[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] 02/37: CS planchet create and withdraw create
|
From: |
gnunet |
|
Subject: |
[taler-exchange] 02/37: CS planchet create and withdraw create |
|
Date: |
Fri, 04 Feb 2022 16:53:32 +0100 |
This is an automated email from the git hooks/post-receive script.
gian-demarmels pushed a commit to branch master
in repository exchange.
commit 385eb51e93e39842c0ccb2a6b12b87c66c7fbe26
Author: Gian Demarmels <gian@demarmels.org>
AuthorDate: Wed Dec 22 11:45:22 2021 +0100
CS planchet create and withdraw create
---
src/include/taler_crypto_lib.h | 39 ++++++++++++---
src/util/crypto.c | 108 ++++++++++++++++++++++++++++-------------
src/util/denom.c | 10 ++--
src/util/test_crypto.c | 15 ++++--
4 files changed, 120 insertions(+), 52 deletions(-)
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 2e0674fb..8e5df1fc 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -759,18 +759,12 @@ struct TALER_BlindedRsaPlanchet
*/
struct TALER_BlindedCsPlanchet
{
- /**
- * Withdraw or refresh nonce used for derivation
- */
- struct GNUNET_CRYPTO_CsNonce nonce;
-
/**
* The Clause Schnorr c_0 and c_1 containing the blinded message
*/
struct GNUNET_CRYPTO_CsC c[2];
};
-
/**
* @brief Type including Parameters to create blinded signature
*
@@ -800,6 +794,21 @@ struct TALER_BlindedPlanchet
} details;
};
+struct TALER_WithdrawNonce
+{
+ /**
+ * 32 bit nonce to include in withdrawals
+ */
+ struct GNUNET_CRYPTO_CsNonce nonce;
+};
+
+struct TALER_RefreshNonce
+{
+ /**
+ * 32 bit nonce to include in withdrawals
+ */
+ struct GNUNET_CRYPTO_CsNonce nonce;
+};
/**
* @brief RSA Parameters to create blinded messages
@@ -868,6 +877,11 @@ struct TALER_PlanchetDeriveCsBlindingSecrets
* size of the secret to derive blinding secrets from
*/
size_t secret_len;
+
+ /**
+ * public R_0 and R_1 are hashed too
+ */
+ struct GNUNET_CRYPTO_CsRPublic r_pub[2];
};
/**
@@ -938,6 +952,16 @@ struct TALER_TrackTransferDetails
void
TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub);
+/**
+ * @brief Method to generate withdraw nonce
+ *
+ * @param coin_priv private key of the coin
+ * @param nonce withdraw nonce included in the request to generate R_0 and R_1
+ */
+void
+TALER_cs_withdraw_nonce_derive (const struct
+ TALER_CoinSpendPrivateKeyP *coin_priv,
+ struct TALER_WithdrawNonce *nonce);
/**
* Create a blinding secret @a bs for @a cipher.
@@ -1397,8 +1421,7 @@ TALER_planchet_setup_refresh (const struct
TALER_TransferSecretP *secret_seed,
*/
void
TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps,
- enum TALER_DenominationCipher cipher,
- ...);
+ enum TALER_DenominationCipher cipher);
/**
diff --git a/src/util/crypto.c b/src/util/crypto.c
index a8413e0f..40c69b54 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -167,10 +167,53 @@ TALER_planchet_setup_refresh (const struct
TALER_TransferSecretP *secret_seed,
void
-blinding_secret_create_va (union TALER_DenominationBlindingKeyP *bs,
- enum TALER_DenominationCipher cipher,
- va_list ap)
+cs_blinding_seed_derive (const void *secret,
+ size_t secret_len,
+ const struct GNUNET_CRYPTO_CsRPublic r_pub[2],
+ struct GNUNET_CRYPTO_CsNonce *blind_seed)
{
+ GNUNET_assert (GNUNET_YES ==
+ GNUNET_CRYPTO_hkdf (blind_seed,
+ sizeof (*blind_seed),
+ GCRY_MD_SHA512,
+ GCRY_MD_SHA256,
+ "bseed",
+ strlen ("bseed"),
+ secret,
+ secret_len,
+ r_pub,
+ sizeof(struct GNUNET_CRYPTO_CsRPublic) *
2,
+ NULL,
+ 0));
+}
+
+
+void
+TALER_cs_withdraw_nonce_derive (const struct
+ TALER_CoinSpendPrivateKeyP *coin_priv,
+ struct TALER_WithdrawNonce *nonce)
+{
+ GNUNET_assert (GNUNET_YES ==
+ GNUNET_CRYPTO_hkdf (nonce,
+ sizeof (*nonce),
+ GCRY_MD_SHA512,
+ GCRY_MD_SHA256,
+ "n",
+ strlen ("n"),
+ coin_priv,
+ sizeof(*coin_priv),
+ NULL,
+ 0));
+}
+
+
+void
+TALER_blinding_secret_create (union TALER_DenominationBlindingKeyP *bs,
+ enum TALER_DenominationCipher cipher,
+ ...)
+{
+ va_list ap;
+ va_start (ap, cipher);
switch (cipher)
{
case TALER_DENOMINATION_INVALID:
@@ -184,51 +227,50 @@ blinding_secret_create_va (union
TALER_DenominationBlindingKeyP *bs,
return;
case TALER_DENOMINATION_CS:
{
- // TODO: nonce teil ist noch falsch. da kommt bs[2] zurück, was wir
nicht speichern wollen!
- struct TALER_PlanchetDeriveCsBlindingSecrets*seed;
-
- seed = va_arg (ap, struct TALER_PlanchetDeriveCsBlindingSecrets *);
-
- // GNUNET_CRYPTO_cs_blinding_secrets_derive(&seed->secret,
- // seed->secret_len,
- // &bs->nonce);
+ struct TALER_PlanchetDeriveCsBlindingSecrets *params;
+ params = va_arg (ap, struct TALER_PlanchetDeriveCsBlindingSecrets *);
+ cs_blinding_seed_derive (params->secret,
+ params->secret_len,
+ params->r_pub,
+ &bs->nonce);
return;
}
-
default:
GNUNET_break (0);
}
-
- GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
- bs,
- sizeof (*bs));
-}
-
-
-void
-TALER_blinding_secret_create (union TALER_DenominationBlindingKeyP *bs,
- enum TALER_DenominationCipher cipher,
- ...)
-{
- va_list ap;
- va_start (ap, cipher);
- blinding_secret_create_va (bs, cipher, ap);
va_end (ap);
}
+/**
+ * @brief setup a random planchet
+ * In Case of RSA planchet, the bks gets set
+ * In Case of Schnorr this will be set in future
+ */
void
TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps,
- enum TALER_DenominationCipher cipher,
- ...)
+ enum TALER_DenominationCipher cipher)
{
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&ps->coin_priv,
sizeof (struct TALER_CoinSpendPrivateKeyP));
- va_list ap;
- va_start (ap, cipher);
- blinding_secret_create_va (&ps->blinding_key, cipher, ap);
- va_end (ap);
+ switch (cipher)
+ {
+ case TALER_DENOMINATION_INVALID:
+ GNUNET_break (0);
+ return;
+ case TALER_DENOMINATION_RSA:
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
+ &ps->blinding_key.rsa_bks,
+ sizeof (struct
+ GNUNET_CRYPTO_RsaBlindingKeySecret));
+ return;
+ case TALER_DENOMINATION_CS:
+ // Will be set in a later stage for Clause Blind Schnorr Scheme
+ return;
+ default:
+ GNUNET_break (0);
+ }
}
diff --git a/src/util/denom.c b/src/util/denom.c
index bcfa3efa..6ff92e89 100644
--- a/src/util/denom.c
+++ b/src/util/denom.c
@@ -199,7 +199,10 @@ TALER_denom_pub_hash (const struct
TALER_DenominationPublicKey *denom_pub,
GNUNET_free (buf);
}
break;
- // TODO: add case for Clause-Schnorr
+ case TALER_DENOMINATION_CS:
+ GNUNET_CRYPTO_hash_context_read (hc,
+ &denom_pub->details.cs_public_key,
+ sizeof(denom_pub->details.cs_public_key));
default:
GNUNET_assert (0);
}
@@ -237,11 +240,6 @@ TALER_denom_blind (const struct
TALER_DenominationPublicKey *dk,
struct TALER_CoinPubHash *c_hash,
struct TALER_BlindedPlanchet *blinded_planchet)
{
- // if (dk->cipher != blinded_planchet->cipher)
- // {
- // GNUNET_break (0);
- // return GNUNET_SYSERR;
- // }
blinded_planchet->cipher = dk->cipher;
TALER_coin_pub_hash (coin_pub,
age_commitment_hash,
diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c
index 12f9e64c..a91536bf 100644
--- a/src/util/test_crypto.c
+++ b/src/util/test_crypto.c
@@ -141,13 +141,14 @@ test_planchets_rsa (void)
static int
test_planchets_cs (void)
{
- // struct TALER_PlanchetSecretsP ps;
+ struct TALER_PlanchetSecretsP ps;
struct TALER_DenominationPrivateKey dk_priv;
struct TALER_DenominationPublicKey dk_pub;
- // struct TALER_PlanchetDetail pd;
+ struct TALER_PlanchetDetail pd;
+ struct TALER_CoinPubHash c_hash;
+ struct TALER_WithdrawNonce nonce;
// struct TALER_BlindedDenominationSignature blind_sig;
// struct TALER_FreshCoin coin;
- // struct TALER_CoinPubHash c_hash;
// struct TALER_PlanchetDeriveCsBlindingSecrets seed;
GNUNET_assert (GNUNET_OK ==
@@ -158,8 +159,12 @@ test_planchets_cs (void)
// seed.secret = "test secret";
// seed.secret_len = strlen ("test secret");
- // TODO: Probably need to adjust GNUNET CS implementation for the CSNonce
creation and afterwards adjust the derive function
- // TALER_planchet_setup_random (&ps, TALER_DENOMINATION_CS, &seed);
+ TALER_planchet_setup_random (&ps, TALER_DENOMINATION_CS);
+ TALER_cs_withdraw_nonce_derive (&ps.coin_priv, &nonce);
+
+ // NEXT: Implement to create withdraw nonce
+ // Implement to get R_0 and R_1
+ // Implement to genrate b-seed from it and calculate c then§
// GNUNET_assert (GNUNET_OK ==
// TALER_planchet_prepare (&dk_pub,
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-exchange] branch master updated (0a459aeb -> a6778607), gnunet, 2022/02/04
- [taler-exchange] 03/37: added CS get R functionality and planchet setup, gnunet, 2022/02/04
- [taler-exchange] 01/37: added CS data structures, implemented CS keypair, gnunet, 2022/02/04
- [taler-exchange] 04/37: implemented planchet_prepare for CS, gnunet, 2022/02/04
- [taler-exchange] 05/37: sign_blinded implementation, gnunet, 2022/02/04
- [taler-exchange] 09/37: utility functions, gnunet, 2022/02/04
- [taler-exchange] 02/37: CS planchet create and withdraw create,
gnunet <=
- [taler-exchange] 12/37: fix const due to changes in TALER_planchet_prepare, gnunet, 2022/02/04
- [taler-exchange] 18/37: implement TALER_CRYPTO_helper_cs_r_derive and related tests, gnunet, 2022/02/04
- [taler-exchange] 06/37: add sign and verify implementation, gnunet, 2022/02/04
- [taler-exchange] 07/37: implement exchange_api_csr, gnunet, 2022/02/04
- [taler-exchange] 13/37: secmod cs signatures implementation, gnunet, 2022/02/04
- [taler-exchange] 11/37: clean up cs implementation, gnunet, 2022/02/04
- [taler-exchange] 16/37: revocation, gnunet, 2022/02/04
- [taler-exchange] 17/37: implement secmod cs derive R, gnunet, 2022/02/04
- [taler-exchange] 08/37: fixed CS signatures and cleanup/refactoring, gnunet, 2022/02/04
- [taler-exchange] 14/37: initial cs_secmod implementation, gnunet, 2022/02/04