taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

more crypto refactoring

Browse Source
This commit is contained in:
Christian Grothoff 2021-11-05 22:48:11 +01:00
parent ba627bf84c
commit eaf9d728f5
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
4 changed files with 22 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/include/taler_crypto_lib.h
View File

@ -2165,19 +2165,4 @@ TALER_rsa_blind (const struct TALER_CoinPubHash *hash,
size_t *buf_size);
/**
* Unblind a blind-signed signature. The signature should have been generated
* with GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with
* GNUNET_CRYPTO_rsa_blind().
*
* @param sig the signature made on the blinded signature purpose
* @param bks the blinding key secret used to blind the signature purpose
* @param pkey the public key of the signer
* @return unblinded signature on success, NULL if RSA key is bad or malicious.
*/
struct GNUNET_CRYPTO_RsaSignature *
TALER_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
struct GNUNET_CRYPTO_RsaPublicKey *pkey);
#endif

16
src/lib/exchange_api_link.c
View File

@ -123,14 +123,16 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh,
&fc);
/* extract coin and signature */
if (GNUNET_OK !=
TALER_denom_sig_unblind (sig,
&bsig,
&fc.blinding_key,
&rpub))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
*coin_priv = fc.coin_priv;
// FIXME: use more generlized unblinding API!
GNUNET_assert (TALER_DENOMINATION_RSA == bsig.cipher);
sig->cipher = TALER_DENOMINATION_RSA;
sig->details.rsa_signature
= TALER_rsa_unblind (bsig.details.blinded_rsa_signature,
&fc.blinding_key.rsa_bks,
rpub.details.rsa_public_key);
/* verify link_sig */
{
struct TALER_PlanchetDetail pd;

37
src/util/crypto.c
View File

@ -188,9 +188,8 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
// FIXME-Oec: replace with function that
// also hashes the age vector if we have
// one!
GNUNET_CRYPTO_hash (&coin_pub.eddsa_pub,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
&c_hash->hash);
TALER_coin_pub_hash (&coin_pub,
c_hash);
// FIXME-Gian/Lucien: this will be the bigger
// change, as you have the extra round trip
// => to be discussed!
@ -221,23 +220,22 @@ TALER_planchet_to_coin (
{
struct TALER_DenominationSignature sig;
// FIXME-Gian/Lucien: this may need a bigger
// change, as you have the extra round trip
// => to be discussed!
GNUNET_assert (TALER_DENOMINATION_RSA == dk->cipher);
GNUNET_assert (TALER_DENOMINATION_RSA == blind_sig->cipher);
sig.cipher = TALER_DENOMINATION_RSA;
sig.details.rsa_signature
= TALER_rsa_unblind (blind_sig->details.blinded_rsa_signature,
&ps->blinding_key.rsa_bks,
dk->details.rsa_public_key);
if (GNUNET_OK !=
TALER_denom_sig_unblind (&sig,
blind_sig,
&ps->blinding_key,
dk))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
if (GNUNET_OK !=
TALER_denom_pub_verify (dk,
&sig,
c_hash))
{
GNUNET_break_op (0);
GNUNET_CRYPTO_rsa_signature_free (sig.details.rsa_signature);
TALER_denom_sig_free (&sig);
return GNUNET_SYSERR;
}
coin->sig = sig;
@ -330,17 +328,6 @@ TALER_rsa_blind (const struct TALER_CoinPubHash *hash,
}
struct GNUNET_CRYPTO_RsaSignature *
TALER_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
struct GNUNET_CRYPTO_RsaPublicKey *pkey)
{
return GNUNET_CRYPTO_rsa_unblind (sig,
bks,
pkey);
}
void
TALER_coin_ev_hash (const void *coin_ev,
size_t coin_ev_size,

2
src/util/denom.c
View File

@ -128,7 +128,7 @@ TALER_denom_sig_unblind (
return GNUNET_SYSERR;
case TALER_DENOMINATION_RSA:
denom_sig->details.rsa_signature
= TALER_rsa_unblind (
= GNUNET_CRYPTO_rsa_unblind (
bdenom_sig->details.blinded_rsa_signature,
&bks->rsa_bks,
denom_pub->details.rsa_public_key);