diff --git a/brandt.c b/brandt.c index a376242..1d55a43 100644 --- a/brandt.c +++ b/brandt.c @@ -284,8 +284,6 @@ advance_round (struct BRANDT_Auction *ad, return; } - /** \todo: add msgtype header in the handler_out functions */ - /* last message only sent to seller, others are broadcasted */ if (msg_decrypt == ad->cur_round) ad->ucast (ad->closure, buf, buflen); diff --git a/crypto.c b/crypto.c index 64d4920..965f9cc 100644 --- a/crypto.c +++ b/crypto.c @@ -610,22 +610,26 @@ smc_sum (gcry_mpi_point_t out, /** - * smc_gen_keyshare creates the private additive keyshare and computes the - * public multiplicative key share + * smc_gen_keyshare creates the private keyshare and computes the + * public key share * - * @param[in,out] ad Pointer to the BRANDT_Auction struct to operate on - * @param[out] buflen Size of the returned buffer in bytes - * @return A buffer containing the multiplicative public key share which needs - * to be broadcast + * @param[in] ad Pointer to the BRANDT_Auction struct to operate on + * @param[out] buflen Size of the returned message buffer in bytes + * @return A buffer containing the public key share + * which needs to be broadcast */ unsigned char * smc_gen_keyshare (struct BRANDT_Auction *ad, size_t *buflen) { unsigned char *ret; struct proof_dl *proof1; + struct msg_head *head; + struct ec_mpi *pubkey_share; brandt_assert (ad && buflen); - *buflen = (sizeof (struct ec_mpi) + sizeof (*proof1)); + *buflen = (sizeof (*head) + + sizeof (*pubkey_share) + + sizeof (*proof1)); ret = GNUNET_new_array (*buflen, unsigned char); if (NULL == (ad->y = smc_init1 (ad->n))) { @@ -633,12 +637,18 @@ smc_gen_keyshare (struct BRANDT_Auction *ad, size_t *buflen) return NULL; } - proof1 = (struct proof_dl *)(ret + sizeof (struct ec_mpi)); + head = (struct msg_head *)ret; + head->prot_version = htonl (0); + head->msg_type = htonl (msg_init); + proof1 = (struct proof_dl *)(ret + sizeof (*head) + sizeof (*pubkey_share)); ad->x = gcry_mpi_new (256); ec_skey_create (ad->x); smc_zkp_dl (ad->y[ad->i], ad->x, proof1); - ec_point_serialize ((struct ec_mpi *)ret, ad->y[ad->i]); + + pubkey_share = (struct ec_mpi *)(ret + sizeof (*head)); + ec_point_serialize (pubkey_share, ad->y[ad->i]); + return ret; } @@ -679,10 +689,13 @@ quit: /** - * smc_encrypt_bid \todo + * smc_encrypt_bid encrypts the own bid with the shared public key and packs it + * into a message together with proofs of correctnes. * - * @param ad TODO - * @param buflen TODO + * @param[in] ad Pointer to the BRANDT_Auction struct to operate on + * @param[out] buflen Size of the returned message buffer in bytes + * @return A buffer containing the encrypted bid + * which needs to be broadcast */ unsigned char * smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen) @@ -690,15 +703,17 @@ smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen) unsigned char *ret; unsigned char *cur; struct proof_0og *proof3; + struct msg_head *head; gcry_mpi_t r_sum; gcry_mpi_t r_part; brandt_assert (ad && buflen); - *buflen = (ad->k * /* k * (alpha, beta, proof3) */ + *buflen = (sizeof (*head) + /* msg header */ + ad->k * /* k * (alpha, beta, proof3) */ (sizeof (struct ec_mpi) * 2 + /* alpha, beta */ sizeof (*proof3)) + sizeof (struct proof_2dle)); - cur = ret = GNUNET_new_array (*buflen, unsigned char); + ret = GNUNET_new_array (*buflen, unsigned char); if (NULL == (ad->alpha = smc_init2 (ad->n, ad->k)) || NULL == (ad->beta = smc_init2 (ad->n, ad->k))) { @@ -706,6 +721,11 @@ smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen) return NULL; } + head = (struct msg_head *)ret; + head->prot_version = htonl (0); + head->msg_type = htonl (msg_bid); + cur = ret + sizeof (*head); + ad->Y = gcry_mpi_point_new (0); smc_sum (ad->Y, ad->y, ad->n, 1); @@ -803,16 +823,21 @@ quit: /** - * fp_pub_compute_outcome \todo + * fp_pub_compute_outcome computes the outcome for first price auctions with a + * public outcome and packs it into a message buffer together with proofs of + * correctnes. * - * @param ad TODO - * @param buflen TODO + * @param[in] ad Pointer to the BRANDT_Auction struct to operate on + * @param[out] buflen Size of the returned message buffer in bytes + * @return A buffer containing the encrypted outcome vectors + * which needs to be broadcast */ unsigned char * fp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen) { unsigned char *ret; unsigned char *cur; + struct msg_head *head; gcry_mpi_t coeff = gcry_mpi_copy (GCRYMPI_CONST_ONE); gcry_mpi_point_t tmp = gcry_mpi_point_new (0); gcry_mpi_point_t *tlta1; @@ -825,8 +850,11 @@ fp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen) brandt_assert (ad && buflen); - *buflen = (ad->k * (sizeof (*gamma) + sizeof (*delta) + sizeof (*proof2))); - cur = ret = GNUNET_new_array (*buflen, unsigned char); + *buflen = (sizeof (*head) + + ad->k * (sizeof (*gamma) + + sizeof (*delta) + + sizeof (*proof2))); + ret = GNUNET_new_array (*buflen, unsigned char); if (NULL == (ad->gamma2 = smc_init2 (ad->n, ad->k)) || NULL == (ad->delta2 = smc_init2 (ad->n, ad->k)) || NULL == (ad->tmpa1 = smc_init1 (ad->k)) || @@ -836,6 +864,11 @@ fp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen) return NULL; } + head = (struct msg_head *)ret; + head->prot_version = htonl (0); + head->msg_type = htonl (msg_outcome); + cur = ret + sizeof (*head); + /* create temporary lookup tables with partial sums */ tlta1 = smc_init1 (ad->k); tltb1 = smc_init1 (ad->k); @@ -998,30 +1031,39 @@ quit: /** - * fp_pub_decrypt_outcome \todo + * fp_pub_decrypt_outcome decrypts part of the outcome and packs it into a + * message buffer together with proofs of correctnes. * - * @param ad TODO - * @param buflen TODO + * @param[in] ad Pointer to the BRANDT_Auction struct to operate on + * @param[out] buflen Size of the returned message buffer in bytes + * @return A buffer containing the own share of the decrypted outcome + * which needs to be broadcast */ unsigned char * fp_pub_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen) { unsigned char *ret; unsigned char *cur; + struct msg_head *head; gcry_mpi_point_t tmp = gcry_mpi_point_new (0); struct ec_mpi *phi; struct proof_2dle *proof2; brandt_assert (ad && buflen); - *buflen = (ad->k * (sizeof (*phi) + sizeof (*proof2))); - cur = ret = GNUNET_new_array (*buflen, unsigned char); + *buflen = (sizeof (*head) + ad->k * (sizeof (*phi) + sizeof (*proof2))); + ret = GNUNET_new_array (*buflen, unsigned char); if (NULL == (ad->phi2 = smc_init2 (ad->n, ad->k))) { weprintf ("unable to alloc memory for first price outcome decryption"); return NULL; } + head = (struct msg_head *)ret; + head->prot_version = htonl (0); + head->msg_type = htonl (msg_decrypt); + cur = ret + sizeof (*head); + for (uint16_t j = 0; j < ad->k; j++) { phi = (struct ec_mpi *)cur; @@ -1142,16 +1184,20 @@ fp_pub_determine_outcome (struct BRANDT_Auction *ad, uint16_t *winner) /** - * fp_priv_compute_outcome \todo + * fp_priv_compute_outcome computes encrypted outcome shares and packs them into + * a message buffer together with proofs of correctnes. * - * @param ad TODO - * @param buflen TODO + * @param[in] ad Pointer to the BRANDT_Auction struct to operate on + * @param[out] buflen Size of the returned message buffer in bytes + * @return A buffer containing the encrypted outcome vectors + * which needs to be broadcast */ unsigned char * fp_priv_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen) { unsigned char *ret; unsigned char *cur; + struct msg_head *head; gcry_mpi_point_t tmpa = gcry_mpi_point_new (0); gcry_mpi_point_t tmpb = gcry_mpi_point_new (0); gcry_mpi_point_t *tlta1; @@ -1166,9 +1212,10 @@ fp_priv_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen) brandt_assert (ad && buflen); - *buflen = (ad->n * ad->k * /* nk * (gamma, delta, proof2) */ + *buflen = (sizeof (*head) + /* msg header */ + ad->n * ad->k * /* nk * (gamma, delta, proof2) */ (sizeof (*gamma) + sizeof (*delta) + sizeof (*proof2))); - cur = ret = GNUNET_new_array (*buflen, unsigned char); + ret = GNUNET_new_array (*buflen, unsigned char); if (NULL == (ad->gamma3 = smc_init3 (ad->n, ad->n, ad->k)) || NULL == (ad->delta3 = smc_init3 (ad->n, ad->n, ad->k))) { @@ -1176,6 +1223,11 @@ fp_priv_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen) return NULL; } + head = (struct msg_head *)ret; + head->prot_version = htonl (0); + head->msg_type = htonl (msg_outcome); + cur = ret + sizeof (*head); + /* create temporary lookup tables with partial sums */ tlta1 = smc_init1 (ad->k); tltb1 = smc_init1 (ad->k); @@ -1343,30 +1395,40 @@ quit: /** - * fp_priv_decrypt_outcome \todo + * fp_priv_decrypt_outcome decrypts the own shares of the outcome and packs them + * into a message buffer together with proofs of correctnes. * - * @param ad TODO - * @param buflen TODO + * @param[in] ad Pointer to the BRANDT_Auction struct to operate on + * @param[out] buflen Size of the returned message buffer in bytes + * @return A buffer containing the own share of the decrypted outcome + * which needs to be broadcast */ unsigned char * fp_priv_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen) { unsigned char *ret; unsigned char *cur; + struct msg_head *head; gcry_mpi_point_t tmp = gcry_mpi_point_new (0); struct ec_mpi *phi; struct proof_2dle *proof2; brandt_assert (ad && buflen); - *buflen = (ad->n * ad->k * (sizeof (*phi) + sizeof (*proof2))); - cur = ret = GNUNET_new_array (*buflen, unsigned char); + *buflen = (sizeof (*head) + + ad->n * ad->k * (sizeof (*phi) + sizeof (*proof2))); + ret = GNUNET_new_array (*buflen, unsigned char); if (NULL == (ad->phi3 = smc_init3 (ad->n, ad->n, ad->k))) { weprintf ("unable to alloc memory for first price outcome decryption"); return NULL; } + head = (struct msg_head *)ret; + head->prot_version = htonl (0); + head->msg_type = htonl (msg_decrypt); + cur = ret + sizeof (*head); + for (uint16_t i = 0; i < ad->n; i++) { for (uint16_t j = 0; j < ad->k; j++) diff --git a/internals.h b/internals.h index c478f4f..6c8b115 100644 --- a/internals.h +++ b/internals.h @@ -29,11 +29,11 @@ enum rounds { - msg_init, - msg_bid, - msg_outcome, - msg_decrypt, - msg_last + msg_init = 0, + msg_bid = 1, + msg_outcome = 2, + msg_decrypt = 3, + msg_last = 4 }; diff --git a/test_crypto.c b/test_crypto.c index 74bf1fe..53e06fe 100644 --- a/test_crypto.c +++ b/test_crypto.c @@ -212,7 +212,12 @@ test_setup_auction_data () { \ if (s == i) \ continue; \ - CHECK (handler_in[type][oc][index] (&ad[i], bufs[s], lens[s], s), \ + CHECK (handler_in[type][oc][index] (&ad[i], \ + bufs[s] + \ + sizeof (struct msg_head), \ + lens[s] - \ + sizeof (struct msg_head), \ + s), \ "failed checking keyshare"); \ } \ } \