diff options
Diffstat (limited to 'src/util')
| -rw-r--r-- | src/util/age_restriction.c | 34 | ||||
| -rw-r--r-- | src/util/denom.c | 6 | ||||
| -rw-r--r-- | src/util/test_crypto.c | 71 |
3 files changed, 78 insertions, 33 deletions
diff --git a/src/util/age_restriction.c b/src/util/age_restriction.c index 2cb5cb20..8e088a40 100644 --- a/src/util/age_restriction.c +++ b/src/util/age_restriction.c @@ -38,7 +38,7 @@ TALER_age_commitment_hash ( return; } - GNUNET_assert (__builtin_popcount (commitment->mask.mask) - 1 == + GNUNET_assert (__builtin_popcount (commitment->mask.bits) - 1 == commitment->num); hash_context = GNUNET_CRYPTO_hash_context_start (); @@ -67,7 +67,7 @@ get_age_group ( const struct TALER_AgeMask *mask, uint8_t age) { - uint32_t m = mask->mask; + uint32_t m = mask->bits; uint8_t i = 0; while (m > 0) @@ -89,26 +89,29 @@ TALER_age_restriction_commit ( const uint64_t salt, struct TALER_AgeCommitmentProof *new) { - uint8_t num_pub = __builtin_popcount (mask->mask) - 1; - uint8_t num_priv = get_age_group (mask, age) - 1; + uint8_t num_pub = __builtin_popcount (mask->bits) - 1; + uint8_t num_priv = get_age_group (mask, age); size_t i; GNUNET_assert (NULL != new); - GNUNET_assert (mask->mask & 1); /* fist bit must have been set */ + GNUNET_assert (mask->bits & 1); /* fist bit must have been set */ GNUNET_assert (0 <= num_priv); GNUNET_assert (31 > num_priv); GNUNET_assert (num_priv <= num_pub); - new->commitment.mask.mask = mask->mask; + new->commitment.mask.bits = mask->bits; new->commitment.num = num_pub; new->proof.num = num_priv; + new->proof.priv = NULL; new->commitment.pub = GNUNET_new_array ( num_pub, struct TALER_AgeCommitmentPublicKeyP); - new->proof.priv = GNUNET_new_array ( - num_priv, - struct TALER_AgeCommitmentPrivateKeyP); + + if (0 < num_priv) + new->proof.priv = GNUNET_new_array ( + num_priv, + struct TALER_AgeCommitmentPrivateKeyP); /* Create as many private keys as we need and fill the rest of the * public keys with valid curve points. @@ -143,7 +146,8 @@ TALER_age_restriction_commit ( FAIL: GNUNET_free (new->commitment.pub); - GNUNET_free (new->proof.priv); + if (NULL != new->proof.priv) + GNUNET_free (new->proof.priv); return GNUNET_SYSERR; } @@ -199,7 +203,7 @@ TALER_age_commitment_derive ( GNUNET_assert (NULL != new); GNUNET_assert (orig->commitment.num== __builtin_popcount ( - orig->commitment.mask.mask) - 1); + orig->commitment.mask.bits) - 1); GNUNET_assert (orig->proof.num <= orig->commitment.num); new->commitment.mask = orig->commitment.mask; @@ -305,7 +309,7 @@ TALER_age_commitment_attest ( return GNUNET_OK; } - if (group > cp->proof.num) + if (group >= cp->proof.num) return GNUNET_NO; { @@ -316,7 +320,7 @@ TALER_age_commitment_attest ( .age = age }; - GNUNET_CRYPTO_eddsa_sign (&cp->proof.priv[group].eddsa_priv, + GNUNET_CRYPTO_eddsa_sign (&cp->proof.priv[group - 1].eddsa_priv, &at, &attest->eddsa_signature); } @@ -345,7 +349,7 @@ TALER_age_commitment_verify ( if (0 == group) return GNUNET_OK; - if (group > comm->num) + if (group >= comm->num) return GNUNET_NO; { @@ -360,7 +364,7 @@ TALER_age_commitment_verify ( GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_AGE_ATTESTATION, &at, &attest->eddsa_signature, - &comm->pub[group].eddsa_pub); + &comm->pub[group - 1].eddsa_pub); } } diff --git a/src/util/denom.c b/src/util/denom.c index d4cdb8fe..c1c3cdf5 100644 --- a/src/util/denom.c +++ b/src/util/denom.c @@ -230,7 +230,7 @@ TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub, struct TALER_DenominationHashP *denom_hash) { uint32_t opt[2] = { - htonl (denom_pub->age_mask.mask), + htonl (denom_pub->age_mask.bits), htonl ((uint32_t) denom_pub->cipher) }; struct GNUNET_HashContext *hc; @@ -558,8 +558,8 @@ TALER_denom_pub_cmp (const struct TALER_DenominationPublicKey *denom1, { if (denom1->cipher != denom2->cipher) return (denom1->cipher > denom2->cipher) ? 1 : -1; - if (denom1->age_mask.mask != denom2->age_mask.mask) - return (denom1->age_mask.mask > denom2->age_mask.mask) ? 1 : -1; + if (denom1->age_mask.bits != denom2->age_mask.bits) + return (denom1->age_mask.bits > denom2->age_mask.bits) ? 1 : -1; switch (denom1->cipher) { case TALER_DENOMINATION_INVALID: diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c index fea90b78..90d5847e 100644 --- a/src/util/test_crypto.c +++ b/src/util/test_crypto.c @@ -101,6 +101,11 @@ test_high_level (void) } +static struct TALER_AgeMask age_mask = { + .bits = 1 | 1 << 8 | 1 << 10 | 1 << 12 + | 1 << 14 | 1 << 16 | 1 << 18 | 1 << 21 +}; + /** * Test the basic planchet functionality of creating a fresh planchet * and extracting the respective signature. @@ -108,7 +113,7 @@ test_high_level (void) * @return 0 on success */ static int -test_planchets_rsa (void) +test_planchets_rsa (uint8_t age) { struct TALER_PlanchetMasterSecretP ps; struct TALER_CoinSpendPrivateKeyP coin_priv; @@ -120,6 +125,26 @@ test_planchets_rsa (void) struct TALER_BlindedDenominationSignature blind_sig; struct TALER_FreshCoin coin; struct TALER_CoinPubHashP c_hash; + struct TALER_AgeCommitmentHash *ach = NULL; + + if (0 < age) + { + struct TALER_AgeCommitmentHash ah = {0}; + struct TALER_AgeCommitmentProof *acp; + uint64_t salt = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, + UINT64_MAX); + + acp = GNUNET_new (struct TALER_AgeCommitmentProof); + + GNUNET_assert (GNUNET_OK == + TALER_age_restriction_commit (&age_mask, + age, + salt, + acp)); + TALER_age_commitment_hash (&acp->commitment, + &ah); + ach = &ah; + } GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG, &ps, @@ -152,7 +177,7 @@ test_planchets_rsa (void) &alg_values, &bks, &coin_priv, - NULL, /* no age commitment */ + ach, &c_hash, &pd)); GNUNET_assert (GNUNET_OK == @@ -166,7 +191,7 @@ test_planchets_rsa (void) &blind_sig, &bks, &coin_priv, - NULL, /* no age commitment */ + ach, &c_hash, &alg_values, &coin)); @@ -178,8 +203,6 @@ test_planchets_rsa (void) } -/** FIXME-oec: Add test for planchets with age commitment hash */ - /** * @brief Function for CS signatures to derive public R_0 and R_1 * @@ -220,7 +243,7 @@ derive_r_public ( * @return 0 on success */ static int -test_planchets_cs (void) +test_planchets_cs (uint8_t age) { struct TALER_PlanchetMasterSecretP ps; struct TALER_CoinSpendPrivateKeyP coin_priv; @@ -232,6 +255,26 @@ test_planchets_cs (void) struct TALER_BlindedDenominationSignature blind_sig; struct TALER_FreshCoin coin; struct TALER_ExchangeWithdrawValues alg_values; + struct TALER_AgeCommitmentHash *ach = NULL; + + if (0 < age) + { + struct TALER_AgeCommitmentHash ah = {0}; + struct TALER_AgeCommitmentProof *acp; + uint64_t salt = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, + UINT64_MAX); + + acp = GNUNET_new (struct TALER_AgeCommitmentProof); + + GNUNET_assert (GNUNET_OK == + TALER_age_restriction_commit (&age_mask, + age, + salt, + acp)); + TALER_age_commitment_hash (&acp->commitment, + &ah); + ach = &ah; + } GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG, &ps, @@ -260,7 +303,7 @@ test_planchets_cs (void) &alg_values, &bks, &coin_priv, - NULL, + ach, &c_hash, &pd)); GNUNET_assert (GNUNET_OK == @@ -274,7 +317,7 @@ test_planchets_cs (void) &blind_sig, &bks, &coin_priv, - NULL, + ach, &c_hash, &alg_values, &coin)); @@ -294,11 +337,11 @@ test_planchets_cs (void) * @return 0 on success */ static int -test_planchets (void) +test_planchets (uint8_t age) { - if (0 != test_planchets_rsa ()) + if (0 != test_planchets_rsa (age)) return -1; - return test_planchets_cs (); + return test_planchets_cs (age); } @@ -399,12 +442,10 @@ main (int argc, (void) argv; if (0 != test_high_level ()) return 1; - if (0 != test_planchets ()) + if (0 != test_planchets (0)) return 2; -#if FIXME_OEC - if (0 != test_planchets_with_age_commitment ()) + if (0 != test_planchets (13)) return 3; -#endif if (0 != test_exchange_sigs ()) return 4; if (0 != test_merchant_sigs ()) |