From 8bfc6583e799d8f7d0e55262b593183daed7f4fe Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 14 Nov 2022 06:19:35 +0100 Subject: [PATCH] more refactoring towards #7272 --- .../taler-exchange-httpd_batch-withdraw.c | 3 +- src/exchange/taler-exchange-httpd_csr.c | 23 +- src/exchange/taler-exchange-httpd_keys.c | 260 ++++++++++-------- src/exchange/taler-exchange-httpd_keys.h | 86 +++--- .../taler-exchange-httpd_refreshes_reveal.c | 13 +- src/exchange/taler-exchange-httpd_withdraw.c | 3 +- src/include/taler_crypto_lib.h | 110 +------- src/util/crypto_helper_cs.c | 209 +------------- src/util/test_helper_cs.c | 34 ++- 9 files changed, 263 insertions(+), 478 deletions(-) diff --git a/src/exchange/taler-exchange-httpd_batch-withdraw.c b/src/exchange/taler-exchange-httpd_batch-withdraw.c index 7352edfdd..de1b67e52 100644 --- a/src/exchange/taler-exchange-httpd_batch-withdraw.c +++ b/src/exchange/taler-exchange-httpd_batch-withdraw.c @@ -427,8 +427,9 @@ prepare_transaction (const struct TEH_RequestContext *rc, .bp = &pc->blinded_planchet }; - ec = TEH_keys_denomination_sign_withdraw ( + ec = TEH_keys_denomination_sign ( &csds, + false, &pc->collectable.sig); if (TALER_EC_NONE != ec) { diff --git a/src/exchange/taler-exchange-httpd_csr.c b/src/exchange/taler-exchange-httpd_csr.c index 14d82ef11..7e9e7a584 100644 --- a/src/exchange/taler-exchange-httpd_csr.c +++ b/src/exchange/taler-exchange-httpd_csr.c @@ -179,9 +179,16 @@ TEH_handler_csr_melt (struct TEH_RequestContext *rc, /* derive r_pub */ // FIXME-#7272: bundle all requests into one derivation request (TEH_keys_..., crypto helper, security module) - ec = TEH_keys_denomination_cs_r_pub_melt (denom_pub_hash, - nonce, - r_pub); + { + const struct TEH_CsDeriveData cdd = { + .h_denom_pub = denom_pub_hash, + .nonce = nonce + }; + + ec = TEH_keys_denomination_cs_r_pub (&cdd, + true, + r_pub); + } if (TALER_EC_NONE != ec) { GNUNET_break (0); @@ -315,10 +322,14 @@ TEH_handler_csr_withdraw (struct TEH_RequestContext *rc, /* derive r_pub */ { enum TALER_ErrorCode ec; + const struct TEH_CsDeriveData cdd = { + .h_denom_pub = &denom_pub_hash, + .nonce = &nonce + }; - ec = TEH_keys_denomination_cs_r_pub_withdraw (&denom_pub_hash, - &nonce, - &ewv.details.cs_values); + ec = TEH_keys_denomination_cs_r_pub (&cdd, + false, + &ewv.details.cs_values); if (TALER_EC_NONE != ec) { GNUNET_break (0); diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c index d430946cf..edfe50e58 100644 --- a/src/exchange/taler-exchange-httpd_keys.c +++ b/src/exchange/taler-exchange-httpd_keys.c @@ -2746,8 +2746,9 @@ TEH_keys_denomination_by_hash2 ( enum TALER_ErrorCode -TEH_keys_denomination_sign_withdraw ( +TEH_keys_denomination_sign ( const struct TEH_CoinSignData *csd, + bool for_melt, struct TALER_BlindedDenominationSignature *bs) { struct TEH_KeyStateHandle *ksh; @@ -2787,9 +2788,10 @@ TEH_keys_denomination_sign_withdraw ( csr.h_cs = &hd->h_details.h_cs; csr.blinded_planchet = &bp->details.cs_blinded_planchet; - return TALER_CRYPTO_helper_cs_sign_withdraw ( + return TALER_CRYPTO_helper_cs_sign ( ksh->helpers->csdh, &csr, + for_melt, bs); } default: @@ -2799,118 +2801,135 @@ TEH_keys_denomination_sign_withdraw ( enum TALER_ErrorCode -TEH_keys_denomination_batch_sign_withdraw ( +TEH_keys_denomination_batch_sign ( const struct TEH_CoinSignData *csds, unsigned int csds_length, + bool for_melt, struct TALER_BlindedDenominationSignature *bss) { struct TEH_KeyStateHandle *ksh; struct HelperDenomination *hd; -#if 0 + struct TALER_CRYPTO_RsaSignRequest rsrs[csds_length]; + struct TALER_CRYPTO_CsSignRequest csrs[csds_length]; + struct TALER_BlindedDenominationSignature rs[csds_length]; + struct TALER_BlindedDenominationSignature cs[csds_length]; + unsigned int rsrs_pos = 0; + unsigned int csrs_pos = 0; + enum TALER_ErrorCode ec; ksh = TEH_keys_get_state (); if (NULL == ksh) return TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING; - hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys, - &h_denom_pub->hash); - if (NULL == hd) - return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN; - if (bp->cipher != hd->denom_pub.cipher) - return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE; - switch (hd->denom_pub.cipher) + for (unsigned int i = 0; ih_details.h_rsa, - .msg = bp->details.rsa_blinded_planchet.blinded_msg, - .msg_size = bp->details.rsa_blinded_planchet.blinded_msg_size - }; + const struct TALER_DenominationHashP *h_denom_pub = csds[i].h_denom_pub; + const struct TALER_BlindedPlanchet *bp = csds[i].bp; - return TALER_CRYPTO_helper_rsa_sign ( - ksh->helpers->rsadh, - &rsr, - bs); - } - case TALER_DENOMINATION_CS: - TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS]++; + hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys, + &h_denom_pub->hash); + if (NULL == hd) + return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN; + if (bp->cipher != hd->denom_pub.cipher) + return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE; + switch (hd->denom_pub.cipher) { - struct TALER_CRYPTO_CsSignRequest csr; - - csr.h_cs = &hd->h_details.h_cs; - csr.blinded_planchet = &bp->details.cs_blinded_planchet; - return TALER_CRYPTO_helper_cs_sign_withdraw ( - ksh->helpers->csdh, - &csr, - bs); + case TALER_DENOMINATION_RSA: + rsrs[rsrs_pos].h_rsa = &hd->h_details.h_rsa; + rsrs[rsrs_pos].msg + = bp->details.rsa_blinded_planchet.blinded_msg; + rsrs[rsrs_pos].msg_size + = bp->details.rsa_blinded_planchet.blinded_msg_size; + rsrs_pos++; + break; + case TALER_DENOMINATION_CS: + csrs[csrs_pos].h_cs = &hd->h_details.h_cs; + csrs[csrs_pos].blinded_planchet = &bp->details.cs_blinded_planchet; + csrs_pos++; + break; + default: + return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE; } - default: - return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE; } -#endif + + if ( (0 != csrs_pos) && + (0 != rsrs_pos) ) + { + memset (rs, + 0, + sizeof (rs)); + memset (cs, + 0, + sizeof (cs)); + } + ec = TALER_EC_NONE; + if (0 != csrs_pos) + { + ec = TALER_CRYPTO_helper_cs_batch_sign ( + ksh->helpers->csdh, + csrs, + csrs_pos, + for_melt, + (0 == rsrs_pos) ? bss : cs); + if (TALER_EC_NONE != ec) + { + for (unsigned int i = 0; ihelpers->rsadh, + rsrs, + rsrs_pos, + (0 == csrs_pos) ? bss : rs); + if (TALER_EC_NONE != ec) + { + for (unsigned int i = 0; icipher) + { + case TALER_DENOMINATION_RSA: + bss[i] = rs[rsrs_pos++]; + break; + case TALER_DENOMINATION_CS: + bss[i] = cs[csrs_pos++]; + break; + default: + GNUNET_assert (0); + } + } + } + return TALER_EC_NONE; } enum TALER_ErrorCode -TEH_keys_denomination_sign_melt ( - const struct TEH_CoinSignData *csd, - struct TALER_BlindedDenominationSignature *bs) -{ - const struct TALER_DenominationHashP *h_denom_pub = csd->h_denom_pub; - const struct TALER_BlindedPlanchet *bp = csd->bp; - struct TEH_KeyStateHandle *ksh; - struct HelperDenomination *hd; - - ksh = TEH_keys_get_state (); - if (NULL == ksh) - return TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING; - hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys, - &h_denom_pub->hash); - if (NULL == hd) - return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN; - if (bp->cipher != hd->denom_pub.cipher) - return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE; - switch (hd->denom_pub.cipher) - { - case TALER_DENOMINATION_RSA: - TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_RSA]++; - { - struct TALER_CRYPTO_RsaSignRequest rsr = { - .h_rsa = &hd->h_details.h_rsa, - .msg = bp->details.rsa_blinded_planchet.blinded_msg, - .msg_size = bp->details.rsa_blinded_planchet.blinded_msg_size - }; - - return TALER_CRYPTO_helper_rsa_sign ( - ksh->helpers->rsadh, - &rsr, - bs); - } - case TALER_DENOMINATION_CS: - { - struct TALER_CRYPTO_CsSignRequest csr; - - csr.h_cs = &hd->h_details.h_cs; - csr.blinded_planchet = &bp->details.cs_blinded_planchet; - TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS]++; - return TALER_CRYPTO_helper_cs_sign_melt ( - ksh->helpers->csdh, - &csr, - bs); - } - default: - return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE; - } -} - - -enum TALER_ErrorCode -TEH_keys_denomination_cs_r_pub_melt ( - const struct TALER_DenominationHashP *h_denom_pub, - const struct TALER_CsNonce *nonce, +TEH_keys_denomination_cs_r_pub ( + const struct TEH_CsDeriveData *cdd, + bool for_melt, struct TALER_DenominationCSPublicRPairP *r_pub) { + const struct TALER_DenominationHashP *h_denom_pub = cdd->h_denom_pub; + const struct TALER_CsNonce *nonce = cdd->nonce; struct TEH_KeyStateHandle *ksh; struct HelperDenomination *hd; @@ -2935,47 +2954,54 @@ TEH_keys_denomination_cs_r_pub_melt ( .h_cs = &hd->h_details.h_cs, .nonce = nonce }; - return TALER_CRYPTO_helper_cs_r_derive_melt (ksh->helpers->csdh, - &cdr, - r_pub); + return TALER_CRYPTO_helper_cs_r_derive (ksh->helpers->csdh, + &cdr, + for_melt, + r_pub); } } enum TALER_ErrorCode -TEH_keys_denomination_cs_r_pub_withdraw ( - const struct TALER_DenominationHashP *h_denom_pub, - const struct TALER_CsNonce *nonce, - struct TALER_DenominationCSPublicRPairP *r_pub) +TEH_keys_denomination_cs_batch_r_pub ( + const struct TEH_CsDeriveData *cdds, + unsigned int cdds_length, + bool for_melt, + struct TALER_DenominationCSPublicRPairP *r_pubs) { struct TEH_KeyStateHandle *ksh; struct HelperDenomination *hd; + struct TALER_CRYPTO_CsDeriveRequest cdrs[cdds_length]; ksh = TEH_keys_get_state (); if (NULL == ksh) { return TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING; } - hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys, - &h_denom_pub->hash); - if (NULL == hd) + for (unsigned int i = 0; idenom_pub.cipher) - { - return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE; - } - { - struct TALER_CRYPTO_CsDeriveRequest cdr = { - .h_cs = &hd->h_details.h_cs, - .nonce = nonce - }; + const struct TALER_DenominationHashP *h_denom_pub = cdds[i].h_denom_pub; + const struct TALER_CsNonce *nonce = cdds[i].nonce; - return TALER_CRYPTO_helper_cs_r_derive_withdraw (ksh->helpers->csdh, - &cdr, - r_pub); + hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys, + &h_denom_pub->hash); + if (NULL == hd) + { + return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN; + } + if (TALER_DENOMINATION_CS != hd->denom_pub.cipher) + { + return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE; + } + cdrs[i].h_cs = &hd->h_details.h_cs; + cdrs[i].nonce = nonce; } + + return TALER_CRYPTO_helper_cs_r_batch_derive (ksh->helpers->csdh, + cdrs, + cdds_length, + for_melt, + r_pubs); } diff --git a/src/exchange/taler-exchange-httpd_keys.h b/src/exchange/taler-exchange-httpd_keys.h index 24ba1467c..7e8c1e995 100644 --- a/src/exchange/taler-exchange-httpd_keys.h +++ b/src/exchange/taler-exchange-httpd_keys.h @@ -263,44 +263,18 @@ struct TEH_CoinSignData }; -/** - * Request to sign @a csd for regular withdrawing. - * - * @param csd identifies data to blindly sign and key to sign with - * @param[out] bs set to the blind signature on success - * @return #TALER_EC_NONE on success - */ -enum TALER_ErrorCode -TEH_keys_denomination_sign_withdraw ( - const struct TEH_CoinSignData *csd, - struct TALER_BlindedDenominationSignature *bs); - - -/** - * Request to sign @a csds for regular withdrawing. - * - * @param csds array with data to blindly sign (and keys to sign with) - * @param csds_length length of @a csds array - * @param[out] bss array set to the blind signature on success; must be of length @a csds_length - * @return #TALER_EC_NONE on success - */ -enum TALER_ErrorCode -TEH_keys_denomination_batch_sign_withdraw ( - const struct TEH_CoinSignData *csds, - unsigned int csds_length, - struct TALER_BlindedDenominationSignature *bss); - - /** * Request to sign @a csd for melting. * * @param csd identifies data to blindly sign and key to sign with + * @param for_melt true if this is for a melt operation * @param[out] bs set to the blind signature on success * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode -TEH_keys_denomination_sign_melt ( +TEH_keys_denomination_sign ( const struct TEH_CoinSignData *csd, + bool for_melt, struct TALER_BlindedDenominationSignature *bs); @@ -309,46 +283,66 @@ TEH_keys_denomination_sign_melt ( * * @param csds array with data to blindly sign (and keys to sign with) * @param csds_length length of @a csds array + * @param for_melt true if this is for a melt operation * @param[out] bss array set to the blind signature on success; must be of length @a csds_length * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode -TEH_keys_denomination_batch_sign_melt ( +TEH_keys_denomination_batch_sign ( const struct TEH_CoinSignData *csds, unsigned int csds_length, + bool for_melt, struct TALER_BlindedDenominationSignature *bss); /** - * Request to derive CS @a r_pub using the denomination corresponding to @a h_denom_pub - * and @a nonce for withdrawing. + * Information needed to derive the CS r_pub. + */ +struct TEH_CsDeriveData +{ + /** + * Hash of key to sign with. + */ + const struct TALER_DenominationHashP *h_denom_pub; + + /** + * Nonce to use. + */ + const struct TALER_CsNonce *nonce; +}; + + +/** + * Request to derive CS @a r_pub using the denomination and nonce from @a cdd. * - * @param h_denom_pub hash of the public key to use to derive r_pub - * @param nonce withdraw/refresh nonce + * @param cdd data to compute @a r_pub from + * @param for_melt true if this is for a melt operation * @param[out] r_pub where to write the result * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode -TEH_keys_denomination_cs_r_pub_withdraw ( - const struct TALER_DenominationHashP *h_denom_pub, - const struct TALER_CsNonce *nonce, +TEH_keys_denomination_cs_r_pub ( + const struct TEH_CsDeriveData *cdd, + bool for_melt, struct TALER_DenominationCSPublicRPairP *r_pub); /** - * Request to derive CS @a r_pub using the denomination corresponding to @a h_denom_pub - * and @a nonce for melting. + * Request to derive a bunch of CS @a r_pubs using the + * denominations and nonces from @a cdds. * - * @param h_denom_pub hash of the public key to use to derive r_pub - * @param nonce withdraw/refresh nonce - * @param[out] r_pub where to write the result + * @param cdds array to compute @a r_pubs from + * @param cdds_length length of the @a cdds array + * @param for_melt true if this is for a melt operation + * @param[out] r_pubs array where to write the result; must be of length @a cdds_length * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode -TEH_keys_denomination_cs_r_pub_melt ( - const struct TALER_DenominationHashP *h_denom_pub, - const struct TALER_CsNonce *nonce, - struct TALER_DenominationCSPublicRPairP *r_pub); +TEH_keys_denomination_cs_batch_r_pub ( + const struct TEH_CsDeriveData *cdds, + unsigned int cdds_length, + bool for_melt, + struct TALER_DenominationCSPublicRPairP *r_pubs); /** diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c index a0c8a6667..56848d581 100644 --- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c +++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c @@ -215,10 +215,14 @@ check_commitment (struct RevealContext *rctx, case TALER_DENOMINATION_CS: { enum TALER_ErrorCode ec; + const struct TEH_CsDeriveData cdd = { + .h_denom_pub = &rctx->rrcs[j].h_denom_pub, + .nonce = &nonces[aoff] + }; - ec = TEH_keys_denomination_cs_r_pub_melt ( - &rctx->rrcs[j].h_denom_pub, - &nonces[aoff], + ec = TEH_keys_denomination_cs_r_pub ( + &cdd, + true, &alg_values->details.cs_values); if (TALER_EC_NONE != ec) { @@ -756,8 +760,9 @@ clean_age: // FIXME #7272: replace with a batch call that // passes all coins in once go! - ec = TEH_keys_denomination_sign_melt ( + ec = TEH_keys_denomination_sign ( &csd, + true, &rrcs[i].coin_sig); if (TALER_EC_NONE != ec) { diff --git a/src/exchange/taler-exchange-httpd_withdraw.c b/src/exchange/taler-exchange-httpd_withdraw.c index 71128bf53..253773639 100644 --- a/src/exchange/taler-exchange-httpd_withdraw.c +++ b/src/exchange/taler-exchange-httpd_withdraw.c @@ -455,8 +455,9 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc, }; /* Sign before transaction! */ - ec = TEH_keys_denomination_sign_withdraw ( + ec = TEH_keys_denomination_sign ( &csd, + false, &wc.collectable.sig); } if (TALER_EC_NONE != ec) diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 30a652682..9b658d741 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -2494,57 +2494,15 @@ struct TALER_CRYPTO_CsSignRequest * * @param dh helper process connection * @param req information about the key to sign with and the value to sign + * @param for_melt true if for melt operation * @param[out] bs set to the blind signature * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_sign_melt ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsSignRequest *req, - struct TALER_BlindedDenominationSignature *bs); - - -/** - * Request helper @a dh to batch sign batch @a reqs. - * - * This operation will block until the signature has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper process connection - * @param reqs array with information about the keys to sign with and the values to sign - * @param reqs_length length of the @a reqs array - * @param[out] bss array set to the blind signatures, must be of length @a reqs_length! - * @return #TALER_EC_NONE on success - */ -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_batch_sign_melt ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsSignRequest *reqs, - unsigned int reqs_length, - struct TALER_BlindedDenominationSignature *bss); - - -/** - * Request helper @a dh to sign @a req. - * - * This operation will block until the signature has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper process connection - * @param req information about the key to sign with and the value to sign - * @param[out] bs set to the blind signature - * @return #TALER_EC_NONE on success - */ -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_sign_withdraw ( +TALER_CRYPTO_helper_cs_sign ( struct TALER_CRYPTO_CsDenominationHelper *dh, const struct TALER_CRYPTO_CsSignRequest *req, + bool for_melt, struct TALER_BlindedDenominationSignature *bs); @@ -2560,14 +2518,16 @@ TALER_CRYPTO_helper_cs_sign_withdraw ( * @param dh helper process connection * @param reqs information about the keys to sign with and the values to sign * @param reqs_length length of the @a reqs array + * @param for_melt true if this is for a melt operation * @param[out] bs array set to the blind signatures, must be of length @a reqs_length! * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_batch_sign_withdraw ( +TALER_CRYPTO_helper_cs_batch_sign ( struct TALER_CRYPTO_CsDenominationHelper *dh, const struct TALER_CRYPTO_CsSignRequest *reqs, unsigned int reqs_length, + bool for_melt, struct TALER_BlindedDenominationSignature *bss); @@ -2621,20 +2581,20 @@ struct TALER_CRYPTO_CsDeriveRequest * * @param dh helper to process connection * @param cdr derivation input data - * @param nonce witdhraw nonce + * @param for_melt true if this is for a melt operation * @param[out] crp set to the pair of R values * @return set to the error code (or #TALER_EC_NONE on success) */ enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_derive_withdraw ( +TALER_CRYPTO_helper_cs_r_derive ( struct TALER_CRYPTO_CsDenominationHelper *dh, const struct TALER_CRYPTO_CsDeriveRequest *cdr, + bool for_melt, struct TALER_DenominationCSPublicRPairP *crp); /** - * Ask the helper to derive R using the information - * from @a cdrs. + * Ask the helper to derive R using the information from @a cdrs. * * This operation will block until the R has been obtained. Should * this process receive a signal (that is not ignored) while the operation is @@ -2645,60 +2605,16 @@ TALER_CRYPTO_helper_cs_r_derive_withdraw ( * @param dh helper to process connection * @param cdrs array with derivation input data * @param cdrs_length length of the @a cdrs array + * @param for_melt true if this is for a melt operation * @param[out] crp array set to the pair of R values, must be of length @a cdrs_length * @return set to the error code (or #TALER_EC_NONE on success) */ enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_batch_derive_withdraw ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsDeriveRequest *cdrs, - unsigned int cdrs_length, - struct TALER_DenominationCSPublicRPairP *crps); - - -/** - * Ask the helper to derive R using the information - * from @a cdr. - * - * This operation will block until the R has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper to process connection - * @param cdr derivation input data - * @param[out] crp set to the pair of R values - * @return set to the error code (or #TALER_EC_NONE on success) - */ -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_derive_melt ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsDeriveRequest *cdr, - struct TALER_DenominationCSPublicRPairP *crp); - - -/** - * Ask the helper to derive R using the information - * from @a cdrs. - * - * This operation will block until the R has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper to process connection - * @param cdrs array with derivation input data - * @param cdrs_length length of the @a cdrs array - * @param[out] crps array set to the pair of R values, must be of length @a cdrs_length - * @return set to the error code (or #TALER_EC_NONE on success) - */ -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_batch_derive_melt ( +TALER_CRYPTO_helper_cs_r_batch_derive ( struct TALER_CRYPTO_CsDenominationHelper *dh, const struct TALER_CRYPTO_CsDeriveRequest *cdrs, unsigned int cdrs_length, + bool for_melt, struct TALER_DenominationCSPublicRPairP *crps); diff --git a/src/util/crypto_helper_cs.c b/src/util/crypto_helper_cs.c index 7554be40d..5f7d3d6f9 100644 --- a/src/util/crypto_helper_cs.c +++ b/src/util/crypto_helper_cs.c @@ -378,32 +378,17 @@ more: } -/** - * Request helper @a dh to sign @a msg using the public key corresponding to - * @a h_denom_pub. - * - * This operation will block until the signature has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper process connection - * @param h_cs hash of the CS public key to use to sign - * @param blinded_planchet blinded planchet containing c and nonce - * @param for_melt true if the HKDF for melt should be used - * @param[out] bs set to the blind signature - * @return #TALER_EC_NONE on success - */ -static enum TALER_ErrorCode -helper_cs_sign ( +enum TALER_ErrorCode +TALER_CRYPTO_helper_cs_sign ( struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CsPubHashP *h_cs, - const struct TALER_BlindedCsPlanchet *blinded_planchet, + const struct TALER_CRYPTO_CsSignRequest *req, bool for_melt, struct TALER_BlindedDenominationSignature *bs) { enum TALER_ErrorCode ec = TALER_EC_INVALID; + const struct TALER_CsPubHashP *h_cs = req->h_cs; + const struct TALER_BlindedCsPlanchet *blinded_planchet = + req->blinded_planchet; bs->cipher = TALER_DENOMINATION_INVALID; GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, @@ -592,34 +577,6 @@ end: } -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_sign_melt ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsSignRequest *req, - struct TALER_BlindedDenominationSignature *bs) -{ - return helper_cs_sign (dh, - req->h_cs, - req->blinded_planchet, - true, - bs); -} - - -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_sign_withdraw ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsSignRequest *req, - struct TALER_BlindedDenominationSignature *bs) -{ - return helper_cs_sign (dh, - req->h_cs, - req->blinded_planchet, - false, - bs); -} - - void TALER_CRYPTO_helper_cs_revoke ( struct TALER_CRYPTO_CsDenominationHelper *dh, @@ -650,31 +607,15 @@ TALER_CRYPTO_helper_cs_revoke ( } -/** - * Ask the helper to derive R using the @a nonce and denomination key - * associated with @a h_cs. - * - * This operation will block until the R has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper to process connection - * @param h_cs hash of the CS public key to revoke - * @param nonce witdhraw nonce - * @param for_melt true if the HKDF for melt should be used - * @param[out] crp set to the pair of R values - * @return set to the error code (or #TALER_EC_NONE on success) - */ -static enum TALER_ErrorCode -helper_cs_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CsPubHashP *h_cs, - const struct TALER_CsNonce *nonce, - bool for_melt, - struct TALER_DenominationCSPublicRPairP *crp) +enum TALER_ErrorCode +TALER_CRYPTO_helper_cs_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh, + const struct TALER_CRYPTO_CsDeriveRequest *cdr, + bool for_melt, + struct TALER_DenominationCSPublicRPairP *crp) { enum TALER_ErrorCode ec = TALER_EC_INVALID; + const struct TALER_CsPubHashP *h_cs = cdr->h_cs; + const struct TALER_CsNonce *nonce = cdr->nonce; memset (crp, 0, @@ -852,51 +793,7 @@ more: enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_derive_withdraw ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsDeriveRequest *cdr, - struct TALER_DenominationCSPublicRPairP *crp) -{ - return helper_cs_r_derive (dh, - cdr->h_cs, - cdr->nonce, - false, - crp); -} - - -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_derive_melt ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsDeriveRequest *cdr, - struct TALER_DenominationCSPublicRPairP *crp) -{ - return helper_cs_r_derive (dh, - cdr->h_cs, - cdr->nonce, - true, - crp); -} - - -/** - * Request helper @a dh to sign batch of @a reqs requests. - * - * This operation will block until the signature has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper process connection - * @param reqs information about the keys to sign with and the values to sign - * @param reqs_length length of the @a reqs array - * @param for_melt true if this is for a melt operation - * @param[out] bs array set to the blind signatures, must be of length @a reqs_length! - * @return #TALER_EC_NONE on success - */ -static enum TALER_ErrorCode -helper_cs_batch_sign ( +TALER_CRYPTO_helper_cs_batch_sign ( struct TALER_CRYPTO_CsDenominationHelper *dh, const struct TALER_CRYPTO_CsSignRequest *reqs, unsigned int reqs_length, @@ -1141,53 +1038,7 @@ more: enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_batch_sign_melt ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsSignRequest *reqs, - unsigned int reqs_length, - struct TALER_BlindedDenominationSignature *bss) -{ - return helper_cs_batch_sign (dh, - reqs, - reqs_length, - true, - bss); -} - - -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_batch_sign_withdraw ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsSignRequest *reqs, - unsigned int reqs_length, - struct TALER_BlindedDenominationSignature *bss) -{ - return helper_cs_batch_sign (dh, - reqs, - reqs_length, - false, - bss); -} - - -/** - * Ask the helper to derive R using the information from @a cdrs. - * - * This operation will block until the R has been obtained. Should - * this process receive a signal (that is not ignored) while the operation is - * pending, the operation will fail. Note that the helper may still believe - * that it created the signature. Thus, signals may result in a small - * differences in the signature counters. Retrying in this case may work. - * - * @param dh helper to process connection - * @param cdrs array with derivation input data - * @param cdrs_length length of the @a cdrs array - * @param for_melt true if this is for a melt operation - * @param[out] crp array set to the pair of R values, must be of length @a cdrs_length - * @return set to the error code (or #TALER_EC_NONE on success) - */ -static enum TALER_ErrorCode -helper_cs_r_batch_derive ( +TALER_CRYPTO_helper_cs_r_batch_derive ( struct TALER_CRYPTO_CsDenominationHelper *dh, const struct TALER_CRYPTO_CsDeriveRequest *cdrs, unsigned int cdrs_length, @@ -1429,36 +1280,6 @@ more: } -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_batch_derive_withdraw ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsDeriveRequest *cdrs, - unsigned int cdrs_length, - struct TALER_DenominationCSPublicRPairP *crps) -{ - return helper_cs_r_batch_derive (dh, - cdrs, - cdrs_length, - false, - crps); -} - - -enum TALER_ErrorCode -TALER_CRYPTO_helper_cs_r_batch_derive_melt ( - struct TALER_CRYPTO_CsDenominationHelper *dh, - const struct TALER_CRYPTO_CsDeriveRequest *cdrs, - unsigned int cdrs_length, - struct TALER_DenominationCSPublicRPairP *crps) -{ - return helper_cs_r_batch_derive (dh, - cdrs, - cdrs_length, - true, - crps); -} - - void TALER_CRYPTO_helper_cs_disconnect ( struct TALER_CRYPTO_CsDenominationHelper *dh) diff --git a/src/util/test_helper_cs.c b/src/util/test_helper_cs.c index fdfc5c362..2dada0e19 100644 --- a/src/util/test_helper_cs.c +++ b/src/util/test_helper_cs.c @@ -295,9 +295,10 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh) .nonce = &pd.blinded_planchet.details.cs_blinded_planchet.nonce }; - ec = TALER_CRYPTO_helper_cs_r_derive_withdraw ( + ec = TALER_CRYPTO_helper_cs_r_derive ( dh, &cdr, + false, &alg_values.details.cs_values); } switch (ec) @@ -391,9 +392,10 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh) GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &nonce, sizeof (nonce)); - ec = TALER_CRYPTO_helper_cs_r_derive_withdraw (dh, - &cdr, - &crp); + ec = TALER_CRYPTO_helper_cs_r_derive (dh, + &cdr, + false, + &crp); if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec) { GNUNET_break (0); @@ -443,9 +445,10 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh) &pd.blinded_planchet.details. cs_blinded_planchet.nonce); alg_values.cipher = TALER_DENOMINATION_CS; - ec = TALER_CRYPTO_helper_cs_r_derive_withdraw ( + ec = TALER_CRYPTO_helper_cs_r_derive ( dh, &cdr, + false, &alg_values.details.cs_values); if (TALER_EC_NONE != ec) continue; @@ -470,9 +473,10 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh) csr.h_cs = &keys[i].h_cs; csr.blinded_planchet = &pd.blinded_planchet.details.cs_blinded_planchet; - ec = TALER_CRYPTO_helper_cs_sign_withdraw ( + ec = TALER_CRYPTO_helper_cs_sign ( dh, &csr, + false, &ds); } switch (ec) @@ -571,9 +575,10 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh) csr.h_cs = &rnd; csr.blinded_planchet = &pd.blinded_planchet.details.cs_blinded_planchet; - ec = TALER_CRYPTO_helper_cs_sign_withdraw ( + ec = TALER_CRYPTO_helper_cs_sign ( dh, &csr, + false, &ds); if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec) { @@ -635,10 +640,11 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, &pd[i].blinded_planchet.details.cs_blinded_planchet.nonce); alg_values[i].cipher = TALER_DENOMINATION_CS; } - ec = TALER_CRYPTO_helper_cs_r_batch_derive_withdraw ( + ec = TALER_CRYPTO_helper_cs_r_batch_derive ( dh, cdr, batch_size, + false, crps); if (TALER_EC_NONE != ec) continue; @@ -666,10 +672,11 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, csr[i].blinded_planchet = &pd[i].blinded_planchet.details.cs_blinded_planchet; } - ec = TALER_CRYPTO_helper_cs_batch_sign_withdraw ( + ec = TALER_CRYPTO_helper_cs_batch_sign ( dh, csr, batch_size, + false, ds); } switch (ec) @@ -773,10 +780,11 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, csr.h_cs = &rnd; csr.blinded_planchet = &pd.blinded_planchet.details.cs_blinded_planchet; - ec = TALER_CRYPTO_helper_cs_batch_sign_withdraw ( + ec = TALER_CRYPTO_helper_cs_batch_sign ( dh, &csr, 1, + false, &ds[0]); if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec) { @@ -843,9 +851,10 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, &pd.blinded_planchet.details. cs_blinded_planchet.nonce); alg_values.cipher = TALER_DENOMINATION_CS; - ec = TALER_CRYPTO_helper_cs_r_derive_melt ( + ec = TALER_CRYPTO_helper_cs_r_derive ( dh, &cdr, + true, &alg_values.details.cs_values); if (TALER_EC_NONE != ec) continue; @@ -873,9 +882,10 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, csr.h_cs = &keys[i].h_cs; csr.blinded_planchet = &pd.blinded_planchet.details.cs_blinded_planchet; - ec = TALER_CRYPTO_helper_cs_sign_melt ( + ec = TALER_CRYPTO_helper_cs_sign ( dh, &csr, + true, &ds); if (TALER_EC_NONE != ec) break;