[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated (c0417fb -> 0cd1c2b)
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated (c0417fb -> 0cd1c2b) |
|
Date: |
Thu, 16 Apr 2020 20:36:43 +0200 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a change to branch master
in repository anastasis.
from c0417fb fix array
new 11184cc indents
new 0cd1c2b modified salt request
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
src/include/anastasis.h | 2 +-
src/include/anastasis_crypto_lib.h | 6 +-
src/include/anastasis_service.h | 37 +++++++++++++
src/lib/anastasis.c | 111 ++++++++++++++++++++++++++++++++-----
src/lib/anastasis_api_salt.c | 37 -------------
src/util/anastasis_crypto.c | 26 +++++----
src/util/test_anastasis_crypto.c | 29 ++++++++--
7 files changed, 179 insertions(+), 69 deletions(-)
diff --git a/src/include/anastasis.h b/src/include/anastasis.h
index 2334a98..31ddcc7 100644
--- a/src/include/anastasis.h
+++ b/src/include/anastasis.h
@@ -212,7 +212,7 @@ struct ANASTASIS_Recovery;
struct ANASTASIS_Recovery *
ANASTASIS_recovery_begin (const json_t *id_data,
unsigned int version,
- const char *anastasis_provider_url_candidates[],
+ const char *anastasis_provider_url,
unsigned int provider_candidates_length,
ANASTASIS_PolicyCallback pc,
void *pc_cls,
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index 4358442..3e3eeb3 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -57,7 +57,7 @@ struct ANASTASIS_CRYPTO_TruthKey
*/
struct ANASTASIS_CRYPTO_Salt
{
- const char *salt;
+ char *salt;
};
@@ -158,12 +158,14 @@ struct ANASTASIS_CRYPTO_UserIdentifier
/**
* Creates the UserIdentifier, it is used as entropy source for the encryption
keys and
* for the public and private key for signing the data.
- * @param id_data JSON encoded data, which contains the raw user secret and a
server salt
+ * @param id_data JSON encoded data, which contains the raw user secret
+ * @param server_salt salt from the server (escrow provider)
* @param id[out] reference to the id which was created
*/
void
ANASTASIS_CRYPTO_user_identifier_derive (
const json_t *id_data,
+ const struct ANASTASIS_CRYPTO_Salt server_salt,
struct ANASTASIS_CRYPTO_UserIdentifier *id);
diff --git a/src/include/anastasis_service.h b/src/include/anastasis_service.h
index d0e13b0..cb40706 100644
--- a/src/include/anastasis_service.h
+++ b/src/include/anastasis_service.h
@@ -266,6 +266,43 @@ void
ANASTASIS_salt_cancel (struct ANASTASIS_SaltOperation *so);
+/**
+ * @brief A Contract Operation Handle
+ */
+struct ANASTASIS_SaltOperation
+{
+ /**
+ * The url for this request.
+ */
+ char *url;
+
+ /**
+ * Handle for the request.
+ */
+ struct GNUNET_CURL_Job *job;
+
+ /**
+ * Reference to the execution context.
+ */
+ struct GNUNET_CURL_Context *ctx;
+
+ /**
+ * The callback to pass the backend response to
+ */
+ ANASTASIS_SaltCallback cb;
+
+ /**
+ * Closure for @a cb.
+ */
+ void *cb_cls;
+
+ /**
+ * Server salt.
+ */
+ struct ANASTASIS_CRYPTO_Salt salt;
+};
+
+
/****** POLICY API ******/
/**
diff --git a/src/lib/anastasis.c b/src/lib/anastasis.c
index 18131cf..ff34aad 100644
--- a/src/lib/anastasis.c
+++ b/src/lib/anastasis.c
@@ -26,6 +26,73 @@
#include "anastasis_service.h"
+/**
+ * State for a "salt" CMD.
+ */
+struct SaltState
+{
+ /**
+ * The interpreter state.
+ */
+ struct TALER_TESTING_Interpreter *is;
+
+ /**
+ * URL of the anastasis backend.
+ */
+ const char *anastasis_url;
+
+ /**
+ * Expected status code.
+ */
+ unsigned int http_status;
+
+ /**
+ * The /salt GET operation handle.
+ */
+ struct ANASTASIS_SaltOperation *so;
+};
+
+
+/**
+ * Function called with the results of a #ANASTASIS_salt().
+ *
+ * @param cls closure
+ * @param http_status HTTP status of the request
+ * @param salt salt from the server
+ */
+static void
+salt_cb (void *cls,
+ unsigned int http_status,
+ const struct ANASTASIS_CRYPTO_Salt *salt)
+{
+ struct SaltState *ss = cls;
+
+ ss->so = NULL;
+ GNUNET_assert (http_status == ss->http_status);
+ GNUNET_assert (NULL != salt);
+}
+
+
+/**
+ * Free the state of a "salt" CMD, and possibly
+ * cancel it if it did not complete.
+ *
+ * @param cls closure.
+ * @param cmd command being freed.
+ */
+static void
+salt_cleanup (struct SaltState *ss)
+{
+ if (NULL != ss->so)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Salt request did not complete\n");
+ ANASTASIS_salt_cancel (ss->so);
+ ss->so = NULL;
+ }
+ GNUNET_free (ss);
+}
+
/**
* Challenge struct contains the UUID's needed for the recovery process and a
reference to
@@ -66,11 +133,11 @@ struct ANASTASIS_Challenge
* @param af_cls handle for the challenge answer struct
*/
void
-ANASTASIS_challenge_aynswer (struct ANASTASIS_Challenge *challenge,
- const void *answer,
- size_t answer_size,
- ANASTASIS_AnswerFeedback af,
- void *af_cls)
+ANASTASIS_challenge_answer (struct ANASTASIS_Challenge *challenge,
+ const void *answer,
+ size_t answer_size,
+ ANASTASIS_AnswerFeedback af,
+ void *af_cls)
{
}
@@ -199,7 +266,7 @@ policy_lookup_cb (void *cls,
struct ANASTASIS_Recovery *
ANASTASIS_recovery_begin (const json_t *id_data,
unsigned int version,
- const char *anastasis_provider_url_candidates[],
+ const char *anastasis_provider_url,
unsigned int provider_candidates_length,
ANASTASIS_PolicyCallback pc,
void *pc_cls,
@@ -208,16 +275,25 @@ ANASTASIS_recovery_begin (const json_t *id_data,
{
struct ANASTASIS_Recovery *r;
r = GNUNET_new (struct ANASTASIS_Recovery);
- unsigned int i = 0;
+ // unsigned int i = 0;
void *plaintext;
size_t size_plaintext;
json_t *recovery_document;
json_error_t json_error;
- // needs to be inside while and take a salt
- ANASTASIS_CRYPTO_user_identifier_derive (id_data, &r->id);
+ struct SaltState *ss = pc_cls;
+
+ ss->http_status = MHD_HTTP_OK;
+ ss->so = ANASTASIS_salt (r->ctx,
+ anastasis_provider_url,
+ &salt_cb,
+ ss);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data,
+ ss->so->salt,
+ &r->id);
+ salt_cleanup (ss);
ANASTASIS_CRYPTO_account_public_key_derive (&r->id,
&r->pub_key);
-
+ /*
if (version != 0)
{
while (i < provider_candidates_length || r->encrypted_recovery_document !=
@@ -247,7 +323,7 @@ ANASTASIS_recovery_begin (const json_t *id_data,
i++;
}
}
-
+ */
if (r->encrypted_recovery_document == NULL)
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -493,13 +569,22 @@ ANASTASIS_truth_upload (const json_t *id_data,
t->instructions = instructions;
t->mime_type = mime_type;
uuid_generate (t->uuid);
+ struct SaltState *ss = tpc_cls;
- ANASTASIS_CRYPTO_key_share_create (&t->key_share);
- ANASTASIS_CRYPTO_user_identifier_derive (id_data, &tu->id);
+ ss->http_status = MHD_HTTP_OK;
+ ss->so = ANASTASIS_salt (tu->ctx,
+ provider_url,
+ &salt_cb,
+ ss);
+ ANASTASIS_CRYPTO_key_share_create (&t->key_share);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data,
+ ss->so->salt,
+ &tu->id);
ANASTASIS_CRYPTO_key_share_encrypt (&t->key_share,
&tu->id,
&encrypted_key_share);
+ salt_cleanup (ss);
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&t->truth_key,
diff --git a/src/lib/anastasis_api_salt.c b/src/lib/anastasis_api_salt.c
index b36888d..b38977a 100644
--- a/src/lib/anastasis_api_salt.c
+++ b/src/lib/anastasis_api_salt.c
@@ -33,43 +33,6 @@
#include "anastasis_api_curl_defaults.h"
-/**
- * @brief A Contract Operation Handle
- */
-struct ANASTASIS_SaltOperation
-{
- /**
- * The url for this request.
- */
- char *url;
-
- /**
- * Handle for the request.
- */
- struct GNUNET_CURL_Job *job;
-
- /**
- * Reference to the execution context.
- */
- struct GNUNET_CURL_Context *ctx;
-
- /**
- * The callback to pass the backend response to
- */
- ANASTASIS_SaltCallback cb;
-
- /**
- * Closure for @a cb.
- */
- void *cb_cls;
-
- /**
- * Server salt.
- */
- struct ANASTASIS_CRYPTO_Salt salt;
-};
-
-
/**
* Function called when we're done processing the
* HTTP /salt request.
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index 7881b0a..fade009 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -147,7 +147,8 @@ anastasis_encrypt (const void *key,
TALER_B2S (tag));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"CIPHERTEXT_E: %s\n",
- TALER_b2s (ciphertext, strlen (ciphertext)));
+ TALER_b2s (ciphertext,
+ strlen (ciphertext)));
}
@@ -227,7 +228,8 @@ anastasis_decrypt (const void *key,
GNUNET_assert (0 ==
gcry_cipher_checktag (cipher,
tag,
- sizeof(struct
ANASTASIS_CRYPTO_AesTag)));
+ sizeof (struct
+ ANASTASIS_CRYPTO_AesTag)));
gcry_cipher_close (cipher);
}
@@ -235,12 +237,14 @@ anastasis_decrypt (const void *key,
/**
* Creates the UserIdentifier, it is used as entropy source for the encryption
keys and
* for the public and private key for signing the data.
- * @param id_data JSON encoded data, which contains the raw user secret and a
server salt
+ * @param id_data JSON encoded data, which contains the raw user secret
+ * @param server_salt salt from the server (escrow provider)
* @param id[out] reference to the id which was created
*/
void
ANASTASIS_CRYPTO_user_identifier_derive (
const json_t *id_data,
+ const struct ANASTASIS_CRYPTO_Salt server_salt,
struct ANASTASIS_CRYPTO_UserIdentifier *id)
{
char *json_enc;
@@ -250,8 +254,8 @@ ANASTASIS_CRYPTO_user_identifier_derive (
strlen (json_enc),
GCRY_KDF_SCRYPT,
1, // subalgo
- "SERVER_SALT", // FIXME: Set real salt
value!!!
- strlen ("SERVER_SALT"),
+ server_salt.salt,
+ strlen (server_salt.salt),
1000, // iterations
sizeof (struct
ANASTASIS_CRYPTO_UserIdentifier),
@@ -298,8 +302,10 @@ ANASTASIS_CRYPTO_account_public_key_derive (
struct ANASTASIS_CRYPTO_AccountPublicKey *pub_key)
{
struct GNUNET_CRYPTO_EddsaPrivateKey priv;
- ANASTASIS_CRYPTO_account_private_key_derive (id, &priv);
- GNUNET_CRYPTO_eddsa_key_get_public (&priv, &pub_key->pub);
+ ANASTASIS_CRYPTO_account_private_key_derive (id,
+ &priv);
+ GNUNET_CRYPTO_eddsa_key_get_public (&priv,
+ &pub_key->pub);
}
@@ -324,8 +330,7 @@ ANASTASIS_CRYPTO_recovery_document_encrypt (
{
const char *salt = "erd";
anastasis_encrypt (id,
- sizeof (struct
- ANASTASIS_CRYPTO_UserIdentifier),
+ sizeof (struct ANASTASIS_CRYPTO_UserIdentifier),
rec_doc,
rd_size,
salt,
@@ -376,8 +381,7 @@ void
ANASTASIS_CRYPTO_key_share_encrypt (
const struct ANASTASIS_CRYPTO_KeyShare *key_share,
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
- struct ANASTASIS_CRYPTO_EncryptedKeyShare **enc_key_share
- )
+ struct ANASTASIS_CRYPTO_EncryptedKeyShare **enc_key_share)
{
const char *salt = "eks";
size_t eks_size;
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c
index 29e5684..ac17f9e 100644
--- a/src/util/test_anastasis_crypto.c
+++ b/src/util/test_anastasis_crypto.c
@@ -41,6 +41,9 @@ test_user_identifier_derive (void)
struct ANASTASIS_CRYPTO_UserIdentifier id_1;
struct ANASTASIS_CRYPTO_UserIdentifier id_2;
struct ANASTASIS_CRYPTO_UserIdentifier id_3;
+ struct ANASTASIS_CRYPTO_Salt salt;
+
+ salt.salt = "Server Salt";
// sample data 1
id_data_1 = json_object ();
@@ -52,9 +55,15 @@ test_user_identifier_derive (void)
id_data_3 = json_object ();
json_object_set_new (id_data_3, "arg1", json_string ("Hallo2"));
- ANASTASIS_CRYPTO_user_identifier_derive (id_data_1, &id_1);
- ANASTASIS_CRYPTO_user_identifier_derive (id_data_2, &id_2);
- ANASTASIS_CRYPTO_user_identifier_derive (id_data_3, &id_3);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data_1,
+ salt,
+ &id_1);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data_2,
+ salt,
+ &id_2);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data_3,
+ salt,
+ &id_3);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"UserIdentifier_1: %s\n",
TALER_B2S (&id_1));
@@ -82,11 +91,16 @@ test_recovery_document (void)
void *plaintext;
size_t size_plaintext;
struct ANASTASIS_CRYPTO_UserIdentifier id;
+ struct ANASTASIS_CRYPTO_Salt salt;
+
json_t *id_data = json_object ();
const char *test = "TEST_ERD";
+ salt.salt = "Server Salt";
json_object_set_new (id_data, "arg1", json_string ("ID_DATA"));
- ANASTASIS_CRYPTO_user_identifier_derive (id_data, &id);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data,
+ salt,
+ &id);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"ERD_BEFORE: %s\n",
@@ -270,10 +284,15 @@ test_public_key_derive ()
{
struct ANASTASIS_CRYPTO_UserIdentifier id;
struct ANASTASIS_CRYPTO_AccountPublicKey pub_key;
+ struct ANASTASIS_CRYPTO_Salt server_salt;
+
json_t *id_data = json_object ();
+ server_salt.salt = "Server Salt";
json_object_set_new (id_data, "arg1", json_string ("ID_DATA"));
- ANASTASIS_CRYPTO_user_identifier_derive (id_data, &id);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data,
+ server_salt,
+ &id);
ANASTASIS_CRYPTO_account_public_key_derive (&id,
&pub_key);
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [taler-anastasis] branch master updated (c0417fb -> 0cd1c2b),
gnunet <=