aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-01-27 16:31:18 +0100
committerChristian Grothoff <christian@grothoff.org>2015-01-27 16:31:18 +0100
commit16817ef0d12ee1b51203f96b0dd3708c1dae3509 (patch)
treeb9f9990e00f91b5b2d211416b4a05548cdc5b12d
parent2cda5ea7ee7e0e87b875ce54b483fdde86ed0dac (diff)
downloadexchange-16817ef0d12ee1b51203f96b0dd3708c1dae3509.tar.gz
exchange-16817ef0d12ee1b51203f96b0dd3708c1dae3509.zip
implementing new link crypto API
-rw-r--r--src/include/taler_util.h14
-rw-r--r--src/util/crypto.c93
2 files changed, 85 insertions, 22 deletions
diff --git a/src/include/taler_util.h b/src/include/taler_util.h
index f1264d254..3c901b3fa 100644
--- a/src/include/taler_util.h
+++ b/src/include/taler_util.h
@@ -247,19 +247,21 @@ struct TALER_RefreshLinkEncrypted
247{ 247{
248 248
249 /** 249 /**
250 * Encrypted private key of the coin. 250 * Encrypted blinding key with @e blinding_key_enc_size bytes,
251 * must be allocated at the end of this struct.
251 */ 252 */
252 char [sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)] coin_priv_enc; 253 const char *blinding_key_enc;
253 254
254 /** 255 /**
255 * Encrypted blinding key with @e blinding_key_enc_size bytes. 256 * Number of bytes in @e blinding_key_enc.
256 */ 257 */
257 char *blinding_key_enc; 258 size_t blinding_key_enc_size;
258 259
259 /** 260 /**
260 * Number of bytes in @e blinding_key_enc. 261 * Encrypted private key of the coin.
261 */ 262 */
262 size_t blinding_key_enc_size; 263 char coin_priv_enc[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)];
264
263}; 265};
264 266
265 267
diff --git a/src/util/crypto.c b/src/util/crypto.c
index 7ff741159..b4a4a718b 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -83,36 +83,97 @@ derive_refresh_key (const struct GNUNET_HashCode *secret,
83} 83}
84 84
85 85
86int 86/**
87TALER_refresh_decrypt (const void *input, 87 * Decrypt refresh link information.
88 size_t input_size, 88 *
89 const struct GNUNET_HashCode *secret, 89 * @param input encrypted refresh link data
90 void *result) 90 * @param secret shared secret to use for decryption
91 * @return NULL on error
92 */
93struct TALER_RefreshLinkDecrypted *
94TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input,
95 const struct GNUNET_HashCode *secret)
91{ 96{
97 struct TALER_RefreshLinkDecrypted *ret;
92 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 98 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
93 struct GNUNET_CRYPTO_SymmetricSessionKey skey; 99 struct GNUNET_CRYPTO_SymmetricSessionKey skey;
100 size_t buf_size = input->blinding_key_enc_size
101 + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey);
102 char buf[buf_size];
94 103
104 GNUNET_assert (input->blinding_key_enc == (const char *) &input[1]);
95 derive_refresh_key (secret, &iv, &skey); 105 derive_refresh_key (secret, &iv, &skey);
96 106 if (GNUNET_OK !=
97 return GNUNET_CRYPTO_symmetric_decrypt (input, input_size, &skey, &iv, result); 107 GNUNET_CRYPTO_symmetric_decrypt (input->coin_priv_enc,
108 buf_size,
109 &skey,
110 &iv,
111 buf))
112 return NULL;
113 ret = GNUNET_new (struct TALER_RefreshLinkDecrypted);
114 memcpy (&ret->coin_priv,
115 buf,
116 sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
117 ret->blinding_key
118 = GNUNET_CRYPTO_rsa_blinding_key_decode (&buf[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)],
119 input->blinding_key_enc_size);
120 if (NULL == ret->blinding_key)
121 {
122 GNUNET_free (ret);
123 return NULL;
124 }
125 return ret;
98} 126}
99 127
100 128
101int 129/**
102TALER_refresh_encrypt (const void *input, 130 * Encrypt refresh link information.
103 size_t input_size, 131 *
104 const struct GNUNET_HashCode *secret, 132 * @param input plaintext refresh link data
105 void *result) 133 * @param secret shared secret to use for encryption
134 * @return NULL on error (should never happen)
135 */
136struct TALER_RefreshLinkEncrypted *
137TALER_refresh_encrypt (const struct TALER_RefreshLinkDecrypted *input,
138 const struct GNUNET_HashCode *secret)
106{ 139{
140 char *b_buf;
141 size_t b_buf_size;
107 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 142 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
108 struct GNUNET_CRYPTO_SymmetricSessionKey skey; 143 struct GNUNET_CRYPTO_SymmetricSessionKey skey;
144 struct TALER_RefreshLinkEncrypted *ret;
109 145
110 derive_refresh_key (secret, &iv, &skey); 146 derive_refresh_key (secret, &iv, &skey);
111 147 b_buf_size = GNUNET_CRYPTO_rsa_blinding_key_encode (input->blinding_key,
112 return GNUNET_CRYPTO_symmetric_encrypt (input, input_size, &skey, &iv, result); 148 &b_buf);
149 ret = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) +
150 b_buf_size);
151 ret->blinding_key_enc = (const char *) &ret[1];
152 ret->blinding_key_enc_size = b_buf_size;
153 {
154 size_t buf_size = b_buf_size + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey);
155 char buf[buf_size];
156
157 memcpy (buf,
158 &input->coin_priv,
159 sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
160 memcpy (&buf[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)],
161 b_buf,
162 b_buf_size);
163
164 if (GNUNET_OK !=
165 GNUNET_CRYPTO_symmetric_encrypt (buf,
166 buf_size,
167 &skey,
168 &iv,
169 ret->coin_priv_enc))
170 {
171 GNUNET_free (ret);
172 return NULL;
173 }
174 }
175 return ret;
113} 176}
114 177
115 178
116
117
118/* end of crypto.c */ 179/* end of crypto.c */