From b280b1db0456e883c9976579ea929ed47cbbb7f5 Mon Sep 17 00:00:00 2001 From: Gian Demarmels Date: Sat, 5 Feb 2022 23:12:21 +0100 Subject: [PATCH] fix src/util --- src/include/taler_crypto_lib.h | 2 +- src/util/crypto.c | 62 +++++++++++++++++++++----------- src/util/test_crypto.c | 58 +++++++++++++++++++++--------- src/util/test_helper_cs.c | 65 +++++++++++++++++++++++++--------- src/util/test_helper_rsa.c | 30 ++++++++++++---- 5 files changed, 156 insertions(+), 61 deletions(-) diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 0783b1e85..4abb985a6 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -1028,7 +1028,7 @@ TALER_planchet_setup_coin_priv ( */ void TALER_cs_withdraw_nonce_derive ( - const struct TALER_CoinSpendPrivateKeyP *coin_priv, + const struct TALER_PlanchetSecretsP *ps, struct TALER_CsNonce *nonce); diff --git a/src/util/crypto.c b/src/util/crypto.c index 4363c5616..a142859aa 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -198,7 +198,7 @@ cs_blinding_seed_derive (const struct void TALER_cs_withdraw_nonce_derive (const struct - TALER_CoinSpendPrivateKeyP *coin_priv, + TALER_PlanchetSecretsP *ps, struct TALER_CsNonce *nonce) { GNUNET_assert (GNUNET_YES == @@ -208,8 +208,8 @@ TALER_cs_withdraw_nonce_derive (const struct GCRY_MD_SHA256, "n", strlen ("n"), - coin_priv, - sizeof(*coin_priv), + ps, + sizeof(*ps), NULL, 0)); } @@ -239,16 +239,13 @@ TALER_planchet_blinding_secret_create (const struct TALER_PlanchetSecretsP *ps, case TALER_DENOMINATION_RSA: GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_hkdf (&bks->rsa_bks, - sizeof (struct - GNUNET_CRYPTO_RsaBlindingKeySecret), + sizeof (bks->rsa_bks), GCRY_MD_SHA512, GCRY_MD_SHA256, "bks", strlen ("bks"), ps, sizeof(*ps), - &alg_values->details, /* Could be null on RSA case*/ - sizeof(alg_values->details), NULL, 0)); return; @@ -271,19 +268,44 @@ TALER_planchet_setup_coin_priv ( const struct TALER_ExchangeWithdrawValues *alg_values, struct TALER_CoinSpendPrivateKeyP *coin_priv) { - GNUNET_assert (GNUNET_YES == - GNUNET_CRYPTO_hkdf (coin_priv, - sizeof (*coin_priv), - GCRY_MD_SHA512, - GCRY_MD_SHA256, - "coin", - strlen ("coin"), - ps, - sizeof(*ps), - &alg_values->details, /* Could be null on RSA case*/ - sizeof(alg_values->details), - NULL, - 0)); + switch (alg_values->cipher) + { + case TALER_DENOMINATION_RSA: + { + GNUNET_assert (GNUNET_YES == + GNUNET_CRYPTO_hkdf (coin_priv, + sizeof (*coin_priv), + GCRY_MD_SHA512, + GCRY_MD_SHA256, + "coin", + strlen ("coin"), + ps, + sizeof(*ps), + NULL, + 0)); + break; + } + case TALER_DENOMINATION_CS: + { + GNUNET_assert (GNUNET_YES == + GNUNET_CRYPTO_hkdf (coin_priv, + sizeof (*coin_priv), + GCRY_MD_SHA512, + GCRY_MD_SHA256, + "coin", + strlen ("coin"), + ps, + sizeof(*ps), + &alg_values->details, /* Could be null on RSA case*/ + sizeof(alg_values->details), + NULL, + 0)); + break; + } + default: + GNUNET_break (0); + return; + } coin_priv->eddsa_priv.d[0] &= 248; coin_priv->eddsa_priv.d[31] &= 127; coin_priv->eddsa_priv.d[31] |= 64; diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c index 9f01b74c7..218b593a5 100644 --- a/src/util/test_crypto.c +++ b/src/util/test_crypto.c @@ -38,8 +38,10 @@ test_high_level (void) struct TALER_TransferPublicKeyP trans_pub; struct TALER_TransferSecretP secret; struct TALER_TransferSecretP secret2; - struct TALER_PlanchetSecretsP fc1; - struct TALER_PlanchetSecretsP fc2; + union TALER_DenominationBlindingKeyP bks1; + union TALER_DenominationBlindingKeyP bks2; + struct TALER_CoinSpendPrivateKeyP coin_priv1; + struct TALER_CoinSpendPrivateKeyP coin_priv2; GNUNET_CRYPTO_eddsa_key_create (&coin_priv.eddsa_priv); GNUNET_CRYPTO_eddsa_key_get_public (&coin_priv.eddsa_priv, @@ -64,13 +66,18 @@ test_high_level (void) &secret2)); TALER_planchet_setup_refresh (&secret, 0, - &fc1); + &coin_priv1, + &bks1); TALER_planchet_setup_refresh (&secret, 1, - &fc2); + &coin_priv2, + &bks2); GNUNET_assert (0 != - GNUNET_memcmp (&fc1, - &fc2)); + GNUNET_memcmp (&coin_priv1, + &coin_priv2)); + GNUNET_assert (0 != + GNUNET_memcmp (&bks1, + &bks2)); return 0; } @@ -85,6 +92,8 @@ static int test_planchets_rsa (void) { struct TALER_PlanchetSecretsP ps; + struct TALER_CoinSpendPrivateKeyP coin_priv; + union TALER_DenominationBlindingKeyP bks; struct TALER_DenominationPrivateKey dk_priv; struct TALER_DenominationPublicKey dk_pub; struct TALER_ExchangeWithdrawValues alg_values; @@ -93,6 +102,9 @@ test_planchets_rsa (void) struct TALER_FreshCoin coin; struct TALER_CoinPubHash c_hash; + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG, + &ps, + sizeof (ps)); GNUNET_assert (GNUNET_SYSERR == TALER_denom_priv_create (&dk_priv, @@ -110,12 +122,15 @@ test_planchets_rsa (void) TALER_DENOMINATION_RSA, 1024)); alg_values.cipher = TALER_DENOMINATION_RSA; - TALER_planchet_setup_random (&ps, - &alg_values); + + TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv); + TALER_planchet_blinding_secret_create (&ps, &alg_values, &bks); + GNUNET_assert (GNUNET_OK == TALER_planchet_prepare (&dk_pub, &alg_values, - &ps, + &bks, + &coin_priv, &c_hash, &pd)); GNUNET_assert (GNUNET_OK == @@ -125,7 +140,8 @@ test_planchets_rsa (void) GNUNET_assert (GNUNET_OK == TALER_planchet_to_coin (&dk_pub, &blind_sig, - &ps, + &bks, + &coin_priv, &c_hash, &alg_values, &coin)); @@ -147,6 +163,8 @@ static int test_planchets_cs (void) { struct TALER_PlanchetSecretsP ps; + struct TALER_CoinSpendPrivateKeyP coin_priv; + union TALER_DenominationBlindingKeyP bks; struct TALER_DenominationPrivateKey dk_priv; struct TALER_DenominationPublicKey dk_pub; struct TALER_PlanchetDetail pd; @@ -155,15 +173,18 @@ test_planchets_cs (void) struct TALER_FreshCoin coin; struct TALER_ExchangeWithdrawValues alg_values; + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG, + &ps, + sizeof (ps)); + GNUNET_assert (GNUNET_OK == TALER_denom_priv_create (&dk_priv, &dk_pub, TALER_DENOMINATION_CS)); alg_values.cipher = TALER_DENOMINATION_CS; - TALER_planchet_setup_random (&ps, - &alg_values); - TALER_cs_withdraw_nonce_derive (&ps.coin_priv, + + TALER_cs_withdraw_nonce_derive (&ps, &pd.blinded_planchet.details. cs_blinded_planchet.nonce); GNUNET_assert (GNUNET_OK == @@ -171,13 +192,17 @@ test_planchets_cs (void) &pd.blinded_planchet.details.cs_blinded_planchet.nonce, &dk_priv, &alg_values.details.cs_values.r_pub)); + + TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv); TALER_planchet_blinding_secret_create (&ps, - &alg_values); + &alg_values, + &bks); GNUNET_assert (GNUNET_OK == TALER_planchet_prepare (&dk_pub, &alg_values, - &ps, + &bks, + &coin_priv, &c_hash, &pd)); @@ -189,7 +214,8 @@ test_planchets_cs (void) GNUNET_assert (GNUNET_OK == TALER_planchet_to_coin (&dk_pub, &blind_sig, - &ps, + &bks, + &coin_priv, &c_hash, &alg_values, &coin)); diff --git a/src/util/test_helper_cs.c b/src/util/test_helper_cs.c index c4e68376b..4f635d404 100644 --- a/src/util/test_helper_cs.c +++ b/src/util/test_helper_cs.c @@ -267,12 +267,19 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh) enum TALER_ErrorCode ec; bool success = false; struct TALER_PlanchetSecretsP ps; + struct TALER_CoinSpendPrivateKeyP coin_priv; + union TALER_DenominationBlindingKeyP bks; struct TALER_CoinPubHash c_hash; struct TALER_ExchangeWithdrawValues alg_values; + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG, + &ps, + sizeof (ps)); + alg_values.cipher = TALER_DENOMINATION_CS; - TALER_planchet_setup_random (&ps, - &alg_values); + TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv); + TALER_planchet_blinding_secret_create (&ps, &alg_values, &bks); + for (unsigned int i = 0; i