diff options
author | Christian Grothoff <christian@grothoff.org> | 2015-01-27 16:31:18 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2015-01-27 16:31:18 +0100 |
commit | 16817ef0d12ee1b51203f96b0dd3708c1dae3509 (patch) | |
tree | b9f9990e00f91b5b2d211416b4a05548cdc5b12d | |
parent | 2cda5ea7ee7e0e87b875ce54b483fdde86ed0dac (diff) | |
download | exchange-16817ef0d12ee1b51203f96b0dd3708c1dae3509.tar.gz exchange-16817ef0d12ee1b51203f96b0dd3708c1dae3509.zip |
implementing new link crypto API
-rw-r--r-- | src/include/taler_util.h | 14 | ||||
-rw-r--r-- | src/util/crypto.c | 93 |
2 files changed, 85 insertions, 22 deletions
diff --git a/src/include/taler_util.h b/src/include/taler_util.h index f1264d254..3c901b3fa 100644 --- a/src/include/taler_util.h +++ b/src/include/taler_util.h | |||
@@ -247,19 +247,21 @@ struct TALER_RefreshLinkEncrypted | |||
247 | { | 247 | { |
248 | 248 | ||
249 | /** | 249 | /** |
250 | * Encrypted private key of the coin. | 250 | * Encrypted blinding key with @e blinding_key_enc_size bytes, |
251 | * must be allocated at the end of this struct. | ||
251 | */ | 252 | */ |
252 | char [sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)] coin_priv_enc; | 253 | const char *blinding_key_enc; |
253 | 254 | ||
254 | /** | 255 | /** |
255 | * Encrypted blinding key with @e blinding_key_enc_size bytes. | 256 | * Number of bytes in @e blinding_key_enc. |
256 | */ | 257 | */ |
257 | char *blinding_key_enc; | 258 | size_t blinding_key_enc_size; |
258 | 259 | ||
259 | /** | 260 | /** |
260 | * Number of bytes in @e blinding_key_enc. | 261 | * Encrypted private key of the coin. |
261 | */ | 262 | */ |
262 | size_t blinding_key_enc_size; | 263 | char coin_priv_enc[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)]; |
264 | |||
263 | }; | 265 | }; |
264 | 266 | ||
265 | 267 | ||
diff --git a/src/util/crypto.c b/src/util/crypto.c index 7ff741159..b4a4a718b 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c | |||
@@ -83,36 +83,97 @@ derive_refresh_key (const struct GNUNET_HashCode *secret, | |||
83 | } | 83 | } |
84 | 84 | ||
85 | 85 | ||
86 | int | 86 | /** |
87 | TALER_refresh_decrypt (const void *input, | 87 | * Decrypt refresh link information. |
88 | size_t input_size, | 88 | * |
89 | const struct GNUNET_HashCode *secret, | 89 | * @param input encrypted refresh link data |
90 | void *result) | 90 | * @param secret shared secret to use for decryption |
91 | * @return NULL on error | ||
92 | */ | ||
93 | struct TALER_RefreshLinkDecrypted * | ||
94 | TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input, | ||
95 | const struct GNUNET_HashCode *secret) | ||
91 | { | 96 | { |
97 | struct TALER_RefreshLinkDecrypted *ret; | ||
92 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 98 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
93 | struct GNUNET_CRYPTO_SymmetricSessionKey skey; | 99 | struct GNUNET_CRYPTO_SymmetricSessionKey skey; |
100 | size_t buf_size = input->blinding_key_enc_size | ||
101 | + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey); | ||
102 | char buf[buf_size]; | ||
94 | 103 | ||
104 | GNUNET_assert (input->blinding_key_enc == (const char *) &input[1]); | ||
95 | derive_refresh_key (secret, &iv, &skey); | 105 | derive_refresh_key (secret, &iv, &skey); |
96 | 106 | if (GNUNET_OK != | |
97 | return GNUNET_CRYPTO_symmetric_decrypt (input, input_size, &skey, &iv, result); | 107 | GNUNET_CRYPTO_symmetric_decrypt (input->coin_priv_enc, |
108 | buf_size, | ||
109 | &skey, | ||
110 | &iv, | ||
111 | buf)) | ||
112 | return NULL; | ||
113 | ret = GNUNET_new (struct TALER_RefreshLinkDecrypted); | ||
114 | memcpy (&ret->coin_priv, | ||
115 | buf, | ||
116 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); | ||
117 | ret->blinding_key | ||
118 | = GNUNET_CRYPTO_rsa_blinding_key_decode (&buf[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)], | ||
119 | input->blinding_key_enc_size); | ||
120 | if (NULL == ret->blinding_key) | ||
121 | { | ||
122 | GNUNET_free (ret); | ||
123 | return NULL; | ||
124 | } | ||
125 | return ret; | ||
98 | } | 126 | } |
99 | 127 | ||
100 | 128 | ||
101 | int | 129 | /** |
102 | TALER_refresh_encrypt (const void *input, | 130 | * Encrypt refresh link information. |
103 | size_t input_size, | 131 | * |
104 | const struct GNUNET_HashCode *secret, | 132 | * @param input plaintext refresh link data |
105 | void *result) | 133 | * @param secret shared secret to use for encryption |
134 | * @return NULL on error (should never happen) | ||
135 | */ | ||
136 | struct TALER_RefreshLinkEncrypted * | ||
137 | TALER_refresh_encrypt (const struct TALER_RefreshLinkDecrypted *input, | ||
138 | const struct GNUNET_HashCode *secret) | ||
106 | { | 139 | { |
140 | char *b_buf; | ||
141 | size_t b_buf_size; | ||
107 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 142 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
108 | struct GNUNET_CRYPTO_SymmetricSessionKey skey; | 143 | struct GNUNET_CRYPTO_SymmetricSessionKey skey; |
144 | struct TALER_RefreshLinkEncrypted *ret; | ||
109 | 145 | ||
110 | derive_refresh_key (secret, &iv, &skey); | 146 | derive_refresh_key (secret, &iv, &skey); |
111 | 147 | b_buf_size = GNUNET_CRYPTO_rsa_blinding_key_encode (input->blinding_key, | |
112 | return GNUNET_CRYPTO_symmetric_encrypt (input, input_size, &skey, &iv, result); | 148 | &b_buf); |
149 | ret = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) + | ||
150 | b_buf_size); | ||
151 | ret->blinding_key_enc = (const char *) &ret[1]; | ||
152 | ret->blinding_key_enc_size = b_buf_size; | ||
153 | { | ||
154 | size_t buf_size = b_buf_size + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey); | ||
155 | char buf[buf_size]; | ||
156 | |||
157 | memcpy (buf, | ||
158 | &input->coin_priv, | ||
159 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); | ||
160 | memcpy (&buf[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)], | ||
161 | b_buf, | ||
162 | b_buf_size); | ||
163 | |||
164 | if (GNUNET_OK != | ||
165 | GNUNET_CRYPTO_symmetric_encrypt (buf, | ||
166 | buf_size, | ||
167 | &skey, | ||
168 | &iv, | ||
169 | ret->coin_priv_enc)) | ||
170 | { | ||
171 | GNUNET_free (ret); | ||
172 | return NULL; | ||
173 | } | ||
174 | } | ||
175 | return ret; | ||
113 | } | 176 | } |
114 | 177 | ||
115 | 178 | ||
116 | |||
117 | |||
118 | /* end of crypto.c */ | 179 | /* end of crypto.c */ |