diff options
| author | Gian Demarmels <gian@demarmels.org> | 2022-01-11 21:21:18 +0100 |
|---|---|---|
| committer | Gian Demarmels <gian@demarmels.org> | 2022-02-04 15:36:11 +0100 |
| commit | 5b7e8f9ac55990823363edffa0e907256d15ce4f (patch) | |
| tree | 7c0b265ea23c46a40e131ea3eea16090688b0a0c | |
| parent | daa7fdcfb1053bdd943ad7cd1bd8eb623d1c9157 (diff) | |
| download | exchange-5b7e8f9ac55990823363edffa0e907256d15ce4f.tar.xz | |
refactoring
| -rw-r--r-- | src/benchmark/taler-aggregator-benchmark.c | 3 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_recoup.c | 1 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_refreshes_reveal.c | 1 | ||||
| -rw-r--r-- | src/exchangedb/test_exchangedb.c | 6 | ||||
| -rw-r--r-- | src/include/taler_crypto_lib.h | 67 | ||||
| -rw-r--r-- | src/lib/exchange_api_link.c | 1 | ||||
| -rw-r--r-- | src/lib/exchange_api_refresh_common.c | 1 | ||||
| -rw-r--r-- | src/lib/exchange_api_refreshes_reveal.c | 2 | ||||
| -rw-r--r-- | src/lib/exchange_api_withdraw.c | 14 | ||||
| -rw-r--r-- | src/testing/testing_api_cmd_insert_deposit.c | 3 | ||||
| -rw-r--r-- | src/util/crypto.c | 39 | ||||
| -rw-r--r-- | src/util/crypto_helper_cs.c | 8 | ||||
| -rw-r--r-- | src/util/denom.c | 53 | ||||
| -rw-r--r-- | src/util/taler-exchange-secmod-cs.c | 31 | ||||
| -rw-r--r-- | src/util/taler-exchange-secmod-cs.h | 12 | ||||
| -rw-r--r-- | src/util/test_crypto.c | 10 | ||||
| -rw-r--r-- | src/util/test_helper_cs.c | 91 | ||||
| -rw-r--r-- | src/util/test_helper_rsa.c | 2 |
18 files changed, 202 insertions, 143 deletions
diff --git a/src/benchmark/taler-aggregator-benchmark.c b/src/benchmark/taler-aggregator-benchmark.c index 3584c811b..1515798c3 100644 --- a/src/benchmark/taler-aggregator-benchmark.c +++ b/src/benchmark/taler-aggregator-benchmark.c @@ -519,12 +519,13 @@ run (void *cls, } - TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); + TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA, NULL); GNUNET_assert (GNUNET_OK == TALER_denom_blind (&denom_pub, &ps.blinding_key, NULL, /* FIXME-oec */ &coin_pub, + NULL, /* Not needed in RSA */ &c_hash, &pd.blinded_planchet)); GNUNET_assert (GNUNET_OK == diff --git a/src/exchange/taler-exchange-httpd_recoup.c b/src/exchange/taler-exchange-httpd_recoup.c index 97eb0496f..1abb88531 100644 --- a/src/exchange/taler-exchange-httpd_recoup.c +++ b/src/exchange/taler-exchange-httpd_recoup.c @@ -254,6 +254,7 @@ verify_and_execute_recoup ( coin_bks, NULL, /* FIXME-Oec: TALER_AgeHash * */ &coin->coin_pub, + NULL, /* in RSA Case not needed*/ &c_hash, &blinded_planchet)) { diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c index 4e004025b..9d806bea5 100644 --- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c +++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c @@ -190,6 +190,7 @@ check_commitment (struct RevealContext *rctx, &ps); GNUNET_assert (GNUNET_OK == TALER_planchet_prepare (rcd->dk, + NULL, /* not needed in RSA*/ &ps, &c_hash, &pd)); diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c index ab47afe8c..75517ca18 100644 --- a/src/exchangedb/test_exchangedb.c +++ b/src/exchangedb/test_exchangedb.c @@ -578,12 +578,13 @@ test_melting (void) struct TALER_PlanchetSecretsP ps; RND_BLK (&refresh_session.coin.coin_pub); - TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); + TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA, NULL); GNUNET_assert (GNUNET_OK == TALER_denom_blind (&dkp->pub, &ps.blinding_key, NULL, /* FIXME-Oec */ &refresh_session.coin.coin_pub, + NULL, /* Not needed in RSA */ &c_hash, &pd.blinded_planchet)); GNUNET_assert (GNUNET_OK == @@ -1713,13 +1714,14 @@ run (void *cls) GNUNET_free (pd.coin_ev); } RND_BLK (&coin_pub); - TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); + TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA,NULL); GNUNET_assert (GNUNET_OK == TALER_denom_blind (&dkp->pub, &ps.blinding_key, NULL, /* FIXME-Oec */ &coin_pub, + NULL, /* Not needed in RSA */ &c_hash, &pd.blinded_planchet)); TALER_coin_ev_hash ( diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 133fc1868..c02ab4fbd 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -923,6 +923,43 @@ struct TALER_TrackTransferDetails /** + * @brief Type of CS Values for withdrawal + */ +struct TALER_ExchangeWithdrawCsValues +{ + /** + * (non-blinded) r_pub + */ + struct TALER_DenominationCsPublicR r_pub; +}; + +/** + * @brief Type of algorithm specific Values for withdrawal + */ +struct TALER_ExchangeWithdrawValues +{ + + /** + * Type of the signature. + */ + enum TALER_DenominationCipher cipher; + + /** + * Details, depending on @e cipher. + */ + union + { + /** + * If we use #TALER_DENOMINATION_CS in @a cipher. + */ + struct TALER_ExchangeWithdrawCsValues cs_values; + + } details; + +}; + + +/** * Free internals of @a denom_pub, but not @a denom_pub itself. * * @param[in] denom_pub key to free @@ -1003,11 +1040,10 @@ TALER_denom_cs_derive_r_public (const struct TALER_WithdrawNonce *nonce, * @param coin_bks blinding secret to use * @param age_commitment_hash hash of the age commitment to be used for the coin. NULL if no commitment is made. * @param coin_pub public key of the coin to blind + * @param alg_values algorithm specific values to blind the planchet * @param[out] c_hash resulting hashed coin * @param[out] coin_ev blinded coin to submit * @param[out] coin_ev_size number of bytes in @a coin_ev - * @param ... if CS algorithm, r_pub (TALER_DenominationCsPublicR) is needed to blind and - * r_pub_blind (TALER_DenominationCsPublicR) is an additional out parameter. * @return #GNUNET_OK on success */ enum GNUNET_GenericReturnValue @@ -1015,9 +1051,9 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, const union TALER_DenominationBlindingKeyP *coin_bks, const struct TALER_AgeHash *age_commitment_hash, const struct TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_ExchangeWithdrawValues *alg_values, struct TALER_CoinPubHash *c_hash, - struct TALER_BlindedPlanchet *blinded_planchet, - ...); + struct TALER_BlindedPlanchet *blinded_planchet); /** @@ -1042,7 +1078,7 @@ TALER_denom_sign_blinded (struct TALER_BlindedDenominationSignature *denom_sig, * @param bdenom_sig the blinded signature * @param bks blinding secret to use * @param denom_pub public key used for signing - * @param ... If CS algorithm, r_pub_blind (TALER_DenominationCsPublicR) is an additional param + * @param alg_values algorithm specific values * @return #GNUNET_OK on success */ enum GNUNET_GenericReturnValue @@ -1050,8 +1086,7 @@ TALER_denom_sig_unblind ( struct TALER_DenominationSignature *denom_sig, const struct TALER_BlindedDenominationSignature *bdenom_sig, const union TALER_DenominationBlindingKeyP *bks, - const struct TALER_DenominationPublicKey *denom_pub, - ...); + const struct TALER_DenominationPublicKey *denom_pub); /** @@ -1249,18 +1284,6 @@ struct TALER_PlanchetSecretsP * The blinding key. must be 32 byte */ union TALER_DenominationBlindingKeyP blinding_key; - - // only used in case of CS: - - /** - * (non-blinded) r_pub - */ - struct TALER_DenominationCsPublicR cs_r_pub; - - /** - * blinded r_pub - */ - struct TALER_DenominationCsPublicR cs_r_pub_blinded; }; @@ -1430,7 +1453,9 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps, */ void TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps, - enum TALER_DenominationCipher cipher); + enum TALER_DenominationCipher cipher, + const struct + TALER_ExchangeWithdrawValues *alg_values); /** * Prepare a planchet for tipping. Creates and blinds a coin. @@ -1445,6 +1470,7 @@ TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps, */ enum GNUNET_GenericReturnValue TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, + const struct TALER_ExchangeWithdrawValues *alg_values, struct TALER_PlanchetSecretsP *ps, struct TALER_CoinPubHash *c_hash, struct TALER_PlanchetDetail *pd); @@ -1467,6 +1493,7 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk, TALER_BlindedDenominationSignature *blind_sig, const struct TALER_PlanchetSecretsP *ps, const struct TALER_CoinPubHash *c_hash, + const struct TALER_ExchangeWithdrawValues *alg_values, struct TALER_FreshCoin *coin); diff --git a/src/lib/exchange_api_link.c b/src/lib/exchange_api_link.c index 87bb5dc94..f2ef26d1a 100644 --- a/src/lib/exchange_api_link.c +++ b/src/lib/exchange_api_link.c @@ -144,6 +144,7 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh, &old_coin_pub.eddsa_pub); if (GNUNET_OK != TALER_planchet_prepare (&rpub, + NULL, /* not needed in RSA*/ &fc, &c_hash, &pd)) diff --git a/src/lib/exchange_api_refresh_common.c b/src/lib/exchange_api_refresh_common.c index fa3e63fef..171b9adb1 100644 --- a/src/lib/exchange_api_refresh_common.c +++ b/src/lib/exchange_api_refresh_common.c @@ -432,6 +432,7 @@ TALER_EXCHANGE_refresh_prepare ( fc); if (GNUNET_OK != TALER_planchet_prepare (&md.fresh_pks[j], + NULL, /* not needed in RSA*/ fc, &c_hash, &pd)) diff --git a/src/lib/exchange_api_refreshes_reveal.c b/src/lib/exchange_api_refreshes_reveal.c index 6fc3f1a3f..42e0cc328 100644 --- a/src/lib/exchange_api_refreshes_reveal.c +++ b/src/lib/exchange_api_refreshes_reveal.c @@ -175,6 +175,7 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshesRevealHandle *rrh, &blind_sig, fc, &coin_hash, + NULL, /* Not needed in RSA case */ &coin)) { GNUNET_break_op (0); @@ -358,6 +359,7 @@ TALER_EXCHANGE_refreshes_reveal ( if (GNUNET_OK != TALER_planchet_prepare (&md->fresh_pks[i], + NULL, /* not needed in RSA*/ &md->fresh_coins[noreveal_index][i], &c_hash, &pd)) diff --git a/src/lib/exchange_api_withdraw.c b/src/lib/exchange_api_withdraw.c index e42107ab9..5102b35a3 100644 --- a/src/lib/exchange_api_withdraw.c +++ b/src/lib/exchange_api_withdraw.c @@ -74,6 +74,11 @@ struct TALER_EXCHANGE_WithdrawHandle struct TALER_PlanchetDetail pd; /** + * Values of the @cipher selected + */ + struct TALER_ExchangeWithdrawValues alg_values; + + /** * Denomination key we are withdrawing. */ struct TALER_EXCHANGE_DenomPublicKey pk; @@ -122,6 +127,7 @@ handle_reserve_withdraw_finished ( blind_sig, &wh->ps, &wh->c_hash, + &wh->alg_values, &fc)) { wr.hr.http_status = 0; @@ -180,11 +186,14 @@ withdraw_cs_stage_two_callback (void *cls, switch (csrr->hr.http_status) { case MHD_HTTP_OK: - wh->ps.cs_r_pub = csrr->details.success.r_pubs; + wh->alg_values.cipher = TALER_DENOMINATION_CS; + wh->alg_values.details.cs_values.r_pub = csrr->details.success.r_pubs; TALER_planchet_blinding_secret_create (&wh->ps, - wh->pk.key.cipher); + wh->pk.key.cipher, + &wh->alg_values); if (GNUNET_OK != TALER_planchet_prepare (&wh->pk.key, + &wh->alg_values, &wh->ps, &wh->c_hash, &wh->pd)) @@ -256,6 +265,7 @@ TALER_EXCHANGE_withdraw ( case TALER_DENOMINATION_RSA: if (GNUNET_OK != TALER_planchet_prepare (&pk->key, + NULL, /* not needed in RSA*/ ps, &wh->c_hash, &wh->pd)) diff --git a/src/testing/testing_api_cmd_insert_deposit.c b/src/testing/testing_api_cmd_insert_deposit.c index 026090bc2..eb1697d44 100644 --- a/src/testing/testing_api_cmd_insert_deposit.c +++ b/src/testing/testing_api_cmd_insert_deposit.c @@ -203,12 +203,13 @@ insert_deposit_run (void *cls, struct TALER_BlindedDenominationSignature bds; struct TALER_PlanchetSecretsP ps; - TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); + TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA, NULL); GNUNET_assert (GNUNET_OK == TALER_denom_blind (&dpk, &ps.blinding_key, NULL, /* FIXME-Oec */ &deposit.coin.coin_pub, + NULL, /* Not needed in RSA */ &c_hash, &pd.blinded_planchet)); GNUNET_assert (GNUNET_OK == diff --git a/src/util/crypto.c b/src/util/crypto.c index 664d75aa6..e64547f0f 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -209,7 +209,9 @@ TALER_cs_withdraw_nonce_derive (const struct void TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps, - enum TALER_DenominationCipher cipher) + enum TALER_DenominationCipher cipher, + const struct + TALER_ExchangeWithdrawValues *alg_values) { switch (cipher) { @@ -225,7 +227,7 @@ TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps, case TALER_DENOMINATION_CS: { cs_blinding_seed_derive (&ps->coin_priv, - ps->cs_r_pub.r_pub, + alg_values->details.cs_values.r_pub.r_pub, &ps->blinding_key.nonce); return; } @@ -253,7 +255,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps, GNUNET_break (0); return; case TALER_DENOMINATION_RSA: - TALER_planchet_blinding_secret_create (ps, TALER_DENOMINATION_RSA); + TALER_planchet_blinding_secret_create (ps, TALER_DENOMINATION_RSA, NULL); return; case TALER_DENOMINATION_CS: // Will be set in a later stage for Clause Blind Schnorr Scheme @@ -266,6 +268,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps, enum GNUNET_GenericReturnValue TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, + const struct TALER_ExchangeWithdrawValues *alg_values, struct TALER_PlanchetSecretsP *ps, struct TALER_CoinPubHash *c_hash, struct TALER_PlanchetDetail *pd) @@ -283,6 +286,7 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, &ps->blinding_key, NULL, /* FIXME-Oec */ &coin_pub, + NULL, /* RSA has no alg Values */ c_hash, &pd->blinded_planchet)) { @@ -296,10 +300,9 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, &ps->blinding_key, NULL, /* FIXME-Oec */ &coin_pub, + alg_values, c_hash, - &pd->blinded_planchet, - &ps->cs_r_pub, - &ps->cs_r_pub_blinded)) + &pd->blinded_planchet)) { GNUNET_break (0); return GNUNET_SYSERR; @@ -323,11 +326,13 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk, TALER_BlindedDenominationSignature *blind_sig, const struct TALER_PlanchetSecretsP *ps, const struct TALER_CoinPubHash *c_hash, + const struct TALER_ExchangeWithdrawValues *alg_values, struct TALER_FreshCoin *coin) { struct TALER_DenominationSignature sig; - if (dk->cipher != blind_sig->cipher) + if (dk->cipher != blind_sig->cipher + && dk->cipher != alg_values->cipher) { GNUNET_break_op (0); return GNUNET_SYSERR; @@ -347,12 +352,28 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk, } break; case TALER_DENOMINATION_CS: + struct GNUNET_CRYPTO_CsC c[2]; + struct GNUNET_CRYPTO_CsBlindingSecret bs[2]; + struct TALER_DenominationCsPublicR r_pub_blind; + + GNUNET_CRYPTO_cs_blinding_secrets_derive (&ps->blinding_key.nonce, bs); + + GNUNET_CRYPTO_cs_calc_blinded_c (bs, + alg_values->details.cs_values.r_pub.r_pub, + &dk->details.cs_public_key, + &c_hash->hash, + sizeof(struct GNUNET_HashCode), + c, + r_pub_blind.r_pub); + + sig.details.cs_signature.r_point + = r_pub_blind.r_pub[blind_sig->details.blinded_cs_answer.b]; + if (GNUNET_OK != TALER_denom_sig_unblind (&sig, blind_sig, &ps->blinding_key, - dk, - &ps->cs_r_pub_blinded)) + dk)) { GNUNET_break_op (0); return GNUNET_SYSERR; diff --git a/src/util/crypto_helper_cs.c b/src/util/crypto_helper_cs.c index c24815a6a..240c13552 100644 --- a/src/util/crypto_helper_cs.c +++ b/src/util/crypto_helper_cs.c @@ -175,7 +175,6 @@ handle_mt_avail (struct TALER_CRYPTO_CsDenominationHelper *dh, = (const struct TALER_CRYPTO_CsKeyAvailableNotification *) hdr; const char *buf = (const char *) &kan[1]; const char *section_name; - uint16_t ps; uint16_t snl; if (sizeof (*kan) > ntohs (hdr->size)) @@ -183,9 +182,8 @@ handle_mt_avail (struct TALER_CRYPTO_CsDenominationHelper *dh, GNUNET_break_op (0); return GNUNET_SYSERR; } - ps = ntohs (kan->pub_size); snl = ntohs (kan->section_name_len); - if (ntohs (hdr->size) != sizeof (*kan) + ps + snl) + if (ntohs (hdr->size) != sizeof (*kan) + snl) { GNUNET_break_op (0); return GNUNET_SYSERR; @@ -195,7 +193,7 @@ handle_mt_avail (struct TALER_CRYPTO_CsDenominationHelper *dh, GNUNET_break_op (0); return GNUNET_SYSERR; } - section_name = &buf[ps]; + section_name = buf; if ('\0' != section_name[snl - 1]) { GNUNET_break_op (0); @@ -207,8 +205,8 @@ handle_mt_avail (struct TALER_CRYPTO_CsDenominationHelper *dh, struct TALER_CsPubHashP h_cs; denom_pub.cipher = TALER_DENOMINATION_CS; + denom_pub.details.cs_public_key = kan->denom_pub; - memcpy (&denom_pub.details.cs_public_key, buf, ntohs (kan->pub_size)); TALER_cs_pub_hash (&denom_pub.details.cs_public_key, &h_cs); GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Received CS key %s (%s)\n", diff --git a/src/util/denom.c b/src/util/denom.c index c7cf62c3e..43204f09c 100644 --- a/src/util/denom.c +++ b/src/util/denom.c @@ -170,8 +170,7 @@ TALER_denom_sig_unblind ( struct TALER_DenominationSignature *denom_sig, const struct TALER_BlindedDenominationSignature *bdenom_sig, const union TALER_DenominationBlindingKeyP *bks, - const struct TALER_DenominationPublicKey *denom_pub, - ...) + const struct TALER_DenominationPublicKey *denom_pub) { if (bdenom_sig->cipher != denom_pub->cipher) { @@ -198,25 +197,35 @@ TALER_denom_sig_unblind ( return GNUNET_OK; case TALER_DENOMINATION_CS: { - va_list ap; - va_start (ap, denom_pub); - struct TALER_DenominationCsPublicR *r_pub_blind; - r_pub_blind = va_arg (ap, struct TALER_DenominationCsPublicR *); - struct GNUNET_CRYPTO_CsBlindingSecret bs[2]; + // struct TALER_DenominationCsPublicR r_pub_blind; + // struct GNUNET_CRYPTO_CsC c[2]; + // struct TALER_CoinPubHash c_hash; + + // TALER_coin_pub_hash (coin_pub, + // age_commitment_hash, + // c_hash); + GNUNET_CRYPTO_cs_blinding_secrets_derive (&bks->nonce, bs); + // GNUNET_CRYPTO_cs_calc_blinded_c (bs, + // &alg_values->r_pub, + // &denom_pub->details.cs_public_key, + // &c_hash->hash, + // sizeof(struct GNUNET_HashCode), + // c, + // r_pub_blind->r_pub); + GNUNET_CRYPTO_cs_unblind (&bdenom_sig->details.blinded_cs_answer.s_scalar, &bs[bdenom_sig->details.blinded_cs_answer.b], &denom_sig->details.cs_signature.s_scalar); - GNUNET_memcpy (&denom_sig->details.cs_signature.r_point, - &r_pub_blind->r_pub[bdenom_sig->details.blinded_cs_answer.b - ], - sizeof(struct GNUNET_CRYPTO_CsRPublic)); + // GNUNET_memcpy (&denom_sig->details.cs_signature.r_point, + // &r_pub_blind.r_pub[bdenom_sig->details.blinded_cs_answer.b + // ], + // sizeof(struct GNUNET_CRYPTO_CsRPublic)); denom_sig->cipher = TALER_DENOMINATION_CS; - va_end (ap); return GNUNET_OK; } default: @@ -333,9 +342,9 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, const union TALER_DenominationBlindingKeyP *coin_bks, const struct TALER_AgeHash *age_commitment_hash, const struct TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_ExchangeWithdrawValues *alg_values, struct TALER_CoinPubHash *c_hash, - struct TALER_BlindedPlanchet *blinded_planchet, - ...) + struct TALER_BlindedPlanchet *blinded_planchet) { TALER_coin_pub_hash (coin_pub, age_commitment_hash, @@ -361,27 +370,19 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, case TALER_DENOMINATION_CS: { blinded_planchet->cipher = dk->cipher; - va_list ap; - va_start (ap, blinded_planchet); - struct TALER_DenominationCsPublicR *r_pub; - struct TALER_DenominationCsPublicR *blinded_r_pub; - - r_pub = va_arg (ap, struct TALER_DenominationCsPublicR *); - blinded_r_pub = va_arg (ap, struct TALER_DenominationCsPublicR *); - + struct TALER_DenominationCsPublicR blinded_r_pub; struct GNUNET_CRYPTO_CsBlindingSecret bs[2]; + GNUNET_CRYPTO_cs_blinding_secrets_derive (&coin_bks->nonce, bs); GNUNET_CRYPTO_cs_calc_blinded_c (bs, - r_pub->r_pub, + alg_values->details.cs_values.r_pub.r_pub, &dk->details.cs_public_key, &c_hash->hash, sizeof(struct GNUNET_HashCode), blinded_planchet->details. cs_blinded_planchet.c, - blinded_r_pub->r_pub); - - va_end (ap); + blinded_r_pub.r_pub); return GNUNET_OK; } default: diff --git a/src/util/taler-exchange-secmod-cs.c b/src/util/taler-exchange-secmod-cs.c index d7624a0b9..8ff8dc79b 100644 --- a/src/util/taler-exchange-secmod-cs.c +++ b/src/util/taler-exchange-secmod-cs.c @@ -242,15 +242,15 @@ generate_response (struct DenominationKey *dk) GNUNET_assert (sizeof(dk->denom_pub) < UINT16_MAX); GNUNET_assert (nlen < UINT16_MAX); - tlen = sizeof(dk->denom_pub) + nlen + sizeof (*an); + tlen = nlen + sizeof (*an); GNUNET_assert (tlen < UINT16_MAX); an = GNUNET_malloc (tlen); an->header.size = htons ((uint16_t) tlen); an->header.type = htons (TALER_HELPER_CS_MT_AVAIL); - an->pub_size = htons ((uint16_t) sizeof(dk->denom_pub)); an->section_name_len = htons ((uint16_t) nlen); an->anchor_time = GNUNET_TIME_timestamp_hton (dk->anchor); an->duration_withdraw = GNUNET_TIME_relative_hton (denom->duration_withdraw); + an->denom_pub = dk->denom_pub; TALER_exchange_secmod_cs_sign (&dk->h_cs, denom->section, dk->anchor, @@ -260,9 +260,6 @@ generate_response (struct DenominationKey *dk) an->secm_pub = TES_smpub; p = (void *) &an[1]; memcpy (p, - &dk->denom_pub, - sizeof(dk->denom_pub)); - memcpy (p + sizeof(dk->denom_pub), denom->section, nlen); dk->an = an; @@ -1078,8 +1075,7 @@ update_denominations (void *cls) static void parse_key (struct Denomination *denom, const char *filename, - const void *buf, - size_t buf_size) + const struct GNUNET_CRYPTO_CsPrivateKey *priv) { char *anchor_s; char dummy; @@ -1117,27 +1113,15 @@ parse_key (struct Denomination *denom, filename); return; } - - const struct GNUNET_CRYPTO_CsPrivateKey priv - = *((struct GNUNET_CRYPTO_CsPrivateKey *) buf); -// memcpy (&priv, buf, sizeof(priv)); - - GNUNET_log (GNUNET_ERROR_TYPE_INFO, - "privkey %zu\n", - sizeof(priv)); - GNUNET_log (GNUNET_ERROR_TYPE_INFO, - "privkey %zu\n", - buf_size); - { struct GNUNET_CRYPTO_CsPublicKey pub; struct DenominationKey *dk; struct DenominationKey *before; // TODO: Add check if pubkey is set? - GNUNET_CRYPTO_cs_private_key_get_public (&priv, &pub); + GNUNET_CRYPTO_cs_private_key_get_public (priv, &pub); dk = GNUNET_new (struct DenominationKey); - dk->denom_priv = priv; + dk->denom_priv = *priv; dk->denom = denom; dk->anchor = anchor; dk->filename = GNUNET_strdup (filename); @@ -1270,7 +1254,7 @@ import_key (void *cls, GNUNET_break (0 == close (fd)); return GNUNET_OK; } - if (sbuf.st_size > 16 * 1024) + if (sbuf.st_size != sizeof(struct GNUNET_CRYPTO_CsPrivateKey)) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "File `%s' too big to be a private key\n", @@ -1292,8 +1276,7 @@ import_key (void *cls, } parse_key (denom, filename, - ptr, - (size_t) sbuf.st_size); + (const struct GNUNET_CRYPTO_CsPrivateKey *) ptr); GNUNET_DISK_file_unmap (map); GNUNET_DISK_file_close (fh); return GNUNET_OK; diff --git a/src/util/taler-exchange-secmod-cs.h b/src/util/taler-exchange-secmod-cs.h index 121690e38..c5f1b7dec 100644 --- a/src/util/taler-exchange-secmod-cs.h +++ b/src/util/taler-exchange-secmod-cs.h @@ -52,14 +52,9 @@ struct TALER_CRYPTO_CsKeyAvailableNotification struct GNUNET_MessageHeader header; /** - * Number of bytes of the public key. - */ - uint16_t pub_size; - - /** * Number of bytes of the section name. */ - uint16_t section_name_len; + uint32_t section_name_len; /** * When does the key become available? @@ -82,7 +77,10 @@ struct TALER_CRYPTO_CsKeyAvailableNotification */ struct TALER_SecurityModuleSignatureP secm_sig; - /* followed by @e pub_size bytes of the CS public key */ + /** + * Denomination Public key + */ + struct GNUNET_CRYPTO_CsPublicKey denom_pub; /* followed by @e section_name bytes of the configuration section name of the denomination of this key */ diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c index 9ddd6cfd4..28352a678 100644 --- a/src/util/test_crypto.c +++ b/src/util/test_crypto.c @@ -111,6 +111,7 @@ test_planchets_rsa (void) TALER_planchet_setup_random (&ps, TALER_DENOMINATION_RSA); GNUNET_assert (GNUNET_OK == TALER_planchet_prepare (&dk_pub, + NULL, /* not needed in RSA*/ &ps, &c_hash, &pd)); @@ -123,6 +124,7 @@ test_planchets_rsa (void) &blind_sig, &ps, &c_hash, + NULL, /* Not needed in RSA case */ &coin)); TALER_blinded_denom_sig_free (&blind_sig); TALER_denom_sig_free (&coin.sig); @@ -148,6 +150,7 @@ test_planchets_cs (void) struct TALER_CoinPubHash c_hash; struct TALER_BlindedDenominationSignature blind_sig; struct TALER_FreshCoin coin; + struct TALER_ExchangeWithdrawValues alg_values; GNUNET_assert (GNUNET_OK == TALER_denom_priv_create (&dk_priv, @@ -162,13 +165,15 @@ test_planchets_cs (void) TALER_denom_cs_derive_r_public ( &pd.blinded_planchet.details.cs_blinded_planchet.nonce, &dk_priv, - &ps.cs_r_pub)); + &alg_values.details.cs_values.r_pub)); // TODO: eliminate r_pubs parameter TALER_planchet_blinding_secret_create (&ps, - TALER_DENOMINATION_CS); + TALER_DENOMINATION_CS, + &alg_values); GNUNET_assert (GNUNET_OK == TALER_planchet_prepare (&dk_pub, + &alg_values, &ps, &c_hash, &pd)); @@ -183,6 +188,7 @@ test_planchets_cs (void) &blind_sig, &ps, &c_hash, + &alg_values, &coin)); TALER_blinded_denom_sig_free (&blind_sig); diff --git a/src/util/test_helper_cs.c b/src/util/test_helper_cs.c index 8ce380d46..22f39b34f 100644 --- a/src/util/test_helper_cs.c +++ b/src/util/test_helper_cs.c @@ -268,6 +268,7 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh) bool success = false; struct TALER_PlanchetSecretsP ps; struct TALER_CoinPubHash c_hash; + struct TALER_ExchangeWithdrawValues values; TALER_planchet_setup_random (&ps, TALER_DENOMINATION_CS); for (unsigned int i = 0; i<MAX_KEYS; i++) @@ -286,12 +287,14 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh) GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Requesting R derivation with key %s\n", GNUNET_h2s (&keys[i].h_cs.hash)); - ps.cs_r_pub = TALER_CRYPTO_helper_cs_r_derive (dh, - &keys[i].h_cs, - &pd.blinded_planchet. - details. - cs_blinded_planchet.nonce, - &ec); + + values.details.cs_values.r_pub + = TALER_CRYPTO_helper_cs_r_derive (dh, + &keys[i].h_cs, + &pd.blinded_planchet. + details. + cs_blinded_planchet.nonce, + &ec); } switch (ec) { @@ -320,9 +323,11 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh) GNUNET_h2s (&keys[i].h_cs.hash)); TALER_planchet_blinding_secret_create (&ps, - TALER_DENOMINATION_CS); + TALER_DENOMINATION_CS, + &values); GNUNET_assert (GNUNET_OK == TALER_planchet_prepare (&keys[i].denom_pub, + &values, &ps, &c_hash, &pd)); @@ -373,10 +378,10 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh) GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &nonce, sizeof (nonce)); - ps.cs_r_pub = TALER_CRYPTO_helper_cs_r_derive (dh, - &rnd, - &nonce, - &ec); + TALER_CRYPTO_helper_cs_r_derive (dh, + &rnd, + &nonce, + &ec); if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec) { GNUNET_break (0); @@ -404,6 +409,8 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh) bool success = false; struct TALER_PlanchetSecretsP ps; struct TALER_CoinPubHash c_hash; + struct TALER_ExchangeWithdrawValues values; + TALER_planchet_setup_random (&ps, TALER_DENOMINATION_CS); for (unsigned int i = 0; i<MAX_KEYS; i++) @@ -418,17 +425,20 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh) TALER_cs_withdraw_nonce_derive (&ps.coin_priv, &pd.blinded_planchet.details. cs_blinded_planchet.nonce); - ps.cs_r_pub = TALER_CRYPTO_helper_cs_r_derive (dh, - &keys[i].h_cs, - &pd.blinded_planchet. - details. - cs_blinded_planchet.nonce, - &ec); + values.details.cs_values.r_pub + = TALER_CRYPTO_helper_cs_r_derive (dh, + &keys[i].h_cs, + &pd.blinded_planchet. + details. + cs_blinded_planchet.nonce, + &ec); TALER_planchet_blinding_secret_create (&ps, - TALER_DENOMINATION_CS); + TALER_DENOMINATION_CS, + &values); GNUNET_assert (GNUNET_YES == TALER_planchet_prepare (&keys[i].denom_pub, + &values, &ps, &c_hash, &pd)); @@ -463,30 +473,18 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh) return 5; } { - struct TALER_DenominationSignature rs; - + struct TALER_FreshCoin coin; if (GNUNET_OK != - TALER_denom_sig_unblind (&rs, - &ds, - &ps.blinding_key, - &keys[i].denom_pub, - &ps.cs_r_pub_blinded)) + TALER_planchet_to_coin (&keys[i].denom_pub, + &ds, + &ps, + &c_hash, + &values, + &coin)) { GNUNET_break (0); return 6; } - TALER_blinded_denom_sig_free (&ds); - if (GNUNET_OK != - TALER_denom_pub_verify (&keys[i].denom_pub, - &rs, - &c_hash)) - { - /* signature invalid */ - GNUNET_break (0); - TALER_denom_sig_free (&rs); - return 7; - } - TALER_denom_sig_free (&rs); } GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Received valid signature for key %s\n", @@ -536,6 +534,7 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh) pd.blinded_planchet.cipher = TALER_DENOMINATION_CS; GNUNET_assert (GNUNET_YES == TALER_planchet_prepare (&keys[0].denom_pub, + &values, &ps, &c_hash, &pd)); @@ -597,6 +596,7 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, { struct TALER_CoinPubHash c_hash; struct TALER_PlanchetDetail pd; + struct TALER_ExchangeWithdrawValues values; pd.blinded_planchet.cipher = TALER_DENOMINATION_CS; @@ -604,17 +604,20 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, &pd.blinded_planchet.details. cs_blinded_planchet.nonce); - ps.cs_r_pub = TALER_CRYPTO_helper_cs_r_derive (dh, - &keys[i].h_cs, - &pd.blinded_planchet. - details. - cs_blinded_planchet.nonce, - &ec); + values.details.cs_values.r_pub + = TALER_CRYPTO_helper_cs_r_derive (dh, + &keys[i].h_cs, + &pd.blinded_planchet. + details. + cs_blinded_planchet.nonce, + &ec); TALER_planchet_blinding_secret_create (&ps, - TALER_DENOMINATION_CS); + TALER_DENOMINATION_CS, + &values); GNUNET_assert (GNUNET_YES == TALER_planchet_prepare (&keys[i].denom_pub, + &values, &ps, &c_hash, &pd)); diff --git a/src/util/test_helper_rsa.c b/src/util/test_helper_rsa.c index e51fa26e1..8cfea4bef 100644 --- a/src/util/test_helper_rsa.c +++ b/src/util/test_helper_rsa.c @@ -282,6 +282,7 @@ test_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh) GNUNET_assert (GNUNET_YES == TALER_planchet_prepare (&keys[i].denom_pub, + NULL, /* not needed in RSA*/ &ps, &c_hash, &pd)); @@ -451,6 +452,7 @@ perf_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh, GNUNET_assert (GNUNET_YES == TALER_planchet_prepare (&keys[i].denom_pub, + NULL, /* not needed in RSA*/ &ps, &c_hash, &pd)); |