0); } diff --git a/rhizome_packetformats.c b/rhizome_packetformats.c index 53365c0e..ca0bd38a 100644 --- a/rhizome_packetformats.c +++ b/rhizome_packetformats.c @@ -23,6 +23,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. int rhizome_manifest_to_bar(rhizome_manifest *m,unsigned char *bar) { + IN(); /* BAR = Bundle Advertisement Record. Basically a 32byte precis of a given manifest, that includes version, time-to-live and geographic bounding box information that is used to help manage flooding of @@ -38,7 +39,7 @@ int rhizome_manifest_to_bar(rhizome_manifest *m,unsigned char *bar) 16 bits - max longitude (-180 - +180). */ - if (!m) return WHY("null manifest passed in"); + if (!m) { RETURN(WHY("null manifest passed in")); } int i; @@ -66,13 +67,14 @@ int rhizome_manifest_to_bar(rhizome_manifest *m,unsigned char *bar) v=(maxLat+90)*(65535/180); bar[28]=(v>>8)&0xff; bar[29]=(v>>0)&0xff; v=(maxLong+180)*(65535/360); bar[30]=(v>>8)&0xff; bar[31]=(v>>0)&0xff; - return 0; + RETURN(0); } int bundles_available=-1; int bundle_offset[2]={0,0}; int overlay_rhizome_add_advertisements(int interface_number,overlay_buffer *e) { + IN(); int voice_mode=0; /* behave differently during voice mode. @@ -87,7 +89,7 @@ int overlay_rhizome_add_advertisements(int interface_number,overlay_buffer *e) */ long long now=overlay_gettime_ms(); if (nowsizeLimit-e->length; @@ -99,12 +101,12 @@ int overlay_rhizome_add_advertisements(int interface_number,overlay_buffer *e) int bytes_available=bytes-overhead-1 /* one byte held for expanding RFS */; int bundles_advertised=0; - if (slots<1) return WHY("No room for node advertisements"); + if (slots<1) { RETURN(WHY("No room for node advertisements")); } - if (!rhizome_db) return WHY("Rhizome not enabled"); + if (!rhizome_db) { RETURN(WHY("Rhizome not enabled")); } if (ob_append_byte(e,OF_TYPE_RHIZOME_ADVERT)) - return WHY("could not add rhizome bundle advertisement header"); + { RETURN(WHY("could not add rhizome bundle advertisement header")); } ob_append_byte(e,1); /* TTL */ int rfs_offset=e->length; /* remember where the RFS byte gets stored so that we can patch it later */ @@ -141,7 +143,7 @@ int overlay_rhizome_add_advertisements(int interface_number,overlay_buffer *e) /* Get number of bundles available if required */ long long tmp = 0; if (sqlite_exec_int64(&tmp, "SELECT COUNT(BAR) FROM MANIFESTS;") != 1) - return WHY("Could not count BARs for advertisement"); + { RETURN(WHY("Could not count BARs for advertisement")); } bundles_available = (int) tmp; if (bundles_available==-1||(bundle_offset[0]>=bundles_available)) bundle_offset[0]=0; @@ -177,7 +179,7 @@ int overlay_rhizome_add_advertisements(int interface_number,overlay_buffer *e) sqlite3_close(rhizome_db); rhizome_db=NULL; WHY(query); WHY(sqlite3_errmsg(rhizome_db)); - return WHY("Could not prepare sql statement for fetching BARs for advertisement."); + RETURN(WHY("Could not prepare sql statement for fetching BARs for advertisement.")); } while((bytes_usedlength+RHIZOME_BAR_BYTES<=e->sizeLimit)) @@ -316,12 +318,13 @@ int overlay_rhizome_add_advertisements(int interface_number,overlay_buffer *e) e->length++; } - return 0; + RETURN(0); } int overlay_rhizome_saw_advertisements(int i,overlay_frame *f, long long now) { - if (!f) return -1; + IN(); + if (!f) { RETURN(-1); } int ofs=0; int ad_frame_type=f->payload->bytes[ofs++]; int manifest_length; @@ -354,19 +357,19 @@ int overlay_rhizome_saw_advertisements(int i,overlay_frame *f, long long now) m = rhizome_new_manifest(); if (!m) { WHY("Out of manifests"); - return 0; + RETURN(0); } if (rhizome_read_manifest_file(m, (char *)&f->payload->bytes[ofs], manifest_length) == -1) { WHY("Error importing manifest body"); rhizome_manifest_free(m); - return 0; + RETURN(0); } char manifest_id_prefix[RHIZOME_MANIFEST_ID_STRLEN + 1]; if (rhizome_manifest_get(m, "id", manifest_id_prefix, sizeof manifest_id_prefix) == NULL) { WHY("Manifest does not contain 'id' field"); rhizome_manifest_free(m); - return 0; + RETURN(0); } /* trim manifest ID to a prefix for ease of debugging (that is the only use of this */ @@ -385,7 +388,7 @@ int overlay_rhizome_saw_advertisements(int i,overlay_frame *f, long long now) offering the same manifest */ WARN("Ignoring manifest announcment with no signature"); rhizome_manifest_free(m); - return 0; + RETURN(0); } int importManifest=0; if (rhizome_ignore_manifest_check(m,(struct sockaddr_in *)f->recvaddr)) @@ -448,6 +451,5 @@ int overlay_rhizome_saw_advertisements(int i,overlay_frame *f, long long now) ofs+=manifest_length; } } - - return 0; + RETURN(0); }