On 6/13/20 6:47 PM, Alessio Vanni wrote: > Hello, > > I have a service which sends some data to a remote peer via CADET to a > well known port. This data is preceded by a header with a bunch of > informations, including a signature to verify that nothing happened > while the data was being transmitted. I thought I could use CRYPTO to > sign this data, but it's a bit unclear how it works. The signature > should be performed using the keys of an ego. > > The function to sign the data expects a "purpose", which is a structure > with two field: "size" and "purpose". It's not clear where the data to > sign goes, but I'll guess it goes after the structure, similarily to how > messages created with `GNUNET_MQ_msg_extra' have extra space at the end.
Yes, you should put the data to sign into a struct with the 'purpose'
first and the rest afterwards.
> The "purpose" field has a problem though: the documentation says the
> value has to be one from "gnunet_signatures.h", but none of them are a
> "generic signature" value, only something specific to a certain
> situation.
You should define a new value for your application. This is important:
otherwise, someone could say sign data with a key using your
application, and then use that signature in a different context for a
different application. The 'purpose' ensures that all signatures are
generated specific to the context where they will be used.
> There is also another small problem, because the data can have a size
> that can fit into a uint64_t (when sent through CADET, the data is
> fragmented as needed) and the "size" field in the purpose is a uint32_t,
> but since the service is still being developed the uint64_t can become a
> uint32_t if needed.
You should in this case put a hash over the data you are signing behind
the purpose, and not the entire data:
struct MySignData {
struct Purpose purpose;
struct GNUNET_HashCode hc;
} msd = {
.purpose.purpose = htonl (NEW_CONSTANT),
.purpose.size = htonl (sizeof (msd))
};
You may want to use the HashContext to hash the data in a streaming way
instead of requiring it all to be in memory at the same time.
> With all that said, how can I sign some data using CRYPTO?
The most important bit is to define a new purpose constant. I hope to
"soon" convert gnunet_signatures.h into a GANA
(https://gana.gnunet.org/) recfile, that will make it easier for
out-of-tree applications to properly register a new purpose value.
signature.asc
Description: OpenPGP digital signature
