taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

API refactoring towards batch CS

Browse Source
This commit is contained in:
Christian Grothoff 2022-11-13 15:05:48 +01:00
parent b93b9dd074
commit 9838e0fc33
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
7 changed files with 131 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/exchange/taler-exchange-httpd_keys.c
View File

@ -2781,11 +2781,16 @@ TEH_keys_denomination_sign_withdraw (
}
case TALER_DENOMINATION_CS:
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS]++;
return TALER_CRYPTO_helper_cs_sign_withdraw (
ksh->helpers->csdh,
&hd->h_details.h_cs,
&bp->details.cs_blinded_planchet,
bs);
{
struct TALER_CRYPTO_CsSignRequest csr;
csr.h_cs = &hd->h_details.h_cs;
csr.blinded_planchet = &bp->details.cs_blinded_planchet;
return TALER_CRYPTO_helper_cs_sign_withdraw (
ksh->helpers->csdh,
&csr,
bs);
}
default:
return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
}
@ -2827,12 +2832,17 @@ TEH_keys_denomination_sign_melt (
bs);
}
case TALER_DENOMINATION_CS:
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS]++;
return TALER_CRYPTO_helper_cs_sign_melt (
ksh->helpers->csdh,
&hd->h_details.h_cs,
&bp->details.cs_blinded_planchet,
bs);
{
struct TALER_CRYPTO_CsSignRequest csr;
csr.h_cs = &hd->h_details.h_cs;
csr.blinded_planchet = &bp->details.cs_blinded_planchet;
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS]++;
return TALER_CRYPTO_helper_cs_sign_melt (
ksh->helpers->csdh,
&csr,
bs);
}
default:
return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
}

29
src/include/taler_crypto_lib.h
View File

@ -2466,6 +2466,23 @@ void
TALER_CRYPTO_helper_cs_poll (struct TALER_CRYPTO_CsDenominationHelper *dh);
/**
* Information about what we should sign over.
*/
struct TALER_CRYPTO_CsSignRequest
{
/**
* Hash of the CS public key to use to sign.
*/
const struct TALER_CsPubHashP *h_cs;
/**
* Blinded planchet containing c and the nonce.
*/
const struct TALER_BlindedCsPlanchet *blinded_planchet;
};
/**
* Request helper @a dh to sign @a msg using the public key corresponding to
* @a h_denom_pub.
@ -2477,16 +2494,14 @@ TALER_CRYPTO_helper_cs_poll (struct TALER_CRYPTO_CsDenominationHelper *dh);
* differences in the signature counters. Retrying in this case may work.
*
* @param dh helper process connection
* @param h_cs hash of the CS public key to use to sign
* @param blinded_planchet blinded planchet containing c and nonce
* @param req information about the key to sign with and the value to sign
* @param[out] bs set to the blind signature
* @return #TALER_EC_NONE on success
*/
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_sign_melt (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CsPubHashP *h_cs,
const struct TALER_BlindedCsPlanchet *blinded_planchet,
const struct TALER_CRYPTO_CsSignRequest *req,
struct TALER_BlindedDenominationSignature *bs);
@ -2501,16 +2516,14 @@ TALER_CRYPTO_helper_cs_sign_melt (
* differences in the signature counters. Retrying in this case may work.
*
* @param dh helper process connection
* @param h_cs hash of the CS public key to use to sign
* @param blinded_planchet blinded planchet containing c and nonce
* @param req information about the key to sign with and the value to sign
* @param[out] bs set to the blind signature
* @return #TALER_EC_NONE on success
*/
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_sign_withdraw (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CsPubHashP *h_cs,
const struct TALER_BlindedCsPlanchet *blinded_planchet,
const struct TALER_CRYPTO_CsSignRequest *req,
struct TALER_BlindedDenominationSignature *bs);

22
src/util/crypto_helper_cs.c
View File

@ -1,6 +1,6 @@
/*
This file is part of TALER
Copyright (C) 2020, 2021 Taler Systems SA
Copyright (C) 2020, 2021, 2022 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
@ -419,9 +419,9 @@ helper_cs_sign (
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Requesting signature\n");
{
char buf[sizeof (struct TALER_CRYPTO_CsSignRequest)];
struct TALER_CRYPTO_CsSignRequest *sr
= (struct TALER_CRYPTO_CsSignRequest *) buf;
char buf[sizeof (struct TALER_CRYPTO_CsSignRequestMessage)];
struct TALER_CRYPTO_CsSignRequestMessage *sr
= (struct TALER_CRYPTO_CsSignRequestMessage *) buf;
sr->header.size = htons (sizeof (buf));
sr->header.type = htons (TALER_HELPER_CS_MT_REQ_SIGN);
@ -594,13 +594,12 @@ end:
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_sign_melt (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CsPubHashP *h_cs,
const struct TALER_BlindedCsPlanchet *blinded_planchet,
const struct TALER_CRYPTO_CsSignRequest *req,
struct TALER_BlindedDenominationSignature *bs)
{
return helper_cs_sign (dh,
h_cs,
blinded_planchet,
req->h_cs,
req->blinded_planchet,
true,
bs);
}
@ -609,13 +608,12 @@ TALER_CRYPTO_helper_cs_sign_melt (
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_sign_withdraw (
struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CsPubHashP *h_cs,
const struct TALER_BlindedCsPlanchet *blinded_planchet,
const struct TALER_CRYPTO_CsSignRequest *req,
struct TALER_BlindedDenominationSignature *bs)
{
return helper_cs_sign (dh,
h_cs,
blinded_planchet,
req->h_cs,
req->blinded_planchet,
false,
bs);
}

20
src/util/taler-exchange-secmod-cs.c
View File

@ -277,7 +277,7 @@ generate_response (struct DenominationKey *dk)
*/
static enum GNUNET_GenericReturnValue
handle_sign_request (struct TES_Client *client,
const struct TALER_CRYPTO_CsSignRequest *sr)
const struct TALER_CRYPTO_CsSignRequestMessage *sr)
{
struct DenominationKey *dk;
struct GNUNET_CRYPTO_CsRSecret r[2];
@ -340,20 +340,6 @@ handle_sign_request (struct TES_Client *client,
GNUNET_assert (dk->rc > 0);
dk->rc--;
GNUNET_assert (0 == pthread_mutex_unlock (&keys_lock));
// if (NULL == cs_answer)
// {
// struct TALER_CRYPTO_SignFailure sf = {
// .header.size = htons (sizeof (sf)),
// .header.type = htons (TALER_HELPER_CS_MT_RES_SIGN_FAILURE),
// .ec = htonl (TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE)
// };
// GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
// "Signing request failed, worker failed to produce signature\n");
// return TES_transmit (client->csock,
// &sf.header);
// }
{
struct TALER_CRYPTO_SignResponse *sr;
size_t tsize;
@ -651,14 +637,14 @@ cs_work_dispatch (struct TES_Client *client,
switch (ntohs (hdr->type))
{
case TALER_HELPER_CS_MT_REQ_SIGN:
if (msize < sizeof (struct TALER_CRYPTO_CsSignRequest))
if (msize < sizeof (struct TALER_CRYPTO_CsSignRequestMessage))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
return handle_sign_request (
client,
(const struct TALER_CRYPTO_CsSignRequest *) hdr);
(const struct TALER_CRYPTO_CsSignRequestMessage *) hdr);
case TALER_HELPER_CS_MT_REQ_REVOKE:
if (msize != sizeof (struct TALER_CRYPTO_CsRevokeRequest))
{

66
src/util/taler-exchange-secmod-cs.h
View File

@ -1,6 +1,6 @@
/*
This file is part of TALER
Copyright (C) 2020 Taler Systems SA
Copyright (C) 2020-2022 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
@ -26,17 +26,19 @@
#define TALER_HELPER_CS_MT_PURGE 1
#define TALER_HELPER_CS_MT_AVAIL 2
#define TALER_HELPER_CS_MT_REQ_INIT 4
#define TALER_HELPER_CS_MT_REQ_INIT 3
#define TALER_HELPER_CS_MT_REQ_BATCH_SIGN 4
#define TALER_HELPER_CS_MT_REQ_SIGN 5
#define TALER_HELPER_CS_MT_REQ_REVOKE 6
#define TALER_HELPER_CS_MT_REQ_RDERIVE 7
#define TALER_HELPER_CS_MT_REQ_BATCH_RDERIVE 7
#define TALER_HELPER_CS_MT_REQ_RDERIVE 8
#define TALER_HELPER_CS_MT_RES_SIGNATURE 8
#define TALER_HELPER_CS_MT_RES_SIGN_FAILURE 9
#define TALER_HELPER_CS_MT_RES_RDERIVE 10
#define TALER_HELPER_CS_MT_RES_RDERIVE_FAILURE 11
#define TALER_HELPER_CS_MT_RES_SIGNATURE 9
#define TALER_HELPER_CS_MT_RES_SIGN_FAILURE 10
#define TALER_HELPER_CS_MT_RES_RDERIVE 11
#define TALER_HELPER_CS_MT_RES_RDERIVE_FAILURE 12
#define TALER_HELPER_CS_SYNCED 12
#define TALER_HELPER_CS_SYNCED 13
GNUNET_NETWORK_STRUCT_BEGIN
@ -114,7 +116,7 @@ struct TALER_CRYPTO_CsKeyPurgeNotification
/**
* Message sent if a signature is requested.
*/
struct TALER_CRYPTO_CsSignRequest
struct TALER_CRYPTO_CsSignRequestMessage
{
/**
* Type is #TALER_HELPER_CS_MT_REQ_SIGN.
@ -139,6 +141,29 @@ struct TALER_CRYPTO_CsSignRequest
};
/**
* Message sent if a batch of signatures is requested.
*/
struct TALER_CRYPTO_BatchSignRequest
{
/**
* Type is #TALER_HELPER_CS_MT_REQ_BATCH_SIGN.
*/
struct GNUNET_MessageHeader header;
/**
* Number of signatures to create, in NBO.
*/
uint32_t batch_size;
/*
* Followed by @e batch_size batch sign requests.
*/
};
/**
* Message sent if a signature is requested.
*/
@ -165,6 +190,29 @@ struct TALER_CRYPTO_CsRDeriveRequest
struct TALER_CsNonce nonce;
};
/**
* Message sent if a batch of derivations is requested.
*/
struct TALER_CRYPTO_BatchDeriveRequest
{
/**
* Type is #TALER_HELPER_RSA_MT_REQ_BATCH_RDERIVE.
*/
struct GNUNET_MessageHeader header;
/**
* Number of derivations to create, in NBO.
*/
uint32_t batch_size;
/*
* Followed by @e batch_size derive requests.
*/
};
/**
* Message sent if a key was revoked.
*/

6
src/util/taler-exchange-secmod-rsa.h
View File

@ -1,6 +1,6 @@
/*
This file is part of TALER
Copyright (C) 2020 Taler Systems SA
Copyright (C) 2020-2022 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
@ -136,7 +136,7 @@ struct TALER_CRYPTO_SignRequest
/**
* Message sent if a signature is requested.
* Message sent if a batch of signatures is requested.
*/
struct TALER_CRYPTO_BatchSignRequest
{
@ -151,7 +151,7 @@ struct TALER_CRYPTO_BatchSignRequest
uint32_t batch_size;
/*
* Followed by @e batch_size batch sign requests.
* Followed by @e batch_size sign requests.
*/
};

28
src/util/test_helper_cs.c
View File

@ -423,6 +423,7 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
continue;
{
struct TALER_PlanchetDetail pd;
struct TALER_CRYPTO_CsSignRequest csr;
pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
// keys[i].denom_pub.cipher = TALER_DENOMINATION_CS;
@ -458,11 +459,12 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Requesting signature with key %s\n",
GNUNET_h2s (&keys[i].h_cs.hash));
csr.h_cs = &keys[i].h_cs;
csr.blinded_planchet
= &pd.blinded_planchet.details.cs_blinded_planchet;
ec = TALER_CRYPTO_helper_cs_sign_withdraw (
dh,
&keys[i].h_cs,
&pd.blinded_planchet.details.
cs_blinded_planchet,
&csr,
&ds);
}
switch (ec)
@ -544,6 +546,7 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
{
struct TALER_PlanchetDetail pd;
struct TALER_CsPubHashP rnd;
struct TALER_CRYPTO_CsSignRequest csr;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&rnd,
@ -557,11 +560,12 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
NULL, /* no age commitment */
&c_hash,
&pd));
csr.h_cs = &rnd;
csr.blinded_planchet
= &pd.blinded_planchet.details.cs_blinded_planchet;
ec = TALER_CRYPTO_helper_cs_sign_withdraw (
dh,
&rnd,
&pd.blinded_planchet.details.cs_blinded_planchet,
&csr,
&ds);
if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec)
{
@ -627,9 +631,7 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
ec = TALER_CRYPTO_helper_cs_r_derive_melt (
dh,
&keys[i].h_cs,
&pd.blinded_planchet.
details.
cs_blinded_planchet.nonce,
&pd.blinded_planchet.details.cs_blinded_planchet.nonce,
&alg_values.details.cs_values);
if (TALER_EC_NONE != ec)
continue;
@ -652,12 +654,14 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
{
struct GNUNET_TIME_Absolute start = GNUNET_TIME_absolute_get ();
struct GNUNET_TIME_Relative delay;
struct TALER_CRYPTO_CsSignRequest csr;
csr.h_cs = &keys[i].h_cs;
csr.blinded_planchet
= &pd.blinded_planchet.details.cs_blinded_planchet;
ec = TALER_CRYPTO_helper_cs_sign_melt (
dh,
&keys[i].h_cs,
&pd.blinded_planchet.details.
cs_blinded_planchet,
&csr,
&ds);
if (TALER_EC_NONE != ec)
break;