summaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
authorChristian Grothoff <grothoff@gnunet.org>2023-10-25 22:54:20 +0200
committerChristian Grothoff <grothoff@gnunet.org>2023-10-25 22:54:20 +0200
commit82d7d87cc3946a01bfed221c7da0fb9ef2c18eb1 (patch)
treef0d3cb66869650e7dc1a5bc3a197c5f05636cf3e /src/util
parentbc74ed7c2eb54820a58cf832cb7aa83b1b331458 (diff)
downloadexchange-82d7d87cc3946a01bfed221c7da0fb9ef2c18eb1.tar.gz
exchange-82d7d87cc3946a01bfed221c7da0fb9ef2c18eb1.tar.bz2
exchange-82d7d87cc3946a01bfed221c7da0fb9ef2c18eb1.zip
new blind signing code builds
Diffstat (limited to 'src/util')
-rw-r--r--src/util/crypto.c39
-rw-r--r--src/util/crypto_helper_cs.c61
-rw-r--r--src/util/crypto_helper_rsa.c47
-rw-r--r--src/util/denom.c641
-rw-r--r--src/util/taler-exchange-secmod-cs.c67
-rw-r--r--src/util/taler-exchange-secmod-cs.h18
-rw-r--r--src/util/taler-exchange-secmod-rsa.c37
-rw-r--r--src/util/test_crypto.c93
-rw-r--r--src/util/test_helper_cs.c122
-rw-r--r--src/util/test_helper_rsa.c106
-rw-r--r--src/util/wallet_signatures.c10
11 files changed, 463 insertions, 778 deletions
diff --git a/src/util/crypto.c b/src/util/crypto.c
index caa5a1223..8d53f542a 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -214,7 +214,7 @@ TALER_planchet_secret_to_transfer_priv (
void
TALER_cs_withdraw_nonce_derive (
const struct TALER_PlanchetMasterSecretP *ps,
- struct TALER_CsNonce *nonce)
+ struct GNUNET_CRYPTO_CsSessionNonce *nonce)
{
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_kdf (nonce,
@@ -232,7 +232,7 @@ void
TALER_cs_refresh_nonce_derive (
const struct TALER_RefreshMasterSecretP *rms,
uint32_t coin_num_salt,
- struct TALER_CsNonce *nonce)
+ struct GNUNET_CRYPTO_CsSessionNonce *nonce)
{
uint32_t be_salt = htonl (coin_num_salt);
@@ -250,10 +250,31 @@ TALER_cs_refresh_nonce_derive (
}
+void
+TALER_rsa_pub_hash (const struct GNUNET_CRYPTO_RsaPublicKey *rsa,
+ struct TALER_RsaPubHashP *h_rsa)
+{
+ GNUNET_CRYPTO_rsa_public_key_hash (rsa,
+ &h_rsa->hash);
+
+}
+
+
+void
+TALER_cs_pub_hash (const struct GNUNET_CRYPTO_CsPublicKey *cs,
+ struct TALER_CsPubHashP *h_cs)
+{
+ GNUNET_CRYPTO_hash (cs,
+ sizeof(*cs),
+ &h_cs->hash);
+}
+
+
enum GNUNET_GenericReturnValue
TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
const struct TALER_ExchangeWithdrawValues *alg_values,
- const union TALER_DenominationBlindingKeyP *bks,
+ const union GNUNET_CRYPTO_BlindingSecretP *bks,
+ const union GNUNET_CRYPTO_BlindSessionNonce *nonce,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
const struct TALER_AgeCommitmentHash *ach,
struct TALER_CoinPubHashP *c_hash,
@@ -262,12 +283,14 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
{
struct TALER_CoinSpendPublicKeyP coin_pub;
- GNUNET_assert (alg_values->cipher == dk->cipher);
+ GNUNET_assert (alg_values->blinding_inputs->cipher ==
+ dk->bsign_pub_key->cipher);
GNUNET_CRYPTO_eddsa_key_get_public (&coin_priv->eddsa_priv,
&coin_pub.eddsa_pub);
if (GNUNET_OK !=
TALER_denom_blind (dk,
bks,
+ nonce,
ach,
&coin_pub,
alg_values,
@@ -294,15 +317,17 @@ enum GNUNET_GenericReturnValue
TALER_planchet_to_coin (
const struct TALER_DenominationPublicKey *dk,
const struct TALER_BlindedDenominationSignature *blind_sig,
- const union TALER_DenominationBlindingKeyP *bks,
+ const union GNUNET_CRYPTO_BlindingSecretP *bks,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
const struct TALER_AgeCommitmentHash *ach,
const struct TALER_CoinPubHashP *c_hash,
const struct TALER_ExchangeWithdrawValues *alg_values,
struct TALER_FreshCoin *coin)
{
- if ( (dk->cipher != blind_sig->cipher) ||
- (dk->cipher != alg_values->cipher) )
+ if ( (dk->bsign_pub_key->cipher !=
+ blind_sig->blinded_sig->cipher) ||
+ (dk->bsign_pub_key->cipher !=
+ alg_values->blinding_inputs->cipher) )
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
diff --git a/src/util/crypto_helper_cs.c b/src/util/crypto_helper_cs.c
index 5f7d3d6f9..dae0b6fc6 100644
--- a/src/util/crypto_helper_cs.c
+++ b/src/util/crypto_helper_cs.c
@@ -201,13 +201,18 @@ handle_mt_avail (struct TALER_CRYPTO_CsDenominationHelper *dh,
}
{
- struct TALER_DenominationPublicKey denom_pub;
+ struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub;
struct TALER_CsPubHashP h_cs;
- denom_pub.cipher = TALER_DENOMINATION_CS;
- denom_pub.details.cs_public_key = kan->denom_pub;
+ bsign_pub = GNUNET_new (struct GNUNET_CRYPTO_BlindSignPublicKey);
+ bsign_pub->cipher = GNUNET_CRYPTO_BSA_CS;
+ bsign_pub->rc = 1;
+ bsign_pub->details.cs_public_key = kan->denom_pub;
- TALER_cs_pub_hash (&denom_pub.details.cs_public_key, &h_cs);
+ GNUNET_CRYPTO_hash (&bsign_pub->details.cs_public_key,
+ sizeof (bsign_pub->details.cs_public_key),
+ &bsign_pub->pub_key_hash);
+ h_cs.hash = bsign_pub->pub_key_hash;
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Received CS key %s (%s)\n",
GNUNET_h2s (&h_cs.hash),
@@ -222,7 +227,7 @@ handle_mt_avail (struct TALER_CRYPTO_CsDenominationHelper *dh,
&kan->secm_sig))
{
GNUNET_break_op (0);
- TALER_denom_pub_free (&denom_pub);
+ GNUNET_CRYPTO_blind_sign_pub_decref (bsign_pub);
return GNUNET_SYSERR;
}
dh->dkc (dh->dkc_cls,
@@ -230,10 +235,10 @@ handle_mt_avail (struct TALER_CRYPTO_CsDenominationHelper *dh,
GNUNET_TIME_timestamp_ntoh (kan->anchor_time),
GNUNET_TIME_relative_ntoh (kan->duration_withdraw),
&h_cs,
- &denom_pub,
+ bsign_pub,
&kan->secm_pub,
&kan->secm_sig);
- TALER_denom_pub_free (&denom_pub);
+ GNUNET_CRYPTO_blind_sign_pub_decref (bsign_pub);
}
return GNUNET_OK;
}
@@ -387,10 +392,10 @@ TALER_CRYPTO_helper_cs_sign (
{
enum TALER_ErrorCode ec = TALER_EC_INVALID;
const struct TALER_CsPubHashP *h_cs = req->h_cs;
- const struct TALER_BlindedCsPlanchet *blinded_planchet =
- req->blinded_planchet;
- bs->cipher = TALER_DENOMINATION_INVALID;
+ memset (bs,
+ 0,
+ sizeof (*bs));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Starting signature process\n");
if (GNUNET_OK !=
@@ -412,7 +417,7 @@ TALER_CRYPTO_helper_cs_sign (
sr->header.type = htons (TALER_HELPER_CS_MT_REQ_SIGN);
sr->for_melt = htonl (for_melt ? 1 : 0);
sr->h_cs = *h_cs;
- sr->planchet = *blinded_planchet;
+ sr->message = *req->blinded_planchet;
if (GNUNET_OK !=
TALER_crypto_helper_send_all (dh->sock,
buf,
@@ -495,13 +500,18 @@ more:
{
const struct TALER_CRYPTO_SignResponse *sr =
(const struct TALER_CRYPTO_SignResponse *) buf;
+ struct GNUNET_CRYPTO_BlindedSignature *blinded_sig;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Received signature\n");
ec = TALER_EC_NONE;
finished = true;
- bs->cipher = TALER_DENOMINATION_CS;
- bs->details.blinded_cs_answer = sr->cs_answer;
+ blinded_sig = GNUNET_new (struct GNUNET_CRYPTO_BlindedSignature);
+ blinded_sig->cipher = GNUNET_CRYPTO_BSA_CS;
+ blinded_sig->rc = 1;
+ blinded_sig->details.blinded_cs_answer.b = ntohl (sr->b);
+ blinded_sig->details.blinded_cs_answer.s_scalar = sr->cs_answer;
+ bs->blinded_sig = blinded_sig;
break;
}
case TALER_HELPER_CS_MT_RES_SIGN_FAILURE:
@@ -611,11 +621,11 @@ enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CRYPTO_CsDeriveRequest *cdr,
bool for_melt,
- struct TALER_DenominationCSPublicRPairP *crp)
+ struct GNUNET_CRYPTO_CSPublicRPairP *crp)
{
enum TALER_ErrorCode ec = TALER_EC_INVALID;
const struct TALER_CsPubHashP *h_cs = cdr->h_cs;
- const struct TALER_CsNonce *nonce = cdr->nonce;
+ const struct GNUNET_CRYPTO_CsSessionNonce *nonce = cdr->nonce;
memset (crp,
0,
@@ -795,10 +805,10 @@ more:
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_batch_sign (
struct TALER_CRYPTO_CsDenominationHelper *dh,
- const struct TALER_CRYPTO_CsSignRequest *reqs,
unsigned int reqs_length,
+ const struct TALER_CRYPTO_CsSignRequest reqs[static reqs_length],
bool for_melt,
- struct TALER_BlindedDenominationSignature *bss)
+ struct TALER_BlindedDenominationSignature bss[static reqs_length])
{
enum TALER_ErrorCode ec = TALER_EC_INVALID;
unsigned int rpos;
@@ -854,7 +864,7 @@ TALER_CRYPTO_helper_cs_batch_sign (
csm->header.type = htons (TALER_HELPER_CS_MT_REQ_SIGN);
csm->for_melt = htonl (for_melt ? 1 : 0);
csm->h_cs = *csr->h_cs;
- csm->planchet = *csr->blinded_planchet;
+ csm->message = *csr->blinded_planchet;
wbuf += sizeof (*csm);
}
GNUNET_assert (wbuf == &obuf[mlen]);
@@ -945,12 +955,17 @@ more:
{
const struct TALER_CRYPTO_SignResponse *sr =
(const struct TALER_CRYPTO_SignResponse *) buf;
-
+ struct GNUNET_CRYPTO_BlindedSignature *blinded_sig;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Received %u signature\n",
wpos);
- bss[wpos].cipher = TALER_DENOMINATION_CS;
- bss[wpos].details.blinded_cs_answer = sr->cs_answer;
+ blinded_sig = GNUNET_new (struct GNUNET_CRYPTO_BlindedSignature);
+ blinded_sig->cipher = GNUNET_CRYPTO_BSA_CS;
+ blinded_sig->rc = 1;
+ blinded_sig->details.blinded_cs_answer.b = ntohl (sr->b);
+ blinded_sig->details.blinded_cs_answer.s_scalar = sr->cs_answer;
+
+ bss[wpos].blinded_sig = blinded_sig;
wpos++;
if (wpos == rend)
{
@@ -1040,10 +1055,10 @@ more:
enum TALER_ErrorCode
TALER_CRYPTO_helper_cs_r_batch_derive (
struct TALER_CRYPTO_CsDenominationHelper *dh,
- const struct TALER_CRYPTO_CsDeriveRequest *cdrs,
unsigned int cdrs_length,
+ const struct TALER_CRYPTO_CsDeriveRequest cdrs[static cdrs_length],
bool for_melt,
- struct TALER_DenominationCSPublicRPairP *crps)
+ struct GNUNET_CRYPTO_CSPublicRPairP crps[static cdrs_length])
{
enum TALER_ErrorCode ec = TALER_EC_INVALID;
unsigned int rpos;
diff --git a/src/util/crypto_helper_rsa.c b/src/util/crypto_helper_rsa.c
index 4098a846b..7dd584aaf 100644
--- a/src/util/crypto_helper_rsa.c
+++ b/src/util/crypto_helper_rsa.c
@@ -203,23 +203,27 @@ handle_mt_avail (struct TALER_CRYPTO_RsaDenominationHelper *dh,
}
{
- struct TALER_DenominationPublicKey denom_pub;
+ struct GNUNET_CRYPTO_BlindSignPublicKey *bs_pub;
struct TALER_RsaPubHashP h_rsa;
- denom_pub.cipher = TALER_DENOMINATION_RSA;
- denom_pub.details.rsa_public_key
+ bs_pub = GNUNET_new (struct GNUNET_CRYPTO_BlindSignPublicKey);
+ bs_pub->cipher = GNUNET_CRYPTO_BSA_RSA;
+ bs_pub->details.rsa_public_key
= GNUNET_CRYPTO_rsa_public_key_decode (buf,
ntohs (kan->pub_size));
- if (NULL == denom_pub.details.rsa_public_key)
+ if (NULL == bs_pub->details.rsa_public_key)
{
GNUNET_break_op (0);
+ GNUNET_free (bs_pub);
return GNUNET_SYSERR;
}
- GNUNET_CRYPTO_rsa_public_key_hash (denom_pub.details.rsa_public_key,
- &h_rsa.hash);
+ bs_pub->rc = 1;
+ GNUNET_CRYPTO_rsa_public_key_hash (bs_pub->details.rsa_public_key,
+ &bs_pub->pub_key_hash);
+ h_rsa.hash = bs_pub->pub_key_hash;
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Received RSA key %s (%s)\n",
- GNUNET_h2s (&h_rsa.hash),
+ GNUNET_h2s (&bs_pub->pub_key_hash),
section_name);
if (GNUNET_OK !=
TALER_exchange_secmod_rsa_verify (
@@ -231,7 +235,7 @@ handle_mt_avail (struct TALER_CRYPTO_RsaDenominationHelper *dh,
&kan->secm_sig))
{
GNUNET_break_op (0);
- TALER_denom_pub_free (&denom_pub);
+ GNUNET_CRYPTO_blind_sign_pub_decref (bs_pub);
return GNUNET_SYSERR;
}
dh->dkc (dh->dkc_cls,
@@ -239,10 +243,10 @@ handle_mt_avail (struct TALER_CRYPTO_RsaDenominationHelper *dh,
GNUNET_TIME_timestamp_ntoh (kan->anchor_time),
GNUNET_TIME_relative_ntoh (kan->duration_withdraw),
&h_rsa,
- &denom_pub,
+ bs_pub,
&kan->secm_pub,
&kan->secm_sig);
- TALER_denom_pub_free (&denom_pub);
+ GNUNET_CRYPTO_blind_sign_pub_decref (bs_pub);
}
return GNUNET_OK;
}
@@ -395,7 +399,9 @@ TALER_CRYPTO_helper_rsa_sign (
{
enum TALER_ErrorCode ec = TALER_EC_INVALID;
- bs->cipher = TALER_DENOMINATION_INVALID;
+ memset (bs,
+ 0,
+ sizeof (*bs));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Starting signature process\n");
if (GNUNET_OK !=
@@ -503,6 +509,7 @@ more:
const struct TALER_CRYPTO_SignResponse *sr =
(const struct TALER_CRYPTO_SignResponse *) buf;
struct GNUNET_CRYPTO_RsaSignature *rsa_signature;
+ struct GNUNET_CRYPTO_BlindedSignature *blind_sig;
rsa_signature = GNUNET_CRYPTO_rsa_signature_decode (
&sr[1],
@@ -518,8 +525,11 @@ more:
"Received signature\n");
ec = TALER_EC_NONE;
finished = true;
- bs->cipher = TALER_DENOMINATION_RSA;
- bs->details.blinded_rsa_signature = rsa_signature;
+ blind_sig = GNUNET_new (struct GNUNET_CRYPTO_BlindedSignature);
+ blind_sig->cipher = GNUNET_CRYPTO_BSA_RSA;
+ blind_sig->rc = 1;
+ blind_sig->details.blinded_rsa_signature = rsa_signature;
+ bs->blinded_sig = blind_sig;
break;
}
case TALER_HELPER_RSA_MT_RES_SIGN_FAILURE:
@@ -597,9 +607,9 @@ end:
enum TALER_ErrorCode
TALER_CRYPTO_helper_rsa_batch_sign (
struct TALER_CRYPTO_RsaDenominationHelper *dh,
- const struct TALER_CRYPTO_RsaSignRequest *rsrs,
unsigned int rsrs_length,
- struct TALER_BlindedDenominationSignature *bss)
+ const struct TALER_CRYPTO_RsaSignRequest rsrs[static rsrs_length],
+ struct TALER_BlindedDenominationSignature bss[static rsrs_length])
{
enum TALER_ErrorCode ec = TALER_EC_INVALID;
unsigned int rpos;
@@ -750,6 +760,7 @@ more:
const struct TALER_CRYPTO_SignResponse *sr =
(const struct TALER_CRYPTO_SignResponse *) buf;
struct GNUNET_CRYPTO_RsaSignature *rsa_signature;
+ struct GNUNET_CRYPTO_BlindedSignature *blind_sig;
rsa_signature = GNUNET_CRYPTO_rsa_signature_decode (
&sr[1],
@@ -763,8 +774,10 @@ more:
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Received %u signature\n",
wpos);
- bss[wpos].cipher = TALER_DENOMINATION_RSA;
- bss[wpos].details.blinded_rsa_signature = rsa_signature;
+ blind_sig = GNUNET_new (struct GNUNET_CRYPTO_BlindedSignature);
+ blind_sig->cipher = GNUNET_CRYPTO_BSA_RSA;
+ blind_sig->details.blinded_rsa_signature = rsa_signature;
+ bss[wpos].blinded_sig = blind_sig;
wpos++;
if (wpos == rend)
{
diff --git a/src/util/denom.c b/src/util/denom.c
index c1c3cdf5a..20ee8c00e 100644
--- a/src/util/denom.c
+++ b/src/util/denom.c
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- Copyright (C) 2021, 2022 Taler Systems SA
+ Copyright (C) 2021, 2022, 2023 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
@@ -25,60 +25,21 @@
enum GNUNET_GenericReturnValue
TALER_denom_priv_create (struct TALER_DenominationPrivateKey *denom_priv,
struct TALER_DenominationPublicKey *denom_pub,
- enum TALER_DenominationCipher cipher,
+ enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher,
...)
{
- memset (denom_priv,
- 0,
- sizeof (*denom_priv));
- memset (denom_pub,
- 0,
- sizeof (*denom_pub));
-
- switch (cipher)
- {
- case TALER_DENOMINATION_INVALID:
- GNUNET_break (0);
- return GNUNET_SYSERR;
- case TALER_DENOMINATION_RSA:
- {
- va_list ap;
- unsigned int bits;
-
- va_start (ap, cipher);
- bits = va_arg (ap, unsigned int);
- va_end (ap);
- if (bits < 512)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- denom_priv->details.rsa_private_key
- = GNUNET_CRYPTO_rsa_private_key_create (bits);
- }
- if (NULL == denom_priv->details.rsa_private_key)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- denom_pub->details.rsa_public_key
- = GNUNET_CRYPTO_rsa_private_key_get_public (
- denom_priv->details.rsa_private_key);
- denom_priv->cipher = TALER_DENOMINATION_RSA;
- denom_pub->cipher = TALER_DENOMINATION_RSA;
- return GNUNET_OK;
- case TALER_DENOMINATION_CS:
- GNUNET_CRYPTO_cs_private_key_generate (&denom_priv->details.cs_private_key);
- GNUNET_CRYPTO_cs_private_key_get_public (
- &denom_priv->details.cs_private_key,
- &denom_pub->details.cs_public_key);
- denom_priv->cipher = TALER_DENOMINATION_CS;
- denom_pub->cipher = TALER_DENOMINATION_CS;
- return GNUNET_OK;
- default:
- GNUNET_break (0);
- }
- return GNUNET_SYSERR;
+ enum GNUNET_GenericReturnValue ret;
+ va_list ap;
+
+ va_start (ap,
+ cipher);
+ ret = GNUNET_CRYPTO_blind_sign_keys_create_va (
+ &denom_priv->bsign_priv_key,
+ &denom_pub->bsign_pub_key,
+ cipher,
+ ap);
+ va_end (ap);
+ return ret;
}
@@ -88,57 +49,13 @@ TALER_denom_sign_blinded (struct TALER_BlindedDenominationSignature *denom_sig,
bool for_melt,
const struct TALER_BlindedPlanchet *blinded_planchet)
{
- memset (denom_sig,
- 0,
- sizeof (*denom_sig));
- if (blinded_planchet->cipher != denom_priv->cipher)
- {
- GNUNET_break (0);
+ denom_sig->blinded_sig
+ = GNUNET_CRYPTO_blind_sign (denom_priv->bsign_priv_key,
+ for_melt ? "rm" : "rw",
+ blinded_planchet->blinded_message);
+ if (NULL == denom_sig->blinded_sig)
return GNUNET_SYSERR;
- }
- switch (denom_priv->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- GNUNET_break (0);
- return GNUNET_SYSERR;
- case TALER_DENOMINATION_RSA:
- denom_sig->details.blinded_rsa_signature
- = GNUNET_CRYPTO_rsa_sign_blinded (
- denom_priv->details.rsa_private_key,
- blinded_planchet->details.rsa_blinded_planchet.blinded_msg,
- blinded_planchet->details.rsa_blinded_planchet.blinded_msg_size);
- if (NULL == denom_sig->details.blinded_rsa_signature)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- denom_sig->cipher = TALER_DENOMINATION_RSA;
- return GNUNET_OK;
- case TALER_DENOMINATION_CS:
- {
- struct GNUNET_CRYPTO_CsRSecret r[2];
-
- GNUNET_CRYPTO_cs_r_derive (
- &blinded_planchet->details.cs_blinded_planchet.nonce.nonce,
- for_melt ? "rm" : "rw",
- &denom_priv->details.cs_private_key,
- r);
- denom_sig->details.blinded_cs_answer.b =
- GNUNET_CRYPTO_cs_sign_derive (&denom_priv->details.cs_private_key,
- r,
- blinded_planchet->details.
- cs_blinded_planchet.c,
- &blinded_planchet->details.
- cs_blinded_planchet.nonce.nonce,
- &denom_sig->details.blinded_cs_answer.
- s_scalar);
- denom_sig->cipher = TALER_DENOMINATION_CS;
- }
- return GNUNET_OK;
- default:
- GNUNET_break (0);
- }
- return GNUNET_SYSERR;
+ return GNUNET_OK;
}
@@ -146,82 +63,21 @@ enum GNUNET_GenericReturnValue
TALER_denom_sig_unblind (
struct TALER_DenominationSignature *denom_sig,
const struct TALER_BlindedDenominationSignature *bdenom_sig,
- const union TALER_DenominationBlindingKeyP *bks,
+ const union GNUNET_CRYPTO_BlindingSecretP *bks,
const struct TALER_CoinPubHashP *c_hash,
const struct TALER_ExchangeWithdrawValues *alg_values,
const struct TALER_DenominationPublicKey *denom_pub)
{
- if (bdenom_sig->cipher != denom_pub->cipher)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- switch (denom_pub->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- GNUNET_break (0);
+ denom_sig->unblinded_sig
+ = GNUNET_CRYPTO_blind_sig_unblind (bdenom_sig->blinded_sig,
+ bks,
+ c_hash,
+ sizeof (*c_hash),
+ alg_values->blinding_inputs,
+ denom_pub->bsign_pub_key);
+ if (NULL == denom_sig->unblinded_sig)
return GNUNET_SYSERR;
- case TALER_DENOMINATION_RSA:
- denom_sig->details.rsa_signature
- = GNUNET_CRYPTO_rsa_unblind (
- bdenom_sig->details.blinded_rsa_signature,
- &bks->rsa_bks,
- denom_pub->details.rsa_public_key);
- if (NULL == denom_sig->details.rsa_signature)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- denom_sig->cipher = TALER_DENOMINATION_RSA;
- return GNUNET_OK;
- case TALER_DENOMINATION_CS:
- {
- struct GNUNET_CRYPTO_CsBlindingSecret bs[2];
- struct GNUNET_CRYPTO_CsC c[2];
- struct TALER_DenominationCSPublicRPairP r_pub_blind;
-
- GNUNET_CRYPTO_cs_blinding_secrets_derive (&bks->nonce,
- bs);
- GNUNET_CRYPTO_cs_calc_blinded_c (
- bs,
- alg_values->details.cs_values.r_pub,
- &denom_pub->details.cs_public_key,
- &c_hash->hash,
- sizeof(struct GNUNET_HashCode),
- c,
- r_pub_blind.r_pub);
- denom_sig->details.cs_signature.r_point
- = r_pub_blind.r_pub[bdenom_sig->details.blinded_cs_answer.b];
- GNUNET_CRYPTO_cs_unblind (&bdenom_sig->details.blinded_cs_answer.s_scalar,
- &bs[bdenom_sig->details.blinded_cs_answer.b],
- &denom_sig->details.cs_signature.s_scalar);
- denom_sig->cipher = TALER_DENOMINATION_CS;
- return GNUNET_OK;
- }
- default:
- GNUNET_break (0);
- }
- return GNUNET_SYSERR;
-}
-
-
-void
-TALER_rsa_pub_hash (const struct GNUNET_CRYPTO_RsaPublicKey *rsa,
- struct TALER_RsaPubHashP *h_rsa)
-{
- GNUNET_CRYPTO_rsa_public_key_hash (rsa,
- &h_rsa->hash);
-
-}
-
-
-void
-TALER_cs_pub_hash (const struct GNUNET_CRYPTO_CsPublicKey *cs,
- struct TALER_CsPubHashP *h_cs)
-{
- GNUNET_CRYPTO_hash (cs,
- sizeof(*cs),
- &h_cs->hash);
+ return GNUNET_OK;
}
@@ -229,9 +85,11 @@ void
TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub,
struct TALER_DenominationHashP *denom_hash)
{
+ struct GNUNET_CRYPTO_BlindSignPublicKey *bsp
+ = denom_pub->bsign_pub_key;
uint32_t opt[2] = {
htonl (denom_pub->age_mask.bits),
- htonl ((uint32_t) denom_pub->cipher)
+ htonl ((uint32_t) bsp->cipher)
};
struct GNUNET_HashContext *hc;
@@ -239,15 +97,15 @@ TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub,
GNUNET_CRYPTO_hash_context_read (hc,
opt,
sizeof (opt));
- switch (denom_pub->cipher)
+ switch (bsp->cipher)
{
- case TALER_DENOMINATION_RSA:
+ case GNUNET_CRYPTO_BSA_RSA:
{
void *buf;
size_t blen;
blen = GNUNET_CRYPTO_rsa_public_key_encode (
- denom_pub->details.rsa_public_key,
+ bsp->details.rsa_public_key,
&buf);
GNUNET_CRYPTO_hash_context_read (hc,
buf,
@@ -255,10 +113,10 @@ TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub,
GNUNET_free (buf);
}
break;
- case TALER_DENOMINATION_CS:
+ case GNUNET_CRYPTO_BSA_CS:
GNUNET_CRYPTO_hash_context_read (hc,
- &denom_pub->details.cs_public_key,
- sizeof(denom_pub->details.cs_public_key));
+ &bsp->details.cs_public_key,
+ sizeof(bsp->details.cs_public_key));
break;
default:
GNUNET_assert (0);
@@ -268,37 +126,24 @@ TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub,
}
-void
-TALER_denom_priv_to_pub (const struct TALER_DenominationPrivateKey *denom_priv,
- const struct TALER_AgeMask age_mask,
- struct TALER_DenominationPublicKey *denom_pub)
+const struct TALER_ExchangeWithdrawValues *
+TALER_denom_ewv_rsa_singleton ()
{
- switch (denom_priv->cipher)
- {
- case TALER_DENOMINATION_RSA:
- denom_pub->cipher = TALER_DENOMINATION_RSA;
- denom_pub->age_mask = age_mask;
- denom_pub->details.rsa_public_key
- = GNUNET_CRYPTO_rsa_private_key_get_public (
- denom_priv->details.rsa_private_key);
- return;
- case TALER_DENOMINATION_CS:
- denom_pub->cipher = TALER_DENOMINATION_CS;
- denom_pub->age_mask = age_mask;
- GNUNET_CRYPTO_cs_private_key_get_public (
- &denom_priv->details.cs_private_key,
- &denom_pub->details.cs_public_key);
- return;
- default:
- GNUNET_assert (0);
- }
+ static struct GNUNET_CRYPTO_BlindingInputValues bi = {
+ .cipher = GNUNET_CRYPTO_BSA_RSA
+ };
+ static struct TALER_ExchangeWithdrawValues alg_values = {
+ .blinding_inputs = &bi
+ };
+ return &alg_values;
}
enum GNUNET_GenericReturnValue
TALER_denom_blind (
const struct TALER_DenominationPublicKey *dk,
- const union TALER_DenominationBlindingKeyP *coin_bks,
+ const union GNUNET_CRYPTO_BlindingSecretP *coin_bks,
+ const union GNUNET_CRYPTO_BlindSessionNonce *nonce,
const struct TALER_AgeCommitmentHash *ach,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_ExchangeWithdrawValues *alg_values,
@@ -308,44 +153,16 @@ TALER_denom_blind (
TALER_coin_pub_hash (coin_pub,
ach,
c_hash);
- switch (dk->cipher)
- {
- case TALER_DENOMINATION_RSA:
- blinded_planchet->cipher = dk->cipher;
- if (GNUNET_YES !=
- GNUNET_CRYPTO_rsa_blind (
- &c_hash->hash,
- &coin_bks->rsa_bks,
- dk->details.rsa_public_key,
- &blinded_planchet->details.rsa_blinded_planchet.blinded_msg,
- &blinded_planchet->details.rsa_blinded_planchet.blinded_msg_size))
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- return GNUNET_OK;
- case TALER_DENOMINATION_CS:
- {
- struct TALER_DenominationCSPublicRPairP blinded_r_pub;
- struct GNUNET_CRYPTO_CsBlindingSecret bs[2];
-
- blinded_planchet->cipher = TALER_DENOMINATION_CS;
- GNUNET_CRYPTO_cs_blinding_secrets_derive (&coin_bks->nonce,
- bs);
- GNUNET_CRYPTO_cs_calc_blinded_c (
- bs,
- alg_values->details.cs_values.r_pub,
- &dk->details.cs_public_key,
- c_hash,
- sizeof(*c_hash),
- blinded_planchet->details.cs_blinded_planchet.c,
- blinded_r_pub.r_pub);
- return GNUNET_OK;
- }
- default:
- GNUNET_break (0);
+ blinded_planchet->blinded_message
+ = GNUNET_CRYPTO_message_blind_to_sign (dk->bsign_pub_key,
+ coin_bks,
+ nonce,
+ c_hash,
+ sizeof (*c_hash),
+ alg_values->blinding_inputs);
+ if (NULL == blinded_planchet->blinded_message)
return GNUNET_SYSERR;
- }
+ return GNUNET_OK;
}
@@ -354,111 +171,34 @@ TALER_denom_pub_verify (const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_DenominationSignature *denom_sig,
const struct TALER_CoinPubHashP *c_hash)
{
- if (denom_pub->cipher != denom_sig->cipher)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- switch (denom_pub->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- GNUNET_break (0);
- return GNUNET_NO;
- case TALER_DENOMINATION_RSA:
- if (GNUNET_OK !=
- GNUNET_CRYPTO_rsa_verify (&c_hash->hash,
- denom_sig->details.rsa_signature,
- denom_pub->details.rsa_public_key))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Coin signature is invalid\n");
- return GNUNET_NO;
- }
- return GNUNET_YES;
- case TALER_DENOMINATION_CS:
- if (GNUNET_OK !=
- GNUNET_CRYPTO_cs_verify (&denom_sig->details.cs_signature,
- &denom_pub->details.cs_public_key,
- &c_hash->hash,
- sizeof(struct GNUNET_HashCode)))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Coin signature is invalid\n");
- return GNUNET_NO;
- }
- return GNUNET_YES;
- default:
- GNUNET_assert (0);
- }
+ return GNUNET_CRYPTO_blind_sig_verify (denom_pub->bsign_pub_key,
+ denom_sig->unblinded_sig,
+ c_hash,
+ sizeof (*c_hash));
}
void
TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub)
{
- switch (denom_pub->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- return;
- case TALER_DENOMINATION_RSA:
- if (NULL != denom_pub->details.rsa_public_key)
- {
- GNUNET_CRYPTO_rsa_public_key_free (denom_pub->details.rsa_public_key);
- denom_pub->details.rsa_public_key = NULL;
- }
- denom_pub->cipher = TALER_DENOMINATION_INVALID;
- return;
- case TALER_DENOMINATION_CS:
- return;
- default:
- GNUNET_assert (0);
- }
+ GNUNET_CRYPTO_blind_sign_pub_decref (denom_pub->bsign_pub_key);
+ denom_pub->bsign_pub_key = NULL;
}
void
TALER_denom_priv_free (struct TALER_DenominationPrivateKey *denom_priv)
{
- switch (denom_priv->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- return;
- case TALER_DENOMINATION_RSA:
- if (NULL != denom_priv->details.rsa_private_key)
- {
- GNUNET_CRYPTO_rsa_private_key_free (denom_priv->details.rsa_private_key);
- denom_priv->details.rsa_private_key = NULL;
- }
- denom_priv->cipher = TALER_DENOMINATION_INVALID;
- return;
- case TALER_DENOMINATION_CS:
- return;
- default:
- GNUNET_assert (0);
- }
+ GNUNET_CRYPTO_blind_sign_priv_decref (denom_priv->bsign_priv_key);
+ denom_priv->bsign_priv_key = NULL;
}
void
TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig)
{
- switch (denom_sig->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- return;
- case TALER_DENOMINATION_RSA:
- if (NULL != denom_sig->details.rsa_signature)
- {
- GNUNET_CRYPTO_rsa_signature_free (denom_sig->details.rsa_signature);
- denom_sig->details.rsa_signature = NULL;
- }
- denom_sig->cipher = TALER_DENOMINATION_INVALID;
- return;
- case TALER_DENOMINATION_CS:
- return;
- default:
- GNUNET_assert (0);
- }
+ GNUNET_CRYPTO_unblinded_sig_decref (denom_sig->unblinded_sig);
+ denom_sig->unblinded_sig = NULL;
}
@@ -466,24 +206,8 @@ void
TALER_blinded_denom_sig_free (
struct TALER_BlindedDenominationSignature *denom_sig)
{
- switch (denom_sig->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- return;
- case TALER_DENOMINATION_RSA:
- if (NULL != denom_sig->details.blinded_rsa_signature)
- {
- GNUNET_CRYPTO_rsa_signature_free (
- denom_sig->details.blinded_rsa_signature);
- denom_sig->details.blinded_rsa_signature = NULL;
- }
- denom_sig->cipher = TALER_DENOMINATION_INVALID;
- return;
- case TALER_DENOMINATION_CS:
- return;
- default:
- GNUNET_assert (0);
- }
+ GNUNET_CRYPTO_blinded_sig_decref (denom_sig->blinded_sig);
+ denom_sig->blinded_sig = NULL;
}
@@ -491,19 +215,8 @@ void
TALER_denom_pub_deep_copy (struct TALER_DenominationPublicKey *denom_dst,
const struct TALER_DenominationPublicKey *denom_src)
{
- *denom_dst = *denom_src; /* shallow copy */
- switch (denom_src->cipher)
- {
- case TALER_DENOMINATION_RSA:
- denom_dst->details.rsa_public_key
- = GNUNET_CRYPTO_rsa_public_key_dup (
- denom_src->details.rsa_public_key);
- return;
- case TALER_DENOMINATION_CS:
- return;
- default:
- GNUNET_assert (0);
- }
+ denom_dst->bsign_pub_key
+ = GNUNET_CRYPTO_bsign_pub_incref (denom_src->bsign_pub_key);
}
@@ -511,21 +224,8 @@ void
TALER_denom_sig_deep_copy (struct TALER_DenominationSignature *denom_dst,
const struct TALER_DenominationSignature *denom_src)
{
- *denom_dst = *denom_src; /* shallow copy */
- switch (denom_src->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- return;
- case TALER_DENOMINATION_RSA:
- denom_dst->details.rsa_signature
- = GNUNET_CRYPTO_rsa_signature_dup (
- denom_src->details.rsa_signature);
- return;
- case TALER_DENOMINATION_CS:
- return;
- default:
- GNUNET_assert (0);
- }
+ denom_dst->unblinded_sig
+ = GNUNET_CRYPTO_ub_sig_incref (denom_src->unblinded_sig);
}
@@ -534,21 +234,8 @@ TALER_blinded_denom_sig_deep_copy (
struct TALER_BlindedDenominationSignature *denom_dst,
const struct TALER_BlindedDenominationSignature *denom_src)
{
- *denom_dst = *denom_src; /* shallow copy */
- switch (denom_src->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- return;
- case TALER_DENOMINATION_RSA:
- denom_dst->details.blinded_rsa_signature
- = GNUNET_CRYPTO_rsa_signature_dup (
- denom_src->details.blinded_rsa_signature);
- return;
- case TALER_DENOMINATION_CS:
- return;
- default:
- GNUNET_assert (0);
- }
+ denom_dst->blinded_sig
+ = GNUNET_CRYPTO_blind_sig_incref (denom_src->blinded_sig);
}
@@ -556,24 +243,14 @@ int
TALER_denom_pub_cmp (const struct TALER_DenominationPublicKey *denom1,
const struct TALER_DenominationPublicKey *denom2)
{
- if (denom1->cipher != denom2->cipher)
- return (denom1->cipher > denom2->cipher) ? 1 : -1;
+ if (denom1->bsign_pub_key->cipher !=
+ denom2->bsign_pub_key->cipher)
+ return (denom1->bsign_pub_key->cipher >
+ denom2->bsign_pub_key->cipher) ? 1 : -1;
if (denom1->age_mask.bits != denom2->age_mask.bits)
return (denom1->age_mask.bits > denom2->age_mask.bits) ? 1 : -1;
- switch (denom1->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- return 0;
- case TALER_DENOMINATION_RSA:
- return GNUNET_CRYPTO_rsa_public_key_cmp (denom1->details.rsa_public_key,
- denom2->details.rsa_public_key);
- case TALER_DENOMINATION_CS:
- return GNUNET_memcmp (&denom1->details.cs_public_key,
- &denom2->details.cs_public_key);
- default:
- GNUNET_assert (0);
- }
- return -2;
+ return GNUNET_CRYPTO_bsign_pub_cmp (denom1->bsign_pub_key,
+ denom2->bsign_pub_key);
}
@@ -581,22 +258,8 @@ int
TALER_denom_sig_cmp (const struct TALER_DenominationSignature *sig1,
const struct TALER_DenominationSignature *sig2)
{
- if (sig1->cipher != sig2->cipher)
- return (sig1->cipher > sig2->cipher) ? 1 : -1;
- switch (sig1->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- return 0;
- case TALER_DENOMINATION_RSA:
- return GNUNET_CRYPTO_rsa_signature_cmp (sig1->details.rsa_signature,
- sig2->details.rsa_signature);
- case TALER_DENOMINATION_CS:
- return GNUNET_memcmp (&sig1->details.cs_signature,
- &sig2->details.cs_signature);
- default:
- GNUNET_assert (0);
- }
- return -2;
+ return GNUNET_CRYPTO_ub_sig_cmp (sig1->unblinded_sig,
+ sig1->unblinded_sig);
}
@@ -605,27 +268,8 @@ TALER_blinded_planchet_cmp (
const struct TALER_BlindedPlanchet *bp1,
const struct TALER_BlindedPlanchet *bp2)
{
- if (bp1->cipher != bp2->cipher)
- return (bp1->cipher > bp2->cipher) ? 1 : -1;
- switch (bp1->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- return 0;
- case TALER_DENOMINATION_RSA:
- if (bp1->details.rsa_blinded_planchet.blinded_msg_size !=
- bp2->details.rsa_blinded_planchet.blinded_msg_size)
- return (bp1->details.rsa_blinded_planchet.blinded_msg_size >
- bp2->details.rsa_blinded_planchet.blinded_msg_size) ? 1 : -1;
- return memcmp (bp1->details.rsa_blinded_planchet.blinded_msg,
- bp2->details.rsa_blinded_planchet.blinded_msg,
- bp1->details.rsa_blinded_planchet.blinded_msg_size);
- case TALER_DENOMINATION_CS:
- return GNUNET_memcmp (&bp1->details.cs_blinded_planchet,
- &bp2->details.cs_blinded_planchet);
- default:
- GNUNET_assert (0);
- }
- return -2;
+ return GNUNET_CRYPTO_blinded_message_cmp (bp1->blinded_message,
+ bp2->blinded_message);
}
@@ -634,22 +278,8 @@ TALER_blinded_denom_sig_cmp (
const struct TALER_BlindedDenominationSignature *sig1,
const struct TALER_BlindedDenominationSignature *sig2)
{
- if (sig1->cipher != sig2->cipher)
- return (sig1->cipher > sig2->cipher) ? 1 : -1;
- switch (sig1->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- return 0;
- case TALER_DENOMINATION_RSA:
- return GNUNET_CRYPTO_rsa_signature_cmp (sig1->details.blinded_rsa_signature,
- sig2->details.blinded_rsa_signature);
- case TALER_DENOMINATION_CS:
- return GNUNET_memcmp (&sig1->details.blinded_cs_answer,
- &sig2->details.blinded_cs_answer);
- default:
- GNUNET_assert (0);
- }
- return -2;
+ return GNUNET_CRYPTO_blind_sig_cmp (sig1->blinded_sig,
+ sig1->blinded_sig);
}
@@ -657,31 +287,31 @@ void
TALER_blinded_planchet_hash_ (const struct TALER_BlindedPlanchet *bp,
struct GNUNET_HashContext *hash_context)
{
- uint32_t cipher = htonl (bp->cipher);
+ const struct GNUNET_CRYPTO_BlindedMessage *bm = bp->blinded_message;
+ uint32_t cipher = htonl (bm->cipher);
GNUNET_CRYPTO_hash_context_read (hash_context,
&cipher,
sizeof (cipher));
- switch (bp->cipher)
+ switch (bm->cipher)
{
- case TALER_DENOMINATION_INVALID:
- break;
- case TALER_DENOMINATION_RSA:
+ case GNUNET_CRYPTO_BSA_INVALID:
+ GNUNET_break (0);
+ return;
+ case GNUNET_CRYPTO_BSA_RSA:
GNUNET_CRYPTO_hash_context_read (
hash_context,
- bp->details.rsa_blinded_planchet.blinded_msg,
- bp->details.rsa_blinded_planchet.blinded_msg_size);
- break;
- case TALER_DENOMINATION_CS:
+ bm->details.rsa_blinded_message.blinded_msg,
+ bm->details.rsa_blinded_message.blinded_msg_size);
+ return;
+ case GNUNET_CRYPTO_BSA_CS:
GNUNET_CRYPTO_hash_context_read (
hash_context,
- &bp->details.cs_blinded_planchet,
- sizeof (bp->details.cs_blinded_planchet));
- break;
- default:
- GNUNET_assert (0);
- break;
+ &bm->details.cs_blinded_message,
+ sizeof (bm->details.cs_blinded_message));
+ return;
}
+ GNUNET_assert (0);
}
@@ -689,14 +319,17 @@ void
TALER_planchet_blinding_secret_create (
const struct TALER_PlanchetMasterSecretP *ps,
const struct TALER_ExchangeWithdrawValues *alg_values,
- union TALER_DenominationBlindingKeyP *bks)
+ union GNUNET_CRYPTO_BlindingSecretP *bks)
{
- switch (alg_values->cipher)
+ const struct GNUNET_CRYPTO_BlindingInputValues *bi =
+ alg_values->blinding_inputs;
+
+ switch (bi->cipher)
{
- case TALER_DENOMINATION_INVALID:
+ case GNUNET_CRYPTO_BSA_INVALID:
GNUNET_break (0);
return;
- case TALER_DENOMINATION_RSA:
+ case GNUNET_CRYPTO_BSA_RSA:
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_kdf (&bks->rsa_bks,
sizeof (bks->rsa_bks),
@@ -707,7 +340,7 @@ TALER_planchet_blinding_secret_create (
NULL,
0));
return;
- case TALER_DENOMINATION_CS:
+ case GNUNET_CRYPTO_BSA_CS:
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_kdf (&bks->nonce,
sizeof (bks->nonce),
@@ -715,14 +348,13 @@ TALER_planchet_blinding_secret_create (
strlen ("bseed"),
ps,
sizeof(*ps),
- &alg_values->details.cs_values,
- sizeof(alg_values->details.cs_values),
+ &bi->details.cs_values,
+ sizeof(bi->details.cs_values),
NULL,
0));
return;
- default:
- GNUNET_break (0);
}
+ GNUNET_assert (0);
}
@@ -732,9 +364,18 @@ TALER_planchet_setup_coin_priv (
const struct TALER_ExchangeWithdrawValues *alg_values,
struct TALER_CoinSpendPrivateKeyP *coin_priv)
{
- switch (alg_values->cipher)
+ const struct GNUNET_CRYPTO_BlindingInputValues *bi
+ = alg_values->blinding_inputs;
+
+ switch (bi->cipher)
{
- case TALER_DENOMINATION_RSA:
+ case GNUNET_CRYPTO_BSA_INVALID:
+ GNUNET_break (0);
+ memset (coin_priv,
+ 0,
+ sizeof (*coin_priv));
+ return;
+ case GNUNET_CRYPTO_BSA_RSA:
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_kdf (coin_priv,
sizeof (*coin_priv),
@@ -744,8 +385,8 @@ TALER_planchet_setup_coin_priv (
sizeof(*ps),
NULL,
0));
- break;
- case TALER_DENOMINATION_CS:
+ return;
+ case GNUNET_CRYPTO_BSA_CS:
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_kdf (coin_priv,
sizeof (*coin_priv),
@@ -753,37 +394,21 @@ TALER_planchet_setup_coin_priv (
strlen ("coin"),
ps,
sizeof(*ps),
- &alg_values->details.cs_values,
- sizeof(alg_values->details.cs_values),
+ &bi->details.cs_values,
+ sizeof(bi->details.cs_values),
NULL,
0));
- break;
- default:
- GNUNET_break (0);
return;
}
+ GNUNET_assert (0);
}
void
TALER_blinded_planchet_free (struct TALER_BlindedPlanchet *blinded_planchet)
{
- switch (blinded_planchet->cipher)
- {
- case TALER_DENOMINATION_INVALID:
- GNUNET_break (0);
- return;
- case TALER_DENOMINATION_RSA:
- GNUNET_free (blinded_planchet->details.rsa_blinded_planchet.blinded_msg);
- return;
- case TALER_DENOMINATION_CS:
- memset (blinded_planchet,
- 0,
- sizeof (*blinded_planchet));
- /* nothing to do for CS */
- return;
- }
- GNUNET_assert (0);
+ GNUNET_CRYPTO_blinded_message_decref (blinded_planchet->blinded_message);
+ blinded_planchet->blinded_message = NULL;
}
diff --git a/src/util/taler-exchange-secmod-cs.c b/src/util/taler-exchange-secmod-cs.c
index ed0eba15d..a9696ee84 100644
--- a/src/util/taler-exchange-secmod-cs.c
+++ b/src/util/taler-exchange-secmod-cs.c
@@ -269,7 +269,7 @@ struct BatchJob
/**
* Result with the signature.
*/
- struct TALER_BlindedDenominationCsSignAnswer cs_answer;
+ struct GNUNET_CRYPTO_CsBlindSignature cs_answer;
} sign;
/**
@@ -285,7 +285,7 @@ struct BatchJob
/**
* Pair of points to return.
*/
- struct TALER_DenominationCSPublicRPairP rpairp;
+ struct GNUNET_CRYPTO_CSPublicRPairP rpairp;
} rderive;
@@ -433,7 +433,7 @@ generate_response (struct DenominationKey *dk)
/**
* Do the actual signing work.
*
- * @param h_cs key to sign with
+ * @param h_cs hash of key to sign with
* @param planchet message to sign
* @param for_melt true if for melting
* @param[out] cs_sigp set to the CS signature
@@ -441,9 +441,9 @@ generate_response (struct DenominationKey *dk)
*/
static enum TALER_ErrorCode
do_sign (const struct TALER_CsPubHashP *h_cs,
- const struct TALER_BlindedCsPlanchet *planchet,
+ const struct GNUNET_CRYPTO_CsBlindedMessage *planchet,
bool for_melt,
- struct TALER_BlindedDenominationCsSignAnswer *cs_sigp)
+ struct GNUNET_CRYPTO_CsBlindSignature *cs_sigp)
{
struct GNUNET_CRYPTO_CsRSecret r[2];
struct DenominationKey *dk;
@@ -473,15 +473,14 @@ do_sign (const struct TALER_CsPubHashP *h_cs,
GNUNET_assert (dk->rc < UINT_MAX);
dk->rc++;
GNUNET_assert (0 == pthread_mutex_unlock (&keys_lock));
- GNUNET_CRYPTO_cs_r_derive (&planchet->nonce.nonce,
+ GNUNET_CRYPTO_cs_r_derive (&planchet->nonce,
for_melt ? "rm" : "rw",
&dk->denom_priv,
r);
- cs_sigp->b = GNUNET_CRYPTO_cs_sign_derive (&dk->denom_priv,
- r,
- planchet->c,
- &planchet->nonce.nonce,
- &cs_sigp->s_scalar);
+ GNUNET_CRYPTO_cs_sign_derive (&dk->denom_priv,
+ r,
+ planchet,
+ cs_sigp);
GNUNET_assert (0 == pthread_mutex_lock (&keys_lock));
GNUNET_assert (dk->rc > 0);
dk->rc--;
@@ -543,14 +542,14 @@ fail_derive (struct TES_Client *client,
*/
static enum GNUNET_GenericReturnValue
send_signature (struct TES_Client *client,
- const struct TALER_BlindedDenominationCsSignAnswer *cs_answer)
+ const struct GNUNET_CRYPTO_CsBlindSignature *cs_answer)
{
struct TALER_CRYPTO_SignResponse sres;
sres.header.size = htons (sizeof (sres));
sres.header.type = htons (TALER_HELPER_CS_MT_RES_SIGNATURE);
- sres.reserved = htonl (0);
- sres.cs_answer = *cs_answer;
+ sres.b = htonl (cs_answer->b);
+ sres.cs_answer = cs_answer->s_scalar;
return TES_transmit (client->csock,
&sres.header);
}
@@ -569,13 +568,13 @@ static enum GNUNET_GenericReturnValue
handle_sign_request (struct TES_Client *client,
const struct TALER_CRYPTO_CsSignRequestMessage *sr)
{
- struct TALER_BlindedDenominationCsSignAnswer cs_answer;
+ struct GNUNET_CRYPTO_CsBlindSignature cs_answer;
struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
enum TALER_ErrorCode ec;
enum GNUNET_GenericReturnValue ret;
ec = do_sign (&sr->h_cs,
- &sr->planchet,
+ &sr->message,
(0 != ntohl (sr->for_melt)),
&cs_answer);
if (TALER_EC_NONE != ec)
@@ -605,12 +604,12 @@ handle_sign_request (struct TES_Client *client,
*/
static enum TALER_ErrorCode
do_derive (const struct TALER_CsPubHashP *h_cs,
- const struct TALER_CsNonce *nonce,
+ const struct GNUNET_CRYPTO_CsSessionNonce *nonce,
bool for_melt,
- struct TALER_DenominationCSPublicRPairP *rpairp)
+ struct GNUNET_CRYPTO_CSPublicRPairP *rpairp)
{
struct DenominationKey *dk;
- struct TALER_DenominationCSPrivateRPairP r_priv;
+ struct GNUNET_CRYPTO_CSPrivateRPairP r_priv;
GNUNET_assert (0 == pthread_mutex_lock (&keys_lock));
dk = GNUNET_CONTAINER_multihashmap_get (keys,
@@ -637,7 +636,7 @@ do_derive (const struct TALER_CsPubHashP *h_cs,
GNUNET_assert (dk->rc < UINT_MAX);
dk->rc++;
GNUNET_assert (0 == pthread_mutex_unlock (&keys_lock));
- GNUNET_CRYPTO_cs_r_derive (&nonce->nonce,
+ GNUNET_CRYPTO_cs_r_derive (nonce,
for_melt ? "rm" : "rw",
&dk->denom_priv,
r_priv.r);
@@ -662,10 +661,10 @@ do_derive (const struct TALER_CsPubHashP *h_cs,
*/
static enum GNUNET_GenericReturnValue
send_derivation (struct TES_Client *client,
- const struct TALER_DenominationCSPublicRPairP *r_pub)
+ const struct GNUNET_CRYPTO_CSPublicRPairP *r_pub)
{
struct TALER_CRYPTO_RDeriveResponse rdr = {
- .header.size = htons (sizeof (struct TALER_CRYPTO_RDeriveResponse)),
+ .header.size = htons (sizeof (rdr)),
.header.type = htons (TALER_HELPER_CS_MT_RES_RDERIVE),
.r_pub = *r_pub
};
@@ -776,7 +775,7 @@ worker (void *cls)
= bj->details.sign.sr;
bj->ec = do_sign (&sr->h_cs,
- &sr->planchet,
+ &sr->message,
(0 != ntohl (sr->for_melt)),
&bj->details.sign.cs_answer);
break;
@@ -1093,8 +1092,9 @@ setup_key (struct DenominationKey *dk,
GNUNET_CRYPTO_cs_private_key_generate (&priv);
GNUNET_CRYPTO_cs_private_key_get_public (&priv,
&pub);
- TALER_cs_pub_hash (&pub,
- &dk->h_cs);
+ GNUNET_CRYPTO_hash (&pub,
+ sizeof (pub),
+ &dk->h_cs.hash);
GNUNET_asprintf (&dk->filename,
"%s/%s/%llu",
keydir,
@@ -1242,7 +1242,7 @@ static enum GNUNET_GenericReturnValue
handle_r_derive_request (struct TES_Client *client,
const struct TALER_CRYPTO_CsRDeriveRequest *rdr)
{
- struct TALER_DenominationCSPublicRPairP r_pub;
+ struct GNUNET_CRYPTO_CSPublicRPairP r_pub;
struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
enum TALER_ErrorCode ec;
enum GNUNET_GenericReturnValue ret;
@@ -1773,20 +1773,19 @@ parse_key (struct Denomination *denom,
return;
}
{
- struct GNUNET_CRYPTO_CsPublicKey pub;
struct DenominationKey *dk;
struct DenominationKey *before;
- GNUNET_CRYPTO_cs_private_key_get_public (priv,
- &pub);
dk = GNUNET_new (struct DenominationKey);
dk->denom_priv = *priv;
dk->denom = denom;
dk->anchor = anchor;
dk->filename = GNUNET_strdup (filename);
- TALER_cs_pub_hash (&pub,
- &dk->h_cs);
- dk->denom_pub = pub;
+ GNUNET_CRYPTO_cs_private_key_get_public (priv,
+ &dk->denom_pub);
+ GNUNET_CRYPTO_hash (&dk->denom_pub,
+ sizeof (dk->denom_pub),
+ &dk->h_cs.hash);
generate_response (dk);
if (GNUNET_OK !=
GNUNET_CONTAINER_multihashmap_put (
@@ -1808,7 +1807,9 @@ parse_key (struct Denomination *denom,
NULL != pos;
pos = pos->next)
{
- if (GNUNET_TIME_timestamp_cmp (pos->anchor, >, anchor))
+ if (GNUNET_TIME_timestamp_cmp (pos->anchor,
+ >,
+ anchor))
break;
before = pos;
}
diff --git a/src/util/taler-exchange-secmod-cs.h b/src/util/taler-exchange-secmod-cs.h
index fd550efbc..0321335da 100644
--- a/src/util/taler-exchange-secmod-cs.h
+++ b/src/util/taler-exchange-secmod-cs.h
@@ -136,9 +136,9 @@ struct TALER_CRYPTO_CsSignRequestMessage
struct TALER_CsPubHashP h_cs;
/**
- * Planchet containing message to sign and nonce to derive R from
+ * Message to sign.
*/
- struct TALER_BlindedCsPlanchet planchet;
+ struct GNUNET_CRYPTO_CsBlindedMessage message;
};
@@ -188,7 +188,7 @@ struct TALER_CRYPTO_CsRDeriveRequest
/**
* Withdraw nonce to derive R from
*/
- struct TALER_CsNonce nonce;
+ struct GNUNET_CRYPTO_CsSessionNonce nonce;
};
@@ -248,14 +248,14 @@ struct TALER_CRYPTO_SignResponse
struct GNUNET_MessageHeader header;
/**
- * For now, always zero.
+ * The chosen 'b' (0 or 1).
*/
- uint32_t reserved;
+ uint32_t b;
/**
- * Contains the blindided s and the chosen b
+ * Contains the blindided s.
*/
- struct TALER_BlindedDenominationCsSignAnswer cs_answer;
+ struct GNUNET_CRYPTO_CsBlindS cs_answer;
};
/**
@@ -274,9 +274,9 @@ struct TALER_CRYPTO_RDeriveResponse
uint32_t reserved;
/**
- * derived R
+ * Pair of derived R values
*/
- struct TALER_DenominationCSPublicRPairP r_pub;
+ struct GNUNET_CRYPTO_CSPublicRPairP r_pub;
};
diff --git a/src/util/taler-exchange-secmod-rsa.c b/src/util/taler-exchange-secmod-rsa.c
index 414cb4acc..b10e7c637 100644
--- a/src/util/taler-exchange-secmod-rsa.c
+++ b/src/util/taler-exchange-secmod-rsa.c
@@ -409,15 +409,13 @@ generate_response (struct DenominationKey *dk)
* Do the actual signing work.
*
* @param h_rsa key to sign with
- * @param blinded_msg message to sign
- * @param blinded_msg_size number of bytes in @a blinded_msg
+ * @param bm blinded message to sign
* @param[out] rsa_signaturep set to the RSA signature
* @return #TALER_EC_NONE on success
*/
static enum TALER_ErrorCode
do_sign (const struct TALER_RsaPubHashP *h_rsa,
- const void *blinded_msg,
- size_t blinded_msg_size,
+ const struct GNUNET_CRYPTO_RsaBlindedMessage *bm,
struct GNUNET_CRYPTO_RsaSignature **rsa_signaturep)
{
struct DenominationKey *dk;
@@ -447,15 +445,14 @@ do_sign (const struct TALER_RsaPubHashP *h_rsa,
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Received request to sign over %u bytes with key %s\n",
- (unsigned int) blinded_msg_size,
+ (unsigned int) bm->blinded_msg_size,
GNUNET_h2s (&h_rsa->hash));
GNUNET_assert (dk->rc < UINT_MAX);
dk->rc++;
GNUNET_assert (0 == pthread_mutex_unlock (&keys_lock));
rsa_signature
= GNUNET_CRYPTO_rsa_sign_blinded (dk->denom_priv,
- blinded_msg,
- blinded_msg_size);
+ bm);
GNUNET_assert (0 == pthread_mutex_lock (&keys_lock));
GNUNET_assert (dk->rc > 0);
dk->rc--;
@@ -548,14 +545,15 @@ static enum GNUNET_GenericReturnValue
handle_sign_request (struct TES_Client *client,
const struct TALER_CRYPTO_SignRequest *sr)
{
- const void *blinded_msg = &sr[1];
- size_t blinded_msg_size = ntohs (sr->header.size) - sizeof (*sr);
+ struct GNUNET_CRYPTO_RsaBlindedMessage bm = {
+ .blinded_msg = (void *) &sr[1],
+ .blinded_msg_size = ntohs (sr->header.size) - sizeof (*sr)
+ };
struct GNUNET_CRYPTO_RsaSignature *rsa_signature;
enum TALER_ErrorCode ec;
ec = do_sign (&sr->h_rsa,
- blinded_msg,
- blinded_msg_size,
+ &bm,
&rsa_signature);
if (TALER_EC_NONE != ec)
{
@@ -660,12 +658,13 @@ worker (void *cls)
{
struct BatchJob *bj = w->job;
const struct TALER_CRYPTO_SignRequest *sr = bj->sr;
- const void *blinded_msg = &sr[1];
- size_t blinded_msg_size = ntohs (sr->header.size) - sizeof (*sr);
+ struct GNUNET_CRYPTO_RsaBlindedMessage bm = {
+ .blinded_msg = (void *) &sr[1],
+ .blinded_msg_size = ntohs (sr->header.size) - sizeof (*sr)
+ };
bj->ec = do_sign (&sr->h_rsa,
- blinded_msg,
- blinded_msg_size,
+ &bm,
&bj->rsa_signature);
sem_up (&bj->sem);
w->job = NULL;
@@ -880,8 +879,8 @@ setup_key (struct DenominationKey *dk,
}
buf_size = GNUNET_CRYPTO_rsa_private_key_encode (priv,
&buf);
- TALER_rsa_pub_hash (pub,
- &dk->h_rsa);
+ GNUNET_CRYPTO_rsa_public_key_hash (pub,
+ &dk->h_rsa.hash);
GNUNET_asprintf (&dk->filename,
"%s/%s/%llu",
keydir,
@@ -1545,8 +1544,8 @@ parse_key (struct Denomination *denom,
dk->denom = denom;
dk->anchor = anchor;
dk->filename = GNUNET_strdup (filename);
- TALER_rsa_pub_hash (pub,
- &dk->h_rsa);
+ GNUNET_CRYPTO_rsa_public_key_hash (pub,
+ &dk->h_rsa.hash);
dk->denom_pub = pub;
generate_response (dk);
if (GNUNET_OK !=
diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c
index 54f7e794d..2a2090952 100644
--- a/src/util/test_crypto.c
+++ b/src/util/test_crypto.c
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- (C) 2015, 2020-2022 Taler Systems SA
+ (C) 2015, 2020-2023 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
@@ -37,14 +37,21 @@ test_high_level (void)
struct TALER_TransferPublicKeyP trans_pub;
struct TALER_TransferSecretP secret;
struct TALER_TransferSecretP secret2;
- union TALER_DenominationBlindingKeyP bks1;
- union TALER_DenominationBlindingKeyP bks2;
+ union GNUNET_CRYPTO_BlindingSecretP bks1;
+ union GNUNET_CRYPTO_BlindingSecretP bks2;
struct TALER_CoinSpendPrivateKeyP coin_priv1;
struct TALER_CoinSpendPrivateKeyP coin_priv2;
struct TALER_PlanchetMasterSecretP ps1;
struct TALER_PlanchetMasterSecretP ps2;
- struct TALER_ExchangeWithdrawValues alg1;
- struct TALER_ExchangeWithdrawValues alg2;
+ struct GNUNET_CRYPTO_BlindingInputValues bi = {
+ .cipher = GNUNET_CRYPTO_BSA_RSA
+ };
+ struct TALER_ExchangeWithdrawValues alg1 = {
+ .blinding_inputs = &bi
+ };
+ struct TALER_ExchangeWithdrawValues alg2 = {
+ .blinding_inputs = &bi
+ };
GNUNET_CRYPTO_eddsa_key_create (&coin_priv.eddsa_priv);
GNUNET_CRYPTO_eddsa_key_get_public (&coin_priv.eddsa_priv,
@@ -70,14 +77,12 @@ test_high_level (void)
TALER_transfer_secret_to_planchet_secret (&secret,
0,
&ps1);
- alg1.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_coin_priv (&ps1,
&alg1,
&coin_priv1);
TALER_planchet_blinding_secret_create (&ps1,
&alg1,
&bks1);
- alg2.cipher = TALER_DENOMINATION_RSA;
TALER_transfer_secret_to_planchet_secret (&secret,
1,
&ps2);
@@ -116,10 +121,10 @@ test_planchets_rsa (uint8_t age)
{
struct TALER_PlanchetMasterSecretP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
- union TALER_DenominationBlindingKeyP bks;
+ union GNUNET_CRYPTO_BlindingSecretP bks;
struct TALER_DenominationPrivateKey dk_priv;
struct TALER_DenominationPublicKey dk_pub;
- struct TALER_ExchangeWithdrawValues alg_values;
+ const struct TALER_ExchangeWithdrawValues *alg_values;
struct TALER_PlanchetDetail pd;
struct TALER_BlindedDenominationSignature blind_sig;
struct TALER_FreshCoin coin;
@@ -127,6 +132,7 @@ test_planchets_rsa (uint8_t age)
struct TALER_AgeCommitmentHash *ach = NULL;
struct TALER_AgeCommitmentHash ah = {0};
+ alg_values = TALER_denom_ewv_rsa_singleton ();
if (0 < age)
{
struct TALER_AgeCommitmentProof acp;
@@ -152,7 +158,7 @@ test_planchets_rsa (uint8_t age)
GNUNET_assert (GNUNET_SYSERR ==
TALER_denom_priv_create (&dk_priv,
&dk_pub,
- TALER_DENOMINATION_INVALID));
+ GNUNET_CRYPTO_BSA_INVALID));
GNUNET_log_skip (1, GNUNET_YES);
GNUNET_assert (GNUNET_SYSERR ==
TALER_denom_priv_create (&dk_priv,
@@ -162,19 +168,19 @@ test_planchets_rsa (uint8_t age)
GNUNET_assert (GNUNET_OK ==
TALER_denom_priv_create (&dk_priv,
&dk_pub,
- TALER_DENOMINATION_RSA,
+ GNUNET_CRYPTO_BSA_RSA,
1024));
- alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_coin_priv (&ps,
- &alg_values,
+ alg_values,
&coin_priv);
TALER_planchet_blinding_secret_create (&ps,
- &alg_values,
+ alg_values,
&bks);
GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (&dk_pub,
- &alg_values,
+ alg_values,
&bks,
+ NULL,
&coin_priv,
ach,
&c_hash,
@@ -192,7 +198,7 @@ test_planchets_rsa (uint8_t age)
&coin_priv,
ach,
&c_hash,
- &alg_values,
+ alg_values,
&coin));
TALER_blinded_denom_sig_free (&blind_sig);
TALER_denom_sig_free (&coin.sig);
@@ -203,39 +209,6 @@ test_planchets_rsa (uint8_t age)
/**
- * @brief Function for CS signatures to derive public R_0 and R_1
- *
- * @param nonce withdraw nonce from a client
- * @param denom_priv denomination privkey as long-term secret
- * @param r_pub the resulting R_0 and R_1
- * @return enum GNUNET_GenericReturnValue
- */
-static enum GNUNET_GenericReturnValue
-derive_r_public (
- const struct TALER_CsNonce *nonce,
- const struct TALER_DenominationPrivateKey *denom_priv,
- struct TALER_DenominationCSPublicRPairP *r_pub)
-{
- struct GNUNET_CRYPTO_CsRSecret r[2];
-
- if (denom_priv->cipher != TALER_DENOMINATION_CS)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- GNUNET_CRYPTO_cs_r_derive (&nonce->nonce,
- "rw",
- &denom_priv->details.cs_private_key,
- r);
- GNUNET_CRYPTO_cs_r_get_public (&r[0],
- &r_pub->r_pub[0]);
- GNUNET_CRYPTO_cs_r_get_public (&r[1],
- &r_pub->r_pub[1]);
- return GNUNET_OK;
-}
-
-
-/**
* Test the basic planchet functionality of creating a fresh planchet with CS denomination
* and extracting the respective signature.
*
@@ -246,11 +219,12 @@ test_planchets_cs (uint8_t age)
{
struct TALER_PlanchetMasterSecretP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
- union TALER_DenominationBlindingKeyP bks;
+ union GNUNET_CRYPTO_BlindingSecretP bks;
struct TALER_DenominationPrivateKey dk_priv;
struct TALER_DenominationPublicKey dk_pub;
struct TALER_PlanchetDetail pd;
struct TALER_CoinPubHashP c_hash;
+ union GNUNET_CRYPTO_BlindSessionNonce nonce;
struct TALER_BlindedDenominationSignature blind_sig;
struct TALER_FreshCoin coin;
struct TALER_ExchangeWithdrawValues alg_values;
@@ -281,16 +255,17 @@ test_planchets_cs (uint8_t age)
GNUNET_assert (GNUNET_OK ==
TALER_denom_priv_create (&dk_priv,
&dk_pub,
- TALER_DENOMINATION_CS));
- alg_values.cipher = TALER_DENOMINATION_CS;
+ GNUNET_CRYPTO_BSA_CS));
TALER_cs_withdraw_nonce_derive (
&ps,
- &pd.blinded_planchet.details.cs_blinded_planchet.nonce);
- GNUNET_assert (GNUNET_OK ==
- derive_r_public (
- &pd.blinded_planchet.details.cs_blinded_planchet.nonce,
- &dk_priv,
- &alg_values.details.cs_values));
+ &nonce.cs_nonce);
+ // FIXME: define Taler abstraction for this:
+ alg_values.blinding_inputs
+ = GNUNET_CRYPTO_get_blinding_input_values (dk_priv.bsign_priv_key,
+ &nonce,
+ "rw");
+ TALER_denom_pub_hash (&dk_pub,
+ &pd.denom_pub_hash);
TALER_planchet_setup_coin_priv (&ps,
&alg_values,
&coin_priv);
@@ -301,6 +276,7 @@ test_planchets_cs (uint8_t age)
TALER_planchet_prepare (&dk_pub,
&alg_values,
&bks,
+ &nonce,
&coin_priv,
ach,
&c_hash,
@@ -310,7 +286,6 @@ test_planchets_cs (uint8_t age)
&dk_priv,
false,
&pd.blinded_planchet));
- TALER_planchet_detail_free (&pd);
GNUNET_assert (GNUNET_OK ==
TALER_planchet_to_coin (&dk_pub,
&blind_sig,
diff --git a/src/util/test_helper_cs.c b/src/util/test_helper_cs.c
index 2dada0e19..8a60ee2fc 100644
--- a/src/util/test_helper_cs.c
+++ b/src/util/test_helper_cs.c
@@ -129,7 +129,7 @@ free_keys (void)
* @param validity_duration how long does the key remain available for signing;
* zero if the key has been revoked or purged
* @param h_cs hash of the @a denom_pub that is available (or was purged)
- * @param denom_pub the public key itself, NULL if the key was revoked or purged
+ * @param bs_pub the public key itself, NULL if the key was revoked or purged
* @param sm_pub public key of the security module, NULL if the key was revoked or purged
* @param sm_sig signature from the security module, NULL if the key was revoked or purged
* The signature was already verified against @a sm_pub.
@@ -140,7 +140,7 @@ key_cb (void *cls,
struct GNUNET_TIME_Timestamp start_time,
struct GNUNET_TIME_Relative validity_duration,
const struct TALER_CsPubHashP *h_cs,
- const struct TALER_DenominationPublicKey *denom_pub,
+ struct GNUNET_CRYPTO_BlindSignPublicKey *bs_pub,
const struct TALER_SecurityModulePublicKeyP *sm_pub,
const struct TALER_SecurityModuleSignatureP *sm_sig)
{
@@ -155,7 +155,7 @@ key_cb (void *cls,
{
bool found = false;
- GNUNET_break (NULL == denom_pub);
+ GNUNET_break (NULL == bs_pub);
GNUNET_break (NULL == section_name);
for (unsigned int i = 0; i<MAX_KEYS; i++)
if (0 == GNUNET_memcmp (h_cs,
@@ -176,7 +176,7 @@ key_cb (void *cls,
return;
}
- GNUNET_break (NULL != denom_pub);
+ GNUNET_break (NULL != bs_pub);
for (unsigned int i = 0; i<MAX_KEYS; i++)
if (! keys[i].valid)
{
@@ -184,8 +184,8 @@ key_cb (void *cls,
keys[i].h_cs = *h_cs;
keys[i].start_time = start_time;
keys[i].validity_duration = validity_duration;
- TALER_denom_pub_deep_copy (&keys[i].denom_pub,
- denom_pub);
+ keys[i].denom_pub.bsign_pub_key
+ = GNUNET_CRYPTO_bsign_pub_incref (bs_pub);
num_keys++;
return;
}
@@ -268,9 +268,15 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
bool success = false;
struct TALER_PlanchetMasterSecretP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
- union TALER_DenominationBlindingKeyP bks;
+ union GNUNET_CRYPTO_BlindingSecretP bks;
struct TALER_CoinPubHashP c_hash;
- struct TALER_ExchangeWithdrawValues alg_values;
+ struct GNUNET_CRYPTO_BlindingInputValues bi = {
+ .cipher = GNUNET_CRYPTO_BSA_CS
+ };
+ struct TALER_ExchangeWithdrawValues alg_values = {
+ .blinding_inputs = &bi
+ };
+ union GNUNET_CRYPTO_BlindSessionNonce nonce;
TALER_planchet_master_setup_random (&ps);
for (unsigned int i = 0; i<MAX_KEYS; i++)
@@ -279,27 +285,25 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
if (! keys[i].valid)
continue;
- GNUNET_assert (TALER_DENOMINATION_CS ==
- keys[i].denom_pub.cipher);
- pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
+ GNUNET_assert (GNUNET_CRYPTO_BSA_CS ==
+ keys[i].denom_pub.bsign_pub_key->cipher);
TALER_cs_withdraw_nonce_derive (
&ps,
- &pd.blinded_planchet.details.cs_blinded_planchet.nonce);
+ &nonce.cs_nonce);
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Requesting R derivation with key %s\n",
GNUNET_h2s (&keys[i].h_cs.hash));
- alg_values.cipher = TALER_DENOMINATION_CS;
{
struct TALER_CRYPTO_CsDeriveRequest cdr = {
.h_cs = &keys[i].h_cs,
- .nonce = &pd.blinded_planchet.details.cs_blinded_planchet.nonce
+ .nonce = &nonce.cs_nonce
};
ec = TALER_CRYPTO_helper_cs_r_derive (
dh,
&cdr,
false,
- &alg_values.details.cs_values);
+ &bi.details.cs_values);
}
switch (ec)
{
@@ -336,6 +340,7 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
TALER_planchet_prepare (&keys[i].denom_pub,
&alg_values,
&bks,
+ &nonce,
&coin_priv,
NULL, /* no age commitment */
&c_hash,
@@ -379,11 +384,10 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
/* check R derivation does not work if the key is unknown */
{
struct TALER_CsPubHashP rnd;
- struct TALER_CsNonce nonce;
- struct TALER_DenominationCSPublicRPairP crp;
+ struct GNUNET_CRYPTO_CSPublicRPairP crp;
struct TALER_CRYPTO_CsDeriveRequest cdr = {
.h_cs = &rnd,
- .nonce = &nonce,
+ .nonce = &nonce.cs_nonce,
};
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
@@ -423,9 +427,15 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
bool success = false;
struct TALER_PlanchetMasterSecretP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
- union TALER_DenominationBlindingKeyP bks;
+ union GNUNET_CRYPTO_BlindingSecretP bks;
struct TALER_CoinPubHashP c_hash;
- struct TALER_ExchangeWithdrawValues alg_values;
+ struct GNUNET_CRYPTO_BlindingInputValues bi = {
+ .cipher = GNUNET_CRYPTO_BSA_CS
+ };
+ struct TALER_ExchangeWithdrawValues alg_values = {
+ .blinding_inputs = &bi
+ };
+ union GNUNET_CRYPTO_BlindSessionNonce nonce;
TALER_planchet_master_setup_random (&ps);
for (unsigned int i = 0; i<MAX_KEYS; i++)
@@ -437,19 +447,16 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
struct TALER_CRYPTO_CsSignRequest csr;
struct TALER_CRYPTO_CsDeriveRequest cdr = {
.h_cs = &keys[i].h_cs,
- .nonce = &pd.blinded_planchet.details.cs_blinded_planchet.nonce
+ .nonce = &nonce.cs_nonce
};
- pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
TALER_cs_withdraw_nonce_derive (&ps,
- &pd.blinded_planchet.details.
- cs_blinded_planchet.nonce);
- alg_values.cipher = TALER_DENOMINATION_CS;
+ &nonce.cs_nonce);
ec = TALER_CRYPTO_helper_cs_r_derive (
dh,
&cdr,
false,
- &alg_values.details.cs_values);
+ &bi.details.cs_values);
if (TALER_EC_NONE != ec)
continue;
TALER_planchet_setup_coin_priv (&ps,
@@ -458,11 +465,11 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
TALER_planchet_blinding_secret_create (&ps,
&alg_values,
&bks);
-
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub,
&alg_values,
&bks,
+ &nonce,
&coin_priv,
NULL, /* no age commitment */
&c_hash,
@@ -472,7 +479,7 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
GNUNET_h2s (&keys[i].h_cs.hash));
csr.h_cs = &keys[i].h_cs;
csr.blinded_planchet
- = &pd.blinded_planchet.details.cs_blinded_planchet;
+ = &pd.blinded_planchet.blinded_message->details.cs_blinded_message;
ec = TALER_CRYPTO_helper_cs_sign (
dh,
&csr,
@@ -563,18 +570,18 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh)
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&rnd,
sizeof (rnd));
- pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[0].denom_pub,
&alg_values,
&bks,
+ &nonce,
&coin_priv,
NULL, /* no age commitment */
&c_hash,
&pd));
csr.h_cs = &rnd;
csr.blinded_planchet
- = &pd.blinded_planchet.details.cs_blinded_planchet;
+ = &pd.blinded_planchet.blinded_message->details.cs_blinded_message;
ec = TALER_CRYPTO_helper_cs_sign (
dh,
&csr,
@@ -613,9 +620,11 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
bool success = false;
struct TALER_PlanchetMasterSecretP ps[batch_size];
struct TALER_CoinSpendPrivateKeyP coin_priv[batch_size];
- union TALER_DenominationBlindingKeyP bks[batch_size];
+ union GNUNET_CRYPTO_BlindingSecretP bks[batch_size];
struct TALER_CoinPubHashP c_hash[batch_size];
+ struct GNUNET_CRYPTO_BlindingInputValues bi[batch_size];
struct TALER_ExchangeWithdrawValues alg_values[batch_size];
+ union GNUNET_CRYPTO_BlindSessionNonce nonces[batch_size];
for (unsigned int i = 0; i<batch_size; i++)
TALER_planchet_master_setup_random (&ps[i]);
@@ -627,30 +636,29 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
struct TALER_PlanchetDetail pd[batch_size];
struct TALER_CRYPTO_CsSignRequest csr[batch_size];
struct TALER_CRYPTO_CsDeriveRequest cdr[batch_size];
- struct TALER_DenominationCSPublicRPairP crps[batch_size];
+ struct GNUNET_CRYPTO_CSPublicRPairP crps[batch_size];
for (unsigned int i = 0; i<batch_size; i++)
{
cdr[i].h_cs = &keys[k].h_cs;
- cdr[i].nonce =
- &pd[i].blinded_planchet.details.cs_blinded_planchet.nonce;
- pd[i].blinded_planchet.cipher = TALER_DENOMINATION_CS;
+ cdr[i].nonce = &nonces[i].cs_nonce;
TALER_cs_withdraw_nonce_derive (
&ps[i],
- &pd[i].blinded_planchet.details.cs_blinded_planchet.nonce);
- alg_values[i].cipher = TALER_DENOMINATION_CS;
+ &nonces[i].cs_nonce);
+ bi[i].cipher = GNUNET_CRYPTO_BSA_CS;
+ alg_values[i].blinding_inputs = &bi[i];
}
ec = TALER_CRYPTO_helper_cs_r_batch_derive (
dh,
- cdr,
batch_size,
+ cdr,
false,
crps);
if (TALER_EC_NONE != ec)
continue;
for (unsigned int i = 0; i<batch_size; i++)
{
- alg_values[i].details.cs_values = crps[i];
+ bi[i].details.cs_values = crps[i];
TALER_planchet_setup_coin_priv (&ps[i],
&alg_values[i],
&coin_priv[i]);
@@ -661,6 +669,7 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
TALER_planchet_prepare (&keys[k].denom_pub,
&alg_values[i],
&bks[i],
+ &nonces[i],
&coin_priv[i],
NULL, /* no age commitment */
&c_hash[i],
@@ -670,12 +679,12 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
GNUNET_h2s (&keys[k].h_cs.hash));
csr[i].h_cs = &keys[k].h_cs;
csr[i].blinded_planchet
- = &pd[i].blinded_planchet.details.cs_blinded_planchet;
+ = &pd[i].blinded_planchet.blinded_message->details.cs_blinded_message;
}
ec = TALER_CRYPTO_helper_cs_batch_sign (
dh,
- csr,
batch_size,
+ csr,
false,
ds);
}
@@ -768,22 +777,22 @@ test_batch_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&rnd,
sizeof (rnd));
- pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[0].denom_pub,
&alg_values[0],
&bks[0],
+ &nonces[0],
&coin_priv[0],
NULL, /* no age commitment */
&c_hash[0],
&pd));
csr.h_cs = &rnd;
csr.blinded_planchet
- = &pd.blinded_planchet.details.cs_blinded_planchet;
+ = &pd.blinded_planchet.blinded_message->details.cs_blinded_message;
ec = TALER_CRYPTO_helper_cs_batch_sign (
dh,
- &csr,
1,
+ &csr,
false,
&ds[0]);
if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec)
@@ -816,8 +825,13 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
struct GNUNET_TIME_Relative duration;
struct TALER_PlanchetMasterSecretP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
- union TALER_DenominationBlindingKeyP bks;
- struct TALER_ExchangeWithdrawValues alg_values;
+ union GNUNET_CRYPTO_BlindingSecretP bks;
+ struct GNUNET_CRYPTO_BlindingInputValues bv = {
+ .cipher = GNUNET_CRYPTO_BSA_CS
+ };
+ struct TALER_ExchangeWithdrawValues alg_values = {
+ .blinding_inputs = &bv
+ };
TALER_planchet_master_setup_random (&ps);
duration = GNUNET_TIME_UNIT_ZERO;
@@ -841,21 +855,20 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
{
struct TALER_CoinPubHashP c_hash;
struct TALER_PlanchetDetail pd;
+ union GNUNET_CRYPTO_BlindSessionNonce nonce;
struct TALER_CRYPTO_CsDeriveRequest cdr = {
.h_cs = &keys[i].h_cs,
- .nonce = &pd.blinded_planchet.details.cs_blinded_planchet.nonce
+ .nonce = &nonce.cs_nonce
};
- pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
- TALER_cs_withdraw_nonce_derive (&ps,
- &pd.blinded_planchet.details.
- cs_blinded_planchet.nonce);
- alg_values.cipher = TALER_DENOMINATION_CS;
+ TALER_cs_withdraw_nonce_derive (
+ &ps,
+ &nonce.cs_nonce);
ec = TALER_CRYPTO_helper_cs_r_derive (
dh,
&cdr,
true,
- &alg_values.details.cs_values);
+ &bv.details.cs_values);
if (TALER_EC_NONE != ec)
continue;
TALER_planchet_setup_coin_priv (&ps,
@@ -868,6 +881,7 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
TALER_planchet_prepare (&keys[i].denom_pub,
&alg_values,
&bks,
+ &nonce,
&coin_priv,
NULL, /* no age commitment */
&c_hash,
@@ -881,7 +895,7 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh,
csr.h_cs = &keys[i].h_cs;
csr.blinded_planchet
- = &pd.blinded_planchet.details.cs_blinded_planchet;
+ = &pd.blinded_planchet.blinded_message->details.cs_blinded_message;
ec = TALER_CRYPTO_helper_cs_sign (
dh,
&csr,
diff --git a/src/util/test_helper_rsa.c b/src/util/test_helper_rsa.c
index 1c7cc5bfe..1189e0cc7 100644
--- a/src/util/test_helper_rsa.c
+++ b/src/util/test_helper_rsa.c
@@ -129,7 +129,7 @@ free_keys (void)
* @param validity_duration how long does the key remain available for signing;
* zero if the key has been revoked or purged
* @param h_rsa hash of the @a denom_pub that is available (or was purged)
- * @param denom_pub the public key itself, NULL if the key was revoked or purged
+ * @param bs_pub the public key itself, NULL if the key was revoked or purged
* @param sm_pub public key of the security module, NULL if the key was revoked or purged
* @param sm_sig signature from the security module, NULL if the key was revoked or purged
* The signature was already verified against @a sm_pub.
@@ -140,7 +140,7 @@ key_cb (void *cls,
struct GNUNET_TIME_Timestamp start_time,
struct GNUNET_TIME_Relative validity_duration,
const struct TALER_RsaPubHashP *h_rsa,
- const struct TALER_DenominationPublicKey *denom_pub,
+ struct GNUNET_CRYPTO_BlindSignPublicKey *bs_pub,
const struct TALER_SecurityModulePublicKeyP *sm_pub,
const struct TALER_SecurityModuleSignatureP *sm_sig)
{
@@ -155,7 +155,7 @@ key_cb (void *cls,
{
bool found = false;
- GNUNET_break (NULL == denom_pub);
+ GNUNET_break (NULL == bs_pub);
GNUNET_break (NULL == section_name);
for (unsigned int i = 0; i<MAX_KEYS; i++)
if (0 == GNUNET_memcmp (h_rsa,
@@ -176,7 +176,7 @@ key_cb (void *cls,
return;
}
- GNUNET_break (NULL != denom_pub);
+ GNUNET_break (NULL != bs_pub);
for (unsigned int i = 0; i<MAX_KEYS; i++)
if (! keys[i].valid)
{
@@ -184,8 +184,8 @@ key_cb (void *cls,
keys[i].h_rsa = *h_rsa;
keys[i].start_time = start_time;
keys[i].validity_duration = validity_duration;
- TALER_denom_pub_deep_copy (&keys[i].denom_pub,
- denom_pub);
+ keys[i].denom_pub.bsign_pub_key
+ = GNUNET_CRYPTO_bsign_pub_incref (bs_pub);
num_keys++;
return;
}
@@ -268,19 +268,22 @@ test_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh)
enum TALER_ErrorCode ec;
bool success = false;
struct TALER_PlanchetMasterSecretP ps;
- struct TALER_ExchangeWithdrawValues alg_values;
+ const struct TALER_ExchangeWithdrawValues *alg_values
+ = TALER_denom_ewv_rsa_singleton ();
struct TALER_AgeCommitmentHash ach;
struct TALER_CoinPubHashP c_hash;
struct TALER_CoinSpendPrivateKeyP coin_priv;
- union TALER_DenominationBlindingKeyP bks;
+ union GNUNET_CRYPTO_BlindingSecretP bks;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&ps,
sizeof (ps));
-
- alg_values.cipher = TALER_DENOMINATION_RSA;
- TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv);
- TALER_planchet_blinding_secret_create (&ps, &alg_values, &bks);
+ TALER_planchet_setup_coin_priv (&ps,
+ alg_values,
+ &coin_priv);
+ TALER_planchet_blinding_secret_create (&ps,
+ alg_values,
+ &bks);
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&ach,
sizeof(ach));
@@ -289,17 +292,17 @@ test_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh)
{
if (! keys[i].valid)
continue;
- if (TALER_DENOMINATION_RSA != keys[i].denom_pub.cipher)
+ if (GNUNET_CRYPTO_BSA_RSA !=
+ keys[i].denom_pub.bsign_pub_key->cipher)
continue;
{
- struct TALER_PlanchetDetail pd = {
- .blinded_planchet.cipher = TALER_DENOMINATION_RSA
- };
+ struct TALER_PlanchetDetail pd;
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub,
- &alg_values,
+ alg_values,
&bks,
+ NULL,
&coin_priv,
&ach,
&c_hash,
@@ -308,9 +311,11 @@ test_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh)
struct TALER_CRYPTO_RsaSignRequest rsr = {
.h_rsa = &keys[i].h_rsa,
.msg =
- pd.blinded_planchet.details.rsa_blinded_planchet.blinded_msg,
+ pd.blinded_planchet.blinded_message->details.rsa_blinded_message.
+ blinded_msg,
.msg_size =
- pd.blinded_planchet.details.rsa_blinded_planchet.blinded_msg_size
+ pd.blinded_planchet.blinded_message->details.rsa_blinded_message.
+ blinded_msg_size
};
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
@@ -352,7 +357,7 @@ test_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh)
&ds,
&bks,
&c_hash,
- &alg_values,
+ alg_values,
&keys[i].denom_pub))
{
GNUNET_break (0);
@@ -457,11 +462,11 @@ test_batch_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
enum TALER_ErrorCode ec;
bool success = false;
struct TALER_PlanchetMasterSecretP ps[batch_size];
- struct TALER_ExchangeWithdrawValues alg_values[batch_size];
+ const struct TALER_ExchangeWithdrawValues *alg_values;
struct TALER_AgeCommitmentHash ach[batch_size];
struct TALER_CoinPubHashP c_hash[batch_size];
struct TALER_CoinSpendPrivateKeyP coin_priv[batch_size];
- union TALER_DenominationBlindingKeyP bks[batch_size];
+ union GNUNET_CRYPTO_BlindingSecretP bks[batch_size];
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&ps,
@@ -469,14 +474,14 @@ test_batch_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&ach,
sizeof(ach));
+ alg_values = TALER_denom_ewv_rsa_singleton ();
for (unsigned int i = 0; i<batch_size; i++)
{
- alg_values[i].cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_coin_priv (&ps[i],
- &alg_values[i],
+ alg_values,
&coin_priv[i]);
TALER_planchet_blinding_secret_create (&ps[i],
- &alg_values[i],
+ alg_values,
&bks[i]);
}
for (unsigned int k = 0; k<MAX_KEYS; k++)
@@ -485,7 +490,8 @@ test_batch_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
break; /* only do one round */
if (! keys[k].valid)
continue;
- if (TALER_DENOMINATION_RSA != keys[k].denom_pub.cipher)
+ if (GNUNET_CRYPTO_BSA_RSA !=
+ keys[k].denom_pub.bsign_pub_key->cipher)
continue;
{
struct TALER_PlanchetDetail pd[batch_size];
@@ -493,11 +499,13 @@ test_batch_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
for (unsigned int i = 0; i<batch_size; i++)
{
- pd[i].blinded_planchet.cipher = TALER_DENOMINATION_RSA;
+ pd[i].blinded_planchet.blinded_message->cipher
+ = GNUNET_CRYPTO_BSA_RSA;
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[k].denom_pub,
- &alg_values[i],
+ alg_values,
&bks[i],
+ NULL,
&coin_priv[i],
&ach[i],
&c_hash[i],
@@ -505,19 +513,21 @@ test_batch_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
rsr[i].h_rsa
= &keys[k].h_rsa;
rsr[i].msg
- = pd[i].blinded_planchet.details.rsa_blinded_planchet.blinded_msg;
+ = pd[i].blinded_planchet.blinded_message->details.rsa_blinded_message.
+ blinded_msg;
rsr[i].msg_size
- = pd[i].blinded_planchet.details.rsa_blinded_planchet.blinded_msg_size;
+ = pd[i].blinded_planchet.blinded_message->details.rsa_blinded_message.
+ blinded_msg_size;
}
ec = TALER_CRYPTO_helper_rsa_batch_sign (dh,
- rsr,
batch_size,
+ rsr,
ds);
for (unsigned int i = 0; i<batch_size; i++)
{
if (TALER_EC_NONE == ec)
- GNUNET_break (TALER_DENOMINATION_RSA ==
- ds[i].cipher);
+ GNUNET_break (GNUNET_CRYPTO_BSA_RSA ==
+ ds[i].blinded_sig->cipher);
TALER_blinded_planchet_free (&pd[i].blinded_planchet);
}
}
@@ -553,7 +563,7 @@ test_batch_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
&ds[i],
&bks[i],
&c_hash[i],
- &alg_values[i],
+ alg_values,
&keys[k].denom_pub))
{
GNUNET_break (0);
@@ -637,8 +647,8 @@ test_batch_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
&rnd,
sizeof (rnd));
ec = TALER_CRYPTO_helper_rsa_batch_sign (dh,
- &rsr,
1,
+ &rsr,
ds);
if (TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN != ec)
{
@@ -674,13 +684,17 @@ perf_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
struct TALER_PlanchetMasterSecretP ps;
struct TALER_CoinSpendPrivateKeyP coin_priv;
struct TALER_AgeCommitmentHash ach;
- union TALER_DenominationBlindingKeyP bks;
- struct TALER_ExchangeWithdrawValues alg_values;
+ union GNUNET_CRYPTO_BlindingSecretP bks;
+ const struct TALER_ExchangeWithdrawValues *alg_values
+ = TALER_denom_ewv_rsa_singleton ();
TALER_planchet_master_setup_random (&ps);
- alg_values.cipher = TALER_DENOMINATION_RSA;
- TALER_planchet_setup_coin_priv (&ps, &alg_values, &coin_priv);
- TALER_planchet_blinding_secret_create (&ps, &alg_values, &bks);
+ TALER_planchet_setup_coin_priv (&ps,
+ alg_values,
+ &coin_priv);
+ TALER_planchet_blinding_secret_create (&ps,
+ alg_values,
+ &bks);
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&ach,
sizeof(ach));
@@ -692,7 +706,8 @@ perf_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
{
if (! keys[i].valid)
continue;
- if (TALER_DENOMINATION_RSA != keys[i].denom_pub.cipher)
+ if (GNUNET_CRYPTO_BSA_RSA !=
+ keys[i].denom_pub.bsign_pub_key->cipher)
continue;
if (GNUNET_TIME_relative_cmp (GNUNET_TIME_absolute_get_remaining (
keys[i].start_time.abs_time),
@@ -710,8 +725,9 @@ perf_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub,
- &alg_values,
+ alg_values,
&bks,
+ NULL,
&coin_priv,
&ach,
&c_hash,
@@ -724,9 +740,11 @@ perf_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
struct TALER_CRYPTO_RsaSignRequest rsr = {
.h_rsa = &keys[i].h_rsa,
.msg =
- pd.blinded_planchet.details.rsa_blinded_planchet.blinded_msg,
+ pd.blinded_planchet.blinded_message->details.rsa_blinded_message.
+ blinded_msg,
.msg_size =
- pd.blinded_planchet.details.rsa_blinded_planchet.blinded_msg_size
+ pd.blinded_planchet.blinded_message->details.rsa_blinded_message.
+ blinded_msg_size
};
ec = TALER_CRYPTO_helper_rsa_sign (dh,
diff --git a/src/util/wallet_signatures.c b/src/util/wallet_signatures.c
index e44635dda..0b6ab5432 100644
--- a/src/util/wallet_signatures.c
+++ b/src/util/wallet_signatures.c
@@ -320,7 +320,7 @@ struct TALER_RecoupRequestPS
/**
* Blinding factor that was used to withdraw the coin.
*/
- union TALER_DenominationBlindingKeyP coin_blind;
+ union GNUNET_CRYPTO_BlindingSecretP coin_blind;
};
@@ -330,7 +330,7 @@ GNUNET_NETWORK_STRUCT_END
enum GNUNET_GenericReturnValue
TALER_wallet_recoup_verify (
const struct TALER_DenominationHashP *h_denom_pub,
- const union TALER_DenominationBlindingKeyP *coin_bks,
+ const union GNUNET_CRYPTO_BlindingSecretP *coin_bks,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig)
{
@@ -351,7 +351,7 @@ TALER_wallet_recoup_verify (
void
TALER_wallet_recoup_sign (
const struct TALER_DenominationHashP *h_denom_pub,
- const union TALER_DenominationBlindingKeyP *coin_bks,
+ const union GNUNET_CRYPTO_BlindingSecretP *coin_bks,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
struct TALER_CoinSpendSignatureP *coin_sig)
{
@@ -371,7 +371,7 @@ TALER_wallet_recoup_sign (
enum GNUNET_GenericReturnValue
TALER_wallet_recoup_refresh_verify (
const struct TALER_DenominationHashP *h_denom_pub,
- const union TALER_DenominationBlindingKeyP *coin_bks,
+ const union GNUNET_CRYPTO_BlindingSecretP *coin_bks,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig)
{
@@ -392,7 +392,7 @@ TALER_wallet_recoup_refresh_verify (
void
TALER_wallet_recoup_refresh_sign (
const struct TALER_DenominationHashP *h_denom_pub,
- const union TALER_DenominationBlindingKeyP *coin_bks,
+ const union GNUNET_CRYPTO_BlindingSecretP *coin_bks,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
struct TALER_CoinSpendSignatureP *coin_sig)
{
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-07 10:25:40 +0000