diff options
author | Christian Grothoff <christian@grothoff.org> | 2016-05-24 20:13:31 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2016-05-24 20:13:31 +0200 |
commit | 32bb3b14bf5cd623714985c8ca7fed0c5a923336 (patch) | |
tree | 2438cf9567c4eb755ae6d8882383395fd23e408e /src | |
parent | 8c3ffbf2a356b7c684bb65b8678e819183e52d76 (diff) |
fix #4483
Diffstat (limited to 'src')
-rw-r--r-- | src/exchange-lib/exchange_api_refresh.c | 171 | ||||
-rw-r--r-- | src/exchange-lib/exchange_api_refresh_link.c | 36 | ||||
-rw-r--r-- | src/exchange-lib/exchange_api_reserve.c | 10 | ||||
-rw-r--r-- | src/exchange-lib/test_exchange_api.c | 12 | ||||
-rw-r--r-- | src/exchange/taler-exchange-httpd_db.c | 24 | ||||
-rw-r--r-- | src/exchange/taler-exchange-httpd_refresh.c | 17 | ||||
-rw-r--r-- | src/exchange/taler-exchange-httpd_responses.c | 9 | ||||
-rw-r--r-- | src/exchangedb/perf_taler_exchangedb_init.c | 21 | ||||
-rw-r--r-- | src/exchangedb/plugin_exchangedb_common.c | 2 | ||||
-rw-r--r-- | src/exchangedb/plugin_exchangedb_postgres.c | 94 | ||||
-rw-r--r-- | src/exchangedb/test_exchangedb.c | 59 | ||||
-rw-r--r-- | src/include/taler_crypto_lib.h | 74 | ||||
-rw-r--r-- | src/include/taler_exchange_service.h | 2 | ||||
-rw-r--r-- | src/include/taler_exchangedb_plugin.h | 4 | ||||
-rw-r--r-- | src/util/crypto.c | 149 | ||||
-rw-r--r-- | src/util/test_crypto.c | 67 |
16 files changed, 192 insertions, 559 deletions
diff --git a/src/exchange-lib/exchange_api_refresh.c b/src/exchange-lib/exchange_api_refresh.c index e98b3c782..5f519a684 100644 --- a/src/exchange-lib/exchange_api_refresh.c +++ b/src/exchange-lib/exchange_api_refresh.c @@ -105,13 +105,9 @@ struct FreshCoinP struct TALER_CoinSpendPrivateKeyP coin_priv; /** - * Size of the encoded blinding key that follows. + * The blinding key. */ - uint32_t bbuf_size; - - /* Followed by serialization of: - - struct TALER_DenominationBlindingKey blinding_key; - */ + struct TALER_DenominationBlindingKeyP blinding_key; }; @@ -205,26 +201,6 @@ struct MeltedCoin /** - * Coin-specific information about the fresh coins we generate during - * a melt. - */ -struct FreshCoin -{ - - /** - * Private key of the coin. - */ - struct TALER_CoinSpendPrivateKeyP coin_priv; - - /** - * Blinding key used for blinding during blind signing. - */ - struct TALER_DenominationBlindingKey blinding_key; - -}; - - -/** * Melt data in non-serialized format for convenient processing. */ struct MeltData @@ -260,7 +236,7 @@ struct MeltData * Arrays of @e num_fresh_coins with information about the fresh * coins to be created, for each cut-and-choose dimension. */ - struct FreshCoin *fresh_coins[TALER_CNC_KAPPA]; + struct FreshCoinP *fresh_coins[TALER_CNC_KAPPA]; }; @@ -281,22 +257,6 @@ free_melted_coin (struct MeltedCoin *mc) /** - * Free all information associated with a fresh coin. - * - * @param fc fresh coin to release, the pointer itself is NOT - * freed (as it is typically not allocated by itself) - */ -static void -free_fresh_coin (struct FreshCoin *fc) -{ - if (NULL == fc) - return; - if (NULL != fc->blinding_key.rsa_blinding_key) - GNUNET_CRYPTO_rsa_blinding_key_free (fc->blinding_key.rsa_blinding_key); -} - - -/** * Free all information associated with a melting session. Note * that we allow the melting session to be only partially initialized, * as we use this function also when freeing melt data that was not @@ -309,7 +269,6 @@ static void free_melt_data (struct MeltData *md) { unsigned int i; - unsigned int j; free_melted_coin (&md->melted_coin); if (NULL != md->fresh_pks) @@ -321,11 +280,7 @@ free_melt_data (struct MeltData *md) } for (i=0;i<TALER_CNC_KAPPA;i++) - { - for (j=0;j<md->num_fresh_coins;j++) - free_fresh_coin (&md->fresh_coins[i][j]); GNUNET_free (md->fresh_coins[i]); - } /* Finally, clean up a bit... (NOTE: compilers might optimize this away, so this is not providing any strong assurances that the key material @@ -567,31 +522,15 @@ deserialize_denomination_key (struct TALER_DenominationPublicKey *dk, * @a buf is NULL, number of bytes required */ static size_t -serialize_fresh_coin (const struct FreshCoin *fc, +serialize_fresh_coin (const struct FreshCoinP *fc, char *buf, size_t off) { - struct FreshCoinP fcp; - char *bbuf; - size_t bbuf_size; - - bbuf_size = GNUNET_CRYPTO_rsa_blinding_key_encode (fc->blinding_key.rsa_blinding_key, - &bbuf); - if (NULL == buf) - { - GNUNET_free (bbuf); - return sizeof (struct FreshCoinP) + bbuf_size; - } - fcp.coin_priv = fc->coin_priv; - fcp.bbuf_size = htonl ((uint32_t) bbuf_size); - memcpy (&buf[off], - &fcp, - sizeof (struct FreshCoinP)); - memcpy (&buf[off + sizeof (struct FreshCoinP)], - bbuf, - bbuf_size); - GNUNET_free (bbuf); - return sizeof (struct FreshCoinP) + bbuf_size; + if (NULL != buf) + memcpy (&buf[off], + fc, + sizeof (struct FreshCoinP)); + return sizeof (struct FreshCoinP); } @@ -605,41 +544,21 @@ serialize_fresh_coin (const struct FreshCoin *fc, * @return number of bytes read from @a buf, 0 on error */ static size_t -deserialize_fresh_coin (struct FreshCoin *fc, +deserialize_fresh_coin (struct FreshCoinP *fc, const char *buf, size_t size, int *ok) { - struct FreshCoinP fcp; - size_t bbuf_size; - if (size < sizeof (struct FreshCoinP)) { GNUNET_break (0); *ok = GNUNET_NO; return 0; } - memcpy (&fcp, + memcpy (fc, buf, sizeof (struct FreshCoinP)); - bbuf_size = ntohl (fcp.bbuf_size); - if (size < sizeof (struct FreshCoinP) + bbuf_size) - { - GNUNET_break (0); - *ok = GNUNET_NO; - return 0; - } - fc->blinding_key.rsa_blinding_key - = GNUNET_CRYPTO_rsa_blinding_key_decode (&buf[sizeof (struct FreshCoinP)], - bbuf_size); - if (NULL == fc->blinding_key.rsa_blinding_key) - { - GNUNET_break (0); - *ok = GNUNET_NO; - return 0; - } - fc->coin_priv = fcp.coin_priv; - return sizeof (struct FreshCoinP) + bbuf_size; + return sizeof (struct FreshCoinP); } @@ -734,7 +653,7 @@ deserialize_melt_data (const char *buf, struct TALER_DenominationPublicKey); for (i=0;i<TALER_CNC_KAPPA;i++) md->fresh_coins[i] = GNUNET_new_array (md->num_fresh_coins, - struct FreshCoin); + struct FreshCoinP); off = sizeof (struct MeltDataP); ok = GNUNET_YES; off += deserialize_melted_coin (&md->melted_coin, @@ -775,18 +694,17 @@ deserialize_melt_data (const char *buf, * @param pk denomination information for the fresh coin */ static void -setup_fresh_coin (struct FreshCoin *fc, +setup_fresh_coin (struct FreshCoinP *fc, const struct TALER_EXCHANGE_DenomPublicKey *pk) { struct GNUNET_CRYPTO_EddsaPrivateKey *epk; - unsigned int len; epk = GNUNET_CRYPTO_eddsa_key_create (); fc->coin_priv.eddsa_priv = *epk; GNUNET_free (epk); - len = GNUNET_CRYPTO_rsa_public_key_len (pk->key.rsa_public_key); - fc->blinding_key.rsa_blinding_key - = GNUNET_CRYPTO_rsa_blinding_key_create (len); + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG, + &fc->blinding_key, + sizeof (fc->blinding_key)); } @@ -879,7 +797,7 @@ TALER_EXCHANGE_refresh_prepare (const struct TALER_CoinSpendPrivateKeyP *melt_pr for (i=0;i<TALER_CNC_KAPPA;i++) { md.fresh_coins[i] = GNUNET_new_array (fresh_pks_len, - struct FreshCoin); + struct FreshCoinP); for (j=0;j<fresh_pks_len;j++) setup_fresh_coin (&md.fresh_coins[i][j], &fresh_pks[j]); @@ -919,15 +837,13 @@ TALER_EXCHANGE_refresh_prepare (const struct TALER_CoinSpendPrivateKeyP *melt_pr { for (j = 0; j < fresh_pks_len; j++) { - const struct FreshCoin *fc; /* coin this is about */ + const struct FreshCoinP *fc; /* coin this is about */ struct TALER_CoinSpendPublicKeyP coin_pub; struct GNUNET_HashCode coin_hash; char *coin_ev; /* blinded message to be signed (in envelope) for each coin */ size_t coin_ev_size; - struct TALER_RefreshLinkDecrypted rld; - struct TALER_RefreshLinkEncrypted *rle; - char *link_enc; /* encrypted link data */ - size_t link_enc_size; + struct TALER_RefreshLinkDecryptedP rld; + struct TALER_RefreshLinkEncryptedP rle; fc = &md.fresh_coins[i][j]; GNUNET_CRYPTO_eddsa_key_get_public (&fc->coin_priv.eddsa_priv, @@ -936,7 +852,7 @@ TALER_EXCHANGE_refresh_prepare (const struct TALER_CoinSpendPrivateKeyP *melt_pr sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey), &coin_hash); coin_ev_size = GNUNET_CRYPTO_rsa_blind (&coin_hash, - fc->blinding_key.rsa_blinding_key, + &fc->blinding_key.bks, md.fresh_pks[j].rsa_public_key, &coin_ev); GNUNET_CRYPTO_hash_context_read (hash_context, @@ -946,15 +862,12 @@ TALER_EXCHANGE_refresh_prepare (const struct TALER_CoinSpendPrivateKeyP *melt_pr rld.coin_priv = fc->coin_priv; rld.blinding_key = fc->blinding_key; - rle = TALER_refresh_encrypt (&rld, - &md.link_secrets[i]); - link_enc = TALER_refresh_link_encrypted_encode (rle, - &link_enc_size); - + TALER_refresh_encrypt (&rld, + &md.link_secrets[i], + &rle); GNUNET_CRYPTO_hash_context_read (hash_context, - link_enc, - link_enc_size); - GNUNET_free (link_enc); + &rle, + sizeof (rle)); } } for (i = 0; i < TALER_CNC_KAPPA; i++) @@ -1431,25 +1344,17 @@ TALER_EXCHANGE_refresh_melt (struct TALER_EXCHANGE_Handle *exchange, tmp = json_array (); for (i=0;i<md->num_fresh_coins;i++) { - const struct FreshCoin *fc = &md->fresh_coins[j][i]; - struct TALER_RefreshLinkDecrypted rld; - struct TALER_RefreshLinkEncrypted *rle; - char *buf; - size_t buf_len; + const struct FreshCoinP *fc = &md->fresh_coins[j][i]; + struct TALER_RefreshLinkDecryptedP rld; + struct TALER_RefreshLinkEncryptedP rle; rld.coin_priv = fc->coin_priv; rld.blinding_key = fc->blinding_key; - rle = TALER_refresh_encrypt (&rld, - &md->link_secrets[j]); - GNUNET_assert (NULL != rle); - buf = TALER_refresh_link_encrypted_encode (rle, - &buf_len); - GNUNET_assert (NULL != buf); + TALER_refresh_encrypt (&rld, + &md->link_secrets[j], + &rle); json_array_append (tmp, - GNUNET_JSON_from_data (buf, - buf_len)); - GNUNET_free (buf); - GNUNET_free (rle); + GNUNET_JSON_from_data_auto (&rle)); } json_array_append (link_encs, tmp); @@ -1461,7 +1366,7 @@ TALER_EXCHANGE_refresh_melt (struct TALER_EXCHANGE_Handle *exchange, tmp = json_array (); for (i=0;i<md->num_fresh_coins;i++) { - const struct FreshCoin *fc = &md->fresh_coins[j][i]; + const struct FreshCoinP *fc = &md->fresh_coins[j][i]; struct TALER_CoinSpendPublicKeyP coin_pub; struct GNUNET_HashCode coin_hash; char *coin_ev; /* blinded message to be signed (in envelope) for each coin */ @@ -1473,7 +1378,7 @@ TALER_EXCHANGE_refresh_melt (struct TALER_EXCHANGE_Handle *exchange, sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey), &coin_hash); coin_ev_size = GNUNET_CRYPTO_rsa_blind (&coin_hash, - fc->blinding_key.rsa_blinding_key, + &fc->blinding_key.bks, md->fresh_pks[i].rsa_public_key, &coin_ev); json_array_append (tmp, @@ -1655,7 +1560,7 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshRevealHandle *rrh, } for (i=0;i<rrh->md->num_fresh_coins;i++) { - const struct FreshCoin *fc; + const struct FreshCoinP *fc; struct TALER_DenominationPublicKey *pk; json_t *jsonai; struct GNUNET_CRYPTO_RsaSignature *blind_sig; @@ -1684,7 +1589,7 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshRevealHandle *rrh, /* unblind the signature */ sig = GNUNET_CRYPTO_rsa_unblind (blind_sig, - fc->blinding_key.rsa_blinding_key, + &fc->blinding_key.bks, pk->rsa_public_key); GNUNET_CRYPTO_rsa_signature_free (blind_sig); diff --git a/src/exchange-lib/exchange_api_refresh_link.c b/src/exchange-lib/exchange_api_refresh_link.c index cd3f6d72b..754a61d82 100644 --- a/src/exchange-lib/exchange_api_refresh_link.c +++ b/src/exchange-lib/exchange_api_refresh_link.c @@ -91,20 +91,18 @@ parse_refresh_link_coin (const struct TALER_EXCHANGE_RefreshLinkHandle *rlh, struct TALER_DenominationSignature *sig, struct TALER_DenominationPublicKey *pub) { - void *link_enc; - size_t link_enc_size; struct GNUNET_CRYPTO_RsaSignature *bsig; struct GNUNET_CRYPTO_RsaPublicKey *rpub; + struct TALER_RefreshLinkEncryptedP rle; struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_varsize ("link_enc", &link_enc, &link_enc_size), + GNUNET_JSON_spec_fixed_auto ("link_enc", &rle), GNUNET_JSON_spec_rsa_public_key ("denom_pub", &rpub), GNUNET_JSON_spec_rsa_signature ("ev_sig", &bsig), GNUNET_JSON_spec_end() }; - struct TALER_RefreshLinkEncrypted *rle; - struct TALER_RefreshLinkDecrypted *rld; + struct TALER_RefreshLinkDecryptedP rld; struct TALER_LinkSecretP secret; - + /* parse reply */ if (GNUNET_OK != GNUNET_JSON_parse (json, @@ -115,15 +113,6 @@ parse_refresh_link_coin (const struct TALER_EXCHANGE_RefreshLinkHandle *rlh, return GNUNET_SYSERR; } - /* decode and decrypt link data */ - rle = TALER_refresh_link_encrypted_decode (link_enc, - link_enc_size); - if (NULL == rle) - { - GNUNET_break_op (0); - GNUNET_JSON_parse_free (spec); - return GNUNET_SYSERR; - } if (GNUNET_OK != TALER_link_decrypt_secret2 (secret_enc, trans_pub, @@ -134,24 +123,17 @@ parse_refresh_link_coin (const struct TALER_EXCHANGE_RefreshLinkHandle *rlh, GNUNET_JSON_parse_free (spec); return GNUNET_SYSERR; } - rld = TALER_refresh_decrypt (rle, - &secret); - if (NULL == rld) - { - GNUNET_break_op (0); - GNUNET_JSON_parse_free (spec); - return GNUNET_SYSERR; - } + TALER_refresh_decrypt (&rle, + &secret, + &rld); /* extract coin and signature */ - *coin_priv = rld->coin_priv; + *coin_priv = rld.coin_priv; sig->rsa_signature = GNUNET_CRYPTO_rsa_unblind (bsig, - rld->blinding_key.rsa_blinding_key, + &rld.blinding_key.bks, rpub); - /* clean up */ - GNUNET_free (rld); pub->rsa_public_key = GNUNET_CRYPTO_rsa_public_key_dup (rpub); GNUNET_JSON_parse_free (spec); return GNUNET_OK; diff --git a/src/exchange-lib/exchange_api_reserve.c b/src/exchange-lib/exchange_api_reserve.c index 56cc3dc54..9c0314d0f 100644 --- a/src/exchange-lib/exchange_api_reserve.c +++ b/src/exchange-lib/exchange_api_reserve.c @@ -497,7 +497,7 @@ struct TALER_EXCHANGE_ReserveWithdrawHandle /** * Key used to blind the value. */ - const struct TALER_DenominationBlindingKey *blinding_key; + struct TALER_DenominationBlindingKeyP blinding_key; /** * Denomination key we are withdrawing. @@ -557,7 +557,7 @@ reserve_withdraw_ok (struct TALER_EXCHANGE_ReserveWithdrawHandle *wsh, return GNUNET_SYSERR; } sig = GNUNET_CRYPTO_rsa_unblind (blind_sig, - wsh->blinding_key->rsa_blinding_key, + &wsh->blinding_key.bks, wsh->pk->key.rsa_public_key); GNUNET_CRYPTO_rsa_signature_free (blind_sig); if (GNUNET_OK != @@ -777,7 +777,7 @@ TALER_EXCHANGE_reserve_withdraw (struct TALER_EXCHANGE_Handle *exchange, const struct TALER_EXCHANGE_DenomPublicKey *pk, const struct TALER_ReservePrivateKeyP *reserve_priv, const struct TALER_CoinSpendPrivateKeyP *coin_priv, - const struct TALER_DenominationBlindingKey *blinding_key, + const struct TALER_DenominationBlindingKeyP *blinding_key, TALER_EXCHANGE_ReserveWithdrawResultCallback res_cb, void *res_cb_cls) { @@ -804,7 +804,7 @@ TALER_EXCHANGE_reserve_withdraw (struct TALER_EXCHANGE_Handle *exchange, sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey), &wsh->c_hash); coin_ev_size = GNUNET_CRYPTO_rsa_blind (&wsh->c_hash, - blinding_key->rsa_blinding_key, + &blinding_key->bks, pk->key.rsa_public_key, &coin_ev); GNUNET_CRYPTO_eddsa_key_get_public (&reserve_priv->eddsa_priv, @@ -845,7 +845,7 @@ TALER_EXCHANGE_reserve_withdraw (struct TALER_EXCHANGE_Handle *exchange, "reserve_sig", GNUNET_JSON_from_data_auto (&reserve_sig)); GNUNET_free (coin_ev); - wsh->blinding_key = blinding_key; + wsh->blinding_key = *blinding_key; wsh->url = MAH_path_to_url (exchange, "/reserve/withdraw"); eh = curl_easy_init (); diff --git a/src/exchange-lib/test_exchange_api.c b/src/exchange-lib/test_exchange_api.c index 6612609fa..c9140b3fb 100644 --- a/src/exchange-lib/test_exchange_api.c +++ b/src/exchange-lib/test_exchange_api.c @@ -328,7 +328,7 @@ struct Command /** * Blinding key used for the operation. */ - struct TALER_DenominationBlindingKey blinding_key; + struct TALER_DenominationBlindingKeyP blinding_key; /** * Withdraw handle (while operation is running). @@ -1796,8 +1796,9 @@ interpreter_run (void *cls) } GNUNET_CRYPTO_eddsa_key_get_public (&cmd->details.reserve_withdraw.coin_priv.eddsa_priv, &coin_pub.eddsa_pub); - cmd->details.reserve_withdraw.blinding_key.rsa_blinding_key - = GNUNET_CRYPTO_rsa_blinding_key_create (GNUNET_CRYPTO_rsa_public_key_len (cmd->details.reserve_withdraw.pk->key.rsa_public_key)); + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, + &cmd->details.reserve_withdraw.blinding_key, + sizeof (cmd->details.reserve_withdraw.blinding_key)); cmd->details.reserve_withdraw.wsh = TALER_EXCHANGE_reserve_withdraw (exchange, cmd->details.reserve_withdraw.pk, @@ -2411,11 +2412,6 @@ do_shutdown (void *cls) GNUNET_CRYPTO_rsa_signature_free (cmd->details.reserve_withdraw.sig.rsa_signature); cmd->details.reserve_withdraw.sig.rsa_signature = NULL; } - if (NULL != cmd->details.reserve_withdraw.blinding_key.rsa_blinding_key) - { - GNUNET_CRYPTO_rsa_blinding_key_free (cmd->details.reserve_withdraw.blinding_key.rsa_blinding_key); - cmd->details.reserve_withdraw.blinding_key.rsa_blinding_key = NULL; - } break; case OC_DEPOSIT: if (NULL != cmd->details.deposit.dh) diff --git a/src/exchange/taler-exchange-httpd_db.c b/src/exchange/taler-exchange-httpd_db.c index 981c97289..7e3ce0a44 100644 --- a/src/exchange/taler-exchange-httpd_db.c +++ b/src/exchange/taler-exchange-httpd_db.c @@ -1248,31 +1248,23 @@ check_commitment (struct MHD_Connection *connection, for (j = 0; j < num_newcoins; j++) { - struct TALER_RefreshLinkDecrypted *link_data; + struct TALER_RefreshLinkDecryptedP link_data; struct TALER_CoinSpendPublicKeyP coin_pub; struct GNUNET_HashCode h_msg; char *buf; size_t buf_len; - - link_data = TALER_refresh_decrypt (commit_coins[j].refresh_link, - &shared_secret); - if (NULL == link_data) - { - GNUNET_break (0); - GNUNET_free (commit_coins); - return (MHD_YES == TMH_RESPONSE_reply_internal_error (connection, - "Decryption error")) - ? GNUNET_NO : GNUNET_SYSERR; - } - - GNUNET_CRYPTO_eddsa_key_get_public (&link_data->coin_priv.eddsa_priv, + + TALER_refresh_decrypt (&commit_coins[j].refresh_link, + &shared_secret, + &link_data); + GNUNET_CRYPTO_eddsa_key_get_public (&link_data.coin_priv.eddsa_priv, &coin_pub.eddsa_pub); GNUNET_CRYPTO_hash (&coin_pub, sizeof (struct TALER_CoinSpendPublicKeyP), &h_msg); if (0 == (buf_len = GNUNET_CRYPTO_rsa_blind (&h_msg, - link_data->blinding_key.rsa_blinding_key, + &link_data.blinding_key.bks, denom_pubs[j].rsa_public_key, &buf))) { @@ -1283,7 +1275,7 @@ check_commitment (struct MHD_Connection *connection, "Blinding error")) ? GNUNET_NO : GNUNET_SYSERR; } - + if ( (buf_len != commit_coins[j].coin_ev_size) || (0 != memcmp (buf, commit_coins[j].coin_ev, diff --git a/src/exchange/taler-exchange-httpd_refresh.c b/src/exchange/taler-exchange-httpd_refresh.c index 0499c44f2..0f291e99a 100644 --- a/src/exchange/taler-exchange-httpd_refresh.c +++ b/src/exchange/taler-exchange-httpd_refresh.c @@ -304,10 +304,7 @@ free_commit_coins (struct TALER_EXCHANGEDB_RefreshCommitCoin **commit_coin, if (NULL == commit_coin[i]) break; for (j=0;j<num_new_coins;j++) - { GNUNET_free_non_null (commit_coin[i][j].coin_ev); - GNUNET_free_non_null (commit_coin[i][j].refresh_link); - } GNUNET_free (commit_coin[i]); } } @@ -415,8 +412,6 @@ handle_refresh_melt_json (struct MHD_Connection *connection, struct TALER_EXCHANGEDB_RefreshCommitCoin); for (j = 0; j < num_newcoins; j++) { - char *link_enc; - size_t link_enc_size; struct TALER_EXCHANGEDB_RefreshCommitCoin *rcc = &commit_coin[i][j]; struct GNUNET_JSON_Specification coin_spec[] = { GNUNET_JSON_spec_varsize (NULL, @@ -425,9 +420,8 @@ handle_refresh_melt_json (struct MHD_Connection *connection, GNUNET_JSON_spec_end () }; struct GNUNET_JSON_Specification link_spec[] = { - GNUNET_JSON_spec_varsize (NULL, - (void **) &link_enc, - &link_enc_size), + GNUNET_JSON_spec_fixed_auto (NULL, + &rcc->refresh_link), GNUNET_JSON_spec_end () }; @@ -455,12 +449,9 @@ handle_refresh_melt_json (struct MHD_Connection *connection, res = (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; goto cleanup; } - rcc->refresh_link - = TALER_refresh_link_encrypted_decode (link_enc, - link_enc_size); GNUNET_CRYPTO_hash_context_read (hash_context, - link_enc, - link_enc_size); + &rcc->refresh_link, + sizeof (rcc->refresh_link)); GNUNET_JSON_parse_free (link_spec); } } diff --git a/src/exchange/taler-exchange-httpd_responses.c b/src/exchange/taler-exchange-httpd_responses.c index 6873b2a8c..91b54b0b2 100644 --- a/src/exchange/taler-exchange-httpd_responses.c +++ b/src/exchange/taler-exchange-httpd_responses.c @@ -1036,11 +1036,10 @@ TMH_RESPONSE_reply_refresh_reveal_missmatch (struct MHD_Connection *connection, cc->coin_ev_size)); json_object_set_new (cc_json, "coin_priv_enc", - GNUNET_JSON_from_data_auto (cc->refresh_link->coin_priv_enc)); + GNUNET_JSON_from_data_auto (cc->refresh_link.coin_priv_enc)); json_object_set_new (cc_json, "blinding_key_enc", - GNUNET_JSON_from_data (cc->refresh_link->blinding_key_enc, - cc->refresh_link->blinding_key_enc_size)); + GNUNET_JSON_from_data_auto (&cc->refresh_link.blinding_key_enc)); json_array_append_new (info_commit_k, cc_json); @@ -1105,9 +1104,7 @@ TMH_RESPONSE_reply_refresh_link_success (struct MHD_Connection *connection, obj = json_object (); json_object_set_new (obj, "link_enc", - GNUNET_JSON_from_data (pos->link_data_enc->coin_priv_enc, - sizeof (struct TALER_CoinSpendPrivateKeyP) + - pos->link_data_enc->blinding_key_enc_size)); + GNUNET_JSON_from_data_auto (&pos->link_data_enc)); json_object_set_new (obj, "denom_pub", GNUNET_JSON_from_rsa_public_key (pos->denom_pub.rsa_public_key)); diff --git a/src/exchangedb/perf_taler_exchangedb_init.c b/src/exchangedb/perf_taler_exchangedb_init.c index 988014a11..5e98c4f5a 100644 --- a/src/exchangedb/perf_taler_exchangedb_init.c +++ b/src/exchangedb/perf_taler_exchangedb_init.c @@ -573,24 +573,13 @@ struct TALER_EXCHANGEDB_RefreshCommitCoin * PERF_TALER_EXCHANGEDB_refresh_commit_coin_init () { struct TALER_EXCHANGEDB_RefreshCommitCoin *commit_coin; - struct TALER_RefreshLinkEncrypted refresh_link; commit_coin = GNUNET_new (struct TALER_EXCHANGEDB_RefreshCommitCoin); - GNUNET_assert (NULL != commit_coin); - {/* refresh_link */ - refresh_link = (struct TALER_RefreshLinkEncrypted) - { - .blinding_key_enc = "blinding_key", - .blinding_key_enc_size = 13 - }; - GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, - &refresh_link.coin_priv_enc, - sizeof(struct TALER_CoinSpendPrivateKeyP)); - } + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, + &commit_coin->refresh_link, + sizeof(struct TALER_RefreshLinkEncryptedP)); commit_coin->coin_ev = "coin_ev"; commit_coin->coin_ev_size = 8; - commit_coin->refresh_link = GNUNET_new (struct TALER_RefreshLinkEncrypted); - *commit_coin->refresh_link = refresh_link; return commit_coin; } @@ -607,8 +596,7 @@ PERF_TALER_EXCHANGEDB_refresh_commit_coin_copy (struct TALER_EXCHANGEDB_RefreshC struct TALER_EXCHANGEDB_RefreshCommitCoin *copy; copy = GNUNET_new (struct TALER_EXCHANGEDB_RefreshCommitCoin); - copy->refresh_link = GNUNET_new (struct TALER_RefreshLinkEncrypted); - *copy->refresh_link = *commit_coin->refresh_link; + *copy = *commit_coin; return copy; } @@ -621,6 +609,5 @@ PERF_TALER_EXCHANGEDB_refresh_commit_coin_copy (struct TALER_EXCHANGEDB_RefreshC void PERF_TALER_EXCHANGEDB_refresh_commit_coin_free (struct TALER_EXCHANGEDB_RefreshCommitCoin *commit_coin) { - GNUNET_free (commit_coin->refresh_link); GNUNET_free (commit_coin); } diff --git a/src/exchangedb/plugin_exchangedb_common.c b/src/exchangedb/plugin_exchangedb_common.c index 9b62d688f..16396f0f3 100644 --- a/src/exchangedb/plugin_exchangedb_common.c +++ b/src/exchangedb/plugin_exchangedb_common.c @@ -73,7 +73,6 @@ common_free_link_data_list (void *cls, while (NULL != ldl) { next = ldl->next; - GNUNET_free (ldl->link_data_enc); GNUNET_free (ldl); ldl = next; } @@ -147,7 +146,6 @@ common_free_melt_commitment (void *cls, { /* NOTE: 'non_null' because this API is used also internally to clean up the struct on failures! */ - GNUNET_free_non_null (mc->commit_coins[k][i].refresh_link); GNUNET_free_non_null (mc->commit_coins[k][i].coin_ev); } GNUNET_free (mc->commit_coins[k]); diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index e2b158c90..694ab01dc 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -3064,29 +3064,19 @@ postgres_insert_refresh_commit_coins (void *cls, uint16_t num_newcoins, const struct TALER_EXCHANGEDB_RefreshCommitCoin *commit_coins) { - char *rle; - size_t rle_size; PGresult *result; unsigned int i; uint16_t coin_off; for (i=0;i<(unsigned int) num_newcoins;i++) { - rle = TALER_refresh_link_encrypted_encode (commit_coins[i].refresh_link, - &rle_size); - if (NULL == rle) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } coin_off = (uint16_t) i; { struct GNUNET_PQ_QueryParam params[] = { GNUNET_PQ_query_param_auto_from_type (session_hash), GNUNET_PQ_query_param_uint16 (&cnc_index), GNUNET_PQ_query_param_uint16 (&coin_off), - GNUNET_PQ_query_param_fixed_size (rle, - rle_size), + GNUNET_PQ_query_param_auto_from_type (&commit_coins[i].refresh_link), GNUNET_PQ_query_param_fixed_size (commit_coins[i].coin_ev, commit_coins[i].coin_ev_size), GNUNET_PQ_query_param_end @@ -3095,7 +3085,6 @@ postgres_insert_refresh_commit_coins (void *cls, "insert_refresh_commit_coin", params); } - GNUNET_free (rle); if (PGRES_COMMAND_OK != PQresultStatus (result)) { BREAK_DB_ERR (result); @@ -3131,8 +3120,6 @@ postgres_free_refresh_commit_coins (void *cls, for (i=0;i<commit_coins_len;i++) { - GNUNET_free (commit_coins[i].refresh_link); - commit_coins[i].refresh_link = NULL; GNUNET_free (commit_coins[i].coin_ev); commit_coins[i].coin_ev = NULL; commit_coins[i].coin_ev_size = 0; @@ -3175,9 +3162,6 @@ postgres_get_refresh_commit_coins (void *cls, }; void *c_buf; size_t c_buf_size; - void *rl_buf; - size_t rl_buf_size; - struct TALER_RefreshLinkEncrypted *rl; PGresult *result; result = GNUNET_PQ_exec_prepared (session->conn, @@ -3198,12 +3182,11 @@ postgres_get_refresh_commit_coins (void *cls, } { struct GNUNET_PQ_ResultSpec rs[] = { - GNUNET_PQ_result_spec_variable_size ("link_vector_enc", - &rl_buf, - &rl_buf_size), + GNUNET_PQ_result_spec_auto_from_type ("link_vector_enc", + &commit_coins[i].refresh_link), GNUNET_PQ_result_spec_variable_size ("coin_ev", - &c_buf, - &c_buf_size), + &c_buf, + &c_buf_size), GNUNET_PQ_result_spec_end }; @@ -3216,17 +3199,6 @@ postgres_get_refresh_commit_coins (void *cls, } } PQclear (result); - if (rl_buf_size < sizeof (struct TALER_CoinSpendPrivateKeyP)) - { - GNUNET_free (c_buf); - GNUNET_free (rl_buf); - postgres_free_refresh_commit_coins (cls, i, commit_coins); - return GNUNET_SYSERR; - } - rl = TALER_refresh_link_encrypted_decode (rl_buf, - rl_buf_size); - GNUNET_free (rl_buf); - commit_coins[i].refresh_link = rl; commit_coins[i].coin_ev = c_buf; commit_coins[i].coin_ev_size = c_buf_size; } @@ -3475,7 +3447,6 @@ postgres_get_link_data_list (void *cls, const struct GNUNET_HashCode *session_hash) { struct TALER_EXCHANGEDB_LinkDataList *ldl; - struct TALER_EXCHANGEDB_LinkDataList *pos; int i; int nrows; struct GNUNET_PQ_QueryParam params[] = { @@ -3503,45 +3474,34 @@ postgres_get_link_data_list (void *cls, for (i = 0; i < nrows; i++) { - struct TALER_RefreshLinkEncrypted *link_enc; struct GNUNET_CRYPTO_RsaPublicKey *denom_pub; struct GNUNET_CRYPTO_RsaSignature *sig; - void *ld_buf; - size_t ld_buf_size; - struct GNUNET_PQ_ResultSpec rs[] = { - GNUNET_PQ_result_spec_variable_size ("link_vector_enc", - &ld_buf, - &ld_buf_size), - GNUNET_PQ_result_spec_rsa_signature ("ev_sig", - &sig), - GNUNET_PQ_result_spec_rsa_public_key ("denom_pub", - &denom_pub), - GNUNET_PQ_result_spec_end - }; + struct TALER_EXCHANGEDB_LinkDataList *pos; - if (GNUNET_OK != - GNUNET_PQ_extract_result (result, rs, i)) - { - PQclear (result); - GNUNET_break (0); - common_free_link_data_list (cls, - ldl); - return NULL; - } - if (ld_buf_size < sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) + pos = GNUNET_new (struct TALER_EXCHANGEDB_LinkDataList); { - PQclear (result); - GNUNET_free (ld_buf); - common_free_link_data_list (cls, - ldl); - return NULL; + struct GNUNET_PQ_ResultSpec rs[] = { + GNUNET_PQ_result_spec_auto_from_type ("link_vector_enc", + &pos->link_data_enc), + GNUNET_PQ_result_spec_rsa_signature ("ev_sig", + &sig), + GNUNET_PQ_result_spec_rsa_public_key ("denom_pub", + &denom_pub), + GNUNET_PQ_result_spec_end + }; + + if (GNUNET_OK != + GNUNET_PQ_extract_result (result, rs, i)) + { + PQclear (result); + GNUNET_break (0); + common_free_link_data_list (cls, + ldl); + GNUNET_free (pos); + return NULL; + } } - link_enc = TALER_refresh_link_encrypted_decode (ld_buf, - ld_buf_size); - GNUNET_free (ld_buf); - pos = GNUNET_new (struct TALER_EXCHANGEDB_LinkDataList); pos->next = ldl; - pos->link_data_enc = link_enc; pos->denom_pub.rsa_public_key = denom_pub; pos->ev_sig.rsa_signature = sig; ldl = pos; diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c index a5530e3cc..d9c04b8c1 100644 --- a/src/exchangedb/test_exchangedb.c +++ b/src/exchangedb/test_exchangedb.c @@ -301,18 +301,13 @@ static struct TALER_Amount amount_with_fee; * @return 0 if they are equal */ static int -refresh_link_encrypted_cmp (struct TALER_RefreshLinkEncrypted *rl1, - struct TALER_RefreshLinkEncrypted *rl2) +refresh_link_encrypted_cmp (struct TALER_RefreshLinkEncryptedP *rl1, + struct TALER_RefreshLinkEncryptedP *rl2) { - if ( (rl1->blinding_key_enc_size == rl2->blinding_key_enc_size) && - (0 == - memcmp (rl1->coin_priv_enc, - rl2->coin_priv_enc, - sizeof (struct TALER_CoinSpendPrivateKeyP))) && - (0 == - memcmp (rl1->blinding_key_enc, - rl2->blinding_key_enc, - rl1->blinding_key_enc_size)) ) + if (0 == + memcmp (rl1, + rl2, + sizeof (struct TALER_RefreshLinkEncryptedP))) return 0; return 1; } @@ -334,8 +329,8 @@ commit_coin_cmp (struct TALER_EXCHANGEDB_RefreshCommitCoin *rc1, rc2->coin_ev, rc2->coin_ev_size)); FAILIF (0 != - refresh_link_encrypted_cmp (rc1->refresh_link, - rc2->refresh_link)); + refresh_link_encrypted_cmp (&rc1->refresh_link, + &rc2->refresh_link)); return 0; drop: return 1; @@ -370,10 +365,9 @@ test_refresh_commit_coins (struct TALER_EXCHANGEDB_Session *session, { struct TALER_EXCHANGEDB_RefreshCommitCoin *ret_commit_coins; struct TALER_EXCHANGEDB_RefreshCommitCoin *a_ccoin; - struct TALER_RefreshLinkEncrypted *a_rlink; + struct TALER_RefreshLinkEncryptedP a_rlink; struct TALER_EXCHANGEDB_RefreshCommitCoin *b_ccoin; - struct TALER_RefreshLinkEncrypted *b_rlink; - size_t size; + struct TALER_RefreshLinkEncryptedP b_rlink; unsigned int cnt; uint16_t cnc_index; int ret; @@ -389,12 +383,12 @@ test_refresh_commit_coins (struct TALER_EXCHANGEDB_Session *session, for (cnt=0; cnt < MELT_NEW_COINS; cnt++) { struct TALER_EXCHANGEDB_RefreshCommitCoin *ccoin; - struct TALER_RefreshLinkEncrypted *rlink; + struct TALER_RefreshLinkEncryptedP rlink; ccoin = &commit_coins[cnc_index][cnt]; - size = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, - COIN_ENC_MAX_SIZE); - rlink = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) + size); + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, + &rlink, + sizeof (rlink)); ccoin->refresh_link = rlink; ccoin->coin_ev_size = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, COIN_ENC_MAX_SIZE); @@ -402,12 +396,6 @@ test_refresh_commit_coins (struct TALER_EXCHANGEDB_Session *session, GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, ccoin->coin_ev, ccoin->coin_ev_size); - rlink->blinding_key_enc_size = size; - RND_BLK (&rlink->coin_priv_enc); - rlink->blinding_key_enc = (const char *) &rlink[1]; - GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, - (void *)rlink->blinding_key_enc, - rlink->blinding_key_enc_size); } FAILIF (GNUNET_OK != plugin->insert_refresh_commit_coins (plugin->cls, @@ -436,13 +424,12 @@ test_refresh_commit_coins (struct TALER_EXCHANGEDB_Session *session, a_ccoin->coin_ev_size)); a_rlink = a_ccoin->refresh_link; b_rlink = b_ccoin->refresh_link; - FAILIF (a_rlink->blinding_key_enc_size != b_rlink->blinding_key_enc_size); - FAILIF (0 != memcmp (a_rlink->blinding_key_enc, - b_rlink->blinding_key_enc, - a_rlink->blinding_key_enc_size)); - FAILIF (0 != memcmp (a_rlink->coin_priv_enc, - b_rlink->coin_priv_enc, - sizeof (a_rlink->coin_priv_enc))); + FAILIF (0 != memcmp (a_rlink.blinding_key_enc, + b_rlink.blinding_key_enc, + sizeof (a_rlink.blinding_key_enc))); + FAILIF (0 != memcmp (a_rlink.coin_priv_enc, + b_rlink.coin_priv_enc, + sizeof (a_rlink.coin_priv_enc))); } } ret = GNUNET_OK; @@ -745,8 +732,8 @@ test_melting (struct TALER_EXCHANGEDB_Session *session) FAILIF (NULL == ldl); for (ldlp = ldl; NULL != ldlp; ldlp = ldlp->next) { - struct TALER_RefreshLinkEncrypted *r1; - struct TALER_RefreshLinkEncrypted *r2; + struct TALER_RefreshLinkEncryptedP r1; + struct TALER_RefreshLinkEncryptedP r2; int found; found = GNUNET_NO; @@ -762,7 +749,7 @@ test_melting (struct TALER_EXCHANGEDB_Session *session) GNUNET_CRYPTO_rsa_signature_cmp (ldlp->ev_sig.rsa_signature, ev_sigs[cnt].rsa_signature)) && (0 == - refresh_link_encrypted_cmp (r1, r2)) ) + refresh_link_encrypted_cmp (&r1, &r2)) ) { found = GNUNET_YES; break; diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 0f36f378f..af451b208 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -277,20 +277,21 @@ struct TALER_CoinSpendSignatureP }; -GNUNET_NETWORK_STRUCT_END - /** * @brief Type of blinding keys for Taler. */ -struct TALER_DenominationBlindingKey +struct TALER_DenominationBlindingKeyP { /** - * Taler uses RSA for blinding. + * Taler uses RSA for blind signatures. */ - struct GNUNET_CRYPTO_RsaBlindingKey *rsa_blinding_key; + struct GNUNET_CRYPTO_RsaBlindingKeySecret bks; }; +GNUNET_NETWORK_STRUCT_END + + /** * @brief Type of (unblinded) coin signatures for Taler. */ @@ -412,7 +413,7 @@ struct TALER_EncryptedLinkSecretP /** * @brief Representation of an refresh link in cleartext. */ -struct TALER_RefreshLinkDecrypted +struct TALER_RefreshLinkDecryptedP { /** @@ -423,7 +424,7 @@ struct TALER_RefreshLinkDecrypted /** * Blinding key. */ - struct TALER_DenominationBlindingKey blinding_key; + struct TALER_DenominationBlindingKeyP blinding_key; }; @@ -483,25 +484,17 @@ struct TALER_WireTransferIdentifierP }; -GNUNET_NETWORK_STRUCT_END - - /** * @brief Representation of an encrypted refresh link. */ -struct TALER_RefreshLinkEncrypted +struct TALER_RefreshLinkEncryptedP { /** * Encrypted blinding key with @e blinding_key_enc_size bytes, * must be allocated at the end of this struct. */ - const char *blinding_key_enc; - - /** - * Number of bytes in @e blinding_key_enc. - */ - size_t blinding_key_enc_size; + char blinding_key_enc[sizeof (struct TALER_DenominationBlindingKeyP)]; /** * Encrypted private key of the coin. @@ -511,6 +504,10 @@ struct TALER_RefreshLinkEncrypted }; +GNUNET_NETWORK_STRUCT_END + + + /** * Decrypt the shared @a secret from the information in the * encrypted link secret @e secret_enc using the transfer @@ -618,11 +615,12 @@ TALER_transfer_encrypt (const struct TALER_LinkSecretP *secret, * * @param input encrypted refresh link data * @param secret shared secret to use for decryption - * @return NULL on error + * @param[out] output where to write decrypted refresh link */ -struct TALER_RefreshLinkDecrypted * -TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input, - const struct TALER_LinkSecretP *secret); +void +TALER_refresh_decrypt (const struct TALER_RefreshLinkEncryptedP *input, + const struct TALER_LinkSecretP *secret, + struct TALER_RefreshLinkDecryptedP *output); /** @@ -630,36 +628,12 @@ TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input, * * @param input plaintext refresh link data * @param secret shared secret to use for encryption - * @return NULL on error (should never happen) - */ -struct TALER_RefreshLinkEncrypted * -TALER_refresh_encrypt (const struct TALER_RefreshLinkDecrypted *input, - const struct TALER_LinkSecretP *secret); - - -/** - * Decode encrypted refresh link information from buffer. - * - * @param buf buffer with refresh link data - * @param buf_len number of bytes in @a buf - * @return NULL on error (@a buf_len too small) + * @param[out] output where to write encrypted refresh link */ -struct TALER_RefreshLinkEncrypted * -TALER_refresh_link_encrypted_decode (const char *buf, - size_t buf_len); - - -/** - * Encode encrypted refresh link information to buffer. - * - * @param rle refresh link to encode - * @param[out] buf_len set number of bytes returned - * @return NULL on error, otherwise buffer with encoded @a rle - */ -char * -TALER_refresh_link_encrypted_encode (const struct TALER_RefreshLinkEncrypted *rle, - size_t *buf_len); - +void +TALER_refresh_encrypt (const struct TALER_RefreshLinkDecryptedP *input, + const struct TALER_LinkSecretP *secret, + struct TALER_RefreshLinkEncryptedP *output); #endif diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index 1655e1a67..bcc794107 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -725,7 +725,7 @@ TALER_EXCHANGE_reserve_withdraw (struct TALER_EXCHANGE_Handle *exchange, const struct TALER_EXCHANGE_DenomPublicKey *pk, const struct TALER_ReservePrivateKeyP *reserve_priv, const struct TALER_CoinSpendPrivateKeyP *coin_priv, - const struct TALER_DenominationBlindingKey *blinding_key, + const struct TALER_DenominationBlindingKeyP *blinding_key, TALER_EXCHANGE_ReserveWithdrawResultCallback res_cb, void *res_cb_cls); diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 6a3f9249c..59e33a9eb 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -442,7 +442,7 @@ struct TALER_EXCHANGEDB_RefreshCommitCoin * Encrypted data allowing those able to decrypt it to derive * the private keys of the new coins created by the refresh. */ - struct TALER_RefreshLinkEncrypted *refresh_link; + struct TALER_RefreshLinkEncryptedP refresh_link; /** * Blinded message to be signed (in envelope), with @e coin_env_size bytes. @@ -471,7 +471,7 @@ struct TALER_EXCHANGEDB_LinkDataList * Link data, used to recover the private key of the coin * by the owner of the old coin. */ - struct TALER_RefreshLinkEncrypted *link_data_enc; + struct TALER_RefreshLinkEncryptedP link_data_enc; /** * Denomination public key, determines the value of the coin. diff --git a/src/util/crypto.c b/src/util/crypto.c index 9e6890569..042cf8871 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -227,41 +227,25 @@ TALER_transfer_encrypt (const struct TALER_LinkSecretP *secret, * * @param input encrypted refresh link data * @param secret shared secret to use for decryption - * @return NULL on error + * @param[out] output where to write decrypted data */ -struct TALER_RefreshLinkDecrypted * -TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input, - const struct TALER_LinkSecretP *secret) +void +TALER_refresh_decrypt (const struct TALER_RefreshLinkEncryptedP *input, + const struct TALER_LinkSecretP *secret, + struct TALER_RefreshLinkDecryptedP *output) { - struct TALER_RefreshLinkDecrypted *ret; struct GNUNET_CRYPTO_SymmetricInitializationVector iv; struct GNUNET_CRYPTO_SymmetricSessionKey skey; - size_t buf_size = input->blinding_key_enc_size - + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey); - char buf[buf_size]; - GNUNET_assert (input->blinding_key_enc == (const char *) &input[1]); derive_refresh_key (secret, &iv, &skey); - if (buf_size != - GNUNET_CRYPTO_symmetric_decrypt (input->coin_priv_enc, - buf_size, - &skey, - &iv, - buf)) - return NULL; - ret = GNUNET_new (struct TALER_RefreshLinkDecrypted); - memcpy (&ret->coin_priv, - buf, - sizeof (struct TALER_CoinSpendPrivateKeyP)); - ret->blinding_key.rsa_blinding_key - = GNUNET_CRYPTO_rsa_blinding_key_decode (&buf[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)], - input->blinding_key_enc_size); - if (NULL == ret->blinding_key.rsa_blinding_key) - { - GNUNET_free (ret); - return NULL; - } - return ret; + GNUNET_assert (sizeof (struct TALER_RefreshLinkEncryptedP) == + sizeof (struct TALER_RefreshLinkDecryptedP)); + GNUNET_assert (sizeof (struct TALER_RefreshLinkEncryptedP) == + GNUNET_CRYPTO_symmetric_decrypt (input, + sizeof (struct TALER_RefreshLinkEncryptedP), + &skey, + &iv, + output)); } @@ -270,106 +254,25 @@ TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input, * * @param input plaintext refresh link data * @param secret shared secret to use for encryption - * @return NULL on error (should never happen) + * @param[out] output where to write encrypted link data */ -struct TALER_RefreshLinkEncrypted * -TALER_refresh_encrypt (const struct TALER_RefreshLinkDecrypted *input, - const struct TALER_LinkSecretP *secret) +void +TALER_refresh_encrypt (const struct TALER_RefreshLinkDecryptedP *input, + const struct TALER_LinkSecretP *secret, + struct TALER_RefreshLinkEncryptedP *output) { - char *b_buf; - size_t b_buf_size; struct GNUNET_CRYPTO_SymmetricInitializationVector iv; struct GNUNET_CRYPTO_SymmetricSessionKey skey; - struct TALER_RefreshLinkEncrypted *ret; derive_refresh_key (secret, &iv, &skey); - b_buf_size = GNUNET_CRYPTO_rsa_blinding_key_encode (input->blinding_key.rsa_blinding_key, - &b_buf); - ret = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) + - b_buf_size); - ret->blinding_key_enc = (const char *) &ret[1]; - ret->blinding_key_enc_size = b_buf_size; - { - size_t buf_size = b_buf_size + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey); - char buf[buf_size]; - - memcpy (buf, - &input->coin_priv, - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); - memcpy (&buf[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)], - b_buf, - b_buf_size); - - if (buf_size != - GNUNET_CRYPTO_symmetric_encrypt (buf, - buf_size, - &skey, - &iv, - ret->coin_priv_enc)) - { - GNUNET_free (ret); - return NULL; - } - } - return ret; -} - - -/** - * Decode encrypted refresh link information from buffer. - * - * @param buf buffer with refresh link data - * @param buf_len number of bytes in @a buf - * @return NULL on error (@a buf_len too small) - */ -struct TALER_RefreshLinkEncrypted * -TALER_refresh_link_encrypted_decode (const char *buf, - size_t buf_len) -{ - struct TALER_RefreshLinkEncrypted *rle; - - if (buf_len < sizeof (struct TALER_CoinSpendPrivateKeyP)) - return NULL; - if (buf_len >= GNUNET_MAX_MALLOC_CHECKED) - { - GNUNET_break (0); - return NULL; - } - rle = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) + - buf_len - sizeof (struct TALER_CoinSpendPrivateKeyP)); - rle->blinding_key_enc = (const char *) &rle[1]; - rle->blinding_key_enc_size = buf_len - sizeof (struct TALER_CoinSpendPrivateKeyP); - memcpy (rle->coin_priv_enc, - buf, - buf_len); - return rle; -} - - -/** - * Encode encrypted refresh link information to buffer. - * - * @param rle refresh link to encode - * @param[out] buf_len set number of bytes returned - * @return NULL on error, otherwise buffer with encoded @a rle - */ -char * -TALER_refresh_link_encrypted_encode (const struct TALER_RefreshLinkEncrypted *rle, - size_t *buf_len) -{ - char *buf; - - if (rle->blinding_key_enc_size >= GNUNET_MAX_MALLOC_CHECKED - sizeof (struct TALER_CoinSpendPrivateKeyP)) - { - GNUNET_break (0); - return NULL; - } - *buf_len = sizeof (struct TALER_CoinSpendPrivateKeyP) + rle->blinding_key_enc_size; - buf = GNUNET_malloc (*buf_len); - memcpy (buf, - rle->coin_priv_enc, - *buf_len); - return buf; + GNUNET_assert (sizeof (struct TALER_RefreshLinkEncryptedP) == + sizeof (struct TALER_RefreshLinkDecryptedP)); + GNUNET_assert (sizeof (struct TALER_RefreshLinkEncryptedP) == + GNUNET_CRYPTO_symmetric_encrypt (input, + sizeof (struct TALER_RefreshLinkDecryptedP), + &skey, + &iv, + output)); } diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c index 59acd7814..b677c6d8f 100644 --- a/src/util/test_crypto.c +++ b/src/util/test_crypto.c @@ -36,9 +36,9 @@ test_basics () struct TALER_TransferSecretP trans_sec; struct TALER_LinkSecretP secret; struct TALER_LinkSecretP secret2; - struct TALER_RefreshLinkEncrypted *rl_enc; - struct TALER_RefreshLinkDecrypted rl; - struct TALER_RefreshLinkDecrypted *rld; + struct TALER_RefreshLinkEncryptedP rl_enc; + struct TALER_RefreshLinkDecryptedP rl; + struct TALER_RefreshLinkDecryptedP rld; GNUNET_log_setup ("test-crypto", "WARNING", @@ -47,11 +47,11 @@ test_basics () &secret, sizeof (secret)); GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, - &rl.coin_priv, - sizeof (rl.coin_priv)); - rl.blinding_key.rsa_blinding_key = GNUNET_CRYPTO_rsa_blinding_key_create (1024); - rl_enc = TALER_refresh_encrypt (&rl, - &secret); + &rl, + sizeof (rl)); + TALER_refresh_encrypt (&rl, + &secret, + &rl_enc); GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &trans_sec, sizeof (trans_sec)); @@ -66,49 +66,12 @@ test_basics () GNUNET_assert (0 == memcmp (&secret, &secret2, sizeof (secret))); - rld = TALER_refresh_decrypt (rl_enc, - &secret2); - GNUNET_assert (NULL != rld); - GNUNET_assert (0 == memcmp (&rld->coin_priv, - &rl.coin_priv, - sizeof (struct TALER_CoinSpendPrivateKeyP))); - GNUNET_assert (0 == - GNUNET_CRYPTO_rsa_blinding_key_cmp (rl.blinding_key.rsa_blinding_key, - rld->blinding_key.rsa_blinding_key)); - GNUNET_CRYPTO_rsa_blinding_key_free (rld->blinding_key.rsa_blinding_key); - GNUNET_free (rld); - GNUNET_CRYPTO_rsa_blinding_key_free (rl.blinding_key.rsa_blinding_key); - return 0; -} - - -/** - * Test #TALER_refresh_link_encrypted_decode(). - * - * @return 0 on success - */ -static int -test_rled () -{ - struct TALER_RefreshLinkEncrypted *rle; - char buf[512]; - char *buf2; - size_t buf_len = sizeof (buf); - - memset (buf, 42, sizeof (buf)); - rle = TALER_refresh_link_encrypted_decode (buf, - buf_len); - GNUNET_assert (NULL != rle); - buf_len = 42; - buf2 = TALER_refresh_link_encrypted_encode (rle, - &buf_len); - GNUNET_assert (NULL != buf2); - GNUNET_assert (buf_len == sizeof (buf)); - GNUNET_assert (0 == memcmp (buf, - buf2, - buf_len)); - GNUNET_free (rle); - GNUNET_free (buf2); + TALER_refresh_decrypt (&rl_enc, + &secret2, + &rld); + GNUNET_assert (0 == memcmp (&rld, + &rl, + sizeof (struct TALER_RefreshLinkDecryptedP))); return 0; } @@ -172,8 +135,6 @@ main(int argc, { if (0 != test_basics ()) return 1; - if (0 != test_rled ()) - return 1; if (0 != test_high_level ()) return 1; return 0; |