From 745719dbc1482734ab3ca7a20541ee8a12ecb69c Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Fri, 5 Aug 2016 16:08:19 +0200 Subject: first half of changing refresh protocol to derive all key data from DH --- src/include/taler_crypto_lib.h | 177 ++++++++++------------------------------- 1 file changed, 43 insertions(+), 134 deletions(-) (limited to 'src/include/taler_crypto_lib.h') diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index e1fdeb2bc..e8e8f3a03 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -412,7 +412,7 @@ GNUNET_NETWORK_STRUCT_BEGIN struct TALER_TransferSecretP { /** - * Secret used to encrypt/decrypt the `struct TALER_LinkSecretP`. + * Secret used to derive private inputs for refreshed coins. * Must be (currently) a hash as this is what * #GNUNET_CRYPTO_ecc_ecdh() returns to us. */ @@ -420,49 +420,6 @@ struct TALER_TransferSecretP }; -/** - * @brief Secret used to decrypt refresh links. - */ -struct TALER_LinkSecretP -{ - /** - * Secret used to decrypt the refresh link data. - */ - char key[sizeof (struct GNUNET_HashCode)]; -}; - - -/** - * @brief Encrypted secret used to decrypt refresh links. - */ -struct TALER_EncryptedLinkSecretP -{ - /** - * Encrypted secret, must be the given size! - */ - char enc[sizeof (struct TALER_LinkSecretP)]; -}; - - -/** - * @brief Representation of an refresh link in cleartext. - */ -struct TALER_RefreshLinkDecryptedP -{ - - /** - * Private key of the coin. - */ - struct TALER_CoinSpendPrivateKeyP coin_priv; - - /** - * Blinding key. - */ - struct TALER_DenominationBlindingKeyP blinding_key; - -}; - - /** * Length of the raw value in the Taler wire transfer identifier * (in binary representation). @@ -540,44 +497,6 @@ struct TALER_RefreshLinkEncryptedP GNUNET_NETWORK_STRUCT_END - - -/** - * Decrypt the shared @a secret from the information in the - * encrypted link secret @e secret_enc using the transfer - * private key and the coin's public key. - * - * @param secret_enc encrypted link secret - * @param trans_priv transfer private key - * @param coin_pub coin public key - * @param[out] secret set to the shared secret - * @return #GNUNET_OK on success, #GNUNET_SYSERR on error - */ -int -TALER_link_decrypt_secret (const struct TALER_EncryptedLinkSecretP *secret_enc, - const struct TALER_TransferPrivateKeyP *trans_priv, - const struct TALER_CoinSpendPublicKeyP *coin_pub, - struct TALER_LinkSecretP *secret); - - -/** - * Decrypt the shared @a secret from the information in the - * encrypted link secret @e secret_enc using the transfer - * public key and the coin's private key. - * - * @param secret_enc encrypted link secret - * @param trans_pub transfer public key - * @param coin_priv coin private key - * @param[out] secret set to the shared secret - * @return #GNUNET_OK on success, #GNUNET_SYSERR on error - */ -int -TALER_link_decrypt_secret2 (const struct TALER_EncryptedLinkSecretP *secret_enc, - const struct TALER_TransferPublicKeyP *trans_pub, - const struct TALER_CoinSpendPrivateKeyP *coin_priv, - struct TALER_LinkSecretP *secret); - - /** * Given the coin and the transfer private keys, compute the * transfer secret. (Technically, we only need one of the two @@ -596,78 +515,68 @@ TALER_link_derive_transfer_secret (const struct TALER_CoinSpendPrivateKeyP *coin /** - * Encrypt the shared @a secret to generate the encrypted link secret. - * Also creates the transfer key. + * Decrypt the shared @a secret from the information in the + * @a trans_priv and @a coin_pub. * - * @param secret link secret to encrypt + * @param trans_priv transfer private key * @param coin_pub coin public key - * @param[out] trans_priv set to transfer private key - * @param[out] trans_pub set to transfer public key - * @param[out] secret_enc set to the encryptd @a secret - * @return #GNUNET_OK on success, #GNUNET_SYSERR on error + * @param[out] secret set to the shared secret */ -int -TALER_link_encrypt_secret (const struct TALER_LinkSecretP *secret, - const struct TALER_CoinSpendPublicKeyP *coin_pub, - struct TALER_TransferPrivateKeyP *trans_priv, - struct TALER_TransferPublicKeyP *trans_pub, - struct TALER_EncryptedLinkSecretP *secret_enc); +void +TALER_link_reveal_transfer_secret (const struct TALER_TransferPrivateKeyP *trans_priv, + const struct TALER_CoinSpendPublicKeyP *coin_pub, + struct TALER_TransferSecretP *transfer_secret); + /** - * Use the @a trans_sec (from ECDHE) to decrypt the @a secret_enc - * to obtain the @a secret to decrypt the linkage data. + * Decrypt the shared @a secret from the information in the + * @a trans_priv and @a coin_pub. * - * @param secret_enc encrypted secret - * @param trans_sec transfer secret - * @param secret shared secret for refresh link decryption - * @return #GNUNET_OK on success + * @param trans_pub transfer private key + * @param coin_priv coin public key + * @param[out] secret set to the shared secret */ -int -TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecretP *secret_enc, - const struct TALER_TransferSecretP *trans_sec, - struct TALER_LinkSecretP *secret); +void +TALER_link_recover_transfer_secret (const struct TALER_TransferPublicKeyP *trans_pub, + const struct TALER_CoinSpendPrivateKeyP *coin_priv, + struct TALER_TransferSecretP *transfer_secret); /** - * Use the @a trans_sec (from ECDHE) to encrypt the @a secret - * to obtain the @a secret_enc. - * - * @param secret shared secret for refresh link decryption - * @param trans_sec transfer secret - * @param[out] secret_enc encrypted secret - * @return #GNUNET_OK on success + * Header for serializations of coin-specific information about the + * fresh coins we generate during a melt. */ -int -TALER_transfer_encrypt (const struct TALER_LinkSecretP *secret, - const struct TALER_TransferSecretP *trans_sec, - struct TALER_EncryptedLinkSecretP *secret_enc); +struct TALER_FreshCoinP +{ + /** + * Private key of the coin. + */ + struct TALER_CoinSpendPrivateKeyP coin_priv; -/** - * Decrypt refresh link information. - * - * @param input encrypted refresh link data - * @param secret shared secret to use for decryption - * @param[out] output where to write decrypted refresh link - */ -void -TALER_refresh_decrypt (const struct TALER_RefreshLinkEncryptedP *input, - const struct TALER_LinkSecretP *secret, - struct TALER_RefreshLinkDecryptedP *output); + /** + * The blinding key. + */ + struct TALER_DenominationBlindingKeyP blinding_key; + +}; /** - * Encrypt refresh link information. + * Setup information for a fresh coin, deriving the coin private key + * and the blinding factor from the @a secret_seed with a KDF salted + * by the @a coin_num_salt. * - * @param input plaintext refresh link data - * @param secret shared secret to use for encryption - * @param[out] output where to write encrypted refresh link + * @param secret_seed seed to use for KDF to derive coin keys + * @param coin_num_salt number of the coin to include in KDF + * @param[out] fc value to initialize */ void -TALER_refresh_encrypt (const struct TALER_RefreshLinkDecryptedP *input, - const struct TALER_LinkSecretP *secret, - struct TALER_RefreshLinkEncryptedP *output); +TALER_setup_fresh_coin (const struct TALER_TransferSecretP *secret_seed, + unsigned int coin_num_salt, + struct TALER_FreshCoinP *fc); + #endif -- cgit v1.2.3