aboutsummaryrefslogtreecommitdiff
path: root/src/exchange-lib
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2016-05-24 20:13:31 +0200
committerChristian Grothoff <christian@grothoff.org>2016-05-24 20:13:31 +0200
commit32bb3b14bf5cd623714985c8ca7fed0c5a923336 (patch)
tree2438cf9567c4eb755ae6d8882383395fd23e408e /src/exchange-lib
parent8c3ffbf2a356b7c684bb65b8678e819183e52d76 (diff)
fix #4483
Diffstat (limited to 'src/exchange-lib')
-rw-r--r--src/exchange-lib/exchange_api_refresh.c171
-rw-r--r--src/exchange-lib/exchange_api_refresh_link.c36
-rw-r--r--src/exchange-lib/exchange_api_reserve.c10
-rw-r--r--src/exchange-lib/test_exchange_api.c12
4 files changed, 56 insertions, 173 deletions
diff --git a/src/exchange-lib/exchange_api_refresh.c b/src/exchange-lib/exchange_api_refresh.c
index e98b3c782..5f519a684 100644
--- a/src/exchange-lib/exchange_api_refresh.c
+++ b/src/exchange-lib/exchange_api_refresh.c
@@ -105,13 +105,9 @@ struct FreshCoinP
struct TALER_CoinSpendPrivateKeyP coin_priv;
/**
- * Size of the encoded blinding key that follows.
+ * The blinding key.
*/
- uint32_t bbuf_size;
-
- /* Followed by serialization of:
- - struct TALER_DenominationBlindingKey blinding_key;
- */
+ struct TALER_DenominationBlindingKeyP blinding_key;
};
@@ -205,26 +201,6 @@ struct MeltedCoin
/**
- * Coin-specific information about the fresh coins we generate during
- * a melt.
- */
-struct FreshCoin
-{
-
- /**
- * Private key of the coin.
- */
- struct TALER_CoinSpendPrivateKeyP coin_priv;
-
- /**
- * Blinding key used for blinding during blind signing.
- */
- struct TALER_DenominationBlindingKey blinding_key;
-
-};
-
-
-/**
* Melt data in non-serialized format for convenient processing.
*/
struct MeltData
@@ -260,7 +236,7 @@ struct MeltData
* Arrays of @e num_fresh_coins with information about the fresh
* coins to be created, for each cut-and-choose dimension.
*/
- struct FreshCoin *fresh_coins[TALER_CNC_KAPPA];
+ struct FreshCoinP *fresh_coins[TALER_CNC_KAPPA];
};
@@ -281,22 +257,6 @@ free_melted_coin (struct MeltedCoin *mc)
/**
- * Free all information associated with a fresh coin.
- *
- * @param fc fresh coin to release, the pointer itself is NOT
- * freed (as it is typically not allocated by itself)
- */
-static void
-free_fresh_coin (struct FreshCoin *fc)
-{
- if (NULL == fc)
- return;
- if (NULL != fc->blinding_key.rsa_blinding_key)
- GNUNET_CRYPTO_rsa_blinding_key_free (fc->blinding_key.rsa_blinding_key);
-}
-
-
-/**
* Free all information associated with a melting session. Note
* that we allow the melting session to be only partially initialized,
* as we use this function also when freeing melt data that was not
@@ -309,7 +269,6 @@ static void
free_melt_data (struct MeltData *md)
{
unsigned int i;
- unsigned int j;
free_melted_coin (&md->melted_coin);
if (NULL != md->fresh_pks)
@@ -321,11 +280,7 @@ free_melt_data (struct MeltData *md)
}
for (i=0;i<TALER_CNC_KAPPA;i++)
- {
- for (j=0;j<md->num_fresh_coins;j++)
- free_fresh_coin (&md->fresh_coins[i][j]);
GNUNET_free (md->fresh_coins[i]);
- }
/* Finally, clean up a bit...
(NOTE: compilers might optimize this away, so this is
not providing any strong assurances that the key material
@@ -567,31 +522,15 @@ deserialize_denomination_key (struct TALER_DenominationPublicKey *dk,
* @a buf is NULL, number of bytes required
*/
static size_t
-serialize_fresh_coin (const struct FreshCoin *fc,
+serialize_fresh_coin (const struct FreshCoinP *fc,
char *buf,
size_t off)
{
- struct FreshCoinP fcp;
- char *bbuf;
- size_t bbuf_size;
-
- bbuf_size = GNUNET_CRYPTO_rsa_blinding_key_encode (fc->blinding_key.rsa_blinding_key,
- &bbuf);
- if (NULL == buf)
- {
- GNUNET_free (bbuf);
- return sizeof (struct FreshCoinP) + bbuf_size;
- }
- fcp.coin_priv = fc->coin_priv;
- fcp.bbuf_size = htonl ((uint32_t) bbuf_size);
- memcpy (&buf[off],
- &fcp,
- sizeof (struct FreshCoinP));
- memcpy (&buf[off + sizeof (struct FreshCoinP)],
- bbuf,
- bbuf_size);
- GNUNET_free (bbuf);
- return sizeof (struct FreshCoinP) + bbuf_size;
+ if (NULL != buf)
+ memcpy (&buf[off],
+ fc,
+ sizeof (struct FreshCoinP));
+ return sizeof (struct FreshCoinP);
}
@@ -605,41 +544,21 @@ serialize_fresh_coin (const struct FreshCoin *fc,
* @return number of bytes read from @a buf, 0 on error
*/
static size_t
-deserialize_fresh_coin (struct FreshCoin *fc,
+deserialize_fresh_coin (struct FreshCoinP *fc,
const char *buf,
size_t size,
int *ok)
{
- struct FreshCoinP fcp;
- size_t bbuf_size;
-
if (size < sizeof (struct FreshCoinP))
{
GNUNET_break (0);
*ok = GNUNET_NO;
return 0;
}
- memcpy (&fcp,
+ memcpy (fc,
buf,
sizeof (struct FreshCoinP));
- bbuf_size = ntohl (fcp.bbuf_size);
- if (size < sizeof (struct FreshCoinP) + bbuf_size)
- {
- GNUNET_break (0);
- *ok = GNUNET_NO;
- return 0;
- }
- fc->blinding_key.rsa_blinding_key
- = GNUNET_CRYPTO_rsa_blinding_key_decode (&buf[sizeof (struct FreshCoinP)],
- bbuf_size);
- if (NULL == fc->blinding_key.rsa_blinding_key)
- {
- GNUNET_break (0);
- *ok = GNUNET_NO;
- return 0;
- }
- fc->coin_priv = fcp.coin_priv;
- return sizeof (struct FreshCoinP) + bbuf_size;
+ return sizeof (struct FreshCoinP);
}
@@ -734,7 +653,7 @@ deserialize_melt_data (const char *buf,
struct TALER_DenominationPublicKey);
for (i=0;i<TALER_CNC_KAPPA;i++)
md->fresh_coins[i] = GNUNET_new_array (md->num_fresh_coins,
- struct FreshCoin);
+ struct FreshCoinP);
off = sizeof (struct MeltDataP);
ok = GNUNET_YES;
off += deserialize_melted_coin (&md->melted_coin,
@@ -775,18 +694,17 @@ deserialize_melt_data (const char *buf,
* @param pk denomination information for the fresh coin
*/
static void
-setup_fresh_coin (struct FreshCoin *fc,
+setup_fresh_coin (struct FreshCoinP *fc,
const struct TALER_EXCHANGE_DenomPublicKey *pk)
{
struct GNUNET_CRYPTO_EddsaPrivateKey *epk;
- unsigned int len;
epk = GNUNET_CRYPTO_eddsa_key_create ();
fc->coin_priv.eddsa_priv = *epk;
GNUNET_free (epk);
- len = GNUNET_CRYPTO_rsa_public_key_len (pk->key.rsa_public_key);
- fc->blinding_key.rsa_blinding_key
- = GNUNET_CRYPTO_rsa_blinding_key_create (len);
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
+ &fc->blinding_key,
+ sizeof (fc->blinding_key));
}
@@ -879,7 +797,7 @@ TALER_EXCHANGE_refresh_prepare (const struct TALER_CoinSpendPrivateKeyP *melt_pr
for (i=0;i<TALER_CNC_KAPPA;i++)
{
md.fresh_coins[i] = GNUNET_new_array (fresh_pks_len,
- struct FreshCoin);
+ struct FreshCoinP);
for (j=0;j<fresh_pks_len;j++)
setup_fresh_coin (&md.fresh_coins[i][j],
&fresh_pks[j]);
@@ -919,15 +837,13 @@ TALER_EXCHANGE_refresh_prepare (const struct TALER_CoinSpendPrivateKeyP *melt_pr
{
for (j = 0; j < fresh_pks_len; j++)
{
- const struct FreshCoin *fc; /* coin this is about */
+ const struct FreshCoinP *fc; /* coin this is about */
struct TALER_CoinSpendPublicKeyP coin_pub;
struct GNUNET_HashCode coin_hash;
char *coin_ev; /* blinded message to be signed (in envelope) for each coin */
size_t coin_ev_size;
- struct TALER_RefreshLinkDecrypted rld;
- struct TALER_RefreshLinkEncrypted *rle;
- char *link_enc; /* encrypted link data */
- size_t link_enc_size;
+ struct TALER_RefreshLinkDecryptedP rld;
+ struct TALER_RefreshLinkEncryptedP rle;
fc = &md.fresh_coins[i][j];
GNUNET_CRYPTO_eddsa_key_get_public (&fc->coin_priv.eddsa_priv,
@@ -936,7 +852,7 @@ TALER_EXCHANGE_refresh_prepare (const struct TALER_CoinSpendPrivateKeyP *melt_pr
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
&coin_hash);
coin_ev_size = GNUNET_CRYPTO_rsa_blind (&coin_hash,
- fc->blinding_key.rsa_blinding_key,
+ &fc->blinding_key.bks,
md.fresh_pks[j].rsa_public_key,
&coin_ev);
GNUNET_CRYPTO_hash_context_read (hash_context,
@@ -946,15 +862,12 @@ TALER_EXCHANGE_refresh_prepare (const struct TALER_CoinSpendPrivateKeyP *melt_pr
rld.coin_priv = fc->coin_priv;
rld.blinding_key = fc->blinding_key;
- rle = TALER_refresh_encrypt (&rld,
- &md.link_secrets[i]);
- link_enc = TALER_refresh_link_encrypted_encode (rle,
- &link_enc_size);
-
+ TALER_refresh_encrypt (&rld,
+ &md.link_secrets[i],
+ &rle);
GNUNET_CRYPTO_hash_context_read (hash_context,
- link_enc,
- link_enc_size);
- GNUNET_free (link_enc);
+ &rle,
+ sizeof (rle));
}
}
for (i = 0; i < TALER_CNC_KAPPA; i++)
@@ -1431,25 +1344,17 @@ TALER_EXCHANGE_refresh_melt (struct TALER_EXCHANGE_Handle *exchange,
tmp = json_array ();
for (i=0;i<md->num_fresh_coins;i++)
{
- const struct FreshCoin *fc = &md->fresh_coins[j][i];
- struct TALER_RefreshLinkDecrypted rld;
- struct TALER_RefreshLinkEncrypted *rle;
- char *buf;
- size_t buf_len;
+ const struct FreshCoinP *fc = &md->fresh_coins[j][i];
+ struct TALER_RefreshLinkDecryptedP rld;
+ struct TALER_RefreshLinkEncryptedP rle;
rld.coin_priv = fc->coin_priv;
rld.blinding_key = fc->blinding_key;
- rle = TALER_refresh_encrypt (&rld,
- &md->link_secrets[j]);
- GNUNET_assert (NULL != rle);
- buf = TALER_refresh_link_encrypted_encode (rle,
- &buf_len);
- GNUNET_assert (NULL != buf);
+ TALER_refresh_encrypt (&rld,
+ &md->link_secrets[j],
+ &rle);
json_array_append (tmp,
- GNUNET_JSON_from_data (buf,
- buf_len));
- GNUNET_free (buf);
- GNUNET_free (rle);
+ GNUNET_JSON_from_data_auto (&rle));
}
json_array_append (link_encs,
tmp);
@@ -1461,7 +1366,7 @@ TALER_EXCHANGE_refresh_melt (struct TALER_EXCHANGE_Handle *exchange,
tmp = json_array ();
for (i=0;i<md->num_fresh_coins;i++)
{
- const struct FreshCoin *fc = &md->fresh_coins[j][i];
+ const struct FreshCoinP *fc = &md->fresh_coins[j][i];
struct TALER_CoinSpendPublicKeyP coin_pub;
struct GNUNET_HashCode coin_hash;
char *coin_ev; /* blinded message to be signed (in envelope) for each coin */
@@ -1473,7 +1378,7 @@ TALER_EXCHANGE_refresh_melt (struct TALER_EXCHANGE_Handle *exchange,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
&coin_hash);
coin_ev_size = GNUNET_CRYPTO_rsa_blind (&coin_hash,
- fc->blinding_key.rsa_blinding_key,
+ &fc->blinding_key.bks,
md->fresh_pks[i].rsa_public_key,
&coin_ev);
json_array_append (tmp,
@@ -1655,7 +1560,7 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshRevealHandle *rrh,
}
for (i=0;i<rrh->md->num_fresh_coins;i++)
{
- const struct FreshCoin *fc;
+ const struct FreshCoinP *fc;
struct TALER_DenominationPublicKey *pk;
json_t *jsonai;
struct GNUNET_CRYPTO_RsaSignature *blind_sig;
@@ -1684,7 +1589,7 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshRevealHandle *rrh,
/* unblind the signature */
sig = GNUNET_CRYPTO_rsa_unblind (blind_sig,
- fc->blinding_key.rsa_blinding_key,
+ &fc->blinding_key.bks,
pk->rsa_public_key);
GNUNET_CRYPTO_rsa_signature_free (blind_sig);
diff --git a/src/exchange-lib/exchange_api_refresh_link.c b/src/exchange-lib/exchange_api_refresh_link.c
index cd3f6d72b..754a61d82 100644
--- a/src/exchange-lib/exchange_api_refresh_link.c
+++ b/src/exchange-lib/exchange_api_refresh_link.c
@@ -91,20 +91,18 @@ parse_refresh_link_coin (const struct TALER_EXCHANGE_RefreshLinkHandle *rlh,
struct TALER_DenominationSignature *sig,
struct TALER_DenominationPublicKey *pub)
{
- void *link_enc;
- size_t link_enc_size;
struct GNUNET_CRYPTO_RsaSignature *bsig;
struct GNUNET_CRYPTO_RsaPublicKey *rpub;
+ struct TALER_RefreshLinkEncryptedP rle;
struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_varsize ("link_enc", &link_enc, &link_enc_size),
+ GNUNET_JSON_spec_fixed_auto ("link_enc", &rle),
GNUNET_JSON_spec_rsa_public_key ("denom_pub", &rpub),
GNUNET_JSON_spec_rsa_signature ("ev_sig", &bsig),
GNUNET_JSON_spec_end()
};
- struct TALER_RefreshLinkEncrypted *rle;
- struct TALER_RefreshLinkDecrypted *rld;
+ struct TALER_RefreshLinkDecryptedP rld;
struct TALER_LinkSecretP secret;
-
+
/* parse reply */
if (GNUNET_OK !=
GNUNET_JSON_parse (json,
@@ -115,15 +113,6 @@ parse_refresh_link_coin (const struct TALER_EXCHANGE_RefreshLinkHandle *rlh,
return GNUNET_SYSERR;
}
- /* decode and decrypt link data */
- rle = TALER_refresh_link_encrypted_decode (link_enc,
- link_enc_size);
- if (NULL == rle)
- {
- GNUNET_break_op (0);
- GNUNET_JSON_parse_free (spec);
- return GNUNET_SYSERR;
- }
if (GNUNET_OK !=
TALER_link_decrypt_secret2 (secret_enc,
trans_pub,
@@ -134,24 +123,17 @@ parse_refresh_link_coin (const struct TALER_EXCHANGE_RefreshLinkHandle *rlh,
GNUNET_JSON_parse_free (spec);
return GNUNET_SYSERR;
}
- rld = TALER_refresh_decrypt (rle,
- &secret);
- if (NULL == rld)
- {
- GNUNET_break_op (0);
- GNUNET_JSON_parse_free (spec);
- return GNUNET_SYSERR;
- }
+ TALER_refresh_decrypt (&rle,
+ &secret,
+ &rld);
/* extract coin and signature */
- *coin_priv = rld->coin_priv;
+ *coin_priv = rld.coin_priv;
sig->rsa_signature
= GNUNET_CRYPTO_rsa_unblind (bsig,
- rld->blinding_key.rsa_blinding_key,
+ &rld.blinding_key.bks,
rpub);
-
/* clean up */
- GNUNET_free (rld);
pub->rsa_public_key = GNUNET_CRYPTO_rsa_public_key_dup (rpub);
GNUNET_JSON_parse_free (spec);
return GNUNET_OK;
diff --git a/src/exchange-lib/exchange_api_reserve.c b/src/exchange-lib/exchange_api_reserve.c
index 56cc3dc54..9c0314d0f 100644
--- a/src/exchange-lib/exchange_api_reserve.c
+++ b/src/exchange-lib/exchange_api_reserve.c
@@ -497,7 +497,7 @@ struct TALER_EXCHANGE_ReserveWithdrawHandle
/**
* Key used to blind the value.
*/
- const struct TALER_DenominationBlindingKey *blinding_key;
+ struct TALER_DenominationBlindingKeyP blinding_key;
/**
* Denomination key we are withdrawing.
@@ -557,7 +557,7 @@ reserve_withdraw_ok (struct TALER_EXCHANGE_ReserveWithdrawHandle *wsh,
return GNUNET_SYSERR;
}
sig = GNUNET_CRYPTO_rsa_unblind (blind_sig,
- wsh->blinding_key->rsa_blinding_key,
+ &wsh->blinding_key.bks,
wsh->pk->key.rsa_public_key);
GNUNET_CRYPTO_rsa_signature_free (blind_sig);
if (GNUNET_OK !=
@@ -777,7 +777,7 @@ TALER_EXCHANGE_reserve_withdraw (struct TALER_EXCHANGE_Handle *exchange,
const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_ReservePrivateKeyP *reserve_priv,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
- const struct TALER_DenominationBlindingKey *blinding_key,
+ const struct TALER_DenominationBlindingKeyP *blinding_key,
TALER_EXCHANGE_ReserveWithdrawResultCallback res_cb,
void *res_cb_cls)
{
@@ -804,7 +804,7 @@ TALER_EXCHANGE_reserve_withdraw (struct TALER_EXCHANGE_Handle *exchange,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
&wsh->c_hash);
coin_ev_size = GNUNET_CRYPTO_rsa_blind (&wsh->c_hash,
- blinding_key->rsa_blinding_key,
+ &blinding_key->bks,
pk->key.rsa_public_key,
&coin_ev);
GNUNET_CRYPTO_eddsa_key_get_public (&reserve_priv->eddsa_priv,
@@ -845,7 +845,7 @@ TALER_EXCHANGE_reserve_withdraw (struct TALER_EXCHANGE_Handle *exchange,
"reserve_sig", GNUNET_JSON_from_data_auto (&reserve_sig));
GNUNET_free (coin_ev);
- wsh->blinding_key = blinding_key;
+ wsh->blinding_key = *blinding_key;
wsh->url = MAH_path_to_url (exchange, "/reserve/withdraw");
eh = curl_easy_init ();
diff --git a/src/exchange-lib/test_exchange_api.c b/src/exchange-lib/test_exchange_api.c
index 6612609fa..c9140b3fb 100644
--- a/src/exchange-lib/test_exchange_api.c
+++ b/src/exchange-lib/test_exchange_api.c
@@ -328,7 +328,7 @@ struct Command
/**
* Blinding key used for the operation.
*/
- struct TALER_DenominationBlindingKey blinding_key;
+ struct TALER_DenominationBlindingKeyP blinding_key;
/**
* Withdraw handle (while operation is running).
@@ -1796,8 +1796,9 @@ interpreter_run (void *cls)
}
GNUNET_CRYPTO_eddsa_key_get_public (&cmd->details.reserve_withdraw.coin_priv.eddsa_priv,
&coin_pub.eddsa_pub);
- cmd->details.reserve_withdraw.blinding_key.rsa_blinding_key
- = GNUNET_CRYPTO_rsa_blinding_key_create (GNUNET_CRYPTO_rsa_public_key_len (cmd->details.reserve_withdraw.pk->key.rsa_public_key));
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
+ &cmd->details.reserve_withdraw.blinding_key,
+ sizeof (cmd->details.reserve_withdraw.blinding_key));
cmd->details.reserve_withdraw.wsh
= TALER_EXCHANGE_reserve_withdraw (exchange,
cmd->details.reserve_withdraw.pk,
@@ -2411,11 +2412,6 @@ do_shutdown (void *cls)
GNUNET_CRYPTO_rsa_signature_free (cmd->details.reserve_withdraw.sig.rsa_signature);
cmd->details.reserve_withdraw.sig.rsa_signature = NULL;
}
- if (NULL != cmd->details.reserve_withdraw.blinding_key.rsa_blinding_key)
- {
- GNUNET_CRYPTO_rsa_blinding_key_free (cmd->details.reserve_withdraw.blinding_key.rsa_blinding_key);
- cmd->details.reserve_withdraw.blinding_key.rsa_blinding_key = NULL;
- }
break;
case OC_DEPOSIT:
if (NULL != cmd->details.deposit.dh)