moving core refresh crypto logic to util -- towards fixing #3777
This commit is contained in:
parent
ad4759b46a
commit
97e403bb66
@ -423,6 +423,43 @@ struct TALER_RefreshLinkEncrypted
|
|||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Decrypt the shared @a secret from the information in the
|
||||||
|
* encrypted link secret @e secret_enc using the transfer
|
||||||
|
* private key and the coin's public key.
|
||||||
|
*
|
||||||
|
* @param secret_enc encrypted link secret
|
||||||
|
* @param transfer_priv transfer private key
|
||||||
|
* @param coin_pub coin public key
|
||||||
|
* @param[out] secret set to the shared secret
|
||||||
|
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
TALER_link_decrypt_secret (const struct TALER_EncryptedLinkSecretP *secret_enc,
|
||||||
|
const struct TALER_TransferPrivateKeyP *trans_priv,
|
||||||
|
const union TALER_CoinSpendPublicKeyP *coin_pub,
|
||||||
|
struct TALER_LinkSecretP *secret);
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Encrypt the shared @a secret to generate the encrypted link secret.
|
||||||
|
* Also creates the transfer key.
|
||||||
|
*
|
||||||
|
* @param secret link secret to encrypt
|
||||||
|
* @param coin_pub coin public key
|
||||||
|
* @param transfer_priv[out] set to transfer private key
|
||||||
|
* @param transfer_pub[out] set to transfer public key
|
||||||
|
* @param[out] secret_enc set to the encryptd @a secret
|
||||||
|
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
TALER_link_encrypt_secret (const struct TALER_LinkSecretP *secret,
|
||||||
|
const union TALER_CoinSpendPublicKeyP *coin_pub,
|
||||||
|
struct TALER_TransferPrivateKeyP *trans_priv,
|
||||||
|
struct TALER_TransferPublicKeyP *trans_pub,
|
||||||
|
struct TALER_EncryptedLinkSecretP *secret_enc);
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Use the @a trans_sec (from ECDHE) to decrypt the @a secret_enc
|
* Use the @a trans_sec (from ECDHE) to decrypt the @a secret_enc
|
||||||
* to obtain the @a secret to decrypt the linkage data.
|
* to obtain the @a secret to decrypt the linkage data.
|
||||||
|
@ -849,7 +849,6 @@ check_commitment (struct MHD_Connection *connection,
|
|||||||
|
|
||||||
for (j = 0; j < num_oldcoins; j++)
|
for (j = 0; j < num_oldcoins; j++)
|
||||||
{
|
{
|
||||||
struct TALER_TransferSecretP transfer_secret;
|
|
||||||
struct TALER_LinkSecretP shared_secret;
|
struct TALER_LinkSecretP shared_secret;
|
||||||
struct TALER_TransferPublicKeyP transfer_pub_check;
|
struct TALER_TransferPublicKeyP transfer_pub_check;
|
||||||
|
|
||||||
@ -871,32 +870,18 @@ check_commitment (struct MHD_Connection *connection,
|
|||||||
"transfer key");
|
"transfer key");
|
||||||
}
|
}
|
||||||
|
|
||||||
/* We're converting key types here, which is not very nice
|
|
||||||
* but necessary and harmless (keys will be thrown away later). */
|
|
||||||
if (GNUNET_OK !=
|
if (GNUNET_OK !=
|
||||||
GNUNET_CRYPTO_ecc_ecdh (&transfer_privs[j].ecdhe_priv,
|
TALER_link_decrypt_secret (&commit_links[j].shared_secret_enc,
|
||||||
&melts[j].coin.coin_pub.ecdhe_pub,
|
&transfer_privs[j],
|
||||||
&transfer_secret.key))
|
&melts[j].coin.coin_pub,
|
||||||
{
|
|
||||||
GNUNET_break (0);
|
|
||||||
GNUNET_free (commit_links);
|
|
||||||
return (MHD_YES == TMH_RESPONSE_reply_internal_error (connection,
|
|
||||||
"ECDH error"))
|
|
||||||
? GNUNET_NO : GNUNET_SYSERR;
|
|
||||||
}
|
|
||||||
if (GNUNET_OK !=
|
|
||||||
TALER_transfer_decrypt (&commit_links[j].shared_secret_enc,
|
|
||||||
&transfer_secret,
|
|
||||||
&shared_secret))
|
&shared_secret))
|
||||||
{
|
{
|
||||||
GNUNET_break (0);
|
|
||||||
GNUNET_free (commit_links);
|
GNUNET_free (commit_links);
|
||||||
return (MHD_YES ==
|
return (MHD_YES ==
|
||||||
TMH_RESPONSE_reply_internal_error (connection,
|
TMH_RESPONSE_reply_internal_error (connection,
|
||||||
"Decryption error"))
|
"Transfer secret decryption error"))
|
||||||
? GNUNET_NO : GNUNET_SYSERR;
|
? GNUNET_NO : GNUNET_SYSERR;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (GNUNET_NO == secret_initialized)
|
if (GNUNET_NO == secret_initialized)
|
||||||
{
|
{
|
||||||
secret_initialized = GNUNET_YES;
|
secret_initialized = GNUNET_YES;
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
This file is part of TALER
|
This file is part of TALER
|
||||||
Copyright (C) 2014 Christian Grothoff (and other contributing authors)
|
Copyright (C) 2014, 2015 Christian Grothoff (and other contributing authors)
|
||||||
|
|
||||||
TALER is free software; you can redistribute it and/or modify it under the
|
TALER is free software; you can redistribute it and/or modify it under the
|
||||||
terms of the GNU General Public License as published by the Free Software
|
terms of the GNU General Public License as published by the Free Software
|
||||||
@ -333,4 +333,91 @@ TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Decrypt the shared @a secret from the information in the
|
||||||
|
* encrypted link secret @e secret_enc using the transfer
|
||||||
|
* private key and the coin's public key.
|
||||||
|
*
|
||||||
|
* @param secret_enc encrypted link secret
|
||||||
|
* @param transfer_priv transfer private key
|
||||||
|
* @param coin_pub coin public key
|
||||||
|
* @param[out] secret set to the shared secret
|
||||||
|
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
TALER_link_decrypt_secret (const struct TALER_EncryptedLinkSecretP *secret_enc,
|
||||||
|
const struct TALER_TransferPrivateKeyP *trans_priv,
|
||||||
|
const union TALER_CoinSpendPublicKeyP *coin_pub,
|
||||||
|
struct TALER_LinkSecretP *secret)
|
||||||
|
{
|
||||||
|
struct TALER_TransferSecretP transfer_secret;
|
||||||
|
|
||||||
|
if (GNUNET_OK !=
|
||||||
|
GNUNET_CRYPTO_ecc_ecdh (&trans_priv->ecdhe_priv,
|
||||||
|
&coin_pub->ecdhe_pub,
|
||||||
|
&transfer_secret.key))
|
||||||
|
{
|
||||||
|
GNUNET_break (0);
|
||||||
|
return GNUNET_SYSERR;
|
||||||
|
}
|
||||||
|
if (GNUNET_OK !=
|
||||||
|
TALER_transfer_decrypt (secret_enc,
|
||||||
|
&transfer_secret,
|
||||||
|
secret))
|
||||||
|
{
|
||||||
|
GNUNET_break (0);
|
||||||
|
return GNUNET_SYSERR;
|
||||||
|
}
|
||||||
|
return GNUNET_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Encrypt the shared @a secret to generate the encrypted link secret.
|
||||||
|
* Also creates the transfer key.
|
||||||
|
*
|
||||||
|
* @param secret link secret to encrypt
|
||||||
|
* @param coin_pub coin public key
|
||||||
|
* @param transfer_priv[out] set to transfer private key
|
||||||
|
* @param transfer_pub[out] set to transfer public key
|
||||||
|
* @param[out] secret_enc set to the encryptd @a secret
|
||||||
|
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
TALER_link_encrypt_secret (const struct TALER_LinkSecretP *secret,
|
||||||
|
const union TALER_CoinSpendPublicKeyP *coin_pub,
|
||||||
|
struct TALER_TransferPrivateKeyP *trans_priv,
|
||||||
|
struct TALER_TransferPublicKeyP *trans_pub,
|
||||||
|
struct TALER_EncryptedLinkSecretP *secret_enc)
|
||||||
|
{
|
||||||
|
struct TALER_TransferSecretP transfer_secret;
|
||||||
|
struct GNUNET_CRYPTO_EcdhePrivateKey *pk;
|
||||||
|
|
||||||
|
pk = GNUNET_CRYPTO_ecdhe_key_create ();
|
||||||
|
if (GNUNET_OK !=
|
||||||
|
GNUNET_CRYPTO_ecc_ecdh (pk,
|
||||||
|
&coin_pub->ecdhe_pub,
|
||||||
|
&transfer_secret.key))
|
||||||
|
{
|
||||||
|
GNUNET_break (0);
|
||||||
|
GNUNET_free (pk);
|
||||||
|
return GNUNET_SYSERR;
|
||||||
|
}
|
||||||
|
if (GNUNET_OK !=
|
||||||
|
TALER_transfer_encrypt (secret,
|
||||||
|
&transfer_secret,
|
||||||
|
secret_enc))
|
||||||
|
{
|
||||||
|
GNUNET_break (0);
|
||||||
|
return GNUNET_SYSERR;
|
||||||
|
}
|
||||||
|
trans_priv->ecdhe_priv = *pk;
|
||||||
|
GNUNET_CRYPTO_ecdhe_key_get_public (pk,
|
||||||
|
&trans_pub->ecdhe_pub);
|
||||||
|
GNUNET_free (pk);
|
||||||
|
return GNUNET_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* end of crypto.c */
|
/* end of crypto.c */
|
||||||
|
Loading…
Reference in New Issue
Block a user