[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] 78/130: more crypto refactoring
From: |
gnunet |
Subject: |
[taler-exchange] 78/130: more crypto refactoring |
Date: |
Wed, 17 Nov 2021 12:25:26 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
commit eaf9d728f54681be4e9ed3467ff9d10e71ad2b04
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Fri Nov 5 22:48:11 2021 +0100
more crypto refactoring
---
src/include/taler_crypto_lib.h | 15 ---------------
src/lib/exchange_api_link.c | 16 +++++++++-------
src/util/crypto.c | 37 ++++++++++++-------------------------
src/util/denom.c | 2 +-
4 files changed, 22 insertions(+), 48 deletions(-)
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 961c3669..0a0be0cb 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -2165,19 +2165,4 @@ TALER_rsa_blind (const struct TALER_CoinPubHash *hash,
size_t *buf_size);
-/**
- * Unblind a blind-signed signature. The signature should have been generated
- * with GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with
- * GNUNET_CRYPTO_rsa_blind().
- *
- * @param sig the signature made on the blinded signature purpose
- * @param bks the blinding key secret used to blind the signature purpose
- * @param pkey the public key of the signer
- * @return unblinded signature on success, NULL if RSA key is bad or malicious.
- */
-struct GNUNET_CRYPTO_RsaSignature *
-TALER_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
- const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
- struct GNUNET_CRYPTO_RsaPublicKey *pkey);
-
#endif
diff --git a/src/lib/exchange_api_link.c b/src/lib/exchange_api_link.c
index f544e71e..a9dc8852 100644
--- a/src/lib/exchange_api_link.c
+++ b/src/lib/exchange_api_link.c
@@ -123,14 +123,16 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle
*lh,
&fc);
/* extract coin and signature */
+ if (GNUNET_OK !=
+ TALER_denom_sig_unblind (sig,
+ &bsig,
+ &fc.blinding_key,
+ &rpub))
+ {
+ GNUNET_break_op (0);
+ return GNUNET_SYSERR;
+ }
*coin_priv = fc.coin_priv;
- // FIXME: use more generlized unblinding API!
- GNUNET_assert (TALER_DENOMINATION_RSA == bsig.cipher);
- sig->cipher = TALER_DENOMINATION_RSA;
- sig->details.rsa_signature
- = TALER_rsa_unblind (bsig.details.blinded_rsa_signature,
- &fc.blinding_key.rsa_bks,
- rpub.details.rsa_public_key);
/* verify link_sig */
{
struct TALER_PlanchetDetail pd;
diff --git a/src/util/crypto.c b/src/util/crypto.c
index 668a91ad..7d4a431c 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -188,9 +188,8 @@ TALER_planchet_prepare (const struct
TALER_DenominationPublicKey *dk,
// FIXME-Oec: replace with function that
// also hashes the age vector if we have
// one!
- GNUNET_CRYPTO_hash (&coin_pub.eddsa_pub,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
- &c_hash->hash);
+ TALER_coin_pub_hash (&coin_pub,
+ c_hash);
// FIXME-Gian/Lucien: this will be the bigger
// change, as you have the extra round trip
// => to be discussed!
@@ -221,23 +220,22 @@ TALER_planchet_to_coin (
{
struct TALER_DenominationSignature sig;
- // FIXME-Gian/Lucien: this may need a bigger
- // change, as you have the extra round trip
- // => to be discussed!
- GNUNET_assert (TALER_DENOMINATION_RSA == dk->cipher);
- GNUNET_assert (TALER_DENOMINATION_RSA == blind_sig->cipher);
- sig.cipher = TALER_DENOMINATION_RSA;
- sig.details.rsa_signature
- = TALER_rsa_unblind (blind_sig->details.blinded_rsa_signature,
- &ps->blinding_key.rsa_bks,
- dk->details.rsa_public_key);
+ if (GNUNET_OK !=
+ TALER_denom_sig_unblind (&sig,
+ blind_sig,
+ &ps->blinding_key,
+ dk))
+ {
+ GNUNET_break_op (0);
+ return GNUNET_SYSERR;
+ }
if (GNUNET_OK !=
TALER_denom_pub_verify (dk,
&sig,
c_hash))
{
GNUNET_break_op (0);
- GNUNET_CRYPTO_rsa_signature_free (sig.details.rsa_signature);
+ TALER_denom_sig_free (&sig);
return GNUNET_SYSERR;
}
coin->sig = sig;
@@ -330,17 +328,6 @@ TALER_rsa_blind (const struct TALER_CoinPubHash *hash,
}
-struct GNUNET_CRYPTO_RsaSignature *
-TALER_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
- const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
- struct GNUNET_CRYPTO_RsaPublicKey *pkey)
-{
- return GNUNET_CRYPTO_rsa_unblind (sig,
- bks,
- pkey);
-}
-
-
void
TALER_coin_ev_hash (const void *coin_ev,
size_t coin_ev_size,
diff --git a/src/util/denom.c b/src/util/denom.c
index a1f511fe..4a47c66d 100644
--- a/src/util/denom.c
+++ b/src/util/denom.c
@@ -128,7 +128,7 @@ TALER_denom_sig_unblind (
return GNUNET_SYSERR;
case TALER_DENOMINATION_RSA:
denom_sig->details.rsa_signature
- = TALER_rsa_unblind (
+ = GNUNET_CRYPTO_rsa_unblind (
bdenom_sig->details.blinded_rsa_signature,
&bks->rsa_bks,
denom_pub->details.rsa_public_key);
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-exchange] 96/130: add kyc-wallet test command, (continued)
- [taler-exchange] 96/130: add kyc-wallet test command, gnunet, 2021/11/17
- [taler-exchange] 117/130: complete oauth logic (in theory), gnunet, 2021/11/17
- [taler-exchange] 88/130: SQL fix, gnunet, 2021/11/17
- [taler-exchange] 106/130: -fix NPE, gnunet, 2021/11/17
- [taler-exchange] 120/130: [age restriction] progress 3/n, gnunet, 2021/11/17
- [taler-exchange] 98/130: fix payto:// construction routine and move it to libtalerutil, gnunet, 2021/11/17
- [taler-exchange] 101/130: add /kyc-proof cmd, gnunet, 2021/11/17
- [taler-exchange] 93/130: prepare for KYC tests, gnunet, 2021/11/17
- [taler-exchange] 67/130: fix sharding, gnunet, 2021/11/17
- [taler-exchange] 99/130: add required payto URI traits, gnunet, 2021/11/17
- [taler-exchange] 78/130: more crypto refactoring,
gnunet <=
- [taler-exchange] 65/130: style fixes, gnunet, 2021/11/17
- [taler-exchange] 97/130: add wallet for KYC status check, gnunet, 2021/11/17
- [taler-exchange] 73/130: more denom key refactoring, gnunet, 2021/11/17
- [taler-exchange] 100/130: fix comments, gnunet, 2021/11/17
- [taler-exchange] 79/130: more crypto refactoring, gnunet, 2021/11/17
- [taler-exchange] 116/130: avoid duplication, gnunet, 2021/11/17
- [taler-exchange] 121/130: fix warning, gnunet, 2021/11/17
- [taler-exchange] 113/130: age restriction (load per denomination). 3/n, gnunet, 2021/11/17
- [taler-exchange] 130/130: towards merging with master, gnunet, 2021/11/17
- [taler-exchange] 118/130: -new option, gnunet, 2021/11/17