From 8bfc6583e799d8f7d0e55262b593183daed7f4fe Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 14 Nov 2022 06:19:35 +0100 Subject: more refactoring towards #7272 --- src/util/crypto_helper_cs.c | 209 ++++---------------------------------------- src/util/test_helper_cs.c | 34 ++++--- 2 files changed, 37 insertions(+), 206 deletions(-) (limited to 'src/util') diff --git a/src/util/crypto_helper_cs.c b/src/util/crypto_helper_cs.c index 7554be40d..5f7d3d6f9 100644 --- a/src/util/crypto_helper_cs.c +++ b/src/util/crypto_helper_cs.c @@ -378,32 +378,17 @@ more: } -/** - * Request helper @a dh to sign @a msg using the public key corresponding to - * @a h_denom_pub. - * - * This operation will block until the signature has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper process connection - * @param h_cs hash of the CS public key to use to sign - * @param blinded_planchet blinded planchet containing c and nonce - * @param for_melt true if the HKDF for melt should be used - * @param[out] bs set to the blind signature - * @return #TALER_EC_NONE on success - */ -static enum TALER_ErrorCode -helper_cs_sign ( +enum TALER_ErrorCode +TALER_CRYPTO_helper_cs_sign ( struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CsPubHashP *h_cs, - const struct TALER_BlindedCsPlanchet *blinded_planchet, + const struct TALER_CRYPTO_CsSignRequest *req, bool for_melt, struct TALER_BlindedDenominationSignature *bs) { enum TALER_ErrorCode ec = TALER_EC_INVALID; + const struct TALER_CsPubHashP *h_cs = req->h_cs; + const struct TALER_BlindedCsPlanchet *blinded_planchet = + req->blinded_planchet; bs->cipher = TALER_DENOMINATION_INVALID; GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, @@ -592,34 +577,6 @@ end: } -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_sign_melt ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsSignRequest *req, - struct TALER_BlindedDenominationSignature *bs) -{ - return helper_cs_sign (dh, - req->h_cs, - req->blinded_planchet, - true, - bs); -} - - -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_sign_withdraw ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsSignRequest *req, - struct TALER_BlindedDenominationSignature *bs) -{ - return helper_cs_sign (dh, - req->h_cs, - req->blinded_planchet, - false, - bs); -} - - void TALER_CRYPTO_helper_cs_revoke ( struct TALER_CRYPTO_CsDenominationHelper *dh, @@ -650,31 +607,15 @@ TALER_CRYPTO_helper_cs_revoke ( } -/** - * Ask the helper to derive R using the @a nonce and denomination key - * associated with @a h_cs. - * - * This operation will block until the R has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper to process connection - * @param h_cs hash of the CS public key to revoke - * @param nonce witdhraw nonce - * @param for_melt true if the HKDF for melt should be used - * @param[out] crp set to the pair of R values - * @return set to the error code (or #TALER_EC_NONE on success) - */ -static enum TALER_ErrorCode -helper_cs_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CsPubHashP *h_cs, - const struct TALER_CsNonce *nonce, - bool for_melt, - struct TALER_DenominationCSPublicRPairP *crp) +enum TALER_ErrorCode +TALER_CRYPTO_helper_cs_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh, + const struct TALER_CRYPTO_CsDeriveRequest *cdr, + bool for_melt, + struct TALER_DenominationCSPublicRPairP *crp) { enum TALER_ErrorCode ec = TALER_EC_INVALID; + const struct TALER_CsPubHashP *h_cs = cdr->h_cs; + const struct TALER_CsNonce *nonce = cdr->nonce; memset (crp, 0, @@ -852,51 +793,7 @@ more: enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_derive_withdraw ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsDeriveRequest *cdr, - struct TALER_DenominationCSPublicRPairP *crp) -{ - return helper_cs_r_derive (dh, - cdr->h_cs, - cdr->nonce, - false, - crp); -} - - -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_derive_melt ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsDeriveRequest *cdr, - struct TALER_DenominationCSPublicRPairP *crp) -{ - return helper_cs_r_derive (dh, - cdr->h_cs, - cdr->nonce, - true, - crp); -} - - -/** - * Request helper @a dh to sign batch of @a reqs requests. - * - * This operation will block until the signature has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper process connection - * @param reqs information about the keys to sign with and the values to sign - * @param reqs_length length of the @a reqs array - * @param for_melt true if this is for a melt operation - * @param[out] bs array set to the blind signatures, must be of length @a reqs_length! - * @return #TALER_EC_NONE on success - */ -static enum TALER_ErrorCode -helper_cs_batch_sign ( +TALER_CRYPTO_helper_cs_batch_sign ( struct TALER_CRYPTO_CsDenominationHelper *dh, const struct TALER_CRYPTO_CsSignRequest *reqs, unsigned int reqs_length, @@ -1141,53 +1038,7 @@ more: enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_batch_sign_melt ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsSignRequest *reqs, - unsigned int reqs_length, - struct TALER_BlindedDenominationSignature *bss) -{ - return helper_cs_batch_sign (dh, - reqs, - reqs_length, - true, - bss); -} - - -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_batch_sign_withdraw ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsSignRequest *reqs, - unsigned int reqs_length, - struct TALER_BlindedDenominationSignature *bss) -{ - return helper_cs_batch_sign (dh, - reqs, - reqs_length, - false, - bss); -} - - -/** - * Ask the helper to derive R using the information from @a cdrs. - * - * This operation will block until the R has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper to process connection - * @param cdrs array with derivation input data - * @param cdrs_length length of the @a cdrs array - * @param for_melt true if this is for a melt operation - * @param[out] crp array set to the pair of R values, must be of length @a cdrs_length - * @return set to the error code (or #TALER_EC_NONE on success) - */ -static enum TALER_ErrorCode -helper_cs_r_batch_derive ( +TALER_CRYPTO_helper_cs_r_batch_derive ( struct TALER_CRYPTO_CsDenominationHelper *dh, const struct TALER_CRYPTO_CsDeriveRequest *cdrs, unsigned int cdrs_length, @@ -1429,36 +1280,6 @@ more: } -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_batch_derive_withdraw ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsDeriveRequest *cdrs, - unsigned int cdrs_length, - struct TALER_DenominationCSPublicRPairP *crps) -{ - return helper_cs_r_batch_derive (dh, - cdrs, - cdrs_length, - false, - crps); -} - - -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_batch_derive_melt ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsDeriveRequest *cdrs, - unsigned int cdrs_length, - struct TALER_DenominationCSPublicRPairP *crps) -{ - return helper_cs_r_batch_derive (dh, - cdrs, - cdrs_length, - true, - crps); -} - - void TALER_CRYPTO_helper_cs_disconnect ( struct TALER_CRYPTO_CsDenominationHelper *dh) diff --git a/src/util/test_helper_cs.c b/src/util/test_helper_cs.c index fdfc5c362..2dada0e19 100644 --- a/src/util/test_helper_cs.c +++ b/src/util/test_helper_cs.c @@ -295,9 +295,10 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh) .nonce = &pd.blinded_planchet.details.cs_blinded_planchet.nonce }; - ec = TALER_CRYPTO_helper_cs_r_derive_withdraw ( + ec = TALER_CRYPTO_helper_cs_r_derive ( dh, &cdr, + false, &alg_values.details.cs_values); } switch (ec) @@ -391,9 +392,10 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh) GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &nonce, sizeof (nonce)); - ec = TALER_CRYPTO_helper_cs_r_derive_withdraw (dh, - &cdr, - &crp); + ec = TALER_CRYPTO_helper_cs_r_derive (dh, + &cdr, + false, + &crp); if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec) { GNUNET_break (0); @@ -443,9 +445,10 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh) &pd.blinded_planchet.details. cs_blinded_planchet.nonce); alg_values.cipher = TALER_DENOMINATION_CS; - ec = TALER_CRYPTO_helper_cs_r_derive_withdraw ( + ec = TALER_CRYPTO_helper_cs_r_derive ( dh, &cdr, + false, &alg_values.details.cs_values); if (TALER_EC_NONE != ec) continue; @@ -470,9 +473,10 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh) csr.h_cs = &keys[i].h_cs; csr.blinded_planchet = &pd.blinded_planchet.details.cs_blinded_planchet; - ec = TALER_CRYPTO_helper_cs_sign_withdraw ( + ec = TALER_CRYPTO_helper_cs_sign ( dh, &csr, + false, &ds); } switch (ec) @@ -571,9 +575,10 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh) csr.h_cs = &rnd; csr.blinded_planchet = &pd.blinded_planchet.details.cs_blinded_planchet; - ec = TALER_CRYPTO_helper_cs_sign_withdraw ( + ec = TALER_CRYPTO_helper_cs_sign ( dh, &csr, + false, &ds); if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec) { @@ -635,10 +640,11 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, &pd[i].blinded_planchet.details.cs_blinded_planchet.nonce); alg_values[i].cipher = TALER_DENOMINATION_CS; } - ec = TALER_CRYPTO_helper_cs_r_batch_derive_withdraw ( + ec = TALER_CRYPTO_helper_cs_r_batch_derive ( dh, cdr, batch_size, + false, crps); if (TALER_EC_NONE != ec) continue; @@ -666,10 +672,11 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, csr[i].blinded_planchet = &pd[i].blinded_planchet.details.cs_blinded_planchet; } - ec = TALER_CRYPTO_helper_cs_batch_sign_withdraw ( + ec = TALER_CRYPTO_helper_cs_batch_sign ( dh, csr, batch_size, + false, ds); } switch (ec) @@ -773,10 +780,11 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, csr.h_cs = &rnd; csr.blinded_planchet = &pd.blinded_planchet.details.cs_blinded_planchet; - ec = TALER_CRYPTO_helper_cs_batch_sign_withdraw ( + ec = TALER_CRYPTO_helper_cs_batch_sign ( dh, &csr, 1, + false, &ds[0]); if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec) { @@ -843,9 +851,10 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, &pd.blinded_planchet.details. cs_blinded_planchet.nonce); alg_values.cipher = TALER_DENOMINATION_CS; - ec = TALER_CRYPTO_helper_cs_r_derive_melt ( + ec = TALER_CRYPTO_helper_cs_r_derive ( dh, &cdr, + true, &alg_values.details.cs_values); if (TALER_EC_NONE != ec) continue; @@ -873,9 +882,10 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, csr.h_cs = &keys[i].h_cs; csr.blinded_planchet = &pd.blinded_planchet.details.cs_blinded_planchet; - ec = TALER_CRYPTO_helper_cs_sign_melt ( + ec = TALER_CRYPTO_helper_cs_sign ( dh, &csr, + true, &ds); if (TALER_EC_NONE != ec) break; -- cgit v1.2.3