diff options
| author | Christian Grothoff <christian@grothoff.org> | 2021-11-05 23:01:21 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2021-11-05 23:01:21 +0100 |
| commit | c3e244322b6b7234c0234471b07d67bf6a210b91 (patch) | |
| tree | 6b5b73eddac8662bacb74406c24a3277a0252048 | |
| parent | eaf9d728f54681be4e9ed3467ff9d10e71ad2b04 (diff) | |
more crypto refactoring
| -rw-r--r-- | src/exchange/taler-exchange-httpd_recoup.c | 44 | ||||
| -rw-r--r-- | src/include/taler_crypto_lib.h | 20 | ||||
| -rw-r--r-- | src/util/crypto.c | 22 | ||||
| -rw-r--r-- | src/util/denom.c | 32 |
4 files changed, 81 insertions, 37 deletions
diff --git a/src/exchange/taler-exchange-httpd_recoup.c b/src/exchange/taler-exchange-httpd_recoup.c index f10bd34b9..be4471c0f 100644 --- a/src/exchange/taler-exchange-httpd_recoup.c +++ b/src/exchange/taler-exchange-httpd_recoup.c @@ -352,8 +352,6 @@ verify_and_execute_recoup ( struct RecoupContext pc; const struct TEH_DenominationKey *dk; struct TALER_CoinPubHash c_hash; - void *coin_ev; - size_t coin_ev_size; MHD_RESULT mret; /* check denomination exists and is in recoup mode */ @@ -442,28 +440,30 @@ verify_and_execute_recoup ( NULL); } } - TALER_coin_pub_hash (&coin->coin_pub, - &c_hash); - GNUNET_assert (dk->denom_pub.cipher == - TALER_DENOMINATION_RSA); - // FIXME-RSA migration... - if (GNUNET_YES != - TALER_rsa_blind (&c_hash, - &coin_bks->rsa_bks, - dk->denom_pub.details.rsa_public_key, - &coin_ev, - &coin_ev_size)) + { - GNUNET_break (0); - return TALER_MHD_reply_with_error (connection, - MHD_HTTP_INTERNAL_SERVER_ERROR, - TALER_EC_EXCHANGE_RECOUP_BLINDING_FAILED, - NULL); + void *coin_ev; + size_t coin_ev_size; + + if (GNUNET_OK != + TALER_denom_blind (&dk->denom_pub, + coin_bks, + &coin->coin_pub, + &c_hash, + &coin_ev, + &coin_ev_size)) + { + GNUNET_break (0); + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_INTERNAL_SERVER_ERROR, + TALER_EC_EXCHANGE_RECOUP_BLINDING_FAILED, + NULL); + } + TALER_coin_ev_hash (coin_ev, + coin_ev_size, + &pc.h_blind); + GNUNET_free (coin_ev); } - TALER_coin_ev_hash (coin_ev, - coin_ev_size, - &pc.h_blind); - GNUNET_free (coin_ev); /* Perform actual recoup transaction */ pc.coin_sig = coin_sig; diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 0a0be0cb7..8907ca43f 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -725,6 +725,26 @@ TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig); /** + * Blind coin for blind signing with @a dk using blinding secret @a coin_bks. + * + * @param dk denomination public key to blind for + * @param coin_bks blinding secret to use + * @param coin_pub public key of the coin to blind + * @param[out] c_hash resulting hashed coin + * @param[out] coin_ev blinded coin to submit + * @param[out] coin_ev_size number of bytes in @a coin_ev + * @return #GNUNET_OK on success + */ +enum GNUNET_GenericReturnValue +TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, + const union TALER_DenominationBlindingKeyP *coin_bks, + const struct TALER_CoinSpendPublicKeyP *coin_pub, + struct TALER_CoinPubHash *c_hash, + void **coin_ev, + size_t *coin_ev_size); + + +/** * Create blinded signature. * * @param[out] denom_sig where to write the signature diff --git a/src/util/crypto.c b/src/util/crypto.c index 7d4a431c6..ed32f31df 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -185,21 +185,13 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, GNUNET_CRYPTO_eddsa_key_get_public (&ps->coin_priv.eddsa_priv, &coin_pub.eddsa_pub); - // FIXME-Oec: replace with function that - // also hashes the age vector if we have - // one! - TALER_coin_pub_hash (&coin_pub, - c_hash); - // FIXME-Gian/Lucien: this will be the bigger - // change, as you have the extra round trip - // => to be discussed! - GNUNET_assert (TALER_DENOMINATION_RSA == dk->cipher); - if (GNUNET_YES != - TALER_rsa_blind (c_hash, - &ps->blinding_key.rsa_bks, - dk->details.rsa_public_key, - &pd->coin_ev, - &pd->coin_ev_size)) + if (GNUNET_OK != + TALER_denom_blind (dk, + &ps->blinding_key, + &coin_pub, + c_hash, + &pd->coin_ev, + &pd->coin_ev_size)) { GNUNET_break_op (0); return GNUNET_SYSERR; diff --git a/src/util/denom.c b/src/util/denom.c index 4a47c66d4..4f1fc8e59 100644 --- a/src/util/denom.c +++ b/src/util/denom.c @@ -217,6 +217,38 @@ TALER_denom_priv_to_pub (const struct TALER_DenominationPrivateKey *denom_priv, enum GNUNET_GenericReturnValue +TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, + const union TALER_DenominationBlindingKeyP *coin_bks, + const struct TALER_CoinSpendPublicKeyP *coin_pub, + struct TALER_CoinPubHash *c_hash, + void **coin_ev, + size_t *coin_ev_size) +{ + switch (dk->cipher) + { + case TALER_DENOMINATION_RSA: + TALER_coin_pub_hash (coin_pub, + c_hash); + if (GNUNET_YES != + TALER_rsa_blind (c_hash, + &coin_bks->rsa_bks, + dk->details.rsa_public_key, + coin_ev, + coin_ev_size)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + return GNUNET_OK; + // TODO: add case for Clause-Schnorr + default: + GNUNET_break (0); + return GNUNET_SYSERR; + } +} + + +enum GNUNET_GenericReturnValue TALER_denom_pub_verify (const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationSignature *denom_sig, const struct TALER_CoinPubHash *c_hash) |