taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

abstract denomination keys a bit more

Browse Source
This commit is contained in:
Christian Grothoff 2021-11-05 14:00:10 +01:00
parent 766922f7e9
commit 32da809fd6
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
9 changed files with 188 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/auditor/report-lib.c
View File

@ -151,7 +151,7 @@ add_denomination (
&issue->value); &issue->value);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Tracking denomination `%s' (%s)\n", "Tracking denomination `%s' (%s)\n",
GNUNET_h2s (&issue->denom_hash), GNUNET_h2s (&issue->denom_hash.hash),
TALER_amount2s (&value)); TALER_amount2s (&value));
TALER_amount_ntoh (&value, TALER_amount_ntoh (&value,
&issue->fee_withdraw); &issue->fee_withdraw);

11
src/auditordb/test_auditordb.c
View File

@ -142,12 +142,11 @@ run (void *cls)
RND_BLK (&master_pub); RND_BLK (&master_pub);
RND_BLK (&reserve_pub); RND_BLK (&reserve_pub);
RND_BLK (&rnd_hash); RND_BLK (&rnd_hash);
denom_priv.cipher = TALER_DENOMINATION_RSA; GNUNET_assert (GNUNET_OK ==
denom_priv.details.rsa_private_key = GNUNET_CRYPTO_rsa_private_key_create ( TALER_denom_priv_create (&denom_priv,
1024); &denom_pub,
TALER_denom_priv_to_pub (&denom_priv, TALER_DENOMINATION_RSA,
0, /* age mask */ 1024));
&denom_pub);
TALER_denom_pub_hash (&denom_pub, TALER_denom_pub_hash (&denom_pub,
&denom_pub_hash); &denom_pub_hash);
TALER_denom_priv_free (&denom_priv); TALER_denom_priv_free (&denom_priv);

19
src/benchmark/taler-aggregator-benchmark.c
View File

@ -479,17 +479,16 @@ run (void *cls,
GNUNET_TIME_absolute_add (end, GNUNET_TIME_absolute_add (end,
GNUNET_TIME_UNIT_YEARS)); GNUNET_TIME_UNIT_YEARS));
{ {
struct GNUNET_CRYPTO_RsaPrivateKey *pk; struct TALER_DenominationPrivateKey pk;
struct GNUNET_CRYPTO_RsaPublicKey *pub;
struct GNUNET_HashCode hc; struct GNUNET_HashCode hc;
struct TALER_DenominationPublicKey denom_pub = { struct TALER_DenominationPublicKey denom_pub;
.cipher = TALER_DENOMINATION_RSA
};
RANDOMIZE (&hc); RANDOMIZE (&hc);
pk = GNUNET_CRYPTO_rsa_private_key_create (1024); GNUNET_assert (GNUNET_OK ==
pub = GNUNET_CRYPTO_rsa_private_key_get_public (pk); TALER_denom_priv_create (&pk,
denom_pub.details.rsa_public_key = pub; &denom_pub,
TALER_DENOMINATION_RSA,
1024));
TALER_denom_pub_hash (&denom_pub, TALER_denom_pub_hash (&denom_pub,
&h_denom_pub); &h_denom_pub);
make_amountN (2, 0, &issue.properties.value); make_amountN (2, 0, &issue.properties.value);
@ -510,10 +509,10 @@ run (void *cls,
} }
denom_sig.cipher = TALER_DENOMINATION_RSA; denom_sig.cipher = TALER_DENOMINATION_RSA;
denom_sig.details.rsa_signature denom_sig.details.rsa_signature
= GNUNET_CRYPTO_rsa_sign_fdh (pk, = GNUNET_CRYPTO_rsa_sign_fdh (pk.details.rsa_private_key,
&hc); &hc);
TALER_denom_pub_free (&denom_pub); TALER_denom_pub_free (&denom_pub);
GNUNET_CRYPTO_rsa_private_key_free (pk); TALER_denom_priv_free (&pk);
} }
{ {

13
src/exchangedb/test_exchangedb.c
View File

@ -225,14 +225,11 @@ create_denom_key_pair (unsigned int size,
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue2; struct TALER_EXCHANGEDB_DenominationKeyInformationP issue2;
dkp = GNUNET_new (struct DenomKeyPair); dkp = GNUNET_new (struct DenomKeyPair);
dkp->priv.cipher = TALER_DENOMINATION_RSA; GNUNET_assert (GNUNET_OK ==
dkp->priv.details.rsa_private_key = GNUNET_CRYPTO_rsa_private_key_create ( TALER_denom_priv_create (&dkp->priv,
size); &dkp->pub,
GNUNET_assert (NULL != dkp->priv.details.rsa_private_key); TALER_DENOMINATION_RSA,
TALER_denom_priv_to_pub (&dkp->priv, size));
0, /* age mask */
&dkp->pub);
/* Using memset() as fields like master key and signature /* Using memset() as fields like master key and signature
are not properly initialized for this test. */ are not properly initialized for this test. */
memset (&dki, memset (&dki,

36
src/include/taler_crypto_lib.h
View File

@ -677,6 +677,26 @@ void
TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub); TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub);
/**
* Initialize denomination public-private key pair.
*
* For #TALER_DENOMINATION_RSA, an additional "unsigned int"
* argument with the number of bits for 'n' (e.g. 2048) must
* be passed.
*
* @param[out] denom_priv where to write the private key
* @param[out] deonm_pub where to write the public key
* @param cipher which type of cipher to use
* @param ... cipher-specific parameters
* @return #GNUNET_OK on success, #GNUNET_NO if parameters were invalid
*/
enum GNUNET_GenericReturnValue
TALER_denom_priv_create (struct TALER_DenominationPrivateKey *denom_priv,
struct TALER_DenominationPublicKey *denom_pub,
enum TALER_DenominationCipher cipher,
...);
/** /**
* Free internals of @a denom_priv, but not @a denom_priv itself. * Free internals of @a denom_priv, but not @a denom_priv itself.
* *
@ -695,6 +715,22 @@ void
TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig); TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig);
/**
* Create blinded signature.
*
* @param[out] denom_sig where to write the signature
* @param denom_priv private key to use for signing
* @param blinded_msg message to sign
* @param blinded_msg_size number of bytes in @a blinded_msg
* @return #GNUNET_OK on success
*/
enum GNUNET_GenericReturnValue
TALER_denom_sign_blinded (struct TALER_BlindedDenominationSignature *denom_sig,
const struct TALER_DenominationPrivateKey *denom_priv,
void *blinded_msg,
size_t blinded_msg_size);
/** /**
* Free internals of @a denom_sig, but not @a denom_sig itself. * Free internals of @a denom_sig, but not @a denom_sig itself.
* *

24
src/testing/testing_api_cmd_insert_deposit.c
View File

@ -136,17 +136,17 @@ insert_deposit_run (void *cls,
struct TALER_EXCHANGEDB_Deposit deposit; struct TALER_EXCHANGEDB_Deposit deposit;
struct TALER_MerchantPrivateKeyP merchant_priv; struct TALER_MerchantPrivateKeyP merchant_priv;
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue; struct TALER_EXCHANGEDB_DenominationKeyInformationP issue;
struct TALER_DenominationPublicKey dpk = { struct TALER_DenominationPublicKey dpk;
.cipher = TALER_DENOMINATION_RSA struct TALER_DenominationPrivateKey denom_priv;
};
struct GNUNET_CRYPTO_RsaPrivateKey *denom_priv;
struct GNUNET_HashCode hc; struct GNUNET_HashCode hc;
// prepare and store issue first. // prepare and store issue first.
fake_issue (&issue); fake_issue (&issue);
denom_priv = GNUNET_CRYPTO_rsa_private_key_create (1024); GNUNET_assert (GNUNET_OK ==
dpk.details.rsa_public_key = GNUNET_CRYPTO_rsa_private_key_get_public ( TALER_denom_priv_create (&denom_priv,
denom_priv); &dpk,
TALER_DENOMINATION_RSA,
1024));
TALER_denom_pub_hash (&dpk, TALER_denom_pub_hash (&dpk,
&issue.properties.denom_hash); &issue.properties.denom_hash);
@ -161,6 +161,8 @@ insert_deposit_run (void *cls,
ids->dbc->plugin->commit (ids->dbc->plugin->cls)) ) ids->dbc->plugin->commit (ids->dbc->plugin->cls)) )
{ {
TALER_TESTING_interpreter_fail (is); TALER_TESTING_interpreter_fail (is);
TALER_denom_pub_free (&dpk);
TALER_denom_priv_free (&denom_priv);
return; return;
} }
@ -189,6 +191,8 @@ insert_deposit_run (void *cls,
&deposit.deposit_fee)) ) &deposit.deposit_fee)) )
{ {
TALER_TESTING_interpreter_fail (is); TALER_TESTING_interpreter_fail (is);
TALER_denom_pub_free (&dpk);
TALER_denom_priv_free (&denom_priv);
return; return;
} }
@ -201,7 +205,7 @@ insert_deposit_run (void *cls,
&hc); &hc);
deposit.coin.denom_sig.cipher = TALER_DENOMINATION_RSA; deposit.coin.denom_sig.cipher = TALER_DENOMINATION_RSA;
deposit.coin.denom_sig.details.rsa_signature deposit.coin.denom_sig.details.rsa_signature
= GNUNET_CRYPTO_rsa_sign_fdh (denom_priv, = GNUNET_CRYPTO_rsa_sign_fdh (denom_priv.details.rsa_private_key,
&hc); &hc);
GNUNET_asprintf (&deposit.receiver_wire_account, GNUNET_asprintf (&deposit.receiver_wire_account,
"payto://x-taler-bank/localhost/%s", "payto://x-taler-bank/localhost/%s",
@ -231,13 +235,15 @@ insert_deposit_run (void *cls,
GNUNET_break (0); GNUNET_break (0);
ids->dbc->plugin->rollback (ids->dbc->plugin->cls); ids->dbc->plugin->rollback (ids->dbc->plugin->cls);
GNUNET_free (deposit.receiver_wire_account); GNUNET_free (deposit.receiver_wire_account);
TALER_denom_pub_free (&dpk);
TALER_denom_priv_free (&denom_priv);
TALER_TESTING_interpreter_fail (is); TALER_TESTING_interpreter_fail (is);
return; return;
} }
TALER_denom_sig_free (&deposit.coin.denom_sig); TALER_denom_sig_free (&deposit.coin.denom_sig);
TALER_denom_pub_free (&dpk); TALER_denom_pub_free (&dpk);
GNUNET_CRYPTO_rsa_private_key_free (denom_priv); TALER_denom_priv_free (&denom_priv);
GNUNET_free (deposit.receiver_wire_account); GNUNET_free (deposit.receiver_wire_account);
TALER_TESTING_interpreter_next (is); TALER_TESTING_interpreter_next (is);
} }

87
src/util/denom.c
View File

@ -22,6 +22,93 @@
#include "taler_util.h" #include "taler_util.h"
enum GNUNET_GenericReturnValue
TALER_denom_priv_create (struct TALER_DenominationPrivateKey *denom_priv,
struct TALER_DenominationPublicKey *denom_pub,
enum TALER_DenominationCipher cipher,
...)
{
memset (denom_priv,
0,
sizeof (*denom_priv));
memset (denom_pub,
0,
sizeof (*denom_pub));
switch (cipher)
{
case TALER_DENOMINATION_INVALID:
GNUNET_break (0);
return GNUNET_SYSERR;
case TALER_DENOMINATION_RSA:
{
va_list ap;
unsigned int bits;
va_start (ap, cipher);
bits = va_arg (ap, unsigned int);
va_end (ap);
if (bits < 512)
{
GNUNET_break (0);
return GNUNET_SYSERR;
}
denom_priv->details.rsa_private_key
= GNUNET_CRYPTO_rsa_private_key_create (bits);
}
if (NULL == denom_priv->details.rsa_private_key)
{
GNUNET_break (0);
return GNUNET_SYSERR;
}
denom_pub->details.rsa_public_key
= GNUNET_CRYPTO_rsa_private_key_get_public (
denom_priv->details.rsa_private_key);
denom_priv->cipher = cipher;
denom_pub->cipher = cipher;
return GNUNET_OK;
// TODO: add case for Clause-Schnorr
default:
GNUNET_break (0);
}
return GNUNET_SYSERR;
}
enum GNUNET_GenericReturnValue
TALER_denom_sign_blinded (struct TALER_BlindedDenominationSignature *denom_sig,
const struct TALER_DenominationPrivateKey *denom_priv,
void *blinded_msg,
size_t blinded_msg_size)
{
memset (denom_sig,
0,
sizeof (*denom_sig));
switch (denom_priv->cipher)
{
case TALER_DENOMINATION_INVALID:
GNUNET_break (0);
return GNUNET_SYSERR;
case TALER_DENOMINATION_RSA:
denom_sig->details.blinded_rsa_signature
= GNUNET_CRYPTO_rsa_sign_blinded (
denom_priv->details.rsa_private_key,
blinded_msg,
blinded_msg_size);
if (NULL == denom_sig->details.blinded_rsa_signature)
{
GNUNET_break (0);
return GNUNET_SYSERR;
}
denom_sig->cipher = TALER_DENOMINATION_RSA;
return GNUNET_OK;
// TODO: add case for Clause-Schnorr
default:
GNUNET_break (0);
}
return GNUNET_SYSERR;
}
void void
TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub, TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub,
struct TALER_DenominationHash *denom_hash) struct TALER_DenominationHash *denom_hash)

48
src/util/taler-exchange-secmod-rsa.c
View File

@ -208,10 +208,10 @@ struct WorkItem
struct DenominationKey *dk; struct DenominationKey *dk;
/** /**
* RSA signature over @e blinded_msg using @e dk. Result of doing the * Signature over @e blinded_msg using @e dk. Result of doing the
* work. Initially NULL. * work. Initially zero.
*/ */
struct GNUNET_CRYPTO_RsaSignature *rsa_signature; struct TALER_BlindedDenominationSignature denom_sig;
/** /**
* Coin_ev value to sign. * Coin_ev value to sign.
@ -424,11 +424,11 @@ sign_worker (void *cls)
wi); wi);
work_counter--; work_counter--;
GNUNET_assert (0 == pthread_mutex_unlock (&work_lock)); GNUNET_assert (0 == pthread_mutex_unlock (&work_lock));
wi->rsa_signature GNUNET_break (GNUNET_OK ==
= GNUNET_CRYPTO_rsa_sign_blinded ( TALER_denom_sign_blinded (&wi->denom_sig,
wi->dk->denom_priv.details.rsa_private_key, &wi->dk->denom_priv,
wi->blinded_msg, wi->blinded_msg,
wi->blinded_msg_size); wi->blinded_msg_size));
/* put completed work into done queue */ /* put completed work into done queue */
GNUNET_assert (0 == pthread_mutex_lock (&done_lock)); GNUNET_assert (0 == pthread_mutex_lock (&done_lock));
GNUNET_CONTAINER_DLL_insert (done_head, GNUNET_CONTAINER_DLL_insert (done_head,
@ -495,8 +495,8 @@ static void
free_dk (struct DenominationKey *dk) free_dk (struct DenominationKey *dk)
{ {
GNUNET_free (dk->filename); GNUNET_free (dk->filename);
GNUNET_CRYPTO_rsa_private_key_free (dk->denom_priv.details.rsa_private_key); TALER_denom_priv_free (&dk->denom_priv);
GNUNET_CRYPTO_rsa_public_key_free (dk->denom_pub.details.rsa_public_key); TALER_denom_pub_free (&dk->denom_pub);
GNUNET_free (dk); GNUNET_free (dk);
} }
@ -584,7 +584,7 @@ handle_done (void *cls)
done_tail, done_tail,
wi); wi);
GNUNET_assert (0 == pthread_mutex_unlock (&done_lock)); GNUNET_assert (0 == pthread_mutex_unlock (&done_lock));
if (NULL == wi->rsa_signature) if (TALER_DENOMINATION_INVALID == wi->denom_sig.cipher)
{ {
struct TALER_CRYPTO_SignFailure sf = { struct TALER_CRYPTO_SignFailure sf = {
.header.size = htons (sizeof (sf)), .header.size = htons (sizeof (sf)),
@ -605,10 +605,10 @@ handle_done (void *cls)
size_t buf_size; size_t buf_size;
size_t tsize; size_t tsize;
buf_size = GNUNET_CRYPTO_rsa_signature_encode (wi->rsa_signature, buf_size = GNUNET_CRYPTO_rsa_signature_encode (
wi->denom_sig.details.blinded_rsa_signature,
&buf); &buf);
GNUNET_CRYPTO_rsa_signature_free (wi->rsa_signature); TALER_blinded_denom_sig_free (&wi->denom_sig);
wi->rsa_signature = NULL;
tsize = sizeof (*sr) + buf_size; tsize = sizeof (*sr) + buf_size;
GNUNET_assert (tsize < UINT16_MAX); GNUNET_assert (tsize < UINT16_MAX);
sr = GNUNET_malloc (tsize); sr = GNUNET_malloc (tsize);
@ -844,19 +844,17 @@ setup_key (struct DenominationKey *dk,
size_t buf_size; size_t buf_size;
void *buf; void *buf;
priv.cipher = TALER_DENOMINATION_RSA; if (GNUNET_OK !=
priv.details.rsa_private_key TALER_denom_priv_create (&priv,
= GNUNET_CRYPTO_rsa_private_key_create (denom->rsa_keysize); &pub,
if (NULL == priv.details.rsa_private_key) TALER_DENOMINATION_RSA,
(unsigned int) denom->rsa_keysize))
{ {
GNUNET_break (0); GNUNET_break (0);
GNUNET_SCHEDULER_shutdown (); GNUNET_SCHEDULER_shutdown ();
global_ret = 40; global_ret = 40;
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
TALER_denom_priv_to_pub (&priv,
0 /* FIXME-Oec */,
&pub);
buf_size = GNUNET_CRYPTO_rsa_private_key_encode (priv.details.rsa_private_key, buf_size = GNUNET_CRYPTO_rsa_private_key_encode (priv.details.rsa_private_key,
&buf); &buf);
TALER_denom_pub_hash (&pub, TALER_denom_pub_hash (&pub,
@ -899,8 +897,8 @@ setup_key (struct DenominationKey *dk,
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Duplicate private key created! Terminating.\n"); "Duplicate private key created! Terminating.\n");
GNUNET_CRYPTO_rsa_private_key_free (dk->denom_priv.details.rsa_private_key); TALER_denom_priv_free (&dk->denom_priv);
GNUNET_CRYPTO_rsa_public_key_free (dk->denom_pub.details.rsa_public_key); TALER_denom_pub_free (&dk->denom_pub);
GNUNET_free (dk->filename); GNUNET_free (dk->filename);
GNUNET_free (dk); GNUNET_free (dk);
return GNUNET_SYSERR; return GNUNET_SYSERR;
@ -1261,7 +1259,7 @@ purge_key (struct DenominationKey *dk)
dk->purge = true; dk->purge = true;
return; return;
} }
GNUNET_CRYPTO_rsa_private_key_free (dk->denom_priv.details.rsa_private_key); TALER_denom_priv_free (&dk->denom_priv);
GNUNET_free (dk); GNUNET_free (dk);
} }
@ -1447,8 +1445,8 @@ parse_key (struct Denomination *denom,
"Duplicate private key %s detected in file `%s'. Skipping.\n", "Duplicate private key %s detected in file `%s'. Skipping.\n",
GNUNET_h2s (&dk->h_denom_pub.hash), GNUNET_h2s (&dk->h_denom_pub.hash),
filename); filename);
GNUNET_CRYPTO_rsa_private_key_free (priv.details.rsa_private_key); TALER_denom_priv_free (&priv);
GNUNET_CRYPTO_rsa_public_key_free (pub.details.rsa_public_key); TALER_denom_pub_free (&pub);
GNUNET_free (dk); GNUNET_free (dk);
return; return;
} }

11
src/util/test_crypto.c
View File

@ -92,12 +92,11 @@ test_planchets (void)
struct TALER_FreshCoin coin; struct TALER_FreshCoin coin;
struct TALER_CoinPubHash c_hash; struct TALER_CoinPubHash c_hash;
dk_priv.cipher = TALER_DENOMINATION_RSA; GNUNET_assert (GNUNET_OK ==
dk_priv.details.rsa_private_key TALER_denom_priv_create (&dk_priv,
= GNUNET_CRYPTO_rsa_private_key_create (1024); &dk_pub,
TALER_denom_priv_to_pub (&dk_priv, TALER_DENOMINATION_RSA,
0, 1024));
&dk_pub);
TALER_planchet_setup_random (&ps); TALER_planchet_setup_random (&ps);
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (&dk_pub, TALER_planchet_prepare (&dk_pub,