oec/libbrandt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add msg headers

Browse Source
This commit is contained in:
Markus Teich 2016-08-23 12:56:44 +02:00
parent b1a5fbd3b8
commit 4561ac2026
4 changed files with 107 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
brandt.c
View File

@ -284,8 +284,6 @@ advance_round (struct BRANDT_Auction *ad,
return; return;
} }
/** \todo: add msgtype header in the handler_out functions */
/* last message only sent to seller, others are broadcasted */ /* last message only sent to seller, others are broadcasted */
if (msg_decrypt == ad->cur_round) if (msg_decrypt == ad->cur_round)
ad->ucast (ad->closure, buf, buflen); ad->ucast (ad->closure, buf, buflen);

130
crypto.c
View File

@ -610,22 +610,26 @@ smc_sum (gcry_mpi_point_t out,
/** /**
* smc_gen_keyshare creates the private additive keyshare and computes the * smc_gen_keyshare creates the private keyshare and computes the
* public multiplicative key share * public key share
* *
* @param[in,out] ad Pointer to the BRANDT_Auction struct to operate on * @param[in] ad Pointer to the BRANDT_Auction struct to operate on
* @param[out] buflen Size of the returned buffer in bytes * @param[out] buflen Size of the returned message buffer in bytes
* @return A buffer containing the multiplicative public key share which needs * @return A buffer containing the public key share
* to be broadcast * which needs to be broadcast
*/ */
unsigned char * unsigned char *
smc_gen_keyshare (struct BRANDT_Auction *ad, size_t *buflen) smc_gen_keyshare (struct BRANDT_Auction *ad, size_t *buflen)
{ {
unsigned char *ret; unsigned char *ret;
struct proof_dl *proof1; struct proof_dl *proof1;
struct msg_head *head;
struct ec_mpi *pubkey_share;
brandt_assert (ad && buflen); brandt_assert (ad && buflen);
*buflen = (sizeof (struct ec_mpi) + sizeof (*proof1)); *buflen = (sizeof (*head) +
sizeof (*pubkey_share) +
sizeof (*proof1));
ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
if (NULL == (ad->y = smc_init1 (ad->n))) if (NULL == (ad->y = smc_init1 (ad->n)))
{ {
@ -633,12 +637,18 @@ smc_gen_keyshare (struct BRANDT_Auction *ad, size_t *buflen)
return NULL; return NULL;
} }
proof1 = (struct proof_dl *)(ret + sizeof (struct ec_mpi)); head = (struct msg_head *)ret;
head->prot_version = htonl (0);
head->msg_type = htonl (msg_init);
proof1 = (struct proof_dl *)(ret + sizeof (*head) + sizeof (*pubkey_share));
ad->x = gcry_mpi_new (256); ad->x = gcry_mpi_new (256);
ec_skey_create (ad->x); ec_skey_create (ad->x);
smc_zkp_dl (ad->y[ad->i], ad->x, proof1); smc_zkp_dl (ad->y[ad->i], ad->x, proof1);
ec_point_serialize ((struct ec_mpi *)ret, ad->y[ad->i]);
pubkey_share = (struct ec_mpi *)(ret + sizeof (*head));
ec_point_serialize (pubkey_share, ad->y[ad->i]);
return ret; return ret;
} }
@ -679,10 +689,13 @@ quit:
/** /**
* smc_encrypt_bid \todo * smc_encrypt_bid encrypts the own bid with the shared public key and packs it
* into a message together with proofs of correctnes.
* *
* @param ad TODO * @param[in] ad Pointer to the BRANDT_Auction struct to operate on
* @param buflen TODO * @param[out] buflen Size of the returned message buffer in bytes
* @return A buffer containing the encrypted bid
* which needs to be broadcast
*/ */
unsigned char * unsigned char *
smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen) smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen)
@ -690,15 +703,17 @@ smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen)
unsigned char *ret; unsigned char *ret;
unsigned char *cur; unsigned char *cur;
struct proof_0og *proof3; struct proof_0og *proof3;
struct msg_head *head;
gcry_mpi_t r_sum; gcry_mpi_t r_sum;
gcry_mpi_t r_part; gcry_mpi_t r_part;
brandt_assert (ad && buflen); brandt_assert (ad && buflen);
*buflen = (ad->k * /* k * (alpha, beta, proof3) */ *buflen = (sizeof (*head) + /* msg header */
ad->k * /* k * (alpha, beta, proof3) */
(sizeof (struct ec_mpi) * 2 + /* alpha, beta */ (sizeof (struct ec_mpi) * 2 + /* alpha, beta */
sizeof (*proof3)) + sizeof (*proof3)) +
sizeof (struct proof_2dle)); sizeof (struct proof_2dle));
cur = ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
if (NULL == (ad->alpha = smc_init2 (ad->n, ad->k)) || if (NULL == (ad->alpha = smc_init2 (ad->n, ad->k)) ||
NULL == (ad->beta = smc_init2 (ad->n, ad->k))) NULL == (ad->beta = smc_init2 (ad->n, ad->k)))
{ {
@ -706,6 +721,11 @@ smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen)
return NULL; return NULL;
} }
head = (struct msg_head *)ret;
head->prot_version = htonl (0);
head->msg_type = htonl (msg_bid);
cur = ret + sizeof (*head);
ad->Y = gcry_mpi_point_new (0); ad->Y = gcry_mpi_point_new (0);
smc_sum (ad->Y, ad->y, ad->n, 1); smc_sum (ad->Y, ad->y, ad->n, 1);
@ -803,16 +823,21 @@ quit:
/** /**
* fp_pub_compute_outcome \todo * fp_pub_compute_outcome computes the outcome for first price auctions with a
* public outcome and packs it into a message buffer together with proofs of
* correctnes.
* *
* @param ad TODO * @param[in] ad Pointer to the BRANDT_Auction struct to operate on
* @param buflen TODO * @param[out] buflen Size of the returned message buffer in bytes
* @return A buffer containing the encrypted outcome vectors
* which needs to be broadcast
*/ */
unsigned char * unsigned char *
fp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen) fp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen)
{ {
unsigned char *ret; unsigned char *ret;
unsigned char *cur; unsigned char *cur;
struct msg_head *head;
gcry_mpi_t coeff = gcry_mpi_copy (GCRYMPI_CONST_ONE); gcry_mpi_t coeff = gcry_mpi_copy (GCRYMPI_CONST_ONE);
gcry_mpi_point_t tmp = gcry_mpi_point_new (0); gcry_mpi_point_t tmp = gcry_mpi_point_new (0);
gcry_mpi_point_t *tlta1; gcry_mpi_point_t *tlta1;
@ -825,8 +850,11 @@ fp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen)
brandt_assert (ad && buflen); brandt_assert (ad && buflen);
*buflen = (ad->k * (sizeof (*gamma) + sizeof (*delta) + sizeof (*proof2))); *buflen = (sizeof (*head) +
cur = ret = GNUNET_new_array (*buflen, unsigned char); ad->k * (sizeof (*gamma) +
sizeof (*delta) +
sizeof (*proof2)));
ret = GNUNET_new_array (*buflen, unsigned char);
if (NULL == (ad->gamma2 = smc_init2 (ad->n, ad->k)) || if (NULL == (ad->gamma2 = smc_init2 (ad->n, ad->k)) ||
NULL == (ad->delta2 = smc_init2 (ad->n, ad->k)) || NULL == (ad->delta2 = smc_init2 (ad->n, ad->k)) ||
NULL == (ad->tmpa1 = smc_init1 (ad->k)) || NULL == (ad->tmpa1 = smc_init1 (ad->k)) ||
@ -836,6 +864,11 @@ fp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen)
return NULL; return NULL;
} }
head = (struct msg_head *)ret;
head->prot_version = htonl (0);
head->msg_type = htonl (msg_outcome);
cur = ret + sizeof (*head);
/* create temporary lookup tables with partial sums */ /* create temporary lookup tables with partial sums */
tlta1 = smc_init1 (ad->k); tlta1 = smc_init1 (ad->k);
tltb1 = smc_init1 (ad->k); tltb1 = smc_init1 (ad->k);
@ -998,30 +1031,39 @@ quit:
/** /**
* fp_pub_decrypt_outcome \todo * fp_pub_decrypt_outcome decrypts part of the outcome and packs it into a
* message buffer together with proofs of correctnes.
* *
* @param ad TODO * @param[in] ad Pointer to the BRANDT_Auction struct to operate on
* @param buflen TODO * @param[out] buflen Size of the returned message buffer in bytes
* @return A buffer containing the own share of the decrypted outcome
* which needs to be broadcast
*/ */
unsigned char * unsigned char *
fp_pub_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen) fp_pub_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen)
{ {
unsigned char *ret; unsigned char *ret;
unsigned char *cur; unsigned char *cur;
struct msg_head *head;
gcry_mpi_point_t tmp = gcry_mpi_point_new (0); gcry_mpi_point_t tmp = gcry_mpi_point_new (0);
struct ec_mpi *phi; struct ec_mpi *phi;
struct proof_2dle *proof2; struct proof_2dle *proof2;
brandt_assert (ad && buflen); brandt_assert (ad && buflen);
*buflen = (ad->k * (sizeof (*phi) + sizeof (*proof2))); *buflen = (sizeof (*head) + ad->k * (sizeof (*phi) + sizeof (*proof2)));
cur = ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
if (NULL == (ad->phi2 = smc_init2 (ad->n, ad->k))) if (NULL == (ad->phi2 = smc_init2 (ad->n, ad->k)))
{ {
weprintf ("unable to alloc memory for first price outcome decryption"); weprintf ("unable to alloc memory for first price outcome decryption");
return NULL; return NULL;
} }
head = (struct msg_head *)ret;
head->prot_version = htonl (0);
head->msg_type = htonl (msg_decrypt);
cur = ret + sizeof (*head);
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
phi = (struct ec_mpi *)cur; phi = (struct ec_mpi *)cur;
@ -1142,16 +1184,20 @@ fp_pub_determine_outcome (struct BRANDT_Auction *ad, uint16_t *winner)
/** /**
* fp_priv_compute_outcome \todo * fp_priv_compute_outcome computes encrypted outcome shares and packs them into
* a message buffer together with proofs of correctnes.
* *
* @param ad TODO * @param[in] ad Pointer to the BRANDT_Auction struct to operate on
* @param buflen TODO * @param[out] buflen Size of the returned message buffer in bytes
* @return A buffer containing the encrypted outcome vectors
* which needs to be broadcast
*/ */
unsigned char * unsigned char *
fp_priv_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen) fp_priv_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen)
{ {
unsigned char *ret; unsigned char *ret;
unsigned char *cur; unsigned char *cur;
struct msg_head *head;
gcry_mpi_point_t tmpa = gcry_mpi_point_new (0); gcry_mpi_point_t tmpa = gcry_mpi_point_new (0);
gcry_mpi_point_t tmpb = gcry_mpi_point_new (0); gcry_mpi_point_t tmpb = gcry_mpi_point_new (0);
gcry_mpi_point_t *tlta1; gcry_mpi_point_t *tlta1;
@ -1166,9 +1212,10 @@ fp_priv_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen)
brandt_assert (ad && buflen); brandt_assert (ad && buflen);
*buflen = (ad->n * ad->k * /* nk * (gamma, delta, proof2) */ *buflen = (sizeof (*head) + /* msg header */
ad->n * ad->k * /* nk * (gamma, delta, proof2) */
(sizeof (*gamma) + sizeof (*delta) + sizeof (*proof2))); (sizeof (*gamma) + sizeof (*delta) + sizeof (*proof2)));
cur = ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
if (NULL == (ad->gamma3 = smc_init3 (ad->n, ad->n, ad->k)) || if (NULL == (ad->gamma3 = smc_init3 (ad->n, ad->n, ad->k)) ||
NULL == (ad->delta3 = smc_init3 (ad->n, ad->n, ad->k))) NULL == (ad->delta3 = smc_init3 (ad->n, ad->n, ad->k)))
{ {
@ -1176,6 +1223,11 @@ fp_priv_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen)
return NULL; return NULL;
} }
head = (struct msg_head *)ret;
head->prot_version = htonl (0);
head->msg_type = htonl (msg_outcome);
cur = ret + sizeof (*head);
/* create temporary lookup tables with partial sums */ /* create temporary lookup tables with partial sums */
tlta1 = smc_init1 (ad->k); tlta1 = smc_init1 (ad->k);
tltb1 = smc_init1 (ad->k); tltb1 = smc_init1 (ad->k);
@ -1343,30 +1395,40 @@ quit:
/** /**
* fp_priv_decrypt_outcome \todo * fp_priv_decrypt_outcome decrypts the own shares of the outcome and packs them
* into a message buffer together with proofs of correctnes.
* *
* @param ad TODO * @param[in] ad Pointer to the BRANDT_Auction struct to operate on
* @param buflen TODO * @param[out] buflen Size of the returned message buffer in bytes
* @return A buffer containing the own share of the decrypted outcome
* which needs to be broadcast
*/ */
unsigned char * unsigned char *
fp_priv_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen) fp_priv_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen)
{ {
unsigned char *ret; unsigned char *ret;
unsigned char *cur; unsigned char *cur;
struct msg_head *head;
gcry_mpi_point_t tmp = gcry_mpi_point_new (0); gcry_mpi_point_t tmp = gcry_mpi_point_new (0);
struct ec_mpi *phi; struct ec_mpi *phi;
struct proof_2dle *proof2; struct proof_2dle *proof2;
brandt_assert (ad && buflen); brandt_assert (ad && buflen);
*buflen = (ad->n * ad->k * (sizeof (*phi) + sizeof (*proof2))); *buflen = (sizeof (*head) +
cur = ret = GNUNET_new_array (*buflen, unsigned char); ad->n * ad->k * (sizeof (*phi) + sizeof (*proof2)));
ret = GNUNET_new_array (*buflen, unsigned char);
if (NULL == (ad->phi3 = smc_init3 (ad->n, ad->n, ad->k))) if (NULL == (ad->phi3 = smc_init3 (ad->n, ad->n, ad->k)))
{ {
weprintf ("unable to alloc memory for first price outcome decryption"); weprintf ("unable to alloc memory for first price outcome decryption");
return NULL; return NULL;
} }
head = (struct msg_head *)ret;
head->prot_version = htonl (0);
head->msg_type = htonl (msg_decrypt);
cur = ret + sizeof (*head);
for (uint16_t i = 0; i < ad->n; i++) for (uint16_t i = 0; i < ad->n; i++)
{ {
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)

10
internals.h
View File

@ -29,11 +29,11 @@
enum rounds { enum rounds {
msg_init, msg_init = 0,
msg_bid, msg_bid = 1,
msg_outcome, msg_outcome = 2,
msg_decrypt, msg_decrypt = 3,
msg_last msg_last = 4
}; };

7
test_crypto.c
View File

@ -212,7 +212,12 @@ test_setup_auction_data ()
{ \ { \
if (s == i) \ if (s == i) \
continue; \ continue; \
CHECK (handler_in[type][oc][index] (&ad[i], bufs[s], lens[s], s), \ CHECK (handler_in[type][oc][index] (&ad[i], \
bufs[s] + \
sizeof (struct msg_head), \
lens[s] - \
sizeof (struct msg_head), \
s), \
"failed checking keyshare"); \ "failed checking keyshare"); \
} \ } \
} \ } \