taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix src/util

Browse Source
This commit is contained in:
Gian Demarmels 2022-02-05 23:12:21 +01:00
parent 718ad3996f
commit b280b1db04
No known key found for this signature in database
GPG Key ID: 030CEDDCCC92D778
5 changed files with 156 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/include/taler_crypto_lib.h
View File

@ -1028,7 +1028,7 @@ TALER_planchet_setup_coin_priv (
*/
void
TALER_cs_withdraw_nonce_derive (
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
const struct TALER_PlanchetSecretsP *ps,
struct TALER_CsNonce *nonce);

62
src/util/crypto.c
View File

@ -198,7 +198,7 @@ cs_blinding_seed_derive (const struct
void
TALER_cs_withdraw_nonce_derive (const struct
TALER_CoinSpendPrivateKeyP *coin_priv,
TALER_PlanchetSecretsP *ps,
struct TALER_CsNonce *nonce)
{
GNUNET_assert (GNUNET_YES ==
@ -208,8 +208,8 @@ TALER_cs_withdraw_nonce_derive (const struct
GCRY_MD_SHA256,
"n",
strlen ("n"),
coin_priv,
sizeof(*coin_priv),
ps,
sizeof(*ps),
NULL,
0));
}
@ -239,16 +239,13 @@ TALER_planchet_blinding_secret_create (const struct TALER_PlanchetSecretsP *ps,
case TALER_DENOMINATION_RSA:
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_hkdf (&bks->rsa_bks,
sizeof (struct
GNUNET_CRYPTO_RsaBlindingKeySecret),
sizeof (bks->rsa_bks),
GCRY_MD_SHA512,
GCRY_MD_SHA256,
"bks",
strlen ("bks"),
ps,
sizeof(*ps),
&alg_values->details, /* Could be null on RSA case*/
sizeof(alg_values->details),
NULL,
0));
return;
@ -271,19 +268,44 @@ TALER_planchet_setup_coin_priv (
const struct TALER_ExchangeWithdrawValues *alg_values,
struct TALER_CoinSpendPrivateKeyP *coin_priv)
{
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_hkdf (coin_priv,
sizeof (*coin_priv),
GCRY_MD_SHA512,
GCRY_MD_SHA256,
"coin",
strlen ("coin"),
ps,
sizeof(*ps),
&alg_values->details, /* Could be null on RSA case*/
sizeof(alg_values->details),
NULL,
0));
switch (alg_values->cipher)
{
case TALER_DENOMINATION_RSA:
{
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_hkdf (coin_priv,
sizeof (*coin_priv),
GCRY_MD_SHA512,
GCRY_MD_SHA256,
"coin",
strlen ("coin"),
ps,
sizeof(*ps),
NULL,
0));
break;
}
case TALER_DENOMINATION_CS:
{
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_hkdf (coin_priv,
sizeof (*coin_priv),
GCRY_MD_SHA512,
GCRY_MD_SHA256,
"coin",
strlen ("coin"),
ps,
sizeof(*ps),
&alg_values->details, /* Could be null on RSA case*/
sizeof(alg_values->details),
NULL,
0));
break;
}
default:
GNUNET_break (0);
return;
}
coin_priv->eddsa_priv.d[0] &= 248;
coin_priv->eddsa_priv.d[31] &= 127;
coin_priv->eddsa_priv.d[31] |= 64;

58
src/util/test_crypto.c
View File

@ -38,8 +38,10 @@ test_high_level (void)
struct TALER_TransferPublicKeyP trans_pub;
struct TALER_TransferSecretP secret;
struct TALER_TransferSecretP secret2;
struct TALER_PlanchetSecretsP fc1;
struct TALER_PlanchetSecretsP fc2;
union TALER_DenominationBlindingKeyP bks1;
union TALER_DenominationBlindingKeyP bks2;
struct TALER_CoinSpendPrivateKeyP coin_priv1;
struct TALER_CoinSpendPrivateKeyP coin_priv2;
GNUNET_CRYPTO_eddsa_key_create (&coin_priv.eddsa_priv);
GNUNET_CRYPTO_eddsa_key_get_public (&coin_priv.eddsa_priv,
@ -64,13 +66,18 @@ test_high_level (void)
&secret2));
TALER_planchet_setup_refresh (&secret,
0,
&fc1);
&coin_priv1,
&bks1);
TALER_planchet_setup_refresh (&secret,
1,
&fc2);
&coin_priv2,
&bks2);
GNUNET_assert (0 !=
GNUNET_memcmp (&fc1,
&fc2));
GNUNET_memcmp (&coin_priv1,
&coin_priv2));
GNUNET_assert (0 !=
GNUNET_memcmp (&bks1,
&bks2));
return 0;
}
@ -85,6 +92,8 @@ static int
test_planchets_rsa (void)
{
struct TALER_PlanchetSecretsP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
union TALER_DenominationBlindingKeyP bks;
struct TALER_DenominationPrivateKey dk_priv;
struct TALER_DenominationPublicKey dk_pub;
struct TALER_ExchangeWithdrawValues alg_values;
@ -93,6 +102,9 @@ test_planchets_rsa (void)
struct TALER_FreshCoin coin;
struct TALER_CoinPubHash c_hash;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&ps,
sizeof (ps));
GNUNET_assert (GNUNET_SYSERR ==
TALER_denom_priv_create (&dk_priv,
@ -110,12 +122,15 @@ test_planchets_rsa (void)
TALER_DENOMINATION_RSA,
1024));
alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_random (&ps,
&alg_values);
TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv);
TALER_planchet_blinding_secret_create (&ps, &alg_values, &bks);
GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (&dk_pub,
&alg_values,
&ps,
&bks,
&coin_priv,
&c_hash,
&pd));
GNUNET_assert (GNUNET_OK ==
@ -125,7 +140,8 @@ test_planchets_rsa (void)
GNUNET_assert (GNUNET_OK ==
TALER_planchet_to_coin (&dk_pub,
&blind_sig,
&ps,
&bks,
&coin_priv,
&c_hash,
&alg_values,
&coin));
@ -147,6 +163,8 @@ static int
test_planchets_cs (void)
{
struct TALER_PlanchetSecretsP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
union TALER_DenominationBlindingKeyP bks;
struct TALER_DenominationPrivateKey dk_priv;
struct TALER_DenominationPublicKey dk_pub;
struct TALER_PlanchetDetail pd;
@ -155,15 +173,18 @@ test_planchets_cs (void)
struct TALER_FreshCoin coin;
struct TALER_ExchangeWithdrawValues alg_values;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&ps,
sizeof (ps));
GNUNET_assert (GNUNET_OK ==
TALER_denom_priv_create (&dk_priv,
&dk_pub,
TALER_DENOMINATION_CS));
alg_values.cipher = TALER_DENOMINATION_CS;
TALER_planchet_setup_random (&ps,
&alg_values);
TALER_cs_withdraw_nonce_derive (&ps.coin_priv,
TALER_cs_withdraw_nonce_derive (&ps,
&pd.blinded_planchet.details.
cs_blinded_planchet.nonce);
GNUNET_assert (GNUNET_OK ==
@ -171,13 +192,17 @@ test_planchets_cs (void)
&pd.blinded_planchet.details.cs_blinded_planchet.nonce,
&dk_priv,
&alg_values.details.cs_values.r_pub));
TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv);
TALER_planchet_blinding_secret_create (&ps,
&alg_values);
&alg_values,
&bks);
GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (&dk_pub,
&alg_values,
&ps,
&bks,
&coin_priv,
&c_hash,
&pd));
@ -189,7 +214,8 @@ test_planchets_cs (void)
GNUNET_assert (GNUNET_OK ==
TALER_planchet_to_coin (&dk_pub,
&blind_sig,
&ps,
&bks,
&coin_priv,
&c_hash,
&alg_values,
&coin));

65
src/util/test_helper_cs.c
View File

@ -267,12 +267,19 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
enum TALER_ErrorCode ec;
bool success = false;
struct TALER_PlanchetSecretsP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
union TALER_DenominationBlindingKeyP bks;
struct TALER_CoinPubHash c_hash;
struct TALER_ExchangeWithdrawValues alg_values;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&ps,
sizeof (ps));
alg_values.cipher = TALER_DENOMINATION_CS;
TALER_planchet_setup_random (&ps,
&alg_values);
TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv);
TALER_planchet_blinding_secret_create (&ps, &alg_values, &bks);
for (unsigned int i = 0; i<MAX_KEYS; i++)
{
struct TALER_PlanchetDetail pd;
@ -283,7 +290,7 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
{
pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
TALER_cs_withdraw_nonce_derive (&ps.coin_priv,
TALER_cs_withdraw_nonce_derive (&ps,
&pd.blinded_planchet.details.
cs_blinded_planchet.nonce);
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
@ -325,11 +332,13 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
GNUNET_h2s (&keys[i].h_cs.hash));
TALER_planchet_blinding_secret_create (&ps,
&alg_values);
&alg_values,
&bks);
GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (&keys[i].denom_pub,
&alg_values,
&ps,
&bks,
&coin_priv,
&c_hash,
&pd));
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
@ -409,12 +418,19 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
enum TALER_ErrorCode ec;
bool success = false;
struct TALER_PlanchetSecretsP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
union TALER_DenominationBlindingKeyP bks;
struct TALER_CoinPubHash c_hash;
struct TALER_ExchangeWithdrawValues alg_values;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&ps,
sizeof (ps));
alg_values.cipher = TALER_DENOMINATION_CS;
TALER_planchet_setup_random (&ps,
&alg_values);
TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv);
TALER_planchet_blinding_secret_create (&ps, &alg_values, &bks);
for (unsigned int i = 0; i<MAX_KEYS; i++)
{
if (! keys[i].valid)
@ -424,7 +440,7 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
// keys[i].denom_pub.cipher = TALER_DENOMINATION_CS;
TALER_cs_withdraw_nonce_derive (&ps.coin_priv,
TALER_cs_withdraw_nonce_derive (&ps,
&pd.blinded_planchet.details.
cs_blinded_planchet.nonce);
alg_values.details.cs_values.r_pub
@ -435,12 +451,14 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
cs_blinded_planchet.nonce,
&ec);
TALER_planchet_blinding_secret_create (&ps,
&alg_values);
&alg_values,
&bks);
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub,
&alg_values,
&ps,
&bks,
&coin_priv,
&c_hash,
&pd));
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
@ -478,7 +496,8 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
if (GNUNET_OK !=
TALER_planchet_to_coin (&keys[i].denom_pub,
&ds,
&ps,
&bks,
&coin_priv,
&c_hash,
&alg_values,
&coin))
@ -536,7 +555,8 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[0].denom_pub,
&alg_values,
&ps,
&bks,
&coin_priv,
&c_hash,
&pd));
@ -574,11 +594,20 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
enum TALER_ErrorCode ec;
struct GNUNET_TIME_Relative duration;
struct TALER_PlanchetSecretsP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
union TALER_DenominationBlindingKeyP bks;
struct TALER_ExchangeWithdrawValues alg_values;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&ps,
sizeof (ps));
alg_values.cipher = TALER_DENOMINATION_CS;
TALER_planchet_setup_random (&ps,
&alg_values);
TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv);
TALER_planchet_blinding_secret_create (&ps, &alg_values, &bks);
duration = GNUNET_TIME_UNIT_ZERO;
TALER_CRYPTO_helper_cs_poll (dh);
for (unsigned int j = 0; j<NUM_SIGN_PERFS;)
@ -603,7 +632,7 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
TALER_cs_withdraw_nonce_derive (&ps.coin_priv,
TALER_cs_withdraw_nonce_derive (&ps,
&pd.blinded_planchet.details.
cs_blinded_planchet.nonce);
@ -615,12 +644,14 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
cs_blinded_planchet.nonce,
&ec);
TALER_planchet_blinding_secret_create (&ps,
&alg_values);
&alg_values,
&bks);
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub,
&alg_values,
&ps,
&bks,
&coin_priv,
&c_hash,
&pd));
/* use this key as long as it works */

30
src/util/test_helper_rsa.c
View File

@ -270,10 +270,17 @@ test_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh)
struct TALER_PlanchetSecretsP ps;
struct TALER_ExchangeWithdrawValues alg_values;
struct TALER_CoinPubHash c_hash;
struct TALER_CoinSpendPrivateKeyP coin_priv;
union TALER_DenominationBlindingKeyP bks;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&ps,
sizeof (ps));
alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_random (&ps,
&alg_values);
TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv);
TALER_planchet_blinding_secret_create (&ps, &alg_values, &bks);
for (unsigned int i = 0; i<MAX_KEYS; i++)
{
if (! keys[i].valid)
@ -287,7 +294,8 @@ test_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh)
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub,
&alg_values,
&ps,
&bks,
&coin_priv,
&c_hash,
&pd));
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
@ -332,7 +340,7 @@ test_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh)
if (GNUNET_OK !=
TALER_denom_sig_unblind (&rs,
&ds,
&ps.blinding_key,
&bks,
&keys[i].denom_pub))
{
GNUNET_break (0);
@ -429,11 +437,18 @@ perf_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
enum TALER_ErrorCode ec;
struct GNUNET_TIME_Relative duration;
struct TALER_PlanchetSecretsP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
union TALER_DenominationBlindingKeyP bks;
struct TALER_ExchangeWithdrawValues alg_values;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&ps,
sizeof (ps));
alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_random (&ps,
&alg_values);
TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv);
TALER_planchet_blinding_secret_create (&ps, &alg_values, &bks);
duration = GNUNET_TIME_UNIT_ZERO;
TALER_CRYPTO_helper_rsa_poll (dh);
for (unsigned int j = 0; j<NUM_SIGN_PERFS;)
@ -461,7 +476,8 @@ perf_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub,
&alg_values,
&ps,
&bks,
&coin_priv,
&c_hash,
&pd));
/* use this key as long as it works */