[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] 79/130: more crypto refactoring
|
From: |
gnunet |
|
Subject: |
[taler-exchange] 79/130: more crypto refactoring |
|
Date: |
Wed, 17 Nov 2021 12:25:27 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
commit c3e244322b6b7234c0234471b07d67bf6a210b91
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Fri Nov 5 23:01:21 2021 +0100
more crypto refactoring
---
src/exchange/taler-exchange-httpd_recoup.c | 44 +++++++++++++++---------------
src/include/taler_crypto_lib.h | 20 ++++++++++++++
src/util/crypto.c | 22 +++++----------
src/util/denom.c | 32 ++++++++++++++++++++++
4 files changed, 81 insertions(+), 37 deletions(-)
diff --git a/src/exchange/taler-exchange-httpd_recoup.c
b/src/exchange/taler-exchange-httpd_recoup.c
index f10bd34b..be4471c0 100644
--- a/src/exchange/taler-exchange-httpd_recoup.c
+++ b/src/exchange/taler-exchange-httpd_recoup.c
@@ -352,8 +352,6 @@ verify_and_execute_recoup (
struct RecoupContext pc;
const struct TEH_DenominationKey *dk;
struct TALER_CoinPubHash c_hash;
- void *coin_ev;
- size_t coin_ev_size;
MHD_RESULT mret;
/* check denomination exists and is in recoup mode */
@@ -442,28 +440,30 @@ verify_and_execute_recoup (
NULL);
}
}
- TALER_coin_pub_hash (&coin->coin_pub,
- &c_hash);
- GNUNET_assert (dk->denom_pub.cipher ==
- TALER_DENOMINATION_RSA);
- // FIXME-RSA migration...
- if (GNUNET_YES !=
- TALER_rsa_blind (&c_hash,
- &coin_bks->rsa_bks,
- dk->denom_pub.details.rsa_public_key,
- &coin_ev,
- &coin_ev_size))
+
{
- GNUNET_break (0);
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
-
TALER_EC_EXCHANGE_RECOUP_BLINDING_FAILED,
- NULL);
+ void *coin_ev;
+ size_t coin_ev_size;
+
+ if (GNUNET_OK !=
+ TALER_denom_blind (&dk->denom_pub,
+ coin_bks,
+ &coin->coin_pub,
+ &c_hash,
+ &coin_ev,
+ &coin_ev_size))
+ {
+ GNUNET_break (0);
+ return TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+
TALER_EC_EXCHANGE_RECOUP_BLINDING_FAILED,
+ NULL);
+ }
+ TALER_coin_ev_hash (coin_ev,
+ coin_ev_size,
+ &pc.h_blind);
+ GNUNET_free (coin_ev);
}
- TALER_coin_ev_hash (coin_ev,
- coin_ev_size,
- &pc.h_blind);
- GNUNET_free (coin_ev);
/* Perform actual recoup transaction */
pc.coin_sig = coin_sig;
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 0a0be0cb..8907ca43 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -724,6 +724,26 @@ void
TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig);
+/**
+ * Blind coin for blind signing with @a dk using blinding secret @a coin_bks.
+ *
+ * @param dk denomination public key to blind for
+ * @param coin_bks blinding secret to use
+ * @param coin_pub public key of the coin to blind
+ * @param[out] c_hash resulting hashed coin
+ * @param[out] coin_ev blinded coin to submit
+ * @param[out] coin_ev_size number of bytes in @a coin_ev
+ * @return #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+TALER_denom_blind (const struct TALER_DenominationPublicKey *dk,
+ const union TALER_DenominationBlindingKeyP *coin_bks,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ struct TALER_CoinPubHash *c_hash,
+ void **coin_ev,
+ size_t *coin_ev_size);
+
+
/**
* Create blinded signature.
*
diff --git a/src/util/crypto.c b/src/util/crypto.c
index 7d4a431c..ed32f31d 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -185,21 +185,13 @@ TALER_planchet_prepare (const struct
TALER_DenominationPublicKey *dk,
GNUNET_CRYPTO_eddsa_key_get_public (&ps->coin_priv.eddsa_priv,
&coin_pub.eddsa_pub);
- // FIXME-Oec: replace with function that
- // also hashes the age vector if we have
- // one!
- TALER_coin_pub_hash (&coin_pub,
- c_hash);
- // FIXME-Gian/Lucien: this will be the bigger
- // change, as you have the extra round trip
- // => to be discussed!
- GNUNET_assert (TALER_DENOMINATION_RSA == dk->cipher);
- if (GNUNET_YES !=
- TALER_rsa_blind (c_hash,
- &ps->blinding_key.rsa_bks,
- dk->details.rsa_public_key,
- &pd->coin_ev,
- &pd->coin_ev_size))
+ if (GNUNET_OK !=
+ TALER_denom_blind (dk,
+ &ps->blinding_key,
+ &coin_pub,
+ c_hash,
+ &pd->coin_ev,
+ &pd->coin_ev_size))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
diff --git a/src/util/denom.c b/src/util/denom.c
index 4a47c66d..4f1fc8e5 100644
--- a/src/util/denom.c
+++ b/src/util/denom.c
@@ -216,6 +216,38 @@ TALER_denom_priv_to_pub (const struct
TALER_DenominationPrivateKey *denom_priv,
}
+enum GNUNET_GenericReturnValue
+TALER_denom_blind (const struct TALER_DenominationPublicKey *dk,
+ const union TALER_DenominationBlindingKeyP *coin_bks,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ struct TALER_CoinPubHash *c_hash,
+ void **coin_ev,
+ size_t *coin_ev_size)
+{
+ switch (dk->cipher)
+ {
+ case TALER_DENOMINATION_RSA:
+ TALER_coin_pub_hash (coin_pub,
+ c_hash);
+ if (GNUNET_YES !=
+ TALER_rsa_blind (c_hash,
+ &coin_bks->rsa_bks,
+ dk->details.rsa_public_key,
+ coin_ev,
+ coin_ev_size))
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
+ return GNUNET_OK;
+ // TODO: add case for Clause-Schnorr
+ default:
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
+}
+
+
enum GNUNET_GenericReturnValue
TALER_denom_pub_verify (const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_DenominationSignature *denom_sig,
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-exchange] 98/130: fix payto:// construction routine and move it to libtalerutil, (continued)
- [taler-exchange] 98/130: fix payto:// construction routine and move it to libtalerutil, gnunet, 2021/11/17
- [taler-exchange] 101/130: add /kyc-proof cmd, gnunet, 2021/11/17
- [taler-exchange] 93/130: prepare for KYC tests, gnunet, 2021/11/17
- [taler-exchange] 67/130: fix sharding, gnunet, 2021/11/17
- [taler-exchange] 99/130: add required payto URI traits, gnunet, 2021/11/17
- [taler-exchange] 78/130: more crypto refactoring, gnunet, 2021/11/17
- [taler-exchange] 65/130: style fixes, gnunet, 2021/11/17
- [taler-exchange] 97/130: add wallet for KYC status check, gnunet, 2021/11/17
- [taler-exchange] 73/130: more denom key refactoring, gnunet, 2021/11/17
- [taler-exchange] 100/130: fix comments, gnunet, 2021/11/17
- [taler-exchange] 79/130: more crypto refactoring,
gnunet <=
- [taler-exchange] 116/130: avoid duplication, gnunet, 2021/11/17
- [taler-exchange] 121/130: fix warning, gnunet, 2021/11/17
- [taler-exchange] 113/130: age restriction (load per denomination). 3/n, gnunet, 2021/11/17
- [taler-exchange] 130/130: towards merging with master, gnunet, 2021/11/17
- [taler-exchange] 118/130: -new option, gnunet, 2021/11/17
- [taler-exchange] 77/130: -fixes, gnunet, 2021/11/17
- [taler-exchange] 103/130: comment, gnunet, 2021/11/17
- [taler-exchange] 124/130: fix oauth_username issue, gnunet, 2021/11/17
- [taler-exchange] 115/130: -preparations for long polling support, gnunet, 2021/11/17
- [taler-exchange] 110/130: misc TODOs for KYC left, gnunet, 2021/11/17