diff options
author | Christian Grothoff <grothoff@gnunet.org> | 2023-10-25 22:54:20 +0200 |
---|---|---|
committer | Christian Grothoff <grothoff@gnunet.org> | 2023-10-25 22:54:20 +0200 |
commit | 82d7d87cc3946a01bfed221c7da0fb9ef2c18eb1 (patch) | |
tree | f0d3cb66869650e7dc1a5bc3a197c5f05636cf3e /src/pq | |
parent | bc74ed7c2eb54820a58cf832cb7aa83b1b331458 (diff) |
new blind signing code builds
Diffstat (limited to 'src/pq')
-rw-r--r-- | src/pq/pq_query_helper.c | 147 | ||||
-rw-r--r-- | src/pq/pq_result_helper.c | 188 |
2 files changed, 199 insertions, 136 deletions
diff --git a/src/pq/pq_query_helper.c b/src/pq/pq_query_helper.c index dd6cf6733..f66844515 100644 --- a/src/pq/pq_query_helper.c +++ b/src/pq/pq_query_helper.c @@ -234,6 +234,7 @@ qconv_denom_pub (void *cls, unsigned int scratch_length) { const struct TALER_DenominationPublicKey *denom_pub = data; + const struct GNUNET_CRYPTO_BlindSignPublicKey *bsp = denom_pub->bsign_pub_key; size_t tlen; size_t len; uint32_t be[2]; @@ -245,17 +246,17 @@ qconv_denom_pub (void *cls, GNUNET_assert (1 == param_length); GNUNET_assert (scratch_length > 0); GNUNET_break (NULL == cls); - be[0] = htonl ((uint32_t) denom_pub->cipher); + be[0] = htonl ((uint32_t) bsp->cipher); be[1] = htonl (denom_pub->age_mask.bits); - switch (denom_pub->cipher) + switch (bsp->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_RSA: tlen = GNUNET_CRYPTO_rsa_public_key_encode ( - denom_pub->details.rsa_public_key, + bsp->details.rsa_public_key, &tbuf); break; - case TALER_DENOMINATION_CS: - tlen = sizeof (denom_pub->details.cs_public_key); + case GNUNET_CRYPTO_BSA_CS: + tlen = sizeof (bsp->details.cs_public_key); break; default: GNUNET_assert (0); @@ -265,17 +266,17 @@ qconv_denom_pub (void *cls, GNUNET_memcpy (buf, be, sizeof (be)); - switch (denom_pub->cipher) + switch (bsp->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_RSA: GNUNET_memcpy (&buf[sizeof (be)], tbuf, tlen); GNUNET_free (tbuf); break; - case TALER_DENOMINATION_CS: + case GNUNET_CRYPTO_BSA_CS: GNUNET_memcpy (&buf[sizeof (be)], - &denom_pub->details.cs_public_key, + &bsp->details.cs_public_key, tlen); break; default: @@ -330,6 +331,7 @@ qconv_denom_sig (void *cls, unsigned int scratch_length) { const struct TALER_DenominationSignature *denom_sig = data; + const struct GNUNET_CRYPTO_UnblindedSignature *ubs = denom_sig->unblinded_sig; size_t tlen; size_t len; uint32_t be[2]; @@ -341,17 +343,17 @@ qconv_denom_sig (void *cls, GNUNET_assert (1 == param_length); GNUNET_assert (scratch_length > 0); GNUNET_break (NULL == cls); - be[0] = htonl ((uint32_t) denom_sig->cipher); + be[0] = htonl ((uint32_t) ubs->cipher); be[1] = htonl (0x00); /* magic marker: unblinded */ - switch (denom_sig->cipher) + switch (ubs->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_RSA: tlen = GNUNET_CRYPTO_rsa_signature_encode ( - denom_sig->details.rsa_signature, + ubs->details.rsa_signature, &tbuf); break; - case TALER_DENOMINATION_CS: - tlen = sizeof (denom_sig->details.cs_signature); + case GNUNET_CRYPTO_BSA_CS: + tlen = sizeof (ubs->details.cs_signature); break; default: GNUNET_assert (0); @@ -361,17 +363,17 @@ qconv_denom_sig (void *cls, GNUNET_memcpy (buf, &be, sizeof (be)); - switch (denom_sig->cipher) + switch (ubs->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_RSA: GNUNET_memcpy (&buf[sizeof (be)], tbuf, tlen); GNUNET_free (tbuf); break; - case TALER_DENOMINATION_CS: + case GNUNET_CRYPTO_BSA_CS: GNUNET_memcpy (&buf[sizeof (be)], - &denom_sig->details.cs_signature, + &ubs->details.cs_signature, tlen); break; default: @@ -426,6 +428,7 @@ qconv_blinded_denom_sig (void *cls, unsigned int scratch_length) { const struct TALER_BlindedDenominationSignature *denom_sig = data; + const struct GNUNET_CRYPTO_BlindedSignature *bs = denom_sig->blinded_sig; size_t tlen; size_t len; uint32_t be[2]; @@ -437,17 +440,17 @@ qconv_blinded_denom_sig (void *cls, GNUNET_assert (1 == param_length); GNUNET_assert (scratch_length > 0); GNUNET_break (NULL == cls); - be[0] = htonl ((uint32_t) denom_sig->cipher); + be[0] = htonl ((uint32_t) bs->cipher); be[1] = htonl (0x01); /* magic marker: blinded */ - switch (denom_sig->cipher) + switch (bs->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_RSA: tlen = GNUNET_CRYPTO_rsa_signature_encode ( - denom_sig->details.blinded_rsa_signature, + bs->details.blinded_rsa_signature, &tbuf); break; - case TALER_DENOMINATION_CS: - tlen = sizeof (denom_sig->details.blinded_cs_answer); + case GNUNET_CRYPTO_BSA_CS: + tlen = sizeof (bs->details.blinded_cs_answer); break; default: GNUNET_assert (0); @@ -457,17 +460,17 @@ qconv_blinded_denom_sig (void *cls, GNUNET_memcpy (buf, &be, sizeof (be)); - switch (denom_sig->cipher) + switch (bs->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_RSA: GNUNET_memcpy (&buf[sizeof (be)], tbuf, tlen); GNUNET_free (tbuf); break; - case TALER_DENOMINATION_CS: + case GNUNET_CRYPTO_BSA_CS: GNUNET_memcpy (&buf[sizeof (be)], - &denom_sig->details.blinded_cs_answer, + &bs->details.blinded_cs_answer, tlen); break; default: @@ -522,6 +525,7 @@ qconv_blinded_planchet (void *cls, unsigned int scratch_length) { const struct TALER_BlindedPlanchet *bp = data; + const struct GNUNET_CRYPTO_BlindedMessage *bm = bp->blinded_message; size_t tlen; size_t len; uint32_t be[2]; @@ -532,15 +536,15 @@ qconv_blinded_planchet (void *cls, GNUNET_assert (1 == param_length); GNUNET_assert (scratch_length > 0); GNUNET_break (NULL == cls); - be[0] = htonl ((uint32_t) bp->cipher); + be[0] = htonl ((uint32_t) bm->cipher); be[1] = htonl (0x0100); /* magic marker: blinded */ - switch (bp->cipher) + switch (bm->cipher) { - case TALER_DENOMINATION_RSA: - tlen = bp->details.rsa_blinded_planchet.blinded_msg_size; + case GNUNET_CRYPTO_BSA_RSA: + tlen = bm->details.rsa_blinded_message.blinded_msg_size; break; - case TALER_DENOMINATION_CS: - tlen = sizeof (bp->details.cs_blinded_planchet); + case GNUNET_CRYPTO_BSA_CS: + tlen = sizeof (bm->details.cs_blinded_message); break; default: GNUNET_assert (0); @@ -550,16 +554,16 @@ qconv_blinded_planchet (void *cls, GNUNET_memcpy (buf, &be, sizeof (be)); - switch (bp->cipher) + switch (bm->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_RSA: GNUNET_memcpy (&buf[sizeof (be)], - bp->details.rsa_blinded_planchet.blinded_msg, + bm->details.rsa_blinded_message.blinded_msg, tlen); break; - case TALER_DENOMINATION_CS: + case GNUNET_CRYPTO_BSA_CS: GNUNET_memcpy (&buf[sizeof (be)], - &bp->details.cs_blinded_planchet, + &bm->details.cs_blinded_message, tlen); break; default: @@ -613,6 +617,8 @@ qconv_exchange_withdraw_values (void *cls, unsigned int scratch_length) { const struct TALER_ExchangeWithdrawValues *alg_values = data; + const struct GNUNET_CRYPTO_BlindingInputValues *bi = + alg_values->blinding_inputs; size_t tlen; size_t len; uint32_t be[2]; @@ -623,15 +629,15 @@ qconv_exchange_withdraw_values (void *cls, GNUNET_assert (1 == param_length); GNUNET_assert (scratch_length > 0); GNUNET_break (NULL == cls); - be[0] = htonl ((uint32_t) alg_values->cipher); + be[0] = htonl ((uint32_t) bi->cipher); be[1] = htonl (0x010000); /* magic marker: EWV */ - switch (alg_values->cipher) + switch (bi->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_RSA: tlen = 0; break; - case TALER_DENOMINATION_CS: - tlen = sizeof (struct TALER_DenominationCSPublicRPairP); + case GNUNET_CRYPTO_BSA_CS: + tlen = sizeof (struct GNUNET_CRYPTO_CSPublicRPairP); break; default: GNUNET_assert (0); @@ -641,13 +647,13 @@ qconv_exchange_withdraw_values (void *cls, GNUNET_memcpy (buf, &be, sizeof (be)); - switch (alg_values->cipher) + switch (bi->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_RSA: break; - case TALER_DENOMINATION_CS: + case GNUNET_CRYPTO_BSA_CS: GNUNET_memcpy (&buf[sizeof (be)], - &alg_values->details.cs_values, + &bi->details.cs_values, tlen); break; default: @@ -840,14 +846,14 @@ qconv_array ( same_sized = (0 != meta->same_size); #define RETURN_UNLESS(cond) \ - do { \ - if (! (cond)) \ - { \ - GNUNET_break ((cond)); \ - noerror = false; \ - goto DONE; \ - } \ - } while (0) + do { \ + if (! (cond)) \ + { \ + GNUNET_break ((cond)); \ + noerror = false; \ + goto DONE; \ + } \ + } while (0) /* Calculate sizes and check bounds */ { @@ -885,16 +891,19 @@ qconv_array ( for (size_t i = 0; i<num; i++) { - switch (denom_sigs[i].cipher) + const struct GNUNET_CRYPTO_BlindedSignature *bs = + denom_sigs[i].blinded_sig; + + switch (bs->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_RSA: len = GNUNET_CRYPTO_rsa_signature_encode ( - denom_sigs[i].details.blinded_rsa_signature, + bs->details.blinded_rsa_signature, &buffers[i]); RETURN_UNLESS (len != 0); break; - case TALER_DENOMINATION_CS: - len = sizeof (denom_sigs[i].details.blinded_cs_answer); + case GNUNET_CRYPTO_BSA_CS: + len = sizeof (bs->details.blinded_cs_answer); break; default: GNUNET_assert (0); @@ -978,9 +987,11 @@ qconv_array ( case TALER_PQ_array_of_blinded_denom_sig: { const struct TALER_BlindedDenominationSignature *denom_sigs = data; + const struct GNUNET_CRYPTO_BlindedSignature *bs = + denom_sigs[i].blinded_sig; uint32_t be[2]; - be[0] = htonl ((uint32_t) denom_sigs[i].cipher); + be[0] = htonl ((uint32_t) bs->cipher); be[1] = htonl (0x01); /* magic margker: blinded */ GNUNET_memcpy (out, &be, @@ -988,18 +999,18 @@ qconv_array ( out += sizeof(be); sz -= sizeof(be); - switch (denom_sigs[i].cipher) + switch (bs->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_RSA: /* For RSA, 'same_sized' must have been false */ GNUNET_assert (NULL != buffers); GNUNET_memcpy (out, buffers[i], sz); break; - case TALER_DENOMINATION_CS: + case GNUNET_CRYPTO_BSA_CS: GNUNET_memcpy (out, - &denom_sigs[i].details.blinded_cs_answer, + &bs->details.blinded_cs_answer, sz); break; default: diff --git a/src/pq/pq_result_helper.c b/src/pq/pq_result_helper.c index 95850bcc0..06c72267b 100644 --- a/src/pq/pq_result_helper.c +++ b/src/pq/pq_result_helper.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2014-2022 Taler Systems SA + Copyright (C) 2014-2023 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software @@ -425,6 +425,7 @@ extract_denom_pub (void *cls, void *dst) { struct TALER_DenominationPublicKey *pk = dst; + struct GNUNET_CRYPTO_BlindSignPublicKey *bpk; size_t len; const char *res; int fnum; @@ -462,33 +463,41 @@ extract_denom_pub (void *cls, sizeof (be)); res += sizeof (be); len -= sizeof (be); - pk->cipher = ntohl (be[0]); + bpk = GNUNET_new (struct GNUNET_CRYPTO_BlindSignPublicKey); + bpk->cipher = ntohl (be[0]); + bpk->rc = 1; pk->age_mask.bits = ntohl (be[1]); - switch (pk->cipher) + switch (bpk->cipher) { - case TALER_DENOMINATION_RSA: - pk->details.rsa_public_key + case GNUNET_CRYPTO_BSA_INVALID: + break; + case GNUNET_CRYPTO_BSA_RSA: + bpk->details.rsa_public_key = GNUNET_CRYPTO_rsa_public_key_decode (res, len); - if (NULL == pk->details.rsa_public_key) + if (NULL == bpk->details.rsa_public_key) { GNUNET_break (0); + GNUNET_free (bpk); return GNUNET_SYSERR; } + pk->bsign_pub_key = bpk; return GNUNET_OK; - case TALER_DENOMINATION_CS: - if (sizeof (pk->details.cs_public_key) != len) + case GNUNET_CRYPTO_BSA_CS: + if (sizeof (bpk->details.cs_public_key) != len) { GNUNET_break (0); + GNUNET_free (bpk); return GNUNET_SYSERR; } - GNUNET_memcpy (&pk->details.cs_public_key, + GNUNET_memcpy (&bpk->details.cs_public_key, res, len); + pk->bsign_pub_key = bpk; return GNUNET_OK; - default: - GNUNET_break (0); } + GNUNET_break (0); + GNUNET_free (bpk); return GNUNET_SYSERR; } @@ -548,6 +557,7 @@ extract_denom_sig (void *cls, void *dst) { struct TALER_DenominationSignature *sig = dst; + struct GNUNET_CRYPTO_UnblindedSignature *ubs; size_t len; const char *res; int fnum; @@ -590,32 +600,40 @@ extract_denom_sig (void *cls, } res += sizeof (be); len -= sizeof (be); - sig->cipher = ntohl (be[0]); - switch (sig->cipher) + ubs = GNUNET_new (struct GNUNET_CRYPTO_UnblindedSignature); + ubs->rc = 1; + ubs->cipher = ntohl (be[0]); + switch (ubs->cipher) { - case TALER_DENOMINATION_RSA: - sig->details.rsa_signature + case GNUNET_CRYPTO_BSA_INVALID: + break; + case GNUNET_CRYPTO_BSA_RSA: + ubs->details.rsa_signature = GNUNET_CRYPTO_rsa_signature_decode (res, len); - if (NULL == sig->details.rsa_signature) + if (NULL == ubs->details.rsa_signature) { GNUNET_break (0); + GNUNET_free (ubs); return GNUNET_SYSERR; } + sig->unblinded_sig = ubs; return GNUNET_OK; - case TALER_DENOMINATION_CS: - if (sizeof (sig->details.cs_signature) != len) + case GNUNET_CRYPTO_BSA_CS: + if (sizeof (ubs->details.cs_signature) != len) { GNUNET_break (0); return GNUNET_SYSERR; } - GNUNET_memcpy (&sig->details.cs_signature, + GNUNET_memcpy (&ubs->details.cs_signature, res, len); + sig->unblinded_sig = ubs; + GNUNET_free (ubs); return GNUNET_OK; - default: - GNUNET_break (0); } + GNUNET_break (0); + GNUNET_free (ubs); return GNUNET_SYSERR; } @@ -675,6 +693,7 @@ extract_blinded_denom_sig (void *cls, void *dst) { struct TALER_BlindedDenominationSignature *sig = dst; + struct GNUNET_CRYPTO_BlindedSignature *bs; size_t len; const char *res; int fnum; @@ -717,32 +736,40 @@ extract_blinded_denom_sig (void *cls, } res += sizeof (be); len -= sizeof (be); - sig->cipher = ntohl (be[0]); - switch (sig->cipher) + bs = GNUNET_new (struct GNUNET_CRYPTO_BlindedSignature); + bs->rc = 1; + bs->cipher = ntohl (be[0]); + switch (bs->cipher) { - case TALER_DENOMINATION_RSA: - sig->details.blinded_rsa_signature + case GNUNET_CRYPTO_BSA_INVALID: + break; + case GNUNET_CRYPTO_BSA_RSA: + bs->details.blinded_rsa_signature = GNUNET_CRYPTO_rsa_signature_decode (res, len); - if (NULL == sig->details.blinded_rsa_signature) + if (NULL == bs->details.blinded_rsa_signature) { GNUNET_break (0); + GNUNET_free (bs); return GNUNET_SYSERR; } + sig->blinded_sig = bs; return GNUNET_OK; - case TALER_DENOMINATION_CS: - if (sizeof (sig->details.blinded_cs_answer) != len) + case GNUNET_CRYPTO_BSA_CS: + if (sizeof (bs->details.blinded_cs_answer) != len) { GNUNET_break (0); + GNUNET_free (bs); return GNUNET_SYSERR; } - GNUNET_memcpy (&sig->details.blinded_cs_answer, + GNUNET_memcpy (&bs->details.blinded_cs_answer, res, len); + sig->blinded_sig = bs; return GNUNET_OK; - default: - GNUNET_break (0); } + GNUNET_break (0); + GNUNET_free (bs); return GNUNET_SYSERR; } @@ -803,6 +830,7 @@ extract_blinded_planchet (void *cls, void *dst) { struct TALER_BlindedPlanchet *bp = dst; + struct GNUNET_CRYPTO_BlindedMessage *bm; size_t len; const char *res; int fnum; @@ -845,29 +873,36 @@ extract_blinded_planchet (void *cls, } res += sizeof (be); len -= sizeof (be); - bp->cipher = ntohl (be[0]); - switch (bp->cipher) + bm = GNUNET_new (struct GNUNET_CRYPTO_BlindedMessage); + bm->rc = 1; + bm->cipher = ntohl (be[0]); + switch (bm->cipher) { - case TALER_DENOMINATION_RSA: - bp->details.rsa_blinded_planchet.blinded_msg_size + case GNUNET_CRYPTO_BSA_INVALID: + break; + case GNUNET_CRYPTO_BSA_RSA: + bm->details.rsa_blinded_message.blinded_msg_size = len; - bp->details.rsa_blinded_planchet.blinded_msg + bm->details.rsa_blinded_message.blinded_msg = GNUNET_memdup (res, len); + bp->blinded_message = bm; return GNUNET_OK; - case TALER_DENOMINATION_CS: - if (sizeof (bp->details.cs_blinded_planchet) != len) + case GNUNET_CRYPTO_BSA_CS: + if (sizeof (bm->details.cs_blinded_message) != len) { GNUNET_break (0); + GNUNET_free (bm); return GNUNET_SYSERR; } - GNUNET_memcpy (&bp->details.cs_blinded_planchet, + GNUNET_memcpy (&bm->details.cs_blinded_message, res, len); + bp->blinded_message = bm; return GNUNET_OK; - default: - GNUNET_break (0); } + GNUNET_break (0); + GNUNET_free (bm); return GNUNET_SYSERR; } @@ -928,6 +963,7 @@ extract_exchange_withdraw_values (void *cls, void *dst) { struct TALER_ExchangeWithdrawValues *alg_values = dst; + struct GNUNET_CRYPTO_BlindingInputValues *bi; size_t len; const char *res; int fnum; @@ -970,29 +1006,37 @@ extract_exchange_withdraw_values (void *cls, } res += sizeof (be); len -= sizeof (be); - alg_values->cipher = ntohl (be[0]); - switch (alg_values->cipher) + bi = GNUNET_new (struct GNUNET_CRYPTO_BlindingInputValues); + bi->rc = 1; + bi->cipher = ntohl (be[0]); + switch (bi->cipher) { - case TALER_DENOMINATION_RSA: + case GNUNET_CRYPTO_BSA_INVALID: + break; + case GNUNET_CRYPTO_BSA_RSA: if (0 != len) { GNUNET_break (0); + GNUNET_free (bi); return GNUNET_SYSERR; } + alg_values->blinding_inputs = bi; return GNUNET_OK; - case TALER_DENOMINATION_CS: - if (sizeof (struct TALER_DenominationCSPublicRPairP) != len) + case GNUNET_CRYPTO_BSA_CS: + if (sizeof (bi->details.cs_values) != len) { GNUNET_break (0); + GNUNET_free (bi); return GNUNET_SYSERR; } - GNUNET_memcpy (&alg_values->details.cs_values, + GNUNET_memcpy (&bi->details.cs_values, res, len); + alg_values->blinding_inputs = bi; return GNUNET_OK; - default: - GNUNET_break (0); } + GNUNET_break (0); + GNUNET_free (bi); return GNUNET_SYSERR; } @@ -1076,13 +1120,13 @@ extract_array_generic ( *((void **) dst) = NULL; #define FAIL_IF(cond) \ - do { \ - if ((cond)) \ - { \ - GNUNET_break (! (cond)); \ - goto FAIL; \ - } \ - } while (0) + do { \ + if ((cond)) \ + { \ + GNUNET_break (! (cond)); \ + goto FAIL; \ + } \ + } while (0) col_num = PQfnumber (result, fname); FAIL_IF (0 > col_num); @@ -1223,6 +1267,7 @@ extract_array_generic ( for (uint32_t i = 0; i < header.dim; i++) { struct TALER_BlindedDenominationSignature *denom_sig = &denom_sigs[i]; + struct GNUNET_CRYPTO_BlindedSignature *bs; uint32_t be[2]; uint32_t val; size_t sz; @@ -1241,28 +1286,35 @@ extract_array_generic ( in += sizeof(be); sz -= sizeof(be); - - denom_sig->cipher = ntohl (be[0]); - switch (denom_sig->cipher) + bs = GNUNET_new (struct GNUNET_CRYPTO_BlindedSignature); + bs->cipher = ntohl (be[0]); + switch (bs->cipher) { - case TALER_DENOMINATION_RSA: - denom_sig->details.blinded_rsa_signature = + case GNUNET_CRYPTO_BSA_RSA: + bs->details.blinded_rsa_signature = GNUNET_CRYPTO_rsa_signature_decode (in, sz); - FAIL_IF (NULL == denom_sig->details.blinded_rsa_signature); + if (NULL == bs->details.blinded_rsa_signature) + { + GNUNET_free (bs); + FAIL_IF (true); + } break; - - case TALER_DENOMINATION_CS: - FAIL_IF (sizeof(denom_sig->details.blinded_cs_answer) != sz); - GNUNET_memcpy (&denom_sig->details.blinded_cs_answer, + case GNUNET_CRYPTO_BSA_CS: + if (sizeof(bs->details.blinded_cs_answer) != sz) + { + GNUNET_free (bs); + FAIL_IF (true); + } + GNUNET_memcpy (&bs->details.blinded_cs_answer, in, sz); break; - default: + GNUNET_free (bs); FAIL_IF (true); } - + denom_sig->blinded_sig = bs; in += sz; } return GNUNET_OK; |