2021-10-22 23:39:19 +02:00
|
|
|
/*
|
|
|
|
This file is part of TALER
|
|
|
|
Copyright (C) 2021 Taler Systems SA
|
|
|
|
|
|
|
|
TALER is free software; you can redistribute it and/or modify it under the
|
|
|
|
terms of the GNU General Public License as published by the Free Software
|
|
|
|
Foundation; either version 3, or (at your option) any later version.
|
|
|
|
|
|
|
|
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
|
|
|
|
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
|
|
|
|
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License along with
|
|
|
|
TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
|
|
|
|
*/
|
|
|
|
/**
|
|
|
|
* @file denom.c
|
|
|
|
* @brief denomination utility functions
|
|
|
|
* @author Christian Grothoff
|
|
|
|
*/
|
|
|
|
#include "platform.h"
|
|
|
|
#include "taler_util.h"
|
|
|
|
|
|
|
|
|
2021-11-05 14:00:10 +01:00
|
|
|
enum GNUNET_GenericReturnValue
|
|
|
|
TALER_denom_priv_create (struct TALER_DenominationPrivateKey *denom_priv,
|
|
|
|
struct TALER_DenominationPublicKey *denom_pub,
|
|
|
|
enum TALER_DenominationCipher cipher,
|
|
|
|
...)
|
|
|
|
{
|
|
|
|
memset (denom_priv,
|
|
|
|
0,
|
|
|
|
sizeof (*denom_priv));
|
|
|
|
memset (denom_pub,
|
|
|
|
0,
|
|
|
|
sizeof (*denom_pub));
|
2021-12-17 14:35:10 +01:00
|
|
|
|
2021-11-05 14:00:10 +01:00
|
|
|
switch (cipher)
|
|
|
|
{
|
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
{
|
|
|
|
va_list ap;
|
|
|
|
unsigned int bits;
|
|
|
|
|
|
|
|
va_start (ap, cipher);
|
|
|
|
bits = va_arg (ap, unsigned int);
|
|
|
|
va_end (ap);
|
|
|
|
if (bits < 512)
|
|
|
|
{
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
denom_priv->details.rsa_private_key
|
|
|
|
= GNUNET_CRYPTO_rsa_private_key_create (bits);
|
|
|
|
}
|
|
|
|
if (NULL == denom_priv->details.rsa_private_key)
|
|
|
|
{
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
denom_pub->details.rsa_public_key
|
|
|
|
= GNUNET_CRYPTO_rsa_private_key_get_public (
|
|
|
|
denom_priv->details.rsa_private_key);
|
2021-12-27 20:02:54 +01:00
|
|
|
denom_priv->cipher = TALER_DENOMINATION_RSA;
|
|
|
|
denom_pub->cipher = TALER_DENOMINATION_RSA;
|
2021-11-05 14:00:10 +01:00
|
|
|
return GNUNET_OK;
|
2021-12-17 14:35:10 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
GNUNET_CRYPTO_cs_private_key_generate (&denom_priv->details.cs_private_key);
|
|
|
|
GNUNET_CRYPTO_cs_private_key_get_public (
|
|
|
|
&denom_priv->details.cs_private_key,
|
|
|
|
&denom_pub->details.cs_public_key);
|
2021-12-27 20:02:54 +01:00
|
|
|
denom_priv->cipher = TALER_DENOMINATION_CS;
|
|
|
|
denom_pub->cipher = TALER_DENOMINATION_CS;
|
2021-12-17 14:35:10 +01:00
|
|
|
return GNUNET_OK;
|
2021-11-05 14:00:10 +01:00
|
|
|
default:
|
|
|
|
GNUNET_break (0);
|
|
|
|
}
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-12-22 12:52:54 +01:00
|
|
|
enum GNUNET_GenericReturnValue
|
2022-01-17 09:37:36 +01:00
|
|
|
TALER_denom_cs_derive_r_public (const struct TALER_CsNonce *nonce,
|
2021-12-22 12:52:54 +01:00
|
|
|
const struct
|
|
|
|
TALER_DenominationPrivateKey *denom_priv,
|
2022-02-07 12:33:35 +01:00
|
|
|
struct TALER_DenominationCSPublicRPairP *r_pub)
|
2021-12-22 12:52:54 +01:00
|
|
|
{
|
|
|
|
if (denom_priv->cipher != TALER_DENOMINATION_CS)
|
|
|
|
{
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
|
|
|
|
struct GNUNET_CRYPTO_CsRSecret r[2];
|
|
|
|
GNUNET_CRYPTO_cs_r_derive (&nonce->nonce,
|
|
|
|
&denom_priv->details.cs_private_key,
|
|
|
|
r);
|
|
|
|
GNUNET_CRYPTO_cs_r_get_public (&r[0], &r_pub->r_pub[0]);
|
|
|
|
GNUNET_CRYPTO_cs_r_get_public (&r[1], &r_pub->r_pub[1]);
|
|
|
|
return GNUNET_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-11-05 14:00:10 +01:00
|
|
|
enum GNUNET_GenericReturnValue
|
|
|
|
TALER_denom_sign_blinded (struct TALER_BlindedDenominationSignature *denom_sig,
|
|
|
|
const struct TALER_DenominationPrivateKey *denom_priv,
|
2021-12-31 15:24:41 +01:00
|
|
|
const struct TALER_BlindedPlanchet *blinded_planchet)
|
2021-11-05 14:00:10 +01:00
|
|
|
{
|
|
|
|
memset (denom_sig,
|
|
|
|
0,
|
|
|
|
sizeof (*denom_sig));
|
2022-01-04 17:46:36 +01:00
|
|
|
|
|
|
|
if (blinded_planchet->cipher != denom_priv->cipher)
|
|
|
|
{
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
|
2021-11-05 14:00:10 +01:00
|
|
|
switch (denom_priv->cipher)
|
|
|
|
{
|
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
denom_sig->details.blinded_rsa_signature
|
|
|
|
= GNUNET_CRYPTO_rsa_sign_blinded (
|
|
|
|
denom_priv->details.rsa_private_key,
|
2021-12-17 14:35:10 +01:00
|
|
|
blinded_planchet->details.rsa_blinded_planchet.blinded_msg,
|
|
|
|
blinded_planchet->details.rsa_blinded_planchet.blinded_msg_size);
|
2021-11-05 14:00:10 +01:00
|
|
|
if (NULL == denom_sig->details.blinded_rsa_signature)
|
|
|
|
{
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
denom_sig->cipher = TALER_DENOMINATION_RSA;
|
|
|
|
return GNUNET_OK;
|
2021-12-23 10:58:03 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
{
|
|
|
|
struct GNUNET_CRYPTO_CsRSecret r[2];
|
2021-12-31 15:24:41 +01:00
|
|
|
GNUNET_CRYPTO_cs_r_derive (
|
|
|
|
&blinded_planchet->details.cs_blinded_planchet.nonce.nonce,
|
|
|
|
&denom_priv->details.cs_private_key,
|
|
|
|
r);
|
2021-12-23 10:58:03 +01:00
|
|
|
|
|
|
|
denom_sig->details.blinded_cs_answer.b =
|
|
|
|
GNUNET_CRYPTO_cs_sign_derive (&denom_priv->details.cs_private_key,
|
|
|
|
r,
|
|
|
|
blinded_planchet->details.
|
|
|
|
cs_blinded_planchet.c,
|
2021-12-31 15:24:41 +01:00
|
|
|
&blinded_planchet->details.
|
|
|
|
cs_blinded_planchet.nonce.nonce,
|
2021-12-23 10:58:03 +01:00
|
|
|
&denom_sig->details.blinded_cs_answer.
|
|
|
|
s_scalar);
|
|
|
|
|
|
|
|
denom_sig->cipher = TALER_DENOMINATION_CS;
|
|
|
|
}
|
|
|
|
return GNUNET_OK;
|
2021-11-05 14:00:10 +01:00
|
|
|
default:
|
|
|
|
GNUNET_break (0);
|
|
|
|
}
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-11-05 14:18:13 +01:00
|
|
|
enum GNUNET_GenericReturnValue
|
2021-11-05 22:22:47 +01:00
|
|
|
TALER_denom_sig_unblind (
|
|
|
|
struct TALER_DenominationSignature *denom_sig,
|
|
|
|
const struct TALER_BlindedDenominationSignature *bdenom_sig,
|
|
|
|
const union TALER_DenominationBlindingKeyP *bks,
|
2022-02-09 10:49:10 +01:00
|
|
|
const struct TALER_CoinPubHash *c_hash,
|
|
|
|
const struct TALER_ExchangeWithdrawValues *alg_values,
|
2022-01-11 21:21:18 +01:00
|
|
|
const struct TALER_DenominationPublicKey *denom_pub)
|
2021-11-05 14:18:13 +01:00
|
|
|
{
|
|
|
|
if (bdenom_sig->cipher != denom_pub->cipher)
|
|
|
|
{
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
switch (denom_pub->cipher)
|
|
|
|
{
|
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
denom_sig->details.rsa_signature
|
2021-11-05 22:48:11 +01:00
|
|
|
= GNUNET_CRYPTO_rsa_unblind (
|
2021-11-05 14:18:13 +01:00
|
|
|
bdenom_sig->details.blinded_rsa_signature,
|
2021-11-05 22:22:47 +01:00
|
|
|
&bks->rsa_bks,
|
2021-11-05 14:18:13 +01:00
|
|
|
denom_pub->details.rsa_public_key);
|
|
|
|
if (NULL == denom_sig->details.rsa_signature)
|
|
|
|
{
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
denom_sig->cipher = TALER_DENOMINATION_RSA;
|
|
|
|
return GNUNET_OK;
|
2021-12-23 12:36:04 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
{
|
|
|
|
struct GNUNET_CRYPTO_CsBlindingSecret bs[2];
|
2022-02-09 10:49:10 +01:00
|
|
|
struct GNUNET_CRYPTO_CsC c[2];
|
|
|
|
struct TALER_DenominationCSPublicRPairP r_pub_blind;
|
2021-12-23 12:36:04 +01:00
|
|
|
|
2022-02-09 10:11:40 +01:00
|
|
|
GNUNET_CRYPTO_cs_blinding_secrets_derive (&bks->nonce,
|
|
|
|
bs);
|
2022-02-09 10:49:10 +01:00
|
|
|
GNUNET_CRYPTO_cs_calc_blinded_c (
|
|
|
|
bs,
|
2022-02-11 11:55:59 +01:00
|
|
|
alg_values->details.cs_values.r_pub,
|
2022-02-09 10:49:10 +01:00
|
|
|
&denom_pub->details.cs_public_key,
|
|
|
|
&c_hash->hash,
|
|
|
|
sizeof(struct GNUNET_HashCode),
|
|
|
|
c,
|
|
|
|
r_pub_blind.r_pub);
|
|
|
|
denom_sig->details.cs_signature.r_point
|
|
|
|
= r_pub_blind.r_pub[bdenom_sig->details.blinded_cs_answer.b];
|
2021-12-23 12:36:04 +01:00
|
|
|
GNUNET_CRYPTO_cs_unblind (&bdenom_sig->details.blinded_cs_answer.s_scalar,
|
|
|
|
&bs[bdenom_sig->details.blinded_cs_answer.b],
|
2021-12-27 16:21:26 +01:00
|
|
|
&denom_sig->details.cs_signature.s_scalar);
|
2021-12-23 12:36:04 +01:00
|
|
|
denom_sig->cipher = TALER_DENOMINATION_CS;
|
|
|
|
return GNUNET_OK;
|
|
|
|
}
|
2021-11-05 14:18:13 +01:00
|
|
|
default:
|
|
|
|
GNUNET_break (0);
|
|
|
|
}
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-11-17 23:02:05 +01:00
|
|
|
/**
|
|
|
|
* Hash @a rsa.
|
|
|
|
*
|
|
|
|
* @param rsa key to hash
|
|
|
|
* @param[out] h_rsa where to write the result
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
TALER_rsa_pub_hash (const struct GNUNET_CRYPTO_RsaPublicKey *rsa,
|
|
|
|
struct TALER_RsaPubHashP *h_rsa)
|
|
|
|
{
|
|
|
|
GNUNET_CRYPTO_rsa_public_key_hash (rsa,
|
|
|
|
&h_rsa->hash);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2022-01-03 14:38:59 +01:00
|
|
|
/**
|
|
|
|
* Hash @a cs. key
|
|
|
|
*
|
|
|
|
* @param cs key to hash
|
|
|
|
* @param[out] h_cs where to write the result
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
TALER_cs_pub_hash (const struct GNUNET_CRYPTO_CsPublicKey *cs,
|
|
|
|
struct TALER_CsPubHashP *h_cs)
|
|
|
|
{
|
|
|
|
GNUNET_CRYPTO_hash (cs,
|
|
|
|
sizeof(*cs),
|
|
|
|
&h_cs->hash);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-22 23:39:19 +02:00
|
|
|
void
|
|
|
|
TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub,
|
|
|
|
struct TALER_DenominationHash *denom_hash)
|
|
|
|
{
|
|
|
|
uint32_t opt[2] = {
|
2021-11-10 17:25:11 +01:00
|
|
|
htonl (denom_pub->age_mask.mask),
|
2021-10-22 23:39:19 +02:00
|
|
|
htonl ((uint32_t) denom_pub->cipher)
|
|
|
|
};
|
|
|
|
|
|
|
|
struct GNUNET_HashContext *hc;
|
|
|
|
hc = GNUNET_CRYPTO_hash_context_start ();
|
|
|
|
GNUNET_CRYPTO_hash_context_read (hc,
|
|
|
|
opt,
|
|
|
|
sizeof (opt));
|
|
|
|
switch (denom_pub->cipher)
|
|
|
|
{
|
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
{
|
|
|
|
void *buf;
|
|
|
|
size_t blen;
|
|
|
|
|
|
|
|
blen = GNUNET_CRYPTO_rsa_public_key_encode (
|
|
|
|
denom_pub->details.rsa_public_key,
|
|
|
|
&buf);
|
|
|
|
GNUNET_CRYPTO_hash_context_read (hc,
|
|
|
|
buf,
|
|
|
|
blen);
|
|
|
|
GNUNET_free (buf);
|
|
|
|
}
|
|
|
|
break;
|
2021-12-22 11:45:22 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
GNUNET_CRYPTO_hash_context_read (hc,
|
|
|
|
&denom_pub->details.cs_public_key,
|
|
|
|
sizeof(denom_pub->details.cs_public_key));
|
2021-12-22 16:55:34 +01:00
|
|
|
break;
|
2021-10-22 23:39:19 +02:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
GNUNET_CRYPTO_hash_context_finish (hc,
|
|
|
|
&denom_hash->hash);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
TALER_denom_priv_to_pub (const struct TALER_DenominationPrivateKey *denom_priv,
|
2021-11-10 17:25:11 +01:00
|
|
|
const struct TALER_AgeMask age_mask,
|
2021-10-22 23:39:19 +02:00
|
|
|
struct TALER_DenominationPublicKey *denom_pub)
|
|
|
|
{
|
|
|
|
switch (denom_priv->cipher)
|
|
|
|
{
|
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
denom_pub->cipher = TALER_DENOMINATION_RSA;
|
|
|
|
denom_pub->age_mask = age_mask;
|
|
|
|
denom_pub->details.rsa_public_key
|
|
|
|
= GNUNET_CRYPTO_rsa_private_key_get_public (
|
|
|
|
denom_priv->details.rsa_private_key);
|
|
|
|
return;
|
2021-12-27 20:02:54 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
denom_pub->cipher = TALER_DENOMINATION_CS;
|
|
|
|
denom_pub->age_mask = age_mask;
|
|
|
|
GNUNET_CRYPTO_cs_private_key_get_public (
|
|
|
|
&denom_priv->details.cs_private_key,
|
|
|
|
&denom_pub->details.cs_public_key);
|
|
|
|
return;
|
2021-10-22 23:39:19 +02:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-11-05 23:01:21 +01:00
|
|
|
enum GNUNET_GenericReturnValue
|
2022-02-07 12:33:35 +01:00
|
|
|
TALER_denom_blind (
|
|
|
|
const struct TALER_DenominationPublicKey *dk,
|
|
|
|
const union TALER_DenominationBlindingKeyP *coin_bks,
|
|
|
|
const struct TALER_AgeHash *age_commitment_hash,
|
|
|
|
const struct TALER_CoinSpendPublicKeyP *coin_pub,
|
|
|
|
const struct TALER_ExchangeWithdrawValues *alg_values,
|
|
|
|
struct TALER_CoinPubHash *c_hash,
|
|
|
|
struct TALER_BlindedPlanchet *blinded_planchet)
|
2021-11-05 23:01:21 +01:00
|
|
|
{
|
2021-12-17 14:35:10 +01:00
|
|
|
TALER_coin_pub_hash (coin_pub,
|
|
|
|
age_commitment_hash,
|
|
|
|
c_hash);
|
2021-11-05 23:01:21 +01:00
|
|
|
switch (dk->cipher)
|
|
|
|
{
|
|
|
|
case TALER_DENOMINATION_RSA:
|
2021-12-27 20:02:54 +01:00
|
|
|
blinded_planchet->cipher = dk->cipher;
|
2021-11-05 23:01:21 +01:00
|
|
|
if (GNUNET_YES !=
|
2022-02-09 10:11:40 +01:00
|
|
|
GNUNET_CRYPTO_rsa_blind (
|
|
|
|
&c_hash->hash,
|
|
|
|
&coin_bks->rsa_bks,
|
|
|
|
dk->details.rsa_public_key,
|
|
|
|
&blinded_planchet->details.rsa_blinded_planchet.blinded_msg,
|
|
|
|
&blinded_planchet->details.rsa_blinded_planchet.blinded_msg_size))
|
2021-11-05 23:01:21 +01:00
|
|
|
{
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
return GNUNET_OK;
|
2021-12-22 16:55:34 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
{
|
2022-02-07 12:33:35 +01:00
|
|
|
struct TALER_DenominationCSPublicRPairP blinded_r_pub;
|
2021-12-22 16:55:34 +01:00
|
|
|
struct GNUNET_CRYPTO_CsBlindingSecret bs[2];
|
2022-01-11 21:21:18 +01:00
|
|
|
|
2022-02-09 16:43:36 +01:00
|
|
|
blinded_planchet->cipher = TALER_DENOMINATION_CS;
|
2022-02-07 12:33:35 +01:00
|
|
|
GNUNET_CRYPTO_cs_blinding_secrets_derive (&coin_bks->nonce,
|
|
|
|
bs);
|
|
|
|
GNUNET_CRYPTO_cs_calc_blinded_c (
|
|
|
|
bs,
|
2022-02-11 11:55:59 +01:00
|
|
|
alg_values->details.cs_values.r_pub,
|
2022-02-07 12:33:35 +01:00
|
|
|
&dk->details.cs_public_key,
|
2022-02-09 16:43:36 +01:00
|
|
|
c_hash,
|
|
|
|
sizeof(*c_hash),
|
2022-02-09 10:11:40 +01:00
|
|
|
blinded_planchet->details.cs_blinded_planchet.c,
|
2022-02-07 12:33:35 +01:00
|
|
|
blinded_r_pub.r_pub);
|
2021-12-22 16:55:34 +01:00
|
|
|
return GNUNET_OK;
|
|
|
|
}
|
2021-11-05 23:01:21 +01:00
|
|
|
default:
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-22 23:39:19 +02:00
|
|
|
enum GNUNET_GenericReturnValue
|
|
|
|
TALER_denom_pub_verify (const struct TALER_DenominationPublicKey *denom_pub,
|
|
|
|
const struct TALER_DenominationSignature *denom_sig,
|
|
|
|
const struct TALER_CoinPubHash *c_hash)
|
|
|
|
{
|
|
|
|
if (denom_pub->cipher != denom_sig->cipher)
|
|
|
|
{
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_SYSERR;
|
|
|
|
}
|
|
|
|
switch (denom_pub->cipher)
|
|
|
|
{
|
2021-11-01 23:49:13 +01:00
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
GNUNET_break (0);
|
|
|
|
return GNUNET_NO;
|
2021-10-22 23:39:19 +02:00
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
if (GNUNET_OK !=
|
|
|
|
GNUNET_CRYPTO_rsa_verify (&c_hash->hash,
|
|
|
|
denom_sig->details.rsa_signature,
|
|
|
|
denom_pub->details.rsa_public_key))
|
|
|
|
{
|
|
|
|
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
|
|
|
|
"Coin signature is invalid\n");
|
|
|
|
return GNUNET_NO;
|
|
|
|
}
|
|
|
|
return GNUNET_YES;
|
2021-12-23 12:36:04 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
if (GNUNET_OK !=
|
|
|
|
GNUNET_CRYPTO_cs_verify (&denom_sig->details.cs_signature,
|
|
|
|
&denom_pub->details.cs_public_key,
|
2021-12-27 16:21:26 +01:00
|
|
|
&c_hash->hash,
|
|
|
|
sizeof(struct GNUNET_HashCode)))
|
2021-12-23 12:36:04 +01:00
|
|
|
{
|
|
|
|
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
|
|
|
|
"Coin signature is invalid\n");
|
|
|
|
return GNUNET_NO;
|
|
|
|
}
|
|
|
|
return GNUNET_YES;
|
2021-10-22 23:39:19 +02:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-23 07:11:23 +02:00
|
|
|
void
|
|
|
|
TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub)
|
|
|
|
{
|
|
|
|
switch (denom_pub->cipher)
|
|
|
|
{
|
2021-11-01 23:49:13 +01:00
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
return;
|
2021-10-23 07:11:23 +02:00
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
if (NULL != denom_pub->details.rsa_public_key)
|
|
|
|
{
|
|
|
|
GNUNET_CRYPTO_rsa_public_key_free (denom_pub->details.rsa_public_key);
|
|
|
|
denom_pub->details.rsa_public_key = NULL;
|
|
|
|
}
|
2021-11-01 23:49:13 +01:00
|
|
|
denom_pub->cipher = TALER_DENOMINATION_INVALID;
|
2021-10-23 07:11:23 +02:00
|
|
|
return;
|
2021-12-17 14:35:10 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
2021-12-27 20:02:54 +01:00
|
|
|
// ATM nothing needs to be freed, but check again after implementation.
|
2021-12-17 14:35:10 +01:00
|
|
|
return;
|
2021-10-23 07:11:23 +02:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
TALER_denom_priv_free (struct TALER_DenominationPrivateKey *denom_priv)
|
|
|
|
{
|
|
|
|
switch (denom_priv->cipher)
|
|
|
|
{
|
2021-11-01 23:49:13 +01:00
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
return;
|
2021-10-23 07:11:23 +02:00
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
if (NULL != denom_priv->details.rsa_private_key)
|
|
|
|
{
|
|
|
|
GNUNET_CRYPTO_rsa_private_key_free (denom_priv->details.rsa_private_key);
|
|
|
|
denom_priv->details.rsa_private_key = NULL;
|
|
|
|
}
|
2021-11-01 23:49:13 +01:00
|
|
|
denom_priv->cipher = TALER_DENOMINATION_INVALID;
|
2021-10-23 07:11:23 +02:00
|
|
|
return;
|
2021-12-17 14:35:10 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
2021-12-27 20:02:54 +01:00
|
|
|
// ATM nothing needs to be freed, but check again after implementation.
|
2021-12-17 14:35:10 +01:00
|
|
|
return;
|
2021-10-23 07:11:23 +02:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig)
|
|
|
|
{
|
|
|
|
switch (denom_sig->cipher)
|
|
|
|
{
|
2021-11-01 23:49:13 +01:00
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
return;
|
2021-10-23 07:11:23 +02:00
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
if (NULL != denom_sig->details.rsa_signature)
|
|
|
|
{
|
|
|
|
GNUNET_CRYPTO_rsa_signature_free (denom_sig->details.rsa_signature);
|
|
|
|
denom_sig->details.rsa_signature = NULL;
|
|
|
|
}
|
2021-11-01 23:49:13 +01:00
|
|
|
denom_sig->cipher = TALER_DENOMINATION_INVALID;
|
2021-10-23 07:11:23 +02:00
|
|
|
return;
|
2021-12-17 14:35:10 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
2021-12-27 20:02:54 +01:00
|
|
|
// ATM nothing needs to be freed, but check again after implementation.
|
2021-12-17 14:35:10 +01:00
|
|
|
return;
|
2021-10-23 07:11:23 +02:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-31 17:56:56 +01:00
|
|
|
void
|
|
|
|
TALER_blinded_denom_sig_free (
|
|
|
|
struct TALER_BlindedDenominationSignature *denom_sig)
|
|
|
|
{
|
|
|
|
switch (denom_sig->cipher)
|
|
|
|
{
|
2021-11-06 16:04:26 +01:00
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
return;
|
2021-10-31 17:56:56 +01:00
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
if (NULL != denom_sig->details.blinded_rsa_signature)
|
|
|
|
{
|
|
|
|
GNUNET_CRYPTO_rsa_signature_free (
|
|
|
|
denom_sig->details.blinded_rsa_signature);
|
|
|
|
denom_sig->details.blinded_rsa_signature = NULL;
|
|
|
|
}
|
2021-11-01 23:49:13 +01:00
|
|
|
denom_sig->cipher = TALER_DENOMINATION_INVALID;
|
2021-10-31 17:56:56 +01:00
|
|
|
return;
|
2021-12-17 14:35:10 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
2021-12-27 20:02:54 +01:00
|
|
|
// ATM nothing needs to be freed, but check again after implementation.
|
2021-12-17 14:35:10 +01:00
|
|
|
return;
|
2021-10-31 17:56:56 +01:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-25 13:54:38 +02:00
|
|
|
/**
|
|
|
|
* Make a (deep) copy of the given @a denom_src to
|
|
|
|
* @a denom_dst.
|
|
|
|
*
|
|
|
|
* @param[out] denom_dst target to copy to
|
|
|
|
* @param denom_str public key to copy
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
TALER_denom_pub_deep_copy (struct TALER_DenominationPublicKey *denom_dst,
|
|
|
|
const struct TALER_DenominationPublicKey *denom_src)
|
|
|
|
{
|
|
|
|
*denom_dst = *denom_src; /* shallow copy */
|
|
|
|
switch (denom_src->cipher)
|
|
|
|
{
|
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
denom_dst->details.rsa_public_key
|
|
|
|
= GNUNET_CRYPTO_rsa_public_key_dup (
|
|
|
|
denom_src->details.rsa_public_key);
|
|
|
|
return;
|
2021-12-27 20:02:54 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
// In Case of CS, the above is already a deep copy *denom_dst = *denom_src;
|
|
|
|
return;
|
2021-10-25 13:54:38 +02:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-26 09:30:54 +02:00
|
|
|
void
|
|
|
|
TALER_denom_sig_deep_copy (struct TALER_DenominationSignature *denom_dst,
|
|
|
|
const struct TALER_DenominationSignature *denom_src)
|
|
|
|
{
|
|
|
|
*denom_dst = *denom_src; /* shallow copy */
|
|
|
|
switch (denom_src->cipher)
|
|
|
|
{
|
2021-11-01 23:49:13 +01:00
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
return;
|
2021-10-26 09:30:54 +02:00
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
denom_dst->details.rsa_signature
|
|
|
|
= GNUNET_CRYPTO_rsa_signature_dup (
|
|
|
|
denom_src->details.rsa_signature);
|
|
|
|
return;
|
2021-12-27 20:02:54 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
// In Case of CS, the above is already a deep copy *denom_dst = *denom_src;
|
|
|
|
return;
|
2021-10-26 09:30:54 +02:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-31 17:56:56 +01:00
|
|
|
void
|
|
|
|
TALER_blinded_denom_sig_deep_copy (
|
|
|
|
struct TALER_BlindedDenominationSignature *denom_dst,
|
|
|
|
const struct TALER_BlindedDenominationSignature *denom_src)
|
|
|
|
{
|
|
|
|
*denom_dst = *denom_src; /* shallow copy */
|
|
|
|
switch (denom_src->cipher)
|
|
|
|
{
|
2021-11-01 23:49:13 +01:00
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
return;
|
2021-10-31 17:56:56 +01:00
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
denom_dst->details.blinded_rsa_signature
|
|
|
|
= GNUNET_CRYPTO_rsa_signature_dup (
|
|
|
|
denom_src->details.blinded_rsa_signature);
|
|
|
|
return;
|
2021-12-27 20:02:54 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
// In Case of CS, the above is already a deep copy *denom_dst = *denom_src;
|
|
|
|
return;
|
2021-10-31 17:56:56 +01:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-25 13:54:38 +02:00
|
|
|
int
|
|
|
|
TALER_denom_pub_cmp (const struct TALER_DenominationPublicKey *denom1,
|
|
|
|
const struct TALER_DenominationPublicKey *denom2)
|
|
|
|
{
|
|
|
|
if (denom1->cipher != denom2->cipher)
|
|
|
|
return (denom1->cipher > denom2->cipher) ? 1 : -1;
|
2021-11-10 17:25:11 +01:00
|
|
|
if (denom1->age_mask.mask != denom2->age_mask.mask)
|
|
|
|
return (denom1->age_mask.mask > denom2->age_mask.mask) ? 1 : -1;
|
2021-10-25 13:54:38 +02:00
|
|
|
switch (denom1->cipher)
|
|
|
|
{
|
2021-11-01 23:49:13 +01:00
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
return 0;
|
2021-10-25 13:54:38 +02:00
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
return GNUNET_CRYPTO_rsa_public_key_cmp (denom1->details.rsa_public_key,
|
|
|
|
denom2->details.rsa_public_key);
|
2021-12-27 20:02:54 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
2022-01-10 22:09:35 +01:00
|
|
|
return GNUNET_memcmp (&denom1->details.cs_public_key,
|
|
|
|
&denom2->details.cs_public_key);
|
2021-10-25 13:54:38 +02:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
return -2;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-27 21:59:04 +02:00
|
|
|
int
|
|
|
|
TALER_denom_sig_cmp (const struct TALER_DenominationSignature *sig1,
|
|
|
|
const struct TALER_DenominationSignature *sig2)
|
|
|
|
{
|
|
|
|
if (sig1->cipher != sig2->cipher)
|
|
|
|
return (sig1->cipher > sig2->cipher) ? 1 : -1;
|
|
|
|
switch (sig1->cipher)
|
|
|
|
{
|
2021-11-01 23:49:13 +01:00
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
return 0;
|
2021-10-27 22:30:04 +02:00
|
|
|
case TALER_DENOMINATION_RSA:
|
2021-10-27 21:59:04 +02:00
|
|
|
return GNUNET_CRYPTO_rsa_signature_cmp (sig1->details.rsa_signature,
|
|
|
|
sig2->details.rsa_signature);
|
2021-12-27 20:02:54 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
2022-01-10 22:09:35 +01:00
|
|
|
return GNUNET_memcmp (&sig1->details.cs_signature,
|
|
|
|
&sig2->details.cs_signature);
|
2021-10-27 21:59:04 +02:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
return -2;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2022-02-07 13:14:25 +01:00
|
|
|
int
|
|
|
|
TALER_blinded_planchet_cmp (
|
|
|
|
const struct TALER_BlindedPlanchet *bp1,
|
|
|
|
const struct TALER_BlindedPlanchet *bp2)
|
|
|
|
{
|
|
|
|
if (bp1->cipher != bp2->cipher)
|
|
|
|
return (bp1->cipher > bp2->cipher) ? 1 : -1;
|
|
|
|
switch (bp1->cipher)
|
|
|
|
{
|
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
return 0;
|
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
if (bp1->details.rsa_blinded_planchet.blinded_msg_size !=
|
|
|
|
bp2->details.rsa_blinded_planchet.blinded_msg_size)
|
|
|
|
return (bp1->details.rsa_blinded_planchet.blinded_msg_size >
|
|
|
|
bp2->details.rsa_blinded_planchet.blinded_msg_size) ? 1 : -1;
|
|
|
|
return memcmp (bp1->details.rsa_blinded_planchet.blinded_msg,
|
|
|
|
bp2->details.rsa_blinded_planchet.blinded_msg,
|
|
|
|
bp1->details.rsa_blinded_planchet.blinded_msg_size);
|
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
return GNUNET_memcmp (&bp1->details.cs_blinded_planchet,
|
|
|
|
&bp2->details.cs_blinded_planchet);
|
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
return -2;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-31 18:12:54 +01:00
|
|
|
int
|
|
|
|
TALER_blinded_denom_sig_cmp (
|
|
|
|
const struct TALER_BlindedDenominationSignature *sig1,
|
|
|
|
const struct TALER_BlindedDenominationSignature *sig2)
|
|
|
|
{
|
|
|
|
if (sig1->cipher != sig2->cipher)
|
|
|
|
return (sig1->cipher > sig2->cipher) ? 1 : -1;
|
|
|
|
switch (sig1->cipher)
|
|
|
|
{
|
2021-11-01 23:49:13 +01:00
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
return 0;
|
2021-10-31 18:12:54 +01:00
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
return GNUNET_CRYPTO_rsa_signature_cmp (sig1->details.blinded_rsa_signature,
|
|
|
|
sig2->details.blinded_rsa_signature);
|
2021-12-27 20:02:54 +01:00
|
|
|
case TALER_DENOMINATION_CS:
|
2022-01-10 22:09:35 +01:00
|
|
|
return GNUNET_memcmp (&sig1->details.blinded_cs_answer,
|
|
|
|
&sig2->details.blinded_cs_answer);
|
2021-10-31 18:12:54 +01:00
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
}
|
|
|
|
return -2;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2022-02-07 13:41:55 +01:00
|
|
|
void
|
|
|
|
TALER_blinded_planchet_hash (const struct TALER_BlindedPlanchet *bp,
|
|
|
|
struct GNUNET_HashContext *hash_context)
|
|
|
|
{
|
|
|
|
uint32_t cipher = htonl (bp->cipher);
|
|
|
|
|
|
|
|
GNUNET_CRYPTO_hash_context_read (hash_context,
|
|
|
|
&cipher,
|
|
|
|
sizeof (cipher));
|
|
|
|
switch (bp->cipher)
|
|
|
|
{
|
|
|
|
case TALER_DENOMINATION_INVALID:
|
|
|
|
break;
|
|
|
|
case TALER_DENOMINATION_RSA:
|
|
|
|
GNUNET_CRYPTO_hash_context_read (
|
|
|
|
hash_context,
|
|
|
|
bp->details.rsa_blinded_planchet.blinded_msg,
|
|
|
|
bp->details.rsa_blinded_planchet.blinded_msg_size);
|
|
|
|
break;
|
|
|
|
case TALER_DENOMINATION_CS:
|
|
|
|
GNUNET_CRYPTO_hash_context_read (
|
|
|
|
hash_context,
|
|
|
|
&bp->details.cs_blinded_planchet,
|
|
|
|
sizeof (bp->details.cs_blinded_planchet));
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
GNUNET_assert (0);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-22 23:39:19 +02:00
|
|
|
/* end of denom.c */
|