abstract denomination keys a bit more
This commit is contained in:
Christian Grothoff
parent
766922f7e9
commit
32da809fd6
@ -151,7 +151,7 @@ add_denomination (
|
||||
&issue->value);
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
||||
"Tracking denomination `%s' (%s)\n",
|
||||
GNUNET_h2s (&issue->denom_hash),
|
||||
GNUNET_h2s (&issue->denom_hash.hash),
|
||||
TALER_amount2s (&value));
|
||||
TALER_amount_ntoh (&value,
|
||||
&issue->fee_withdraw);
|
||||
|
||||
@ -142,12 +142,11 @@ run (void *cls)
|
||||
RND_BLK (&master_pub);
|
||||
RND_BLK (&reserve_pub);
|
||||
RND_BLK (&rnd_hash);
|
||||
denom_priv.cipher = TALER_DENOMINATION_RSA;
|
||||
denom_priv.details.rsa_private_key = GNUNET_CRYPTO_rsa_private_key_create (
|
||||
1024);
|
||||
TALER_denom_priv_to_pub (&denom_priv,
|
||||
0, /* age mask */
|
||||
&denom_pub);
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
TALER_denom_priv_create (&denom_priv,
|
||||
&denom_pub,
|
||||
TALER_DENOMINATION_RSA,
|
||||
1024));
|
||||
TALER_denom_pub_hash (&denom_pub,
|
||||
&denom_pub_hash);
|
||||
TALER_denom_priv_free (&denom_priv);
|
||||
|
||||
@ -479,17 +479,16 @@ run (void *cls,
|
||||
GNUNET_TIME_absolute_add (end,
|
||||
GNUNET_TIME_UNIT_YEARS));
|
||||
{
|
||||
struct GNUNET_CRYPTO_RsaPrivateKey *pk;
|
||||
struct GNUNET_CRYPTO_RsaPublicKey *pub;
|
||||
struct TALER_DenominationPrivateKey pk;
|
||||
struct GNUNET_HashCode hc;
|
||||
struct TALER_DenominationPublicKey denom_pub = {
|
||||
.cipher = TALER_DENOMINATION_RSA
|
||||
};
|
||||
struct TALER_DenominationPublicKey denom_pub;
|
||||
|
||||
RANDOMIZE (&hc);
|
||||
pk = GNUNET_CRYPTO_rsa_private_key_create (1024);
|
||||
pub = GNUNET_CRYPTO_rsa_private_key_get_public (pk);
|
||||
denom_pub.details.rsa_public_key = pub;
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
TALER_denom_priv_create (&pk,
|
||||
&denom_pub,
|
||||
TALER_DENOMINATION_RSA,
|
||||
1024));
|
||||
TALER_denom_pub_hash (&denom_pub,
|
||||
&h_denom_pub);
|
||||
make_amountN (2, 0, &issue.properties.value);
|
||||
@ -510,10 +509,10 @@ run (void *cls,
|
||||
}
|
||||
denom_sig.cipher = TALER_DENOMINATION_RSA;
|
||||
denom_sig.details.rsa_signature
|
||||
= GNUNET_CRYPTO_rsa_sign_fdh (pk,
|
||||
= GNUNET_CRYPTO_rsa_sign_fdh (pk.details.rsa_private_key,
|
||||
&hc);
|
||||
TALER_denom_pub_free (&denom_pub);
|
||||
GNUNET_CRYPTO_rsa_private_key_free (pk);
|
||||
TALER_denom_priv_free (&pk);
|
||||
}
|
||||
|
||||
{
|
||||
|
||||
@ -225,14 +225,11 @@ create_denom_key_pair (unsigned int size,
|
||||
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue2;
|
||||
|
||||
dkp = GNUNET_new (struct DenomKeyPair);
|
||||
dkp->priv.cipher = TALER_DENOMINATION_RSA;
|
||||
dkp->priv.details.rsa_private_key = GNUNET_CRYPTO_rsa_private_key_create (
|
||||
size);
|
||||
GNUNET_assert (NULL != dkp->priv.details.rsa_private_key);
|
||||
TALER_denom_priv_to_pub (&dkp->priv,
|
||||
0, /* age mask */
|
||||
&dkp->pub);
|
||||
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
TALER_denom_priv_create (&dkp->priv,
|
||||
&dkp->pub,
|
||||
TALER_DENOMINATION_RSA,
|
||||
size));
|
||||
/* Using memset() as fields like master key and signature
|
||||
are not properly initialized for this test. */
|
||||
memset (&dki,
|
||||
|
||||
@ -677,6 +677,26 @@ void
|
||||
TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub);
|
||||
|
||||
|
||||
/**
|
||||
* Initialize denomination public-private key pair.
|
||||
*
|
||||
* For #TALER_DENOMINATION_RSA, an additional "unsigned int"
|
||||
* argument with the number of bits for 'n' (e.g. 2048) must
|
||||
* be passed.
|
||||
*
|
||||
* @param[out] denom_priv where to write the private key
|
||||
* @param[out] deonm_pub where to write the public key
|
||||
* @param cipher which type of cipher to use
|
||||
* @param ... cipher-specific parameters
|
||||
* @return #GNUNET_OK on success, #GNUNET_NO if parameters were invalid
|
||||
*/
|
||||
enum GNUNET_GenericReturnValue
|
||||
TALER_denom_priv_create (struct TALER_DenominationPrivateKey *denom_priv,
|
||||
struct TALER_DenominationPublicKey *denom_pub,
|
||||
enum TALER_DenominationCipher cipher,
|
||||
...);
|
||||
|
||||
|
||||
/**
|
||||
* Free internals of @a denom_priv, but not @a denom_priv itself.
|
||||
*
|
||||
@ -695,6 +715,22 @@ void
|
||||
TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig);
|
||||
|
||||
|
||||
/**
|
||||
* Create blinded signature.
|
||||
*
|
||||
* @param[out] denom_sig where to write the signature
|
||||
* @param denom_priv private key to use for signing
|
||||
* @param blinded_msg message to sign
|
||||
* @param blinded_msg_size number of bytes in @a blinded_msg
|
||||
* @return #GNUNET_OK on success
|
||||
*/
|
||||
enum GNUNET_GenericReturnValue
|
||||
TALER_denom_sign_blinded (struct TALER_BlindedDenominationSignature *denom_sig,
|
||||
const struct TALER_DenominationPrivateKey *denom_priv,
|
||||
void *blinded_msg,
|
||||
size_t blinded_msg_size);
|
||||
|
||||
|
||||
/**
|
||||
* Free internals of @a denom_sig, but not @a denom_sig itself.
|
||||
*
|
||||
|
||||
@ -136,17 +136,17 @@ insert_deposit_run (void *cls,
|
||||
struct TALER_EXCHANGEDB_Deposit deposit;
|
||||
struct TALER_MerchantPrivateKeyP merchant_priv;
|
||||
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue;
|
||||
struct TALER_DenominationPublicKey dpk = {
|
||||
.cipher = TALER_DENOMINATION_RSA
|
||||
};
|
||||
struct GNUNET_CRYPTO_RsaPrivateKey *denom_priv;
|
||||
struct TALER_DenominationPublicKey dpk;
|
||||
struct TALER_DenominationPrivateKey denom_priv;
|
||||
struct GNUNET_HashCode hc;
|
||||
|
||||
// prepare and store issue first.
|
||||
fake_issue (&issue);
|
||||
denom_priv = GNUNET_CRYPTO_rsa_private_key_create (1024);
|
||||
dpk.details.rsa_public_key = GNUNET_CRYPTO_rsa_private_key_get_public (
|
||||
denom_priv);
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
TALER_denom_priv_create (&denom_priv,
|
||||
&dpk,
|
||||
TALER_DENOMINATION_RSA,
|
||||
1024));
|
||||
TALER_denom_pub_hash (&dpk,
|
||||
&issue.properties.denom_hash);
|
||||
|
||||
@ -161,6 +161,8 @@ insert_deposit_run (void *cls,
|
||||
ids->dbc->plugin->commit (ids->dbc->plugin->cls)) )
|
||||
{
|
||||
TALER_TESTING_interpreter_fail (is);
|
||||
TALER_denom_pub_free (&dpk);
|
||||
TALER_denom_priv_free (&denom_priv);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -189,6 +191,8 @@ insert_deposit_run (void *cls,
|
||||
&deposit.deposit_fee)) )
|
||||
{
|
||||
TALER_TESTING_interpreter_fail (is);
|
||||
TALER_denom_pub_free (&dpk);
|
||||
TALER_denom_priv_free (&denom_priv);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -201,7 +205,7 @@ insert_deposit_run (void *cls,
|
||||
&hc);
|
||||
deposit.coin.denom_sig.cipher = TALER_DENOMINATION_RSA;
|
||||
deposit.coin.denom_sig.details.rsa_signature
|
||||
= GNUNET_CRYPTO_rsa_sign_fdh (denom_priv,
|
||||
= GNUNET_CRYPTO_rsa_sign_fdh (denom_priv.details.rsa_private_key,
|
||||
&hc);
|
||||
GNUNET_asprintf (&deposit.receiver_wire_account,
|
||||
"payto://x-taler-bank/localhost/%s",
|
||||
@ -231,13 +235,15 @@ insert_deposit_run (void *cls,
|
||||
GNUNET_break (0);
|
||||
ids->dbc->plugin->rollback (ids->dbc->plugin->cls);
|
||||
GNUNET_free (deposit.receiver_wire_account);
|
||||
TALER_denom_pub_free (&dpk);
|
||||
TALER_denom_priv_free (&denom_priv);
|
||||
TALER_TESTING_interpreter_fail (is);
|
||||
return;
|
||||
}
|
||||
|
||||
TALER_denom_sig_free (&deposit.coin.denom_sig);
|
||||
TALER_denom_pub_free (&dpk);
|
||||
GNUNET_CRYPTO_rsa_private_key_free (denom_priv);
|
||||
TALER_denom_priv_free (&denom_priv);
|
||||
GNUNET_free (deposit.receiver_wire_account);
|
||||
TALER_TESTING_interpreter_next (is);
|
||||
}
|
||||
|
||||
@ -22,6 +22,93 @@
|
||||
#include "taler_util.h"
|
||||
|
||||
|
||||
enum GNUNET_GenericReturnValue
|
||||
TALER_denom_priv_create (struct TALER_DenominationPrivateKey *denom_priv,
|
||||
struct TALER_DenominationPublicKey *denom_pub,
|
||||
enum TALER_DenominationCipher cipher,
|
||||
...)
|
||||
{
|
||||
memset (denom_priv,
|
||||
0,
|
||||
sizeof (*denom_priv));
|
||||
memset (denom_pub,
|
||||
0,
|
||||
sizeof (*denom_pub));
|
||||
switch (cipher)
|
||||
{
|
||||
case TALER_DENOMINATION_INVALID:
|
||||
GNUNET_break (0);
|
||||
return GNUNET_SYSERR;
|
||||
case TALER_DENOMINATION_RSA:
|
||||
{
|
||||
va_list ap;
|
||||
unsigned int bits;
|
||||
|
||||
va_start (ap, cipher);
|
||||
bits = va_arg (ap, unsigned int);
|
||||
va_end (ap);
|
||||
if (bits < 512)
|
||||
{
|
||||
GNUNET_break (0);
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
denom_priv->details.rsa_private_key
|
||||
= GNUNET_CRYPTO_rsa_private_key_create (bits);
|
||||
}
|
||||
if (NULL == denom_priv->details.rsa_private_key)
|
||||
{
|
||||
GNUNET_break (0);
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
denom_pub->details.rsa_public_key
|
||||
= GNUNET_CRYPTO_rsa_private_key_get_public (
|
||||
denom_priv->details.rsa_private_key);
|
||||
denom_priv->cipher = cipher;
|
||||
denom_pub->cipher = cipher;
|
||||
return GNUNET_OK;
|
||||
// TODO: add case for Clause-Schnorr
|
||||
default:
|
||||
GNUNET_break (0);
|
||||
}
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
|
||||
|
||||
enum GNUNET_GenericReturnValue
|
||||
TALER_denom_sign_blinded (struct TALER_BlindedDenominationSignature *denom_sig,
|
||||
const struct TALER_DenominationPrivateKey *denom_priv,
|
||||
void *blinded_msg,
|
||||
size_t blinded_msg_size)
|
||||
{
|
||||
memset (denom_sig,
|
||||
0,
|
||||
sizeof (*denom_sig));
|
||||
switch (denom_priv->cipher)
|
||||
{
|
||||
case TALER_DENOMINATION_INVALID:
|
||||
GNUNET_break (0);
|
||||
return GNUNET_SYSERR;
|
||||
case TALER_DENOMINATION_RSA:
|
||||
denom_sig->details.blinded_rsa_signature
|
||||
= GNUNET_CRYPTO_rsa_sign_blinded (
|
||||
denom_priv->details.rsa_private_key,
|
||||
blinded_msg,
|
||||
blinded_msg_size);
|
||||
if (NULL == denom_sig->details.blinded_rsa_signature)
|
||||
{
|
||||
GNUNET_break (0);
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
denom_sig->cipher = TALER_DENOMINATION_RSA;
|
||||
return GNUNET_OK;
|
||||
// TODO: add case for Clause-Schnorr
|
||||
default:
|
||||
GNUNET_break (0);
|
||||
}
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub,
|
||||
struct TALER_DenominationHash *denom_hash)
|
||||
|
||||
@ -208,10 +208,10 @@ struct WorkItem
|
||||
struct DenominationKey *dk;
|
||||
|
||||
/**
|
||||
* RSA signature over @e blinded_msg using @e dk. Result of doing the
|
||||
* work. Initially NULL.
|
||||
* Signature over @e blinded_msg using @e dk. Result of doing the
|
||||
* work. Initially zero.
|
||||
*/
|
||||
struct GNUNET_CRYPTO_RsaSignature *rsa_signature;
|
||||
struct TALER_BlindedDenominationSignature denom_sig;
|
||||
|
||||
/**
|
||||
* Coin_ev value to sign.
|
||||
@ -424,11 +424,11 @@ sign_worker (void *cls)
|
||||
wi);
|
||||
work_counter--;
|
||||
GNUNET_assert (0 == pthread_mutex_unlock (&work_lock));
|
||||
wi->rsa_signature
|
||||
= GNUNET_CRYPTO_rsa_sign_blinded (
|
||||
wi->dk->denom_priv.details.rsa_private_key,
|
||||
wi->blinded_msg,
|
||||
wi->blinded_msg_size);
|
||||
GNUNET_break (GNUNET_OK ==
|
||||
TALER_denom_sign_blinded (&wi->denom_sig,
|
||||
&wi->dk->denom_priv,
|
||||
wi->blinded_msg,
|
||||
wi->blinded_msg_size));
|
||||
/* put completed work into done queue */
|
||||
GNUNET_assert (0 == pthread_mutex_lock (&done_lock));
|
||||
GNUNET_CONTAINER_DLL_insert (done_head,
|
||||
@ -495,8 +495,8 @@ static void
|
||||
free_dk (struct DenominationKey *dk)
|
||||
{
|
||||
GNUNET_free (dk->filename);
|
||||
GNUNET_CRYPTO_rsa_private_key_free (dk->denom_priv.details.rsa_private_key);
|
||||
GNUNET_CRYPTO_rsa_public_key_free (dk->denom_pub.details.rsa_public_key);
|
||||
TALER_denom_priv_free (&dk->denom_priv);
|
||||
TALER_denom_pub_free (&dk->denom_pub);
|
||||
GNUNET_free (dk);
|
||||
}
|
||||
|
||||
@ -584,7 +584,7 @@ handle_done (void *cls)
|
||||
done_tail,
|
||||
wi);
|
||||
GNUNET_assert (0 == pthread_mutex_unlock (&done_lock));
|
||||
if (NULL == wi->rsa_signature)
|
||||
if (TALER_DENOMINATION_INVALID == wi->denom_sig.cipher)
|
||||
{
|
||||
struct TALER_CRYPTO_SignFailure sf = {
|
||||
.header.size = htons (sizeof (sf)),
|
||||
@ -605,10 +605,10 @@ handle_done (void *cls)
|
||||
size_t buf_size;
|
||||
size_t tsize;
|
||||
|
||||
buf_size = GNUNET_CRYPTO_rsa_signature_encode (wi->rsa_signature,
|
||||
&buf);
|
||||
GNUNET_CRYPTO_rsa_signature_free (wi->rsa_signature);
|
||||
wi->rsa_signature = NULL;
|
||||
buf_size = GNUNET_CRYPTO_rsa_signature_encode (
|
||||
wi->denom_sig.details.blinded_rsa_signature,
|
||||
&buf);
|
||||
TALER_blinded_denom_sig_free (&wi->denom_sig);
|
||||
tsize = sizeof (*sr) + buf_size;
|
||||
GNUNET_assert (tsize < UINT16_MAX);
|
||||
sr = GNUNET_malloc (tsize);
|
||||
@ -844,19 +844,17 @@ setup_key (struct DenominationKey *dk,
|
||||
size_t buf_size;
|
||||
void *buf;
|
||||
|
||||
priv.cipher = TALER_DENOMINATION_RSA;
|
||||
priv.details.rsa_private_key
|
||||
= GNUNET_CRYPTO_rsa_private_key_create (denom->rsa_keysize);
|
||||
if (NULL == priv.details.rsa_private_key)
|
||||
if (GNUNET_OK !=
|
||||
TALER_denom_priv_create (&priv,
|
||||
&pub,
|
||||
TALER_DENOMINATION_RSA,
|
||||
(unsigned int) denom->rsa_keysize))
|
||||
{
|
||||
GNUNET_break (0);
|
||||
GNUNET_SCHEDULER_shutdown ();
|
||||
global_ret = 40;
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
TALER_denom_priv_to_pub (&priv,
|
||||
0 /* FIXME-Oec */,
|
||||
&pub);
|
||||
buf_size = GNUNET_CRYPTO_rsa_private_key_encode (priv.details.rsa_private_key,
|
||||
&buf);
|
||||
TALER_denom_pub_hash (&pub,
|
||||
@ -899,8 +897,8 @@ setup_key (struct DenominationKey *dk,
|
||||
{
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
||||
"Duplicate private key created! Terminating.\n");
|
||||
GNUNET_CRYPTO_rsa_private_key_free (dk->denom_priv.details.rsa_private_key);
|
||||
GNUNET_CRYPTO_rsa_public_key_free (dk->denom_pub.details.rsa_public_key);
|
||||
TALER_denom_priv_free (&dk->denom_priv);
|
||||
TALER_denom_pub_free (&dk->denom_pub);
|
||||
GNUNET_free (dk->filename);
|
||||
GNUNET_free (dk);
|
||||
return GNUNET_SYSERR;
|
||||
@ -1261,7 +1259,7 @@ purge_key (struct DenominationKey *dk)
|
||||
dk->purge = true;
|
||||
return;
|
||||
}
|
||||
GNUNET_CRYPTO_rsa_private_key_free (dk->denom_priv.details.rsa_private_key);
|
||||
TALER_denom_priv_free (&dk->denom_priv);
|
||||
GNUNET_free (dk);
|
||||
}
|
||||
|
||||
@ -1447,8 +1445,8 @@ parse_key (struct Denomination *denom,
|
||||
"Duplicate private key %s detected in file `%s'. Skipping.\n",
|
||||
GNUNET_h2s (&dk->h_denom_pub.hash),
|
||||
filename);
|
||||
GNUNET_CRYPTO_rsa_private_key_free (priv.details.rsa_private_key);
|
||||
GNUNET_CRYPTO_rsa_public_key_free (pub.details.rsa_public_key);
|
||||
TALER_denom_priv_free (&priv);
|
||||
TALER_denom_pub_free (&pub);
|
||||
GNUNET_free (dk);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -92,12 +92,11 @@ test_planchets (void)
|
||||
struct TALER_FreshCoin coin;
|
||||
struct TALER_CoinPubHash c_hash;
|
||||
|
||||
dk_priv.cipher = TALER_DENOMINATION_RSA;
|
||||
dk_priv.details.rsa_private_key
|
||||
= GNUNET_CRYPTO_rsa_private_key_create (1024);
|
||||
TALER_denom_priv_to_pub (&dk_priv,
|
||||
0,
|
||||
&dk_pub);
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
TALER_denom_priv_create (&dk_priv,
|
||||
&dk_pub,
|
||||
TALER_DENOMINATION_RSA,
|
||||
1024));
|
||||
TALER_planchet_setup_random (&ps);
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
TALER_planchet_prepare (&dk_pub,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user