taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

start to work on transformation

Browse Source
This commit is contained in:
Christian Grothoff 2021-10-22 22:30:33 +02:00
parent 55632b1fbf
commit fc371ea18b
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
3 changed files with 85 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
src/include/taler_crypto_lib.h
View File

@ -381,7 +381,7 @@ struct TALER_DenominationHash
/**
* Actual hash value.
*/
struct GNUNET_HashCode data;
struct GNUNET_HashCode hash;
};
@ -394,7 +394,7 @@ struct TALER_PrivateContractHash
/**
* Actual hash value.
*/
struct GNUNET_HashCode data;
struct GNUNET_HashCode hash;
};
@ -407,7 +407,7 @@ struct TALER_ExtensionContractHash
/**
* Actual hash value.
*/
struct GNUNET_HashCode data;
struct GNUNET_HashCode hash;
};
@ -420,7 +420,7 @@ struct TALER_MerchantWireHash
/**
* Actual hash value.
*/
struct GNUNET_HashCode data;
struct GNUNET_HashCode hash;
};
@ -433,7 +433,7 @@ struct TALER_PaytoHash
/**
* Actual hash value.
*/
struct GNUNET_HashCode data;
struct GNUNET_HashCode hash;
};
@ -446,7 +446,20 @@ struct TALER_BlindedCoinHash
/**
* Actual hash value.
*/
struct GNUNET_HashCode data;
struct GNUNET_HashCode hash;
};
/**
* Hash used to represent the hash of the public
* key of a coin (without blinding).
*/
struct TALER_CoinPubHash
{
/**
* Actual hash value.
*/
struct GNUNET_HashCode hash;
};
@ -633,6 +646,21 @@ TALER_denom_priv_to_pub (const struct TALER_DenominationPrivateKey *denom_priv,
struct TALER_DenominationPublicKey *denom_pub);
/**
* Verify signature made with a denomination public key
* over a coin.
*
* @param denom_pub public denomination key
* @param denom_sig signature made with the private key
* @param c_hash hash over the coin
* @return #GNUNET_OK if the signature is valid
*/
enum GNUNET_GenericReturnValue
TALER_denom_pub_verify (const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_DenominationSignature *denom_sig,
const struct TALER_CoinPubHash *c_hash);
/**
* Check if a coin is valid; that is, whether the denomination key exists,
* is not expired, and the signature is correct.
@ -846,7 +874,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps);
enum GNUNET_GenericReturnValue
TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
const struct TALER_PlanchetSecretsP *ps,
struct GNUNET_HashCode *c_hash,
struct TALER_CoinPubHash *c_hash,
struct TALER_PlanchetDetail *pd);
@ -865,7 +893,7 @@ enum GNUNET_GenericReturnValue
TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
const struct GNUNET_CRYPTO_RsaSignature *blind_sig,
const struct TALER_PlanchetSecretsP *ps,
const struct GNUNET_HashCode *c_hash,
const struct TALER_CoinPubHash *c_hash,
struct TALER_FreshCoin *coin);
@ -1886,7 +1914,7 @@ TALER_merchant_wire_signature_make (
* @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious
*/
enum GNUNET_GenericReturnValue
TALER_rsa_blind (const struct GNUNET_HashCode *hash,
TALER_rsa_blind (const struct TALER_CoinPubHash *hash,
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
struct GNUNET_CRYPTO_RsaPublicKey *pkey,
void **buf,

4
src/util/auditor_signatures.c
View File

@ -26,7 +26,7 @@
void
TALER_auditor_denom_validity_sign (
const char *auditor_url,
const struct GNUNET_HashCode *h_denom_pub,
const struct TALER_DenominationHash *h_denom_pub,
const struct TALER_MasterPublicKeyP *master_pub,
struct GNUNET_TIME_Absolute stamp_start,
struct GNUNET_TIME_Absolute stamp_expire_withdraw,
@ -73,7 +73,7 @@ TALER_auditor_denom_validity_sign (
enum GNUNET_GenericReturnValue
TALER_auditor_denom_validity_verify (
const char *auditor_url,
const struct GNUNET_HashCode *h_denom_pub,
const struct TALER_DenominationHash *h_denom_pub,
const struct TALER_MasterPublicKeyP *master_pub,
struct GNUNET_TIME_Absolute stamp_start,
struct GNUNET_TIME_Absolute stamp_expire_withdraw,

79
src/util/crypto.c
View File

@ -73,23 +73,26 @@ enum GNUNET_GenericReturnValue
TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info,
const struct TALER_DenominationPublicKey *denom_pub)
{
struct GNUNET_HashCode c_hash;
struct TALER_CoinPubHash c_hash;
#if ENABLE_SANITY_CHECKS
struct GNUNET_HashCode d_hash;
struct TALER_DenominationHash d_hash;
GNUNET_CRYPTO_rsa_public_key_hash (denom_pub->rsa_public_key,
&d_hash);
TALER_denom_pub_hash (denom_pub,
&d_hash);
GNUNET_assert (0 ==
GNUNET_memcmp (&d_hash,
&coin_public_info->denom_pub_hash));
#endif
// FIXME-Oec: replace with function that
// also hashes the age vector if we have
// one!
GNUNET_CRYPTO_hash (&coin_public_info->coin_pub,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
&c_hash);
&c_hash.hash);
if (GNUNET_OK !=
GNUNET_CRYPTO_rsa_verify (&c_hash,
coin_public_info->denom_sig.rsa_signature,
denom_pub->rsa_public_key))
TALER_denom_pub_verify (denom_pub,
&coin_public_info->denom_sig,
&c_hash))
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"coin signature is invalid\n");
@ -175,28 +178,35 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps)
enum GNUNET_GenericReturnValue
TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
const struct TALER_PlanchetSecretsP *ps,
struct GNUNET_HashCode *c_hash,
struct TALER_CoinPubHash *c_hash,
struct TALER_PlanchetDetail *pd)
{
struct TALER_CoinSpendPublicKeyP coin_pub;
GNUNET_CRYPTO_eddsa_key_get_public (&ps->coin_priv.eddsa_priv,
&coin_pub.eddsa_pub);
// FIXME-Oec: replace with function that
// also hashes the age vector if we have
// one!
GNUNET_CRYPTO_hash (&coin_pub.eddsa_pub,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
c_hash);
&c_hash->hash);
// FIXME-Gian/Lucien: this will be the bigger
// change, as you have the extra round trip
// => to be discussed!
GNUNET_assert (TALER_DENOMINATION_RSA == dk->cipher);
if (GNUNET_YES !=
TALER_rsa_blind (c_hash,
&ps->blinding_key.bks,
dk->rsa_public_key,
dk->details.rsa_public_key,
&pd->coin_ev,
&pd->coin_ev_size))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
GNUNET_CRYPTO_rsa_public_key_hash (dk->rsa_public_key,
&pd->denom_pub_hash);
TALER_denom_pub_hash (dk,
&pd->denom_pub_hash);
return GNUNET_OK;
}
@ -205,24 +215,30 @@ enum GNUNET_GenericReturnValue
TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
const struct GNUNET_CRYPTO_RsaSignature *blind_sig,
const struct TALER_PlanchetSecretsP *ps,
const struct GNUNET_HashCode *c_hash,
const struct TALER_CoinPubHash *c_hash,
struct TALER_FreshCoin *coin)
{
struct GNUNET_CRYPTO_RsaSignature *sig;
struct TALER_DenominationSignature sig;
sig = TALER_rsa_unblind (blind_sig,
&ps->blinding_key.bks,
dk->rsa_public_key);
// FIXME-Gian/Lucien: this will be the bigger
// change, as you have the extra round trip
// => to be discussed!
GNUNET_assert (TALER_DENOMINATION_RSA == dk->cipher);
sig.cipher = TALER_DENOMINATION_RSA;
sig.details.rsa_signature
= TALER_rsa_unblind (blind_sig,
&ps->blinding_key.bks,
dk->details.rsa_public_key);
if (GNUNET_OK !=
GNUNET_CRYPTO_rsa_verify (c_hash,
sig,
dk->rsa_public_key))
TALER_denom_pub_verify (dk,
&sig,
c_hash))
{
GNUNET_break_op (0);
GNUNET_CRYPTO_rsa_signature_free (sig);
GNUNET_CRYPTO_rsa_signature_free (sig.details.rsa_signature);
return GNUNET_SYSERR;
}
coin->sig.rsa_signature = sig;
coin->sig = sig;
coin->coin_priv = ps->coin_priv;
return GNUNET_OK;
}
@ -250,19 +266,16 @@ TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc,
hash_context */
for (unsigned int i = 0; i<num_new_coins; i++)
{
void *buf;
size_t buf_size;
struct TALER_DenominationHash denom_hash;
/* The denomination keys should / must all be identical regardless
of what offset we use, so we use [0]. */
GNUNET_assert (kappa > 0); /* sanity check */
buf_size = GNUNET_CRYPTO_rsa_public_key_encode (
rcs[0].new_coins[i].dk->rsa_public_key,
&buf);
TALER_denom_pub_hash (rcs[0].new_coins[i].dk,
&denom_hash);
GNUNET_CRYPTO_hash_context_read (hash_context,
buf,
buf_size);
GNUNET_free (buf);
&denom_hash,
sizeof (denom_hash));
}
/* next, add public key of coin and amount being refreshed */
@ -301,13 +314,13 @@ TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc,
enum GNUNET_GenericReturnValue
TALER_rsa_blind (const struct GNUNET_HashCode *hash,
TALER_rsa_blind (const struct TALER_CoinPubHash *hash,
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
struct GNUNET_CRYPTO_RsaPublicKey *pkey,
void **buf,
size_t *buf_size)
{
return GNUNET_CRYPTO_rsa_blind (hash,
return GNUNET_CRYPTO_rsa_blind (&hash->hash,
bks,
pkey,
buf,