[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] 02/02: modified salt request
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] 02/02: modified salt request |
|
Date: |
Thu, 16 Apr 2020 20:36:45 +0200 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
commit 0cd1c2b113b8026282515f92d20315fd286930db
Author: Dennis Neufeld <address@hidden>
AuthorDate: Thu Apr 16 18:36:25 2020 +0000
modified salt request
---
src/include/anastasis.h | 2 +-
src/include/anastasis_crypto_lib.h | 6 +-
src/include/anastasis_service.h | 37 +++++++++++++
src/lib/anastasis.c | 111 ++++++++++++++++++++++++++++++++-----
src/lib/anastasis_api_salt.c | 37 -------------
src/util/anastasis_crypto.c | 8 ++-
src/util/test_anastasis_crypto.c | 29 ++++++++--
7 files changed, 169 insertions(+), 61 deletions(-)
diff --git a/src/include/anastasis.h b/src/include/anastasis.h
index 2334a98..31ddcc7 100644
--- a/src/include/anastasis.h
+++ b/src/include/anastasis.h
@@ -212,7 +212,7 @@ struct ANASTASIS_Recovery;
struct ANASTASIS_Recovery *
ANASTASIS_recovery_begin (const json_t *id_data,
unsigned int version,
- const char *anastasis_provider_url_candidates[],
+ const char *anastasis_provider_url,
unsigned int provider_candidates_length,
ANASTASIS_PolicyCallback pc,
void *pc_cls,
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index 4358442..3e3eeb3 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -57,7 +57,7 @@ struct ANASTASIS_CRYPTO_TruthKey
*/
struct ANASTASIS_CRYPTO_Salt
{
- const char *salt;
+ char *salt;
};
@@ -158,12 +158,14 @@ struct ANASTASIS_CRYPTO_UserIdentifier
/**
* Creates the UserIdentifier, it is used as entropy source for the encryption
keys and
* for the public and private key for signing the data.
- * @param id_data JSON encoded data, which contains the raw user secret and a
server salt
+ * @param id_data JSON encoded data, which contains the raw user secret
+ * @param server_salt salt from the server (escrow provider)
* @param id[out] reference to the id which was created
*/
void
ANASTASIS_CRYPTO_user_identifier_derive (
const json_t *id_data,
+ const struct ANASTASIS_CRYPTO_Salt server_salt,
struct ANASTASIS_CRYPTO_UserIdentifier *id);
diff --git a/src/include/anastasis_service.h b/src/include/anastasis_service.h
index d0e13b0..cb40706 100644
--- a/src/include/anastasis_service.h
+++ b/src/include/anastasis_service.h
@@ -266,6 +266,43 @@ void
ANASTASIS_salt_cancel (struct ANASTASIS_SaltOperation *so);
+/**
+ * @brief A Contract Operation Handle
+ */
+struct ANASTASIS_SaltOperation
+{
+ /**
+ * The url for this request.
+ */
+ char *url;
+
+ /**
+ * Handle for the request.
+ */
+ struct GNUNET_CURL_Job *job;
+
+ /**
+ * Reference to the execution context.
+ */
+ struct GNUNET_CURL_Context *ctx;
+
+ /**
+ * The callback to pass the backend response to
+ */
+ ANASTASIS_SaltCallback cb;
+
+ /**
+ * Closure for @a cb.
+ */
+ void *cb_cls;
+
+ /**
+ * Server salt.
+ */
+ struct ANASTASIS_CRYPTO_Salt salt;
+};
+
+
/****** POLICY API ******/
/**
diff --git a/src/lib/anastasis.c b/src/lib/anastasis.c
index 18131cf..ff34aad 100644
--- a/src/lib/anastasis.c
+++ b/src/lib/anastasis.c
@@ -26,6 +26,73 @@
#include "anastasis_service.h"
+/**
+ * State for a "salt" CMD.
+ */
+struct SaltState
+{
+ /**
+ * The interpreter state.
+ */
+ struct TALER_TESTING_Interpreter *is;
+
+ /**
+ * URL of the anastasis backend.
+ */
+ const char *anastasis_url;
+
+ /**
+ * Expected status code.
+ */
+ unsigned int http_status;
+
+ /**
+ * The /salt GET operation handle.
+ */
+ struct ANASTASIS_SaltOperation *so;
+};
+
+
+/**
+ * Function called with the results of a #ANASTASIS_salt().
+ *
+ * @param cls closure
+ * @param http_status HTTP status of the request
+ * @param salt salt from the server
+ */
+static void
+salt_cb (void *cls,
+ unsigned int http_status,
+ const struct ANASTASIS_CRYPTO_Salt *salt)
+{
+ struct SaltState *ss = cls;
+
+ ss->so = NULL;
+ GNUNET_assert (http_status == ss->http_status);
+ GNUNET_assert (NULL != salt);
+}
+
+
+/**
+ * Free the state of a "salt" CMD, and possibly
+ * cancel it if it did not complete.
+ *
+ * @param cls closure.
+ * @param cmd command being freed.
+ */
+static void
+salt_cleanup (struct SaltState *ss)
+{
+ if (NULL != ss->so)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Salt request did not complete\n");
+ ANASTASIS_salt_cancel (ss->so);
+ ss->so = NULL;
+ }
+ GNUNET_free (ss);
+}
+
/**
* Challenge struct contains the UUID's needed for the recovery process and a
reference to
@@ -66,11 +133,11 @@ struct ANASTASIS_Challenge
* @param af_cls handle for the challenge answer struct
*/
void
-ANASTASIS_challenge_aynswer (struct ANASTASIS_Challenge *challenge,
- const void *answer,
- size_t answer_size,
- ANASTASIS_AnswerFeedback af,
- void *af_cls)
+ANASTASIS_challenge_answer (struct ANASTASIS_Challenge *challenge,
+ const void *answer,
+ size_t answer_size,
+ ANASTASIS_AnswerFeedback af,
+ void *af_cls)
{
}
@@ -199,7 +266,7 @@ policy_lookup_cb (void *cls,
struct ANASTASIS_Recovery *
ANASTASIS_recovery_begin (const json_t *id_data,
unsigned int version,
- const char *anastasis_provider_url_candidates[],
+ const char *anastasis_provider_url,
unsigned int provider_candidates_length,
ANASTASIS_PolicyCallback pc,
void *pc_cls,
@@ -208,16 +275,25 @@ ANASTASIS_recovery_begin (const json_t *id_data,
{
struct ANASTASIS_Recovery *r;
r = GNUNET_new (struct ANASTASIS_Recovery);
- unsigned int i = 0;
+ // unsigned int i = 0;
void *plaintext;
size_t size_plaintext;
json_t *recovery_document;
json_error_t json_error;
- // needs to be inside while and take a salt
- ANASTASIS_CRYPTO_user_identifier_derive (id_data, &r->id);
+ struct SaltState *ss = pc_cls;
+
+ ss->http_status = MHD_HTTP_OK;
+ ss->so = ANASTASIS_salt (r->ctx,
+ anastasis_provider_url,
+ &salt_cb,
+ ss);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data,
+ ss->so->salt,
+ &r->id);
+ salt_cleanup (ss);
ANASTASIS_CRYPTO_account_public_key_derive (&r->id,
&r->pub_key);
-
+ /*
if (version != 0)
{
while (i < provider_candidates_length || r->encrypted_recovery_document !=
@@ -247,7 +323,7 @@ ANASTASIS_recovery_begin (const json_t *id_data,
i++;
}
}
-
+ */
if (r->encrypted_recovery_document == NULL)
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -493,13 +569,22 @@ ANASTASIS_truth_upload (const json_t *id_data,
t->instructions = instructions;
t->mime_type = mime_type;
uuid_generate (t->uuid);
+ struct SaltState *ss = tpc_cls;
- ANASTASIS_CRYPTO_key_share_create (&t->key_share);
- ANASTASIS_CRYPTO_user_identifier_derive (id_data, &tu->id);
+ ss->http_status = MHD_HTTP_OK;
+ ss->so = ANASTASIS_salt (tu->ctx,
+ provider_url,
+ &salt_cb,
+ ss);
+ ANASTASIS_CRYPTO_key_share_create (&t->key_share);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data,
+ ss->so->salt,
+ &tu->id);
ANASTASIS_CRYPTO_key_share_encrypt (&t->key_share,
&tu->id,
&encrypted_key_share);
+ salt_cleanup (ss);
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&t->truth_key,
diff --git a/src/lib/anastasis_api_salt.c b/src/lib/anastasis_api_salt.c
index b36888d..b38977a 100644
--- a/src/lib/anastasis_api_salt.c
+++ b/src/lib/anastasis_api_salt.c
@@ -33,43 +33,6 @@
#include "anastasis_api_curl_defaults.h"
-/**
- * @brief A Contract Operation Handle
- */
-struct ANASTASIS_SaltOperation
-{
- /**
- * The url for this request.
- */
- char *url;
-
- /**
- * Handle for the request.
- */
- struct GNUNET_CURL_Job *job;
-
- /**
- * Reference to the execution context.
- */
- struct GNUNET_CURL_Context *ctx;
-
- /**
- * The callback to pass the backend response to
- */
- ANASTASIS_SaltCallback cb;
-
- /**
- * Closure for @a cb.
- */
- void *cb_cls;
-
- /**
- * Server salt.
- */
- struct ANASTASIS_CRYPTO_Salt salt;
-};
-
-
/**
* Function called when we're done processing the
* HTTP /salt request.
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index 1b952da..fade009 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -237,12 +237,14 @@ anastasis_decrypt (const void *key,
/**
* Creates the UserIdentifier, it is used as entropy source for the encryption
keys and
* for the public and private key for signing the data.
- * @param id_data JSON encoded data, which contains the raw user secret and a
server salt
+ * @param id_data JSON encoded data, which contains the raw user secret
+ * @param server_salt salt from the server (escrow provider)
* @param id[out] reference to the id which was created
*/
void
ANASTASIS_CRYPTO_user_identifier_derive (
const json_t *id_data,
+ const struct ANASTASIS_CRYPTO_Salt server_salt,
struct ANASTASIS_CRYPTO_UserIdentifier *id)
{
char *json_enc;
@@ -252,8 +254,8 @@ ANASTASIS_CRYPTO_user_identifier_derive (
strlen (json_enc),
GCRY_KDF_SCRYPT,
1, // subalgo
- "SERVER_SALT", // FIXME: Set real salt
value!!!
- strlen ("SERVER_SALT"),
+ server_salt.salt,
+ strlen (server_salt.salt),
1000, // iterations
sizeof (struct
ANASTASIS_CRYPTO_UserIdentifier),
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c
index 29e5684..ac17f9e 100644
--- a/src/util/test_anastasis_crypto.c
+++ b/src/util/test_anastasis_crypto.c
@@ -41,6 +41,9 @@ test_user_identifier_derive (void)
struct ANASTASIS_CRYPTO_UserIdentifier id_1;
struct ANASTASIS_CRYPTO_UserIdentifier id_2;
struct ANASTASIS_CRYPTO_UserIdentifier id_3;
+ struct ANASTASIS_CRYPTO_Salt salt;
+
+ salt.salt = "Server Salt";
// sample data 1
id_data_1 = json_object ();
@@ -52,9 +55,15 @@ test_user_identifier_derive (void)
id_data_3 = json_object ();
json_object_set_new (id_data_3, "arg1", json_string ("Hallo2"));
- ANASTASIS_CRYPTO_user_identifier_derive (id_data_1, &id_1);
- ANASTASIS_CRYPTO_user_identifier_derive (id_data_2, &id_2);
- ANASTASIS_CRYPTO_user_identifier_derive (id_data_3, &id_3);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data_1,
+ salt,
+ &id_1);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data_2,
+ salt,
+ &id_2);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data_3,
+ salt,
+ &id_3);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"UserIdentifier_1: %s\n",
TALER_B2S (&id_1));
@@ -82,11 +91,16 @@ test_recovery_document (void)
void *plaintext;
size_t size_plaintext;
struct ANASTASIS_CRYPTO_UserIdentifier id;
+ struct ANASTASIS_CRYPTO_Salt salt;
+
json_t *id_data = json_object ();
const char *test = "TEST_ERD";
+ salt.salt = "Server Salt";
json_object_set_new (id_data, "arg1", json_string ("ID_DATA"));
- ANASTASIS_CRYPTO_user_identifier_derive (id_data, &id);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data,
+ salt,
+ &id);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"ERD_BEFORE: %s\n",
@@ -270,10 +284,15 @@ test_public_key_derive ()
{
struct ANASTASIS_CRYPTO_UserIdentifier id;
struct ANASTASIS_CRYPTO_AccountPublicKey pub_key;
+ struct ANASTASIS_CRYPTO_Salt server_salt;
+
json_t *id_data = json_object ();
+ server_salt.salt = "Server Salt";
json_object_set_new (id_data, "arg1", json_string ("ID_DATA"));
- ANASTASIS_CRYPTO_user_identifier_derive (id_data, &id);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data,
+ server_salt,
+ &id);
ANASTASIS_CRYPTO_account_public_key_derive (&id,
&pub_key);
--
To stop receiving notification emails like this one, please contact
address@hidden.