From 32da809fd665f1ac19210bf48952f1988f417fb8 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Fri, 5 Nov 2021 14:00:10 +0100 Subject: abstract denomination keys a bit more --- src/util/denom.c | 87 ++++++++++++++++++++++++++++++++++++ src/util/taler-exchange-secmod-rsa.c | 52 +++++++++++---------- src/util/test_crypto.c | 11 +++-- 3 files changed, 117 insertions(+), 33 deletions(-) (limited to 'src/util') diff --git a/src/util/denom.c b/src/util/denom.c index 15ba1c1ae..f251d9052 100644 --- a/src/util/denom.c +++ b/src/util/denom.c @@ -22,6 +22,93 @@ #include "taler_util.h" +enum GNUNET_GenericReturnValue +TALER_denom_priv_create (struct TALER_DenominationPrivateKey *denom_priv, + struct TALER_DenominationPublicKey *denom_pub, + enum TALER_DenominationCipher cipher, + ...) +{ + memset (denom_priv, + 0, + sizeof (*denom_priv)); + memset (denom_pub, + 0, + sizeof (*denom_pub)); + switch (cipher) + { + case TALER_DENOMINATION_INVALID: + GNUNET_break (0); + return GNUNET_SYSERR; + case TALER_DENOMINATION_RSA: + { + va_list ap; + unsigned int bits; + + va_start (ap, cipher); + bits = va_arg (ap, unsigned int); + va_end (ap); + if (bits < 512) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + denom_priv->details.rsa_private_key + = GNUNET_CRYPTO_rsa_private_key_create (bits); + } + if (NULL == denom_priv->details.rsa_private_key) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + denom_pub->details.rsa_public_key + = GNUNET_CRYPTO_rsa_private_key_get_public ( + denom_priv->details.rsa_private_key); + denom_priv->cipher = cipher; + denom_pub->cipher = cipher; + return GNUNET_OK; + // TODO: add case for Clause-Schnorr + default: + GNUNET_break (0); + } + return GNUNET_SYSERR; +} + + +enum GNUNET_GenericReturnValue +TALER_denom_sign_blinded (struct TALER_BlindedDenominationSignature *denom_sig, + const struct TALER_DenominationPrivateKey *denom_priv, + void *blinded_msg, + size_t blinded_msg_size) +{ + memset (denom_sig, + 0, + sizeof (*denom_sig)); + switch (denom_priv->cipher) + { + case TALER_DENOMINATION_INVALID: + GNUNET_break (0); + return GNUNET_SYSERR; + case TALER_DENOMINATION_RSA: + denom_sig->details.blinded_rsa_signature + = GNUNET_CRYPTO_rsa_sign_blinded ( + denom_priv->details.rsa_private_key, + blinded_msg, + blinded_msg_size); + if (NULL == denom_sig->details.blinded_rsa_signature) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + denom_sig->cipher = TALER_DENOMINATION_RSA; + return GNUNET_OK; + // TODO: add case for Clause-Schnorr + default: + GNUNET_break (0); + } + return GNUNET_SYSERR; +} + + void TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub, struct TALER_DenominationHash *denom_hash) diff --git a/src/util/taler-exchange-secmod-rsa.c b/src/util/taler-exchange-secmod-rsa.c index 14709e2bd..028c54efe 100644 --- a/src/util/taler-exchange-secmod-rsa.c +++ b/src/util/taler-exchange-secmod-rsa.c @@ -208,10 +208,10 @@ struct WorkItem struct DenominationKey *dk; /** - * RSA signature over @e blinded_msg using @e dk. Result of doing the - * work. Initially NULL. + * Signature over @e blinded_msg using @e dk. Result of doing the + * work. Initially zero. */ - struct GNUNET_CRYPTO_RsaSignature *rsa_signature; + struct TALER_BlindedDenominationSignature denom_sig; /** * Coin_ev value to sign. @@ -424,11 +424,11 @@ sign_worker (void *cls) wi); work_counter--; GNUNET_assert (0 == pthread_mutex_unlock (&work_lock)); - wi->rsa_signature - = GNUNET_CRYPTO_rsa_sign_blinded ( - wi->dk->denom_priv.details.rsa_private_key, - wi->blinded_msg, - wi->blinded_msg_size); + GNUNET_break (GNUNET_OK == + TALER_denom_sign_blinded (&wi->denom_sig, + &wi->dk->denom_priv, + wi->blinded_msg, + wi->blinded_msg_size)); /* put completed work into done queue */ GNUNET_assert (0 == pthread_mutex_lock (&done_lock)); GNUNET_CONTAINER_DLL_insert (done_head, @@ -495,8 +495,8 @@ static void free_dk (struct DenominationKey *dk) { GNUNET_free (dk->filename); - GNUNET_CRYPTO_rsa_private_key_free (dk->denom_priv.details.rsa_private_key); - GNUNET_CRYPTO_rsa_public_key_free (dk->denom_pub.details.rsa_public_key); + TALER_denom_priv_free (&dk->denom_priv); + TALER_denom_pub_free (&dk->denom_pub); GNUNET_free (dk); } @@ -584,7 +584,7 @@ handle_done (void *cls) done_tail, wi); GNUNET_assert (0 == pthread_mutex_unlock (&done_lock)); - if (NULL == wi->rsa_signature) + if (TALER_DENOMINATION_INVALID == wi->denom_sig.cipher) { struct TALER_CRYPTO_SignFailure sf = { .header.size = htons (sizeof (sf)), @@ -605,10 +605,10 @@ handle_done (void *cls) size_t buf_size; size_t tsize; - buf_size = GNUNET_CRYPTO_rsa_signature_encode (wi->rsa_signature, - &buf); - GNUNET_CRYPTO_rsa_signature_free (wi->rsa_signature); - wi->rsa_signature = NULL; + buf_size = GNUNET_CRYPTO_rsa_signature_encode ( + wi->denom_sig.details.blinded_rsa_signature, + &buf); + TALER_blinded_denom_sig_free (&wi->denom_sig); tsize = sizeof (*sr) + buf_size; GNUNET_assert (tsize < UINT16_MAX); sr = GNUNET_malloc (tsize); @@ -844,19 +844,17 @@ setup_key (struct DenominationKey *dk, size_t buf_size; void *buf; - priv.cipher = TALER_DENOMINATION_RSA; - priv.details.rsa_private_key - = GNUNET_CRYPTO_rsa_private_key_create (denom->rsa_keysize); - if (NULL == priv.details.rsa_private_key) + if (GNUNET_OK != + TALER_denom_priv_create (&priv, + &pub, + TALER_DENOMINATION_RSA, + (unsigned int) denom->rsa_keysize)) { GNUNET_break (0); GNUNET_SCHEDULER_shutdown (); global_ret = 40; return GNUNET_SYSERR; } - TALER_denom_priv_to_pub (&priv, - 0 /* FIXME-Oec */, - &pub); buf_size = GNUNET_CRYPTO_rsa_private_key_encode (priv.details.rsa_private_key, &buf); TALER_denom_pub_hash (&pub, @@ -899,8 +897,8 @@ setup_key (struct DenominationKey *dk, { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Duplicate private key created! Terminating.\n"); - GNUNET_CRYPTO_rsa_private_key_free (dk->denom_priv.details.rsa_private_key); - GNUNET_CRYPTO_rsa_public_key_free (dk->denom_pub.details.rsa_public_key); + TALER_denom_priv_free (&dk->denom_priv); + TALER_denom_pub_free (&dk->denom_pub); GNUNET_free (dk->filename); GNUNET_free (dk); return GNUNET_SYSERR; @@ -1261,7 +1259,7 @@ purge_key (struct DenominationKey *dk) dk->purge = true; return; } - GNUNET_CRYPTO_rsa_private_key_free (dk->denom_priv.details.rsa_private_key); + TALER_denom_priv_free (&dk->denom_priv); GNUNET_free (dk); } @@ -1447,8 +1445,8 @@ parse_key (struct Denomination *denom, "Duplicate private key %s detected in file `%s'. Skipping.\n", GNUNET_h2s (&dk->h_denom_pub.hash), filename); - GNUNET_CRYPTO_rsa_private_key_free (priv.details.rsa_private_key); - GNUNET_CRYPTO_rsa_public_key_free (pub.details.rsa_public_key); + TALER_denom_priv_free (&priv); + TALER_denom_pub_free (&pub); GNUNET_free (dk); return; } diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c index 653df86f7..416ca5e2d 100644 --- a/src/util/test_crypto.c +++ b/src/util/test_crypto.c @@ -92,12 +92,11 @@ test_planchets (void) struct TALER_FreshCoin coin; struct TALER_CoinPubHash c_hash; - dk_priv.cipher = TALER_DENOMINATION_RSA; - dk_priv.details.rsa_private_key - = GNUNET_CRYPTO_rsa_private_key_create (1024); - TALER_denom_priv_to_pub (&dk_priv, - 0, - &dk_pub); + GNUNET_assert (GNUNET_OK == + TALER_denom_priv_create (&dk_priv, + &dk_pub, + TALER_DENOMINATION_RSA, + 1024)); TALER_planchet_setup_random (&ps); GNUNET_assert (GNUNET_OK == TALER_planchet_prepare (&dk_pub, -- cgit v1.2.3