diff options
author | Florian Dold <florian.dold@gmail.com> | 2014-02-03 21:25:53 +0000 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2014-02-03 21:25:53 +0000 |
commit | 8a3563b5c242b60aa4b7d2b9a3c3607ef8dcbadb (patch) | |
tree | f4b85c248403ba6783db017930b2258f3e61e18a /src/secretsharing/gnunet-service-secretsharing.c | |
parent | 694581b42a78419c1c8ffc31ee873484ff93d79b (diff) | |
download | gnunet-8a3563b5c242b60aa4b7d2b9a3c3607ef8dcbadb.tar.gz gnunet-8a3563b5c242b60aa4b7d2b9a3c3607ef8dcbadb.zip |
- consensus and secretsharing have both start time and deadline
Diffstat (limited to 'src/secretsharing/gnunet-service-secretsharing.c')
-rw-r--r-- | src/secretsharing/gnunet-service-secretsharing.c | 46 |
1 files changed, 24 insertions, 22 deletions
diff --git a/src/secretsharing/gnunet-service-secretsharing.c b/src/secretsharing/gnunet-service-secretsharing.c index 4af5124ca..9c8c44264 100644 --- a/src/secretsharing/gnunet-service-secretsharing.c +++ b/src/secretsharing/gnunet-service-secretsharing.c | |||
@@ -238,6 +238,11 @@ struct DecryptSession | |||
238 | struct GNUNET_MQ_Handle *client_mq; | 238 | struct GNUNET_MQ_Handle *client_mq; |
239 | 239 | ||
240 | /** | 240 | /** |
241 | * When should we start communicating for decryption? | ||
242 | */ | ||
243 | struct GNUNET_TIME_Absolute start; | ||
244 | |||
245 | /** | ||
241 | * When would we like the ciphertext to be | 246 | * When would we like the ciphertext to be |
242 | * decrypted? | 247 | * decrypted? |
243 | */ | 248 | */ |
@@ -814,8 +819,8 @@ insert_round2_element (struct KeygenSession *ks) | |||
814 | 819 | ||
815 | element_size = (sizeof (struct GNUNET_SECRETSHARING_KeygenRevealData) + | 820 | element_size = (sizeof (struct GNUNET_SECRETSHARING_KeygenRevealData) + |
816 | GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers + | 821 | GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers + |
817 | GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->threshold + | 822 | sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->num_peers + |
818 | GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8 * ks->num_peers); | 823 | GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->threshold); |
819 | 824 | ||
820 | element = GNUNET_malloc (sizeof (struct GNUNET_SET_Element) + element_size); | 825 | element = GNUNET_malloc (sizeof (struct GNUNET_SET_Element) + element_size); |
821 | element->size = element_size; | 826 | element->size = element_size; |
@@ -857,13 +862,11 @@ insert_round2_element (struct KeygenSession *ks) | |||
857 | memset (ciphertext, 0, sizeof *ciphertext); | 862 | memset (ciphertext, 0, sizeof *ciphertext); |
858 | if (GNUNET_YES == ks->info[i].round1_valid) | 863 | if (GNUNET_YES == ks->info[i].round1_valid) |
859 | { | 864 | { |
860 | struct GNUNET_CRYPTO_PaillierPlaintext plaintext; | ||
861 | gcry_mpi_set_ui (idx, i + 1); | 865 | gcry_mpi_set_ui (idx, i + 1); |
862 | // evaluate the polynomial | 866 | // evaluate the polynomial |
863 | horner_eval (v, ks->presecret_polynomial, ks->threshold, idx, elgamal_q); | 867 | horner_eval (v, ks->presecret_polynomial, ks->threshold, idx, elgamal_q); |
864 | GNUNET_CRYPTO_mpi_print_unsigned (&plaintext, sizeof plaintext, v); | ||
865 | // encrypt the result | 868 | // encrypt the result |
866 | GNUNET_CRYPTO_paillier_encrypt (&ks->info[i].paillier_public_key, &plaintext, ciphertext); | 869 | GNUNET_CRYPTO_paillier_encrypt (&ks->info[i].paillier_public_key, v, ciphertext); |
867 | } | 870 | } |
868 | pos += sizeof *ciphertext; | 871 | pos += sizeof *ciphertext; |
869 | } | 872 | } |
@@ -904,7 +907,6 @@ keygen_round2_new_element (void *cls, | |||
904 | const struct GNUNET_SECRETSHARING_KeygenRevealData *d; | 907 | const struct GNUNET_SECRETSHARING_KeygenRevealData *d; |
905 | struct KeygenPeerInfo *info; | 908 | struct KeygenPeerInfo *info; |
906 | unsigned char *pos; | 909 | unsigned char *pos; |
907 | struct GNUNET_CRYPTO_PaillierPlaintext plaintext; | ||
908 | size_t expected_element_size; | 910 | size_t expected_element_size; |
909 | 911 | ||
910 | if (NULL == element) | 912 | if (NULL == element) |
@@ -915,7 +917,7 @@ keygen_round2_new_element (void *cls, | |||
915 | 917 | ||
916 | expected_element_size = (sizeof (struct GNUNET_SECRETSHARING_KeygenRevealData) + | 918 | expected_element_size = (sizeof (struct GNUNET_SECRETSHARING_KeygenRevealData) + |
917 | GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers + | 919 | GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers + |
918 | GNUNET_CRYPTO_PAILLIER_BITS / 8 * 2 * ks->num_peers + | 920 | sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->num_peers + |
919 | GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->threshold); | 921 | GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->threshold); |
920 | 922 | ||
921 | if (element->size != expected_element_size) | 923 | if (element->size != expected_element_size) |
@@ -960,7 +962,7 @@ keygen_round2_new_element (void *cls, | |||
960 | // skip exponentiated pre-shares | 962 | // skip exponentiated pre-shares |
961 | pos += GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers; | 963 | pos += GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers; |
962 | // skip encrypted pre-shares | 964 | // skip encrypted pre-shares |
963 | pos += GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8 * ks->num_peers; | 965 | pos += sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->num_peers; |
964 | // the first exponentiated coefficient is the public key share | 966 | // the first exponentiated coefficient is the public key share |
965 | GNUNET_CRYPTO_mpi_scan_unsigned (&info->public_key_share, pos, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8); | 967 | GNUNET_CRYPTO_mpi_scan_unsigned (&info->public_key_share, pos, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8); |
966 | 968 | ||
@@ -968,12 +970,11 @@ keygen_round2_new_element (void *cls, | |||
968 | // skip exp. pre-shares | 970 | // skip exp. pre-shares |
969 | pos += GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers; | 971 | pos += GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers; |
970 | // skip to the encrypted value for our peer | 972 | // skip to the encrypted value for our peer |
971 | pos += GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8 * ks->local_peer_idx; | 973 | pos += sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->local_peer_idx; |
972 | 974 | ||
975 | GNUNET_assert (NULL != (info->decrypted_preshare = gcry_mpi_new (0))); | ||
973 | GNUNET_CRYPTO_paillier_decrypt (&ks->paillier_private_key, &ks->info[ks->local_peer_idx].paillier_public_key, | 976 | GNUNET_CRYPTO_paillier_decrypt (&ks->paillier_private_key, &ks->info[ks->local_peer_idx].paillier_public_key, |
974 | (struct GNUNET_CRYPTO_PaillierCiphertext *) pos, &plaintext); | 977 | (struct GNUNET_CRYPTO_PaillierCiphertext *) pos, info->decrypted_preshare); |
975 | GNUNET_CRYPTO_mpi_scan_unsigned (&info->decrypted_preshare, &plaintext, | ||
976 | sizeof plaintext); | ||
977 | 978 | ||
978 | // TODO: validate zero knowledge proofs | 979 | // TODO: validate zero knowledge proofs |
979 | 980 | ||
@@ -1009,13 +1010,13 @@ keygen_round1_conclude (void *cls) | |||
1009 | GNUNET_CONSENSUS_destroy (ks->consensus); | 1010 | GNUNET_CONSENSUS_destroy (ks->consensus); |
1010 | 1011 | ||
1011 | ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers, &ks->session_id, | 1012 | ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers, &ks->session_id, |
1013 | time_between (ks->start_time, ks->deadline, 1, 2), | ||
1014 | ks->deadline, | ||
1012 | keygen_round2_new_element, ks); | 1015 | keygen_round2_new_element, ks); |
1013 | 1016 | ||
1014 | insert_round2_element (ks); | 1017 | insert_round2_element (ks); |
1015 | 1018 | ||
1016 | GNUNET_CONSENSUS_conclude (ks->consensus, | 1019 | GNUNET_CONSENSUS_conclude (ks->consensus, |
1017 | /* last round, thus conclude at DKG deadline */ | ||
1018 | ks->deadline, | ||
1019 | keygen_round2_conclude, | 1020 | keygen_round2_conclude, |
1020 | ks); | 1021 | ks); |
1021 | } | 1022 | } |
@@ -1104,6 +1105,8 @@ static void handle_client_keygen (void *cls, | |||
1104 | 1105 | ||
1105 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, "first round of consensus with %u peers\n", ks->num_peers); | 1106 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, "first round of consensus with %u peers\n", ks->num_peers); |
1106 | ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers, &msg->session_id, | 1107 | ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers, &msg->session_id, |
1108 | GNUNET_TIME_absolute_ntoh (msg->start), | ||
1109 | GNUNET_TIME_absolute_ntoh (msg->deadline), | ||
1107 | keygen_round1_new_element, ks); | 1110 | keygen_round1_new_element, ks); |
1108 | 1111 | ||
1109 | ks->info = GNUNET_new_array (ks->num_peers, struct KeygenPeerInfo); | 1112 | ks->info = GNUNET_new_array (ks->num_peers, struct KeygenPeerInfo); |
@@ -1125,8 +1128,6 @@ static void handle_client_keygen (void *cls, | |||
1125 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "P%u: Concluding for round 1\n", ks->local_peer_idx); | 1128 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "P%u: Concluding for round 1\n", ks->local_peer_idx); |
1126 | 1129 | ||
1127 | GNUNET_CONSENSUS_conclude (ks->consensus, | 1130 | GNUNET_CONSENSUS_conclude (ks->consensus, |
1128 | /* half the overall time */ | ||
1129 | time_between (ks->start_time, ks->deadline, 1, 2), | ||
1130 | keygen_round1_conclude, | 1131 | keygen_round1_conclude, |
1131 | ks); | 1132 | ks); |
1132 | 1133 | ||
@@ -1259,6 +1260,9 @@ insert_decrypt_element (struct DecryptSession *ds) | |||
1259 | gcry_mpi_t x; | 1260 | gcry_mpi_t x; |
1260 | gcry_mpi_t s; | 1261 | gcry_mpi_t s; |
1261 | 1262 | ||
1263 | /* make vagrind happy until we implement the real deal ... */ | ||
1264 | memset (&d, 0, sizeof d); | ||
1265 | |||
1262 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "P%u: Inserting decrypt element\n", | 1266 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "P%u: Inserting decrypt element\n", |
1263 | ds->share->my_peer); | 1267 | ds->share->my_peer); |
1264 | 1268 | ||
@@ -1273,11 +1277,6 @@ insert_decrypt_element (struct DecryptSession *ds) | |||
1273 | element.size = sizeof (struct GNUNET_SECRETSHARING_DecryptData); | 1277 | element.size = sizeof (struct GNUNET_SECRETSHARING_DecryptData); |
1274 | element.type = 0; | 1278 | element.type = 0; |
1275 | 1279 | ||
1276 | /* make vagrind happy until we implement the real deal ... */ | ||
1277 | memset (&d.nizk_commit1, 0, sizeof d.nizk_commit1); | ||
1278 | memset (&d.nizk_commit2, 0, sizeof d.nizk_commit2); | ||
1279 | memset (&d.nizk_response, 0, sizeof d.nizk_response); | ||
1280 | |||
1281 | d.ciphertext = ds->ciphertext; | 1280 | d.ciphertext = ds->ciphertext; |
1282 | d.peer = my_peer; | 1281 | d.peer = my_peer; |
1283 | d.purpose.size = htonl (element.size - offsetof (struct GNUNET_SECRETSHARING_DecryptData, purpose)); | 1282 | d.purpose.size = htonl (element.size - offsetof (struct GNUNET_SECRETSHARING_DecryptData, purpose)); |
@@ -1317,6 +1316,7 @@ static void handle_client_decrypt (void *cls, | |||
1317 | GNUNET_CONTAINER_DLL_insert (decrypt_sessions_head, decrypt_sessions_tail, ds); | 1316 | GNUNET_CONTAINER_DLL_insert (decrypt_sessions_head, decrypt_sessions_tail, ds); |
1318 | ds->client = client; | 1317 | ds->client = client; |
1319 | ds->client_mq = GNUNET_MQ_queue_for_server_client (client); | 1318 | ds->client_mq = GNUNET_MQ_queue_for_server_client (client); |
1319 | ds->start = GNUNET_TIME_absolute_ntoh (msg->start); | ||
1320 | ds->deadline = GNUNET_TIME_absolute_ntoh (msg->deadline); | 1320 | ds->deadline = GNUNET_TIME_absolute_ntoh (msg->deadline); |
1321 | ds->ciphertext = msg->ciphertext; | 1321 | ds->ciphertext = msg->ciphertext; |
1322 | 1322 | ||
@@ -1331,6 +1331,8 @@ static void handle_client_decrypt (void *cls, | |||
1331 | ds->share->num_peers, | 1331 | ds->share->num_peers, |
1332 | ds->share->peers, | 1332 | ds->share->peers, |
1333 | &session_id, | 1333 | &session_id, |
1334 | ds->start, | ||
1335 | ds->deadline, | ||
1334 | &decrypt_new_element, | 1336 | &decrypt_new_element, |
1335 | ds); | 1337 | ds); |
1336 | 1338 | ||
@@ -1344,7 +1346,7 @@ static void handle_client_decrypt (void *cls, | |||
1344 | 1346 | ||
1345 | insert_decrypt_element (ds); | 1347 | insert_decrypt_element (ds); |
1346 | 1348 | ||
1347 | GNUNET_CONSENSUS_conclude (ds->consensus, ds->deadline, decrypt_conclude, ds); | 1349 | GNUNET_CONSENSUS_conclude (ds->consensus, decrypt_conclude, ds); |
1348 | 1350 | ||
1349 | GNUNET_SERVER_receive_done (client, GNUNET_OK); | 1351 | GNUNET_SERVER_receive_done (client, GNUNET_OK); |
1350 | 1352 | ||