RSA-despecialization

2021-11-06 15:29:10 +01:00 · 2021-11-06 15:29:10 +01:00 · f01ab79015
commit f01ab79015
parent c3e244322b
4 changed files with 33 additions and 52 deletions
--- a/src/exchangedb/test_exchangedb.c
+++ b/src/exchangedb/test_exchangedb.c
@ -493,14 +493,14 @@ handle_link_data_cb (void *cls,
 *
 * @return #GNUNET_OK if everything went well; #GNUNET_SYSERR if not
 */
-static int
+static enum GNUNET_GenericReturnValue
 test_melting (void)
 {
  struct TALER_EXCHANGEDB_Refresh refresh_session;
  struct TALER_EXCHANGEDB_Melt ret_refresh_session;
  struct DenomKeyPair *dkp;
  struct TALER_DenominationPublicKey *new_denom_pubs;
-  int ret;
+  enum GNUNET_GenericReturnValue ret;
  enum GNUNET_DB_QueryStatus qs;
  struct GNUNET_TIME_Absolute now;

@ -524,17 +524,32 @@ test_melting (void)
  GNUNET_assert (NULL != dkp);
  /* initialize refresh session melt data */
  {
-    struct TALER_CoinPubHash hc;
+    struct TALER_CoinPubHash c_hash;
+    struct TALER_PlanchetDetail pd;
+    struct TALER_BlindedDenominationSignature bds;
+    union TALER_DenominationBlindingKeyP bks;

    RND_BLK (&refresh_session.coin.coin_pub);
-    TALER_coin_pub_hash (&refresh_session.coin.coin_pub,
-                         &hc);
-    refresh_session.coin.denom_sig.cipher = TALER_DENOMINATION_RSA;
-    refresh_session.coin.denom_sig.details.rsa_signature =
-      GNUNET_CRYPTO_rsa_sign_fdh (dkp->priv.details.rsa_private_key,
-                                  &hc.hash);
-    GNUNET_assert (NULL !=
-                   refresh_session.coin.denom_sig.details.rsa_signature);
+    TALER_blinding_secret_create (&bks);
+    GNUNET_assert (GNUNET_OK ==
+                   TALER_denom_blind (&dkp->pub,
+                                      &bks,
+                                      &refresh_session.coin.coin_pub,
+                                      &c_hash,
+                                      &pd.coin_ev,
+                                      &pd.coin_ev_size));
+    GNUNET_assert (GNUNET_OK ==
+                   TALER_denom_sign_blinded (&bds,
+                                             &dkp->priv,
+                                             pd.coin_ev,
+                                             pd.coin_ev_size));
+    GNUNET_free (pd.coin_ev);
+    GNUNET_assert (GNUNET_OK ==
+                   TALER_denom_sig_unblind (&refresh_session.coin.denom_sig,
+                                            &bds,
+                                            &bks,
+                                            &dkp->pub));
+    TALER_blinded_denom_sig_free (&bds);
    TALER_denom_pub_hash (&dkp->pub,
                          &refresh_session.coin.denom_pub_hash);
    refresh_session.amount_with_fee = amount_with_fee;
@ -564,11 +579,10 @@ test_melting (void)
          TALER_amount_cmp (&fee_refresh,
                            &ret_refresh_session.melt_fee));
  FAILIF (0 !=
-          GNUNET_memcmp (&refresh_session.rc, &ret_refresh_session.session.rc));
+          GNUNET_memcmp (&refresh_session.rc,
+                         &ret_refresh_session.session.rc));
  FAILIF (0 != GNUNET_memcmp (&refresh_session.coin_sig,
                              &ret_refresh_session.session.coin_sig));
-  FAILIF (NULL !=
-          ret_refresh_session.session.coin.denom_sig.details.rsa_signature);
  FAILIF (0 != memcmp (&refresh_session.coin.coin_pub,
                       &ret_refresh_session.session.coin.coin_pub,
                       sizeof (refresh_session.coin.coin_pub)));
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@ -2167,22 +2167,4 @@ TALER_merchant_wire_signature_make (
  struct TALER_MerchantSignatureP *merch_sig);


-/**
- * Blinds the given message with the given blinding key
- *
- * @param hash hash of the message to sign
- * @param bks the blinding key
- * @param pkey the public key of the signer
- * @param[out] buf set to a buffer with the blinded message to be signed
- * @param[out] buf_size number of bytes stored in @a buf
- * @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious
- */
-enum GNUNET_GenericReturnValue
-TALER_rsa_blind (const struct TALER_CoinPubHash *hash,
-                 const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
-                 struct GNUNET_CRYPTO_RsaPublicKey *pkey,
-                 void **buf,
-                 size_t *buf_size);
-
-
 #endif
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@ -305,21 +305,6 @@ TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc,
 }


-enum GNUNET_GenericReturnValue
-TALER_rsa_blind (const struct TALER_CoinPubHash *hash,
-                 const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
-                 struct GNUNET_CRYPTO_RsaPublicKey *pkey,
-                 void **buf,
-                 size_t *buf_size)
-{
-  return GNUNET_CRYPTO_rsa_blind (&hash->hash,
-                                  bks,
-                                  pkey,
-                                  buf,
-                                  buf_size);
-}
-
-
 void
 TALER_coin_ev_hash (const void *coin_ev,
                    size_t coin_ev_size,
--- a/src/util/denom.c
+++ b/src/util/denom.c
@ -230,11 +230,11 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk,
    TALER_coin_pub_hash (coin_pub,
                         c_hash);
    if (GNUNET_YES !=
-        TALER_rsa_blind (c_hash,
-                         &coin_bks->rsa_bks,
-                         dk->details.rsa_public_key,
-                         coin_ev,
-                         coin_ev_size))
+        GNUNET_CRYPTO_rsa_blind (&c_hash->hash,
+                                 &coin_bks->rsa_bks,
+                                 dk->details.rsa_public_key,
+                                 coin_ev,
+                                 coin_ev_size))
    {
      GNUNET_break (0);
      return GNUNET_SYSERR;