[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: secretshare
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated: secretshare |
|
Date: |
Mon, 20 Apr 2020 01:16:17 +0200 |
This is an automated email from the git hooks/post-receive script.
ds-meister pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new c04ec7d secretshare
c04ec7d is described below
commit c04ec7d856c44388741077fe7c0d19d8b7822dd6
Author: Dominik Meister <address@hidden>
AuthorDate: Mon Apr 20 01:16:06 2020 +0200
secretshare
---
src/include/anastasis.h | 24 +++++++--
src/lib/anastasis.c | 141 ++++++++++++++++++++++++++++++++++++++++--------
2 files changed, 138 insertions(+), 27 deletions(-)
diff --git a/src/include/anastasis.h b/src/include/anastasis.h
index 31ddcc7..2eaaf38 100644
--- a/src/include/anastasis.h
+++ b/src/include/anastasis.h
@@ -23,6 +23,7 @@
#include "platform.h"
#include <taler/taler_json_lib.h>
#include <gnunet/gnunet_util_lib.h>
+#include <uuid/uuid.h>
/*Download api*/
@@ -42,11 +43,18 @@ struct ANASTASIS_EscrowMethod
*/
struct ANASTASIS_DecryptionPolicy
{
- // subset of methods that must be satisfied for this dp
- struct ANASTASIS_EscrowMethod *ems;
-
- unsigned int ems_len;
-
+ /**
+ * Set of escrow methods identfied by their uuids
+ */
+ uuid_t *escrow_uuids;
+ /**
+ * length of the methods in this policy
+ */
+ unsigned int uuids_length;
+ /**
+ * encrypted masterkey ( encrypted with the policy key)
+ */
+ struct ANASTASIS_CRYPTO_EncryptedMasterKey *emk;
};
/**
@@ -59,6 +67,10 @@ struct ANASTASIS_RecoveryInformation
unsigned int dps_len;
+ struct ANSTASIS_EscrowMethod *ems;
+
+ unsigned int ems_len;
+
unsigned int version; // actual version obtained
};
@@ -373,6 +385,8 @@ ANASTASIS_secret_share (const json_t *id_data,
const struct GNUNET_HashCode *last_etag,
struct ANASTASIS_Policy *policies[],
unsigned int policies_len,
+ struct ANASTASIS_Truth *truths[],
+ unsigned int truths_len,
ANASTASIS_SharePaymentCallback spc,
void *spc_cls,
ANASTASIS_ShareResultCallback src,
diff --git a/src/lib/anastasis.c b/src/lib/anastasis.c
index ef82156..dfc7d8e 100644
--- a/src/lib/anastasis.c
+++ b/src/lib/anastasis.c
@@ -120,6 +120,22 @@ struct ANASTASIS_Challenge
* uuid which defines this challenge
*/
uuid_t challenge_uuid;
+ /**
+ * Key used to encrypt the truth passed to the server
+ */
+ struct ANASTASIS_CRYPTO_TruthKey truth_key;
+ /**
+ * Salt used to encrypt the truth
+ */
+ struct ANASTASIS_CRYPTO_Salt truth_salt;
+ /**
+ * plaintext challenge which is sent to the client
+ */
+ void *challenge;
+ /**
+ * size of the challenge
+ */
+ size_t challenge_size;
};
/**
@@ -669,13 +685,13 @@ struct ANASTASIS_Policy
*/
struct ANASTASIS_CRYPTO_Salt salt;
/**
- * size of the truths
- */
- unsigned int truths_len;
+ * set of truths inside this policy
+ */
+ uuid_t *uuids;
/**
- * set of truths inside this policy
- */
- struct ANASTASIS_Truth *truths[];
+ * length of methods used
+ */
+ unsigned int uuid_length;
};
/**
@@ -690,21 +706,20 @@ ANASTASIS_policy_create (struct ANASTASIS_Truth *truths[],
{
struct ANASTASIS_Policy *p;
p = GNUNET_new (struct ANASTASIS_Policy);
- struct ANASTASIS_CRYPTO_PolicyKey policy_key;
struct ANASTASIS_CRYPTO_KeyShare key_shares[truths_len];
- // FIXME
- // p->truths = truths;
- p->truths_len = truths_len;
-
+ uuid_t uuids[truths_len];
for (unsigned int i = 0; i < truths_len; i++)
{
key_shares[i] = truths[i]->key_share;
+ memcpy(uuids[i], truths[i]->uuid, sizeof(uuid_t));
}
// FIXME SALT
ANASTASIS_CRYPTO_policy_key_derive (key_shares,
truths_len,
&p->salt,
&p->policy_key);
+ p->uuids = uuids;
+ p->uuid_length = truths_len;
return p;
}
@@ -748,6 +763,36 @@ struct ANASTASIS_SecretShare
* Hash of the current upload.
*/
struct GNUNET_HashCode curr_hash;
+ /**
+ * Identity key material used for the derivation of keys
+ */
+ struct ANASTASIS_CRYPTO_UserIdentifier id;
+ /**
+ * Public key for a request
+ */
+ struct ANASTASIS_CRYPTO_AccountPrivateKey priv_key;
+ /**
+ * Curl context
+ */
+ struct GNUNET_CURL_Context *ctx;
+ // FIXME not sure how to do payment
+ int payment_requested;
+ const char *payment_order_id;
+};
+
+/**
+ * FIXME NOT SURE IF NEEDED
+ * Internal struct which defines an escrow method
+ */
+struct ANASTASIS_TruthMethod
+{
+ char *url;
+ char *escrow_method;
+ uuid_t uuid;
+ struct ANASTASIS_CRYPTO_TruthKey truth_key;
+ struct ANASTASIS_CRYPTO_Salt salt;
+ void *challenge;
+ size_t challenge_size;
};
@@ -762,7 +807,6 @@ policy_store_cb (void *cls,
}
-
/**
* Creates a recovery document with the created policies.
*
@@ -782,6 +826,8 @@ ANASTASIS_secret_share (const json_t *id_data,
const struct GNUNET_HashCode *last_etag,
struct ANASTASIS_Policy *policies[],
unsigned int policies_len,
+ struct ANASTASIS_Truth *truths[],
+ unsigned int truths_len,
ANASTASIS_SharePaymentCallback spc,
void *spc_cls,
ANASTASIS_ShareResultCallback src,
@@ -796,30 +842,81 @@ ANASTASIS_secret_share (const json_t *id_data,
struct ANASTASIS_CRYPTO_EncryptedMasterKey
encrypted_master_keys[policies_len];
struct ANASTASIS_CRYPTO_PolicyKey policy_keys[policies_len];
+ struct ANASTASIS_DecryptionPolicy decryption_policies[policies_len];
+ struct ANASTASIS_TruthMethod truth_methods[truths_len];
+ struct SaltState *st = src_cls;
+ st->http_status = MHD_HTTP_OK;
+ void *enc_rec_doc;
+ size_t enc_rec_doc_size;
json_t *recovery_document;
for (unsigned int i = 0; i < policies_len; i++)
{
policy_keys[i] = policies[i]->policy_key;
}
+ //FIXME CHALLENGE
+ for (unsigned int l = 0; l < truths_len; l++)
+ {
+ memcpy(truth_methods[l].uuid, truths[l]->uuid, sizeof(uuid_t));
+ truth_methods[l].url = truths[l]->url;
+ truth_methods[l].truth_key = truths[l]->truth_key;
+ truth_methods[l].salt = *truths[l]->salt;
+ truth_methods[l].escrow_method = truths[l]->method;
+ }
- ANASTASIS_CRYPTO_core_secret_encrypt ((struct ANASTASIS_CRYPTO_PolicyKey *)
- &policy_keys,
+ ANASTASIS_CRYPTO_core_secret_encrypt (policy_keys,
policies_len,
core_secret,
core_secret_size,
&encrypted_core_secret,
- (struct
- ANASTASIS_CRYPTO_EncryptedMasterKey *)
- &encrypted_master_keys);
+ encrypted_master_keys);
+ for (unsigned int j = 0; j < policies_len; j++)
+ {
+ decryption_policies[j].emk = &encrypted_master_keys[j];
+ decryption_policies[j].uuids_length = policies[j]->uuid_length;
+ decryption_policies[j].escrow_uuids = policies[j]->uuids;
+ }
- // build recovery document in json
- // Compress recovery document
- // policy document encrypt
- // policy upload
+ //FIXME
+ recovery_document = json_pack (
+ " s:[fmt]," /* escrow methods */
+ " s:[fmt]," /* decryption policies */
+ " s:o}", /* encrypted core secret */
+ "escrow_methods", &truth_methods,
+ "decryption_policies", &decryption_policies,
+ "core_secret", GNUNET_JSON_from_data (
+ core_secret, core_secret_size));
+
+ st->so = ANASTASIS_salt (ss->ctx,
+ truth_methods[0].url,
+ &salt_cb,
+ st);
+ ANASTASIS_CRYPTO_user_identifier_derive (id_data,
+ &st->so->salt,
+ &ss->id);
+ salt_cleanup (st);
+
+ // ANASTASIS_CRYPTO_account_private_key_derive (&ss->id,
+ // &ss->priv_key);
+
+ ANASTASIS_CRYPTO_recovery_document_encrypt (&ss->id,
+ recovery_document,
+ sizeof(recovery_document),//FIXME
+ &enc_rec_doc,
+ &enc_rec_doc_size);
+
+ ss->pso = ANASTASIS_policy_store (ss->ctx,
+ truth_methods[0].url,
+ &ss->priv_key,
+ last_etag,
+ enc_rec_doc,
+ enc_rec_doc_size,
+ ss->payment_requested,
+ ss->payment_order_id,
+ &policy_store_cb,
+ ss);
// Callback handle
-
return ss;
}
--
To stop receiving notification emails like this one, please contact
address@hidden.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: secretshare,
gnunet <=