From 32bb3b14bf5cd623714985c8ca7fed0c5a923336 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Tue, 24 May 2016 20:13:31 +0200
Subject: fix #4483

---
 src/util/crypto.c      | 149 +++++++++----------------------------------------
 src/util/test_crypto.c |  67 +++++-----------------
 2 files changed, 40 insertions(+), 176 deletions(-)

(limited to 'src/util')

diff --git a/src/util/crypto.c b/src/util/crypto.c
index 9e6890569..042cf8871 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -227,41 +227,25 @@ TALER_transfer_encrypt (const struct TALER_LinkSecretP *secret,
  *
  * @param input encrypted refresh link data
  * @param secret shared secret to use for decryption
- * @return NULL on error
+ * @param[out] output where to write decrypted data
  */
-struct TALER_RefreshLinkDecrypted *
-TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input,
-                       const struct TALER_LinkSecretP *secret)
+void
+TALER_refresh_decrypt (const struct TALER_RefreshLinkEncryptedP *input,
+                       const struct TALER_LinkSecretP *secret,
+		       struct TALER_RefreshLinkDecryptedP *output)
 {
-  struct TALER_RefreshLinkDecrypted *ret;
   struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
   struct GNUNET_CRYPTO_SymmetricSessionKey skey;
-  size_t buf_size = input->blinding_key_enc_size
-    + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey);
-  char buf[buf_size];
 
-  GNUNET_assert (input->blinding_key_enc == (const char *) &input[1]);
   derive_refresh_key (secret, &iv, &skey);
-  if (buf_size !=
-      GNUNET_CRYPTO_symmetric_decrypt (input->coin_priv_enc,
-                                       buf_size,
-                                       &skey,
-                                       &iv,
-                                       buf))
-    return NULL;
-  ret = GNUNET_new (struct TALER_RefreshLinkDecrypted);
-  memcpy (&ret->coin_priv,
-          buf,
-          sizeof (struct TALER_CoinSpendPrivateKeyP));
-  ret->blinding_key.rsa_blinding_key
-    = GNUNET_CRYPTO_rsa_blinding_key_decode (&buf[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)],
-                                             input->blinding_key_enc_size);
-  if (NULL == ret->blinding_key.rsa_blinding_key)
-  {
-    GNUNET_free (ret);
-    return NULL;
-  }
-  return ret;
+  GNUNET_assert (sizeof (struct TALER_RefreshLinkEncryptedP) ==
+		 sizeof (struct TALER_RefreshLinkDecryptedP));
+  GNUNET_assert (sizeof (struct TALER_RefreshLinkEncryptedP) ==
+		 GNUNET_CRYPTO_symmetric_decrypt (input,
+						  sizeof (struct TALER_RefreshLinkEncryptedP),
+						  &skey,
+						  &iv,
+						  output));
 }
 
 
@@ -270,106 +254,25 @@ TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input,
  *
  * @param input plaintext refresh link data
  * @param secret shared secret to use for encryption
- * @return NULL on error (should never happen)
+ * @param[out] output where to write encrypted link data
  */
-struct TALER_RefreshLinkEncrypted *
-TALER_refresh_encrypt (const struct TALER_RefreshLinkDecrypted *input,
-                       const struct TALER_LinkSecretP *secret)
+void
+TALER_refresh_encrypt (const struct TALER_RefreshLinkDecryptedP *input,
+                       const struct TALER_LinkSecretP *secret,
+		       struct TALER_RefreshLinkEncryptedP *output)
 {
-  char *b_buf;
-  size_t b_buf_size;
   struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
   struct GNUNET_CRYPTO_SymmetricSessionKey skey;
-  struct TALER_RefreshLinkEncrypted *ret;
 
   derive_refresh_key (secret, &iv, &skey);
-  b_buf_size = GNUNET_CRYPTO_rsa_blinding_key_encode (input->blinding_key.rsa_blinding_key,
-                                                      &b_buf);
-  ret = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) +
-                       b_buf_size);
-  ret->blinding_key_enc = (const char *) &ret[1];
-  ret->blinding_key_enc_size = b_buf_size;
-  {
-    size_t buf_size = b_buf_size + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey);
-    char buf[buf_size];
-
-    memcpy (buf,
-            &input->coin_priv,
-            sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
-    memcpy (&buf[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)],
-            b_buf,
-            b_buf_size);
-
-    if (buf_size !=
-        GNUNET_CRYPTO_symmetric_encrypt (buf,
-                                         buf_size,
-                                         &skey,
-                                         &iv,
-                                         ret->coin_priv_enc))
-    {
-      GNUNET_free (ret);
-      return NULL;
-    }
-  }
-  return ret;
-}
-
-
-/**
- * Decode encrypted refresh link information from buffer.
- *
- * @param buf buffer with refresh link data
- * @param buf_len number of bytes in @a buf
- * @return NULL on error (@a buf_len too small)
- */
-struct TALER_RefreshLinkEncrypted *
-TALER_refresh_link_encrypted_decode (const char *buf,
-                                     size_t buf_len)
-{
-  struct TALER_RefreshLinkEncrypted *rle;
-
-  if (buf_len < sizeof (struct TALER_CoinSpendPrivateKeyP))
-    return NULL;
-  if (buf_len >= GNUNET_MAX_MALLOC_CHECKED)
-  {
-    GNUNET_break (0);
-    return NULL;
-  }
-  rle = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) +
-                       buf_len - sizeof (struct TALER_CoinSpendPrivateKeyP));
-  rle->blinding_key_enc = (const char *) &rle[1];
-  rle->blinding_key_enc_size = buf_len - sizeof (struct TALER_CoinSpendPrivateKeyP);
-  memcpy (rle->coin_priv_enc,
-          buf,
-          buf_len);
-  return rle;
-}
-
-
-/**
- * Encode encrypted refresh link information to buffer.
- *
- * @param rle refresh link to encode
- * @param[out] buf_len set number of bytes returned
- * @return NULL on error, otherwise buffer with encoded @a rle
- */
-char *
-TALER_refresh_link_encrypted_encode (const struct TALER_RefreshLinkEncrypted *rle,
-                                     size_t *buf_len)
-{
-  char *buf;
-
-  if (rle->blinding_key_enc_size >= GNUNET_MAX_MALLOC_CHECKED - sizeof (struct TALER_CoinSpendPrivateKeyP))
-  {
-    GNUNET_break (0);
-    return NULL;
-  }
-  *buf_len = sizeof (struct TALER_CoinSpendPrivateKeyP) + rle->blinding_key_enc_size;
-  buf = GNUNET_malloc (*buf_len);
-  memcpy (buf,
-	  rle->coin_priv_enc,
-          *buf_len);
-  return buf;
+  GNUNET_assert (sizeof (struct TALER_RefreshLinkEncryptedP) ==
+		 sizeof (struct TALER_RefreshLinkDecryptedP));
+  GNUNET_assert (sizeof (struct TALER_RefreshLinkEncryptedP) ==
+		 GNUNET_CRYPTO_symmetric_encrypt (input,
+						  sizeof (struct TALER_RefreshLinkDecryptedP),
+						  &skey,
+						  &iv,
+						  output));
 }
 
 
diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c
index 59acd7814..b677c6d8f 100644
--- a/src/util/test_crypto.c
+++ b/src/util/test_crypto.c
@@ -36,9 +36,9 @@ test_basics ()
   struct TALER_TransferSecretP trans_sec;
   struct TALER_LinkSecretP secret;
   struct TALER_LinkSecretP secret2;
-  struct TALER_RefreshLinkEncrypted *rl_enc;
-  struct TALER_RefreshLinkDecrypted rl;
-  struct TALER_RefreshLinkDecrypted *rld;
+  struct TALER_RefreshLinkEncryptedP rl_enc;
+  struct TALER_RefreshLinkDecryptedP rl;
+  struct TALER_RefreshLinkDecryptedP rld;
                        
   GNUNET_log_setup ("test-crypto",
 		    "WARNING",
@@ -47,11 +47,11 @@ test_basics ()
 			      &secret,
 			      sizeof (secret));
   GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
-			      &rl.coin_priv,
-			      sizeof (rl.coin_priv));
-  rl.blinding_key.rsa_blinding_key = GNUNET_CRYPTO_rsa_blinding_key_create (1024);
-  rl_enc = TALER_refresh_encrypt (&rl,
-				  &secret);
+			      &rl,
+			      sizeof (rl));
+  TALER_refresh_encrypt (&rl,
+			 &secret,
+			 &rl_enc);
   GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
 			      &trans_sec,
 			      sizeof (trans_sec));
@@ -66,49 +66,12 @@ test_basics ()
   GNUNET_assert (0 == memcmp (&secret,
 			      &secret2,
 			      sizeof (secret)));
-  rld = TALER_refresh_decrypt (rl_enc,
-			       &secret2);
-  GNUNET_assert (NULL != rld);
-  GNUNET_assert (0 == memcmp (&rld->coin_priv,
-			      &rl.coin_priv,
-			      sizeof (struct TALER_CoinSpendPrivateKeyP)));
-  GNUNET_assert (0 ==
-		 GNUNET_CRYPTO_rsa_blinding_key_cmp (rl.blinding_key.rsa_blinding_key,
-						     rld->blinding_key.rsa_blinding_key));
-  GNUNET_CRYPTO_rsa_blinding_key_free (rld->blinding_key.rsa_blinding_key);
-  GNUNET_free (rld);
-  GNUNET_CRYPTO_rsa_blinding_key_free (rl.blinding_key.rsa_blinding_key);
-  return 0;
-}
-
-
-/**
- * Test #TALER_refresh_link_encrypted_decode().
- *
- * @return 0 on success
- */
-static int
-test_rled ()
-{
-  struct TALER_RefreshLinkEncrypted *rle;
-  char buf[512];
-  char *buf2;
-  size_t buf_len = sizeof (buf);
-
-  memset (buf, 42, sizeof (buf));
-  rle = TALER_refresh_link_encrypted_decode (buf,
-					     buf_len);
-  GNUNET_assert (NULL != rle);
-  buf_len = 42;
-  buf2 = TALER_refresh_link_encrypted_encode (rle,
-					      &buf_len);
-  GNUNET_assert (NULL != buf2);
-  GNUNET_assert (buf_len == sizeof (buf));
-  GNUNET_assert (0 == memcmp (buf,
-			      buf2,
-			      buf_len));
-  GNUNET_free (rle);
-  GNUNET_free (buf2);
+  TALER_refresh_decrypt (&rl_enc,
+			 &secret2,
+			 &rld);
+  GNUNET_assert (0 == memcmp (&rld,
+			      &rl,
+			      sizeof (struct TALER_RefreshLinkDecryptedP)));
   return 0;
 }
 
@@ -172,8 +135,6 @@ main(int argc,
 {
   if (0 != test_basics ())
     return 1;
-  if (0 != test_rled ())
-    return 1;
   if (0 != test_high_level ())
     return 1;
   return 0;  
-- 
cgit v1.2.3