conditionally use (un)blinding implementation from libgnunetutil
This commit is contained in:
parent
86dd5d46dd
commit
d3b714922f
@ -438,11 +438,11 @@ verify_and_execute_recoup (struct MHD_Connection *connection,
|
||||
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
|
||||
&c_hash);
|
||||
if (GNUNET_YES !=
|
||||
GNUNET_CRYPTO_rsa_blind (&c_hash,
|
||||
&coin_bks->bks,
|
||||
dki->denom_pub.rsa_public_key,
|
||||
&coin_ev,
|
||||
&coin_ev_size))
|
||||
TALER_rsa_blind (&c_hash,
|
||||
&coin_bks->bks,
|
||||
dki->denom_pub.rsa_public_key,
|
||||
&coin_ev,
|
||||
&coin_ev_size))
|
||||
{
|
||||
GNUNET_break (0);
|
||||
TEH_KS_release (key_state);
|
||||
|
||||
@ -1142,4 +1142,37 @@ TALER_merchant_wire_signature_make (
|
||||
struct TALER_MerchantSignatureP *merch_sig);
|
||||
|
||||
|
||||
/**
|
||||
* Blinds the given message with the given blinding key
|
||||
*
|
||||
* @param hash hash of the message to sign
|
||||
* @param bkey the blinding key
|
||||
* @param pkey the public key of the signer
|
||||
* @param[out] buf set to a buffer with the blinded message to be signed
|
||||
* @param[out] buf_size number of bytes stored in @a buf
|
||||
* @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious
|
||||
*/
|
||||
int
|
||||
TALER_rsa_blind (const struct GNUNET_HashCode *hash,
|
||||
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
|
||||
struct GNUNET_CRYPTO_RsaPublicKey *pkey,
|
||||
void **buf,
|
||||
size_t *buf_size);
|
||||
|
||||
|
||||
/**
|
||||
* Unblind a blind-signed signature. The signature should have been generated
|
||||
* with #GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with
|
||||
* #GNUNET_CRYPTO_rsa_blind().
|
||||
*
|
||||
* @param sig the signature made on the blinded signature purpose
|
||||
* @param bks the blinding key secret used to blind the signature purpose
|
||||
* @param pkey the public key of the signer
|
||||
* @return unblinded signature on success, NULL if RSA key is bad or malicious.
|
||||
*/
|
||||
struct GNUNET_CRYPTO_RsaSignature *
|
||||
TALER_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
|
||||
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
|
||||
struct GNUNET_CRYPTO_RsaPublicKey *pkey);
|
||||
|
||||
#endif
|
||||
|
||||
@ -123,9 +123,9 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh,
|
||||
/* extract coin and signature */
|
||||
*coin_priv = fc.coin_priv;
|
||||
sig->rsa_signature
|
||||
= GNUNET_CRYPTO_rsa_unblind (bsig,
|
||||
&fc.blinding_key.bks,
|
||||
rpub);
|
||||
= TALER_rsa_unblind (bsig,
|
||||
&fc.blinding_key.bks,
|
||||
rpub);
|
||||
/* verify link_sig */
|
||||
{
|
||||
struct TALER_PlanchetDetail pd;
|
||||
|
||||
@ -25,6 +25,19 @@
|
||||
#include "taler_util.h"
|
||||
#include <gcrypt.h>
|
||||
|
||||
/**
|
||||
* Should we use the RSA blind signing implementation
|
||||
* from libgnunetutil? The blinding only works
|
||||
* correctly with a current version of libgnunetutil.
|
||||
*
|
||||
* Only applies to blinding and unblinding, but
|
||||
* not to blind signing.
|
||||
*
|
||||
* FIXME: Can we define some macro for this in configure.ac
|
||||
* to detect the version?
|
||||
*/
|
||||
#define USE_GNUNET_RSA_BLINDING 1
|
||||
|
||||
|
||||
/**
|
||||
* Function called by libgcrypt on serious errors.
|
||||
@ -245,11 +258,11 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
|
||||
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
|
||||
c_hash);
|
||||
if (GNUNET_YES !=
|
||||
GNUNET_CRYPTO_rsa_blind (c_hash,
|
||||
&ps->blinding_key.bks,
|
||||
dk->rsa_public_key,
|
||||
&pd->coin_ev,
|
||||
&pd->coin_ev_size))
|
||||
TALER_rsa_blind (c_hash,
|
||||
&ps->blinding_key.bks,
|
||||
dk->rsa_public_key,
|
||||
&pd->coin_ev,
|
||||
&pd->coin_ev_size))
|
||||
{
|
||||
GNUNET_break_op (0);
|
||||
return GNUNET_SYSERR;
|
||||
@ -280,9 +293,9 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
|
||||
{
|
||||
struct GNUNET_CRYPTO_RsaSignature *sig;
|
||||
|
||||
sig = GNUNET_CRYPTO_rsa_unblind (blind_sig,
|
||||
&ps->blinding_key.bks,
|
||||
dk->rsa_public_key);
|
||||
sig = TALER_rsa_unblind (blind_sig,
|
||||
&ps->blinding_key.bks,
|
||||
dk->rsa_public_key);
|
||||
if (GNUNET_OK !=
|
||||
GNUNET_CRYPTO_rsa_verify (c_hash,
|
||||
sig,
|
||||
@ -381,4 +394,58 @@ TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc,
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Blinds the given message with the given blinding key
|
||||
*
|
||||
* @param hash hash of the message to sign
|
||||
* @param bkey the blinding key
|
||||
* @param pkey the public key of the signer
|
||||
* @param[out] buf set to a buffer with the blinded message to be signed
|
||||
* @param[out] buf_size number of bytes stored in @a buf
|
||||
* @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious
|
||||
*/
|
||||
int
|
||||
TALER_rsa_blind (const struct GNUNET_HashCode *hash,
|
||||
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
|
||||
struct GNUNET_CRYPTO_RsaPublicKey *pkey,
|
||||
void **buf,
|
||||
size_t *buf_size)
|
||||
{
|
||||
#if USE_GNUNET_RSA_BLINDING
|
||||
return GNUNET_CRYPTO_rsa_blind (hash,
|
||||
bks,
|
||||
pkey,
|
||||
buf,
|
||||
buf_size);
|
||||
#else
|
||||
# error "FIXME: implement"
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Unblind a blind-signed signature. The signature should have been generated
|
||||
* with #GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with
|
||||
* #GNUNET_CRYPTO_rsa_blind().
|
||||
*
|
||||
* @param sig the signature made on the blinded signature purpose
|
||||
* @param bks the blinding key secret used to blind the signature purpose
|
||||
* @param pkey the public key of the signer
|
||||
* @return unblinded signature on success, NULL if RSA key is bad or malicious.
|
||||
*/
|
||||
struct GNUNET_CRYPTO_RsaSignature *
|
||||
TALER_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
|
||||
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
|
||||
struct GNUNET_CRYPTO_RsaPublicKey *pkey)
|
||||
{
|
||||
#if USE_GNUNET_RSA_BLINDING
|
||||
return GNUNET_CRYPTO_rsa_unblind (sig,
|
||||
bks,
|
||||
pkey);
|
||||
#else
|
||||
# error "FIXME: implement"
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
/* end of crypto.c */
|
||||
|
||||
@ -254,11 +254,11 @@ test_signing (struct TALER_CRYPTO_DenominationHelper *dh)
|
||||
void *buf;
|
||||
size_t buf_size;
|
||||
GNUNET_assert (GNUNET_YES ==
|
||||
GNUNET_CRYPTO_rsa_blind (&m_hash,
|
||||
&bks,
|
||||
keys[i].denom_pub.rsa_public_key,
|
||||
&buf,
|
||||
&buf_size));
|
||||
TALER_rsa_blind (&m_hash,
|
||||
&bks,
|
||||
keys[i].denom_pub.rsa_public_key,
|
||||
&buf,
|
||||
&buf_size));
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
|
||||
"Requesting signature over %u bytes with key %s\n",
|
||||
(unsigned int) buf_size,
|
||||
@ -290,9 +290,9 @@ test_signing (struct TALER_CRYPTO_DenominationHelper *dh)
|
||||
{
|
||||
struct GNUNET_CRYPTO_RsaSignature *rs;
|
||||
|
||||
rs = GNUNET_CRYPTO_rsa_unblind (ds.rsa_signature,
|
||||
&bks,
|
||||
keys[i].denom_pub.rsa_public_key);
|
||||
rs = TALER_rsa_unblind (ds.rsa_signature,
|
||||
&bks,
|
||||
keys[i].denom_pub.rsa_public_key);
|
||||
if (NULL == rs)
|
||||
{
|
||||
GNUNET_break (0);
|
||||
@ -409,11 +409,11 @@ perf_signing (struct TALER_CRYPTO_DenominationHelper *dh)
|
||||
size_t buf_size;
|
||||
|
||||
GNUNET_assert (GNUNET_YES ==
|
||||
GNUNET_CRYPTO_rsa_blind (&m_hash,
|
||||
&bks,
|
||||
keys[i].denom_pub.rsa_public_key,
|
||||
&buf,
|
||||
&buf_size));
|
||||
TALER_rsa_blind (&m_hash,
|
||||
&bks,
|
||||
keys[i].denom_pub.rsa_public_key,
|
||||
&buf,
|
||||
&buf_size));
|
||||
/* use this key as long as it works */
|
||||
while (1)
|
||||
{
|
||||
|
||||
Loading…
Reference in New Issue
Block a user