diff options
author | Christian Grothoff <christian@grothoff.org> | 2016-05-24 18:14:04 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2016-05-24 18:14:04 +0000 |
commit | 425065e903d0eb1a4a1faeaf183401fa49e9560b (patch) | |
tree | a64ed547fb3154917743692a65c4bdf38e330c6a /src | |
parent | b2bbad6a70f3d7e089b14f282dd8e6a4dfe6ce46 (diff) | |
download | gnunet-425065e903d0eb1a4a1faeaf183401fa49e9560b.tar.gz gnunet-425065e903d0eb1a4a1faeaf183401fa49e9560b.zip |
fixing #4483: optimize blinding key storage/transmission
Diffstat (limited to 'src')
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 76 | ||||
-rw-r--r-- | src/util/crypto_rsa.c | 125 | ||||
-rw-r--r-- | src/util/test_crypto_rsa.c | 17 |
3 files changed, 69 insertions, 149 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 63978617c..bd95ad3c3 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -1787,9 +1787,16 @@ struct GNUNET_CRYPTO_RsaPrivateKey; | |||
1787 | struct GNUNET_CRYPTO_RsaPublicKey; | 1787 | struct GNUNET_CRYPTO_RsaPublicKey; |
1788 | 1788 | ||
1789 | /** | 1789 | /** |
1790 | * Key used to blind a message | 1790 | * Constant-size pre-secret for blinding key generation. |
1791 | */ | 1791 | */ |
1792 | struct GNUNET_CRYPTO_RsaBlindingKey; | 1792 | struct GNUNET_CRYPTO_RsaBlindingKeySecret |
1793 | { | ||
1794 | /** | ||
1795 | * Bits used to generate the blinding key. 256 bits | ||
1796 | * of entropy is enough. | ||
1797 | */ | ||
1798 | uint32_t pre_secret[8] GNUNET_PACKED; | ||
1799 | }; | ||
1793 | 1800 | ||
1794 | /** | 1801 | /** |
1795 | * @brief an RSA signature | 1802 | * @brief an RSA signature |
@@ -1929,28 +1936,6 @@ GNUNET_CRYPTO_rsa_public_key_dup (const struct GNUNET_CRYPTO_RsaPublicKey *key); | |||
1929 | 1936 | ||
1930 | 1937 | ||
1931 | /** | 1938 | /** |
1932 | * Create a blinding key | ||
1933 | * | ||
1934 | * @param len length of the key in bits (i.e. 2048) | ||
1935 | * @return the newly created blinding key | ||
1936 | */ | ||
1937 | struct GNUNET_CRYPTO_RsaBlindingKey * | ||
1938 | GNUNET_CRYPTO_rsa_blinding_key_create (unsigned int len); | ||
1939 | |||
1940 | |||
1941 | /** | ||
1942 | * Compare the values of two blinding keys. | ||
1943 | * | ||
1944 | * @param b1 one key | ||
1945 | * @param b2 the other key | ||
1946 | * @return 0 if the two are equal | ||
1947 | */ | ||
1948 | int | ||
1949 | GNUNET_CRYPTO_rsa_blinding_key_cmp (struct GNUNET_CRYPTO_RsaBlindingKey *b1, | ||
1950 | struct GNUNET_CRYPTO_RsaBlindingKey *b2); | ||
1951 | |||
1952 | |||
1953 | /** | ||
1954 | * Compare the values of two signatures. | 1939 | * Compare the values of two signatures. |
1955 | * | 1940 | * |
1956 | * @param s1 one signature | 1941 | * @param s1 one signature |
@@ -1986,52 +1971,17 @@ GNUNET_CRYPTO_rsa_public_key_cmp (struct GNUNET_CRYPTO_RsaPublicKey *p1, | |||
1986 | 1971 | ||
1987 | 1972 | ||
1988 | /** | 1973 | /** |
1989 | * Destroy a blinding key | ||
1990 | * | ||
1991 | * @param bkey the blinding key to destroy | ||
1992 | */ | ||
1993 | void | ||
1994 | GNUNET_CRYPTO_rsa_blinding_key_free (struct GNUNET_CRYPTO_RsaBlindingKey *bkey); | ||
1995 | |||
1996 | |||
1997 | /** | ||
1998 | * Encode the blinding key in a format suitable for | ||
1999 | * storing it into a file. | ||
2000 | * | ||
2001 | * @param bkey the blinding key | ||
2002 | * @param[out] buffer set to a buffer with the encoded key | ||
2003 | * @return size of memory allocated in @a buffer | ||
2004 | */ | ||
2005 | size_t | ||
2006 | GNUNET_CRYPTO_rsa_blinding_key_encode (const struct GNUNET_CRYPTO_RsaBlindingKey *bkey, | ||
2007 | char **buffer); | ||
2008 | |||
2009 | |||
2010 | /** | ||
2011 | * Decode the blinding key from the data-format back | ||
2012 | * to the "normal", internal format. | ||
2013 | * | ||
2014 | * @param buf the buffer where the public key data is stored | ||
2015 | * @param len the length of the data in @a buf | ||
2016 | * @return NULL on error | ||
2017 | */ | ||
2018 | struct GNUNET_CRYPTO_RsaBlindingKey * | ||
2019 | GNUNET_CRYPTO_rsa_blinding_key_decode (const char *buf, | ||
2020 | size_t len); | ||
2021 | |||
2022 | |||
2023 | /** | ||
2024 | * Blinds the given message with the given blinding key | 1974 | * Blinds the given message with the given blinding key |
2025 | * | 1975 | * |
2026 | * @param hash hash of the message to sign | 1976 | * @param hash hash of the message to sign |
2027 | * @param bkey the blinding key | 1977 | * @param bks the blinding key secret |
2028 | * @param pkey the public key of the signer | 1978 | * @param pkey the public key of the signer |
2029 | * @param[out] buffer set to a buffer with the blinded message to be signed | 1979 | * @param[out] buffer set to a buffer with the blinded message to be signed |
2030 | * @return number of bytes stored in @a buffer | 1980 | * @return number of bytes stored in @a buffer |
2031 | */ | 1981 | */ |
2032 | size_t | 1982 | size_t |
2033 | GNUNET_CRYPTO_rsa_blind (const struct GNUNET_HashCode *hash, | 1983 | GNUNET_CRYPTO_rsa_blind (const struct GNUNET_HashCode *hash, |
2034 | struct GNUNET_CRYPTO_RsaBlindingKey *bkey, | 1984 | const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, |
2035 | struct GNUNET_CRYPTO_RsaPublicKey *pkey, | 1985 | struct GNUNET_CRYPTO_RsaPublicKey *pkey, |
2036 | char **buffer); | 1986 | char **buffer); |
2037 | 1987 | ||
@@ -2112,13 +2062,13 @@ GNUNET_CRYPTO_rsa_signature_dup (const struct GNUNET_CRYPTO_RsaSignature *sig); | |||
2112 | * #GNUNET_CRYPTO_rsa_blind(). | 2062 | * #GNUNET_CRYPTO_rsa_blind(). |
2113 | * | 2063 | * |
2114 | * @param sig the signature made on the blinded signature purpose | 2064 | * @param sig the signature made on the blinded signature purpose |
2115 | * @param bkey the blinding key used to blind the signature purpose | 2065 | * @param bks the blinding key secret used to blind the signature purpose |
2116 | * @param pkey the public key of the signer | 2066 | * @param pkey the public key of the signer |
2117 | * @return unblinded signature on success, NULL on error | 2067 | * @return unblinded signature on success, NULL on error |
2118 | */ | 2068 | */ |
2119 | struct GNUNET_CRYPTO_RsaSignature * | 2069 | struct GNUNET_CRYPTO_RsaSignature * |
2120 | GNUNET_CRYPTO_rsa_unblind (struct GNUNET_CRYPTO_RsaSignature *sig, | 2070 | GNUNET_CRYPTO_rsa_unblind (struct GNUNET_CRYPTO_RsaSignature *sig, |
2121 | struct GNUNET_CRYPTO_RsaBlindingKey *bkey, | 2071 | const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, |
2122 | struct GNUNET_CRYPTO_RsaPublicKey *pkey); | 2072 | struct GNUNET_CRYPTO_RsaPublicKey *pkey); |
2123 | 2073 | ||
2124 | 2074 | ||
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index 3686b02db..581754bb4 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c | |||
@@ -67,7 +67,7 @@ struct GNUNET_CRYPTO_RsaSignature | |||
67 | /** | 67 | /** |
68 | * @brief RSA blinding key | 68 | * @brief RSA blinding key |
69 | */ | 69 | */ |
70 | struct GNUNET_CRYPTO_RsaBlindingKey | 70 | struct RsaBlindingKey |
71 | { | 71 | { |
72 | /** | 72 | /** |
73 | * Random value used for blinding. | 73 | * Random value used for blinding. |
@@ -396,39 +396,40 @@ GNUNET_CRYPTO_rsa_public_key_decode (const char *buf, | |||
396 | * Create a blinding key | 396 | * Create a blinding key |
397 | * | 397 | * |
398 | * @param len length of the key in bits (i.e. 2048) | 398 | * @param len length of the key in bits (i.e. 2048) |
399 | * @param bks pre-secret to use to derive the blinding key | ||
399 | * @return the newly created blinding key | 400 | * @return the newly created blinding key |
400 | */ | 401 | */ |
401 | struct GNUNET_CRYPTO_RsaBlindingKey * | 402 | static struct RsaBlindingKey * |
402 | GNUNET_CRYPTO_rsa_blinding_key_create (unsigned int len) | 403 | rsa_blinding_key_derive (unsigned int len, |
404 | const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks) | ||
403 | { | 405 | { |
404 | struct GNUNET_CRYPTO_RsaBlindingKey *blind; | 406 | struct RsaBlindingKey *blind; |
407 | uint8_t buf[len / 8]; | ||
408 | int rc; | ||
409 | size_t rsize; | ||
405 | 410 | ||
406 | blind = GNUNET_new (struct GNUNET_CRYPTO_RsaBlindingKey); | 411 | blind = GNUNET_new (struct RsaBlindingKey); |
407 | blind->r = gcry_mpi_new (len); | 412 | /* FIXME: #4483: actually derive key from bks! - Jeff, |
408 | gcry_mpi_randomize (blind->r, | 413 | check that you're happy with this!*/ |
409 | len, | 414 | GNUNET_assert (GNUNET_YES == |
410 | GCRY_STRONG_RANDOM); | 415 | GNUNET_CRYPTO_kdf (buf, |
416 | sizeof (buf), | ||
417 | "blinding-kdf", | ||
418 | strlen ("blinding-kdf"), | ||
419 | bks, | ||
420 | sizeof (*bks), | ||
421 | NULL, 0)); | ||
422 | rc = gcry_mpi_scan (&blind->r, | ||
423 | GCRYMPI_FMT_USG, | ||
424 | (const unsigned char *) buf, | ||
425 | sizeof (buf), | ||
426 | &rsize); | ||
427 | GNUNET_assert (0 == rc); | ||
411 | return blind; | 428 | return blind; |
412 | } | 429 | } |
413 | 430 | ||
414 | 431 | ||
415 | /** | 432 | /** |
416 | * Compare the values of two blinding keys. | ||
417 | * | ||
418 | * @param b1 one key | ||
419 | * @param b2 the other key | ||
420 | * @return 0 if the two are equal | ||
421 | */ | ||
422 | int | ||
423 | GNUNET_CRYPTO_rsa_blinding_key_cmp (struct GNUNET_CRYPTO_RsaBlindingKey *b1, | ||
424 | struct GNUNET_CRYPTO_RsaBlindingKey *b2) | ||
425 | { | ||
426 | return gcry_mpi_cmp (b1->r, | ||
427 | b2->r); | ||
428 | } | ||
429 | |||
430 | |||
431 | /** | ||
432 | * Compare the values of two signatures. | 433 | * Compare the values of two signatures. |
433 | * | 434 | * |
434 | * @param s1 one signature | 435 | * @param s1 one signature |
@@ -558,8 +559,8 @@ GNUNET_CRYPTO_rsa_public_key_len (const struct GNUNET_CRYPTO_RsaPublicKey *key) | |||
558 | * | 559 | * |
559 | * @param bkey the blinding key to destroy | 560 | * @param bkey the blinding key to destroy |
560 | */ | 561 | */ |
561 | void | 562 | static void |
562 | GNUNET_CRYPTO_rsa_blinding_key_free (struct GNUNET_CRYPTO_RsaBlindingKey *bkey) | 563 | rsa_blinding_key_free (struct RsaBlindingKey *bkey) |
563 | { | 564 | { |
564 | gcry_mpi_release (bkey->r); | 565 | gcry_mpi_release (bkey->r); |
565 | GNUNET_free (bkey); | 566 | GNUNET_free (bkey); |
@@ -575,7 +576,7 @@ GNUNET_CRYPTO_rsa_blinding_key_free (struct GNUNET_CRYPTO_RsaBlindingKey *bkey) | |||
575 | */ | 576 | */ |
576 | static size_t | 577 | static size_t |
577 | numeric_mpi_alloc_n_print (gcry_mpi_t v, | 578 | numeric_mpi_alloc_n_print (gcry_mpi_t v, |
578 | char **buffer) | 579 | char **buffer) |
579 | { | 580 | { |
580 | size_t n; | 581 | size_t n; |
581 | char *b; | 582 | char *b; |
@@ -599,53 +600,6 @@ numeric_mpi_alloc_n_print (gcry_mpi_t v, | |||
599 | 600 | ||
600 | 601 | ||
601 | /** | 602 | /** |
602 | * Encode the blinding key in a format suitable for | ||
603 | * storing it into a file. | ||
604 | * | ||
605 | * @param bkey the blinding key | ||
606 | * @param[out] buffer set to a buffer with the encoded key | ||
607 | * @return size of memory allocated in @a buffer | ||
608 | */ | ||
609 | size_t | ||
610 | GNUNET_CRYPTO_rsa_blinding_key_encode (const struct GNUNET_CRYPTO_RsaBlindingKey *bkey, | ||
611 | char **buffer) | ||
612 | { | ||
613 | return numeric_mpi_alloc_n_print (bkey->r, buffer); | ||
614 | } | ||
615 | |||
616 | |||
617 | /** | ||
618 | * Decode the blinding key from the data-format back | ||
619 | * to the "normal", internal format. | ||
620 | * | ||
621 | * @param buf the buffer where the public key data is stored | ||
622 | * @param len the length of the data in @a buf | ||
623 | * @return NULL on error | ||
624 | */ | ||
625 | struct GNUNET_CRYPTO_RsaBlindingKey * | ||
626 | GNUNET_CRYPTO_rsa_blinding_key_decode (const char *buf, | ||
627 | size_t len) | ||
628 | { | ||
629 | struct GNUNET_CRYPTO_RsaBlindingKey *bkey; | ||
630 | size_t rsize; | ||
631 | |||
632 | bkey = GNUNET_new (struct GNUNET_CRYPTO_RsaBlindingKey); | ||
633 | if (0 != | ||
634 | gcry_mpi_scan (&bkey->r, | ||
635 | GCRYMPI_FMT_USG, | ||
636 | (const unsigned char *) buf, | ||
637 | len, | ||
638 | &rsize)) | ||
639 | { | ||
640 | GNUNET_break_op (0); | ||
641 | GNUNET_free (bkey); | ||
642 | return NULL; | ||
643 | } | ||
644 | return bkey; | ||
645 | } | ||
646 | |||
647 | |||
648 | /** | ||
649 | * Computes a full domain hash seeded by the given public key. | 603 | * Computes a full domain hash seeded by the given public key. |
650 | * This gives a measure of provable security to the Taler exchange | 604 | * This gives a measure of provable security to the Taler exchange |
651 | * against one-more forgery attacks. See: | 605 | * against one-more forgery attacks. See: |
@@ -658,6 +612,7 @@ GNUNET_CRYPTO_rsa_blinding_key_decode (const char *buf, | |||
658 | * @param rsize If not NULL, the number of bytes actually stored in buffer | 612 | * @param rsize If not NULL, the number of bytes actually stored in buffer |
659 | * @return libgcrypt error that to represent an allocation failure | 613 | * @return libgcrypt error that to represent an allocation failure |
660 | */ | 614 | */ |
615 | /* FIXME: exported symbol without proper prefix... */ | ||
661 | gcry_error_t | 616 | gcry_error_t |
662 | rsa_full_domain_hash (gcry_mpi_t *r, | 617 | rsa_full_domain_hash (gcry_mpi_t *r, |
663 | const struct GNUNET_HashCode *hash, | 618 | const struct GNUNET_HashCode *hash, |
@@ -754,10 +709,11 @@ rsa_full_domain_hash (gcry_mpi_t *r, | |||
754 | */ | 709 | */ |
755 | size_t | 710 | size_t |
756 | GNUNET_CRYPTO_rsa_blind (const struct GNUNET_HashCode *hash, | 711 | GNUNET_CRYPTO_rsa_blind (const struct GNUNET_HashCode *hash, |
757 | struct GNUNET_CRYPTO_RsaBlindingKey *bkey, | 712 | const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, |
758 | struct GNUNET_CRYPTO_RsaPublicKey *pkey, | 713 | struct GNUNET_CRYPTO_RsaPublicKey *pkey, |
759 | char **buffer) | 714 | char **buffer) |
760 | { | 715 | { |
716 | struct RsaBlindingKey *bkey; | ||
761 | gcry_mpi_t data; | 717 | gcry_mpi_t data; |
762 | gcry_mpi_t ne[2]; | 718 | gcry_mpi_t ne[2]; |
763 | gcry_mpi_t r_e; | 719 | gcry_mpi_t r_e; |
@@ -766,6 +722,7 @@ GNUNET_CRYPTO_rsa_blind (const struct GNUNET_HashCode *hash, | |||
766 | size_t n; | 722 | size_t n; |
767 | gcry_error_t rc; | 723 | gcry_error_t rc; |
768 | int ret; | 724 | int ret; |
725 | unsigned int len; | ||
769 | 726 | ||
770 | ret = key_from_sexp (ne, pkey->sexp, "public-key", "ne"); | 727 | ret = key_from_sexp (ne, pkey->sexp, "public-key", "ne"); |
771 | if (0 != ret) | 728 | if (0 != ret) |
@@ -786,6 +743,9 @@ GNUNET_CRYPTO_rsa_blind (const struct GNUNET_HashCode *hash, | |||
786 | *buffer = NULL; | 743 | *buffer = NULL; |
787 | return 0; | 744 | return 0; |
788 | } | 745 | } |
746 | len = GNUNET_CRYPTO_rsa_public_key_len (pkey); | ||
747 | bkey = rsa_blinding_key_derive (len, | ||
748 | bks); | ||
789 | r_e = gcry_mpi_new (0); | 749 | r_e = gcry_mpi_new (0); |
790 | gcry_mpi_powm (r_e, | 750 | gcry_mpi_powm (r_e, |
791 | bkey->r, | 751 | bkey->r, |
@@ -800,6 +760,7 @@ GNUNET_CRYPTO_rsa_blind (const struct GNUNET_HashCode *hash, | |||
800 | gcry_mpi_release (ne[0]); | 760 | gcry_mpi_release (ne[0]); |
801 | gcry_mpi_release (ne[1]); | 761 | gcry_mpi_release (ne[1]); |
802 | gcry_mpi_release (r_e); | 762 | gcry_mpi_release (r_e); |
763 | rsa_blinding_key_free (bkey); | ||
803 | 764 | ||
804 | n = numeric_mpi_alloc_n_print (data_r_e, buffer); | 765 | n = numeric_mpi_alloc_n_print (data_r_e, buffer); |
805 | gcry_mpi_release (data_r_e); | 766 | gcry_mpi_release (data_r_e); |
@@ -1051,21 +1012,23 @@ GNUNET_CRYPTO_rsa_public_key_dup (const struct GNUNET_CRYPTO_RsaPublicKey *key) | |||
1051 | * #GNUNET_CRYPTO_rsa_blind(). | 1012 | * #GNUNET_CRYPTO_rsa_blind(). |
1052 | * | 1013 | * |
1053 | * @param sig the signature made on the blinded signature purpose | 1014 | * @param sig the signature made on the blinded signature purpose |
1054 | * @param bkey the blinding key used to blind the signature purpose | 1015 | * @param bks the blinding key secret used to blind the signature purpose |
1055 | * @param pkey the public key of the signer | 1016 | * @param pkey the public key of the signer |
1056 | * @return unblinded signature on success, NULL on error | 1017 | * @return unblinded signature on success, NULL on error |
1057 | */ | 1018 | */ |
1058 | struct GNUNET_CRYPTO_RsaSignature * | 1019 | struct GNUNET_CRYPTO_RsaSignature * |
1059 | GNUNET_CRYPTO_rsa_unblind (struct GNUNET_CRYPTO_RsaSignature *sig, | 1020 | GNUNET_CRYPTO_rsa_unblind (struct GNUNET_CRYPTO_RsaSignature *sig, |
1060 | struct GNUNET_CRYPTO_RsaBlindingKey *bkey, | 1021 | const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, |
1061 | struct GNUNET_CRYPTO_RsaPublicKey *pkey) | 1022 | struct GNUNET_CRYPTO_RsaPublicKey *pkey) |
1062 | { | 1023 | { |
1024 | struct RsaBlindingKey *bkey; | ||
1063 | gcry_mpi_t n; | 1025 | gcry_mpi_t n; |
1064 | gcry_mpi_t s; | 1026 | gcry_mpi_t s; |
1065 | gcry_mpi_t r_inv; | 1027 | gcry_mpi_t r_inv; |
1066 | gcry_mpi_t ubsig; | 1028 | gcry_mpi_t ubsig; |
1067 | int ret; | 1029 | int ret; |
1068 | struct GNUNET_CRYPTO_RsaSignature *sret; | 1030 | struct GNUNET_CRYPTO_RsaSignature *sret; |
1031 | unsigned int len; | ||
1069 | 1032 | ||
1070 | ret = key_from_sexp (&n, pkey->sexp, "public-key", "n"); | 1033 | ret = key_from_sexp (&n, pkey->sexp, "public-key", "n"); |
1071 | if (0 != ret) | 1034 | if (0 != ret) |
@@ -1084,6 +1047,10 @@ GNUNET_CRYPTO_rsa_unblind (struct GNUNET_CRYPTO_RsaSignature *sig, | |||
1084 | GNUNET_break_op (0); | 1047 | GNUNET_break_op (0); |
1085 | return NULL; | 1048 | return NULL; |
1086 | } | 1049 | } |
1050 | len = GNUNET_CRYPTO_rsa_public_key_len (pkey); | ||
1051 | bkey = rsa_blinding_key_derive (len, | ||
1052 | bks); | ||
1053 | |||
1087 | r_inv = gcry_mpi_new (0); | 1054 | r_inv = gcry_mpi_new (0); |
1088 | if (1 != | 1055 | if (1 != |
1089 | gcry_mpi_invm (r_inv, | 1056 | gcry_mpi_invm (r_inv, |
@@ -1094,6 +1061,7 @@ GNUNET_CRYPTO_rsa_unblind (struct GNUNET_CRYPTO_RsaSignature *sig, | |||
1094 | gcry_mpi_release (n); | 1061 | gcry_mpi_release (n); |
1095 | gcry_mpi_release (r_inv); | 1062 | gcry_mpi_release (r_inv); |
1096 | gcry_mpi_release (s); | 1063 | gcry_mpi_release (s); |
1064 | rsa_blinding_key_free (bkey); | ||
1097 | return NULL; | 1065 | return NULL; |
1098 | } | 1066 | } |
1099 | ubsig = gcry_mpi_new (0); | 1067 | ubsig = gcry_mpi_new (0); |
@@ -1101,6 +1069,7 @@ GNUNET_CRYPTO_rsa_unblind (struct GNUNET_CRYPTO_RsaSignature *sig, | |||
1101 | gcry_mpi_release (n); | 1069 | gcry_mpi_release (n); |
1102 | gcry_mpi_release (r_inv); | 1070 | gcry_mpi_release (r_inv); |
1103 | gcry_mpi_release (s); | 1071 | gcry_mpi_release (s); |
1072 | rsa_blinding_key_free (bkey); | ||
1104 | 1073 | ||
1105 | sret = GNUNET_new (struct GNUNET_CRYPTO_RsaSignature); | 1074 | sret = GNUNET_new (struct GNUNET_CRYPTO_RsaSignature); |
1106 | GNUNET_assert (0 == | 1075 | GNUNET_assert (0 == |
diff --git a/src/util/test_crypto_rsa.c b/src/util/test_crypto_rsa.c index 6f953386f..2abb008e2 100644 --- a/src/util/test_crypto_rsa.c +++ b/src/util/test_crypto_rsa.c | |||
@@ -43,10 +43,10 @@ main (int argc, | |||
43 | struct GNUNET_CRYPTO_RsaPrivateKey *priv_copy; | 43 | struct GNUNET_CRYPTO_RsaPrivateKey *priv_copy; |
44 | struct GNUNET_CRYPTO_RsaPublicKey *pub; | 44 | struct GNUNET_CRYPTO_RsaPublicKey *pub; |
45 | struct GNUNET_CRYPTO_RsaPublicKey *pub_copy; | 45 | struct GNUNET_CRYPTO_RsaPublicKey *pub_copy; |
46 | struct GNUNET_CRYPTO_RsaBlindingKey *bkey; | ||
47 | struct GNUNET_CRYPTO_RsaSignature *sig; | 46 | struct GNUNET_CRYPTO_RsaSignature *sig; |
48 | struct GNUNET_CRYPTO_RsaSignature *sig_copy; | 47 | struct GNUNET_CRYPTO_RsaSignature *sig_copy; |
49 | struct GNUNET_CRYPTO_RsaSignature *bsig; | 48 | struct GNUNET_CRYPTO_RsaSignature *bsig; |
49 | struct GNUNET_CRYPTO_RsaBlindingKeySecret bsec; | ||
50 | struct GNUNET_HashCode hash; | 50 | struct GNUNET_HashCode hash; |
51 | char *blind_buf; | 51 | char *blind_buf; |
52 | size_t bsize; | 52 | size_t bsize; |
@@ -110,19 +110,21 @@ main (int argc, | |||
110 | GNUNET_CRYPTO_rsa_signature_free (sig); | 110 | GNUNET_CRYPTO_rsa_signature_free (sig); |
111 | 111 | ||
112 | /* test blind signing */ | 112 | /* test blind signing */ |
113 | bkey = GNUNET_CRYPTO_rsa_blinding_key_create (KEY_SIZE); | 113 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, |
114 | &bsec, | ||
115 | sizeof (bsec)); | ||
114 | bsize = GNUNET_CRYPTO_rsa_blind (&hash, | 116 | bsize = GNUNET_CRYPTO_rsa_blind (&hash, |
115 | bkey, | 117 | &bsec, |
116 | pub, | 118 | pub, |
117 | &blind_buf); | 119 | &blind_buf); |
118 | GNUNET_assert (0 != bsize); | 120 | GNUNET_assert (0 != bsize); |
119 | bsig = GNUNET_CRYPTO_rsa_sign_blinded (priv, | 121 | bsig = GNUNET_CRYPTO_rsa_sign_blinded (priv, |
120 | blind_buf, | 122 | blind_buf, |
121 | bsize); | 123 | bsize); |
122 | GNUNET_free (blind_buf); | 124 | GNUNET_free (blind_buf); |
123 | sig = GNUNET_CRYPTO_rsa_unblind (bsig, | 125 | sig = GNUNET_CRYPTO_rsa_unblind (bsig, |
124 | bkey, | 126 | &bsec, |
125 | pub); | 127 | pub); |
126 | GNUNET_CRYPTO_rsa_signature_free (bsig); | 128 | GNUNET_CRYPTO_rsa_signature_free (bsig); |
127 | GNUNET_assert (GNUNET_OK == | 129 | GNUNET_assert (GNUNET_OK == |
128 | GNUNET_CRYPTO_rsa_verify (&hash, sig, pub)); | 130 | GNUNET_CRYPTO_rsa_verify (&hash, sig, pub)); |
@@ -132,6 +134,5 @@ main (int argc, | |||
132 | GNUNET_CRYPTO_rsa_private_key_free (priv_copy); | 134 | GNUNET_CRYPTO_rsa_private_key_free (priv_copy); |
133 | GNUNET_CRYPTO_rsa_public_key_free (pub); | 135 | GNUNET_CRYPTO_rsa_public_key_free (pub); |
134 | GNUNET_CRYPTO_rsa_public_key_free (pub_copy); | 136 | GNUNET_CRYPTO_rsa_public_key_free (pub_copy); |
135 | GNUNET_CRYPTO_rsa_blinding_key_free (bkey); | ||
136 | return 0; | 137 | return 0; |
137 | } | 138 | } |