diff options
| author | Christian Blättler <blatc2@bfh.ch> | 2024-04-30 22:28:57 +0200 |
|---|---|---|
| committer | Christian Blättler <blatc2@bfh.ch> | 2024-04-30 22:28:57 +0200 |
| commit | 079268ebddc6a5b0662d4481306d219e5e590dc7 (patch) | |
| tree | acf0cd631501d6c3b993682545438dee02e05fb1 /src/util | |
| parent | 45350614812212716af26d8161f7360810cef8cb (diff) | |
work on tokens
Diffstat (limited to 'src/util')
| -rw-r--r-- | src/util/merchant_signatures.c | 45 | ||||
| -rw-r--r-- | src/util/tokens.c | 203 |
2 files changed, 203 insertions, 45 deletions
diff --git a/src/util/merchant_signatures.c b/src/util/merchant_signatures.c index 06708f4b4..4dca3c652 100644 --- a/src/util/merchant_signatures.c +++ b/src/util/merchant_signatures.c @@ -346,49 +346,4 @@ TALER_merchant_contract_sign ( merch_sig); } - -// NB: "TALER_merchant_contract_verify" not (yet?) needed / not defined. - - -GNUNET_NETWORK_STRUCT_BEGIN - -/** - * Message blindly signed by merchant to issue a new token. - */ -struct TALER_TokenIssueRequestPS -{ - - // TODO: Implement this struct - -}; - -GNUNET_NETWORK_STRUCT_END - - -void -TALER_merchant_token_issue_sign ( - const struct TALER_TokenEnvelopeP *envelope, - const struct TALER_TokenIssuePrivateKeyP *issue_priv, - struct TALER_TokenIssueBlindSignatureP *blind_sig) -{ - -} - - -/** - * Verify a token issue signature. - * - * @param use_pub token use public key - * @param issue_pub token issue public key - * @param ub_sig unblinded signature - */ -enum GNUNET_GenericReturnValue -TALER_merchant_token_issue_verify ( - const struct TALER_TokenUsePublicKeyP *use_pub, - const struct TALER_TokenIssuePublicKeyP *issue_pub, - const struct TALER_TokenIssueSignatureP *ub_sig) -{ - return GNUNET_NO; -} - /* end of merchant_signatures.c */ diff --git a/src/util/tokens.c b/src/util/tokens.c index 3086d8777..481eb6d20 100644 --- a/src/util/tokens.c +++ b/src/util/tokens.c @@ -31,3 +31,206 @@ TALER_token_issue_sig_free (struct TALER_TokenIssueSignatureP *issue_sig) issue_sig->signature = NULL; } } + + +void +TALER_blinded_issue_sig_free ( + struct TALER_TokenIssueBlindSignatureP *issue_sig) +{ + if (NULL != issue_sig->signature) + { + GNUNET_CRYPTO_blinded_sig_decref (issue_sig->signature); + issue_sig->signature = NULL; + } +} + + +void +TALER_token_use_setup_random (struct TALER_TokenUseMasterSecretP *master) +{ + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG, + master, + sizeof (*master)); +} + + +void +TALER_token_use_setup_priv ( + const struct TALER_TokenUseMasterSecretP *master, + const struct TALER_TokenUseMerchantValues *alg_values, + struct TALER_TokenUsePrivateKeyP *token_priv) +{ + /* TODO: Maybe extract common code between this + function and TALER_planchet_setup_coin_priv (). */ + const struct GNUNET_CRYPTO_BlindingInputValues *bi + = alg_values->blinding_inputs; + + switch (bi->cipher) + { + case GNUNET_CRYPTO_BSA_INVALID: + GNUNET_break (0); + memset (token_priv, + 0, + sizeof (*token_priv)); + return; + case GNUNET_CRYPTO_BSA_RSA: + GNUNET_assert (GNUNET_YES == + GNUNET_CRYPTO_kdf (token_priv, + sizeof (*token_priv), + "token", + strlen ("token"), + master, + sizeof(*master), + NULL, + 0)); + return; + case GNUNET_CRYPTO_BSA_CS: + GNUNET_assert (GNUNET_YES == + GNUNET_CRYPTO_kdf (token_priv, + sizeof (*token_priv), + "token", + strlen ("token"), + master, + sizeof(*master), + &bi->details.cs_values, + sizeof(bi->details.cs_values), + NULL, + 0)); + return; + } + GNUNET_assert (0); +} + + +void +TALER_token_use_blinding_secret_create ( + const struct TALER_TokenUseMasterSecretP *master, + const struct TALER_TokenUseMerchantValues *alg_values, + union GNUNET_CRYPTO_BlindingSecretP *bks) +{ + /* TODO: Extract common code between this + function and TALER_planchet_blinding_secret_create (). */ + const struct GNUNET_CRYPTO_BlindingInputValues *bi = + alg_values->blinding_inputs; + + switch (bi->cipher) + { + case GNUNET_CRYPTO_BSA_INVALID: + GNUNET_break (0); + return; + case GNUNET_CRYPTO_BSA_RSA: + GNUNET_assert (GNUNET_YES == + GNUNET_CRYPTO_kdf (&bks->rsa_bks, + sizeof (bks->rsa_bks), + "bks", + strlen ("bks"), + master, + sizeof(*master), + NULL, + 0)); + return; + case GNUNET_CRYPTO_BSA_CS: + GNUNET_assert (GNUNET_YES == + GNUNET_CRYPTO_kdf (&bks->nonce, + sizeof (bks->nonce), + "bseed", + strlen ("bseed"), + master, + sizeof(*master), + &bi->details.cs_values, + sizeof(bi->details.cs_values), + NULL, + 0)); + return; + } + GNUNET_assert (0); +} + + +const struct TALER_TokenUseMerchantValues * +TALER_token_bling_input_rsa_singleton () +{ + static struct GNUNET_CRYPTO_BlindingInputValues bi = { + .cipher = GNUNET_CRYPTO_BSA_RSA + }; + static struct TALER_TokenUseMerchantValues alg_values = { + .blinding_inputs = &bi + }; + return &alg_values; +} + + +void +TALER_token_blind_input_copy (struct TALER_TokenUseMerchantValues *bi_dst, + const struct TALER_TokenUseMerchantValues *bi_src) +{ + if (bi_src == TALER_token_bling_input_rsa_singleton ()) + { + *bi_dst = *bi_src; + return; + } + bi_dst->blinding_inputs + = GNUNET_CRYPTO_blinding_input_values_incref (bi_src->blinding_inputs); +} + + +enum GNUNET_GenericReturnValue +TALER_token_issue_sign (const struct TALER_TokenIssuePrivateKeyP *issue_priv, + const struct TALER_TokenEnvelopeP *envelope, + struct TALER_TokenIssueBlindSignatureP *issue_sig) +{ + issue_sig->signature + = GNUNET_CRYPTO_blind_sign (issue_priv->private_key, + "tk", /* TODO: What is a good value here? */ + envelope->blinded_pub); + if (NULL == issue_sig->signature) + return GNUNET_SYSERR; + return GNUNET_OK; +} + +enum GNUNET_GenericReturnValue +TALER_token_issue_verify (const struct TALER_TokenUsePublicKeyP *use_pub, + const struct TALER_TokenIssuePublicKeyP *issue_pub, + const struct TALER_TokenIssueSignatureP *ub_sig) +{ + struct GNUNET_HashCode h_use_pub; + + GNUNET_CRYPTO_hash (&use_pub->public_key, + sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey), + &h_use_pub); + + if (GNUNET_OK != + GNUNET_CRYPTO_blind_sig_verify (issue_pub->public_key, + ub_sig->signature, + &h_use_pub, + sizeof (h_use_pub))) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + return GNUNET_OK; +} + +enum GNUNET_GenericReturnValue +TALER_token_issue_sig_unblind ( + struct TALER_TokenIssueSignatureP *issue_sig, + const struct TALER_TokenIssueBlindSignatureP *blinded_sig, + const union GNUNET_CRYPTO_BlindingSecretP *secret, + const struct TALER_TokenUsePublicKeyHashP *use_pub_hash, + const struct TALER_TokenUseMerchantValues *alg_values, + const struct TALER_TokenIssuePublicKeyP *issue_pub) +{ + issue_sig->signature + = GNUNET_CRYPTO_blind_sig_unblind (blinded_sig->signature, + secret, + &use_pub_hash->hash, + sizeof (use_pub_hash->hash), + alg_values->blinding_inputs, + issue_pub->public_key); + if (NULL == issue_sig->signature) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + return GNUNET_OK; +}
\ No newline at end of file |