taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

more RSA cleanup

Browse Source
This commit is contained in:
Christian Grothoff 2021-11-06 16:04:26 +01:00
parent f01ab79015
commit 938e2ce39c
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
4 changed files with 123 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
src/benchmark/taler-aggregator-benchmark.c
View File

@ -480,10 +480,14 @@ run (void *cls,
GNUNET_TIME_UNIT_YEARS)); GNUNET_TIME_UNIT_YEARS));
{ {
struct TALER_DenominationPrivateKey pk; struct TALER_DenominationPrivateKey pk;
struct GNUNET_HashCode hc;
struct TALER_DenominationPublicKey denom_pub; struct TALER_DenominationPublicKey denom_pub;
struct TALER_CoinPubHash c_hash;
struct TALER_PlanchetDetail pd;
struct TALER_BlindedDenominationSignature bds;
union TALER_DenominationBlindingKeyP bks;
struct TALER_CoinSpendPublicKeyP coin_pub;
RANDOMIZE (&hc); RANDOMIZE (&coin_pub);
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_denom_priv_create (&pk, TALER_denom_priv_create (&pk,
&denom_pub, &denom_pub,
@ -507,10 +511,27 @@ run (void *cls,
global_ret = EXIT_FAILURE; global_ret = EXIT_FAILURE;
return; return;
} }
denom_sig.cipher = TALER_DENOMINATION_RSA;
denom_sig.details.rsa_signature TALER_blinding_secret_create (&bks);
= GNUNET_CRYPTO_rsa_sign_fdh (pk.details.rsa_private_key, GNUNET_assert (GNUNET_OK ==
&hc); TALER_denom_blind (&denom_pub,
&bks,
&coin_pub,
&c_hash,
&pd.coin_ev,
&pd.coin_ev_size));
GNUNET_assert (GNUNET_OK ==
TALER_denom_sign_blinded (&bds,
&pk,
pd.coin_ev,
pd.coin_ev_size));
GNUNET_free (pd.coin_ev);
GNUNET_assert (GNUNET_OK ==
TALER_denom_sig_unblind (&denom_sig,
&bds,
&bks,
&denom_pub));
TALER_blinded_denom_sig_free (&bds);
TALER_denom_pub_free (&denom_pub); TALER_denom_pub_free (&denom_pub);
TALER_denom_priv_free (&pk); TALER_denom_priv_free (&pk);
} }

102
src/exchangedb/test_exchangedb.c
View File

@ -312,9 +312,9 @@ static struct TALER_Amount amount_with_fee;
#define MELT_NOREVEAL_INDEX 1 #define MELT_NOREVEAL_INDEX 1
/** /**
* How big do we make the coin envelopes? * How big do we make the RSA keys?
*/ */
#define COIN_ENC_MAX_SIZE 512 #define RSA_KEY_SIZE 1024
static struct TALER_EXCHANGEDB_RefreshRevealedCoin *revealed_coins; static struct TALER_EXCHANGEDB_RefreshRevealedCoin *revealed_coins;
@ -609,12 +609,11 @@ test_melting (void)
for (unsigned int cnt = 0; cnt < MELT_NEW_COINS; cnt++) for (unsigned int cnt = 0; cnt < MELT_NEW_COINS; cnt++)
{ {
struct TALER_EXCHANGEDB_RefreshRevealedCoin *ccoin; struct TALER_EXCHANGEDB_RefreshRevealedCoin *ccoin;
struct TALER_BlindedCoinHash hc;
struct GNUNET_TIME_Absolute now; struct GNUNET_TIME_Absolute now;
now = GNUNET_TIME_absolute_get (); now = GNUNET_TIME_absolute_get ();
GNUNET_TIME_round_abs (&now); GNUNET_TIME_round_abs (&now);
new_dkp[cnt] = create_denom_key_pair (1024, new_dkp[cnt] = create_denom_key_pair (RSA_KEY_SIZE,
now, now,
&value, &value,
&fee_withdraw, &fee_withdraw,
@ -626,17 +625,17 @@ test_melting (void)
ccoin = &revealed_coins[cnt]; ccoin = &revealed_coins[cnt];
ccoin->coin_ev_size = (size_t) GNUNET_CRYPTO_random_u64 ( ccoin->coin_ev_size = (size_t) GNUNET_CRYPTO_random_u64 (
GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_QUALITY_WEAK,
COIN_ENC_MAX_SIZE); (RSA_KEY_SIZE / 8) - 1);
ccoin->coin_ev = GNUNET_malloc (ccoin->coin_ev_size); ccoin->coin_ev = GNUNET_malloc (ccoin->coin_ev_size);
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
ccoin->coin_ev, ccoin->coin_ev,
ccoin->coin_ev_size); ccoin->coin_ev_size);
RND_BLK (&hc);
ccoin->denom_pub = new_dkp[cnt]->pub; ccoin->denom_pub = new_dkp[cnt]->pub;
ccoin->coin_sig.cipher = TALER_DENOMINATION_RSA; GNUNET_assert (GNUNET_OK ==
ccoin->coin_sig.details.blinded_rsa_signature TALER_denom_sign_blinded (&ccoin->coin_sig,
= GNUNET_CRYPTO_rsa_sign_fdh (new_dkp[cnt]->priv.details.rsa_private_key, &new_dkp[cnt]->priv,
&hc.hash); ccoin->coin_ev,
ccoin->coin_ev_size));
} }
RND_BLK (&tprivs); RND_BLK (&tprivs);
RND_BLK (&tpub); RND_BLK (&tpub);
@ -658,8 +657,6 @@ test_melting (void)
&refresh_session.rc, &refresh_session.rc,
&check_refresh_reveal_cb, &check_refresh_reveal_cb,
NULL)); NULL));
qs = plugin->get_link_data (plugin->cls, qs = plugin->get_link_data (plugin->cls,
&refresh_session.coin.coin_pub, &refresh_session.coin.coin_pub,
&handle_link_data_cb, &handle_link_data_cb,
@ -1027,7 +1024,7 @@ test_gc (void)
GNUNET_TIME_relative_multiply ( GNUNET_TIME_relative_multiply (
GNUNET_TIME_UNIT_HOURS, GNUNET_TIME_UNIT_HOURS,
4)); 4));
dkp = create_denom_key_pair (1024, dkp = create_denom_key_pair (RSA_KEY_SIZE,
past, past,
&value, &value,
&fee_withdraw, &fee_withdraw,
@ -1463,7 +1460,6 @@ run (void *cls)
struct TALER_ReservePublicKeyP reserve_pub; struct TALER_ReservePublicKeyP reserve_pub;
struct TALER_ReservePublicKeyP reserve_pub2; struct TALER_ReservePublicKeyP reserve_pub2;
struct DenomKeyPair *dkp; struct DenomKeyPair *dkp;
struct TALER_DenominationHash dkp_pub_hash;
struct TALER_MasterSignatureP master_sig; struct TALER_MasterSignatureP master_sig;
struct TALER_EXCHANGEDB_CollectableBlindcoin cbc; struct TALER_EXCHANGEDB_CollectableBlindcoin cbc;
struct TALER_EXCHANGEDB_CollectableBlindcoin cbc2; struct TALER_EXCHANGEDB_CollectableBlindcoin cbc2;
@ -1483,6 +1479,8 @@ run (void *cls)
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
struct GNUNET_TIME_Absolute now; struct GNUNET_TIME_Absolute now;
struct TALER_WireSalt salt; struct TALER_WireSalt salt;
union TALER_DenominationBlindingKeyP bks;
struct TALER_CoinPubHash c_hash;
dkp = NULL; dkp = NULL;
rh = NULL; rh = NULL;
@ -1590,7 +1588,7 @@ run (void *cls)
result = 5; result = 5;
now = GNUNET_TIME_absolute_get (); now = GNUNET_TIME_absolute_get ();
(void) GNUNET_TIME_round_abs (&now); (void) GNUNET_TIME_round_abs (&now);
dkp = create_denom_key_pair (1024, dkp = create_denom_key_pair (RSA_KEY_SIZE,
now, now,
&value, &value,
&fee_withdraw, &fee_withdraw,
@ -1599,14 +1597,31 @@ run (void *cls)
&fee_refund); &fee_refund);
GNUNET_assert (NULL != dkp); GNUNET_assert (NULL != dkp);
TALER_denom_pub_hash (&dkp->pub, TALER_denom_pub_hash (&dkp->pub,
&dkp_pub_hash); &cbc.denom_pub_hash);
RND_BLK (&cbc.h_coin_envelope);
RND_BLK (&cbc.reserve_sig); RND_BLK (&cbc.reserve_sig);
cbc.denom_pub_hash = dkp_pub_hash; {
cbc.sig.cipher = TALER_DENOMINATION_RSA; struct TALER_PlanchetDetail pd;
cbc.sig.details.blinded_rsa_signature struct TALER_CoinSpendPublicKeyP coin_pub;
= GNUNET_CRYPTO_rsa_sign_fdh (dkp->priv.details.rsa_private_key,
&cbc.h_coin_envelope.hash); RND_BLK (&coin_pub);
TALER_blinding_secret_create (&bks);
GNUNET_assert (GNUNET_OK ==
TALER_denom_blind (&dkp->pub,
&bks,
&coin_pub,
&c_hash,
&pd.coin_ev,
&pd.coin_ev_size));
TALER_coin_ev_hash (pd.coin_ev,
pd.coin_ev_size,
&cbc.h_coin_envelope);
GNUNET_assert (GNUNET_OK ==
TALER_denom_sign_blinded (&cbc.sig,
&dkp->priv,
pd.coin_ev,
pd.coin_ev_size));
GNUNET_free (pd.coin_ev);
}
cbc.reserve_pub = reserve_pub; cbc.reserve_pub = reserve_pub;
cbc.amount_with_fee = value; cbc.amount_with_fee = value;
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
@ -1636,20 +1651,32 @@ run (void *cls)
FAILIF (0 != GNUNET_memcmp (&cbc2.reserve_pub, FAILIF (0 != GNUNET_memcmp (&cbc2.reserve_pub,
&cbc.reserve_pub)); &cbc.reserve_pub));
result = 6; result = 6;
FAILIF (GNUNET_OK !=
GNUNET_CRYPTO_rsa_verify (&cbc.h_coin_envelope.hash,
cbc2.sig.details.blinded_rsa_signature,
dkp->pub.details.rsa_public_key));
{
struct TALER_DenominationSignature ds;
GNUNET_assert (GNUNET_OK ==
TALER_denom_sig_unblind (&ds,
&cbc2.sig,
&bks,
&dkp->pub));
FAILIF (GNUNET_OK !=
TALER_denom_pub_verify (&dkp->pub,
&ds,
&c_hash));
}
RND_BLK (&coin_sig); RND_BLK (&coin_sig);
RND_BLK (&coin_blind); RND_BLK (&coin_blind);
RND_BLK (&deposit.coin.coin_pub); RND_BLK (&deposit.coin.coin_pub);
TALER_denom_pub_hash (&dkp->pub, TALER_denom_pub_hash (&dkp->pub,
&deposit.coin.denom_pub_hash); &deposit.coin.denom_pub_hash);
deposit.coin.denom_sig.cipher = TALER_DENOMINATION_RSA; GNUNET_assert (GNUNET_OK ==
deposit.coin.denom_sig.details.rsa_signature = TALER_denom_sig_unblind (&deposit.coin.denom_sig,
cbc.sig.details.blinded_rsa_signature; &cbc.sig,
&bks,
&dkp->pub));
deadline = GNUNET_TIME_absolute_get (); deadline = GNUNET_TIME_absolute_get ();
(void) GNUNET_TIME_round_abs (&deadline); (void) GNUNET_TIME_round_abs (&deadline);
FAILIF (TALER_EXCHANGEDB_CKS_ADDED != FAILIF (TALER_EXCHANGEDB_CKS_ADDED !=
@ -1800,16 +1827,20 @@ run (void *cls)
NULL)); NULL));
FAILIF (3 != auditor_row_cnt); FAILIF (3 != auditor_row_cnt);
/* Tests for deposits */ /* Tests for deposits */
TALER_denom_sig_free (&deposit.coin.denom_sig);
memset (&deposit, memset (&deposit,
0, 0,
sizeof (deposit)); sizeof (deposit));
RND_BLK (&deposit.coin.coin_pub); RND_BLK (&deposit.coin.coin_pub);
TALER_denom_pub_hash (&dkp->pub, TALER_denom_pub_hash (&dkp->pub,
&deposit.coin.denom_pub_hash); &deposit.coin.denom_pub_hash);
deposit.coin.denom_sig.cipher = TALER_DENOMINATION_RSA; GNUNET_assert (GNUNET_OK ==
deposit.coin.denom_sig.details.rsa_signature = TALER_denom_sig_unblind (&deposit.coin.denom_sig,
cbc.sig.details.blinded_rsa_signature; &cbc.sig,
&bks,
&dkp->pub));
RND_BLK (&deposit.csig); RND_BLK (&deposit.csig);
RND_BLK (&deposit.merchant_pub); RND_BLK (&deposit.merchant_pub);
RND_BLK (&deposit.h_contract_terms); RND_BLK (&deposit.h_contract_terms);
@ -1969,7 +2000,7 @@ run (void *cls)
RND_BLK (&master_sig); RND_BLK (&master_sig);
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->insert_denomination_revocation (plugin->cls, plugin->insert_denomination_revocation (plugin->cls,
&dkp_pub_hash, &cbc.denom_pub_hash,
&master_sig)); &master_sig));
FAILIF (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS != FAILIF (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS !=
plugin->commit (plugin->cls)); plugin->commit (plugin->cls));
@ -1979,7 +2010,7 @@ run (void *cls)
"test-4")); "test-4"));
FAILIF (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS != FAILIF (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS !=
plugin->insert_denomination_revocation (plugin->cls, plugin->insert_denomination_revocation (plugin->cls,
&dkp_pub_hash, &cbc.denom_pub_hash,
&master_sig)); &master_sig));
plugin->rollback (plugin->cls); plugin->rollback (plugin->cls);
plugin->preflight (plugin->cls); plugin->preflight (plugin->cls);
@ -1992,7 +2023,7 @@ run (void *cls)
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->get_denomination_revocation (plugin->cls, plugin->get_denomination_revocation (plugin->cls,
&dkp_pub_hash, &cbc.denom_pub_hash,
&msig, &msig,
&rev_rowid)); &rev_rowid));
FAILIF (0 != GNUNET_memcmp (&msig, FAILIF (0 != GNUNET_memcmp (&msig,
@ -2143,6 +2174,7 @@ drop:
plugin->drop_tables (plugin->cls)); plugin->drop_tables (plugin->cls));
if (NULL != dkp) if (NULL != dkp)
destroy_denom_key_pair (dkp); destroy_denom_key_pair (dkp);
TALER_denom_sig_free (&deposit.coin.denom_sig);
TALER_blinded_denom_sig_free (&cbc.sig); TALER_blinded_denom_sig_free (&cbc.sig);
TALER_blinded_denom_sig_free (&cbc2.sig); TALER_blinded_denom_sig_free (&cbc2.sig);
dkp = NULL; dkp = NULL;

34
src/testing/testing_api_cmd_insert_deposit.c
View File

@ -138,7 +138,6 @@ insert_deposit_run (void *cls,
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue; struct TALER_EXCHANGEDB_DenominationKeyInformationP issue;
struct TALER_DenominationPublicKey dpk; struct TALER_DenominationPublicKey dpk;
struct TALER_DenominationPrivateKey denom_priv; struct TALER_DenominationPrivateKey denom_priv;
struct GNUNET_HashCode hc;
// prepare and store issue first. // prepare and store issue first.
fake_issue (&issue); fake_issue (&issue);
@ -201,12 +200,33 @@ insert_deposit_run (void *cls,
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&deposit.coin.coin_pub, &deposit.coin.coin_pub,
sizeof (deposit.coin.coin_pub)); sizeof (deposit.coin.coin_pub));
GNUNET_CRYPTO_hash_create_random (GNUNET_CRYPTO_QUALITY_WEAK, {
&hc); struct TALER_CoinPubHash c_hash;
deposit.coin.denom_sig.cipher = TALER_DENOMINATION_RSA; struct TALER_PlanchetDetail pd;
deposit.coin.denom_sig.details.rsa_signature struct TALER_BlindedDenominationSignature bds;
= GNUNET_CRYPTO_rsa_sign_fdh (denom_priv.details.rsa_private_key, union TALER_DenominationBlindingKeyP bks;
&hc);
TALER_blinding_secret_create (&bks);
GNUNET_assert (GNUNET_OK ==
TALER_denom_blind (&dpk,
&bks,
&deposit.coin.coin_pub,
&c_hash,
&pd.coin_ev,
&pd.coin_ev_size));
GNUNET_assert (GNUNET_OK ==
TALER_denom_sign_blinded (&bds,
&denom_priv,
pd.coin_ev,
pd.coin_ev_size));
GNUNET_free (pd.coin_ev);
GNUNET_assert (GNUNET_OK ==
TALER_denom_sig_unblind (&deposit.coin.denom_sig,
&bds,
&bks,
&dpk));
TALER_blinded_denom_sig_free (&bds);
}
GNUNET_asprintf (&deposit.receiver_wire_account, GNUNET_asprintf (&deposit.receiver_wire_account,
"payto://x-taler-bank/localhost/%s", "payto://x-taler-bank/localhost/%s",
ids->merchant_account); ids->merchant_account);

2
src/util/denom.c
View File

@ -353,6 +353,8 @@ TALER_blinded_denom_sig_free (
{ {
switch (denom_sig->cipher) switch (denom_sig->cipher)
{ {
case TALER_DENOMINATION_INVALID:
return;
case TALER_DENOMINATION_RSA: case TALER_DENOMINATION_RSA:
if (NULL != denom_sig->details.blinded_rsa_signature) if (NULL != denom_sig->details.blinded_rsa_signature)
{ {