oec/libbrandt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

lift code to recent GNUNET version; uncrustify

Browse Source
This commit is contained in:
Özgür Kesim 2024-01-14 21:42:10 +01:00
parent 09af66c165
commit e095416bc2
Signed by: oec
GPG Key ID: 3D76A56D79EDD9D7
16 changed files with 4330 additions and 4249 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

316
INSTALL
View File

@ -1,8 +1,8 @@
Installation Instructions Installation Instructions
************************* *************************
Copyright (C) 1994-1996, 1999-2002, 2004-2013 Free Software Foundation, Copyright (C) 1994-1996, 1999-2002, 2004-2017, 2020-2021 Free
Inc. Software Foundation, Inc.
Copying and distribution of this file, with or without modification, Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright are permitted in any medium without royalty provided the copyright
@ -12,97 +12,96 @@ without warranty of any kind.
Basic Installation Basic Installation
================== ==================
Briefly, the shell command `./configure && make && make install' Briefly, the shell command './configure && make && make install'
should configure, build, and install this package. The following should configure, build, and install this package. The following
more-detailed instructions are generic; see the `README' file for more-detailed instructions are generic; see the 'README' file for
instructions specific to this package. Some packages provide this instructions specific to this package. Some packages provide this
`INSTALL' file but do not implement all of the features documented 'INSTALL' file but do not implement all of the features documented
below. The lack of an optional feature in a given package is not below. The lack of an optional feature in a given package is not
necessarily a bug. More recommendations for GNU packages can be found necessarily a bug. More recommendations for GNU packages can be found
in *note Makefile Conventions: (standards)Makefile Conventions. in *note Makefile Conventions: (standards)Makefile Conventions.
The `configure' shell script attempts to guess correct values for The 'configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses various system-dependent variables used during compilation. It uses
those values to create a `Makefile' in each directory of the package. those values to create a 'Makefile' in each directory of the package.
It may also create one or more `.h' files containing system-dependent It may also create one or more '.h' files containing system-dependent
definitions. Finally, it creates a shell script `config.status' that definitions. Finally, it creates a shell script 'config.status' that
you can run in the future to recreate the current configuration, and a you can run in the future to recreate the current configuration, and a
file `config.log' containing compiler output (useful mainly for file 'config.log' containing compiler output (useful mainly for
debugging `configure'). debugging 'configure').
It can also use an optional file (typically called `config.cache' It can also use an optional file (typically called 'config.cache' and
and enabled with `--cache-file=config.cache' or simply `-C') that saves enabled with '--cache-file=config.cache' or simply '-C') that saves the
the results of its tests to speed up reconfiguring. Caching is results of its tests to speed up reconfiguring. Caching is disabled by
disabled by default to prevent problems with accidental use of stale default to prevent problems with accidental use of stale cache files.
cache files.
If you need to do unusual things to compile the package, please try If you need to do unusual things to compile the package, please try
to figure out how `configure' could check whether to do them, and mail to figure out how 'configure' could check whether to do them, and mail
diffs or instructions to the address given in the `README' so they can diffs or instructions to the address given in the 'README' so they can
be considered for the next release. If you are using the cache, and at be considered for the next release. If you are using the cache, and at
some point `config.cache' contains results you don't want to keep, you some point 'config.cache' contains results you don't want to keep, you
may remove or edit it. may remove or edit it.
The file `configure.ac' (or `configure.in') is used to create The file 'configure.ac' (or 'configure.in') is used to create
`configure' by a program called `autoconf'. You need `configure.ac' if 'configure' by a program called 'autoconf'. You need 'configure.ac' if
you want to change it or regenerate `configure' using a newer version you want to change it or regenerate 'configure' using a newer version of
of `autoconf'. 'autoconf'.
The simplest way to compile this package is: The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type 1. 'cd' to the directory containing the package's source code and type
`./configure' to configure the package for your system. './configure' to configure the package for your system.
Running `configure' might take a while. While running, it prints Running 'configure' might take a while. While running, it prints
some messages telling which features it is checking for. some messages telling which features it is checking for.
2. Type `make' to compile the package. 2. Type 'make' to compile the package.
3. Optionally, type `make check' to run any self-tests that come with 3. Optionally, type 'make check' to run any self-tests that come with
the package, generally using the just-built uninstalled binaries. the package, generally using the just-built uninstalled binaries.
4. Type `make install' to install the programs and any data files and 4. Type 'make install' to install the programs and any data files and
documentation. When installing into a prefix owned by root, it is documentation. When installing into a prefix owned by root, it is
recommended that the package be configured and built as a regular recommended that the package be configured and built as a regular
user, and only the `make install' phase executed with root user, and only the 'make install' phase executed with root
privileges. privileges.
5. Optionally, type `make installcheck' to repeat any self-tests, but 5. Optionally, type 'make installcheck' to repeat any self-tests, but
this time using the binaries in their final installed location. this time using the binaries in their final installed location.
This target does not install anything. Running this target as a This target does not install anything. Running this target as a
regular user, particularly if the prior `make install' required regular user, particularly if the prior 'make install' required
root privileges, verifies that the installation completed root privileges, verifies that the installation completed
correctly. correctly.
6. You can remove the program binaries and object files from the 6. You can remove the program binaries and object files from the
source code directory by typing `make clean'. To also remove the source code directory by typing 'make clean'. To also remove the
files that `configure' created (so you can compile the package for files that 'configure' created (so you can compile the package for
a different kind of computer), type `make distclean'. There is a different kind of computer), type 'make distclean'. There is
also a `make maintainer-clean' target, but that is intended mainly also a 'make maintainer-clean' target, but that is intended mainly
for the package's developers. If you use it, you may have to get for the package's developers. If you use it, you may have to get
all sorts of other programs in order to regenerate files that came all sorts of other programs in order to regenerate files that came
with the distribution. with the distribution.
7. Often, you can also type `make uninstall' to remove the installed 7. Often, you can also type 'make uninstall' to remove the installed
files again. In practice, not all packages have tested that files again. In practice, not all packages have tested that
uninstallation works correctly, even though it is required by the uninstallation works correctly, even though it is required by the
GNU Coding Standards. GNU Coding Standards.
8. Some packages, particularly those that use Automake, provide `make 8. Some packages, particularly those that use Automake, provide 'make
distcheck', which can by used by developers to test that all other distcheck', which can by used by developers to test that all other
targets like `make install' and `make uninstall' work correctly. targets like 'make install' and 'make uninstall' work correctly.
This target is generally not run by end users. This target is generally not run by end users.
Compilers and Options Compilers and Options
===================== =====================
Some systems require unusual options for compilation or linking that Some systems require unusual options for compilation or linking that
the `configure' script does not know about. Run `./configure --help' the 'configure' script does not know about. Run './configure --help'
for details on some of the pertinent environment variables. for details on some of the pertinent environment variables.
You can give `configure' initial values for configuration parameters You can give 'configure' initial values for configuration parameters
by setting variables in the command line or in the environment. Here by setting variables in the command line or in the environment. Here is
is an example: an example:
./configure CC=c99 CFLAGS=-g LIBS=-lposix ./configure CC=c99 CFLAGS=-g LIBS=-lposix
@ -113,21 +112,21 @@ Compiling For Multiple Architectures
You can compile the package for more than one kind of computer at the You can compile the package for more than one kind of computer at the
same time, by placing the object files for each architecture in their same time, by placing the object files for each architecture in their
own directory. To do this, you can use GNU `make'. `cd' to the own directory. To do this, you can use GNU 'make'. 'cd' to the
directory where you want the object files and executables to go and run directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the the 'configure' script. 'configure' automatically checks for the source
source code in the directory that `configure' is in and in `..'. This code in the directory that 'configure' is in and in '..'. This is known
is known as a "VPATH" build. as a "VPATH" build.
With a non-GNU `make', it is safer to compile the package for one With a non-GNU 'make', it is safer to compile the package for one
architecture at a time in the source code directory. After you have architecture at a time in the source code directory. After you have
installed the package for one architecture, use `make distclean' before installed the package for one architecture, use 'make distclean' before
reconfiguring for another architecture. reconfiguring for another architecture.
On MacOS X 10.5 and later systems, you can create libraries and On MacOS X 10.5 and later systems, you can create libraries and
executables that work on multiple system types--known as "fat" or executables that work on multiple system types--known as "fat" or
"universal" binaries--by specifying multiple `-arch' options to the "universal" binaries--by specifying multiple '-arch' options to the
compiler but only a single `-arch' option to the preprocessor. Like compiler but only a single '-arch' option to the preprocessor. Like
this: this:
./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \ ./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \
@ -136,105 +135,104 @@ this:
This is not guaranteed to produce working output in all cases, you This is not guaranteed to produce working output in all cases, you
may have to build one architecture at a time and combine the results may have to build one architecture at a time and combine the results
using the `lipo' tool if you have problems. using the 'lipo' tool if you have problems.
Installation Names Installation Names
================== ==================
By default, `make install' installs the package's commands under By default, 'make install' installs the package's commands under
`/usr/local/bin', include files under `/usr/local/include', etc. You '/usr/local/bin', include files under '/usr/local/include', etc. You
can specify an installation prefix other than `/usr/local' by giving can specify an installation prefix other than '/usr/local' by giving
`configure' the option `--prefix=PREFIX', where PREFIX must be an 'configure' the option '--prefix=PREFIX', where PREFIX must be an
absolute file name. absolute file name.
You can specify separate installation prefixes for You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you architecture-specific files and architecture-independent files. If you
pass the option `--exec-prefix=PREFIX' to `configure', the package uses pass the option '--exec-prefix=PREFIX' to 'configure', the package uses
PREFIX as the prefix for installing programs and libraries. PREFIX as the prefix for installing programs and libraries.
Documentation and other data files still use the regular prefix. Documentation and other data files still use the regular prefix.
In addition, if you use an unusual directory layout you can give In addition, if you use an unusual directory layout you can give
options like `--bindir=DIR' to specify different values for particular options like '--bindir=DIR' to specify different values for particular
kinds of files. Run `configure --help' for a list of the directories kinds of files. Run 'configure --help' for a list of the directories
you can set and what kinds of files go in them. In general, the you can set and what kinds of files go in them. In general, the default
default for these options is expressed in terms of `${prefix}', so that for these options is expressed in terms of '${prefix}', so that
specifying just `--prefix' will affect all of the other directory specifying just '--prefix' will affect all of the other directory
specifications that were not explicitly provided. specifications that were not explicitly provided.
The most portable way to affect installation locations is to pass the The most portable way to affect installation locations is to pass the
correct locations to `configure'; however, many packages provide one or correct locations to 'configure'; however, many packages provide one or
both of the following shortcuts of passing variable assignments to the both of the following shortcuts of passing variable assignments to the
`make install' command line to change installation locations without 'make install' command line to change installation locations without
having to reconfigure or recompile. having to reconfigure or recompile.
The first method involves providing an override variable for each The first method involves providing an override variable for each
affected directory. For example, `make install affected directory. For example, 'make install
prefix=/alternate/directory' will choose an alternate location for all prefix=/alternate/directory' will choose an alternate location for all
directory configuration variables that were expressed in terms of directory configuration variables that were expressed in terms of
`${prefix}'. Any directories that were specified during `configure', '${prefix}'. Any directories that were specified during 'configure',
but not in terms of `${prefix}', must each be overridden at install but not in terms of '${prefix}', must each be overridden at install time
time for the entire installation to be relocated. The approach of for the entire installation to be relocated. The approach of makefile
makefile variable overrides for each directory variable is required by variable overrides for each directory variable is required by the GNU
the GNU Coding Standards, and ideally causes no recompilation. Coding Standards, and ideally causes no recompilation. However, some
However, some platforms have known limitations with the semantics of platforms have known limitations with the semantics of shared libraries
shared libraries that end up requiring recompilation when using this that end up requiring recompilation when using this method, particularly
method, particularly noticeable in packages that use GNU Libtool. noticeable in packages that use GNU Libtool.
The second method involves providing the `DESTDIR' variable. For The second method involves providing the 'DESTDIR' variable. For
example, `make install DESTDIR=/alternate/directory' will prepend example, 'make install DESTDIR=/alternate/directory' will prepend
`/alternate/directory' before all installation names. The approach of '/alternate/directory' before all installation names. The approach of
`DESTDIR' overrides is not required by the GNU Coding Standards, and 'DESTDIR' overrides is not required by the GNU Coding Standards, and
does not work on platforms that have drive letters. On the other hand, does not work on platforms that have drive letters. On the other hand,
it does better at avoiding recompilation issues, and works well even it does better at avoiding recompilation issues, and works well even
when some directory options were not specified in terms of `${prefix}' when some directory options were not specified in terms of '${prefix}'
at `configure' time. at 'configure' time.
Optional Features Optional Features
================= =================
If the package supports it, you can cause programs to be installed If the package supports it, you can cause programs to be installed
with an extra prefix or suffix on their names by giving `configure' the with an extra prefix or suffix on their names by giving 'configure' the
option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. option '--program-prefix=PREFIX' or '--program-suffix=SUFFIX'.
Some packages pay attention to `--enable-FEATURE' options to Some packages pay attention to '--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package. 'configure', where FEATURE indicates an optional part of the package.
They may also pay attention to `--with-PACKAGE' options, where PACKAGE They may also pay attention to '--with-PACKAGE' options, where PACKAGE
is something like `gnu-as' or `x' (for the X Window System). The is something like 'gnu-as' or 'x' (for the X Window System). The
`README' should mention any `--enable-' and `--with-' options that the 'README' should mention any '--enable-' and '--with-' options that the
package recognizes. package recognizes.
For packages that use the X Window System, `configure' can usually For packages that use the X Window System, 'configure' can usually
find the X include and library files automatically, but if it doesn't, find the X include and library files automatically, but if it doesn't,
you can use the `configure' options `--x-includes=DIR' and you can use the 'configure' options '--x-includes=DIR' and
`--x-libraries=DIR' to specify their locations. '--x-libraries=DIR' to specify their locations.
Some packages offer the ability to configure how verbose the Some packages offer the ability to configure how verbose the
execution of `make' will be. For these packages, running `./configure execution of 'make' will be. For these packages, running './configure
--enable-silent-rules' sets the default to minimal output, which can be --enable-silent-rules' sets the default to minimal output, which can be
overridden with `make V=1'; while running `./configure overridden with 'make V=1'; while running './configure
--disable-silent-rules' sets the default to verbose, which can be --disable-silent-rules' sets the default to verbose, which can be
overridden with `make V=0'. overridden with 'make V=0'.
Particular systems Particular systems
================== ==================
On HP-UX, the default C compiler is not ANSI C compatible. If GNU On HP-UX, the default C compiler is not ANSI C compatible. If GNU CC
CC is not installed, it is recommended to use the following options in is not installed, it is recommended to use the following options in
order to use an ANSI C compiler: order to use an ANSI C compiler:
./configure CC="cc -Ae -D_XOPEN_SOURCE=500" ./configure CC="cc -Ae -D_XOPEN_SOURCE=500"
and if that doesn't work, install pre-built binaries of GCC for HP-UX. and if that doesn't work, install pre-built binaries of GCC for HP-UX.
HP-UX `make' updates targets which have the same time stamps as HP-UX 'make' updates targets which have the same timestamps as their
their prerequisites, which makes it generally unusable when shipped prerequisites, which makes it generally unusable when shipped generated
generated files such as `configure' are involved. Use GNU `make' files such as 'configure' are involved. Use GNU 'make' instead.
instead.
On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot
parse its `<wchar.h>' header file. The option `-nodtk' can be used as parse its '<wchar.h>' header file. The option '-nodtk' can be used as a
a workaround. If GNU CC is not installed, it is therefore recommended workaround. If GNU CC is not installed, it is therefore recommended to
to try try
./configure CC="cc" ./configure CC="cc"
@ -242,26 +240,26 @@ and if that doesn't work, try
./configure CC="cc -nodtk" ./configure CC="cc -nodtk"
On Solaris, don't put `/usr/ucb' early in your `PATH'. This On Solaris, don't put '/usr/ucb' early in your 'PATH'. This
directory contains several dysfunctional programs; working variants of directory contains several dysfunctional programs; working variants of
these programs are available in `/usr/bin'. So, if you need `/usr/ucb' these programs are available in '/usr/bin'. So, if you need '/usr/ucb'
in your `PATH', put it _after_ `/usr/bin'. in your 'PATH', put it _after_ '/usr/bin'.
On Haiku, software installed for all users goes in `/boot/common', On Haiku, software installed for all users goes in '/boot/common',
not `/usr/local'. It is recommended to use the following options: not '/usr/local'. It is recommended to use the following options:
./configure --prefix=/boot/common ./configure --prefix=/boot/common
Specifying the System Type Specifying the System Type
========================== ==========================
There may be some features `configure' cannot figure out There may be some features 'configure' cannot figure out
automatically, but needs to determine by the type of machine the package automatically, but needs to determine by the type of machine the package
will run on. Usually, assuming the package is built to be run on the will run on. Usually, assuming the package is built to be run on the
_same_ architectures, `configure' can figure that out, but if it prints _same_ architectures, 'configure' can figure that out, but if it prints
a message saying it cannot guess the machine type, give it the a message saying it cannot guess the machine type, give it the
`--build=TYPE' option. TYPE can either be a short name for the system '--build=TYPE' option. TYPE can either be a short name for the system
type, such as `sun4', or a canonical name which has the form: type, such as 'sun4', or a canonical name which has the form:
CPU-COMPANY-SYSTEM CPU-COMPANY-SYSTEM
@ -270,101 +268,101 @@ where SYSTEM can have one of these forms:
OS OS
KERNEL-OS KERNEL-OS
See the file `config.sub' for the possible values of each field. If See the file 'config.sub' for the possible values of each field. If
`config.sub' isn't included in this package, then this package doesn't 'config.sub' isn't included in this package, then this package doesn't
need to know the machine type. need to know the machine type.
If you are _building_ compiler tools for cross-compiling, you should If you are _building_ compiler tools for cross-compiling, you should
use the option `--target=TYPE' to select the type of system they will use the option '--target=TYPE' to select the type of system they will
produce code for. produce code for.
If you want to _use_ a cross compiler, that generates code for a If you want to _use_ a cross compiler, that generates code for a
platform different from the build platform, you should specify the platform different from the build platform, you should specify the
"host" platform (i.e., that on which the generated programs will "host" platform (i.e., that on which the generated programs will
eventually be run) with `--host=TYPE'. eventually be run) with '--host=TYPE'.
Sharing Defaults Sharing Defaults
================ ================
If you want to set default values for `configure' scripts to share, If you want to set default values for 'configure' scripts to share,
you can create a site shell script called `config.site' that gives you can create a site shell script called 'config.site' that gives
default values for variables like `CC', `cache_file', and `prefix'. default values for variables like 'CC', 'cache_file', and 'prefix'.
`configure' looks for `PREFIX/share/config.site' if it exists, then 'configure' looks for 'PREFIX/share/config.site' if it exists, then
`PREFIX/etc/config.site' if it exists. Or, you can set the 'PREFIX/etc/config.site' if it exists. Or, you can set the
`CONFIG_SITE' environment variable to the location of the site script. 'CONFIG_SITE' environment variable to the location of the site script.
A warning: not all `configure' scripts look for a site script. A warning: not all 'configure' scripts look for a site script.
Defining Variables Defining Variables
================== ==================
Variables not defined in a site shell script can be set in the Variables not defined in a site shell script can be set in the
environment passed to `configure'. However, some packages may run environment passed to 'configure'. However, some packages may run
configure again during the build, and the customized values of these configure again during the build, and the customized values of these
variables may be lost. In order to avoid this problem, you should set variables may be lost. In order to avoid this problem, you should set
them in the `configure' command line, using `VAR=value'. For example: them in the 'configure' command line, using 'VAR=value'. For example:
./configure CC=/usr/local2/bin/gcc ./configure CC=/usr/local2/bin/gcc
causes the specified `gcc' to be used as the C compiler (unless it is causes the specified 'gcc' to be used as the C compiler (unless it is
overridden in the site shell script). overridden in the site shell script).
Unfortunately, this technique does not work for `CONFIG_SHELL' due to Unfortunately, this technique does not work for 'CONFIG_SHELL' due to an
an Autoconf limitation. Until the limitation is lifted, you can use Autoconf limitation. Until the limitation is lifted, you can use this
this workaround: workaround:
CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash
`configure' Invocation 'configure' Invocation
====================== ======================
`configure' recognizes the following options to control how it 'configure' recognizes the following options to control how it
operates. operates.
`--help' '--help'
`-h' '-h'
Print a summary of all of the options to `configure', and exit. Print a summary of all of the options to 'configure', and exit.
`--help=short' '--help=short'
`--help=recursive' '--help=recursive'
Print a summary of the options unique to this package's Print a summary of the options unique to this package's
`configure', and exit. The `short' variant lists options used 'configure', and exit. The 'short' variant lists options used only
only in the top level, while the `recursive' variant lists options in the top level, while the 'recursive' variant lists options also
also present in any nested packages. present in any nested packages.
`--version' '--version'
`-V' '-V'
Print the version of Autoconf used to generate the `configure' Print the version of Autoconf used to generate the 'configure'
script, and exit. script, and exit.
`--cache-file=FILE' '--cache-file=FILE'
Enable the cache: use and save the results of the tests in FILE, Enable the cache: use and save the results of the tests in FILE,
traditionally `config.cache'. FILE defaults to `/dev/null' to traditionally 'config.cache'. FILE defaults to '/dev/null' to
disable caching. disable caching.
`--config-cache' '--config-cache'
`-C' '-C'
Alias for `--cache-file=config.cache'. Alias for '--cache-file=config.cache'.
`--quiet' '--quiet'
`--silent' '--silent'
`-q' '-q'
Do not print messages saying which checks are being made. To Do not print messages saying which checks are being made. To
suppress all normal output, redirect it to `/dev/null' (any error suppress all normal output, redirect it to '/dev/null' (any error
messages will still be shown). messages will still be shown).
`--srcdir=DIR' '--srcdir=DIR'
Look for the package's source code in directory DIR. Usually Look for the package's source code in directory DIR. Usually
`configure' can determine that directory automatically. 'configure' can determine that directory automatically.
`--prefix=DIR' '--prefix=DIR'
Use DIR as the installation prefix. *note Installation Names:: Use DIR as the installation prefix. *note Installation Names:: for
for more details, including other options available for fine-tuning more details, including other options available for fine-tuning the
the installation locations. installation locations.
`--no-create' '--no-create'
`-n' '-n'
Run the configure checks, but stop before creating any output Run the configure checks, but stop before creating any output
files. files.
`configure' also accepts some other, not widely useful, options. Run 'configure' also accepts some other, not widely useful, options. Run
`configure --help' for more details. 'configure --help' for more details.

57
bench.c
View File

@ -30,14 +30,16 @@
#define MIN(A, B) ((A) < (B) ? (A) : (B)) #define MIN(A, B) ((A) < (B) ? (A) : (B))
struct msg { struct msg
{
uint16_t sender; uint16_t sender;
uint16_t receiver; uint16_t receiver;
void *buf; void *buf;
size_t buf_len; size_t buf_len;
}; };
struct testcase { struct testcase
{
uint16_t n; uint16_t n;
uint16_t k; uint16_t k;
uint16_t *bids; uint16_t *bids;
@ -77,7 +79,7 @@ expected_outcome (uint16_t i, uint16_t *rlen)
if (tcase.bids[h] > highest_bid) if (tcase.bids[h] > highest_bid)
highest_bid = tcase.bids[highest_bidder = h]; highest_bid = tcase.bids[highest_bidder = h];
if (!tcase.outcome_public && !(i == highest_bidder || i == tcase.n)) if (! tcase.outcome_public && ! (i == highest_bidder || i == tcase.n))
return NULL; return NULL;
ret = GNUNET_new (struct BRANDT_Result); ret = GNUNET_new (struct BRANDT_Result);
@ -167,7 +169,7 @@ expected_outcome (uint16_t i, uint16_t *rlen)
static void static void
bidder_start (void *arg) bidder_start (void *arg)
{ {
uint16_t i = *(uint16_t *)arg; uint16_t i = *(uint16_t *) arg;
GNUNET_log (GNUNET_ERROR_TYPE_INFO, "starting bidder %d\n", i); GNUNET_log (GNUNET_ERROR_TYPE_INFO, "starting bidder %d\n", i);
BRANDT_bidder_start (tcase.ad[i], i, tcase.n); BRANDT_bidder_start (tcase.ad[i], i, tcase.n);
@ -177,8 +179,8 @@ bidder_start (void *arg)
static void static void
transfer_message (void *arg) transfer_message (void *arg)
{ {
struct msg *m = (struct msg *)arg; struct msg *m = (struct msg *) arg;
struct msg_head *h = (struct msg_head *)m->buf; struct msg_head *h = (struct msg_head *) m->buf;
GNUNET_log (GNUNET_ERROR_TYPE_INFO, "xfer msg %d %p from %d to %d\n", GNUNET_log (GNUNET_ERROR_TYPE_INFO, "xfer msg %d %p from %d to %d\n",
ntohl (h->msg_type), arg, m->sender, m->receiver); ntohl (h->msg_type), arg, m->sender, m->receiver);
@ -191,7 +193,7 @@ transfer_message (void *arg)
static uint16_t static uint16_t
cb_start (void *auction_closure) cb_start (void *auction_closure)
{ {
uint16_t *s = (uint16_t *)auction_closure; uint16_t *s = (uint16_t *) auction_closure;
if (tcase.n != *s) if (tcase.n != *s)
{ {
@ -212,7 +214,7 @@ cb_broadcast (void *auction_closure,
const void *msg, const void *msg,
size_t msg_len) size_t msg_len)
{ {
uint16_t *s = (uint16_t *)auction_closure; uint16_t *s = (uint16_t *) auction_closure;
struct msg *m; struct msg *m;
for (uint16_t i = 0; i <= tcase.n; i++) for (uint16_t i = 0; i <= tcase.n; i++)
@ -236,7 +238,7 @@ cb_unicast (void *auction_closure,
const void *msg, const void *msg,
size_t msg_len) size_t msg_len)
{ {
uint16_t *s = (uint16_t *)auction_closure; uint16_t *s = (uint16_t *) auction_closure;
struct msg *m; struct msg *m;
m = GNUNET_new (struct msg); m = GNUNET_new (struct msg);
@ -256,7 +258,7 @@ cb_result (void *auction_closure,
struct BRANDT_Result results[], struct BRANDT_Result results[],
uint16_t results_len) uint16_t results_len)
{ {
uint16_t *s = (uint16_t *)auction_closure; uint16_t *s = (uint16_t *) auction_closure;
uint16_t mustlen = -1; uint16_t mustlen = -1;
struct BRANDT_Result *must = expected_outcome (*s, &mustlen); struct BRANDT_Result *must = expected_outcome (*s, &mustlen);
@ -277,7 +279,7 @@ cb_result (void *auction_closure,
{ {
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"expected result is: %p\n", "expected result is: %p\n",
(void *)must); (void *) must);
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"computed result is: (nil) (by agent %d)\n", "computed result is: (nil) (by agent %d)\n",
*s); *s);
@ -333,7 +335,7 @@ run_auction (void *arg)
tcase.m, /* m */ tcase.m, /* m */
tcase.outcome_public, /* outcome public */ tcase.outcome_public, /* outcome public */
tcase.outcome_public ? edc : NULL); tcase.outcome_public ? edc : NULL);
if (!tcase.ad[tcase.n]) if (! tcase.ad[tcase.n])
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "BRANDT_new() failed.\n"); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "BRANDT_new() failed.\n");
_exit (1); _exit (1);
@ -349,7 +351,7 @@ run_auction (void *arg)
desc_len, desc_len,
tcase.bids[i], /* bid */ tcase.bids[i], /* bid */
tcase.outcome_public ? edc : NULL); tcase.outcome_public ? edc : NULL);
if (!tcase.ad[i]) if (! tcase.ad[i])
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "BRANDT_join() failed.\n"); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "BRANDT_join() failed.\n");
tcase.ret = 1; tcase.ret = 1;
@ -363,7 +365,7 @@ run_auction (void *arg)
!= tcase.ad[i]->time_start.abs_value_us || != tcase.ad[i]->time_start.abs_value_us ||
tcase.ad[tcase.n]->time_round.rel_value_us tcase.ad[tcase.n]->time_round.rel_value_us
!= tcase.ad[i]->time_round.rel_value_us || != tcase.ad[i]->time_round.rel_value_us ||
!tcase.ad[tcase.n]->seller_mode || /* todo: split out */ ! tcase.ad[tcase.n]->seller_mode || /* todo: split out */
tcase.ad[i]->seller_mode) tcase.ad[i]->seller_mode)
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@ -422,7 +424,7 @@ test_auction (uint16_t n,
for (uint16_t i = 0; i <= tcase.n; i++) for (uint16_t i = 0; i <= tcase.n; i++)
{ {
BRANDT_destroy (tcase.ad[i]); BRANDT_destroy (tcase.ad[i]);
if (!tcase.result_called[i]) if (! tcase.result_called[i])
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"result callback not called for bidder %d\n", "result callback not called for bidder %d\n",
@ -450,20 +452,24 @@ main (int argc, char *argv[])
uint16_t *bids = NULL; uint16_t *bids = NULL;
struct GNUNET_GETOPT_CommandLineOption options[] = { struct GNUNET_GETOPT_CommandLineOption options[] = {
GNUNET_GETOPT_option_help ("benchmark a single libbrandt auction"), GNUNET_GETOPT_option_help ("benchmark a single libbrandt auction"),
{'k', "k", "NUMBER", GNUNET_GETOPT_option_uint16 (
'k', "k", "NUMBER",
gettext_noop ("number of prices\n"), gettext_noop ("number of prices\n"),
1, &GNUNET_GETOPT_option_uint, &k}, &k),
{'n', "n", "NUMBER", GNUNET_GETOPT_option_uint16 (
'n', "n", "NUMBER",
gettext_noop ("number of bidders\n"), gettext_noop ("number of bidders\n"),
1, &GNUNET_GETOPT_option_uint, &n}, &n),
{'m', "m", "NUMBER", GNUNET_GETOPT_option_uint16 (
'm', "m", "NUMBER",
gettext_noop ("number of items to sell\n" gettext_noop ("number of items to sell\n"
"0 for first price auction\n" "0 for first price auction\n"
">0 for vickrey/M+1st price auction"), ">0 for vickrey/M+1st price auction"),
1, &GNUNET_GETOPT_option_uint, &m}, &m),
{'p', "public", NULL, GNUNET_GETOPT_option_uint16 (
'p', "public", NULL,
gettext_noop ("public auction outcome"), gettext_noop ("public auction outcome"),
0, &GNUNET_GETOPT_option_flag, &public}, &public),
GNUNET_GETOPT_OPTION_END GNUNET_GETOPT_OPTION_END
}; };
@ -480,10 +486,11 @@ main (int argc, char *argv[])
if (k == 0) if (k == 0)
k = 3; k = 3;
if (!(bids = calloc(sizeof(uint16_t), n))) if (! (bids = calloc (sizeof(uint16_t), n)))
return 1; return 1;
for (uint16_t i = 0; i < n; i++) for (uint16_t i = 0; i < n; i++)
bids[i] = (uint16_t)GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_WEAK, k); bids[i] = (uint16_t) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
k);
edc = GNUNET_CRYPTO_ecc_dlog_prepare (1024, 16); edc = GNUNET_CRYPTO_ecc_dlog_prepare (1024, 16);
BRANDT_init (); BRANDT_init ();

36
brandt.c
View File

@ -32,7 +32,7 @@ BRANDT_init ()
{ {
gcry_error_t err = 0; gcry_error_t err = 0;
if (!gcry_check_version ("1.7.0")) if (! gcry_check_version ("1.7.0"))
{ {
GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR,
"libbrandt", "libbrandt",
@ -116,8 +116,8 @@ BRANDT_bidder_start (struct BRANDT_Auction *auction,
if (handler_prep[atype][outcome][msg_init]) if (handler_prep[atype][outcome][msg_init])
handler_prep[atype][outcome][msg_init] (auction); handler_prep[atype][outcome][msg_init] (auction);
if (!handler_out[atype][outcome][msg_init] || if (! handler_out[atype][outcome][msg_init] ||
!(buf = handler_out[atype][outcome][msg_init](auction, &buflen))) ! (buf = handler_out[atype][outcome][msg_init](auction, &buflen)))
{ {
/** \todo */ /** \todo */
GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR,
@ -135,7 +135,7 @@ BRANDT_bidder_start (struct BRANDT_Auction *auction,
static void static void
seller_start (void *arg) seller_start (void *arg)
{ {
struct BRANDT_Auction *ad = (struct BRANDT_Auction *)arg; struct BRANDT_Auction *ad = (struct BRANDT_Auction *) arg;
enum auction_type atype; enum auction_type atype;
enum outcome_type outcome; enum outcome_type outcome;
@ -201,7 +201,7 @@ BRANDT_new (BRANDT_CbResult result,
struct BRANDT_DescrP *desc; struct BRANDT_DescrP *desc;
struct GNUNET_TIME_Relative until_start; struct GNUNET_TIME_Relative until_start;
if (!(0 < num_prices)) if (! (0 < num_prices))
{ {
GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR,
"libbrandt", "libbrandt",
@ -391,8 +391,8 @@ report_outcome (struct BRANDT_Auction *ad,
struct BRANDT_Result *res; struct BRANDT_Result *res;
uint16_t reslen = 0; uint16_t reslen = 0;
if (!handler_res[atype][outcome] || if (! handler_res[atype][outcome] ||
!(res = handler_res[atype][outcome] (ad, &reslen))) ! (res = handler_res[atype][outcome] (ad, &reslen)))
ad->result (ad->closure, NULL, 0); ad->result (ad->closure, NULL, 0);
else else
ad->result (ad->closure, res, reslen); ad->result (ad->closure, res, reslen);
@ -407,7 +407,7 @@ advance_round (struct BRANDT_Auction *ad,
unsigned char *buf; unsigned char *buf;
size_t buflen; size_t buflen;
if (!ad->seller_mode && msg_decrypt == ad->cur_round && !outcome) if (! ad->seller_mode && msg_decrypt == ad->cur_round && ! outcome)
{ {
/* we are a bidder on a private outcome auction and /* we are a bidder on a private outcome auction and
* successfully parsed the msg_decrypt from the seller * successfully parsed the msg_decrypt from the seller
@ -418,14 +418,14 @@ advance_round (struct BRANDT_Auction *ad,
/* only continue if the round is complete */ /* only continue if the round is complete */
for (uint16_t i = 0; i < ad->n; i++) for (uint16_t i = 0; i < ad->n; i++)
if (!gcry_mpi_test_bit (ad->round_progress, i)) if (! gcry_mpi_test_bit (ad->round_progress, i))
return; return;
if (ad->seller_mode && msg_decrypt == ad->cur_round && !ad->outcome_public) if (ad->seller_mode && msg_decrypt == ad->cur_round && ! ad->outcome_public)
{ {
/* all bidders msg_decrypt received, broadcast combined msg_decrypt */ /* all bidders msg_decrypt received, broadcast combined msg_decrypt */
if (!handler_out[atype][outcome][ad->cur_round] || if (! handler_out[atype][outcome][ad->cur_round] ||
!(buf = handler_out[atype][outcome][ad->cur_round](ad, &buflen))) ! (buf = handler_out[atype][outcome][ad->cur_round](ad, &buflen)))
{ {
GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR,
"libbrandt", "libbrandt",
@ -458,8 +458,8 @@ advance_round (struct BRANDT_Auction *ad,
} }
/* create next message buffer */ /* create next message buffer */
if (!handler_out[atype][outcome][ad->cur_round] || if (! handler_out[atype][outcome][ad->cur_round] ||
!(buf = handler_out[atype][outcome][ad->cur_round](ad, &buflen))) ! (buf = handler_out[atype][outcome][ad->cur_round](ad, &buflen)))
{ {
GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR,
"libbrandt", "libbrandt",
@ -470,7 +470,7 @@ advance_round (struct BRANDT_Auction *ad,
/* msg_decrypt unicast to seller if private outcome mode. /* msg_decrypt unicast to seller if private outcome mode.
* All other messages are broadcasted */ * All other messages are broadcasted */
if (msg_decrypt == ad->cur_round && !outcome) if (msg_decrypt == ad->cur_round && ! outcome)
ad->ucast (ad->closure, buf, buflen); ad->ucast (ad->closure, buf, buflen);
else else
ad->bcast (ad->closure, buf, buflen); ad->bcast (ad->closure, buf, buflen);
@ -484,7 +484,7 @@ BRANDT_got_message (struct BRANDT_Auction *auction,
const unsigned char *msg, const unsigned char *msg,
size_t msg_len) size_t msg_len)
{ {
struct msg_head *head = (struct msg_head *)msg; struct msg_head *head = (struct msg_head *) msg;
enum auction_type atype; enum auction_type atype;
enum outcome_type outcome; enum outcome_type outcome;
enum rounds round = auction->cur_round; enum rounds round = auction->cur_round;
@ -510,8 +510,8 @@ BRANDT_got_message (struct BRANDT_Auction *auction,
return; return;
} }
if (!handler_in[atype][outcome][round] || if (! handler_in[atype][outcome][round] ||
!handler_in[atype][outcome][round](auction, ! handler_in[atype][outcome][round](auction,
msg + sizeof (*head), msg + sizeof (*head),
msg_len - sizeof (*head), msg_len - sizeof (*head),
sender)) sender))

6
brandt.h
View File

@ -32,7 +32,8 @@
struct BRANDT_Auction; struct BRANDT_Auction;
/** Enumeration of all possible status reports for a single bidder */ /** Enumeration of all possible status reports for a single bidder */
enum BRANDT_BidderStatus { enum BRANDT_BidderStatus
{
BRANDT_bidder_won, BRANDT_bidder_won,
}; };
@ -40,7 +41,8 @@ enum BRANDT_BidderStatus {
* An array of this struct is given to the application by the BRANDT_CbResult() * An array of this struct is given to the application by the BRANDT_CbResult()
* callback. One instance represents the status of a single bidder. * callback. One instance represents the status of a single bidder.
*/ */
struct BRANDT_Result { struct BRANDT_Result
{
/** Id of the bidder this instance refers to */ /** Id of the bidder this instance refers to */
uint16_t bidder; uint16_t bidder;

77
crypto.c
View File

@ -51,13 +51,15 @@
} while (0) } while (0)
struct zkp_challenge_dl { struct zkp_challenge_dl
{
struct ec_mpi g; struct ec_mpi g;
struct ec_mpi v; struct ec_mpi v;
struct ec_mpi a; struct ec_mpi a;
}; };
struct zkp_challenge_2dle { struct zkp_challenge_2dle
{
struct ec_mpi g1; struct ec_mpi g1;
struct ec_mpi g2; struct ec_mpi g2;
struct ec_mpi v; struct ec_mpi v;
@ -66,7 +68,8 @@ struct zkp_challenge_2dle {
struct ec_mpi b; struct ec_mpi b;
}; };
struct zkp_challenge_0og { struct zkp_challenge_0og
{
struct ec_mpi g; struct ec_mpi g;
struct ec_mpi alpha; struct ec_mpi alpha;
struct ec_mpi beta; struct ec_mpi beta;
@ -237,7 +240,7 @@ ec_point_cmp (const gcry_mpi_point_t a, const gcry_mpi_point_t b)
gcry_mpi_t by = gcry_mpi_new (256); gcry_mpi_t by = gcry_mpi_new (256);
brandt_assert (a && b); brandt_assert (a && b);
if (!ax || !bx || !ay || !by) if (! ax || ! bx || ! ay || ! by)
{ {
GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR,
"libbrandt", "libbrandt",
@ -245,8 +248,8 @@ ec_point_cmp (const gcry_mpi_point_t a, const gcry_mpi_point_t b)
return 1; return 1;
} }
if (!gcry_mpi_ec_get_affine (ax, ay, a, ec_ctx) && if (! gcry_mpi_ec_get_affine (ax, ay, a, ec_ctx) &&
!gcry_mpi_ec_get_affine (bx, by, b, ec_ctx)) ! gcry_mpi_ec_get_affine (bx, by, b, ec_ctx))
{ {
ret = gcry_mpi_cmp (ax, bx) || gcry_mpi_cmp (ay, by); ret = gcry_mpi_cmp (ax, bx) || gcry_mpi_cmp (ay, by);
} }
@ -282,14 +285,14 @@ mpi_serialize (struct ec_mpi *dst, gcry_mpi_t src)
rsize = sizeof (struct ec_mpi); rsize = sizeof (struct ec_mpi);
memcpy (dst, vp, rsize); memcpy (dst, vp, rsize);
if (rsize < sizeof (struct ec_mpi)) if (rsize < sizeof (struct ec_mpi))
memset (((char *)dst) + rsize, 0, sizeof (struct ec_mpi) - rsize); memset (((char *) dst) + rsize, 0, sizeof (struct ec_mpi) - rsize);
} }
else else
{ /* Store regular MPIs as unsigned ints right aligned into the buffer. */ { /* Store regular MPIs as unsigned ints right aligned into the buffer. */
char *cp = (char *)dst; char *cp = (char *) dst;
gcry_error_t rc; gcry_error_t rc;
rc = gcry_mpi_print (GCRYMPI_FMT_USG, (void *)dst, rc = gcry_mpi_print (GCRYMPI_FMT_USG, (void *) dst,
sizeof (struct ec_mpi), &rsize, src); sizeof (struct ec_mpi), &rsize, src);
ASSERT_GCRY ("gcry_mpi_print", rc); ASSERT_GCRY ("gcry_mpi_print", rc);
@ -646,21 +649,21 @@ smc_gen_keyshare (struct BRANDT_Auction *ad, size_t *buflen)
struct proof_dl *proof1; struct proof_dl *proof1;
brandt_assert (ad && buflen); brandt_assert (ad && buflen);
*buflen = (sizeof (*head) + *buflen = (sizeof (*head)
sizeof (*pubkey_share) + + sizeof (*pubkey_share)
sizeof (*proof1)); + sizeof (*proof1));
ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
head = (struct msg_head *)ret; head = (struct msg_head *) ret;
head->prot_version = htonl (0); head->prot_version = htonl (0);
head->msg_type = htonl (msg_init); head->msg_type = htonl (msg_init);
proof1 = (struct proof_dl *)(ret + sizeof (*head) + sizeof (*pubkey_share)); proof1 = (struct proof_dl *) (ret + sizeof (*head) + sizeof (*pubkey_share));
ad->x = gcry_mpi_new (256); ad->x = gcry_mpi_new (256);
ec_skey_create (ad->x); ec_skey_create (ad->x);
smc_zkp_dl (ad->y[ad->i], ad->x, proof1); smc_zkp_dl (ad->y[ad->i], ad->x, proof1);
pubkey_share = (struct ec_mpi *)(ret + sizeof (*head)); pubkey_share = (struct ec_mpi *) (ret + sizeof (*head));
ec_point_serialize (pubkey_share, ad->y[ad->i]); ec_point_serialize (pubkey_share, ad->y[ad->i]);
return ret; return ret;
@ -687,8 +690,8 @@ smc_recv_keyshare (struct BRANDT_Auction *ad,
goto quit; goto quit;
} }
proof1 = (struct proof_dl *)(buf + sizeof (struct ec_mpi)); proof1 = (struct proof_dl *) (buf + sizeof (struct ec_mpi));
ec_point_parse (y, (struct ec_mpi *)buf); ec_point_parse (y, (struct ec_mpi *) buf);
if (smc_zkp_dl_check (y, proof1)) if (smc_zkp_dl_check (y, proof1))
{ {
GNUNET_log_from (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_from (GNUNET_ERROR_TYPE_WARNING,
@ -743,16 +746,16 @@ smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen)
gcry_mpi_t r_part; gcry_mpi_t r_part;
brandt_assert (ad && buflen); brandt_assert (ad && buflen);
*buflen = (sizeof (*head) + /* msg header */ *buflen = (sizeof (*head) /* msg header */
ad->k * /* k * (alpha, beta, proof3) */ + ad->k /* k * (alpha, beta, proof3) */
(sizeof (struct ec_mpi) * 2 + * (sizeof (struct ec_mpi) * 2
sizeof (*proof3)) + + sizeof (*proof3))
sizeof (struct proof_2dle)); /* proof2 */ + sizeof (struct proof_2dle)); /* proof2 */
if (0 < ad->m) if (0 < ad->m)
*buflen += sizeof (struct proof_2dle); *buflen += sizeof (struct proof_2dle);
ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
head = (struct msg_head *)ret; head = (struct msg_head *) ret;
head->prot_version = htonl (0); head->prot_version = htonl (0);
head->msg_type = htonl (msg_bid); head->msg_type = htonl (msg_bid);
cur = ret + sizeof (*head); cur = ret + sizeof (*head);
@ -763,15 +766,15 @@ smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen)
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
proof3 = (struct proof_0og *)(cur + 2 * sizeof (struct ec_mpi)); proof3 = (struct proof_0og *) (cur + 2 * sizeof (struct ec_mpi));
smc_zkp_0og (j == ad->b, smc_zkp_0og (j == ad->b,
ad->Y, ad->Y,
r_part, r_part,
ad->alpha[ad->i][j], ad->alpha[ad->i][j],
ad->beta[ad->i][j], ad->beta[ad->i][j],
proof3); proof3);
ec_point_serialize ((struct ec_mpi *)cur, ad->alpha[ad->i][j]); ec_point_serialize ((struct ec_mpi *) cur, ad->alpha[ad->i][j]);
ec_point_serialize (&((struct ec_mpi *)cur)[1], ad->beta[ad->i][j]); ec_point_serialize (&((struct ec_mpi *) cur)[1], ad->beta[ad->i][j]);
gcry_mpi_addm (r_sum, r_sum, r_part, ec_n); gcry_mpi_addm (r_sum, r_sum, r_part, ec_n);
/* prepare sum for additional M+1st price auction proof (see below) */ /* prepare sum for additional M+1st price auction proof (see below) */
@ -780,13 +783,13 @@ smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen)
cur += 2 * sizeof (struct ec_mpi) + sizeof (struct proof_0og); cur += 2 * sizeof (struct ec_mpi) + sizeof (struct proof_0og);
} }
smc_zkp_2dle (NULL, NULL, ad->Y, ec_gen, r_sum, (struct proof_2dle *)cur); smc_zkp_2dle (NULL, NULL, ad->Y, ec_gen, r_sum, (struct proof_2dle *) cur);
/* in M+1st price auctions we need to prove that our bid is from the valid /* in M+1st price auctions we need to prove that our bid is from the valid
* subset of bids as well */ * subset of bids as well */
if (0 < ad->m) if (0 < ad->m)
{ {
struct proof_2dle *proof2 = (struct proof_2dle *)(ret + *buflen) - 1; struct proof_2dle *proof2 = (struct proof_2dle *) (ret + *buflen) - 1;
smc_zkp_2dle (NULL, NULL, ad->Y, ec_gen, r_sum2, proof2); smc_zkp_2dle (NULL, NULL, ad->Y, ec_gen, r_sum2, proof2);
} }
@ -815,8 +818,8 @@ smc_recv_encrypted_bid (struct BRANDT_Auction *ad,
brandt_assert (ad && buf); brandt_assert (ad && buf);
if (buflen != (ad->k * (sizeof (struct ec_mpi) * 2 + sizeof (*proof3)) + if (buflen != (ad->k * (sizeof (struct ec_mpi) * 2 + sizeof (*proof3))
(0 < ad->m ? 2 : 1) * sizeof (struct proof_2dle)) || + (0 < ad->m ? 2 : 1) * sizeof (struct proof_2dle)) ||
NULL == (ct = smc_init2 (2, ad->k))) NULL == (ct = smc_init2 (2, ad->k)))
{ {
GNUNET_log_from (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_from (GNUNET_ERROR_TYPE_WARNING,
@ -832,9 +835,9 @@ smc_recv_encrypted_bid (struct BRANDT_Auction *ad,
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
ec_point_parse (ct[0][j], (struct ec_mpi *)cur); ec_point_parse (ct[0][j], (struct ec_mpi *) cur);
ec_point_parse (ct[1][j], &((struct ec_mpi *)cur)[1]); ec_point_parse (ct[1][j], &((struct ec_mpi *) cur)[1]);
proof3 = (struct proof_0og *)(cur + 2 * sizeof (struct ec_mpi)); proof3 = (struct proof_0og *) (cur + 2 * sizeof (struct ec_mpi));
if (smc_zkp_0og_check (ad->Y, ct[0][j], ct[1][j], proof3)) if (smc_zkp_0og_check (ad->Y, ct[0][j], ct[1][j], proof3))
{ {
GNUNET_log_from (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_from (GNUNET_ERROR_TYPE_WARNING,
@ -861,7 +864,7 @@ smc_recv_encrypted_bid (struct BRANDT_Auction *ad,
beta_sum, beta_sum,
ad->Y, ad->Y,
ec_gen, ec_gen,
(struct proof_2dle *)cur)) (struct proof_2dle *) cur))
{ {
GNUNET_log_from (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_from (GNUNET_ERROR_TYPE_WARNING,
"libbrandt", "libbrandt",
@ -879,7 +882,7 @@ smc_recv_encrypted_bid (struct BRANDT_Auction *ad,
beta_sum2, beta_sum2,
ad->Y, ad->Y,
ec_gen, ec_gen,
(struct proof_2dle *)cur)) (struct proof_2dle *) cur))
{ {
GNUNET_log_from ( GNUNET_log_from (
GNUNET_ERROR_TYPE_WARNING, GNUNET_ERROR_TYPE_WARNING,
@ -1219,7 +1222,7 @@ smc_zkp_0og (int m_is_gen,
gcry_mpi_ec_mul (alpha, rr, y, ec_ctx); gcry_mpi_ec_mul (alpha, rr, y, ec_ctx);
gcry_mpi_ec_add (alpha, m_is_gen ? ec_gen : ec_zero, alpha, ec_ctx); gcry_mpi_ec_add (alpha, m_is_gen ? ec_gen : ec_zero, alpha, ec_ctx);
if (!m_is_gen) if (! m_is_gen)
{ /* m == 0 */ { /* m == 0 */
ec_keypair_create_base (a1, d1, beta); ec_keypair_create_base (a1, d1, beta);
gcry_mpi_mod (d1, d1, ec_n); gcry_mpi_mod (d1, d1, ec_n);
@ -1283,7 +1286,7 @@ smc_zkp_0og (int m_is_gen,
sizeof (challenge), sizeof (challenge),
"libbrandt zkp 0og"); "libbrandt zkp 0og");
if (!m_is_gen) if (! m_is_gen)
{ /* m == 0 */ { /* m == 0 */
/* d2 = c - d1 */ /* d2 = c - d1 */
gcry_mpi_subm (d2, c, d1, ec_n); gcry_mpi_subm (d2, c, d1, ec_n);

43
crypto.h
View File

@ -37,18 +37,25 @@ void brandt_crypto_init ();
/* used for serialized mpis and serialized curve points (they are the same size /* used for serialized mpis and serialized curve points (they are the same size
* when compressed) */ * when compressed) */
struct ec_mpi { struct ec_mpi
{
unsigned char data[256 / 8]; unsigned char data[256 / 8];
}; };
void ec_point_serialize (struct ec_mpi *dst, const gcry_mpi_point_t src); void ec_point_serialize (struct ec_mpi *dst, const gcry_mpi_point_t src);
void ec_point_parse (gcry_mpi_point_t dst, const struct ec_mpi *src); void ec_point_parse (gcry_mpi_point_t dst, const struct ec_mpi *src);
gcry_mpi_point_t *smc_init1 (uint16_t size1); gcry_mpi_point_t *smc_init1 (uint16_t size1);
gcry_mpi_point_t **smc_init2 (uint16_t size1, uint16_t size2); gcry_mpi_point_t **smc_init2 (uint16_t size1, uint16_t size2);
gcry_mpi_point_t ***smc_init3 (uint16_t size1, uint16_t size2, uint16_t size3); gcry_mpi_point_t ***smc_init3 (uint16_t size1, uint16_t size2, uint16_t size3);
void smc_free1 (gcry_mpi_point_t *dst, uint16_t size1); void smc_free1 (gcry_mpi_point_t *dst, uint16_t size1);
void smc_free2 (gcry_mpi_point_t **dst, uint16_t size1, uint16_t size2); void smc_free2 (gcry_mpi_point_t **dst, uint16_t size1, uint16_t size2);
void smc_free3 (gcry_mpi_point_t ***dst, void smc_free3 (gcry_mpi_point_t ***dst,
uint16_t size1, uint16_t size1,
uint16_t size2, uint16_t size2,
@ -59,15 +66,20 @@ void smc_sums_partial (gcry_mpi_point_t out[],
uint16_t len, uint16_t len,
uint16_t stepi, uint16_t stepi,
uint16_t stepo); uint16_t stepo);
void smc_sum (gcry_mpi_point_t out, void smc_sum (gcry_mpi_point_t out,
gcry_mpi_point_t in[], gcry_mpi_point_t in[],
uint16_t len, uint16_t len,
uint16_t step); uint16_t step);
void ec_point_copy (gcry_mpi_point_t dst, const gcry_mpi_point_t src); void ec_point_copy (gcry_mpi_point_t dst, const gcry_mpi_point_t src);
int ec_point_cmp (const gcry_mpi_point_t a, const gcry_mpi_point_t b); int ec_point_cmp (const gcry_mpi_point_t a, const gcry_mpi_point_t b);
void ec_skey_create (gcry_mpi_t skey); void ec_skey_create (gcry_mpi_t skey);
void ec_keypair_create (gcry_mpi_point_t pkey, gcry_mpi_t skey); void ec_keypair_create (gcry_mpi_point_t pkey, gcry_mpi_t skey);
void ec_keypair_create_base (gcry_mpi_point_t pkey, void ec_keypair_create_base (gcry_mpi_point_t pkey,
gcry_mpi_t skey, gcry_mpi_t skey,
const gcry_mpi_point_t base); const gcry_mpi_point_t base);
@ -75,18 +87,21 @@ void ec_keypair_create_base (gcry_mpi_point_t pkey,
/* --- Zero knowledge proofs --- */ /* --- Zero knowledge proofs --- */
struct proof_dl { struct proof_dl
{
struct ec_mpi r; struct ec_mpi r;
struct ec_mpi a; struct ec_mpi a;
}; };
struct proof_2dle { struct proof_2dle
{
struct ec_mpi r; struct ec_mpi r;
struct ec_mpi a; struct ec_mpi a;
struct ec_mpi b; struct ec_mpi b;
}; };
struct proof_0og { struct proof_0og
{
struct ec_mpi a1; struct ec_mpi a1;
struct ec_mpi a2; struct ec_mpi a2;
struct ec_mpi b1; struct ec_mpi b1;
@ -100,6 +115,7 @@ struct proof_0og {
void smc_zkp_dl (gcry_mpi_point_t v, void smc_zkp_dl (gcry_mpi_point_t v,
const gcry_mpi_t x, const gcry_mpi_t x,
struct proof_dl *proof); struct proof_dl *proof);
int smc_zkp_dl_check (const gcry_mpi_point_t v, int smc_zkp_dl_check (const gcry_mpi_point_t v,
const struct proof_dl *proof); const struct proof_dl *proof);
@ -109,6 +125,7 @@ void smc_zkp_2dle (const gcry_mpi_point_t v,
const gcry_mpi_point_t g2, const gcry_mpi_point_t g2,
const gcry_mpi_t x, const gcry_mpi_t x,
struct proof_2dle *proof); struct proof_2dle *proof);
int smc_zkp_2dle_check (const gcry_mpi_point_t v, int smc_zkp_2dle_check (const gcry_mpi_point_t v,
const gcry_mpi_point_t w, const gcry_mpi_point_t w,
const gcry_mpi_point_t g1, const gcry_mpi_point_t g1,
@ -121,6 +138,7 @@ void smc_zkp_0og (int m_is_gen,
gcry_mpi_point_t alpha, gcry_mpi_point_t alpha,
gcry_mpi_point_t beta, gcry_mpi_point_t beta,
struct proof_0og *proof); struct proof_0og *proof);
int smc_zkp_0og_check (const gcry_mpi_point_t y, int smc_zkp_0og_check (const gcry_mpi_point_t y,
const gcry_mpi_point_t alpha, const gcry_mpi_point_t alpha,
const gcry_mpi_point_t beta, const gcry_mpi_point_t beta,
@ -130,30 +148,38 @@ int smc_zkp_0og_check (const gcry_mpi_point_t y,
/* --- Protocol implementation --- */ /* --- Protocol implementation --- */
void smc_prep_keyshare (struct BRANDT_Auction *ad); void smc_prep_keyshare (struct BRANDT_Auction *ad);
unsigned char *smc_gen_keyshare (struct BRANDT_Auction *ad, size_t *buflen); unsigned char *smc_gen_keyshare (struct BRANDT_Auction *ad, size_t *buflen);
int smc_recv_keyshare (struct BRANDT_Auction *ad, int smc_recv_keyshare (struct BRANDT_Auction *ad,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
uint16_t sender_index); uint16_t sender_index);
void smc_prep_bid (struct BRANDT_Auction *ad); void smc_prep_bid (struct BRANDT_Auction *ad);
unsigned char *smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen); unsigned char *smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen);
int smc_recv_encrypted_bid (struct BRANDT_Auction *ad, int smc_recv_encrypted_bid (struct BRANDT_Auction *ad,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
uint16_t sender_index); uint16_t sender_index);
void fp_priv_prep_outcome (struct BRANDT_Auction *ad); void fp_priv_prep_outcome (struct BRANDT_Auction *ad);
unsigned char *fp_priv_compute_outcome (struct BRANDT_Auction *ad, unsigned char *fp_priv_compute_outcome (struct BRANDT_Auction *ad,
size_t *buflen); size_t *buflen);
int fp_priv_recv_outcome (struct BRANDT_Auction *ad, int fp_priv_recv_outcome (struct BRANDT_Auction *ad,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
uint16_t sender); uint16_t sender);
void fp_priv_prep_decryption (struct BRANDT_Auction *ad); void fp_priv_prep_decryption (struct BRANDT_Auction *ad);
unsigned char *fp_priv_decrypt_outcome (struct BRANDT_Auction *ad, unsigned char *fp_priv_decrypt_outcome (struct BRANDT_Auction *ad,
size_t *buflen); size_t *buflen);
int fp_priv_recv_decryption (struct BRANDT_Auction *ad, int fp_priv_recv_decryption (struct BRANDT_Auction *ad,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
@ -163,16 +189,20 @@ struct BRANDT_Result *fp_priv_determine_outcome (struct BRANDT_Auction *ad,
uint16_t *len); uint16_t *len);
void fp_pub_prep_outcome (struct BRANDT_Auction *ad); void fp_pub_prep_outcome (struct BRANDT_Auction *ad);
unsigned char *fp_pub_compute_outcome (struct BRANDT_Auction *ad, unsigned char *fp_pub_compute_outcome (struct BRANDT_Auction *ad,
size_t *buflen); size_t *buflen);
int fp_pub_recv_outcome (struct BRANDT_Auction *ad, int fp_pub_recv_outcome (struct BRANDT_Auction *ad,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
uint16_t sender); uint16_t sender);
void fp_pub_prep_decryption (struct BRANDT_Auction *ad); void fp_pub_prep_decryption (struct BRANDT_Auction *ad);
unsigned char *fp_pub_decrypt_outcome (struct BRANDT_Auction *ad, unsigned char *fp_pub_decrypt_outcome (struct BRANDT_Auction *ad,
size_t *buflen); size_t *buflen);
int fp_pub_recv_decryption (struct BRANDT_Auction *ad, int fp_pub_recv_decryption (struct BRANDT_Auction *ad,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
@ -189,16 +219,20 @@ struct BRANDT_Result *mp_priv_determine_outcome (struct BRANDT_Auction *ad,
void mp_pub_prep_outcome (struct BRANDT_Auction *ad); void mp_pub_prep_outcome (struct BRANDT_Auction *ad);
unsigned char *mp_pub_compute_outcome (struct BRANDT_Auction *ad, unsigned char *mp_pub_compute_outcome (struct BRANDT_Auction *ad,
size_t *buflen); size_t *buflen);
int mp_pub_recv_outcome (struct BRANDT_Auction *ad, int mp_pub_recv_outcome (struct BRANDT_Auction *ad,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
uint16_t sender); uint16_t sender);
void mp_pub_prep_decryption (struct BRANDT_Auction *ad); void mp_pub_prep_decryption (struct BRANDT_Auction *ad);
unsigned char *mp_pub_decrypt_outcome (struct BRANDT_Auction *ad, unsigned char *mp_pub_decrypt_outcome (struct BRANDT_Auction *ad,
size_t *buflen); size_t *buflen);
int mp_pub_recv_decryption (struct BRANDT_Auction *ad, int mp_pub_recv_decryption (struct BRANDT_Auction *ad,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
@ -379,5 +413,4 @@ static const Result handler_res[auction_last][outcome_last] = {
}; };
#endif /* ifndef _BRANDT_CRYPTO_H */ #endif /* ifndef _BRANDT_CRYPTO_H */

78
fp_priv.c
View File

@ -71,16 +71,16 @@ fp_priv_prep_outcome (struct BRANDT_Auction *ad)
tltb2[i][j], tltb2[i][j],
ec_ctx); ec_ctx);
} }
brandt_assert (!ec_point_cmp (ec_zero, tlta3[i][ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tlta3[i][ad->k - 1]));
brandt_assert (!ec_point_cmp (ec_zero, tltb3[i][ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tltb3[i][ad->k - 1]));
} }
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
smc_sum (tlta1[j], &tlta3[0][j], ad->n, ad->k); smc_sum (tlta1[j], &tlta3[0][j], ad->n, ad->k);
smc_sum (tltb1[j], &tltb3[0][j], ad->n, ad->k); smc_sum (tltb1[j], &tltb3[0][j], ad->n, ad->k);
} }
brandt_assert (!ec_point_cmp (ec_zero, tlta1[ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tlta1[ad->k - 1]));
brandt_assert (!ec_point_cmp (ec_zero, tltb1[ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tltb1[ad->k - 1]));
/* \todo: merge into one nested i,j loop and one nested j,i loop? */ /* \todo: merge into one nested i,j loop and one nested j,i loop? */
/* temporary lookup table for second summand (my bid is not lower) */ /* temporary lookup table for second summand (my bid is not lower) */
@ -91,8 +91,8 @@ fp_priv_prep_outcome (struct BRANDT_Auction *ad)
gcry_mpi_ec_sub (tlta2[i][j], tlta2[i][j], ad->alpha[i][j], ec_ctx); gcry_mpi_ec_sub (tlta2[i][j], tlta2[i][j], ad->alpha[i][j], ec_ctx);
gcry_mpi_ec_sub (tltb2[i][j], tltb2[i][j], ad->beta[i][j], ec_ctx); gcry_mpi_ec_sub (tltb2[i][j], tltb2[i][j], ad->beta[i][j], ec_ctx);
} }
brandt_assert (!ec_point_cmp (ec_zero, tlta2[i][0])); brandt_assert (! ec_point_cmp (ec_zero, tlta2[i][0]));
brandt_assert (!ec_point_cmp (ec_zero, tltb2[i][0])); brandt_assert (! ec_point_cmp (ec_zero, tltb2[i][0]));
} }
/* temporary lookup table for third summand (no one with a lower index has /* temporary lookup table for third summand (no one with a lower index has
@ -106,8 +106,8 @@ fp_priv_prep_outcome (struct BRANDT_Auction *ad)
gcry_mpi_ec_sub (tlta3[i][j], tlta3[i][j], ad->alpha[i][j], ec_ctx); gcry_mpi_ec_sub (tlta3[i][j], tlta3[i][j], ad->alpha[i][j], ec_ctx);
gcry_mpi_ec_sub (tltb3[i][j], tltb3[i][j], ad->beta[i][j], ec_ctx); gcry_mpi_ec_sub (tltb3[i][j], tltb3[i][j], ad->beta[i][j], ec_ctx);
} }
brandt_assert (!ec_point_cmp (ec_zero, tlta3[0][j])); brandt_assert (! ec_point_cmp (ec_zero, tlta3[0][j]));
brandt_assert (!ec_point_cmp (ec_zero, tltb3[0][j])); brandt_assert (! ec_point_cmp (ec_zero, tltb3[0][j]));
} }
for (uint16_t i = 0; i < ad->n; i++) for (uint16_t i = 0; i < ad->n; i++)
@ -167,12 +167,12 @@ fp_priv_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen)
brandt_assert (ad && buflen); brandt_assert (ad && buflen);
*buflen = (sizeof (*head) + /* msg header */ *buflen = (sizeof (*head) /* msg header */
ad->n * ad->k * /* nk * (gamma, delta, proof2) */ + ad->n * ad->k /* nk * (gamma, delta, proof2) */
(sizeof (*gamma) + sizeof (*delta) + sizeof (*proof2))); * (sizeof (*gamma) + sizeof (*delta) + sizeof (*proof2)));
ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
head = (struct msg_head *)ret; head = (struct msg_head *) ret;
head->prot_version = htonl (0); head->prot_version = htonl (0);
head->msg_type = htonl (msg_outcome); head->msg_type = htonl (msg_outcome);
cur = ret + sizeof (*head); cur = ret + sizeof (*head);
@ -181,9 +181,9 @@ fp_priv_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen)
{ {
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
gamma = (struct ec_mpi *)cur; gamma = (struct ec_mpi *) cur;
delta = &((struct ec_mpi *)cur)[1]; delta = &((struct ec_mpi *) cur)[1];
proof2 = (struct proof_2dle *)(cur + 2 * sizeof (struct ec_mpi)); proof2 = (struct proof_2dle *) (cur + 2 * sizeof (struct ec_mpi));
ec_point_copy (tmpa, ad->gamma3[ad->i][i][j]); ec_point_copy (tmpa, ad->gamma3[ad->i][i][j]);
ec_point_copy (tmpb, ad->delta3[ad->i][i][j]); ec_point_copy (tmpb, ad->delta3[ad->i][i][j]);
@ -223,8 +223,8 @@ fp_priv_recv_outcome (struct BRANDT_Auction *ad,
brandt_assert (ad && buf); brandt_assert (ad && buf);
if (buflen != (ad->n * ad->k * if (buflen != (ad->n * ad->k
(2 * sizeof (struct ec_mpi) + sizeof (*proof2)))) * (2 * sizeof (struct ec_mpi) + sizeof (*proof2))))
{ {
GNUNET_log_from (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_from (GNUNET_ERROR_TYPE_WARNING,
"libbrandt", "libbrandt",
@ -236,9 +236,9 @@ fp_priv_recv_outcome (struct BRANDT_Auction *ad,
{ {
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
ec_point_parse (gamma, (struct ec_mpi *)cur); ec_point_parse (gamma, (struct ec_mpi *) cur);
ec_point_parse (delta, &((struct ec_mpi *)cur)[1]); ec_point_parse (delta, &((struct ec_mpi *) cur)[1]);
proof2 = (struct proof_2dle *)(cur + 2 * sizeof (struct ec_mpi)); proof2 = (struct proof_2dle *) (cur + 2 * sizeof (struct ec_mpi));
if (smc_zkp_2dle_check (gamma, if (smc_zkp_2dle_check (gamma,
delta, delta,
ad->gamma3[sender][i][j], ad->gamma3[sender][i][j],
@ -306,12 +306,12 @@ fp_priv_decrypt_outcome_seller (struct BRANDT_Auction *ad, size_t *buflen)
struct ec_mpi *phi; struct ec_mpi *phi;
struct proof_2dle *proof2; struct proof_2dle *proof2;
*buflen = (sizeof (*head) + *buflen = (sizeof (*head)
(ad->n - 1) * ad->n * ad->k * (sizeof (*phi) + + (ad->n - 1) * ad->n * ad->k * (sizeof (*phi)
sizeof (*proof2))); + sizeof (*proof2)));
ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
head = (struct msg_head *)ret; head = (struct msg_head *) ret;
head->prot_version = htonl (0); head->prot_version = htonl (0);
head->msg_type = htonl (msg_decrypt); head->msg_type = htonl (msg_decrypt);
cur = ret + sizeof (*head); cur = ret + sizeof (*head);
@ -326,8 +326,8 @@ fp_priv_decrypt_outcome_seller (struct BRANDT_Auction *ad, size_t *buflen)
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
phi = (struct ec_mpi *)cur; phi = (struct ec_mpi *) cur;
proof2 = (struct proof_2dle *)(cur + sizeof (*phi)); proof2 = (struct proof_2dle *) (cur + sizeof (*phi));
ec_point_serialize (phi, ad->phi3[h][i][j]); ec_point_serialize (phi, ad->phi3[h][i][j]);
memcpy (proof2, &ad->phiproofs3[h][i][j], sizeof (*proof2)); memcpy (proof2, &ad->phiproofs3[h][i][j], sizeof (*proof2));
@ -352,11 +352,11 @@ fp_priv_decrypt_outcome_bidder (struct BRANDT_Auction *ad, size_t *buflen)
struct ec_mpi *phi; struct ec_mpi *phi;
struct proof_2dle *proof2; struct proof_2dle *proof2;
*buflen = (sizeof (*head) + *buflen = (sizeof (*head)
ad->n * ad->k * (sizeof (*phi) + sizeof (*proof2))); + ad->n * ad->k * (sizeof (*phi) + sizeof (*proof2)));
ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
head = (struct msg_head *)ret; head = (struct msg_head *) ret;
head->prot_version = htonl (0); head->prot_version = htonl (0);
head->msg_type = htonl (msg_decrypt); head->msg_type = htonl (msg_decrypt);
cur = ret + sizeof (*head); cur = ret + sizeof (*head);
@ -365,8 +365,8 @@ fp_priv_decrypt_outcome_bidder (struct BRANDT_Auction *ad, size_t *buflen)
{ {
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
phi = (struct ec_mpi *)cur; phi = (struct ec_mpi *) cur;
proof2 = (struct proof_2dle *)(cur + sizeof (*phi)); proof2 = (struct proof_2dle *) (cur + sizeof (*phi));
ec_point_copy (tmp, ad->phi3[ad->i][i][j]); ec_point_copy (tmp, ad->phi3[ad->i][i][j]);
@ -435,8 +435,8 @@ fp_priv_recv_decryption_seller (struct BRANDT_Auction *ad,
{ {
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
ec_point_parse (phi, (struct ec_mpi *)cur); ec_point_parse (phi, (struct ec_mpi *) cur);
proof2 = (struct proof_2dle *)(cur + sizeof (struct ec_mpi)); proof2 = (struct proof_2dle *) (cur + sizeof (struct ec_mpi));
if (smc_zkp_2dle_check (phi, if (smc_zkp_2dle_check (phi,
ad->y[sender], ad->y[sender],
ad->phi3[sender][i][j], ad->phi3[sender][i][j],
@ -475,8 +475,8 @@ fp_priv_recv_decryption_bidder (struct BRANDT_Auction *ad,
struct proof_2dle *proof2; struct proof_2dle *proof2;
gcry_mpi_point_t phi = gcry_mpi_point_new (0); gcry_mpi_point_t phi = gcry_mpi_point_new (0);
if (buflen != ((ad->n - 1) * ad->n * ad->k * (sizeof (struct ec_mpi) + if (buflen != ((ad->n - 1) * ad->n * ad->k * (sizeof (struct ec_mpi)
sizeof (*proof2)))) + sizeof (*proof2))))
{ {
GNUNET_log_from ( GNUNET_log_from (
GNUNET_ERROR_TYPE_WARNING, GNUNET_ERROR_TYPE_WARNING,
@ -502,8 +502,8 @@ fp_priv_recv_decryption_bidder (struct BRANDT_Auction *ad,
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
ec_point_parse (phi, (struct ec_mpi *)cur); ec_point_parse (phi, (struct ec_mpi *) cur);
proof2 = (struct proof_2dle *)(cur + sizeof (struct ec_mpi)); proof2 = (struct proof_2dle *) (cur + sizeof (struct ec_mpi));
if (smc_zkp_2dle_check (phi, if (smc_zkp_2dle_check (phi,
ad->y[h], ad->y[h],
ad->phi3[h][i][j], ad->phi3[h][i][j],
@ -557,7 +557,7 @@ fp_priv_determine_outcome (struct BRANDT_Auction *ad,
for (uint16_t i = 0; i < ad->n; i++) for (uint16_t i = 0; i < ad->n; i++)
{ {
if (!ad->seller_mode && i != ad->i) if (! ad->seller_mode && i != ad->i)
continue; continue;
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
@ -565,7 +565,7 @@ fp_priv_determine_outcome (struct BRANDT_Auction *ad,
smc_sum (sum_gamma, &ad->gamma3[0][i][j], ad->n, ad->n * ad->k); smc_sum (sum_gamma, &ad->gamma3[0][i][j], ad->n, ad->n * ad->k);
smc_sum (sum_phi, &ad->phi3[0][i][j], ad->n, ad->n * ad->k); smc_sum (sum_phi, &ad->phi3[0][i][j], ad->n, ad->n * ad->k);
gcry_mpi_ec_sub (sum_gamma, sum_gamma, sum_phi, ec_ctx); gcry_mpi_ec_sub (sum_gamma, sum_gamma, sum_phi, ec_ctx);
if (!ec_point_cmp (sum_gamma, ec_zero)) if (! ec_point_cmp (sum_gamma, ec_zero))
{ {
if (-1 != price) if (-1 != price)
{ {

56
fp_pub.c
View File

@ -73,8 +73,8 @@ fp_pub_prep_outcome (struct BRANDT_Auction *ad)
tltb2[i][j], tltb2[i][j],
ec_ctx); ec_ctx);
} }
brandt_assert (!ec_point_cmp (ec_zero, tlta2[i][ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tlta2[i][ad->k - 1]));
brandt_assert (!ec_point_cmp (ec_zero, tltb2[i][ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tltb2[i][ad->k - 1]));
} }
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
@ -83,8 +83,8 @@ fp_pub_prep_outcome (struct BRANDT_Auction *ad)
} }
smc_free2 (tlta2, ad->n, ad->k); smc_free2 (tlta2, ad->n, ad->k);
smc_free2 (tltb2, ad->n, ad->k); smc_free2 (tltb2, ad->n, ad->k);
brandt_assert (!ec_point_cmp (ec_zero, tlta1[ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tlta1[ad->k - 1]));
brandt_assert (!ec_point_cmp (ec_zero, tltb1[ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tltb1[ad->k - 1]));
/* initialize tmp array with zeroes, since we are calculating a sum */ /* initialize tmp array with zeroes, since we are calculating a sum */
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
@ -150,22 +150,22 @@ fp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen)
brandt_assert (ad && buflen); brandt_assert (ad && buflen);
*buflen = (sizeof (*head) + *buflen = (sizeof (*head)
ad->k * (sizeof (*gamma) + + ad->k * (sizeof (*gamma)
sizeof (*delta) + + sizeof (*delta)
sizeof (*proof2))); + sizeof (*proof2)));
ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
head = (struct msg_head *)ret; head = (struct msg_head *) ret;
head->prot_version = htonl (0); head->prot_version = htonl (0);
head->msg_type = htonl (msg_outcome); head->msg_type = htonl (msg_outcome);
cur = ret + sizeof (*head); cur = ret + sizeof (*head);
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
gamma = (struct ec_mpi *)cur; gamma = (struct ec_mpi *) cur;
delta = &((struct ec_mpi *)cur)[1]; delta = &((struct ec_mpi *) cur)[1];
proof2 = (struct proof_2dle *)(cur + 2 * sizeof (struct ec_mpi)); proof2 = (struct proof_2dle *) (cur + 2 * sizeof (struct ec_mpi));
ec_point_copy (tmpa, ad->gamma2[ad->i][j]); ec_point_copy (tmpa, ad->gamma2[ad->i][j]);
ec_point_copy (tmpb, ad->delta2[ad->i][j]); ec_point_copy (tmpb, ad->delta2[ad->i][j]);
@ -224,9 +224,9 @@ fp_pub_recv_outcome (struct BRANDT_Auction *ad,
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
ec_point_parse (gamma, (struct ec_mpi *)cur); ec_point_parse (gamma, (struct ec_mpi *) cur);
ec_point_parse (delta, &((struct ec_mpi *)cur)[1]); ec_point_parse (delta, &((struct ec_mpi *) cur)[1]);
proof2 = (struct proof_2dle *)(cur + 2 * sizeof (struct ec_mpi)); proof2 = (struct proof_2dle *) (cur + 2 * sizeof (struct ec_mpi));
if (smc_zkp_2dle_check (gamma, if (smc_zkp_2dle_check (gamma,
delta, delta,
ad->gamma2[sender][j], ad->gamma2[sender][j],
@ -309,15 +309,15 @@ fp_pub_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen)
*buflen = (sizeof (*head) + ad->k * (sizeof (*phi) + sizeof (*proof2))); *buflen = (sizeof (*head) + ad->k * (sizeof (*phi) + sizeof (*proof2)));
ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
head = (struct msg_head *)ret; head = (struct msg_head *) ret;
head->prot_version = htonl (0); head->prot_version = htonl (0);
head->msg_type = htonl (msg_decrypt); head->msg_type = htonl (msg_decrypt);
cur = ret + sizeof (*head); cur = ret + sizeof (*head);
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
phi = (struct ec_mpi *)cur; phi = (struct ec_mpi *) cur;
proof2 = (struct proof_2dle *)(cur + sizeof (*phi)); proof2 = (struct proof_2dle *) (cur + sizeof (*phi));
ec_point_copy (tmp, ad->phi2[ad->i][j]); ec_point_copy (tmp, ad->phi2[ad->i][j]);
@ -362,8 +362,8 @@ fp_pub_recv_decryption (struct BRANDT_Auction *ad,
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
ec_point_parse (phi, (struct ec_mpi *)cur); ec_point_parse (phi, (struct ec_mpi *) cur);
proof2 = (struct proof_2dle *)(cur + sizeof (struct ec_mpi)); proof2 = (struct proof_2dle *) (cur + sizeof (struct ec_mpi));
if (smc_zkp_2dle_check (phi, if (smc_zkp_2dle_check (phi,
ad->y[sender], ad->y[sender],
ad->phi2[sender][j], ad->phi2[sender][j],
@ -412,7 +412,21 @@ fp_pub_determine_outcome (struct BRANDT_Auction *ad,
} }
} }
dlogi = GNUNET_CRYPTO_ecc_dlog (ad->dlogctx, sum_gamma); {
struct GNUNET_CRYPTO_EccPoint ec_point = {0};
gcry_mpi_t q_y;
GNUNET_assert (0 == gcry_mpi_ec_set_point ("q", sum_gamma, ec_ctx));
q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ec_ctx, 0);
GNUNET_assert (q_y);
GNUNET_CRYPTO_mpi_print_unsigned (ec_point.v,
sizeof(ec_point.v),
q_y);
dlogi = GNUNET_CRYPTO_ecc_dlog (ad->dlogctx,
&ec_point);
gcry_mpi_release (q_y);
}
brandt_assert (dlogi > 0); brandt_assert (dlogi > 0);
/* all bidders participated with a multiplicative share */ /* all bidders participated with a multiplicative share */

18
internals.h
View File

@ -28,7 +28,8 @@
#include "brandt.h" #include "brandt.h"
enum rounds { enum rounds
{
msg_init = 0, msg_init = 0,
msg_bid = 1, msg_bid = 1,
msg_outcome = 2, msg_outcome = 2,
@ -37,14 +38,16 @@ enum rounds {
}; };
enum auction_type { enum auction_type
{
auction_firstPrice = 0, auction_firstPrice = 0,
auction_mPlusFirstPrice = 1, auction_mPlusFirstPrice = 1,
auction_last = 2 auction_last = 2
}; };
enum outcome_type { enum outcome_type
{
outcome_private = 0, outcome_private = 0,
outcome_public = 1, outcome_public = 1,
outcome_last = 2 outcome_last = 2
@ -61,7 +64,8 @@ GNUNET_NETWORK_STRUCT_BEGIN
* k-choice of 512 possible prices) byte message from the seller to all bidders * k-choice of 512 possible prices) byte message from the seller to all bidders
* (decrypt-round). For just two bidders this is already 256k bytes, but 16bit * (decrypt-round). For just two bidders this is already 256k bytes, but 16bit
* uint only can address 64k bytes. */ * uint only can address 64k bytes. */
struct msg_head { struct msg_head
{
uint32_t prot_version GNUNET_PACKED; uint32_t prot_version GNUNET_PACKED;
uint32_t msg_type GNUNET_PACKED; uint32_t msg_type GNUNET_PACKED;
}; };
@ -71,7 +75,8 @@ struct msg_head {
* This struct describes the parameters of an auction. All fields are stored in * This struct describes the parameters of an auction. All fields are stored in
* network byte order. * network byte order.
*/ */
struct BRANDT_DescrP { struct BRANDT_DescrP
{
/** Starting time of the auction. Bidders have to join the auction via /** Starting time of the auction. Bidders have to join the auction via
* BRANDT_join until this time */ * BRANDT_join until this time */
struct GNUNET_TIME_AbsoluteNBO time_start; struct GNUNET_TIME_AbsoluteNBO time_start;
@ -97,7 +102,8 @@ struct BRANDT_DescrP {
GNUNET_NETWORK_STRUCT_END GNUNET_NETWORK_STRUCT_END
struct BRANDT_Auction { struct BRANDT_Auction
{
/** Starting time of the auction. Bidders have to join the auction via /** Starting time of the auction. Bidders have to join the auction via
* BRANDT_join until this time */ * BRANDT_join until this time */
struct GNUNET_TIME_Absolute time_start; struct GNUNET_TIME_Absolute time_start;

12
mp_priv.c
View File

@ -73,8 +73,8 @@ mp_priv_prep_outcome (struct BRANDT_Auction *ad)
tltb3[i][j], tltb3[i][j],
ec_ctx); ec_ctx);
} }
brandt_assert (!ec_point_cmp (ec_zero, tlta2[i][ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tlta2[i][ad->k - 1]));
brandt_assert (!ec_point_cmp (ec_zero, tltb2[i][ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tltb2[i][ad->k - 1]));
} }
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
@ -94,8 +94,8 @@ mp_priv_prep_outcome (struct BRANDT_Auction *ad)
} }
/* This check only works directly after the loop when tmpa/tmpb are still /* This check only works directly after the loop when tmpa/tmpb are still
* the sum of the last row */ * the sum of the last row */
brandt_assert (!ec_point_cmp (tmpa, tlta1[ad->k - 1])); brandt_assert (! ec_point_cmp (tmpa, tlta1[ad->k - 1]));
brandt_assert (!ec_point_cmp (tmpb, tltb1[ad->k - 1])); brandt_assert (! ec_point_cmp (tmpb, tltb1[ad->k - 1]));
/* temporary lookup table for second summand (hide outcome from losers) */ /* temporary lookup table for second summand (hide outcome from losers) */
gcry_mpi_set_ui (factor, ad->m); gcry_mpi_set_ui (factor, ad->m);
@ -167,7 +167,7 @@ mp_priv_determine_outcome (struct BRANDT_Auction *ad,
ret = GNUNET_new_array (max_winners, struct BRANDT_Result); ret = GNUNET_new_array (max_winners, struct BRANDT_Result);
for (uint16_t i = 0; i < ad->n; i++) for (uint16_t i = 0; i < ad->n; i++)
{ {
if (!ad->seller_mode && i != ad->i) if (! ad->seller_mode && i != ad->i)
continue; continue;
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
@ -175,7 +175,7 @@ mp_priv_determine_outcome (struct BRANDT_Auction *ad,
smc_sum (sum_gamma, &ad->gamma3[0][i][j], ad->n, ad->n * ad->k); smc_sum (sum_gamma, &ad->gamma3[0][i][j], ad->n, ad->n * ad->k);
smc_sum (sum_phi, &ad->phi3[0][i][j], ad->n, ad->n * ad->k); smc_sum (sum_phi, &ad->phi3[0][i][j], ad->n, ad->n * ad->k);
gcry_mpi_ec_sub (sum_gamma, sum_gamma, sum_phi, ec_ctx); gcry_mpi_ec_sub (sum_gamma, sum_gamma, sum_phi, ec_ctx);
if (!ec_point_cmp (sum_gamma, ec_zero)) if (! ec_point_cmp (sum_gamma, ec_zero))
{ {
if (winners >= max_winners) if (winners >= max_winners)
{ {

55
mp_pub.c
View File

@ -73,8 +73,8 @@ mp_pub_prep_outcome (struct BRANDT_Auction *ad)
tltb3[i][j], tltb3[i][j],
ec_ctx); ec_ctx);
} }
brandt_assert (!ec_point_cmp (ec_zero, tlta2[i][ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tlta2[i][ad->k - 1]));
brandt_assert (!ec_point_cmp (ec_zero, tltb2[i][ad->k - 1])); brandt_assert (! ec_point_cmp (ec_zero, tltb2[i][ad->k - 1]));
} }
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
@ -92,8 +92,8 @@ mp_pub_prep_outcome (struct BRANDT_Auction *ad)
gcry_mpi_ec_add (tlta1[j], tlta1[j], tmpa, ec_ctx); gcry_mpi_ec_add (tlta1[j], tlta1[j], tmpa, ec_ctx);
gcry_mpi_ec_add (tltb1[j], tltb1[j], tmpb, ec_ctx); gcry_mpi_ec_add (tltb1[j], tltb1[j], tmpb, ec_ctx);
} }
brandt_assert (!ec_point_cmp (tmpa, tlta1[ad->k - 1])); brandt_assert (! ec_point_cmp (tmpa, tlta1[ad->k - 1]));
brandt_assert (!ec_point_cmp (tmpb, tltb1[ad->k - 1])); brandt_assert (! ec_point_cmp (tmpb, tltb1[ad->k - 1]));
/* compute subtrahend: (2M+1)G */ /* compute subtrahend: (2M+1)G */
gcry_mpi_set_ui (factor, ad->m); gcry_mpi_set_ui (factor, ad->m);
@ -200,21 +200,21 @@ mp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen)
brandt_assert (ad && buflen); brandt_assert (ad && buflen);
*buflen = (sizeof (*head) + /* msg header */ *buflen = (sizeof (*head) /* msg header */
ad->k * /* k * (gamma, delta, proof2) */ + ad->k /* k * (gamma, delta, proof2) */
(sizeof (*gamma) + sizeof (*delta) + sizeof (*proof2))); * (sizeof (*gamma) + sizeof (*delta) + sizeof (*proof2)));
ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
head = (struct msg_head *)ret; head = (struct msg_head *) ret;
head->prot_version = htonl (0); head->prot_version = htonl (0);
head->msg_type = htonl (msg_outcome); head->msg_type = htonl (msg_outcome);
cur = ret + sizeof (*head); cur = ret + sizeof (*head);
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
gamma = (struct ec_mpi *)cur; gamma = (struct ec_mpi *) cur;
delta = &((struct ec_mpi *)cur)[1]; delta = &((struct ec_mpi *) cur)[1];
proof2 = (struct proof_2dle *)(cur + 2 * sizeof (struct ec_mpi)); proof2 = (struct proof_2dle *) (cur + 2 * sizeof (struct ec_mpi));
/* only send the price determination gamma,delta pair, since the winner /* only send the price determination gamma,delta pair, since the winner
* determination pair can and will be computed by the receiver */ * determination pair can and will be computed by the receiver */
@ -275,9 +275,9 @@ mp_pub_recv_outcome (struct BRANDT_Auction *ad,
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
ec_point_parse (gamma, (struct ec_mpi *)cur); ec_point_parse (gamma, (struct ec_mpi *) cur);
ec_point_parse (delta, &((struct ec_mpi *)cur)[1]); ec_point_parse (delta, &((struct ec_mpi *) cur)[1]);
proof2 = (struct proof_2dle *)(cur + 2 * sizeof (struct ec_mpi)); proof2 = (struct proof_2dle *) (cur + 2 * sizeof (struct ec_mpi));
if (smc_zkp_2dle_check (gamma, if (smc_zkp_2dle_check (gamma,
delta, delta,
ad->gamma3[sender][0][j], ad->gamma3[sender][0][j],
@ -366,7 +366,7 @@ mp_pub_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen)
*buflen = (sizeof (*head) + 2 * ad->k * (sizeof (*phi) + sizeof (*proof2))); *buflen = (sizeof (*head) + 2 * ad->k * (sizeof (*phi) + sizeof (*proof2)));
ret = GNUNET_new_array (*buflen, unsigned char); ret = GNUNET_new_array (*buflen, unsigned char);
head = (struct msg_head *)ret; head = (struct msg_head *) ret;
head->prot_version = htonl (0); head->prot_version = htonl (0);
head->msg_type = htonl (msg_decrypt); head->msg_type = htonl (msg_decrypt);
cur = ret + sizeof (*head); cur = ret + sizeof (*head);
@ -376,8 +376,8 @@ mp_pub_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen)
{ {
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
phi = (struct ec_mpi *)cur; phi = (struct ec_mpi *) cur;
proof2 = (struct proof_2dle *)(cur + sizeof (*phi)); proof2 = (struct proof_2dle *) (cur + sizeof (*phi));
ec_point_copy (tmp, ad->phi3[ad->i][comp][j]); ec_point_copy (tmp, ad->phi3[ad->i][comp][j]);
@ -426,8 +426,8 @@ mp_pub_recv_decryption (struct BRANDT_Auction *ad,
{ {
for (uint16_t j = 0; j < ad->k; j++) for (uint16_t j = 0; j < ad->k; j++)
{ {
ec_point_parse (phi, (struct ec_mpi *)cur); ec_point_parse (phi, (struct ec_mpi *) cur);
proof2 = (struct proof_2dle *)(cur + sizeof (struct ec_mpi)); proof2 = (struct proof_2dle *) (cur + sizeof (struct ec_mpi));
if (smc_zkp_2dle_check (phi, if (smc_zkp_2dle_check (phi,
ad->y[sender], ad->y[sender],
@ -471,7 +471,7 @@ mp_pub_determine_outcome (struct BRANDT_Auction *ad,
smc_sum (sum_phi, &ad->phi3[0][0][j], ad->n, 2 * ad->k); smc_sum (sum_phi, &ad->phi3[0][0][j], ad->n, 2 * ad->k);
gcry_mpi_ec_sub (sum_gamma, sum_gamma, sum_phi, ec_ctx); gcry_mpi_ec_sub (sum_gamma, sum_gamma, sum_phi, ec_ctx);
/* first zero component determines the price */ /* first zero component determines the price */
if (!ec_point_cmp (sum_gamma, ec_zero)) if (! ec_point_cmp (sum_gamma, ec_zero))
{ {
price = j; price = j;
break; break;
@ -486,7 +486,20 @@ mp_pub_determine_outcome (struct BRANDT_Auction *ad,
smc_sum (sum_phi, &ad->phi3[0][1][price], ad->n, 2 * ad->k); smc_sum (sum_phi, &ad->phi3[0][1][price], ad->n, 2 * ad->k);
gcry_mpi_ec_sub (sum_gamma, sum_gamma, sum_phi, ec_ctx); gcry_mpi_ec_sub (sum_gamma, sum_gamma, sum_phi, ec_ctx);
dlogi = GNUNET_CRYPTO_ecc_dlog (ad->dlogctx, sum_gamma); {
struct GNUNET_CRYPTO_EccPoint ec_point = {0};
gcry_mpi_t q_y;
GNUNET_assert (0 == gcry_mpi_ec_set_point ("q", sum_gamma, ec_ctx));
q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ec_ctx, 0);
GNUNET_assert (q_y);
GNUNET_CRYPTO_mpi_print_unsigned (ec_point.v,
sizeof(ec_point.v),
q_y);
dlogi = GNUNET_CRYPTO_ecc_dlog (ad->dlogctx,
&ec_point);
gcry_mpi_release (q_y);
}
brandt_assert (dlogi > 0); brandt_assert (dlogi > 0);
/* all bidders participated with a multiplicative share */ /* all bidders participated with a multiplicative share */

29
replay.c
View File

@ -24,7 +24,7 @@
#include <gnunet/gnunet_util_lib.h> #include <gnunet/gnunet_util_lib.h>
#include <gnunet/gnunet_json_lib.h> #include <gnunet/gnunet_json_lib.h>
#include <taler/taler_amount_lib.h> #include <taler/taler_util.h>
#include <jansson.h> #include <jansson.h>
#include "brandt.h" #include "brandt.h"
@ -68,7 +68,7 @@ struct transcript
struct GNUNET_CRYPTO_EccDlogContext *edc; struct GNUNET_CRYPTO_EccDlogContext *edc;
}; };
static struct transcript tr; /* static struct transcript tr; */
static void static void
@ -96,8 +96,9 @@ print_result (struct transcript *tr,
for (size_t i = 0; i < tr->results_len; i++) for (size_t i = 0; i < tr->results_len; i++)
{ {
json_t *result = json_pack ("{s:i, s:s}", json_t *result = json_pack ("{s:i, s:i, s:s}",
"bidder", tr->results[i].bidder, "bidder", tr->results[i].bidder,
"price_idx", tr->results[i].price_idx,
"price", tr->results[i].price); "price", tr->results[i].price);
GNUNET_assert (result); GNUNET_assert (result);
@ -112,7 +113,7 @@ print_result (struct transcript *tr,
{ {
FILE *f = fdopen (1, "w"); FILE *f = fdopen (1, "w");
GNUNET_assert(f); GNUNET_assert (f);
json_dumpf (output, f, JSON_INDENT (2)); json_dumpf (output, f, JSON_INDENT (2));
fflush (f); fflush (f);
@ -218,7 +219,7 @@ replay_transcript (void *arg)
tr->m, /* m */ tr->m, /* m */
tr->public, /* outcome public */ tr->public, /* outcome public */
tr->public ? tr->edc : NULL); tr->public ? tr->edc : NULL);
if (!tr->auction) if (! tr->auction)
{ {
print_result (NULL, "REPLAY BRANDT_new() failed."); print_result (NULL, "REPLAY BRANDT_new() failed.");
_exit (1); _exit (1);
@ -231,13 +232,13 @@ parse_json_stdin (struct transcript *tr)
{ {
json_error_t jerror; json_error_t jerror;
json_t *jtr; json_t *jtr;
struct GNUNET_CRYPTO_EddsaSignature sig; /* struct GNUNET_CRYPTO_EddsaSignature sig; */
jtr = json_loadfd (0, jtr = json_loadfd (0,
JSON_REJECT_DUPLICATES, JSON_REJECT_DUPLICATES,
&jerror); &jerror);
if (!jtr) if (! jtr)
{ {
char err[4096]; char err[4096];
snprintf (err, snprintf (err,
@ -254,8 +255,8 @@ parse_json_stdin (struct transcript *tr)
char *perr; char *perr;
unsigned int eline; unsigned int eline;
struct GNUNET_JSON_Specification au_spec[] = { struct GNUNET_JSON_Specification au_spec[] = {
GNUNET_JSON_spec_bool ("public", &tr->public), GNUNET_JSON_spec_bool ("outcome_public", &tr->public),
GNUNET_JSON_spec_uint16 ("type", &tr->m), GNUNET_JSON_spec_uint16 ("auction_type", &tr->m),
GNUNET_JSON_spec_end () GNUNET_JSON_spec_end ()
}; };
@ -280,7 +281,7 @@ parse_json_stdin (struct transcript *tr)
json_t *val; json_t *val;
if (!json_is_array (prices)) if (! json_is_array (prices))
{ {
print_result (NULL, print_result (NULL,
"no prices found in input"); "no prices found in input");
@ -291,7 +292,7 @@ parse_json_stdin (struct transcript *tr)
tr->prices = GNUNET_new_array (tr->k, char *); tr->prices = GNUNET_new_array (tr->k, char *);
json_array_foreach (prices, idx, val) json_array_foreach (prices, idx, val)
{ {
if (!json_is_string (val)) if (! json_is_string (val))
{ {
char err[256]; char err[256];
snprintf (err, snprintf (err,
@ -313,7 +314,7 @@ parse_json_stdin (struct transcript *tr)
json_t *bidders; json_t *bidders;
bidders = json_object_get (jtr, "bidders"); bidders = json_object_get (jtr, "bidders");
if (!bidders || !json_is_array (bidders)) if (! bidders || ! json_is_array (bidders))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"bidders missing or not an array\n"); "bidders missing or not an array\n");
@ -333,7 +334,7 @@ parse_json_stdin (struct transcript *tr)
json_t *val; json_t *val;
messages = json_object_get (jtr, "transcript"); messages = json_object_get (jtr, "transcript");
if (!json_is_array (messages)) if (! json_is_array (messages))
{ {
print_result (NULL, "transcript missing or not an array"); print_result (NULL, "transcript missing or not an array");
_exit (1); _exit (1);
@ -394,7 +395,7 @@ parse_json_stdin (struct transcript *tr)
winners = json_object_get (jtr, "winners"); winners = json_object_get (jtr, "winners");
if (!json_is_array (winners)) if (! json_is_array (winners))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"winners not provided, continuing without\n"); "winners not provided, continuing without\n");

5
test.h
View File

@ -27,10 +27,11 @@
int tests_run = 0; int tests_run = 0;
int ret = 0; int ret = 0;
#define CHECK(cond, message) do { if (!(cond)) { fputs (message, stderr); fputc ( \ #define CHECK(cond, message) do { if (! (cond)) { fputs (message, stderr); \
fputc ( \
'\n', \ '\n', \
stderr); return 0; \ stderr); return 0; \
} } while (0) } } while (0)
#define RUN(test) do { if (!test ()) { ret = 1; } } while (0) #define RUN(test) do { if (! test ()) { ret = 1; } } while (0)
#endif // ifndef _BRANDT_TEST_H #endif // ifndef _BRANDT_TEST_H

37
test_brandt.c
View File

@ -1,5 +1,5 @@
/* This file is part of libbrandt. /* This file is part of libbrandt.
* Copyright (C) 2016 GNUnet e.V. * Copyright (C) 2016,2023-2024 GNUnet e.V.
* *
* libbrandt is free software: you can redistribute it and/or modify it under * libbrandt is free software: you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free Software * the terms of the GNU General Public License as published by the Free Software
@ -18,6 +18,7 @@
* @file test_brandt.c * @file test_brandt.c
* @brief testing API functions. * @brief testing API functions.
* @author Markus Teich * @author Markus Teich
* @author Özgür Kesim
*/ */
#include "platform.h" #include "platform.h"
@ -90,7 +91,7 @@ expected_outcome (uint16_t i, uint16_t *rlen)
if (tcase.bids[h] > highest_bid) if (tcase.bids[h] > highest_bid)
highest_bid = tcase.bids[highest_bidder = h]; highest_bid = tcase.bids[highest_bidder = h];
if (!tcase.outcome_public && !(i == highest_bidder || i == tcase.n)) if (! tcase.outcome_public && ! (i == highest_bidder || i == tcase.n))
return NULL; return NULL;
ret = GNUNET_new (struct BRANDT_Result); ret = GNUNET_new (struct BRANDT_Result);
@ -373,7 +374,7 @@ run_auction (void *arg)
tcase.m, /* m */ tcase.m, /* m */
tcase.outcome_public, /* outcome public */ tcase.outcome_public, /* outcome public */
tcase.outcome_public ? edc : NULL); tcase.outcome_public ? edc : NULL);
if (!tcase.ad[tcase.n]) if (! tcase.ad[tcase.n])
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "BRANDT_new() failed.\n"); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "BRANDT_new() failed.\n");
_exit (1); _exit (1);
@ -389,7 +390,7 @@ run_auction (void *arg)
desc_len, desc_len,
tcase.bids[i], /* bid */ tcase.bids[i], /* bid */
tcase.outcome_public ? edc : NULL); tcase.outcome_public ? edc : NULL);
if (!tcase.ad[i]) if (! tcase.ad[i])
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "BRANDT_join() failed.\n"); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "BRANDT_join() failed.\n");
tcase.ret = 1; tcase.ret = 1;
@ -403,7 +404,7 @@ run_auction (void *arg)
!= tcase.ad[i]->time_start.abs_value_us || != tcase.ad[i]->time_start.abs_value_us ||
tcase.ad[tcase.n]->time_round.rel_value_us tcase.ad[tcase.n]->time_round.rel_value_us
!= tcase.ad[i]->time_round.rel_value_us || != tcase.ad[i]->time_round.rel_value_us ||
!tcase.ad[tcase.n]->seller_mode || /* todo: split out */ ! tcase.ad[tcase.n]->seller_mode || /* todo: split out */
tcase.ad[i]->seller_mode) tcase.ad[i]->seller_mode)
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@ -476,12 +477,9 @@ quit:
} }
static uint16_t static void
tr_start (void *auction_closure) resend (void *x)
{ {
void
resend (void *x)
{
size_t i = (size_t) x; size_t i = (size_t) x;
struct msg *m = tcase.tr[i]; struct msg *m = tcase.tr[i];
if (NULL == m) if (NULL == m)
@ -491,10 +489,14 @@ tr_start (void *auction_closure)
} }
dprintf (2, "REPLAY sent msg no. %ld\n", i); dprintf (2, "REPLAY sent msg no. %ld\n", i);
BRANDT_got_message (tcase.rad, m->sender, m->buf, m->buf_len); BRANDT_got_message (tcase.rad, m->sender, m->buf, m->buf_len);
} }
dprintf (2, "REPLAY start replay auction\n"); static uint16_t
tr_start (void *auction_closure)
{
dprintf (2, "REPLAY start resend auction\n");
for (size_t i = 0; i < 4 * tcase.n; i++) for (size_t i = 0; i < 4 * tcase.n; i++)
GNUNET_SCHEDULER_add_now (&resend, (void *) i); GNUNET_SCHEDULER_add_now (&resend, (void *) i);
@ -540,8 +542,9 @@ print_transcript (uint32_t highestprice)
ad->time_start.abs_value_us / 1000LL), ad->time_start.abs_value_us / 1000LL),
"time_round", "d_us", json_integer ( "time_round", "d_us", json_integer (
ad->time_round.rel_value_us), ad->time_round.rel_value_us),
"type", ad->m, "auction_type", ad->m,
"is_public", ad->outcome_public == 0 ? json_false () : json_true (), "outcome_public", ad->outcome_public == 0 ?
json_false () : json_true (),
"prices", prices, "prices", prices,
"payto_uri", "payto://some/iban", "payto_uri", "payto://some/iban",
"pubkey", GNUNET_CRYPTO_eddsa_public_key_to_string ( "pubkey", GNUNET_CRYPTO_eddsa_public_key_to_string (
@ -729,7 +732,7 @@ replay_transcript (void *arg)
tcase.m, /* m */ tcase.m, /* m */
tcase.outcome_public, /* outcome public */ tcase.outcome_public, /* outcome public */
tcase.outcome_public ? redc : NULL); tcase.outcome_public ? redc : NULL);
if (!tcase.rad) if (! tcase.rad)
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "REPLAY BRANDT_new() failed.\n"); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "REPLAY BRANDT_new() failed.\n");
_exit (1); _exit (1);
@ -796,7 +799,7 @@ test_auction (uint16_t n,
for (uint16_t i = 0; i <= tcase.n; i++) for (uint16_t i = 0; i <= tcase.n; i++)
{ {
BRANDT_destroy (tcase.ad[i]); BRANDT_destroy (tcase.ad[i]);
if (!tcase.result_called[i]) if (! tcase.result_called[i])
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"result callback not called for bidder %d\n", "result callback not called for bidder %d\n",
@ -824,7 +827,7 @@ test_auction (uint16_t n,
int int
main (int argc, char *argv[]) main ()
{ {
int ret = 0; int ret = 0;

12
test_crypto.c
View File

@ -46,12 +46,12 @@ test_serialization ()
ec_point_parse (newp, &serp); ec_point_parse (newp, &serp);
mpi_parse (newi, &seri); mpi_parse (newi, &seri);
CHECK (!ec_point_cmp (oldp, newp), "serialization changed point"); CHECK (! ec_point_cmp (oldp, newp), "serialization changed point");
CHECK (!gcry_mpi_cmp (oldi, newi), "serialization changed mpi"); CHECK (! gcry_mpi_cmp (oldi, newi), "serialization changed mpi");
mpi_serialize (&seri, GCRYMPI_CONST_ONE); mpi_serialize (&seri, GCRYMPI_CONST_ONE);
mpi_parse (newi, &seri); mpi_parse (newi, &seri);
CHECK (!gcry_mpi_cmp (GCRYMPI_CONST_ONE, newi), "serializing mpi 1 fail"); CHECK (! gcry_mpi_cmp (GCRYMPI_CONST_ONE, newi), "serializing mpi 1 fail");
gcry_mpi_point_release (oldp); gcry_mpi_point_release (oldp);
gcry_mpi_point_release (newp); gcry_mpi_point_release (newp);
@ -72,7 +72,7 @@ test_smc_zkp_dl ()
smc_zkp_dl (v, x, &proof); smc_zkp_dl (v, x, &proof);
CHECK (gcry_mpi_ec_curve_point (v, ec_ctx), "not on curve"); CHECK (gcry_mpi_ec_curve_point (v, ec_ctx), "not on curve");
CHECK (!smc_zkp_dl_check (v, &proof), "zkp dl wrong"); CHECK (! smc_zkp_dl_check (v, &proof), "zkp dl wrong");
gcry_mpi_release (x); gcry_mpi_release (x);
gcry_mpi_point_release (v); gcry_mpi_point_release (v);
@ -98,7 +98,7 @@ test_smc_zkp_2dle ()
CHECK (gcry_mpi_ec_curve_point (g2, ec_ctx), "not on curve"); CHECK (gcry_mpi_ec_curve_point (g2, ec_ctx), "not on curve");
CHECK (gcry_mpi_ec_curve_point (v, ec_ctx), "not on curve"); CHECK (gcry_mpi_ec_curve_point (v, ec_ctx), "not on curve");
CHECK (gcry_mpi_ec_curve_point (w, ec_ctx), "not on curve"); CHECK (gcry_mpi_ec_curve_point (w, ec_ctx), "not on curve");
CHECK (!smc_zkp_2dle_check (v, w, g1, g2, &proof), "zkp 2dle wrong"); CHECK (! smc_zkp_2dle_check (v, w, g1, g2, &proof), "zkp 2dle wrong");
gcry_mpi_release (x); gcry_mpi_release (x);
gcry_mpi_point_release (g1); gcry_mpi_point_release (g1);
@ -124,7 +124,7 @@ test_smc_zkp_0og ()
smc_zkp_0og (tests_run % 2, y, NULL, alpha, beta, &proof); smc_zkp_0og (tests_run % 2, y, NULL, alpha, beta, &proof);
CHECK (gcry_mpi_ec_curve_point (alpha, ec_ctx), "not on curve"); CHECK (gcry_mpi_ec_curve_point (alpha, ec_ctx), "not on curve");
CHECK (gcry_mpi_ec_curve_point (beta, ec_ctx), "not on curve"); CHECK (gcry_mpi_ec_curve_point (beta, ec_ctx), "not on curve");
CHECK (!smc_zkp_0og_check (y, alpha, beta, &proof), "zkp 0og is wrong"); CHECK (! smc_zkp_0og_check (y, alpha, beta, &proof), "zkp 0og is wrong");
gcry_mpi_point_release (y); gcry_mpi_point_release (y);
gcry_mpi_point_release (alpha); gcry_mpi_point_release (alpha);

12
util.h
View File

@ -29,15 +29,15 @@
#ifdef NDEBUG #ifdef NDEBUG
#define DP(point) ((void)(gcry_log_debugpnt (# point, point, ec_ctx))) #define DP(point) ((void) (gcry_log_debugpnt (# point, point, ec_ctx)))
#define DM(mpi) ((void)(gcry_log_debugmpi (# mpi, mpi))) #define DM(mpi) ((void) (gcry_log_debugmpi (# mpi, mpi)))
#define DS(sexp) ((void)(gcry_log_debugsxp (# sexp, sexp))) #define DS(sexp) ((void) (gcry_log_debugsxp (# sexp, sexp)))
#else /* ifdef NDEBUG */ #else /* ifdef NDEBUG */
#define DP(point) ((void)(0)) #define DP(point) ((void) (0))
#define DM(mpi) ((void)(0)) #define DM(mpi) ((void) (0))
#define DS(sexp) ((void)(0)) #define DS(sexp) ((void) (0))
#endif /* ifdef NDEBUG */ #endif /* ifdef NDEBUG */