[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] 73/130: more denom key refactoring
|
From: |
gnunet |
|
Subject: |
[taler-exchange] 73/130: more denom key refactoring |
|
Date: |
Wed, 17 Nov 2021 12:25:21 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
commit c787e28e842a8ec538041df68d7d195cc7be9485
Author: Christian Grothoff <grothoff@gnunet.org>
AuthorDate: Fri Nov 5 14:18:13 2021 +0100
more denom key refactoring
---
src/include/taler_crypto_lib.h | 61 +++++++++++++++++++++++++++++
src/util/denom.c | 88 ++++++++++++++++++++++++++++++++++++++++++
src/util/test_helper_rsa.c | 29 +++++++-------
3 files changed, 162 insertions(+), 16 deletions(-)
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index b726972c..06247689 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -587,6 +587,29 @@ struct TALER_DenominationPublicKey
};
+/**
+ * Client-side secrets for blinding.
+ */
+struct TALER_BlindingSecret
+{
+
+ /**
+ * Type of the blinding secret.
+ */
+ enum TALER_DenominationCipher cipher;
+
+ union
+ {
+
+ /**
+ * Blinding key secret for RSA.
+ */
+ struct GNUNET_CRYPTO_RsaBlindingKeySecret rsa_bks;
+
+ } details;
+};
+
+
/**
* @brief Type of private signing keys for blind signing of coins.
*/
@@ -677,6 +700,27 @@ void
TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub);
+/**
+ * Create a blinding secret @a bs for @a cipher.
+ *
+ * @param[out] blinding secret to initialize
+ * @param cipher cipher to create blinding secret for
+ */
+enum GNUNET_GenericReturnValue
+TALER_blinding_secret_create (struct TALER_BlindingSecret *bs,
+ enum TALER_DenominationCipher cipher,
+ ...);
+
+
+/**
+ * Release memory inside of a blinding secret @a bs.
+ *
+ * @param[in] blinding secret to free
+ */
+void
+TALER_blinding_secret_free (struct TALER_BlindingSecret *bs);
+
+
/**
* Initialize denomination public-private key pair.
*
@@ -731,6 +775,23 @@ TALER_denom_sign_blinded (struct
TALER_BlindedDenominationSignature *denom_sig,
size_t blinded_msg_size);
+/**
+ * Unblind blinded signature.
+ *
+ * @param[out] denom_sig where to write the unblinded signature
+ * @param bdenom_sig the blinded signature
+ * @param bks blinding secret to use
+ * @param denom_pub public key used for signing
+ * @return #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+TALER_denom_sig_unblind (struct TALER_DenominationSignature *denom_sig,
+ const struct
+ TALER_BlindedDenominationSignature *bdenom_sig,
+ const struct TALER_BlindingSecret *bks,
+ const struct TALER_DenominationPublicKey *denom_pub);
+
+
/**
* Free internals of @a denom_sig, but not @a denom_sig itself.
*
diff --git a/src/util/denom.c b/src/util/denom.c
index f251d905..725e294d 100644
--- a/src/util/denom.c
+++ b/src/util/denom.c
@@ -109,6 +109,94 @@ TALER_denom_sign_blinded (struct
TALER_BlindedDenominationSignature *denom_sig,
}
+enum GNUNET_GenericReturnValue
+TALER_denom_sig_unblind (struct TALER_DenominationSignature *denom_sig,
+ const struct
+ TALER_BlindedDenominationSignature *bdenom_sig,
+ const struct TALER_BlindingSecret *bks,
+ const struct TALER_DenominationPublicKey *denom_pub)
+{
+ if (bks->cipher != denom_pub->cipher)
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
+ if (bdenom_sig->cipher != denom_pub->cipher)
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
+ switch (denom_pub->cipher)
+ {
+ case TALER_DENOMINATION_INVALID:
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ case TALER_DENOMINATION_RSA:
+ denom_sig->details.rsa_signature
+ = TALER_rsa_unblind (
+ bdenom_sig->details.blinded_rsa_signature,
+ &bks->details.rsa_bks,
+ denom_pub->details.rsa_public_key);
+ if (NULL == denom_sig->details.rsa_signature)
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
+ denom_sig->cipher = TALER_DENOMINATION_RSA;
+ return GNUNET_OK;
+ // TODO: add case for Clause-Schnorr
+ default:
+ GNUNET_break (0);
+ }
+ return GNUNET_SYSERR;
+}
+
+
+enum GNUNET_GenericReturnValue
+TALER_blinding_secret_create (struct TALER_BlindingSecret *bs,
+ enum TALER_DenominationCipher cipher,
+ ...)
+{
+ memset (bs,
+ 0,
+ sizeof (*bs));
+ switch (bs->cipher)
+ {
+ case TALER_DENOMINATION_INVALID:
+ return GNUNET_OK;
+ case TALER_DENOMINATION_RSA:
+ bs->cipher = TALER_DENOMINATION_RSA;
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+ &bs->details.rsa_bks,
+ sizeof (bs->details.rsa_bks));
+ return GNUNET_OK;
+ // TODO: add case for Clause-Schnorr
+ default:
+ GNUNET_break (0);
+ }
+ return GNUNET_SYSERR;
+}
+
+
+void
+TALER_blinding_secret_free (struct TALER_BlindingSecret *bs)
+{
+ switch (bs->cipher)
+ {
+ case TALER_DENOMINATION_INVALID:
+ return;
+ case TALER_DENOMINATION_RSA:
+ memset (bs,
+ 0,
+ sizeof (*bs));
+ return;
+ // TODO: add case for Clause-Schnorr
+ default:
+ GNUNET_break (0);
+ }
+}
+
+
void
TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub,
struct TALER_DenominationHash *denom_hash)
diff --git a/src/util/test_helper_rsa.c b/src/util/test_helper_rsa.c
index 24d7a4cc..bf79e1e4 100644
--- a/src/util/test_helper_rsa.c
+++ b/src/util/test_helper_rsa.c
@@ -133,9 +133,7 @@ key_cb (void *cls,
{
keys[i].valid = false;
keys[i].revoked = false;
- GNUNET_CRYPTO_rsa_public_key_free (
- keys[i].denom_pub.details.rsa_public_key);
- keys[i].denom_pub.details.rsa_public_key = NULL;
+ TALER_denom_pub_free (&keys[i].denom_pub);
GNUNET_assert (num_keys > 0);
num_keys--;
found = true;
@@ -157,8 +155,8 @@ key_cb (void *cls,
keys[i].start_time = start_time;
keys[i].validity_duration = validity_duration;
keys[i].denom_pub = *denom_pub;
- keys[i].denom_pub.details.rsa_public_key
- = GNUNET_CRYPTO_rsa_public_key_dup (denom_pub->details.rsa_public_key);
+ TALER_denom_pub_deep_copy (&keys[i].denom_pub,
+ denom_pub);
num_keys++;
return;
}
@@ -241,11 +239,11 @@ test_signing (struct TALER_CRYPTO_DenominationHelper *dh)
enum TALER_ErrorCode ec;
bool success = false;
struct TALER_CoinPubHash m_hash;
- struct GNUNET_CRYPTO_RsaBlindingKeySecret bks;
+ struct TALER_BlindingSecret bks;
- GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
- &bks,
- sizeof (bks));
+ GNUNET_assert (GNUNET_OK ==
+ TALER_blinding_secret_create (&bks,
+ TALER_DENOMINATION_RSA));
GNUNET_CRYPTO_hash ("Hello",
strlen ("Hello"),
&m_hash.hash);
@@ -259,7 +257,7 @@ test_signing (struct TALER_CRYPTO_DenominationHelper *dh)
GNUNET_assert (GNUNET_YES ==
TALER_rsa_blind (&m_hash,
- &bks,
+ &bks.details.rsa_bks,
keys[i].denom_pub.details.rsa_public_key,
&buf,
&buf_size));
@@ -294,12 +292,11 @@ test_signing (struct TALER_CRYPTO_DenominationHelper *dh)
{
struct TALER_DenominationSignature rs;
- rs.cipher = TALER_DENOMINATION_RSA;
- rs.details.rsa_signature
- = TALER_rsa_unblind (ds.details.blinded_rsa_signature,
- &bks,
- keys[i].denom_pub.details.rsa_public_key);
- if (NULL == rs.details.rsa_signature)
+ if (GNUNET_OK !=
+ TALER_denom_sig_unblind (&rs,
+ &ds,
+ &bks,
+ &keys[i].denom_pub))
{
GNUNET_break (0);
return 6;
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-exchange] 106/130: -fix NPE, (continued)
- [taler-exchange] 106/130: -fix NPE, gnunet, 2021/11/17
- [taler-exchange] 120/130: [age restriction] progress 3/n, gnunet, 2021/11/17
- [taler-exchange] 98/130: fix payto:// construction routine and move it to libtalerutil, gnunet, 2021/11/17
- [taler-exchange] 101/130: add /kyc-proof cmd, gnunet, 2021/11/17
- [taler-exchange] 93/130: prepare for KYC tests, gnunet, 2021/11/17
- [taler-exchange] 67/130: fix sharding, gnunet, 2021/11/17
- [taler-exchange] 99/130: add required payto URI traits, gnunet, 2021/11/17
- [taler-exchange] 78/130: more crypto refactoring, gnunet, 2021/11/17
- [taler-exchange] 65/130: style fixes, gnunet, 2021/11/17
- [taler-exchange] 97/130: add wallet for KYC status check, gnunet, 2021/11/17
- [taler-exchange] 73/130: more denom key refactoring,
gnunet <=
- [taler-exchange] 100/130: fix comments, gnunet, 2021/11/17
- [taler-exchange] 79/130: more crypto refactoring, gnunet, 2021/11/17
- [taler-exchange] 116/130: avoid duplication, gnunet, 2021/11/17
- [taler-exchange] 121/130: fix warning, gnunet, 2021/11/17
- [taler-exchange] 113/130: age restriction (load per denomination). 3/n, gnunet, 2021/11/17
- [taler-exchange] 130/130: towards merging with master, gnunet, 2021/11/17
- [taler-exchange] 118/130: -new option, gnunet, 2021/11/17
- [taler-exchange] 77/130: -fixes, gnunet, 2021/11/17
- [taler-exchange] 103/130: comment, gnunet, 2021/11/17
- [taler-exchange] 124/130: fix oauth_username issue, gnunet, 2021/11/17