taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

more refactoring towards #7272

Browse Source
This commit is contained in:
Christian Grothoff 2022-11-14 06:19:35 +01:00
parent 053faa252c
commit 8bfc6583e7
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
9 changed files with 263 additions and 478 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/exchange/taler-exchange-httpd_batch-withdraw.c
View File

@ -427,8 +427,9 @@ prepare_transaction (const struct TEH_RequestContext *rc,
.bp = &pc->blinded_planchet .bp = &pc->blinded_planchet
}; };
ec = TEH_keys_denomination_sign_withdraw ( ec = TEH_keys_denomination_sign (
&csds, &csds,
false,
&pc->collectable.sig); &pc->collectable.sig);
if (TALER_EC_NONE != ec) if (TALER_EC_NONE != ec)
{ {

23
src/exchange/taler-exchange-httpd_csr.c
View File

@ -179,9 +179,16 @@ TEH_handler_csr_melt (struct TEH_RequestContext *rc,
/* derive r_pub */ /* derive r_pub */
// FIXME-#7272: bundle all requests into one derivation request (TEH_keys_..., crypto helper, security module) // FIXME-#7272: bundle all requests into one derivation request (TEH_keys_..., crypto helper, security module)
ec = TEH_keys_denomination_cs_r_pub_melt (denom_pub_hash, {
nonce, const struct TEH_CsDeriveData cdd = {
r_pub); .h_denom_pub = denom_pub_hash,
.nonce = nonce
};
ec = TEH_keys_denomination_cs_r_pub (&cdd,
true,
r_pub);
}
if (TALER_EC_NONE != ec) if (TALER_EC_NONE != ec)
{ {
GNUNET_break (0); GNUNET_break (0);
@ -315,10 +322,14 @@ TEH_handler_csr_withdraw (struct TEH_RequestContext *rc,
/* derive r_pub */ /* derive r_pub */
{ {
enum TALER_ErrorCode ec; enum TALER_ErrorCode ec;
const struct TEH_CsDeriveData cdd = {
.h_denom_pub = &denom_pub_hash,
.nonce = &nonce
};
ec = TEH_keys_denomination_cs_r_pub_withdraw (&denom_pub_hash, ec = TEH_keys_denomination_cs_r_pub (&cdd,
&nonce, false,
&ewv.details.cs_values); &ewv.details.cs_values);
if (TALER_EC_NONE != ec) if (TALER_EC_NONE != ec)
{ {
GNUNET_break (0); GNUNET_break (0);

260
src/exchange/taler-exchange-httpd_keys.c
View File

@ -2746,8 +2746,9 @@ TEH_keys_denomination_by_hash2 (
enum TALER_ErrorCode enum TALER_ErrorCode
TEH_keys_denomination_sign_withdraw ( TEH_keys_denomination_sign (
const struct TEH_CoinSignData *csd, const struct TEH_CoinSignData *csd,
bool for_melt,
struct TALER_BlindedDenominationSignature *bs) struct TALER_BlindedDenominationSignature *bs)
{ {
struct TEH_KeyStateHandle *ksh; struct TEH_KeyStateHandle *ksh;
@ -2787,9 +2788,10 @@ TEH_keys_denomination_sign_withdraw (
csr.h_cs = &hd->h_details.h_cs; csr.h_cs = &hd->h_details.h_cs;
csr.blinded_planchet = &bp->details.cs_blinded_planchet; csr.blinded_planchet = &bp->details.cs_blinded_planchet;
return TALER_CRYPTO_helper_cs_sign_withdraw ( return TALER_CRYPTO_helper_cs_sign (
ksh->helpers->csdh, ksh->helpers->csdh,
&csr, &csr,
for_melt,
bs); bs);
} }
default: default:
@ -2799,118 +2801,135 @@ TEH_keys_denomination_sign_withdraw (
enum TALER_ErrorCode enum TALER_ErrorCode
TEH_keys_denomination_batch_sign_withdraw ( TEH_keys_denomination_batch_sign (
const struct TEH_CoinSignData *csds, const struct TEH_CoinSignData *csds,
unsigned int csds_length, unsigned int csds_length,
bool for_melt,
struct TALER_BlindedDenominationSignature *bss) struct TALER_BlindedDenominationSignature *bss)
{ {
struct TEH_KeyStateHandle *ksh; struct TEH_KeyStateHandle *ksh;
struct HelperDenomination *hd; struct HelperDenomination *hd;
#if 0 struct TALER_CRYPTO_RsaSignRequest rsrs[csds_length];
struct TALER_CRYPTO_CsSignRequest csrs[csds_length];
struct TALER_BlindedDenominationSignature rs[csds_length];
struct TALER_BlindedDenominationSignature cs[csds_length];
unsigned int rsrs_pos = 0;
unsigned int csrs_pos = 0;
enum TALER_ErrorCode ec;
ksh = TEH_keys_get_state (); ksh = TEH_keys_get_state ();
if (NULL == ksh) if (NULL == ksh)
return TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING; return TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING;
hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys, for (unsigned int i = 0; i<csds_length; i++)
&h_denom_pub->hash);
if (NULL == hd)
return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN;
if (bp->cipher != hd->denom_pub.cipher)
return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
switch (hd->denom_pub.cipher)
{ {
case TALER_DENOMINATION_RSA: const struct TALER_DenominationHashP *h_denom_pub = csds[i].h_denom_pub;
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_RSA]++; const struct TALER_BlindedPlanchet *bp = csds[i].bp;
{
struct TALER_CRYPTO_RsaSignRequest rsr = {
.h_rsa = &hd->h_details.h_rsa,
.msg = bp->details.rsa_blinded_planchet.blinded_msg,
.msg_size = bp->details.rsa_blinded_planchet.blinded_msg_size
};
return TALER_CRYPTO_helper_rsa_sign ( hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys,
ksh->helpers->rsadh, &h_denom_pub->hash);
&rsr, if (NULL == hd)
bs); return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN;
} if (bp->cipher != hd->denom_pub.cipher)
case TALER_DENOMINATION_CS: return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS]++; switch (hd->denom_pub.cipher)
{ {
struct TALER_CRYPTO_CsSignRequest csr; case TALER_DENOMINATION_RSA:
rsrs[rsrs_pos].h_rsa = &hd->h_details.h_rsa;
csr.h_cs = &hd->h_details.h_cs; rsrs[rsrs_pos].msg
csr.blinded_planchet = &bp->details.cs_blinded_planchet; = bp->details.rsa_blinded_planchet.blinded_msg;
return TALER_CRYPTO_helper_cs_sign_withdraw ( rsrs[rsrs_pos].msg_size
ksh->helpers->csdh, = bp->details.rsa_blinded_planchet.blinded_msg_size;
&csr, rsrs_pos++;
bs); break;
case TALER_DENOMINATION_CS:
csrs[csrs_pos].h_cs = &hd->h_details.h_cs;
csrs[csrs_pos].blinded_planchet = &bp->details.cs_blinded_planchet;
csrs_pos++;
break;
default:
return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
} }
default:
return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
} }
#endif
if ( (0 != csrs_pos) &&
(0 != rsrs_pos) )
{
memset (rs,
0,
sizeof (rs));
memset (cs,
0,
sizeof (cs));
}
ec = TALER_EC_NONE;
if (0 != csrs_pos)
{
ec = TALER_CRYPTO_helper_cs_batch_sign (
ksh->helpers->csdh,
csrs,
csrs_pos,
for_melt,
(0 == rsrs_pos) ? bss : cs);
if (TALER_EC_NONE != ec)
{
for (unsigned int i = 0; i<csrs_pos; i++)
TALER_blinded_denom_sig_free (&cs[i]);
return ec;
}
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS] += csrs_pos;
}
if (0 != rsrs_pos)
{
ec = TALER_CRYPTO_helper_rsa_batch_sign (
ksh->helpers->rsadh,
rsrs,
rsrs_pos,
(0 == csrs_pos) ? bss : rs);
if (TALER_EC_NONE != ec)
{
for (unsigned int i = 0; i<csrs_pos; i++)
TALER_blinded_denom_sig_free (&cs[i]);
for (unsigned int i = 0; i<rsrs_pos; i++)
TALER_blinded_denom_sig_free (&rs[i]);
return ec;
}
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_RSA] += rsrs_pos;
}
if ( (0 != csrs_pos) &&
(0 != rsrs_pos) )
{
rsrs_pos = 0;
csrs_pos = 0;
for (unsigned int i = 0; i<csds_length; i++)
{
const struct TALER_BlindedPlanchet *bp = csds[i].bp;
switch (bp->cipher)
{
case TALER_DENOMINATION_RSA:
bss[i] = rs[rsrs_pos++];
break;
case TALER_DENOMINATION_CS:
bss[i] = cs[csrs_pos++];
break;
default:
GNUNET_assert (0);
}
}
}
return TALER_EC_NONE;
} }
enum TALER_ErrorCode enum TALER_ErrorCode
TEH_keys_denomination_sign_melt ( TEH_keys_denomination_cs_r_pub (
const struct TEH_CoinSignData *csd, const struct TEH_CsDeriveData *cdd,
struct TALER_BlindedDenominationSignature *bs) bool for_melt,
{
const struct TALER_DenominationHashP *h_denom_pub = csd->h_denom_pub;
const struct TALER_BlindedPlanchet *bp = csd->bp;
struct TEH_KeyStateHandle *ksh;
struct HelperDenomination *hd;
ksh = TEH_keys_get_state ();
if (NULL == ksh)
return TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING;
hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys,
&h_denom_pub->hash);
if (NULL == hd)
return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN;
if (bp->cipher != hd->denom_pub.cipher)
return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
switch (hd->denom_pub.cipher)
{
case TALER_DENOMINATION_RSA:
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_RSA]++;
{
struct TALER_CRYPTO_RsaSignRequest rsr = {
.h_rsa = &hd->h_details.h_rsa,
.msg = bp->details.rsa_blinded_planchet.blinded_msg,
.msg_size = bp->details.rsa_blinded_planchet.blinded_msg_size
};
return TALER_CRYPTO_helper_rsa_sign (
ksh->helpers->rsadh,
&rsr,
bs);
}
case TALER_DENOMINATION_CS:
{
struct TALER_CRYPTO_CsSignRequest csr;
csr.h_cs = &hd->h_details.h_cs;
csr.blinded_planchet = &bp->details.cs_blinded_planchet;
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS]++;
return TALER_CRYPTO_helper_cs_sign_melt (
ksh->helpers->csdh,
&csr,
bs);
}
default:
return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
}
}
enum TALER_ErrorCode
TEH_keys_denomination_cs_r_pub_melt (
const struct TALER_DenominationHashP *h_denom_pub,
const struct TALER_CsNonce *nonce,
struct TALER_DenominationCSPublicRPairP *r_pub) struct TALER_DenominationCSPublicRPairP *r_pub)
{ {
const struct TALER_DenominationHashP *h_denom_pub = cdd->h_denom_pub;
const struct TALER_CsNonce *nonce = cdd->nonce;
struct TEH_KeyStateHandle *ksh; struct TEH_KeyStateHandle *ksh;
struct HelperDenomination *hd; struct HelperDenomination *hd;
@ -2935,47 +2954,54 @@ TEH_keys_denomination_cs_r_pub_melt (
.h_cs = &hd->h_details.h_cs, .h_cs = &hd->h_details.h_cs,
.nonce = nonce .nonce = nonce
}; };
return TALER_CRYPTO_helper_cs_r_derive_melt (ksh->helpers->csdh, return TALER_CRYPTO_helper_cs_r_derive (ksh->helpers->csdh,
&cdr, &cdr,
r_pub); for_melt,
r_pub);
} }
} }
enum TALER_ErrorCode enum TALER_ErrorCode
TEH_keys_denomination_cs_r_pub_withdraw ( TEH_keys_denomination_cs_batch_r_pub (
const struct TALER_DenominationHashP *h_denom_pub, const struct TEH_CsDeriveData *cdds,
const struct TALER_CsNonce *nonce, unsigned int cdds_length,
struct TALER_DenominationCSPublicRPairP *r_pub) bool for_melt,
struct TALER_DenominationCSPublicRPairP *r_pubs)
{ {
struct TEH_KeyStateHandle *ksh; struct TEH_KeyStateHandle *ksh;
struct HelperDenomination *hd; struct HelperDenomination *hd;
struct TALER_CRYPTO_CsDeriveRequest cdrs[cdds_length];
ksh = TEH_keys_get_state (); ksh = TEH_keys_get_state ();
if (NULL == ksh) if (NULL == ksh)
{ {
return TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING; return TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING;
} }
hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys, for (unsigned int i = 0; i<cdds_length; i++)
&h_denom_pub->hash);
if (NULL == hd)
{ {
return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN; const struct TALER_DenominationHashP *h_denom_pub = cdds[i].h_denom_pub;
} const struct TALER_CsNonce *nonce = cdds[i].nonce;
if (TALER_DENOMINATION_CS != hd->denom_pub.cipher)
{
return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
}
{
struct TALER_CRYPTO_CsDeriveRequest cdr = {
.h_cs = &hd->h_details.h_cs,
.nonce = nonce
};
return TALER_CRYPTO_helper_cs_r_derive_withdraw (ksh->helpers->csdh, hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys,
&cdr, &h_denom_pub->hash);
r_pub); if (NULL == hd)
{
return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN;
}
if (TALER_DENOMINATION_CS != hd->denom_pub.cipher)
{
return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
}
cdrs[i].h_cs = &hd->h_details.h_cs;
cdrs[i].nonce = nonce;
} }
return TALER_CRYPTO_helper_cs_r_batch_derive (ksh->helpers->csdh,
cdrs,
cdds_length,
for_melt,
r_pubs);
} }

86
src/exchange/taler-exchange-httpd_keys.h
View File

@ -263,44 +263,18 @@ struct TEH_CoinSignData
}; };
/**
* Request to sign @a csd for regular withdrawing.
*
* @param csd identifies data to blindly sign and key to sign with
* @param[out] bs set to the blind signature on success
* @return #TALER_EC_NONE on success
*/
enum TALER_ErrorCode
TEH_keys_denomination_sign_withdraw (
const struct TEH_CoinSignData *csd,
struct TALER_BlindedDenominationSignature *bs);
/**
* Request to sign @a csds for regular withdrawing.
*
* @param csds array with data to blindly sign (and keys to sign with)
* @param csds_length length of @a csds array
* @param[out] bss array set to the blind signature on success; must be of length @a csds_length
* @return #TALER_EC_NONE on success
*/
enum TALER_ErrorCode
TEH_keys_denomination_batch_sign_withdraw (
const struct TEH_CoinSignData *csds,
unsigned int csds_length,
struct TALER_BlindedDenominationSignature *bss);
/** /**
* Request to sign @a csd for melting. * Request to sign @a csd for melting.
* *
* @param csd identifies data to blindly sign and key to sign with * @param csd identifies data to blindly sign and key to sign with
* @param for_melt true if this is for a melt operation
* @param[out] bs set to the blind signature on success * @param[out] bs set to the blind signature on success
* @return #TALER_EC_NONE on success * @return #TALER_EC_NONE on success
*/ */
enum TALER_ErrorCode enum TALER_ErrorCode
TEH_keys_denomination_sign_melt ( TEH_keys_denomination_sign (
const struct TEH_CoinSignData *csd, const struct TEH_CoinSignData *csd,
bool for_melt,
struct TALER_BlindedDenominationSignature *bs); struct TALER_BlindedDenominationSignature *bs);
@ -309,46 +283,66 @@ TEH_keys_denomination_sign_melt (
* *
* @param csds array with data to blindly sign (and keys to sign with) * @param csds array with data to blindly sign (and keys to sign with)
* @param csds_length length of @a csds array * @param csds_length length of @a csds array
* @param for_melt true if this is for a melt operation
* @param[out] bss array set to the blind signature on success; must be of length @a csds_length * @param[out] bss array set to the blind signature on success; must be of length @a csds_length
* @return #TALER_EC_NONE on success * @return #TALER_EC_NONE on success
*/ */
enum TALER_ErrorCode enum TALER_ErrorCode
TEH_keys_denomination_batch_sign_melt ( TEH_keys_denomination_batch_sign (
const struct TEH_CoinSignData *csds, const struct TEH_CoinSignData *csds,
unsigned int csds_length, unsigned int csds_length,
bool for_melt,
struct TALER_BlindedDenominationSignature *bss); struct TALER_BlindedDenominationSignature *bss);
/** /**
* Request to derive CS @a r_pub using the denomination corresponding to @a h_denom_pub * Information needed to derive the CS r_pub.
* and @a nonce for withdrawing. */
struct TEH_CsDeriveData
{
/**
* Hash of key to sign with.
*/
const struct TALER_DenominationHashP *h_denom_pub;
/**
* Nonce to use.
*/
const struct TALER_CsNonce *nonce;
};
/**
* Request to derive CS @a r_pub using the denomination and nonce from @a cdd.
* *
* @param h_denom_pub hash of the public key to use to derive r_pub * @param cdd data to compute @a r_pub from
* @param nonce withdraw/refresh nonce * @param for_melt true if this is for a melt operation
* @param[out] r_pub where to write the result * @param[out] r_pub where to write the result
* @return #TALER_EC_NONE on success * @return #TALER_EC_NONE on success
*/ */
enum TALER_ErrorCode enum TALER_ErrorCode
TEH_keys_denomination_cs_r_pub_withdraw ( TEH_keys_denomination_cs_r_pub (
const struct TALER_DenominationHashP *h_denom_pub, const struct TEH_CsDeriveData *cdd,
const struct TALER_CsNonce *nonce, bool for_melt,
struct TALER_DenominationCSPublicRPairP *r_pub); struct TALER_DenominationCSPublicRPairP *r_pub);
/** /**
* Request to derive CS @a r_pub using the denomination corresponding to @a h_denom_pub * Request to derive a bunch of CS @a r_pubs using the
* and @a nonce for melting. * denominations and nonces from @a cdds.
* *
* @param h_denom_pub hash of the public key to use to derive r_pub * @param cdds array to compute @a r_pubs from
* @param nonce withdraw/refresh nonce * @param cdds_length length of the @a cdds array
* @param[out] r_pub where to write the result * @param for_melt true if this is for a melt operation
* @param[out] r_pubs array where to write the result; must be of length @a cdds_length
* @return #TALER_EC_NONE on success * @return #TALER_EC_NONE on success
*/ */
enum TALER_ErrorCode enum TALER_ErrorCode
TEH_keys_denomination_cs_r_pub_melt ( TEH_keys_denomination_cs_batch_r_pub (
const struct TALER_DenominationHashP *h_denom_pub, const struct TEH_CsDeriveData *cdds,
const struct TALER_CsNonce *nonce, unsigned int cdds_length,
struct TALER_DenominationCSPublicRPairP *r_pub); bool for_melt,
struct TALER_DenominationCSPublicRPairP *r_pubs);
/** /**

13
src/exchange/taler-exchange-httpd_refreshes_reveal.c
View File

@ -215,10 +215,14 @@ check_commitment (struct RevealContext *rctx,
case TALER_DENOMINATION_CS: case TALER_DENOMINATION_CS:
{ {
enum TALER_ErrorCode ec; enum TALER_ErrorCode ec;
const struct TEH_CsDeriveData cdd = {
.h_denom_pub = &rctx->rrcs[j].h_denom_pub,
.nonce = &nonces[aoff]
};
ec = TEH_keys_denomination_cs_r_pub_melt ( ec = TEH_keys_denomination_cs_r_pub (
&rctx->rrcs[j].h_denom_pub, &cdd,
&nonces[aoff], true,
&alg_values->details.cs_values); &alg_values->details.cs_values);
if (TALER_EC_NONE != ec) if (TALER_EC_NONE != ec)
{ {
@ -756,8 +760,9 @@ clean_age:
// FIXME #7272: replace with a batch call that // FIXME #7272: replace with a batch call that
// passes all coins in once go! // passes all coins in once go!
ec = TEH_keys_denomination_sign_melt ( ec = TEH_keys_denomination_sign (
&csd, &csd,
true,
&rrcs[i].coin_sig); &rrcs[i].coin_sig);
if (TALER_EC_NONE != ec) if (TALER_EC_NONE != ec)
{ {

3
src/exchange/taler-exchange-httpd_withdraw.c
View File

@ -455,8 +455,9 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
}; };
/* Sign before transaction! */ /* Sign before transaction! */
ec = TEH_keys_denomination_sign_withdraw ( ec = TEH_keys_denomination_sign (
&csd, &csd,
false,
&wc.collectable.sig); &wc.collectable.sig);
} }
if (TALER_EC_NONE != ec) if (TALER_EC_NONE != ec)

110
src/include/taler_crypto_lib.h
View File

@ -2494,57 +2494,15 @@ struct TALER_CRYPTO_CsSignRequest
* *
* @param dh helper process connection * @param dh helper process connection
* @param req information about the key to sign with and the value to sign * @param req information about the key to sign with and the value to sign
* @param for_melt true if for melt operation
* @param[out] bs set to the blind signature * @param[out] bs set to the blind signature
* @return #TALER_EC_NONE on success * @return #TALER_EC_NONE on success
*/ */
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_sign_melt ( TALER_CRYPTO_helper_cs_sign (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsSignRequest *req,
struct TALER_BlindedDenominationSignature *bs);
/**
* Request helper @a dh to batch sign batch @a reqs.
*
* This operation will block until the signature has been obtained. Should
* this process receive a signal (that is not ignored) while the operation is
* pending, the operation will fail. Note that the helper may still believe
* that it created the signature. Thus, signals may result in a small
* differences in the signature counters. Retrying in this case may work.
*
* @param dh helper process connection
* @param reqs array with information about the keys to sign with and the values to sign
* @param reqs_length length of the @a reqs array
* @param[out] bss array set to the blind signatures, must be of length @a reqs_length!
* @return #TALER_EC_NONE on success
*/
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_batch_sign_melt (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsSignRequest *reqs,
unsigned int reqs_length,
struct TALER_BlindedDenominationSignature *bss);
/**
* Request helper @a dh to sign @a req.
*
* This operation will block until the signature has been obtained. Should
* this process receive a signal (that is not ignored) while the operation is
* pending, the operation will fail. Note that the helper may still believe
* that it created the signature. Thus, signals may result in a small
* differences in the signature counters. Retrying in this case may work.
*
* @param dh helper process connection
* @param req information about the key to sign with and the value to sign
* @param[out] bs set to the blind signature
* @return #TALER_EC_NONE on success
*/
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_sign_withdraw (
struct TALER_CRYPTO_CsDenominationHelper *dh, struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsSignRequest *req, const struct TALER_CRYPTO_CsSignRequest *req,
bool for_melt,
struct TALER_BlindedDenominationSignature *bs); struct TALER_BlindedDenominationSignature *bs);
@ -2560,14 +2518,16 @@ TALER_CRYPTO_helper_cs_sign_withdraw (
* @param dh helper process connection * @param dh helper process connection
* @param reqs information about the keys to sign with and the values to sign * @param reqs information about the keys to sign with and the values to sign
* @param reqs_length length of the @a reqs array * @param reqs_length length of the @a reqs array
* @param for_melt true if this is for a melt operation
* @param[out] bs array set to the blind signatures, must be of length @a reqs_length! * @param[out] bs array set to the blind signatures, must be of length @a reqs_length!
* @return #TALER_EC_NONE on success * @return #TALER_EC_NONE on success
*/ */
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_batch_sign_withdraw ( TALER_CRYPTO_helper_cs_batch_sign (
struct TALER_CRYPTO_CsDenominationHelper *dh, struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsSignRequest *reqs, const struct TALER_CRYPTO_CsSignRequest *reqs,
unsigned int reqs_length, unsigned int reqs_length,
bool for_melt,
struct TALER_BlindedDenominationSignature *bss); struct TALER_BlindedDenominationSignature *bss);
@ -2621,20 +2581,20 @@ struct TALER_CRYPTO_CsDeriveRequest
* *
* @param dh helper to process connection * @param dh helper to process connection
* @param cdr derivation input data * @param cdr derivation input data
* @param nonce witdhraw nonce * @param for_melt true if this is for a melt operation
* @param[out] crp set to the pair of R values * @param[out] crp set to the pair of R values
* @return set to the error code (or #TALER_EC_NONE on success) * @return set to the error code (or #TALER_EC_NONE on success)
*/ */
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_r_derive_withdraw ( TALER_CRYPTO_helper_cs_r_derive (
struct TALER_CRYPTO_CsDenominationHelper *dh, struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsDeriveRequest *cdr, const struct TALER_CRYPTO_CsDeriveRequest *cdr,
bool for_melt,
struct TALER_DenominationCSPublicRPairP *crp); struct TALER_DenominationCSPublicRPairP *crp);
/** /**
* Ask the helper to derive R using the information * Ask the helper to derive R using the information from @a cdrs.
* from @a cdrs.
* *
* This operation will block until the R has been obtained. Should * This operation will block until the R has been obtained. Should
* this process receive a signal (that is not ignored) while the operation is * this process receive a signal (that is not ignored) while the operation is
@ -2645,60 +2605,16 @@ TALER_CRYPTO_helper_cs_r_derive_withdraw (
* @param dh helper to process connection * @param dh helper to process connection
* @param cdrs array with derivation input data * @param cdrs array with derivation input data
* @param cdrs_length length of the @a cdrs array * @param cdrs_length length of the @a cdrs array
* @param for_melt true if this is for a melt operation
* @param[out] crp array set to the pair of R values, must be of length @a cdrs_length * @param[out] crp array set to the pair of R values, must be of length @a cdrs_length
* @return set to the error code (or #TALER_EC_NONE on success) * @return set to the error code (or #TALER_EC_NONE on success)
*/ */
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_r_batch_derive_withdraw ( TALER_CRYPTO_helper_cs_r_batch_derive (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsDeriveRequest *cdrs,
unsigned int cdrs_length,
struct TALER_DenominationCSPublicRPairP *crps);
/**
* Ask the helper to derive R using the information
* from @a cdr.
*
* This operation will block until the R has been obtained. Should
* this process receive a signal (that is not ignored) while the operation is
* pending, the operation will fail. Note that the helper may still believe
* that it created the signature. Thus, signals may result in a small
* differences in the signature counters. Retrying in this case may work.
*
* @param dh helper to process connection
* @param cdr derivation input data
* @param[out] crp set to the pair of R values
* @return set to the error code (or #TALER_EC_NONE on success)
*/
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_r_derive_melt (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsDeriveRequest *cdr,
struct TALER_DenominationCSPublicRPairP *crp);
/**
* Ask the helper to derive R using the information
* from @a cdrs.
*
* This operation will block until the R has been obtained. Should
* this process receive a signal (that is not ignored) while the operation is
* pending, the operation will fail. Note that the helper may still believe
* that it created the signature. Thus, signals may result in a small
* differences in the signature counters. Retrying in this case may work.
*
* @param dh helper to process connection
* @param cdrs array with derivation input data
* @param cdrs_length length of the @a cdrs array
* @param[out] crps array set to the pair of R values, must be of length @a cdrs_length
* @return set to the error code (or #TALER_EC_NONE on success)
*/
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_r_batch_derive_melt (
struct TALER_CRYPTO_CsDenominationHelper *dh, struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsDeriveRequest *cdrs, const struct TALER_CRYPTO_CsDeriveRequest *cdrs,
unsigned int cdrs_length, unsigned int cdrs_length,
bool for_melt,
struct TALER_DenominationCSPublicRPairP *crps); struct TALER_DenominationCSPublicRPairP *crps);

209
src/util/crypto_helper_cs.c
View File

@ -378,32 +378,17 @@ more:
} }
/** enum TALER_ErrorCode
* Request helper @a dh to sign @a msg using the public key corresponding to TALER_CRYPTO_helper_cs_sign (
* @a h_denom_pub.
*
* This operation will block until the signature has been obtained. Should
* this process receive a signal (that is not ignored) while the operation is
* pending, the operation will fail. Note that the helper may still believe
* that it created the signature. Thus, signals may result in a small
* differences in the signature counters. Retrying in this case may work.
*
* @param dh helper process connection
* @param h_cs hash of the CS public key to use to sign
* @param blinded_planchet blinded planchet containing c and nonce
* @param for_melt true if the HKDF for melt should be used
* @param[out] bs set to the blind signature
* @return #TALER_EC_NONE on success
*/
static enum TALER_ErrorCode
helper_cs_sign (
struct TALER_CRYPTO_CsDenominationHelper *dh, struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CsPubHashP *h_cs, const struct TALER_CRYPTO_CsSignRequest *req,
const struct TALER_BlindedCsPlanchet *blinded_planchet,
bool for_melt, bool for_melt,
struct TALER_BlindedDenominationSignature *bs) struct TALER_BlindedDenominationSignature *bs)
{ {
enum TALER_ErrorCode ec = TALER_EC_INVALID; enum TALER_ErrorCode ec = TALER_EC_INVALID;
const struct TALER_CsPubHashP *h_cs = req->h_cs;
const struct TALER_BlindedCsPlanchet *blinded_planchet =
req->blinded_planchet;
bs->cipher = TALER_DENOMINATION_INVALID; bs->cipher = TALER_DENOMINATION_INVALID;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@ -592,34 +577,6 @@ end:
} }
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_sign_melt (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsSignRequest *req,
struct TALER_BlindedDenominationSignature *bs)
{
return helper_cs_sign (dh,
req->h_cs,
req->blinded_planchet,
true,
bs);
}
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_sign_withdraw (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsSignRequest *req,
struct TALER_BlindedDenominationSignature *bs)
{
return helper_cs_sign (dh,
req->h_cs,
req->blinded_planchet,
false,
bs);
}
void void
TALER_CRYPTO_helper_cs_revoke ( TALER_CRYPTO_helper_cs_revoke (
struct TALER_CRYPTO_CsDenominationHelper *dh, struct TALER_CRYPTO_CsDenominationHelper *dh,
@ -650,31 +607,15 @@ TALER_CRYPTO_helper_cs_revoke (
} }
/** enum TALER_ErrorCode
* Ask the helper to derive R using the @a nonce and denomination key TALER_CRYPTO_helper_cs_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh,
* associated with @a h_cs. const struct TALER_CRYPTO_CsDeriveRequest *cdr,
* bool for_melt,
* This operation will block until the R has been obtained. Should struct TALER_DenominationCSPublicRPairP *crp)
* this process receive a signal (that is not ignored) while the operation is
* pending, the operation will fail. Note that the helper may still believe
* that it created the signature. Thus, signals may result in a small
* differences in the signature counters. Retrying in this case may work.
*
* @param dh helper to process connection
* @param h_cs hash of the CS public key to revoke
* @param nonce witdhraw nonce
* @param for_melt true if the HKDF for melt should be used
* @param[out] crp set to the pair of R values
* @return set to the error code (or #TALER_EC_NONE on success)
*/
static enum TALER_ErrorCode
helper_cs_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CsPubHashP *h_cs,
const struct TALER_CsNonce *nonce,
bool for_melt,
struct TALER_DenominationCSPublicRPairP *crp)
{ {
enum TALER_ErrorCode ec = TALER_EC_INVALID; enum TALER_ErrorCode ec = TALER_EC_INVALID;
const struct TALER_CsPubHashP *h_cs = cdr->h_cs;
const struct TALER_CsNonce *nonce = cdr->nonce;
memset (crp, memset (crp,
0, 0,
@ -852,51 +793,7 @@ more:
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_r_derive_withdraw ( TALER_CRYPTO_helper_cs_batch_sign (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsDeriveRequest *cdr,
struct TALER_DenominationCSPublicRPairP *crp)
{
return helper_cs_r_derive (dh,
cdr->h_cs,
cdr->nonce,
false,
crp);
}
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_r_derive_melt (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsDeriveRequest *cdr,
struct TALER_DenominationCSPublicRPairP *crp)
{
return helper_cs_r_derive (dh,
cdr->h_cs,
cdr->nonce,
true,
crp);
}
/**
* Request helper @a dh to sign batch of @a reqs requests.
*
* This operation will block until the signature has been obtained. Should
* this process receive a signal (that is not ignored) while the operation is
* pending, the operation will fail. Note that the helper may still believe
* that it created the signature. Thus, signals may result in a small
* differences in the signature counters. Retrying in this case may work.
*
* @param dh helper process connection
* @param reqs information about the keys to sign with and the values to sign
* @param reqs_length length of the @a reqs array
* @param for_melt true if this is for a melt operation
* @param[out] bs array set to the blind signatures, must be of length @a reqs_length!
* @return #TALER_EC_NONE on success
*/
static enum TALER_ErrorCode
helper_cs_batch_sign (
struct TALER_CRYPTO_CsDenominationHelper *dh, struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsSignRequest *reqs, const struct TALER_CRYPTO_CsSignRequest *reqs,
unsigned int reqs_length, unsigned int reqs_length,
@ -1141,53 +1038,7 @@ more:
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_batch_sign_melt ( TALER_CRYPTO_helper_cs_r_batch_derive (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsSignRequest *reqs,
unsigned int reqs_length,
struct TALER_BlindedDenominationSignature *bss)
{
return helper_cs_batch_sign (dh,
reqs,
reqs_length,
true,
bss);
}
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_batch_sign_withdraw (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsSignRequest *reqs,
unsigned int reqs_length,
struct TALER_BlindedDenominationSignature *bss)
{
return helper_cs_batch_sign (dh,
reqs,
reqs_length,
false,
bss);
}
/**
* Ask the helper to derive R using the information from @a cdrs.
*
* This operation will block until the R has been obtained. Should
* this process receive a signal (that is not ignored) while the operation is
* pending, the operation will fail. Note that the helper may still believe
* that it created the signature. Thus, signals may result in a small
* differences in the signature counters. Retrying in this case may work.
*
* @param dh helper to process connection
* @param cdrs array with derivation input data
* @param cdrs_length length of the @a cdrs array
* @param for_melt true if this is for a melt operation
* @param[out] crp array set to the pair of R values, must be of length @a cdrs_length
* @return set to the error code (or #TALER_EC_NONE on success)
*/
static enum TALER_ErrorCode
helper_cs_r_batch_derive (
struct TALER_CRYPTO_CsDenominationHelper *dh, struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsDeriveRequest *cdrs, const struct TALER_CRYPTO_CsDeriveRequest *cdrs,
unsigned int cdrs_length, unsigned int cdrs_length,
@ -1429,36 +1280,6 @@ more:
} }
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_r_batch_derive_withdraw (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsDeriveRequest *cdrs,
unsigned int cdrs_length,
struct TALER_DenominationCSPublicRPairP *crps)
{
return helper_cs_r_batch_derive (dh,
cdrs,
cdrs_length,
false,
crps);
}
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_r_batch_derive_melt (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsDeriveRequest *cdrs,
unsigned int cdrs_length,
struct TALER_DenominationCSPublicRPairP *crps)
{
return helper_cs_r_batch_derive (dh,
cdrs,
cdrs_length,
true,
crps);
}
void void
TALER_CRYPTO_helper_cs_disconnect ( TALER_CRYPTO_helper_cs_disconnect (
struct TALER_CRYPTO_CsDenominationHelper *dh) struct TALER_CRYPTO_CsDenominationHelper *dh)

34
src/util/test_helper_cs.c
View File

@ -295,9 +295,10 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
.nonce = &pd.blinded_planchet.details.cs_blinded_planchet.nonce .nonce = &pd.blinded_planchet.details.cs_blinded_planchet.nonce
}; };
ec = TALER_CRYPTO_helper_cs_r_derive_withdraw ( ec = TALER_CRYPTO_helper_cs_r_derive (
dh, dh,
&cdr, &cdr,
false,
&alg_values.details.cs_values); &alg_values.details.cs_values);
} }
switch (ec) switch (ec)
@ -391,9 +392,10 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&nonce, &nonce,
sizeof (nonce)); sizeof (nonce));
ec = TALER_CRYPTO_helper_cs_r_derive_withdraw (dh, ec = TALER_CRYPTO_helper_cs_r_derive (dh,
&cdr, &cdr,
&crp); false,
&crp);
if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec) if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec)
{ {
GNUNET_break (0); GNUNET_break (0);
@ -443,9 +445,10 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
&pd.blinded_planchet.details. &pd.blinded_planchet.details.
cs_blinded_planchet.nonce); cs_blinded_planchet.nonce);
alg_values.cipher = TALER_DENOMINATION_CS; alg_values.cipher = TALER_DENOMINATION_CS;
ec = TALER_CRYPTO_helper_cs_r_derive_withdraw ( ec = TALER_CRYPTO_helper_cs_r_derive (
dh, dh,
&cdr, &cdr,
false,
&alg_values.details.cs_values); &alg_values.details.cs_values);
if (TALER_EC_NONE != ec) if (TALER_EC_NONE != ec)
continue; continue;
@ -470,9 +473,10 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
csr.h_cs = &keys[i].h_cs; csr.h_cs = &keys[i].h_cs;
csr.blinded_planchet csr.blinded_planchet
= &pd.blinded_planchet.details.cs_blinded_planchet; = &pd.blinded_planchet.details.cs_blinded_planchet;
ec = TALER_CRYPTO_helper_cs_sign_withdraw ( ec = TALER_CRYPTO_helper_cs_sign (
dh, dh,
&csr, &csr,
false,
&ds); &ds);
} }
switch (ec) switch (ec)
@ -571,9 +575,10 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
csr.h_cs = &rnd; csr.h_cs = &rnd;
csr.blinded_planchet csr.blinded_planchet
= &pd.blinded_planchet.details.cs_blinded_planchet; = &pd.blinded_planchet.details.cs_blinded_planchet;
ec = TALER_CRYPTO_helper_cs_sign_withdraw ( ec = TALER_CRYPTO_helper_cs_sign (
dh, dh,
&csr, &csr,
false,
&ds); &ds);
if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec) if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec)
{ {
@ -635,10 +640,11 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
&pd[i].blinded_planchet.details.cs_blinded_planchet.nonce); &pd[i].blinded_planchet.details.cs_blinded_planchet.nonce);
alg_values[i].cipher = TALER_DENOMINATION_CS; alg_values[i].cipher = TALER_DENOMINATION_CS;
} }
ec = TALER_CRYPTO_helper_cs_r_batch_derive_withdraw ( ec = TALER_CRYPTO_helper_cs_r_batch_derive (
dh, dh,
cdr, cdr,
batch_size, batch_size,
false,
crps); crps);
if (TALER_EC_NONE != ec) if (TALER_EC_NONE != ec)
continue; continue;
@ -666,10 +672,11 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
csr[i].blinded_planchet csr[i].blinded_planchet
= &pd[i].blinded_planchet.details.cs_blinded_planchet; = &pd[i].blinded_planchet.details.cs_blinded_planchet;
} }
ec = TALER_CRYPTO_helper_cs_batch_sign_withdraw ( ec = TALER_CRYPTO_helper_cs_batch_sign (
dh, dh,
csr, csr,
batch_size, batch_size,
false,
ds); ds);
} }
switch (ec) switch (ec)
@ -773,10 +780,11 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
csr.h_cs = &rnd; csr.h_cs = &rnd;
csr.blinded_planchet csr.blinded_planchet
= &pd.blinded_planchet.details.cs_blinded_planchet; = &pd.blinded_planchet.details.cs_blinded_planchet;
ec = TALER_CRYPTO_helper_cs_batch_sign_withdraw ( ec = TALER_CRYPTO_helper_cs_batch_sign (
dh, dh,
&csr, &csr,
1, 1,
false,
&ds[0]); &ds[0]);
if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec) if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec)
{ {
@ -843,9 +851,10 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
&pd.blinded_planchet.details. &pd.blinded_planchet.details.
cs_blinded_planchet.nonce); cs_blinded_planchet.nonce);
alg_values.cipher = TALER_DENOMINATION_CS; alg_values.cipher = TALER_DENOMINATION_CS;
ec = TALER_CRYPTO_helper_cs_r_derive_melt ( ec = TALER_CRYPTO_helper_cs_r_derive (
dh, dh,
&cdr, &cdr,
true,
&alg_values.details.cs_values); &alg_values.details.cs_values);
if (TALER_EC_NONE != ec) if (TALER_EC_NONE != ec)
continue; continue;
@ -873,9 +882,10 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
csr.h_cs = &keys[i].h_cs; csr.h_cs = &keys[i].h_cs;
csr.blinded_planchet csr.blinded_planchet
= &pd.blinded_planchet.details.cs_blinded_planchet; = &pd.blinded_planchet.details.cs_blinded_planchet;
ec = TALER_CRYPTO_helper_cs_sign_melt ( ec = TALER_CRYPTO_helper_cs_sign (
dh, dh,
&csr, &csr,
true,
&ds); &ds);
if (TALER_EC_NONE != ec) if (TALER_EC_NONE != ec)
break; break;