diff options
Diffstat (limited to 'src/util/crypto.c')
-rw-r--r-- | src/util/crypto.c | 137 |
1 files changed, 108 insertions, 29 deletions
diff --git a/src/util/crypto.c b/src/util/crypto.c index 974566dc0..4735af3b0 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -27,11 +27,6 @@ #include <gcrypt.h> /** - * Used in TALER_AgeCommitmentHash_isNullOrZero for comparison - */ -const struct TALER_AgeCommitmentHash TALER_ZeroAgeCommitmentHash = {0}; - -/** * Function called by libgcrypt on serious errors. * Prints an error message and aborts the process. * @@ -90,7 +85,9 @@ TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info, #endif TALER_coin_pub_hash (&coin_public_info->coin_pub, - &coin_public_info->h_age_commitment, + coin_public_info->no_age_commitment + ? NULL + : &coin_public_info->h_age_commitment, &c_hash); if (GNUNET_OK != @@ -217,7 +214,7 @@ TALER_planchet_secret_to_transfer_priv ( void TALER_cs_withdraw_nonce_derive ( const struct TALER_PlanchetMasterSecretP *ps, - struct TALER_CsNonce *nonce) + struct GNUNET_CRYPTO_CsSessionNonce *nonce) { GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_kdf (nonce, @@ -235,7 +232,7 @@ void TALER_cs_refresh_nonce_derive ( const struct TALER_RefreshMasterSecretP *rms, uint32_t coin_num_salt, - struct TALER_CsNonce *nonce) + struct GNUNET_CRYPTO_CsSessionNonce *nonce) { uint32_t be_salt = htonl (coin_num_salt); @@ -244,7 +241,7 @@ TALER_cs_refresh_nonce_derive ( sizeof (*nonce), &be_salt, sizeof (be_salt), - "refresh-n", // FIXME: value used in spec? + "refresh-n", strlen ("refresh-n"), rms, sizeof(*rms), @@ -253,10 +250,31 @@ TALER_cs_refresh_nonce_derive ( } +void +TALER_rsa_pub_hash (const struct GNUNET_CRYPTO_RsaPublicKey *rsa, + struct TALER_RsaPubHashP *h_rsa) +{ + GNUNET_CRYPTO_rsa_public_key_hash (rsa, + &h_rsa->hash); + +} + + +void +TALER_cs_pub_hash (const struct GNUNET_CRYPTO_CsPublicKey *cs, + struct TALER_CsPubHashP *h_cs) +{ + GNUNET_CRYPTO_hash (cs, + sizeof(*cs), + &h_cs->hash); +} + + enum GNUNET_GenericReturnValue TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, const struct TALER_ExchangeWithdrawValues *alg_values, - const union TALER_DenominationBlindingKeyP *bks, + const union GNUNET_CRYPTO_BlindingSecretP *bks, + const union GNUNET_CRYPTO_BlindSessionNonce *nonce, const struct TALER_CoinSpendPrivateKeyP *coin_priv, const struct TALER_AgeCommitmentHash *ach, struct TALER_CoinPubHashP *c_hash, @@ -265,12 +283,14 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, { struct TALER_CoinSpendPublicKeyP coin_pub; - GNUNET_assert (alg_values->cipher == dk->cipher); + GNUNET_assert (alg_values->blinding_inputs->cipher == + dk->bsign_pub_key->cipher); GNUNET_CRYPTO_eddsa_key_get_public (&coin_priv->eddsa_priv, &coin_pub.eddsa_pub); if (GNUNET_OK != TALER_denom_blind (dk, bks, + nonce, ach, &coin_pub, alg_values, @@ -297,15 +317,21 @@ enum GNUNET_GenericReturnValue TALER_planchet_to_coin ( const struct TALER_DenominationPublicKey *dk, const struct TALER_BlindedDenominationSignature *blind_sig, - const union TALER_DenominationBlindingKeyP *bks, + const union GNUNET_CRYPTO_BlindingSecretP *bks, const struct TALER_CoinSpendPrivateKeyP *coin_priv, const struct TALER_AgeCommitmentHash *ach, const struct TALER_CoinPubHashP *c_hash, const struct TALER_ExchangeWithdrawValues *alg_values, struct TALER_FreshCoin *coin) { - if ( (dk->cipher != blind_sig->cipher) || - (dk->cipher != alg_values->cipher) ) + if (dk->bsign_pub_key->cipher != + blind_sig->blinded_sig->cipher) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + if (dk->bsign_pub_key->cipher != + alg_values->blinding_inputs->cipher) { GNUNET_break_op (0); return GNUNET_SYSERR; @@ -426,24 +452,28 @@ TALER_coin_pub_hash (const struct TALER_CoinSpendPublicKeyP *coin_pub, { /* Coin comes with age commitment. Take the hash of the age commitment * into account */ - const size_t key_s = sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey); - const size_t age_s = sizeof(struct TALER_AgeCommitmentHash); - char data[key_s + age_s]; - - GNUNET_memcpy (&data[0], - &coin_pub->eddsa_pub, - key_s); - GNUNET_memcpy (&data[key_s], - ach, - age_s); - GNUNET_CRYPTO_hash (&data, - key_s + age_s, - &coin_h->hash); + struct GNUNET_HashContext *hash_context; + + hash_context = GNUNET_CRYPTO_hash_context_start (); + + GNUNET_CRYPTO_hash_context_read ( + hash_context, + &coin_pub->eddsa_pub, + sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)); + + GNUNET_CRYPTO_hash_context_read ( + hash_context, + ach, + sizeof(struct TALER_AgeCommitmentHash)); + + GNUNET_CRYPTO_hash_context_finish ( + hash_context, + &coin_h->hash); } } -enum GNUNET_GenericReturnValue +void TALER_coin_ev_hash (const struct TALER_BlindedPlanchet *blinded_planchet, const struct TALER_DenominationHashP *denom_hash, struct TALER_BlindedCoinHashP *bch) @@ -458,7 +488,56 @@ TALER_coin_ev_hash (const struct TALER_BlindedPlanchet *blinded_planchet, hash_context); GNUNET_CRYPTO_hash_context_finish (hash_context, &bch->hash); - return GNUNET_OK; +} + + +GNUNET_NETWORK_STRUCT_BEGIN +/** + * Structure we hash to compute the group key for + * a denomination group. + */ +struct DenominationGroupP +{ + /** + * Value of coins in this denomination group. + */ + struct TALER_AmountNBO value; + + /** + * Fee structure for all coins in the group. + */ + struct TALER_DenomFeeSetNBOP fees; + + /** + * Age mask for the denomiation, in NBO. + */ + uint32_t age_mask GNUNET_PACKED; + + /** + * Cipher used for the denomination, in NBO. + */ + uint32_t cipher GNUNET_PACKED; +}; +GNUNET_NETWORK_STRUCT_END + + +void +TALER_denomination_group_get_key ( + const struct TALER_DenominationGroup *dg, + struct GNUNET_HashCode *key) +{ + struct DenominationGroupP dgp = { + .age_mask = htonl (dg->age_mask.bits), + .cipher = htonl (dg->cipher) + }; + + TALER_amount_hton (&dgp.value, + &dg->value); + TALER_denom_fee_set_hton (&dgp.fees, + &dg->fees); + GNUNET_CRYPTO_hash (&dgp, + sizeof (dgp), + key); } |