From f6ecb6c895879ee4b5db3061593feaad3456d1c8 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 25 Dec 2021 15:39:01 +0100 Subject: [PATCH] -eliminate redundant hash operation on link signatures --- .../taler-exchange-httpd_refreshes_reveal.c | 10 ++++++++-- src/exchangedb/plugin_exchangedb_postgres.c | 6 ++++-- src/include/taler_crypto_lib.h | 6 ++---- src/include/taler_exchangedb_plugin.h | 16 +++++++++++----- src/lib/exchange_api_link.c | 8 ++++++-- src/util/wallet_signatures.c | 10 +++------- 6 files changed, 34 insertions(+), 22 deletions(-) diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c index 1cd28048b..551e84108 100644 --- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c +++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c @@ -297,11 +297,14 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection, { unsigned int num_fresh_coins = json_array_size (new_denoms_h_json); /* We know num_fresh_coins is bounded by #MAX_FRESH_COINS, so this is safe */ + // FIXME: messy to have so many arrays -- and then + // later we copy them around! Avoidable!?! const struct TEH_DenominationKey *dks[num_fresh_coins]; struct TALER_DenominationHash dk_h[num_fresh_coins]; struct TALER_RefreshCoinData rcds[num_fresh_coins]; struct TALER_CoinSpendSignatureP link_sigs[num_fresh_coins]; struct TALER_BlindedDenominationSignature ev_sigs[num_fresh_coins]; + struct TALER_BlindedCoinHash h_blind_ev[num_fresh_coins]; MHD_RESULT ret; struct TEH_KeyStateHandle *ksh; uint64_t melt_serial_id; @@ -398,6 +401,9 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection, GNUNET_free (rcds[j].coin_ev); return (GNUNET_NO == res) ? MHD_YES : MHD_NO; } + GNUNET_CRYPTO_hash (rcd->coin_ev, + rcd->coin_ev_size, + &h_blind_ev[i].hash); rcd->dk = &dks[i]->denom_pub; } @@ -468,8 +474,7 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection, TALER_wallet_link_verify ( &dk_h[i], &rctx->gamma_tp, - rcds[i].coin_ev, - rcds[i].coin_ev_size, + &h_blind_ev[i], &rctx->melt.session.coin.coin_pub, &link_sigs[i])) { @@ -529,6 +534,7 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection, rrc->coin_ev = rcds[i].coin_ev; rrc->coin_ev_size = rcds[i].coin_ev_size; rrc->coin_sig = ev_sigs[i]; + rrc->coin_envelope_hash = h_blind_ev[i]; } qs = TEH_plugin->insert_refresh_reveal (TEH_plugin->cls, melt_serial_id, diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index d5290d9c0..32b04403d 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -906,6 +906,7 @@ prepare_statements (struct PostgresClosure *pg) "SELECT " " rrc.freshcoin_index" ",denom.denom_pub_hash" + ",rrc.h_coin_ev" ",rrc.link_sig" ",rrc.coin_ev" ",rrc.ev_sig" @@ -6113,8 +6114,7 @@ postgres_insert_refresh_reveal ( GNUNET_PQ_query_param_auto_from_type (tp), GNUNET_PQ_query_param_fixed_size ( tprivs, - num_tprivs - * sizeof (struct TALER_TransferPrivateKeyP)), + num_tprivs * sizeof (struct TALER_TransferPrivateKeyP)), GNUNET_PQ_query_param_end }; @@ -6199,6 +6199,8 @@ add_revealed_coins (void *cls, &rrc->h_denom_pub), GNUNET_PQ_result_spec_auto_from_type ("link_sig", &rrc->orig_coin_link_sig), + GNUNET_PQ_result_spec_auto_from_type ("h_coin_ev", + &rrc->coin_envelope_hash), GNUNET_PQ_result_spec_variable_size ("coin_ev", (void **) &rrc->coin_ev, &rrc->coin_ev_size), diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index db38c0c22..e6c5e2a4d 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -1788,8 +1788,7 @@ TALER_wallet_link_sign (const struct TALER_DenominationHash *h_denom_pub, * * @param h_denom_pub hash of the denomiantion public key of the new coin * @param transfer_pub transfer public key - * @param coin_ev coin envelope - * @param coin_ev_size number of bytes in @a coin_ev + * @param h_coin_ev hash of the coin envelope * @param old_coin_pub old coin key that the link signature is for * @param coin_sig resulting signature * @return #GNUNET_OK if the signature is valid @@ -1798,8 +1797,7 @@ enum GNUNET_GenericReturnValue TALER_wallet_link_verify ( const struct TALER_DenominationHash *h_denom_pub, const struct TALER_TransferPublicKeyP *transfer_pub, - const void *coin_ev, - size_t coin_ev_size, + const struct TALER_BlindedCoinHash *h_coin_ev, const struct TALER_CoinSpendPublicKeyP *old_coin_pub, const struct TALER_CoinSpendSignatureP *coin_sig); diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 357d9f073..3c7840ef0 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -1635,6 +1635,16 @@ struct TALER_EXCHANGEDB_RefreshRevealedCoin */ struct TALER_CoinSpendSignatureP orig_coin_link_sig; + /** + * Hash of the blinded new coin, that is @e coin_ev. + */ + struct TALER_BlindedCoinHash coin_envelope_hash; + + /** + * Signature generated by the exchange over the coin (in blinded format). + */ + struct TALER_BlindedDenominationSignature coin_sig; + /** * Blinded message to be signed (in envelope), with @e coin_env_size bytes. */ @@ -1645,10 +1655,6 @@ struct TALER_EXCHANGEDB_RefreshRevealedCoin */ size_t coin_ev_size; - /** - * Signature generated by the exchange over the coin (in blinded format). - */ - struct TALER_BlindedDenominationSignature coin_sig; }; @@ -2972,7 +2978,7 @@ struct TALER_EXCHANGEDB_Plugin /** - * Lookup in the database for the @a num_freshcoins coins that we + * Lookup in the database for the fresh coins that we * created in the given refresh operation. * * @param cls the @e cls of this struct with the plugin-specific state diff --git a/src/lib/exchange_api_link.c b/src/lib/exchange_api_link.c index 55d3bdb66..ec085b533 100644 --- a/src/lib/exchange_api_link.c +++ b/src/lib/exchange_api_link.c @@ -138,6 +138,7 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh, struct TALER_PlanchetDetail pd; struct TALER_CoinPubHash c_hash; struct TALER_CoinSpendPublicKeyP old_coin_pub; + struct TALER_BlindedCoinHash coin_envelope_hash; GNUNET_CRYPTO_eddsa_key_get_public (&lh->coin_priv.eddsa_priv, &old_coin_pub.eddsa_pub); @@ -151,11 +152,14 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh, GNUNET_JSON_parse_free (spec); return GNUNET_SYSERR; } + GNUNET_CRYPTO_hash (pd.coin_ev, + pd.coin_ev_size, + &coin_envelope_hash.hash); + if (GNUNET_OK != TALER_wallet_link_verify (&pd.denom_pub_hash, trans_pub, - pd.coin_ev, - pd.coin_ev_size, + &coin_envelope_hash, &old_coin_pub, &link_sig)) { diff --git a/src/util/wallet_signatures.c b/src/util/wallet_signatures.c index 9c3723b0a..c46dd670b 100644 --- a/src/util/wallet_signatures.c +++ b/src/util/wallet_signatures.c @@ -133,9 +133,7 @@ enum GNUNET_GenericReturnValue TALER_wallet_link_verify ( const struct TALER_DenominationHash *h_denom_pub, const struct TALER_TransferPublicKeyP *transfer_pub, - // FIXME: consider passing hash! - const void *coin_ev, - size_t coin_ev_size, + const struct TALER_BlindedCoinHash *h_coin_ev, const struct TALER_CoinSpendPublicKeyP *old_coin_pub, const struct TALER_CoinSpendSignatureP *coin_sig) { @@ -143,12 +141,10 @@ TALER_wallet_link_verify ( .purpose.size = htonl (sizeof (ldp)), .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_LINK), .h_denom_pub = *h_denom_pub, - .transfer_pub = *transfer_pub + .transfer_pub = *transfer_pub, + .coin_envelope_hash = *h_coin_ev }; - GNUNET_CRYPTO_hash (coin_ev, - coin_ev_size, - &ldp.coin_envelope_hash.hash); return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_LINK, &ldp,