From f1ec1e70a02ce1672d4d663d3a23c834817359ac Mon Sep 17 00:00:00 2001 From: Gian Demarmels Date: Wed, 22 Dec 2021 16:55:34 +0100 Subject: implemented planchet_prepare for CS --- src/include/taler_crypto_lib.h | 6 +++-- src/util/crypto.c | 54 +++++++++++++++++++++++++++++++++++------- src/util/denom.c | 33 ++++++++++++++++++++++++-- src/util/test_crypto.c | 23 +++++++++--------- 4 files changed, 93 insertions(+), 23 deletions(-) diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 542146cc0..4a6c02423 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -1061,7 +1061,8 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, const struct TALER_AgeHash *age_commitment_hash, const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_CoinPubHash *c_hash, - struct TALER_BlindedPlanchet *blinded_planchet); + struct TALER_BlindedPlanchet *blinded_planchet, + ...); /** @@ -1469,7 +1470,8 @@ enum GNUNET_GenericReturnValue TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, const struct TALER_PlanchetSecretsP *ps, struct TALER_CoinPubHash *c_hash, - struct TALER_PlanchetDetail *pd); + struct TALER_PlanchetDetail *pd, + ...); /** diff --git a/src/util/crypto.c b/src/util/crypto.c index 1ef0388dc..9dd32d320 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -280,23 +280,61 @@ enum GNUNET_GenericReturnValue TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, const struct TALER_PlanchetSecretsP *ps, struct TALER_CoinPubHash *c_hash, - struct TALER_PlanchetDetail *pd) + struct TALER_PlanchetDetail *pd, + ...) { struct TALER_CoinSpendPublicKeyP coin_pub; GNUNET_CRYPTO_eddsa_key_get_public (&ps->coin_priv.eddsa_priv, &coin_pub.eddsa_pub); - if (GNUNET_OK != - TALER_denom_blind (dk, - &ps->blinding_key, - NULL, /* FIXME-Oec */ - &coin_pub, - c_hash, - &pd->blinded_planchet)) + + switch (dk->cipher) { + case TALER_DENOMINATION_RSA: + if (GNUNET_OK != + TALER_denom_blind (dk, + &ps->blinding_key, + NULL, /* FIXME-Oec */ + &coin_pub, + c_hash, + &pd->blinded_planchet)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + break; + case TALER_DENOMINATION_CS: + { + va_list ap; + va_start (ap, pd); + struct TALER_WithdrawNonce *nonce; + struct TALER_DenominationCsPublicR *r_pub; + + nonce = va_arg (ap, struct TALER_WithdrawNonce *); + r_pub = va_arg (ap, struct TALER_DenominationCsPublicR *); + + if (GNUNET_OK != + TALER_denom_blind (dk, + &ps->blinding_key, + NULL, /* FIXME-Oec */ + &coin_pub, + c_hash, + &pd->blinded_planchet, + nonce, + r_pub)) + { + va_end (ap); + GNUNET_break (0); + return GNUNET_SYSERR; + } + va_end (ap); + break; + } + default: GNUNET_break (0); return GNUNET_SYSERR; } + TALER_denom_pub_hash (dk, &pd->denom_pub_hash); return GNUNET_OK; diff --git a/src/util/denom.c b/src/util/denom.c index 6b587026e..6de6084e7 100644 --- a/src/util/denom.c +++ b/src/util/denom.c @@ -244,6 +244,7 @@ TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub, GNUNET_CRYPTO_hash_context_read (hc, &denom_pub->details.cs_public_key, sizeof(denom_pub->details.cs_public_key)); + break; default: GNUNET_assert (0); } @@ -279,7 +280,8 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, const struct TALER_AgeHash *age_commitment_hash, const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_CoinPubHash *c_hash, - struct TALER_BlindedPlanchet *blinded_planchet) + struct TALER_BlindedPlanchet *blinded_planchet, + ...) { blinded_planchet->cipher = dk->cipher; TALER_coin_pub_hash (coin_pub, @@ -301,7 +303,34 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, return GNUNET_SYSERR; } return GNUNET_OK; - // TODO: add case for Clause-Schnorr + case TALER_DENOMINATION_CS: + { + // TODO: Where to store the blinded rpub? currently ignored + struct GNUNET_CRYPTO_CsRPublic blinded_r_pub[2]; + + va_list ap; + va_start (ap, blinded_planchet); + struct TALER_WithdrawNonce *nonce; + struct TALER_DenominationCsPublicR *r_pub; + + nonce = va_arg (ap, struct TALER_WithdrawNonce *); + r_pub = va_arg (ap, struct TALER_DenominationCsPublicR *); + + struct GNUNET_CRYPTO_CsBlindingSecret bs[2]; + GNUNET_CRYPTO_cs_blinding_secrets_derive (&nonce->nonce, bs); + + GNUNET_CRYPTO_cs_calc_blinded_c (bs, + r_pub->r_pub, + &dk->details.cs_public_key, + &c_hash->hash, + sizeof(struct GNUNET_HashCode), + blinded_planchet->details. + cs_blinded_planchet.c, + blinded_r_pub); + + va_end (ap); + return GNUNET_OK; + } default: GNUNET_break (0); return GNUNET_SYSERR; diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c index 2fe70cda1..142dc31b6 100644 --- a/src/util/test_crypto.c +++ b/src/util/test_crypto.c @@ -148,10 +148,9 @@ test_planchets_cs (void) struct TALER_CoinPubHash c_hash; struct TALER_WithdrawNonce nonce; struct TALER_DenominationCsPublicR r_pub; - // struct TALER_DenominationCsPrivateR priv_r; + struct TALER_DenominationCsPrivateR priv_r; // struct TALER_BlindedDenominationSignature blind_sig; // struct TALER_FreshCoin coin; - // struct TALER_PlanchetDeriveCsBlindingSecrets seed; GNUNET_assert (GNUNET_OK == TALER_denom_priv_create (&dk_priv, @@ -169,15 +168,17 @@ test_planchets_cs (void) &ps.coin_priv, &r_pub); - // NEXT: - // Implement to genrate b-seed from it and calculate c thenĀ§ - - // GNUNET_assert (GNUNET_OK == - // TALER_planchet_prepare (&dk_pub, - // &ps, - // &c_hash, - // &pd)); - + GNUNET_assert (GNUNET_OK == + TALER_planchet_prepare (&dk_pub, + &ps, + &c_hash, + &pd, + &nonce, + &r_pub)); + GNUNET_assert (GNUNET_OK == + TALER_denom_cs_derive_r_secret (&nonce, + &dk_priv, + &priv_r)); // TALER_blinded_denom_sig_free (&blind_sig); // TALER_denom_sig_free (&coin.sig); -- cgit v1.2.3