diff options
Diffstat (limited to 'src/util')
| -rw-r--r-- | src/util/crypto.c | 83 | ||||
| -rw-r--r-- | src/util/test_helper_rsa.c | 26 | 
2 files changed, 88 insertions, 21 deletions
| diff --git a/src/util/crypto.c b/src/util/crypto.c index b75cd8b4..1b829c9f 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -25,6 +25,19 @@  #include "taler_util.h"  #include <gcrypt.h> +/** + * Should we use the RSA blind signing implementation + * from libgnunetutil?  The blinding only works + * correctly with a current version of libgnunetutil. + * + * Only applies to blinding and unblinding, but + * not to blind signing. + * + * FIXME: Can we define some macro for this in configure.ac + * to detect the version? + */ +#define USE_GNUNET_RSA_BLINDING 1 +  /**   * Function called by libgcrypt on serious errors. @@ -245,11 +258,11 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,                        sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),                        c_hash);    if (GNUNET_YES != -      GNUNET_CRYPTO_rsa_blind (c_hash, -                               &ps->blinding_key.bks, -                               dk->rsa_public_key, -                               &pd->coin_ev, -                               &pd->coin_ev_size)) +      TALER_rsa_blind (c_hash, +                       &ps->blinding_key.bks, +                       dk->rsa_public_key, +                       &pd->coin_ev, +                       &pd->coin_ev_size))    {      GNUNET_break_op (0);      return GNUNET_SYSERR; @@ -280,9 +293,9 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,  {    struct GNUNET_CRYPTO_RsaSignature *sig; -  sig = GNUNET_CRYPTO_rsa_unblind (blind_sig, -                                   &ps->blinding_key.bks, -                                   dk->rsa_public_key); +  sig = TALER_rsa_unblind (blind_sig, +                           &ps->blinding_key.bks, +                           dk->rsa_public_key);    if (GNUNET_OK !=        GNUNET_CRYPTO_rsa_verify (c_hash,                                  sig, @@ -381,4 +394,58 @@ TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc,  } +/** + * Blinds the given message with the given blinding key + * + * @param hash hash of the message to sign + * @param bkey the blinding key + * @param pkey the public key of the signer + * @param[out] buf set to a buffer with the blinded message to be signed + * @param[out] buf_size number of bytes stored in @a buf + * @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious + */ +int +TALER_rsa_blind (const struct GNUNET_HashCode *hash, +                 const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, +                 struct GNUNET_CRYPTO_RsaPublicKey *pkey, +                 void **buf, +                 size_t *buf_size) +{ +#if USE_GNUNET_RSA_BLINDING +  return GNUNET_CRYPTO_rsa_blind (hash, +                                  bks, +                                  pkey, +                                  buf, +                                  buf_size); +#else +# error "FIXME: implement" +#endif +} + + +/** + * Unblind a blind-signed signature.  The signature should have been generated + * with #GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with + * #GNUNET_CRYPTO_rsa_blind(). + * + * @param sig the signature made on the blinded signature purpose + * @param bks the blinding key secret used to blind the signature purpose + * @param pkey the public key of the signer + * @return unblinded signature on success, NULL if RSA key is bad or malicious. + */ +struct GNUNET_CRYPTO_RsaSignature * +TALER_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig, +                   const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, +                   struct GNUNET_CRYPTO_RsaPublicKey *pkey) +{ +#if USE_GNUNET_RSA_BLINDING +  return GNUNET_CRYPTO_rsa_unblind (sig, +                                    bks, +                                    pkey); +#else +# error "FIXME: implement" +#endif +} + +  /* end of crypto.c */ diff --git a/src/util/test_helper_rsa.c b/src/util/test_helper_rsa.c index f291f27e..f86ebdef 100644 --- a/src/util/test_helper_rsa.c +++ b/src/util/test_helper_rsa.c @@ -254,11 +254,11 @@ test_signing (struct TALER_CRYPTO_DenominationHelper *dh)        void *buf;        size_t buf_size;        GNUNET_assert (GNUNET_YES == -                     GNUNET_CRYPTO_rsa_blind (&m_hash, -                                              &bks, -                                              keys[i].denom_pub.rsa_public_key, -                                              &buf, -                                              &buf_size)); +                     TALER_rsa_blind (&m_hash, +                                      &bks, +                                      keys[i].denom_pub.rsa_public_key, +                                      &buf, +                                      &buf_size));        GNUNET_log (GNUNET_ERROR_TYPE_INFO,                    "Requesting signature over %u bytes with key %s\n",                    (unsigned int) buf_size, @@ -290,9 +290,9 @@ test_signing (struct TALER_CRYPTO_DenominationHelper *dh)        {          struct GNUNET_CRYPTO_RsaSignature *rs; -        rs = GNUNET_CRYPTO_rsa_unblind (ds.rsa_signature, -                                        &bks, -                                        keys[i].denom_pub.rsa_public_key); +        rs = TALER_rsa_unblind (ds.rsa_signature, +                                &bks, +                                keys[i].denom_pub.rsa_public_key);          if (NULL == rs)          {            GNUNET_break (0); @@ -409,11 +409,11 @@ perf_signing (struct TALER_CRYPTO_DenominationHelper *dh)          size_t buf_size;          GNUNET_assert (GNUNET_YES == -                       GNUNET_CRYPTO_rsa_blind (&m_hash, -                                                &bks, -                                                keys[i].denom_pub.rsa_public_key, -                                                &buf, -                                                &buf_size)); +                       TALER_rsa_blind (&m_hash, +                                        &bks, +                                        keys[i].denom_pub.rsa_public_key, +                                        &buf, +                                        &buf_size));          /* use this key as long as it works */          while (1)          { | 
