From 938e2ce39c56ae5afc6c12f15be8f49c7edbf2fd Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 6 Nov 2021 16:04:26 +0100 Subject: [PATCH] more RSA cleanup --- src/benchmark/taler-aggregator-benchmark.c | 33 ++++-- src/exchangedb/test_exchangedb.c | 102 ++++++++++++------- src/testing/testing_api_cmd_insert_deposit.c | 34 +++++-- src/util/denom.c | 2 + 4 files changed, 123 insertions(+), 48 deletions(-) diff --git a/src/benchmark/taler-aggregator-benchmark.c b/src/benchmark/taler-aggregator-benchmark.c index 35d6af6fe..c49f84737 100644 --- a/src/benchmark/taler-aggregator-benchmark.c +++ b/src/benchmark/taler-aggregator-benchmark.c @@ -480,10 +480,14 @@ run (void *cls, GNUNET_TIME_UNIT_YEARS)); { struct TALER_DenominationPrivateKey pk; - struct GNUNET_HashCode hc; struct TALER_DenominationPublicKey denom_pub; + struct TALER_CoinPubHash c_hash; + struct TALER_PlanchetDetail pd; + struct TALER_BlindedDenominationSignature bds; + union TALER_DenominationBlindingKeyP bks; + struct TALER_CoinSpendPublicKeyP coin_pub; - RANDOMIZE (&hc); + RANDOMIZE (&coin_pub); GNUNET_assert (GNUNET_OK == TALER_denom_priv_create (&pk, &denom_pub, @@ -507,10 +511,27 @@ run (void *cls, global_ret = EXIT_FAILURE; return; } - denom_sig.cipher = TALER_DENOMINATION_RSA; - denom_sig.details.rsa_signature - = GNUNET_CRYPTO_rsa_sign_fdh (pk.details.rsa_private_key, - &hc); + + TALER_blinding_secret_create (&bks); + GNUNET_assert (GNUNET_OK == + TALER_denom_blind (&denom_pub, + &bks, + &coin_pub, + &c_hash, + &pd.coin_ev, + &pd.coin_ev_size)); + GNUNET_assert (GNUNET_OK == + TALER_denom_sign_blinded (&bds, + &pk, + pd.coin_ev, + pd.coin_ev_size)); + GNUNET_free (pd.coin_ev); + GNUNET_assert (GNUNET_OK == + TALER_denom_sig_unblind (&denom_sig, + &bds, + &bks, + &denom_pub)); + TALER_blinded_denom_sig_free (&bds); TALER_denom_pub_free (&denom_pub); TALER_denom_priv_free (&pk); } diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c index a1ecfe3d7..691639b21 100644 --- a/src/exchangedb/test_exchangedb.c +++ b/src/exchangedb/test_exchangedb.c @@ -312,9 +312,9 @@ static struct TALER_Amount amount_with_fee; #define MELT_NOREVEAL_INDEX 1 /** - * How big do we make the coin envelopes? + * How big do we make the RSA keys? */ -#define COIN_ENC_MAX_SIZE 512 +#define RSA_KEY_SIZE 1024 static struct TALER_EXCHANGEDB_RefreshRevealedCoin *revealed_coins; @@ -609,12 +609,11 @@ test_melting (void) for (unsigned int cnt = 0; cnt < MELT_NEW_COINS; cnt++) { struct TALER_EXCHANGEDB_RefreshRevealedCoin *ccoin; - struct TALER_BlindedCoinHash hc; struct GNUNET_TIME_Absolute now; now = GNUNET_TIME_absolute_get (); GNUNET_TIME_round_abs (&now); - new_dkp[cnt] = create_denom_key_pair (1024, + new_dkp[cnt] = create_denom_key_pair (RSA_KEY_SIZE, now, &value, &fee_withdraw, @@ -626,17 +625,17 @@ test_melting (void) ccoin = &revealed_coins[cnt]; ccoin->coin_ev_size = (size_t) GNUNET_CRYPTO_random_u64 ( GNUNET_CRYPTO_QUALITY_WEAK, - COIN_ENC_MAX_SIZE); + (RSA_KEY_SIZE / 8) - 1); ccoin->coin_ev = GNUNET_malloc (ccoin->coin_ev_size); GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, ccoin->coin_ev, ccoin->coin_ev_size); - RND_BLK (&hc); ccoin->denom_pub = new_dkp[cnt]->pub; - ccoin->coin_sig.cipher = TALER_DENOMINATION_RSA; - ccoin->coin_sig.details.blinded_rsa_signature - = GNUNET_CRYPTO_rsa_sign_fdh (new_dkp[cnt]->priv.details.rsa_private_key, - &hc.hash); + GNUNET_assert (GNUNET_OK == + TALER_denom_sign_blinded (&ccoin->coin_sig, + &new_dkp[cnt]->priv, + ccoin->coin_ev, + ccoin->coin_ev_size)); } RND_BLK (&tprivs); RND_BLK (&tpub); @@ -658,8 +657,6 @@ test_melting (void) &refresh_session.rc, &check_refresh_reveal_cb, NULL)); - - qs = plugin->get_link_data (plugin->cls, &refresh_session.coin.coin_pub, &handle_link_data_cb, @@ -1027,7 +1024,7 @@ test_gc (void) GNUNET_TIME_relative_multiply ( GNUNET_TIME_UNIT_HOURS, 4)); - dkp = create_denom_key_pair (1024, + dkp = create_denom_key_pair (RSA_KEY_SIZE, past, &value, &fee_withdraw, @@ -1463,7 +1460,6 @@ run (void *cls) struct TALER_ReservePublicKeyP reserve_pub; struct TALER_ReservePublicKeyP reserve_pub2; struct DenomKeyPair *dkp; - struct TALER_DenominationHash dkp_pub_hash; struct TALER_MasterSignatureP master_sig; struct TALER_EXCHANGEDB_CollectableBlindcoin cbc; struct TALER_EXCHANGEDB_CollectableBlindcoin cbc2; @@ -1483,6 +1479,8 @@ run (void *cls) enum GNUNET_DB_QueryStatus qs; struct GNUNET_TIME_Absolute now; struct TALER_WireSalt salt; + union TALER_DenominationBlindingKeyP bks; + struct TALER_CoinPubHash c_hash; dkp = NULL; rh = NULL; @@ -1590,7 +1588,7 @@ run (void *cls) result = 5; now = GNUNET_TIME_absolute_get (); (void) GNUNET_TIME_round_abs (&now); - dkp = create_denom_key_pair (1024, + dkp = create_denom_key_pair (RSA_KEY_SIZE, now, &value, &fee_withdraw, @@ -1599,14 +1597,31 @@ run (void *cls) &fee_refund); GNUNET_assert (NULL != dkp); TALER_denom_pub_hash (&dkp->pub, - &dkp_pub_hash); - RND_BLK (&cbc.h_coin_envelope); + &cbc.denom_pub_hash); RND_BLK (&cbc.reserve_sig); - cbc.denom_pub_hash = dkp_pub_hash; - cbc.sig.cipher = TALER_DENOMINATION_RSA; - cbc.sig.details.blinded_rsa_signature - = GNUNET_CRYPTO_rsa_sign_fdh (dkp->priv.details.rsa_private_key, - &cbc.h_coin_envelope.hash); + { + struct TALER_PlanchetDetail pd; + struct TALER_CoinSpendPublicKeyP coin_pub; + + RND_BLK (&coin_pub); + TALER_blinding_secret_create (&bks); + GNUNET_assert (GNUNET_OK == + TALER_denom_blind (&dkp->pub, + &bks, + &coin_pub, + &c_hash, + &pd.coin_ev, + &pd.coin_ev_size)); + TALER_coin_ev_hash (pd.coin_ev, + pd.coin_ev_size, + &cbc.h_coin_envelope); + GNUNET_assert (GNUNET_OK == + TALER_denom_sign_blinded (&cbc.sig, + &dkp->priv, + pd.coin_ev, + pd.coin_ev_size)); + GNUNET_free (pd.coin_ev); + } cbc.reserve_pub = reserve_pub; cbc.amount_with_fee = value; GNUNET_assert (GNUNET_OK == @@ -1636,20 +1651,32 @@ run (void *cls) FAILIF (0 != GNUNET_memcmp (&cbc2.reserve_pub, &cbc.reserve_pub)); result = 6; - FAILIF (GNUNET_OK != - GNUNET_CRYPTO_rsa_verify (&cbc.h_coin_envelope.hash, - cbc2.sig.details.blinded_rsa_signature, - dkp->pub.details.rsa_public_key)); + { + struct TALER_DenominationSignature ds; + + GNUNET_assert (GNUNET_OK == + TALER_denom_sig_unblind (&ds, + &cbc2.sig, + &bks, + &dkp->pub)); + FAILIF (GNUNET_OK != + TALER_denom_pub_verify (&dkp->pub, + &ds, + &c_hash)); + } RND_BLK (&coin_sig); RND_BLK (&coin_blind); RND_BLK (&deposit.coin.coin_pub); TALER_denom_pub_hash (&dkp->pub, &deposit.coin.denom_pub_hash); - deposit.coin.denom_sig.cipher = TALER_DENOMINATION_RSA; - deposit.coin.denom_sig.details.rsa_signature = - cbc.sig.details.blinded_rsa_signature; + GNUNET_assert (GNUNET_OK == + TALER_denom_sig_unblind (&deposit.coin.denom_sig, + &cbc.sig, + &bks, + &dkp->pub)); + deadline = GNUNET_TIME_absolute_get (); (void) GNUNET_TIME_round_abs (&deadline); FAILIF (TALER_EXCHANGEDB_CKS_ADDED != @@ -1800,16 +1827,20 @@ run (void *cls) NULL)); FAILIF (3 != auditor_row_cnt); + /* Tests for deposits */ + TALER_denom_sig_free (&deposit.coin.denom_sig); memset (&deposit, 0, sizeof (deposit)); RND_BLK (&deposit.coin.coin_pub); TALER_denom_pub_hash (&dkp->pub, &deposit.coin.denom_pub_hash); - deposit.coin.denom_sig.cipher = TALER_DENOMINATION_RSA; - deposit.coin.denom_sig.details.rsa_signature = - cbc.sig.details.blinded_rsa_signature; + GNUNET_assert (GNUNET_OK == + TALER_denom_sig_unblind (&deposit.coin.denom_sig, + &cbc.sig, + &bks, + &dkp->pub)); RND_BLK (&deposit.csig); RND_BLK (&deposit.merchant_pub); RND_BLK (&deposit.h_contract_terms); @@ -1969,7 +2000,7 @@ run (void *cls) RND_BLK (&master_sig); FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != plugin->insert_denomination_revocation (plugin->cls, - &dkp_pub_hash, + &cbc.denom_pub_hash, &master_sig)); FAILIF (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS != plugin->commit (plugin->cls)); @@ -1979,7 +2010,7 @@ run (void *cls) "test-4")); FAILIF (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS != plugin->insert_denomination_revocation (plugin->cls, - &dkp_pub_hash, + &cbc.denom_pub_hash, &master_sig)); plugin->rollback (plugin->cls); plugin->preflight (plugin->cls); @@ -1992,7 +2023,7 @@ run (void *cls) FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != plugin->get_denomination_revocation (plugin->cls, - &dkp_pub_hash, + &cbc.denom_pub_hash, &msig, &rev_rowid)); FAILIF (0 != GNUNET_memcmp (&msig, @@ -2143,6 +2174,7 @@ drop: plugin->drop_tables (plugin->cls)); if (NULL != dkp) destroy_denom_key_pair (dkp); + TALER_denom_sig_free (&deposit.coin.denom_sig); TALER_blinded_denom_sig_free (&cbc.sig); TALER_blinded_denom_sig_free (&cbc2.sig); dkp = NULL; diff --git a/src/testing/testing_api_cmd_insert_deposit.c b/src/testing/testing_api_cmd_insert_deposit.c index 88ced9c2c..10d33fde0 100644 --- a/src/testing/testing_api_cmd_insert_deposit.c +++ b/src/testing/testing_api_cmd_insert_deposit.c @@ -138,7 +138,6 @@ insert_deposit_run (void *cls, struct TALER_EXCHANGEDB_DenominationKeyInformationP issue; struct TALER_DenominationPublicKey dpk; struct TALER_DenominationPrivateKey denom_priv; - struct GNUNET_HashCode hc; // prepare and store issue first. fake_issue (&issue); @@ -201,12 +200,33 @@ insert_deposit_run (void *cls, GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &deposit.coin.coin_pub, sizeof (deposit.coin.coin_pub)); - GNUNET_CRYPTO_hash_create_random (GNUNET_CRYPTO_QUALITY_WEAK, - &hc); - deposit.coin.denom_sig.cipher = TALER_DENOMINATION_RSA; - deposit.coin.denom_sig.details.rsa_signature - = GNUNET_CRYPTO_rsa_sign_fdh (denom_priv.details.rsa_private_key, - &hc); + { + struct TALER_CoinPubHash c_hash; + struct TALER_PlanchetDetail pd; + struct TALER_BlindedDenominationSignature bds; + union TALER_DenominationBlindingKeyP bks; + + TALER_blinding_secret_create (&bks); + GNUNET_assert (GNUNET_OK == + TALER_denom_blind (&dpk, + &bks, + &deposit.coin.coin_pub, + &c_hash, + &pd.coin_ev, + &pd.coin_ev_size)); + GNUNET_assert (GNUNET_OK == + TALER_denom_sign_blinded (&bds, + &denom_priv, + pd.coin_ev, + pd.coin_ev_size)); + GNUNET_free (pd.coin_ev); + GNUNET_assert (GNUNET_OK == + TALER_denom_sig_unblind (&deposit.coin.denom_sig, + &bds, + &bks, + &dpk)); + TALER_blinded_denom_sig_free (&bds); + } GNUNET_asprintf (&deposit.receiver_wire_account, "payto://x-taler-bank/localhost/%s", ids->merchant_account); diff --git a/src/util/denom.c b/src/util/denom.c index d159b21bf..cdcfc5c3a 100644 --- a/src/util/denom.c +++ b/src/util/denom.c @@ -353,6 +353,8 @@ TALER_blinded_denom_sig_free ( { switch (denom_sig->cipher) { + case TALER_DENOMINATION_INVALID: + return; case TALER_DENOMINATION_RSA: if (NULL != denom_sig->details.blinded_rsa_signature) {