[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r31006 - in gnunet/src: include secretsharing
From: |
gnunet |
Subject: |
[GNUnet-SVN] r31006 - in gnunet/src: include secretsharing |
Date: |
Tue, 3 Dec 2013 12:38:14 +0100 |
Author: dold
Date: 2013-12-03 12:38:14 +0100 (Tue, 03 Dec 2013)
New Revision: 31006
Added:
gnunet/src/secretsharing/secretsharing.h
gnunet/src/secretsharing/secretsharing_protocol.h
Modified:
gnunet/src/include/gnunet_secretsharing_service.h
gnunet/src/secretsharing/Makefile.am
gnunet/src/secretsharing/gnunet-service-secretsharing.c
Log:
- work on secretsharing
Modified: gnunet/src/include/gnunet_secretsharing_service.h
===================================================================
--- gnunet/src/include/gnunet_secretsharing_service.h 2013-12-03 10:21:14 UTC
(rev 31005)
+++ gnunet/src/include/gnunet_secretsharing_service.h 2013-12-03 11:38:14 UTC
(rev 31006)
@@ -43,6 +43,14 @@
/**
+ * Number of bits for secretsharing keys.
+ * Must be smaller than the Pallier key size used internally
+ * by the secretsharing service.
+ */
+#define GNUNET_SECRETSHARING_KEY_BITS 1024
+
+
+/**
* Session that will eventually establish a shared secred between
* the involved peers and allow encryption and cooperative decryption.
*/
@@ -50,6 +58,8 @@
/**
* Share of a secret shared with a group of peers.
+ * Contains both the share and information about the peers that have
+ * the other parts of the share.
*/
struct GNUNET_SECRETSHARING_Share;
@@ -65,10 +75,7 @@
*/
struct GNUNET_SECRETSHARING_PublicKey
{
- /**
- * Value of the private key.
- */
- gcry_mpi_t value;
+ uint32_t bits[GNUNET_SECRETSHARING_KEY_BITS / 8 / sizeof (uint32_t)];
};
@@ -77,14 +84,7 @@
*/
struct GNUNET_SECRETSHARING_Ciphertext
{
- /**
- * First component.
- */
- gcry_mpi_t c1;
- /**
- * Second component.
- */
- gcry_mpi_t c2;
+ uint32_t bits[2 * GNUNET_SECRETSHARING_KEY_BITS / 8 / sizeof (uint32_t)];
};
@@ -104,10 +104,12 @@
/**
* Called once the secret has been established with all peers, or the deadline
is due.
*
- * Note that the number of peers can be smaller that 'k' (this threshold
parameter), which
+ * Note that the number of peers can be smaller than 'k' (this threshold
parameter), which
* makes the threshold crypto system useless. However, in this case one can
still determine which peers
* were able to participate in the secret sharing successfully.
*
+ * If the secret sharing failed, num_ready_peers is 0 and my_share and
public_key is NULL.
+ *
* @param cls closure
* @param my_share the share of this peer
* @param public_key public key of the session
@@ -160,36 +162,6 @@
/**
- * Load a session from an existing share.
- *
- * @param cfg configuration to use for connecting to the secretsharing service
- * @param share share to load the session from
- */
-struct GNUNET_SECRETSHARING_Session *
-GNUNET_SECRETSHARING_load_session_DEPRECATED (const struct
GNUNET_CONFIGURATION_Handle *cfg,
- const struct GNUNET_SECRETSHARING_Share
*share);
-
-/**
- * Convert a secret share to a string.
- *
- * @param share share to serialize
- * @return the serialized secret share, to be freed by the caller
- */
-char *
-GNUNET_SECRETSHARING_share_to_BIN (const struct GNUNET_SECRETSHARING_Share
*share);
-
-
-/**
- * Convert a secret share to a string.
- *
- * @param str string to deserialize
- * @return the serialized secret share, to be freed by the caller
- */
-const struct GNUNET_SECRETSHARING_Share *
-GNUNET_SECRETSHARING_share_from_BIN (const char *str);
-
-
-/**
* Destroy a secret share.
*
* @param share secret share to destroy
@@ -214,15 +186,14 @@
* This is a helper function, encryption can be done soley with a session's
public key
* and the crypto system parameters.
*
- * @param session session to take the key for encryption from,
- * the session's ready callback must have been already called
+ * @param public_key public key to use for decryption
* @param message message to encrypt
* @param message_size number of bytes in @a message
* @param result_ciphertext pointer to store the resulting ciphertext
* @return #GNUNET_YES on succes, #GNUNET_SYSERR if the message is invalid
(invalid range)
*/
int
-GNUNET_SECRETSHARING_encrypt (const struct GNUNET_SECRETSHARING_PublicKey
*session,
+GNUNET_SECRETSHARING_encrypt (struct GNUNET_SECRETSHARING_PublicKey
*public_key,
const void *message,
size_t message_size,
struct GNUNET_SECRETSHARING_Ciphertext
*result_ciphertext);
@@ -235,14 +206,14 @@
* When the operation is canceled, the decrypt_cb is not called anymore, but
the calling
* peer may already have irrevocably contributed his share for the decryption
of the value.
*
- * @param session session to use for the decryption
+ * @param share our secret share to use for decryption
* @param ciphertext ciphertext to publish in order to decrypt it (if enough
peers agree)
* @param decrypt_cb callback called once the decryption succeeded
* @param decrypt_cb_cls closure for @a decrypt_cb
* @return handle to cancel the operation
*/
struct GNUNET_SECRETSHARING_DecryptionHandle *
-GNUNET_SECRETSHARING_decrypt (struct GNUNET_SECRETSHARING_Session *session,
+GNUNET_SECRETSHARING_decrypt (struct GNUNET_SECRETSHARING_Share *share,
struct GNUNET_SECRETSHARING_Ciphertext
*ciphertext,
GNUNET_SECRETSHARING_DecryptCallback decrypt_cb,
void *decrypt_cb_cls);
@@ -260,8 +231,45 @@
GNUNET_SECRETSHARING_decrypt_cancel (struct
GNUNET_SECRETSHARING_DecryptionHandle *decryption_handle);
+/**
+ * Read a share from its binary representation.
+ *
+ * @param data binary representation of the share
+ * @param len length of @a data
+ * @return the share, or NULL on error
+ */
+struct GNUNET_SECRETSHARING_Share *
+GNUNET_SECRETSHARING_share_read (void *data, size_t len);
+/**
+ * Convert a share to its binary representation. Use
+ * #GNUNET_SECRETSHARING_share_size to get the necessary size for the binary
+ * representation.
+ *
+ * @param share share to write
+ * @param buf buffer to write to
+ * @param buflen number of writable bytes in @a buffer
+ * @param[out] writelen pointer to store number of bytes written,
+ * ignored if NULL
+ * @return GNUNET_YES on success, GNUNET_NO on failure
+ */
+int
+GNUNET_SECRETSHARING_share_write (struct GNUNET_SECRETSHARING_Share *share,
+ void *buf, size_t buflen, size_t *writelen);
+
+
+/**
+ * Get the number of bytes necessary to represent the given share.
+ *
+ * @param share share
+ * @return number of bytes necessary to represent @a share
+ */
+size_t
+GNUNET_SECRETSHARING_share_size (struct GNUNET_SECRETSHARING_Share *share);
+
+
+
#if 0 /* keep Emacsens' auto-indent happy */
{
#endif
Modified: gnunet/src/secretsharing/Makefile.am
===================================================================
--- gnunet/src/secretsharing/Makefile.am 2013-12-03 10:21:14 UTC (rev
31005)
+++ gnunet/src/secretsharing/Makefile.am 2013-12-03 11:38:14 UTC (rev
31006)
@@ -25,9 +25,8 @@
gnunet-service-secretsharing.c
gnunet_service_secretsharing_LDADD = \
$(top_builddir)/src/util/libgnunetutil.la \
- $(top_builddir)/src/core/libgnunetcore.la \
- $(top_builddir)/src/mesh/libgnunetmesh.la \
- $(top_builddir)/src/set/libgnunetset.la \
+ $(top_builddir)/src/consensus/libgnunetconsensus.la \
+ $(LIBGCRYPT_LIBS) \
$(GN_LIBINTL)
gnunet_service_secretsharing_DEPENDENCIES = \
$(top_builddir)/src/set/libgnunetset.la
Modified: gnunet/src/secretsharing/gnunet-service-secretsharing.c
===================================================================
--- gnunet/src/secretsharing/gnunet-service-secretsharing.c 2013-12-03
10:21:14 UTC (rev 31005)
+++ gnunet/src/secretsharing/gnunet-service-secretsharing.c 2013-12-03
11:38:14 UTC (rev 31006)
@@ -25,9 +25,356 @@
*/
#include "platform.h"
#include "gnunet_util_lib.h"
+#include "gnunet_time_lib.h"
+#include "gnunet_consensus_service.h"
+#include "secretsharing.h"
+#include "secretsharing_protocol.h"
+#include <gcrypt.h>
+
/**
+ * Info about a peer in a key generation session.
+ */
+struct KeygenPeerInfo
+{
+ /**
+ * Peer identity of the peer.
+ */
+ struct GNUNET_PeerIdentity peer;
+
+ /**
+ * g-component of the peer's paillier public key.
+ */
+ gcry_mpi_t paillier_g;
+
+ /**
+ * mu-component of the peer's paillier public key.
+ */
+ gcry_mpi_t paillier_mu;
+
+ /**
+ * The peer's commitment to his presecret.
+ */
+ gcry_mpi_t presecret_commitment;
+
+ /**
+ * GNUNET_YES if the peer has been disqualified,
+ * GNUNET_NO otherwise.
+ */
+ int disqualified;
+};
+
+
+/**
+ * Session to establish a threshold-shared secret.
+ */
+struct KeygenSession
+{
+ /**
+ * Keygen sessions are held in a linked list.
+ */
+ struct KeygenSession *next;
+
+ /**
+ * Keygen sessions are held in a linked list.
+ */
+ struct KeygenSession *prev;
+
+ /**
+ * Current consensus, used for both DKG rounds.
+ */
+ struct GNUNET_CONSENSUS_Handle *consensus;
+
+ /**
+ * Client that is interested in the result
+ * of this key generation session.
+ */
+ struct GNUNET_SERVER_Client *client;
+
+ /**
+ * Randomly generated coefficients of the polynomial for sharing our
+ * pre-secret, where 'preshares[0]' is our pre-secret. Contains 'threshold'
+ * elements, thus represents a polynomial of degree 'threshold-1', which can
+ * be interpolated with 'threshold' data points.
+ *
+ * The pre-secret-shares 'i=1,...,num_peers' are given by evaluating this
+ * polyomial at 'i' for share i.
+ */
+ gcry_mpi_t *presecret_polynomial;
+
+ /**
+ * Minimum number of shares required to restore the secret.
+ */
+ unsigned int threshold;
+
+ /**
+ * Total number of peers.
+ */
+ unsigned int num_peers;
+
+ /**
+ * Index of the local peer.
+ */
+ unsigned int local_peer;
+
+ /**
+ * Information about all participating peers.
+ */
+ struct KeygenPeerInfo *info;
+
+ /**
+ * List of all peers involved in the secret sharing session.
+ */
+ struct GNUNET_PeerIdentity *peers;
+
+ /**
+ * Identifier for this session.
+ */
+ struct GNUNET_HashCode session_id;
+
+ /**
+ * g-component of our peer's paillier private key.
+ */
+ gcry_mpi_t paillier_g;
+
+ /**
+ * g-component of our peer's paillier private key.
+ */
+ gcry_mpi_t paillier_mu;
+
+ struct GNUNET_TIME_Absolute deadline;
+
+ /**
+ * Index of the local peer in the ordered list
+ * of peers in the session.
+ */
+ unsigned int local_peer_idx;
+};
+
+
+struct DecryptSession
+{
+ struct DecryptSession *next;
+ struct DecryptSession *prev;
+
+ struct GNUNET_CONSENSUS_Handle *consensus;
+
+ struct GNUNET_SERVER_Client *client;
+};
+
+/**
+ * Decrypt sessions are held in a linked list.
+ */
+static struct DecryptSession *decrypt_sessions_head;
+
+/**
+ * Decrypt sessions are held in a linked list.
+ */
+static struct DecryptSession *decrypt_sessions_tail;
+
+/**
+ * Decrypt sessions are held in a linked list.
+ */
+static struct KeygenSession *keygen_sessions_head;
+
+/**
+ * Decrypt sessions are held in a linked list.
+ */
+static struct KeygenSession *keygen_sessions_tail;
+
+/**
+ * The ElGamal prime field order as libgcrypt mpi.
+ * Will be initialized to 'ELGAMAL_Q_DATA'.
+ */
+static gcry_mpi_t elgamal_q;
+
+/**
+ * Modulus of the prime field used for ElGamal.
+ * Will be initialized to 'ELGAMAL_P_DATA'.
+ */
+static gcry_mpi_t elgamal_p;
+
+/**
+ * Generator for prime field of order 'elgamal_q'.
+ * Will be initialized to 'ELGAMAL_G_DATA'.
+ */
+static gcry_mpi_t elgamal_g;
+
+/**
+ * Peer that runs this service.
+ */
+static struct GNUNET_PeerIdentity my_peer;
+
+/**
+ * Configuration of this service.
+ */
+static const struct GNUNET_CONFIGURATION_Handle *cfg;
+
+/**
+ * Server for this service.
+ */
+static struct GNUNET_SERVER_Handle *srv;
+
+
+/**
+ * Although GNUNET_CRYPTO_hash_cmp exisits, it does not have
+ * the correct signature to be used with e.g. qsort.
+ * We use this function instead.
+ *
+ * @param h1 some hash code
+ * @param h2 some hash code
+ * @return 1 if h1 > h2, -1 if h1 < h2 and 0 if h1 == h2.
+ */
+static int
+hash_cmp (const void *h1, const void *h2)
+{
+ return GNUNET_CRYPTO_hash_cmp ((struct GNUNET_HashCode *) h1, (struct
GNUNET_HashCode *) h2);
+}
+
+
+/**
+ * Normalize the given list of peers, by including the local peer
+ * (if it is missing) and sorting the peers by their identity.
+ *
+ * @param listed peers in the unnormalized list
+ * @param num_listed peers in the un-normalized list
+ * @param num_normalized[out] number of peers in the normalized list
+ * @param my_peer_idx[out] index of the local peer in the normalized list
+ * @return normalized list, must be free'd by the caller
+ */
+static struct GNUNET_PeerIdentity *
+normalize_peers (struct GNUNET_PeerIdentity *listed,
+ unsigned int num_listed,
+ unsigned int *num_normalized,
+ unsigned int *my_peer_idx)
+{
+ unsigned int local_peer_in_list;
+ unsigned int n;
+ unsigned int i;
+ struct GNUNET_PeerIdentity *normalized;
+
+ local_peer_in_list = GNUNET_NO;
+ for (i = 0; i < num_listed; i++)
+ {
+ if (0 == memcmp (&listed[i], &my_peer, sizeof (struct
GNUNET_PeerIdentity)))
+ {
+ local_peer_in_list = GNUNET_YES;
+ break;
+ }
+ }
+
+ n = num_listed;
+ if (GNUNET_NO == local_peer_in_list)
+ n++;
+
+ normalized = GNUNET_malloc (n * sizeof (struct GNUNET_PeerIdentity));
+
+ if (GNUNET_NO == local_peer_in_list)
+ normalized[n - 1] = my_peer;
+
+ memcpy (normalized, listed, num_listed * sizeof (struct
GNUNET_PeerIdentity));
+ qsort (normalized, n, sizeof (struct GNUNET_PeerIdentity), &hash_cmp);
+
+ if (NULL != my_peer_idx)
+ {
+ for (i = 0; i < num_listed; i++)
+ {
+ if (0 == memcmp (&normalized[i], &my_peer, sizeof (struct
GNUNET_PeerIdentity)))
+ {
+ *my_peer_idx = i;
+ break;
+ }
+ }
+ }
+
+ *num_normalized = n;
+ return normalized;
+}
+
+
+/**
+ * Create a key pair for the paillier crypto system.
+ *
+ * Uses the simplified key generation of Jonathan Katz, Yehuda Lindell,
+ * "Introduction to Modern Cryptography: Principles and Protocols".
+ */
+static void
+paillier_create (unsigned int s, gcry_mpi_t n, gcry_mpi_t g, gcry_mpi_t
lambda, gcry_mpi_t mu)
+{
+ gcry_mpi_t p;
+ gcry_mpi_t q;
+ gcry_mpi_t phi;
+ gcry_mpi_t tmp;
+
+ GNUNET_assert (0 != (phi = gcry_mpi_new (PAILLIER_BITS)));
+ GNUNET_assert (0 != (tmp = gcry_mpi_new (PAILLIER_BITS)));
+
+ // generate rsa modulus
+ GNUNET_assert (0 == gcry_prime_generate (&p, s, 0, NULL, NULL, NULL,
+ GCRY_WEAK_RANDOM, 0));
+ GNUNET_assert (0 == gcry_prime_generate (&q, s, 0, NULL, NULL, NULL,
+ GCRY_WEAK_RANDOM, 0));
+ gcry_mpi_mul (n, p, q);
+ gcry_mpi_add_ui (g, n, 1);
+ // compute phi(n) = (p-1)(q-1)
+ gcry_mpi_sub_ui (phi, p, 1);
+ gcry_mpi_sub_ui (tmp, q, 1);
+ gcry_mpi_mul (phi, phi, tmp);
+ gcry_mpi_set (lambda, phi);
+ // compute mu
+ GNUNET_assert (0 != gcry_mpi_invm (mu, phi, n));
+
+ gcry_mpi_release (p);
+ gcry_mpi_release (q);
+ gcry_mpi_release (phi);
+ gcry_mpi_release (tmp);
+}
+
+
+static void
+paillier_encrypt (gcry_mpi_t c, gcry_mpi_t m, gcry_mpi_t g, gcry_mpi_t n)
+{
+ gcry_mpi_t n_square;
+ gcry_mpi_t r;
+
+ GNUNET_assert (0 != (n_square = gcry_mpi_new (0)));
+ GNUNET_assert (0 != (r = gcry_mpi_new (0)));
+
+ gcry_mpi_mul (n_square, n, n);
+
+ // generate r < n
+ do
+ {
+ gcry_mpi_randomize (r, PAILLIER_BITS, GCRY_WEAK_RANDOM);
+ }
+ while (gcry_mpi_cmp (r, n) > 0);
+
+ gcry_mpi_powm (c, g, m, n_square);
+ gcry_mpi_powm (r, r, n, n_square);
+ gcry_mpi_mulm (c, r, c, n_square);
+
+ gcry_mpi_release (n_square);
+ gcry_mpi_release (r);
+}
+
+
+static void
+paillier_decrypt (gcry_mpi_t m, gcry_mpi_t c, gcry_mpi_t mu, gcry_mpi_t
lambda, gcry_mpi_t n)
+{
+ gcry_mpi_t n_square;
+ GNUNET_assert (0 != (n_square = gcry_mpi_new (0)));
+ gcry_mpi_mul (n_square, n, n);
+ gcry_mpi_powm (m, c, lambda, n_square);
+ gcry_mpi_sub_ui (m, m, 1);
+ // m = m/n
+ gcry_mpi_div (m, NULL, m, n, 0);
+ gcry_mpi_mulm (m, m, mu, n);
+ gcry_mpi_release (n_square);
+}
+
+
+/**
* Task run during shutdown.
*
* @param cls unused
@@ -40,7 +387,231 @@
}
+static void
+generate_presecret_polynomial (struct KeygenSession *ks)
+{
+ int i;
+ GNUNET_assert (NULL == ks->presecret_polynomial);
+ ks->presecret_polynomial = GNUNET_malloc (ks->threshold * sizeof
(gcry_mpi_t));
+ for (i = 0; i < ks->threshold; i++)
+ {
+ ks->presecret_polynomial[i] = gcry_mpi_new (PAILLIER_BITS);
+ gcry_mpi_randomize (ks->presecret_polynomial[i], PAILLIER_BITS,
+ GCRY_WEAK_RANDOM);
+ }
+}
+
+
+static void
+keygen_round1_new_element (void *cls,
+ const struct GNUNET_SET_Element *element)
+{
+ const struct GNUNET_SECRETSHARING_KeygenCommitData *d;
+ struct KeygenSession *ks = cls;
+ unsigned int i;
+
+ if (element->size != sizeof (struct GNUNET_SECRETSHARING_KeygenCommitData))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "keygen commit data with wrong size
in consensus\n");
+ return;
+ }
+
+ d = element->data;
+
+ for (i = 0; i < ks->num_peers; i++)
+ {
+ if (0 == memcmp (&d->peer, &ks->info[i].peer, sizeof (struct
GNUNET_PeerIdentity)))
+ {
+ // TODO: check signature and store key data
+ return;
+ }
+ }
+
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "keygen commit data with wrong peer
identity in consensus\n");
+
+}
+
+
/**
+ * Evaluate the polynomial with coefficients @a coeff at @a x.
+ * The i-th element in @coeff corresponds to the coefficient of x^i.
+ *
+ * @param[out] z result of the evaluation
+ * @param coeff array of coefficients
+ * @param num_coeff number of coefficients
+ * @param x where to evaluate the polynomial
+ * @param m what group are we operating in?
+ */
+static void
+horner_eval (gcry_mpi_t z, gcry_mpi_t *coeff, unsigned int num_coeff,
gcry_mpi_t x, gcry_mpi_t m)
+{
+ unsigned int i;
+
+ gcry_mpi_set_ui (z, 0);
+ for (i = 0; i < num_coeff; i++)
+ {
+ // z <- zx + c
+ gcry_mpi_mul (z, z, x);
+ gcry_mpi_addm (z, z, coeff[num_coeff - i - 1], m);
+ }
+}
+
+
+static void
+keygen_round2_conclude (void *cls)
+{
+ // TODO: recombine shares and send to client
+ GNUNET_assert (0);
+}
+
+
+static void
+insert_round2_element (struct KeygenSession *ks)
+{
+ struct GNUNET_SET_Element *element;
+ unsigned int i;
+ uint16_t big_y_size;
+ gcry_mpi_t c;
+ gcry_mpi_t idx;
+ gcry_mpi_t preshare;
+
+ GNUNET_assert (0 != (c = gcry_mpi_new (PAILLIER_BITS)));
+ GNUNET_assert (0 != (preshare = gcry_mpi_new (PAILLIER_BITS)));
+ GNUNET_assert (0 != (idx = gcry_mpi_new (PAILLIER_BITS)));
+
+ big_y_size = PAILLIER_BITS / 8 * ks->num_peers;
+
+ element = GNUNET_malloc (sizeof (struct GNUNET_SET_Element) + big_y_size);
+
+ for (i = 0; i < ks->num_peers; i++)
+ {
+ gcry_mpi_set_ui (idx, i + 1);
+ horner_eval (preshare, ks->presecret_polynomial, ks->threshold, idx,
elgamal_p);
+ // concat 'A', 'y' and 'Y' to the vector
+ }
+
+ for (i = 0; i < ks->threshold; i++)
+ {
+ // concat 'a' to the vector
+ }
+
+ GNUNET_CONSENSUS_insert (ks->consensus, element, NULL, NULL);
+}
+
+
+
+static void
+keygen_round1_conclude (void *cls)
+{
+ struct KeygenSession *ks = cls;
+
+ // TODO: destroy old consensus
+
+ ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers,
&ks->session_id,
+ keygen_round1_new_element, ks);
+
+ insert_round2_element (ks);
+
+ GNUNET_CONSENSUS_conclude (ks->consensus, GNUNET_TIME_UNIT_FOREVER_REL /*
FIXME */, keygen_round2_conclude, ks);
+}
+
+
+static void
+insert_round1_element (struct KeygenSession *ks)
+{
+ struct GNUNET_SET_Element *element;
+ struct GNUNET_SECRETSHARING_KeygenCommitData *d;
+ gcry_mpi_t v;
+ unsigned char v_data[PAILLIER_BITS / 8];
+
+ element = GNUNET_malloc (sizeof *element + sizeof *d);
+ d = (void *) &element[1];
+ element->data = d;
+ element->size = sizeof *d;
+
+ GNUNET_assert (0 != (v = gcry_mpi_new (PAILLIER_BITS)));
+
+ gcry_mpi_powm (v, elgamal_g, ks->presecret_polynomial[0], elgamal_p);
+
+ GNUNET_assert (0 == gcry_mpi_print (GCRYMPI_FMT_USG,
+ v_data, PAILLIER_BITS / 8, NULL,
+ v));
+
+ GNUNET_CRYPTO_hash (v_data, PAILLIER_BITS / 8, &d->commitment);
+
+ GNUNET_assert (0 == gcry_mpi_print (GCRYMPI_FMT_USG,
+ (unsigned char *) d->pubkey.g,
PAILLIER_BITS / 8, NULL,
+ ks->paillier_g));
+
+ GNUNET_assert (0 == gcry_mpi_print (GCRYMPI_FMT_USG,
+ (unsigned char *) d->pubkey.mu,
PAILLIER_BITS / 8, NULL,
+ ks->paillier_mu));
+
+ // FIXME: sign stuff
+
+ d->peer = my_peer;
+
+ GNUNET_CONSENSUS_insert (ks->consensus, element, NULL, NULL);
+}
+
+
+/**
+ * Functions with this signature are called whenever a message is
+ * received.
+ *
+ * @param cls closure
+ * @param client identification of the client
+ * @param message the actual message
+ */
+static void handle_client_keygen (void *cls,
+ struct GNUNET_SERVER_Client *client,
+ const struct GNUNET_MessageHeader
+ *message)
+{
+ const struct GNUNET_SECRETSHARING_CreateMessage *msg =
+ (const struct GNUNET_SECRETSHARING_CreateMessage *) message;
+ struct KeygenSession *ks;
+
+ ks = GNUNET_new (struct KeygenSession);
+
+ GNUNET_CONTAINER_DLL_insert (keygen_sessions_head, keygen_sessions_tail, ks);
+
+ ks->deadline = GNUNET_TIME_absolute_ntoh (msg->deadline);
+ ks->threshold = ntohs (msg->threshold);
+ ks->num_peers = ntohs (msg->num_peers);
+
+ ks->peers = normalize_peers ((struct GNUNET_PeerIdentity *) &msg[1],
ks->num_peers,
+ &ks->num_peers, &ks->local_peer_idx);
+
+ ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers,
&msg->session_id,
+ keygen_round1_new_element, ks);
+
+ generate_presecret_polynomial (ks);
+
+ insert_round1_element (ks);
+
+ GNUNET_CONSENSUS_conclude (ks->consensus, GNUNET_TIME_UNIT_FOREVER_REL /*
FIXME */, keygen_round1_conclude, ks);
+}
+
+
+/**
+ * Functions with this signature are called whenever a message is
+ * received.
+ *
+ * @param cls closure
+ * @param client identification of the client
+ * @param message the actual message
+ */
+static void handle_client_decrypt (void *cls,
+ struct GNUNET_SERVER_Client *client,
+ const struct GNUNET_MessageHeader
+ *message)
+{
+ GNUNET_assert (0);
+}
+
+
+/**
* Process template requests.
*
* @param cls closure
@@ -49,13 +620,22 @@
*/
static void
run (void *cls, struct GNUNET_SERVER_Handle *server,
- const struct GNUNET_CONFIGURATION_Handle *cfg)
+ const struct GNUNET_CONFIGURATION_Handle *c)
{
static const struct GNUNET_SERVER_MessageHandler handlers[] = {
- /* FIXME: add handlers here! */
+ {handle_client_keygen, NULL,
GNUNET_MESSAGE_TYPE_SECRETSHARING_CLIENT_GENERATE, 0},
+ {handle_client_decrypt, NULL,
GNUNET_MESSAGE_TYPE_SECRETSHARING_CLIENT_DECRYPT, 0},
{NULL, NULL, 0, 0}
};
- /* FIXME: do setup here */
+ cfg = c;
+ srv = server;
+ if (GNUNET_OK != GNUNET_CRYPTO_get_peer_identity (cfg, &my_peer))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "could not retrieve host identity\n");
+ GNUNET_break (0);
+ GNUNET_SCHEDULER_shutdown ();
+ return;
+ }
GNUNET_SERVER_add_handlers (server, handlers);
GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &cleanup_task,
NULL);
@@ -73,8 +653,7 @@
main (int argc, char *const *argv)
{
return (GNUNET_OK ==
- GNUNET_SERVICE_run (argc, argv, "template",
+ GNUNET_SERVICE_run (argc, argv, "secretsharing",
GNUNET_SERVICE_OPTION_NONE, &run, NULL)) ? 0 : 1;
}
-/* end of gnunet-service-template.c */
Added: gnunet/src/secretsharing/secretsharing.h
===================================================================
--- gnunet/src/secretsharing/secretsharing.h (rev 0)
+++ gnunet/src/secretsharing/secretsharing.h 2013-12-03 11:38:14 UTC (rev
31006)
@@ -0,0 +1,132 @@
+/*
+ This file is part of GNUnet.
+ (C) 2013 Christian Grothoff (and other contributing authors)
+
+ GNUnet is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 3, or (at your
+ option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNUnet; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+*/
+
+/**
+ * @author Florian Dold
+ * @file secretsharing/secretsharing.h
+ * @brief messages used for the secretsharing api
+ */
+#ifndef SECRETSHARING_H
+#define SECRETSHARING_H
+
+#include "platform.h"
+#include "gnunet_common.h"
+#include "gnunet_time_lib.h"
+#include "gnunet_secretsharing_service.h"
+
+
+GNUNET_NETWORK_STRUCT_BEGIN
+
+
+struct GNUNET_SECRETSHARING_CreateMessage
+{
+ /**
+ * Type: GNUNET_MESSAGE_TYPE_SECRETSHARING_CLIENT_GENERATE
+ */
+ struct GNUNET_MessageHeader header;
+
+ /**
+ * Session ID, will be used for consensus.
+ */
+ struct GNUNET_HashCode session_id GNUNET_PACKED;
+
+ /**
+ * Deadline for the establishment of the crypto system.
+ */
+ struct GNUNET_TIME_AbsoluteNBO deadline;
+
+ /**
+ * Mininum number of cooperating peers to decrypt a
+ * value.
+ */
+ uint16_t threshold GNUNET_PACKED;
+
+ /**
+ * Number of peers at the end of this message.
+ */
+ uint16_t num_peers GNUNET_PACKED;
+
+ /* struct GNUNET_PeerIdentity[num_peers]; */
+};
+
+
+struct GNUNET_SECRETSHARING_SecretEstablishedMessage
+{
+ /**
+ * Type: GNUNET_MESSAGE_TYPE_SECRETSHARING_CLIENT_ESTABLISHED
+ */
+ struct GNUNET_MessageHeader header;
+
+ /**
+ * Secret share in network byte order.
+ */
+ unsigned char secret[GNUNET_SECRETSHARING_KEY_BITS / 8];
+
+ /**
+ * Number of peers at the end of this message.
+ * Includes peers that are part of the established
+ * threshold crypto system.
+ */
+ uint16_t num_secret_peers GNUNET_PACKED;
+
+ /* struct GNUNET_PeerIdentity[num_peers]; */
+};
+
+
+struct GNUNET_SECRETSHARING_DecryptMessage
+{
+ /**
+ * Type: GNUNET_MESSAGE_TYPE_SECRETSHARING_CLIENT_DECRYPT
+ */
+ struct GNUNET_MessageHeader header;
+
+ /**
+ * Ciphertext to request decryption for.
+ */
+ unsigned char ciphertext[GNUNET_SECRETSHARING_KEY_BITS / 8];
+
+ /**
+ * Number of peers at the end of this message.
+ * Includes peers that are part of the established
+ * threshold crypto system.
+ */
+ uint16_t num_secret_peers GNUNET_PACKED;
+
+ /* struct GNUNET_PeerIdentity[num_peers]; */
+};
+
+
+struct GNUNET_SECRETSHARING_DecryptDoneMessage
+{
+ /**
+ * Type: GNUNET_MESSAGE_TYPE_SECRETSHARING_CLIENT_DECRYPT_DONE
+ */
+ struct GNUNET_MessageHeader header;
+
+ /**
+ * Ciphertext to request decryption for.
+ */
+ unsigned char plaintext[GNUNET_SECRETSHARING_KEY_BITS / 8];
+};
+
+
+GNUNET_NETWORK_STRUCT_END
+
+#endif
Added: gnunet/src/secretsharing/secretsharing_protocol.h
===================================================================
--- gnunet/src/secretsharing/secretsharing_protocol.h
(rev 0)
+++ gnunet/src/secretsharing/secretsharing_protocol.h 2013-12-03 11:38:14 UTC
(rev 31006)
@@ -0,0 +1,99 @@
+/*
+ This file is part of GNUnet
+ (C) 2012 Christian Grothoff (and other contributing authors)
+
+ GNUnet is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 3, or (at your
+ option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNUnet; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+*/
+
+
+/**
+ * @file secretsharing/secretsharing_protocol.h
+ * @brief p2p message definitions for secretsharing
+ * @author Florian Dold
+ */
+
+#ifndef GNUNET_SECRETSHARING_PROTOCOL_H
+#define GNUNET_SECRETSHARING_PROTOCOL_H
+
+#include "platform.h"
+#include "gnunet_common.h"
+#include "gnunet_protocols.h"
+
+/**
+ * Bit length used for the Paillier crypto system.
+ */
+#define PAILLIER_BITS 2048
+
+/**
+ * Big endian representation of the prime field order used
+ * for ElGamal.
+ */
+#define ELGAMAL_Q_DATA {0x00 /* FIXME */};
+
+
+GNUNET_NETWORK_STRUCT_BEGIN
+
+
+/**
+ * Public key for the Paillier crypto system.
+ */
+struct PaillierPublicKey
+{
+ /**
+ * Network order representation of the
+ * g-component.
+ */
+ uint32_t g[PAILLIER_BITS / 8 / sizeof (uint32_t)];
+
+ /**
+ * Network order representation of the
+ * g-component.
+ */
+ uint32_t mu[PAILLIER_BITS / 8 / sizeof (uint32_t)];
+};
+
+
+/**
+ * Consensus element data used in the first round of key generation.
+ */
+struct GNUNET_SECRETSHARING_KeygenCommitData
+{
+ /**
+ * Signature purpose for signing the keygen commit data.
+ */
+ struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+ /**
+ * Peer that inserts this element.
+ */
+ struct GNUNET_PeerIdentity peer;
+ /**
+ * Ephemeral paillier public key used by 'peer' for
+ * this session.
+ */
+ struct PaillierPublicKey pubkey GNUNET_PACKED;
+ /**
+ * Commitment of 'peer' to his presecret.
+ */
+ struct GNUNET_HashCode commitment GNUNET_PACKED;
+ /**
+ * Signature over the previous values.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature signature;
+};
+
+GNUNET_NETWORK_STRUCT_END
+
+#endif
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r31006 - in gnunet/src: include secretsharing,
gnunet <=