[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: clean up recovery logic more, c
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: clean up recovery logic more, clean up crypto API |
Date: |
Sun, 07 Feb 2021 12:33:48 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 88b61b0 clean up recovery logic more, clean up crypto API
88b61b0 is described below
commit 88b61b004d58b52942a8fcbb05569fa0baf510ab
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sun Feb 7 12:33:43 2021 +0100
clean up recovery logic more, clean up crypto API
---
src/include/anastasis_crypto_lib.h | 49 +++++-----
src/include/anastasis_service.h | 2 +
src/lib/anastasis_backup.c | 5 +-
src/lib/anastasis_recovery.c | 184 +++++++++++++++++--------------------
src/util/anastasis_crypto.c | 110 +++++++---------------
src/util/test_anastasis_crypto.c | 38 +++-----
6 files changed, 162 insertions(+), 226 deletions(-)
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index 072dc83..f338f88 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -1,6 +1,6 @@
/*
This file is part of Anastasis
- Copyright (C) 2020 Taler Systems SA
+ Copyright (C) 2020, 2021 Taler Systems SA
Anastasis is free software; you can redistribute it and/or modify it under
the
terms of the GNU Lesser General Public License as published by the Free
Software
@@ -201,7 +201,7 @@ ANASTASIS_hash_answer (uint64_t code,
* for the public and private key for signing the data.
* @param id_data JSON encoded data, which contains the raw user secret
* @param server_salt salt from the server (escrow provider)
- * @param id[out] reference to the id which was created
+ * @param[out] id reference to the id which was created
*/
void
ANASTASIS_CRYPTO_user_identifier_derive (
@@ -209,6 +209,7 @@ ANASTASIS_CRYPTO_user_identifier_derive (
const struct ANASTASIS_CRYPTO_PowSalt *server_salt,
struct ANASTASIS_CRYPTO_UserIdentifierP *id);
+
/**
* Generates the eddsa public Key and private key which are the identfier of
the truth object.
* The private key is used to sign the upload.
@@ -220,37 +221,43 @@ ANASTASIS_CRYPTO_truth_public_key_derive (
const struct ANASTASIS_CRYPTO_NonceP *nonce,
struct ANASTASIS_CRYPTO_TruthPublicKeyP *pub_key);
+
/**
* Generates the eddsa public Key used as the account identifier on the
providers
+ *
* @param id holds a hashed user secret which is used as entropy source for
the public key generation
- * @param pub_key[out] handle for the generated public key
+ * @param[out] pub_key handle for the generated public key
*/
void
ANASTASIS_CRYPTO_account_public_key_derive (
const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
struct ANASTASIS_CRYPTO_AccountPublicKeyP *pub_key);
+
/**
* //FIXME combine these two
* Generates the eddsa public Key used as the account identifier on the
providers
+ *
* @param id holds a hashed user secret which is used as entropy source for
the public key generation
- * @param priv_key[out] handle for the generated private key
+ * @param[out] priv_key handle for the generated private key
*/
void
ANASTASIS_CRYPTO_account_private_key_derive (
const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
struct ANASTASIS_CRYPTO_AccountPrivateKeyP *priv_key);
+
/**
- * Encrypt and signs the recovery document with AES256, the recovery document
is
- * encrypted with a derivation from the user identifier and the salt "erd".
+ * Encrypt and signs the recovery document with AES256, the recovery
+ * document is encrypted with a derivation from the user identifier
+ * and the salt "erd".
*
* @param id Hashed User input, used for the generation of the encryption key
* @param rec_doc contains the recovery document as raw data
* @param rd_size defines the size of the recovery document inside data
- * @param enc_rec_doc[out] return from the result, which contains the
encrypted recovery document
+ * @param[out] enc_rec_doc return from the result, which contains the
encrypted recovery document
* and the nonce and iv used for the encryption as Additional Data
- * @param erd_size[out] size of the result
+ * @param[out] erd_size size of the result
*/
void
ANASTASIS_CRYPTO_recovery_document_encrypt (
@@ -269,9 +276,9 @@ ANASTASIS_CRYPTO_recovery_document_encrypt (
* @param id Hashed User input, used for the generation of the encryption key
* @param enc_rec_doc, contains the encrypted recovery document and the nonce
and iv used for the encryption.
* @param erd_size size of the data
- * @param rec_doc[out] return from the result, which contains the encrypted
recovery document
+ * @param[out] rec_doc return from the result, which contains the encrypted
recovery document
* and the nonce and iv used for the encryption as Additional Data
- * @param rd_size[out] size of the result
+ * @param[out] rd_size size of the result
*/
void
ANASTASIS_CRYPTO_recovery_document_decrypt (
@@ -287,13 +294,13 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
*
* @param key_share the key share which is afterwards encrypted
* @param id the user identification which is the entropy source for the key
generation
- * @param enc_key_share[out] holds the encrypted share, the first 48 Bytes are
the used nonce and tag
+ * @param[out] enc_key_share holds the encrypted share, the first 48 Bytes are
the used nonce and tag
*/
void
ANASTASIS_CRYPTO_keyshare_encrypt (
const struct ANASTASIS_CRYPTO_KeyShareP *key_share,
const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
- struct ANASTASIS_CRYPTO_EncryptedKeyShareP **enc_key_share);
+ struct ANASTASIS_CRYPTO_EncryptedKeyShareP *enc_key_share);
/**
@@ -301,13 +308,13 @@ ANASTASIS_CRYPTO_keyshare_encrypt (
*
* @param enc_key_share holds the encrypted share, the first 48 Bytes are the
used nonce and tag
* @param id the user identification which is the entropy source for the key
generation
- * @param key_share[out] the result of decryption
+ * @param[out] key_share the result of decryption
*/
void
ANASTASIS_CRYPTO_keyshare_decrypt (
const struct ANASTASIS_CRYPTO_EncryptedKeyShareP *enc_key_share,
const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
- struct ANASTASIS_CRYPTO_KeyShareP **key_share);
+ struct ANASTASIS_CRYPTO_KeyShareP *key_share);
/**
@@ -318,9 +325,9 @@ ANASTASIS_CRYPTO_keyshare_decrypt (
* @param truth_enc_key master key used for encryption of the truth (see
interface EscrowMethod)
* @param truth truth which will be encrypted
* @param truth_size size of the truth
- * @param enc_truth[out] return from the result, which contains the encrypted
truth
+ * @param[out] enc_truth return from the result, which contains the encrypted
truth
* and the nonce and iv used for the encryption as Additional Data
- * @param ect_size[out] size of the result
+ * @param[out] ect_size size of the result
*/
void
ANASTASIS_CRYPTO_truth_encrypt (
@@ -369,7 +376,7 @@ ANASTASIS_CRYPTO_keyshare_create (
* @param key_shares list of key shares which are combined
* @param keyshare_length amount of key shares inside the array
* @param salt salt value
- * @param policy_key[out] reference to the created key
+ * @param[out] policy_key reference to the created key
*/
void
ANASTASIS_CRYPTO_policy_key_derive (
@@ -389,8 +396,8 @@ ANASTASIS_CRYPTO_policy_key_derive (
* @param policy_keys_length defines the amount of policy keys and also the
amount of encrypted master keys
* @param core_secret the user provided core secret which is secured by
anastasis
* @param core_secret_size the size of the core secret
- * @param enc_core_secret[out] the core secret is encrypted with the generated
master key
- * @param encrypted_master_keys[out] array of encrypted master keys which will
be safed inside the policies one encrypted
+ * @param[out] enc_core_secret the core secret is encrypted with the generated
master key
+ * @param[out] encrypted_master_keys array of encrypted master keys which will
be safed inside the policies one encrypted
* master key is created for each policy key
*/
void
@@ -411,8 +418,8 @@ ANASTASIS_CRYPTO_core_secret_encrypt (
* @param policy_key built policy key which will decrypt the master key
* @param encrypted_core_secret the encrypted core secret from the user, will
be encrypted with the policy key
* @param encrypted_core_secret_size size of the encrypted core secret
- * @param core_secret[out] decrypted core secret will be returned
- * @param core_secret_size[out] size of core secret
+ * @param[out] core_secret decrypted core secret will be returned
+ * @param[out] core_secret_size size of core secret
*/
void
ANASTASIS_CRYPTO_core_secret_recover (
diff --git a/src/include/anastasis_service.h b/src/include/anastasis_service.h
index ff3e077..0406b4f 100644
--- a/src/include/anastasis_service.h
+++ b/src/include/anastasis_service.h
@@ -162,6 +162,7 @@ struct ANASTASIS_DownloadDetails
size_t policy_size;
};
+
/**
* Detailed results from the successful download.
*/
@@ -178,6 +179,7 @@ struct ANASTASIS_KeyShareDownloadDetails
size_t encrypted_keyshare_size;
};
+
/**
* Result of an upload.
*/
diff --git a/src/lib/anastasis_backup.c b/src/lib/anastasis_backup.c
index b4b5aad..aa58bf2 100644
--- a/src/lib/anastasis_backup.c
+++ b/src/lib/anastasis_backup.c
@@ -170,7 +170,7 @@ ANASTASIS_truth_upload (struct GNUNET_CURL_Context *ctx,
{
struct ANASTASIS_TruthUpload *tu;
struct ANASTASIS_Truth *t;
- struct ANASTASIS_CRYPTO_EncryptedKeyShareP *encrypted_key_share;
+ struct ANASTASIS_CRYPTO_EncryptedKeyShareP encrypted_key_share;
struct ANASTASIS_CRYPTO_TruthPublicKeyP pub_key;
void *encrypted_truth;
size_t encrypted_truth_size;
@@ -214,7 +214,7 @@ ANASTASIS_truth_upload (struct GNUNET_CURL_Context *ctx,
" s:o," /* nonce */
" s:s}", /* truth_mime */
"keyshare_data",
- GNUNET_JSON_from_data_auto (encrypted_key_share),
+ GNUNET_JSON_from_data_auto (&encrypted_key_share),
"method",
method,
"encrypted_truth",
@@ -222,7 +222,6 @@ ANASTASIS_truth_upload (struct GNUNET_CURL_Context *ctx,
encrypted_truth_size),
"truth_mime",
mime_type);
- GNUNET_free (encrypted_key_share);
GNUNET_free (encrypted_truth);
if (NULL == truth)
{
diff --git a/src/lib/anastasis_recovery.c b/src/lib/anastasis_recovery.c
index 2f72c51..dee00ec 100644
--- a/src/lib/anastasis_recovery.c
+++ b/src/lib/anastasis_recovery.c
@@ -1,6 +1,6 @@
/*
This file is part of Anastasis
- Copyright (C) 2020 Taler Systems SA
+ Copyright (C) 2020, 2021 Taler Systems SA
Anastasis is free software; you can redistribute it and/or modify it under
the
terms of the GNU Lesser General Public License as published by the Free
Software
@@ -37,16 +37,6 @@ struct ANASTASIS_Recovery
*/
struct ANASTASIS_CRYPTO_UserIdentifierP id;
- /**
- * Public key for a request
- */
- struct ANASTASIS_CRYPTO_AccountPublicKeyP pub_key;
-
- /**
- * Length of available decryption policies //FIXME: Copy paste?
- */
- struct ANASTASIS_CRYPTO_PowSalt policy_salt;
-
/**
* Recovery information which is sent to the user
*/
@@ -55,7 +45,7 @@ struct ANASTASIS_Recovery
/**
* Identity data to user id from.
*/
- const json_t *id_data;
+ json_t *id_data;
/**
* Callback to send back a recovery document with the policies and the
version
@@ -89,35 +79,22 @@ struct ANASTASIS_Recovery
struct ANASTASIS_PolicyLookupOperation *plo;
/**
- * Length of available decryption policies //FIXME: Copy paste?
+ * Array of challenges that have been solved.
+ * Valid entries up to @e solved_challenge_pos.
+ * Length matches the total number of challenges in @e ri.
*/
struct ANASTASIS_Challenge *solved_challenges;
/**
- * retrieved encrypted core secret from policy
+ * Retrieved encrypted core secret from policy
*/
void *enc_core_secret;
/**
- * size of the core secret
+ * Size of the @e enc_core_secret
*/
size_t enc_core_secret_size;
- /**
- * size of the ecrypted recovery document
- */
- size_t enc_rec_doc_size;
-
- /**
- * expected http status
- */
- unsigned int http_status;
-
- /**
- * expected http status
- */
- unsigned int response_code;
-
/**
* Current offset in the @e solved_challenges array.
*/
@@ -154,17 +131,8 @@ struct ANASTASIS_Challenge
struct ANASTASIS_CRYPTO_PowSalt truth_salt;
/**
- * Callback which gives back the instructions and a status code of the
request to the user
- */
- ANASTASIS_ChallengeCallback cc;
-
- /**
- * Closure for the challenge callback
- */
- void *cc_cls;
-
- /**
- * Callback which gives back the instructions and a status code of the
request to the user
+ * Callback which gives back the instructions and a status code of
+ * the request to the user when answering a challenge was initiated.
*/
ANASTASIS_AnswerFeedback af;
@@ -184,9 +152,10 @@ struct ANASTASIS_Challenge
struct ANASTASIS_KeyShareLookupOperation *kslo;
/**
- * Encrypted key share
+ * Decrypted key share for this challenge. Set once the
+ * challenge was @e ri.solved.
*/
- struct ANASTASIS_CRYPTO_KeyShareP *key_share;
+ struct ANASTASIS_CRYPTO_KeyShareP key_share;
/**
* The /truth GET operation handle.
@@ -194,7 +163,8 @@ struct ANASTASIS_Challenge
struct ANASTASIS_ChallengeRunOperation *cro;
/**
- * Sends back the status and the instructions of the challenge start
+ * Callback which gives back the instructions and a status code of
+ * the request to the user when solving a challenge is initiated.
*/
ANASTASIS_ChallengeStartCallback csc;
@@ -219,91 +189,99 @@ keyshare_lookup_cb (void *cls,
const struct ANASTASIS_KeyShareDownloadDetails *dd)
{
struct ANASTASIS_Challenge *c = cls;
+ struct ANASTASIS_Recovery *recovery = c->recovery;
struct ANASTASIS_CRYPTO_UserIdentifierP id;
+ struct ANASTASIS_DecryptionPolicy *rdps;
c->kslo = NULL;
- ANASTASIS_CRYPTO_user_identifier_derive (c->recovery->id_data,
+ switch (http_status)
+ {
+ case MHD_HTTP_OK:
+ c->ci.solved = true;
+ c->af (c->af_cls,
+ http_status,
+ TALER_EC_NONE);
+ break;
+ default:
+ c->af (c->af_cls,
+ http_status,
+ -1 /* FIXME: use proper status! */);
+ return;
+ }
+
+ GNUNET_assert (NULL != dd);
+ ANASTASIS_CRYPTO_user_identifier_derive (recovery->id_data,
&c->truth_salt,
&id);
ANASTASIS_CRYPTO_keyshare_decrypt (dd->encrypted_key_share,
&id,
&c->key_share);
c->recovery->solved_challenges[c->recovery->solved_challenge_pos++] = *c;
- c->ci.solved = true;
- c->af (c->af_cls,
- http_status,
- TALER_EC_NONE);
-
- bool missing = true;
- unsigned int success = UINT_MAX;
- for (unsigned int i = 0; i < c->recovery->ri.dps_len; i++)
+
+ /* Check if there is a policy for which all challenges have
+ been satisifed, if so, store it in 'rdps'. */
+ rdps = NULL;
+ for (unsigned int i = 0; i < recovery->ri.dps_len; i++)
{
- for (unsigned int j = 0; j < c->recovery->ri.dps[i].nonces_length; j++)
+ struct ANASTASIS_DecryptionPolicy *dps = &recovery->ri.dps[i];
+ bool missing = false;
+
+ for (unsigned int j = 0; j < dps->nonces_length; j++)
{
- missing = true;
- for (unsigned int k = 0; k < c->recovery->solved_challenge_pos; k++)
+ bool found = false;
+
+ for (unsigned int k = 0; k < recovery->solved_challenge_pos; k++)
{
- if (0 == memcmp (&c->recovery->ri.dps[i].nonces[j],
- &c->recovery->solved_challenges[k].ci.nonce,
- sizeof(struct ANASTASIS_CRYPTO_NonceP)))
+ if (0 ==
+ GNUNET_memcmp (&dps->nonces[j],
+ &recovery->solved_challenges[k].ci.nonce))
{
- missing = false;
+ found = true;
break;
}
}
- if (missing == true)
+ if (! found)
{
+ missing = true;
break;
}
}
- if (missing == false)
+ if (! missing)
{
- success = i;
+ rdps = dps;
break;
}
}
+ if (NULL == rdps)
+ return;
- if (success != UINT_MAX)
{
void *core_secret;
size_t core_secret_size;
- struct ANASTASIS_CRYPTO_KeyShareP
- key_shares[c->recovery->ri.dps[success].nonces_length];
+ struct ANASTASIS_CRYPTO_KeyShareP key_shares[rdps->nonces_length];
struct ANASTASIS_CRYPTO_PolicyKeyP policy_key;
- for (unsigned int l = 0; l < c->recovery->ri.dps[success].nonces_length;
- l++)
- {
- for (unsigned int m = 0; m < c->recovery->solved_challenge_pos; m++)
- {
- if (0 == memcmp (&c->recovery->ri.dps[success].nonces[l],
- &c->recovery->solved_challenges[m].ci.nonce,
- sizeof(struct ANASTASIS_CRYPTO_NonceP)))
- {
- key_shares[l] = *c->recovery->solved_challenges[m].key_share;
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d keyshare added %s-%llu b at position %x\n",
- __FILE__, __LINE__,
- TALER_B2S (&key_shares[l]),
- (unsigned long long) sizeof (c->key_share),
- l);
- }
- }
- }
+
+ for (unsigned int l = 0; l < rdps->nonces_length; l++)
+ for (unsigned int m = 0; m < recovery->solved_challenge_pos; m++)
+ if (0 ==
+ GNUNET_memcmp (&rdps->nonces[l],
+ &recovery->solved_challenges[m].ci.nonce))
+ key_shares[l] = recovery->solved_challenges[m].key_share;
ANASTASIS_CRYPTO_policy_key_derive (key_shares,
- c->recovery->ri.dps[success].
- nonces_length,
- &c->recovery->ri.dps[success].salt,
+ rdps->nonces_length,
+ &rdps->salt,
&policy_key);
- ANASTASIS_CRYPTO_core_secret_recover (&c->recovery->ri.dps[success].emk,
+ ANASTASIS_CRYPTO_core_secret_recover (&rdps->emk,
policy_key,
- c->recovery->enc_core_secret,
- c->recovery->enc_core_secret_size,
+ recovery->enc_core_secret,
+ recovery->enc_core_secret_size,
&core_secret,
&core_secret_size);
- c->recovery->csc (c->recovery->csc_cls,
- ANASTASIS_RS_SUCCESS,
- core_secret,
- core_secret_size);
+ recovery->csc (recovery->csc_cls,
+ ANASTASIS_RS_SUCCESS,
+ core_secret,
+ core_secret_size);
+ ANASTASIS_recovery_abort (recovery);
}
}
@@ -331,6 +309,11 @@ ANASTASIS_challenge_answer (
{
struct GNUNET_HashCode hashed_answer;
+ if (c->ci.solved)
+ {
+ GNUNET_break (0);
+ return GNUNET_NO; /* already solved */
+ }
c->af = af;
c->af_cls = af_cls;
GNUNET_CRYPTO_hash (answer_str,
@@ -481,7 +464,6 @@ policy_lookup_cb (void *cls,
json_t *dec_policies;
json_t *esc_methods;
- r->response_code = http_status;
r->plo = NULL;
if (MHD_HTTP_OK != http_status)
{
@@ -753,6 +735,7 @@ ANASTASIS_recovery_begin (struct GNUNET_CURL_Context *ctx,
void *csc_cls)
{
struct ANASTASIS_Recovery *r;
+ struct ANASTASIS_CRYPTO_AccountPublicKeyP pub_key;
r = GNUNET_new (struct ANASTASIS_Recovery);
r->csc = csc;
@@ -760,17 +743,17 @@ ANASTASIS_recovery_begin (struct GNUNET_CURL_Context *ctx,
r->pc = pc;
r->pc_cls = pc_cls;
r->ctx = ctx;
- r->id_data = id_data;
+ r->id_data = json_incref ((json_t *) id_data);
ANASTASIS_CRYPTO_user_identifier_derive (id_data,
salt,
&r->id);
ANASTASIS_CRYPTO_account_public_key_derive (&r->id,
- &r->pub_key);
+ &pub_key);
if (0 != version)
{
r->plo = ANASTASIS_policy_lookup_version (r->ctx,
anastasis_provider_url,
- &r->pub_key,
+ &pub_key,
&policy_lookup_cb,
r,
version);
@@ -779,7 +762,7 @@ ANASTASIS_recovery_begin (struct GNUNET_CURL_Context *ctx,
{
r->plo = ANASTASIS_policy_lookup (r->ctx,
anastasis_provider_url,
- &r->pub_key,
+ &pub_key,
&policy_lookup_cb,
r);
}
@@ -813,5 +796,6 @@ ANASTASIS_recovery_abort (struct ANASTASIS_Recovery *r)
GNUNET_free (cs);
}
GNUNET_free (r->ri.cs);
+ json_decref (r->id_data);
GNUNET_free (r);
}
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index a9fe777..194ff0a 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -127,15 +127,6 @@ anastasis_encrypt (const void *key,
struct ANASTASIS_CRYPTO_AesTagP *tag;
char *ciphertext;
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d KEY_E is %s-%llu b\n", __FILE__, __LINE__,
- TALER_b2s (key, key_len),
- (unsigned long long) key_len);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d PLAINTEXT_E is %s-%llu b\n", __FILE__, __LINE__,
- TALER_b2s (data, data_size),
- (unsigned long long) data_size);
-
*res_size = data_size
+ sizeof (struct ANASTASIS_CRYPTO_NonceP)
+ sizeof (struct ANASTASIS_CRYPTO_AesTagP);
@@ -164,10 +155,6 @@ anastasis_encrypt (const void *key,
salt,
&sym_key,
&iv);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d NONCE_E is %s-%llu b\n", __FILE__, __LINE__,
- TALER_B2S (nonce),
- (unsigned long long) sizeof (*nonce));
GNUNET_assert (0 ==
gcry_cipher_open (&cipher,
GCRY_CIPHER_AES256,
@@ -188,23 +175,10 @@ anastasis_encrypt (const void *key,
data_size,
data,
data_size));
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d CIPHERTEXT_E is %s-%llu b\n", __FILE__, __LINE__,
- TALER_b2s (ciphertext, data_size),
- (unsigned long long) data_size);
GNUNET_assert (0 ==
gcry_cipher_gettag (cipher,
tag,
sizeof (struct
ANASTASIS_CRYPTO_AesTagP)));
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d TAG_E is %s-%llu b\n", __FILE__, __LINE__,
- TALER_B2S (tag),
- (unsigned long long) sizeof (*tag));
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d RES_E is %s-%llu b\n", __FILE__, __LINE__,
- TALER_b2s (*res, *res_size),
- (unsigned long long) *res_size);
-
gcry_cipher_close (cipher);
}
@@ -237,15 +211,6 @@ anastasis_decrypt (const void *key,
const struct ANASTASIS_CRYPTO_AesTagP *tag;
const char *ciphertext;
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d KEY_D is %s-%llu b\n", __FILE__, __LINE__,
- TALER_b2s (key, key_len),
- (unsigned long long) key_len);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d INPUT_D is %s-%llu b\n", __FILE__, __LINE__,
- TALER_b2s (data, data_size),
- (unsigned long long) data_size);
-
*res_size = data_size
- sizeof (struct ANASTASIS_CRYPTO_NonceP)
- sizeof (struct ANASTASIS_CRYPTO_AesTagP);
@@ -265,33 +230,19 @@ anastasis_decrypt (const void *key,
}
nonce = (const struct ANASTASIS_CRYPTO_NonceP *) data;
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d NONCE_D is %s-%llu b\n", __FILE__, __LINE__,
- TALER_B2S (nonce),
- (unsigned long long) sizeof (*nonce));
-
tag = (struct ANASTASIS_CRYPTO_AesTagP *) &nonce[1];
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d TAG_D is %s-%llu b\n", __FILE__, __LINE__,
- TALER_B2S (tag),
- (unsigned long long) sizeof (*tag));
-
ciphertext = (const char *) &tag[1];
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d CIPHERTEXT_D is %s-%llu b\n", __FILE__, __LINE__,
- TALER_b2s (ciphertext, *res_size),
- (unsigned long long) *res_size);
-
get_iv_key (key,
key_len,
nonce,
salt,
&sym_key,
&iv);
- GNUNET_assert (0 == gcry_cipher_open (&cipher,
- GCRY_CIPHER_AES256,
- GCRY_CIPHER_MODE_GCM,
- 0));
+ GNUNET_assert (0 ==
+ gcry_cipher_open (&cipher,
+ GCRY_CIPHER_AES256,
+ GCRY_CIPHER_MODE_GCM,
+ 0));
rc = gcry_cipher_setkey (cipher,
&sym_key,
sizeof (sym_key));
@@ -307,15 +258,10 @@ anastasis_decrypt (const void *key,
*res_size,
ciphertext,
*res_size));
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d PLAINTEXT_D is %s-%llu b\n", __FILE__, __LINE__,
- TALER_b2s (*res, *res_size),
- (unsigned long long) *res_size);
if (0 !=
gcry_cipher_checktag (cipher,
tag,
- sizeof (struct
- ANASTASIS_CRYPTO_AesTagP)))
+ sizeof (struct ANASTASIS_CRYPTO_AesTagP)))
{
GNUNET_break (0);
GNUNET_free (*res);
@@ -378,6 +324,7 @@ ANASTASIS_CRYPTO_account_public_key_derive (
struct ANASTASIS_CRYPTO_AccountPublicKeyP *pub_key)
{
struct ANASTASIS_CRYPTO_AccountPrivateKeyP priv;
+
ANASTASIS_CRYPTO_account_private_key_derive (id,
&priv);
GNUNET_CRYPTO_eddsa_key_get_public (&priv.priv,
@@ -394,6 +341,7 @@ ANASTASIS_CRYPTO_recovery_document_encrypt (
size_t *erd_size)
{
const char *salt = "erd";
+
anastasis_encrypt (id,
sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP),
rec_doc,
@@ -413,6 +361,7 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
size_t *rd_size)
{
const char *salt = "erd";
+
anastasis_decrypt (id,
sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP),
enc_rec_doc,
@@ -427,10 +376,12 @@ void
ANASTASIS_CRYPTO_keyshare_encrypt (
const struct ANASTASIS_CRYPTO_KeyShareP *key_share,
const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
- struct ANASTASIS_CRYPTO_EncryptedKeyShareP **enc_key_share)
+ struct ANASTASIS_CRYPTO_EncryptedKeyShareP *enc_key_share)
{
const char *salt = "eks";
- size_t eks_size;
+ size_t eks_size = 0;
+ void *eks = NULL;
+
/* FIXME: the HKDF (in get_iv_key()) should be able to take additional
bits from the response (e.g. some hash over the answer to the
security question, see 12.6.-> interface EncryptedKeyShare in spec)
@@ -440,14 +391,14 @@ ANASTASIS_CRYPTO_keyshare_encrypt (
key_share,
sizeof (struct ANASTASIS_CRYPTO_KeyShareP),
salt,
- (void **) enc_key_share,
+ &eks,
&eks_size);
- if (eks_size !=
- sizeof (struct ANASTASIS_CRYPTO_EncryptedKeyShareP))
- {
- GNUNET_break (0);
- return;
- }
+ GNUNET_assert (eks_size ==
+ sizeof (struct ANASTASIS_CRYPTO_EncryptedKeyShareP));
+ memcpy (enc_key_share,
+ eks,
+ sizeof (struct ANASTASIS_CRYPTO_EncryptedKeyShareP));
+ GNUNET_free (eks);
}
@@ -455,23 +406,25 @@ void
ANASTASIS_CRYPTO_keyshare_decrypt (
const struct ANASTASIS_CRYPTO_EncryptedKeyShareP *enc_key_share,
const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
- struct ANASTASIS_CRYPTO_KeyShareP **key_share)
+ struct ANASTASIS_CRYPTO_KeyShareP *key_share)
{
const char *salt = "eks";
- size_t ks_size;
+ size_t ks_size = 0;
+ void *ks = NULL;
+
anastasis_decrypt (id,
sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP),
enc_key_share,
sizeof (struct ANASTASIS_CRYPTO_EncryptedKeyShareP),
salt,
- (void **) key_share,
+ &ks,
&ks_size);
- if (ks_size !=
- sizeof (struct ANASTASIS_CRYPTO_KeyShareP))
- {
- GNUNET_break (0);
- return;
- }
+ GNUNET_assert (ks_size ==
+ sizeof (struct ANASTASIS_CRYPTO_KeyShareP));
+ memcpy (key_share,
+ ks,
+ sizeof (struct ANASTASIS_CRYPTO_KeyShareP));
+ GNUNET_free (ks);
}
@@ -481,6 +434,7 @@ ANASTASIS_CRYPTO_truth_public_key_derive (
struct ANASTASIS_CRYPTO_TruthPublicKeyP *pub_key)
{
struct ANASTASIS_CRYPTO_TruthPrivateKeyP priv_key;
+
/* priv_key = ver_secret */
if (GNUNET_YES !=
GNUNET_CRYPTO_hkdf (&priv_key.priv,
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c
index 93c99d4..599d9c4 100644
--- a/src/util/test_anastasis_crypto.c
+++ b/src/util/test_anastasis_crypto.c
@@ -142,42 +142,33 @@ test_recovery_document (void)
static int
test_key_share (void)
{
- struct ANASTASIS_CRYPTO_EncryptedKeyShareP *ciphertext;
- struct ANASTASIS_CRYPTO_KeyShareP *plaintext;
+ struct ANASTASIS_CRYPTO_EncryptedKeyShareP ciphertext;
+ struct ANASTASIS_CRYPTO_KeyShareP plaintext;
struct ANASTASIS_CRYPTO_UserIdentifierP id;
struct ANASTASIS_CRYPTO_KeyShareP key_share;
struct ANASTASIS_CRYPTO_KeyShareP key_share_1;
struct ANASTASIS_CRYPTO_KeyShareP key_share_2;
- int ret;
+
+ // testing creation of keyshares
+ ANASTASIS_CRYPTO_keyshare_create (&key_share_1);
+ ANASTASIS_CRYPTO_keyshare_create (&key_share_2);
+ GNUNET_assert (0 !=
+ GNUNET_memcmp (&key_share_1,
+ &key_share_2));
// testing of enc-/decryption of a keyshare
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
&id,
sizeof (struct
ANASTASIS_CRYPTO_UserIdentifierP));
ANASTASIS_CRYPTO_keyshare_create (&key_share);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "KEYSHARE_BEFORE: %s\n",
- TALER_B2S (&key_share));
-
ANASTASIS_CRYPTO_keyshare_encrypt (&key_share,
&id,
&ciphertext);
- ANASTASIS_CRYPTO_keyshare_decrypt (ciphertext,
+ ANASTASIS_CRYPTO_keyshare_decrypt (&ciphertext,
&id,
&plaintext);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "KEYSHARE_AFTER: %s\n",
- TALER_B2S (plaintext));
-
- // testing creation of keyshares
- ANASTASIS_CRYPTO_keyshare_create (&key_share_1);
- ANASTASIS_CRYPTO_keyshare_create (&key_share_2);
- GNUNET_assert (0 !=
- GNUNET_memcmp (&key_share_1, &key_share_2));
- ret = GNUNET_memcmp (&key_share, plaintext);
- GNUNET_free (ciphertext);
- GNUNET_free (plaintext);
- return ret;
+ return GNUNET_memcmp (&key_share,
+ &plaintext);
}
@@ -308,14 +299,13 @@ test_core_secret (void)
static int
-test_public_key_derive ()
+test_public_key_derive (void)
{
struct ANASTASIS_CRYPTO_UserIdentifierP id;
struct ANASTASIS_CRYPTO_AccountPublicKeyP pub_key;
struct ANASTASIS_CRYPTO_PowSalt server_salt;
-
json_t *id_data = json_object ();
- char *salt_str = "Server-Salt-Test";
+ const char *salt_str = "Server-Salt-Test";
GNUNET_memcpy (&server_salt,
salt_str,
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: clean up recovery logic more, clean up crypto API,
gnunet <=