taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

refactoring

Browse Source
This commit is contained in:
Gian Demarmels 2022-01-11 21:21:18 +01:00
parent daa7fdcfb1
commit 5b7e8f9ac5
No known key found for this signature in database
GPG Key ID: 030CEDDCCC92D778
18 changed files with 202 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/benchmark/taler-aggregator-benchmark.c
View File

@ -519,12 +519,13 @@ run (void *cls,
} }
TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA, NULL);
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_denom_blind (&denom_pub, TALER_denom_blind (&denom_pub,
&ps.blinding_key, &ps.blinding_key,
NULL, /* FIXME-oec */ NULL, /* FIXME-oec */
&coin_pub, &coin_pub,
NULL, /* Not needed in RSA */
&c_hash, &c_hash,
&pd.blinded_planchet)); &pd.blinded_planchet));
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==

1
src/exchange/taler-exchange-httpd_recoup.c
View File

@ -254,6 +254,7 @@ verify_and_execute_recoup (
coin_bks, coin_bks,
NULL, /* FIXME-Oec: TALER_AgeHash * */ NULL, /* FIXME-Oec: TALER_AgeHash * */
&coin->coin_pub, &coin->coin_pub,
NULL, /* in RSA Case not needed*/
&c_hash, &c_hash,
&blinded_planchet)) &blinded_planchet))
{ {

1
src/exchange/taler-exchange-httpd_refreshes_reveal.c
View File

@ -190,6 +190,7 @@ check_commitment (struct RevealContext *rctx,
&ps); &ps);
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (rcd->dk, TALER_planchet_prepare (rcd->dk,
NULL, /* not needed in RSA*/
&ps, &ps,
&c_hash, &c_hash,
&pd)); &pd));

6
src/exchangedb/test_exchangedb.c
View File

@ -578,12 +578,13 @@ test_melting (void)
struct TALER_PlanchetSecretsP ps; struct TALER_PlanchetSecretsP ps;
RND_BLK (&refresh_session.coin.coin_pub); RND_BLK (&refresh_session.coin.coin_pub);
TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA, NULL);
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_denom_blind (&dkp->pub, TALER_denom_blind (&dkp->pub,
&ps.blinding_key, &ps.blinding_key,
NULL, /* FIXME-Oec */ NULL, /* FIXME-Oec */
&refresh_session.coin.coin_pub, &refresh_session.coin.coin_pub,
NULL, /* Not needed in RSA */
&c_hash, &c_hash,
&pd.blinded_planchet)); &pd.blinded_planchet));
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
@ -1713,13 +1714,14 @@ run (void *cls)
GNUNET_free (pd.coin_ev); GNUNET_free (pd.coin_ev);
} }
RND_BLK (&coin_pub); RND_BLK (&coin_pub);
TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA,NULL);
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_denom_blind (&dkp->pub, TALER_denom_blind (&dkp->pub,
&ps.blinding_key, &ps.blinding_key,
NULL, /* FIXME-Oec */ NULL, /* FIXME-Oec */
&coin_pub, &coin_pub,
NULL, /* Not needed in RSA */
&c_hash, &c_hash,
&pd.blinded_planchet)); &pd.blinded_planchet));
TALER_coin_ev_hash ( TALER_coin_ev_hash (

67
src/include/taler_crypto_lib.h
View File

@ -922,6 +922,43 @@ struct TALER_TrackTransferDetails
}; };
/**
* @brief Type of CS Values for withdrawal
*/
struct TALER_ExchangeWithdrawCsValues
{
/**
* (non-blinded) r_pub
*/
struct TALER_DenominationCsPublicR r_pub;
};
/**
* @brief Type of algorithm specific Values for withdrawal
*/
struct TALER_ExchangeWithdrawValues
{
/**
* Type of the signature.
*/
enum TALER_DenominationCipher cipher;
/**
* Details, depending on @e cipher.
*/
union
{
/**
* If we use #TALER_DENOMINATION_CS in @a cipher.
*/
struct TALER_ExchangeWithdrawCsValues cs_values;
} details;
};
/** /**
* Free internals of @a denom_pub, but not @a denom_pub itself. * Free internals of @a denom_pub, but not @a denom_pub itself.
* *
@ -1003,11 +1040,10 @@ TALER_denom_cs_derive_r_public (const struct TALER_WithdrawNonce *nonce,
* @param coin_bks blinding secret to use * @param coin_bks blinding secret to use
* @param age_commitment_hash hash of the age commitment to be used for the coin. NULL if no commitment is made. * @param age_commitment_hash hash of the age commitment to be used for the coin. NULL if no commitment is made.
* @param coin_pub public key of the coin to blind * @param coin_pub public key of the coin to blind
* @param alg_values algorithm specific values to blind the planchet
* @param[out] c_hash resulting hashed coin * @param[out] c_hash resulting hashed coin
* @param[out] coin_ev blinded coin to submit * @param[out] coin_ev blinded coin to submit
* @param[out] coin_ev_size number of bytes in @a coin_ev * @param[out] coin_ev_size number of bytes in @a coin_ev
* @param ... if CS algorithm, r_pub (TALER_DenominationCsPublicR) is needed to blind and
* r_pub_blind (TALER_DenominationCsPublicR) is an additional out parameter.
* @return #GNUNET_OK on success * @return #GNUNET_OK on success
*/ */
enum GNUNET_GenericReturnValue enum GNUNET_GenericReturnValue
@ -1015,9 +1051,9 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk,
const union TALER_DenominationBlindingKeyP *coin_bks, const union TALER_DenominationBlindingKeyP *coin_bks,
const struct TALER_AgeHash *age_commitment_hash, const struct TALER_AgeHash *age_commitment_hash,
const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_ExchangeWithdrawValues *alg_values,
struct TALER_CoinPubHash *c_hash, struct TALER_CoinPubHash *c_hash,
struct TALER_BlindedPlanchet *blinded_planchet, struct TALER_BlindedPlanchet *blinded_planchet);
...);
/** /**
@ -1042,7 +1078,7 @@ TALER_denom_sign_blinded (struct TALER_BlindedDenominationSignature *denom_sig,
* @param bdenom_sig the blinded signature * @param bdenom_sig the blinded signature
* @param bks blinding secret to use * @param bks blinding secret to use
* @param denom_pub public key used for signing * @param denom_pub public key used for signing
* @param ... If CS algorithm, r_pub_blind (TALER_DenominationCsPublicR) is an additional param * @param alg_values algorithm specific values
* @return #GNUNET_OK on success * @return #GNUNET_OK on success
*/ */
enum GNUNET_GenericReturnValue enum GNUNET_GenericReturnValue
@ -1050,8 +1086,7 @@ TALER_denom_sig_unblind (
struct TALER_DenominationSignature *denom_sig, struct TALER_DenominationSignature *denom_sig,
const struct TALER_BlindedDenominationSignature *bdenom_sig, const struct TALER_BlindedDenominationSignature *bdenom_sig,
const union TALER_DenominationBlindingKeyP *bks, const union TALER_DenominationBlindingKeyP *bks,
const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationPublicKey *denom_pub);
...);
/** /**
@ -1249,18 +1284,6 @@ struct TALER_PlanchetSecretsP
* The blinding key. must be 32 byte * The blinding key. must be 32 byte
*/ */
union TALER_DenominationBlindingKeyP blinding_key; union TALER_DenominationBlindingKeyP blinding_key;
// only used in case of CS:
/**
* (non-blinded) r_pub
*/
struct TALER_DenominationCsPublicR cs_r_pub;
/**
* blinded r_pub
*/
struct TALER_DenominationCsPublicR cs_r_pub_blinded;
}; };
@ -1430,7 +1453,9 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps,
*/ */
void void
TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps, TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps,
enum TALER_DenominationCipher cipher); enum TALER_DenominationCipher cipher,
const struct
TALER_ExchangeWithdrawValues *alg_values);
/** /**
* Prepare a planchet for tipping. Creates and blinds a coin. * Prepare a planchet for tipping. Creates and blinds a coin.
@ -1445,6 +1470,7 @@ TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps,
*/ */
enum GNUNET_GenericReturnValue enum GNUNET_GenericReturnValue
TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
const struct TALER_ExchangeWithdrawValues *alg_values,
struct TALER_PlanchetSecretsP *ps, struct TALER_PlanchetSecretsP *ps,
struct TALER_CoinPubHash *c_hash, struct TALER_CoinPubHash *c_hash,
struct TALER_PlanchetDetail *pd); struct TALER_PlanchetDetail *pd);
@ -1467,6 +1493,7 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
TALER_BlindedDenominationSignature *blind_sig, TALER_BlindedDenominationSignature *blind_sig,
const struct TALER_PlanchetSecretsP *ps, const struct TALER_PlanchetSecretsP *ps,
const struct TALER_CoinPubHash *c_hash, const struct TALER_CoinPubHash *c_hash,
const struct TALER_ExchangeWithdrawValues *alg_values,
struct TALER_FreshCoin *coin); struct TALER_FreshCoin *coin);

1
src/lib/exchange_api_link.c
View File

@ -144,6 +144,7 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh,
&old_coin_pub.eddsa_pub); &old_coin_pub.eddsa_pub);
if (GNUNET_OK != if (GNUNET_OK !=
TALER_planchet_prepare (&rpub, TALER_planchet_prepare (&rpub,
NULL, /* not needed in RSA*/
&fc, &fc,
&c_hash, &c_hash,
&pd)) &pd))

1
src/lib/exchange_api_refresh_common.c
View File

@ -432,6 +432,7 @@ TALER_EXCHANGE_refresh_prepare (
fc); fc);
if (GNUNET_OK != if (GNUNET_OK !=
TALER_planchet_prepare (&md.fresh_pks[j], TALER_planchet_prepare (&md.fresh_pks[j],
NULL, /* not needed in RSA*/
fc, fc,
&c_hash, &c_hash,
&pd)) &pd))

2
src/lib/exchange_api_refreshes_reveal.c
View File

@ -175,6 +175,7 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshesRevealHandle *rrh,
&blind_sig, &blind_sig,
fc, fc,
&coin_hash, &coin_hash,
NULL, /* Not needed in RSA case */
&coin)) &coin))
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
@ -358,6 +359,7 @@ TALER_EXCHANGE_refreshes_reveal (
if (GNUNET_OK != if (GNUNET_OK !=
TALER_planchet_prepare (&md->fresh_pks[i], TALER_planchet_prepare (&md->fresh_pks[i],
NULL, /* not needed in RSA*/
&md->fresh_coins[noreveal_index][i], &md->fresh_coins[noreveal_index][i],
&c_hash, &c_hash,
&pd)) &pd))

14
src/lib/exchange_api_withdraw.c
View File

@ -73,6 +73,11 @@ struct TALER_EXCHANGE_WithdrawHandle
*/ */
struct TALER_PlanchetDetail pd; struct TALER_PlanchetDetail pd;
/**
* Values of the @cipher selected
*/
struct TALER_ExchangeWithdrawValues alg_values;
/** /**
* Denomination key we are withdrawing. * Denomination key we are withdrawing.
*/ */
@ -122,6 +127,7 @@ handle_reserve_withdraw_finished (
blind_sig, blind_sig,
&wh->ps, &wh->ps,
&wh->c_hash, &wh->c_hash,
&wh->alg_values,
&fc)) &fc))
{ {
wr.hr.http_status = 0; wr.hr.http_status = 0;
@ -180,11 +186,14 @@ withdraw_cs_stage_two_callback (void *cls,
switch (csrr->hr.http_status) switch (csrr->hr.http_status)
{ {
case MHD_HTTP_OK: case MHD_HTTP_OK:
wh->ps.cs_r_pub = csrr->details.success.r_pubs; wh->alg_values.cipher = TALER_DENOMINATION_CS;
wh->alg_values.details.cs_values.r_pub = csrr->details.success.r_pubs;
TALER_planchet_blinding_secret_create (&wh->ps, TALER_planchet_blinding_secret_create (&wh->ps,
wh->pk.key.cipher); wh->pk.key.cipher,
&wh->alg_values);
if (GNUNET_OK != if (GNUNET_OK !=
TALER_planchet_prepare (&wh->pk.key, TALER_planchet_prepare (&wh->pk.key,
&wh->alg_values,
&wh->ps, &wh->ps,
&wh->c_hash, &wh->c_hash,
&wh->pd)) &wh->pd))
@ -256,6 +265,7 @@ TALER_EXCHANGE_withdraw (
case TALER_DENOMINATION_RSA: case TALER_DENOMINATION_RSA:
if (GNUNET_OK != if (GNUNET_OK !=
TALER_planchet_prepare (&pk->key, TALER_planchet_prepare (&pk->key,
NULL, /* not needed in RSA*/
ps, ps,
&wh->c_hash, &wh->c_hash,
&wh->pd)) &wh->pd))

3
src/testing/testing_api_cmd_insert_deposit.c
View File

@ -203,12 +203,13 @@ insert_deposit_run (void *cls,
struct TALER_BlindedDenominationSignature bds; struct TALER_BlindedDenominationSignature bds;
struct TALER_PlanchetSecretsP ps; struct TALER_PlanchetSecretsP ps;
TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA, NULL);
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_denom_blind (&dpk, TALER_denom_blind (&dpk,
&ps.blinding_key, &ps.blinding_key,
NULL, /* FIXME-Oec */ NULL, /* FIXME-Oec */
&deposit.coin.coin_pub, &deposit.coin.coin_pub,
NULL, /* Not needed in RSA */
&c_hash, &c_hash,
&pd.blinded_planchet)); &pd.blinded_planchet));
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==

39
src/util/crypto.c
View File

@ -209,7 +209,9 @@ TALER_cs_withdraw_nonce_derive (const struct
void void
TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps, TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps,
enum TALER_DenominationCipher cipher) enum TALER_DenominationCipher cipher,
const struct
TALER_ExchangeWithdrawValues *alg_values)
{ {
switch (cipher) switch (cipher)
{ {
@ -225,7 +227,7 @@ TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps,
case TALER_DENOMINATION_CS: case TALER_DENOMINATION_CS:
{ {
cs_blinding_seed_derive (&ps->coin_priv, cs_blinding_seed_derive (&ps->coin_priv,
ps->cs_r_pub.r_pub, alg_values->details.cs_values.r_pub.r_pub,
&ps->blinding_key.nonce); &ps->blinding_key.nonce);
return; return;
} }
@ -253,7 +255,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps,
GNUNET_break (0); GNUNET_break (0);
return; return;
case TALER_DENOMINATION_RSA: case TALER_DENOMINATION_RSA:
TALER_planchet_blinding_secret_create (ps, TALER_DENOMINATION_RSA); TALER_planchet_blinding_secret_create (ps, TALER_DENOMINATION_RSA, NULL);
return; return;
case TALER_DENOMINATION_CS: case TALER_DENOMINATION_CS:
// Will be set in a later stage for Clause Blind Schnorr Scheme // Will be set in a later stage for Clause Blind Schnorr Scheme
@ -266,6 +268,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps,
enum GNUNET_GenericReturnValue enum GNUNET_GenericReturnValue
TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
const struct TALER_ExchangeWithdrawValues *alg_values,
struct TALER_PlanchetSecretsP *ps, struct TALER_PlanchetSecretsP *ps,
struct TALER_CoinPubHash *c_hash, struct TALER_CoinPubHash *c_hash,
struct TALER_PlanchetDetail *pd) struct TALER_PlanchetDetail *pd)
@ -283,6 +286,7 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
&ps->blinding_key, &ps->blinding_key,
NULL, /* FIXME-Oec */ NULL, /* FIXME-Oec */
&coin_pub, &coin_pub,
NULL, /* RSA has no alg Values */
c_hash, c_hash,
&pd->blinded_planchet)) &pd->blinded_planchet))
{ {
@ -296,10 +300,9 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
&ps->blinding_key, &ps->blinding_key,
NULL, /* FIXME-Oec */ NULL, /* FIXME-Oec */
&coin_pub, &coin_pub,
alg_values,
c_hash, c_hash,
&pd->blinded_planchet, &pd->blinded_planchet))
&ps->cs_r_pub,
&ps->cs_r_pub_blinded))
{ {
GNUNET_break (0); GNUNET_break (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
@ -323,11 +326,13 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
TALER_BlindedDenominationSignature *blind_sig, TALER_BlindedDenominationSignature *blind_sig,
const struct TALER_PlanchetSecretsP *ps, const struct TALER_PlanchetSecretsP *ps,
const struct TALER_CoinPubHash *c_hash, const struct TALER_CoinPubHash *c_hash,
const struct TALER_ExchangeWithdrawValues *alg_values,
struct TALER_FreshCoin *coin) struct TALER_FreshCoin *coin)
{ {
struct TALER_DenominationSignature sig; struct TALER_DenominationSignature sig;
if (dk->cipher != blind_sig->cipher) if (dk->cipher != blind_sig->cipher
&& dk->cipher != alg_values->cipher)
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
@ -347,12 +352,28 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
} }
break; break;
case TALER_DENOMINATION_CS: case TALER_DENOMINATION_CS:
struct GNUNET_CRYPTO_CsC c[2];
struct GNUNET_CRYPTO_CsBlindingSecret bs[2];
struct TALER_DenominationCsPublicR r_pub_blind;
GNUNET_CRYPTO_cs_blinding_secrets_derive (&ps->blinding_key.nonce, bs);
GNUNET_CRYPTO_cs_calc_blinded_c (bs,
alg_values->details.cs_values.r_pub.r_pub,
&dk->details.cs_public_key,
&c_hash->hash,
sizeof(struct GNUNET_HashCode),
c,
r_pub_blind.r_pub);
sig.details.cs_signature.r_point
= r_pub_blind.r_pub[blind_sig->details.blinded_cs_answer.b];
if (GNUNET_OK != if (GNUNET_OK !=
TALER_denom_sig_unblind (&sig, TALER_denom_sig_unblind (&sig,
blind_sig, blind_sig,
&ps->blinding_key, &ps->blinding_key,
dk, dk))
&ps->cs_r_pub_blinded))
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;

8
src/util/crypto_helper_cs.c
View File

@ -175,7 +175,6 @@ handle_mt_avail (struct TALER_CRYPTO_CsDenominationHelper *dh,
= (const struct TALER_CRYPTO_CsKeyAvailableNotification *) hdr; = (const struct TALER_CRYPTO_CsKeyAvailableNotification *) hdr;
const char *buf = (const char *) &kan[1]; const char *buf = (const char *) &kan[1];
const char *section_name; const char *section_name;
uint16_t ps;
uint16_t snl; uint16_t snl;
if (sizeof (*kan) > ntohs (hdr->size)) if (sizeof (*kan) > ntohs (hdr->size))
@ -183,9 +182,8 @@ handle_mt_avail (struct TALER_CRYPTO_CsDenominationHelper *dh,
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
ps = ntohs (kan->pub_size);
snl = ntohs (kan->section_name_len); snl = ntohs (kan->section_name_len);
if (ntohs (hdr->size) != sizeof (*kan) + ps + snl) if (ntohs (hdr->size) != sizeof (*kan) + snl)
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
@ -195,7 +193,7 @@ handle_mt_avail (struct TALER_CRYPTO_CsDenominationHelper *dh,
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
section_name = &buf[ps]; section_name = buf;
if ('\0' != section_name[snl - 1]) if ('\0' != section_name[snl - 1])
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
@ -207,8 +205,8 @@ handle_mt_avail (struct TALER_CRYPTO_CsDenominationHelper *dh,
struct TALER_CsPubHashP h_cs; struct TALER_CsPubHashP h_cs;
denom_pub.cipher = TALER_DENOMINATION_CS; denom_pub.cipher = TALER_DENOMINATION_CS;
denom_pub.details.cs_public_key = kan->denom_pub;
memcpy (&denom_pub.details.cs_public_key, buf, ntohs (kan->pub_size));
TALER_cs_pub_hash (&denom_pub.details.cs_public_key, &h_cs); TALER_cs_pub_hash (&denom_pub.details.cs_public_key, &h_cs);
GNUNET_log (GNUNET_ERROR_TYPE_INFO, GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Received CS key %s (%s)\n", "Received CS key %s (%s)\n",

53
src/util/denom.c
View File

@ -170,8 +170,7 @@ TALER_denom_sig_unblind (
struct TALER_DenominationSignature *denom_sig, struct TALER_DenominationSignature *denom_sig,
const struct TALER_BlindedDenominationSignature *bdenom_sig, const struct TALER_BlindedDenominationSignature *bdenom_sig,
const union TALER_DenominationBlindingKeyP *bks, const union TALER_DenominationBlindingKeyP *bks,
const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationPublicKey *denom_pub)
...)
{ {
if (bdenom_sig->cipher != denom_pub->cipher) if (bdenom_sig->cipher != denom_pub->cipher)
{ {
@ -198,25 +197,35 @@ TALER_denom_sig_unblind (
return GNUNET_OK; return GNUNET_OK;
case TALER_DENOMINATION_CS: case TALER_DENOMINATION_CS:
{ {
va_list ap;
va_start (ap, denom_pub);
struct TALER_DenominationCsPublicR *r_pub_blind;
r_pub_blind = va_arg (ap, struct TALER_DenominationCsPublicR *);
struct GNUNET_CRYPTO_CsBlindingSecret bs[2]; struct GNUNET_CRYPTO_CsBlindingSecret bs[2];
// struct TALER_DenominationCsPublicR r_pub_blind;
// struct GNUNET_CRYPTO_CsC c[2];
// struct TALER_CoinPubHash c_hash;
// TALER_coin_pub_hash (coin_pub,
// age_commitment_hash,
// c_hash);
GNUNET_CRYPTO_cs_blinding_secrets_derive (&bks->nonce, bs); GNUNET_CRYPTO_cs_blinding_secrets_derive (&bks->nonce, bs);
// GNUNET_CRYPTO_cs_calc_blinded_c (bs,
// &alg_values->r_pub,
// &denom_pub->details.cs_public_key,
// &c_hash->hash,
// sizeof(struct GNUNET_HashCode),
// c,
// r_pub_blind->r_pub);
GNUNET_CRYPTO_cs_unblind (&bdenom_sig->details.blinded_cs_answer.s_scalar, GNUNET_CRYPTO_cs_unblind (&bdenom_sig->details.blinded_cs_answer.s_scalar,
&bs[bdenom_sig->details.blinded_cs_answer.b], &bs[bdenom_sig->details.blinded_cs_answer.b],
&denom_sig->details.cs_signature.s_scalar); &denom_sig->details.cs_signature.s_scalar);
GNUNET_memcpy (&denom_sig->details.cs_signature.r_point, // GNUNET_memcpy (&denom_sig->details.cs_signature.r_point,
&r_pub_blind->r_pub[bdenom_sig->details.blinded_cs_answer.b // &r_pub_blind.r_pub[bdenom_sig->details.blinded_cs_answer.b
], // ],
sizeof(struct GNUNET_CRYPTO_CsRPublic)); // sizeof(struct GNUNET_CRYPTO_CsRPublic));
denom_sig->cipher = TALER_DENOMINATION_CS; denom_sig->cipher = TALER_DENOMINATION_CS;
va_end (ap);
return GNUNET_OK; return GNUNET_OK;
} }
default: default:
@ -333,9 +342,9 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk,
const union TALER_DenominationBlindingKeyP *coin_bks, const union TALER_DenominationBlindingKeyP *coin_bks,
const struct TALER_AgeHash *age_commitment_hash, const struct TALER_AgeHash *age_commitment_hash,
const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_ExchangeWithdrawValues *alg_values,
struct TALER_CoinPubHash *c_hash, struct TALER_CoinPubHash *c_hash,
struct TALER_BlindedPlanchet *blinded_planchet, struct TALER_BlindedPlanchet *blinded_planchet)
...)
{ {
TALER_coin_pub_hash (coin_pub, TALER_coin_pub_hash (coin_pub,
age_commitment_hash, age_commitment_hash,
@ -361,27 +370,19 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk,
case TALER_DENOMINATION_CS: case TALER_DENOMINATION_CS:
{ {
blinded_planchet->cipher = dk->cipher; blinded_planchet->cipher = dk->cipher;
va_list ap; struct TALER_DenominationCsPublicR blinded_r_pub;
va_start (ap, blinded_planchet);
struct TALER_DenominationCsPublicR *r_pub;
struct TALER_DenominationCsPublicR *blinded_r_pub;
r_pub = va_arg (ap, struct TALER_DenominationCsPublicR *);
blinded_r_pub = va_arg (ap, struct TALER_DenominationCsPublicR *);
struct GNUNET_CRYPTO_CsBlindingSecret bs[2]; struct GNUNET_CRYPTO_CsBlindingSecret bs[2];
GNUNET_CRYPTO_cs_blinding_secrets_derive (&coin_bks->nonce, bs); GNUNET_CRYPTO_cs_blinding_secrets_derive (&coin_bks->nonce, bs);
GNUNET_CRYPTO_cs_calc_blinded_c (bs, GNUNET_CRYPTO_cs_calc_blinded_c (bs,
r_pub->r_pub, alg_values->details.cs_values.r_pub.r_pub,
&dk->details.cs_public_key, &dk->details.cs_public_key,
&c_hash->hash, &c_hash->hash,
sizeof(struct GNUNET_HashCode), sizeof(struct GNUNET_HashCode),
blinded_planchet->details. blinded_planchet->details.
cs_blinded_planchet.c, cs_blinded_planchet.c,
blinded_r_pub->r_pub); blinded_r_pub.r_pub);
va_end (ap);
return GNUNET_OK; return GNUNET_OK;
} }
default: default:

31
src/util/taler-exchange-secmod-cs.c
View File

@ -242,15 +242,15 @@ generate_response (struct DenominationKey *dk)
GNUNET_assert (sizeof(dk->denom_pub) < UINT16_MAX); GNUNET_assert (sizeof(dk->denom_pub) < UINT16_MAX);
GNUNET_assert (nlen < UINT16_MAX); GNUNET_assert (nlen < UINT16_MAX);
tlen = sizeof(dk->denom_pub) + nlen + sizeof (*an); tlen = nlen + sizeof (*an);
GNUNET_assert (tlen < UINT16_MAX); GNUNET_assert (tlen < UINT16_MAX);
an = GNUNET_malloc (tlen); an = GNUNET_malloc (tlen);
an->header.size = htons ((uint16_t) tlen); an->header.size = htons ((uint16_t) tlen);
an->header.type = htons (TALER_HELPER_CS_MT_AVAIL); an->header.type = htons (TALER_HELPER_CS_MT_AVAIL);
an->pub_size = htons ((uint16_t) sizeof(dk->denom_pub));
an->section_name_len = htons ((uint16_t) nlen); an->section_name_len = htons ((uint16_t) nlen);
an->anchor_time = GNUNET_TIME_timestamp_hton (dk->anchor); an->anchor_time = GNUNET_TIME_timestamp_hton (dk->anchor);
an->duration_withdraw = GNUNET_TIME_relative_hton (denom->duration_withdraw); an->duration_withdraw = GNUNET_TIME_relative_hton (denom->duration_withdraw);
an->denom_pub = dk->denom_pub;
TALER_exchange_secmod_cs_sign (&dk->h_cs, TALER_exchange_secmod_cs_sign (&dk->h_cs,
denom->section, denom->section,
dk->anchor, dk->anchor,
@ -260,9 +260,6 @@ generate_response (struct DenominationKey *dk)
an->secm_pub = TES_smpub; an->secm_pub = TES_smpub;
p = (void *) &an[1]; p = (void *) &an[1];
memcpy (p, memcpy (p,
&dk->denom_pub,
sizeof(dk->denom_pub));
memcpy (p + sizeof(dk->denom_pub),
denom->section, denom->section,
nlen); nlen);
dk->an = an; dk->an = an;
@ -1078,8 +1075,7 @@ update_denominations (void *cls)
static void static void
parse_key (struct Denomination *denom, parse_key (struct Denomination *denom,
const char *filename, const char *filename,
const void *buf, const struct GNUNET_CRYPTO_CsPrivateKey *priv)
size_t buf_size)
{ {
char *anchor_s; char *anchor_s;
char dummy; char dummy;
@ -1117,27 +1113,15 @@ parse_key (struct Denomination *denom,
filename); filename);
return; return;
} }
const struct GNUNET_CRYPTO_CsPrivateKey priv
= *((struct GNUNET_CRYPTO_CsPrivateKey *) buf);
// memcpy (&priv, buf, sizeof(priv));
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"privkey %zu\n",
sizeof(priv));
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"privkey %zu\n",
buf_size);
{ {
struct GNUNET_CRYPTO_CsPublicKey pub; struct GNUNET_CRYPTO_CsPublicKey pub;
struct DenominationKey *dk; struct DenominationKey *dk;
struct DenominationKey *before; struct DenominationKey *before;
// TODO: Add check if pubkey is set? // TODO: Add check if pubkey is set?
GNUNET_CRYPTO_cs_private_key_get_public (&priv, &pub); GNUNET_CRYPTO_cs_private_key_get_public (priv, &pub);
dk = GNUNET_new (struct DenominationKey); dk = GNUNET_new (struct DenominationKey);
dk->denom_priv = priv; dk->denom_priv = *priv;
dk->denom = denom; dk->denom = denom;
dk->anchor = anchor; dk->anchor = anchor;
dk->filename = GNUNET_strdup (filename); dk->filename = GNUNET_strdup (filename);
@ -1270,7 +1254,7 @@ import_key (void *cls,
GNUNET_break (0 == close (fd)); GNUNET_break (0 == close (fd));
return GNUNET_OK; return GNUNET_OK;
} }
if (sbuf.st_size > 16 * 1024) if (sbuf.st_size != sizeof(struct GNUNET_CRYPTO_CsPrivateKey))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"File `%s' too big to be a private key\n", "File `%s' too big to be a private key\n",
@ -1292,8 +1276,7 @@ import_key (void *cls,
} }
parse_key (denom, parse_key (denom,
filename, filename,
ptr, (const struct GNUNET_CRYPTO_CsPrivateKey *) ptr);
(size_t) sbuf.st_size);
GNUNET_DISK_file_unmap (map); GNUNET_DISK_file_unmap (map);
GNUNET_DISK_file_close (fh); GNUNET_DISK_file_close (fh);
return GNUNET_OK; return GNUNET_OK;

12
src/util/taler-exchange-secmod-cs.h
View File

@ -51,15 +51,10 @@ struct TALER_CRYPTO_CsKeyAvailableNotification
*/ */
struct GNUNET_MessageHeader header; struct GNUNET_MessageHeader header;
/**
* Number of bytes of the public key.
*/
uint16_t pub_size;
/** /**
* Number of bytes of the section name. * Number of bytes of the section name.
*/ */
uint16_t section_name_len; uint32_t section_name_len;
/** /**
* When does the key become available? * When does the key become available?
@ -82,7 +77,10 @@ struct TALER_CRYPTO_CsKeyAvailableNotification
*/ */
struct TALER_SecurityModuleSignatureP secm_sig; struct TALER_SecurityModuleSignatureP secm_sig;
/* followed by @e pub_size bytes of the CS public key */ /**
* Denomination Public key
*/
struct GNUNET_CRYPTO_CsPublicKey denom_pub;
/* followed by @e section_name bytes of the configuration section name /* followed by @e section_name bytes of the configuration section name
of the denomination of this key */ of the denomination of this key */

10
src/util/test_crypto.c
View File

@ -111,6 +111,7 @@ test_planchets_rsa (void)
TALER_planchet_setup_random (&ps, TALER_DENOMINATION_RSA); TALER_planchet_setup_random (&ps, TALER_DENOMINATION_RSA);
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (&dk_pub, TALER_planchet_prepare (&dk_pub,
NULL, /* not needed in RSA*/
&ps, &ps,
&c_hash, &c_hash,
&pd)); &pd));
@ -123,6 +124,7 @@ test_planchets_rsa (void)
&blind_sig, &blind_sig,
&ps, &ps,
&c_hash, &c_hash,
NULL, /* Not needed in RSA case */
&coin)); &coin));
TALER_blinded_denom_sig_free (&blind_sig); TALER_blinded_denom_sig_free (&blind_sig);
TALER_denom_sig_free (&coin.sig); TALER_denom_sig_free (&coin.sig);
@ -148,6 +150,7 @@ test_planchets_cs (void)
struct TALER_CoinPubHash c_hash; struct TALER_CoinPubHash c_hash;
struct TALER_BlindedDenominationSignature blind_sig; struct TALER_BlindedDenominationSignature blind_sig;
struct TALER_FreshCoin coin; struct TALER_FreshCoin coin;
struct TALER_ExchangeWithdrawValues alg_values;
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_denom_priv_create (&dk_priv, TALER_denom_priv_create (&dk_priv,
@ -162,13 +165,15 @@ test_planchets_cs (void)
TALER_denom_cs_derive_r_public ( TALER_denom_cs_derive_r_public (
&pd.blinded_planchet.details.cs_blinded_planchet.nonce, &pd.blinded_planchet.details.cs_blinded_planchet.nonce,
&dk_priv, &dk_priv,
&ps.cs_r_pub)); &alg_values.details.cs_values.r_pub));
// TODO: eliminate r_pubs parameter // TODO: eliminate r_pubs parameter
TALER_planchet_blinding_secret_create (&ps, TALER_planchet_blinding_secret_create (&ps,
TALER_DENOMINATION_CS); TALER_DENOMINATION_CS,
&alg_values);
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (&dk_pub, TALER_planchet_prepare (&dk_pub,
&alg_values,
&ps, &ps,
&c_hash, &c_hash,
&pd)); &pd));
@ -183,6 +188,7 @@ test_planchets_cs (void)
&blind_sig, &blind_sig,
&ps, &ps,
&c_hash, &c_hash,
&alg_values,
&coin)); &coin));
TALER_blinded_denom_sig_free (&blind_sig); TALER_blinded_denom_sig_free (&blind_sig);

53
src/util/test_helper_cs.c
View File

@ -268,6 +268,7 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
bool success = false; bool success = false;
struct TALER_PlanchetSecretsP ps; struct TALER_PlanchetSecretsP ps;
struct TALER_CoinPubHash c_hash; struct TALER_CoinPubHash c_hash;
struct TALER_ExchangeWithdrawValues values;
TALER_planchet_setup_random (&ps, TALER_DENOMINATION_CS); TALER_planchet_setup_random (&ps, TALER_DENOMINATION_CS);
for (unsigned int i = 0; i<MAX_KEYS; i++) for (unsigned int i = 0; i<MAX_KEYS; i++)
@ -286,7 +287,9 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
GNUNET_log (GNUNET_ERROR_TYPE_INFO, GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Requesting R derivation with key %s\n", "Requesting R derivation with key %s\n",
GNUNET_h2s (&keys[i].h_cs.hash)); GNUNET_h2s (&keys[i].h_cs.hash));
ps.cs_r_pub = TALER_CRYPTO_helper_cs_r_derive (dh,
values.details.cs_values.r_pub
= TALER_CRYPTO_helper_cs_r_derive (dh,
&keys[i].h_cs, &keys[i].h_cs,
&pd.blinded_planchet. &pd.blinded_planchet.
details. details.
@ -320,9 +323,11 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
GNUNET_h2s (&keys[i].h_cs.hash)); GNUNET_h2s (&keys[i].h_cs.hash));
TALER_planchet_blinding_secret_create (&ps, TALER_planchet_blinding_secret_create (&ps,
TALER_DENOMINATION_CS); TALER_DENOMINATION_CS,
&values);
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (&keys[i].denom_pub, TALER_planchet_prepare (&keys[i].denom_pub,
&values,
&ps, &ps,
&c_hash, &c_hash,
&pd)); &pd));
@ -373,7 +378,7 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&nonce, &nonce,
sizeof (nonce)); sizeof (nonce));
ps.cs_r_pub = TALER_CRYPTO_helper_cs_r_derive (dh, TALER_CRYPTO_helper_cs_r_derive (dh,
&rnd, &rnd,
&nonce, &nonce,
&ec); &ec);
@ -404,6 +409,8 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
bool success = false; bool success = false;
struct TALER_PlanchetSecretsP ps; struct TALER_PlanchetSecretsP ps;
struct TALER_CoinPubHash c_hash; struct TALER_CoinPubHash c_hash;
struct TALER_ExchangeWithdrawValues values;
TALER_planchet_setup_random (&ps, TALER_DENOMINATION_CS); TALER_planchet_setup_random (&ps, TALER_DENOMINATION_CS);
for (unsigned int i = 0; i<MAX_KEYS; i++) for (unsigned int i = 0; i<MAX_KEYS; i++)
@ -418,17 +425,20 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
TALER_cs_withdraw_nonce_derive (&ps.coin_priv, TALER_cs_withdraw_nonce_derive (&ps.coin_priv,
&pd.blinded_planchet.details. &pd.blinded_planchet.details.
cs_blinded_planchet.nonce); cs_blinded_planchet.nonce);
ps.cs_r_pub = TALER_CRYPTO_helper_cs_r_derive (dh, values.details.cs_values.r_pub
= TALER_CRYPTO_helper_cs_r_derive (dh,
&keys[i].h_cs, &keys[i].h_cs,
&pd.blinded_planchet. &pd.blinded_planchet.
details. details.
cs_blinded_planchet.nonce, cs_blinded_planchet.nonce,
&ec); &ec);
TALER_planchet_blinding_secret_create (&ps, TALER_planchet_blinding_secret_create (&ps,
TALER_DENOMINATION_CS); TALER_DENOMINATION_CS,
&values);
GNUNET_assert (GNUNET_YES == GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub, TALER_planchet_prepare (&keys[i].denom_pub,
&values,
&ps, &ps,
&c_hash, &c_hash,
&pd)); &pd));
@ -463,30 +473,18 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
return 5; return 5;
} }
{ {
struct TALER_DenominationSignature rs; struct TALER_FreshCoin coin;
if (GNUNET_OK != if (GNUNET_OK !=
TALER_denom_sig_unblind (&rs, TALER_planchet_to_coin (&keys[i].denom_pub,
&ds, &ds,
&ps.blinding_key, &ps,
&keys[i].denom_pub, &c_hash,
&ps.cs_r_pub_blinded)) &values,
&coin))
{ {
GNUNET_break (0); GNUNET_break (0);
return 6; return 6;
} }
TALER_blinded_denom_sig_free (&ds);
if (GNUNET_OK !=
TALER_denom_pub_verify (&keys[i].denom_pub,
&rs,
&c_hash))
{
/* signature invalid */
GNUNET_break (0);
TALER_denom_sig_free (&rs);
return 7;
}
TALER_denom_sig_free (&rs);
} }
GNUNET_log (GNUNET_ERROR_TYPE_INFO, GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Received valid signature for key %s\n", "Received valid signature for key %s\n",
@ -536,6 +534,7 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
pd.blinded_planchet.cipher = TALER_DENOMINATION_CS; pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
GNUNET_assert (GNUNET_YES == GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[0].denom_pub, TALER_planchet_prepare (&keys[0].denom_pub,
&values,
&ps, &ps,
&c_hash, &c_hash,
&pd)); &pd));
@ -597,6 +596,7 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
{ {
struct TALER_CoinPubHash c_hash; struct TALER_CoinPubHash c_hash;
struct TALER_PlanchetDetail pd; struct TALER_PlanchetDetail pd;
struct TALER_ExchangeWithdrawValues values;
pd.blinded_planchet.cipher = TALER_DENOMINATION_CS; pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
@ -604,17 +604,20 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
&pd.blinded_planchet.details. &pd.blinded_planchet.details.
cs_blinded_planchet.nonce); cs_blinded_planchet.nonce);
ps.cs_r_pub = TALER_CRYPTO_helper_cs_r_derive (dh, values.details.cs_values.r_pub
= TALER_CRYPTO_helper_cs_r_derive (dh,
&keys[i].h_cs, &keys[i].h_cs,
&pd.blinded_planchet. &pd.blinded_planchet.
details. details.
cs_blinded_planchet.nonce, cs_blinded_planchet.nonce,
&ec); &ec);
TALER_planchet_blinding_secret_create (&ps, TALER_planchet_blinding_secret_create (&ps,
TALER_DENOMINATION_CS); TALER_DENOMINATION_CS,
&values);
GNUNET_assert (GNUNET_YES == GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub, TALER_planchet_prepare (&keys[i].denom_pub,
&values,
&ps, &ps,
&c_hash, &c_hash,
&pd)); &pd));

2
src/util/test_helper_rsa.c
View File

@ -282,6 +282,7 @@ test_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh)
GNUNET_assert (GNUNET_YES == GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub, TALER_planchet_prepare (&keys[i].denom_pub,
NULL, /* not needed in RSA*/
&ps, &ps,
&c_hash, &c_hash,
&pd)); &pd));
@ -451,6 +452,7 @@ perf_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
GNUNET_assert (GNUNET_YES == GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub, TALER_planchet_prepare (&keys[i].denom_pub,
NULL, /* not needed in RSA*/
&ps, &ps,
&c_hash, &c_hash,
&pd)); &pd));