diff options
author | Christian Fuchs <christian.fuchs@cfuchs.net> | 2014-01-29 14:34:33 +0000 |
---|---|---|
committer | Christian Fuchs <christian.fuchs@cfuchs.net> | 2014-01-29 14:34:33 +0000 |
commit | 0aaa309f73e803db075fef2e21176230563905da (patch) | |
tree | be311563342ed198a652b0ee4bb6e8a1f03b6654 /src | |
parent | 1d5ab4f4f4fe1d86a10cd9bd95464dcfbff3da8e (diff) | |
download | gnunet-0aaa309f73e803db075fef2e21176230563905da.tar.gz gnunet-0aaa309f73e803db075fef2e21176230563905da.zip |
- formatting
- forgot to reduce the possible homomorphic opts by one, as a badly chosen n might sometimes corrupt the final operation using a simple check. As the overall calculation of possible hom. opts is pessimist anyway and might become rather inaccurate if many operations are performed, reducing the prediction by one is acceptable.
Diffstat (limited to 'src')
-rw-r--r-- | src/util/crypto_paillier.c | 64 | ||||
-rw-r--r-- | src/util/test_crypto_paillier.c | 4 |
2 files changed, 34 insertions, 34 deletions
diff --git a/src/util/crypto_paillier.c b/src/util/crypto_paillier.c index 8a9ea5040..8a9e44df3 100644 --- a/src/util/crypto_paillier.c +++ b/src/util/crypto_paillier.c | |||
@@ -16,7 +16,7 @@ | |||
16 | along with GNUnet; see the file COPYING. If not, write to the | 16 | along with GNUnet; see the file COPYING. If not, write to the |
17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, | 17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, |
18 | Boston, MA 02111-1307, USA. | 18 | Boston, MA 02111-1307, USA. |
19 | */ | 19 | */ |
20 | 20 | ||
21 | /** | 21 | /** |
22 | * @file util/crypto_paillier.c | 22 | * @file util/crypto_paillier.c |
@@ -63,7 +63,8 @@ GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_ke | |||
63 | GCRY_WEAK_RANDOM, 0)); | 63 | GCRY_WEAK_RANDOM, 0)); |
64 | GNUNET_assert (0 == gcry_prime_generate (&q, GNUNET_CRYPTO_PAILLIER_BITS / 2, 0, NULL, NULL, NULL, | 64 | GNUNET_assert (0 == gcry_prime_generate (&q, GNUNET_CRYPTO_PAILLIER_BITS / 2, 0, NULL, NULL, NULL, |
65 | GCRY_WEAK_RANDOM, 0)); | 65 | GCRY_WEAK_RANDOM, 0)); |
66 | } while (0 == gcry_mpi_cmp (p, q)); | 66 | } |
67 | while (0 == gcry_mpi_cmp (p, q)); | ||
67 | gcry_mpi_mul (n, p, q); | 68 | gcry_mpi_mul (n, p, q); |
68 | GNUNET_CRYPTO_mpi_print_unsigned (public_key, sizeof (struct GNUNET_CRYPTO_PaillierPublicKey), n); | 69 | GNUNET_CRYPTO_mpi_print_unsigned (public_key, sizeof (struct GNUNET_CRYPTO_PaillierPublicKey), n); |
69 | 70 | ||
@@ -107,24 +108,24 @@ GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *pu | |||
107 | gcry_mpi_t n; | 108 | gcry_mpi_t n; |
108 | gcry_mpi_t tmp1; | 109 | gcry_mpi_t tmp1; |
109 | gcry_mpi_t tmp2; | 110 | gcry_mpi_t tmp2; |
110 | 111 | ||
111 | // determine how many operations we could allow, if the other number | 112 | // determine how many operations we could allow, if the other number |
112 | // has the same length. | 113 | // has the same length. |
113 | GNUNET_assert (NULL != (tmp1 = gcry_mpi_set_ui(NULL, 1))); | 114 | GNUNET_assert (NULL != (tmp1 = gcry_mpi_set_ui (NULL, 1))); |
114 | GNUNET_assert (NULL != (tmp2 = gcry_mpi_set_ui(NULL, 2))); | 115 | GNUNET_assert (NULL != (tmp2 = gcry_mpi_set_ui (NULL, 2))); |
115 | gcry_mpi_mul_2exp(tmp1,tmp1,GNUNET_CRYPTO_PAILLIER_BITS); | 116 | gcry_mpi_mul_2exp (tmp1, tmp1, GNUNET_CRYPTO_PAILLIER_BITS); |
116 | 117 | ||
117 | for (possible_opts = -1; gcry_mpi_cmp(tmp1, m) > 0; possible_opts++){ | 118 | for (possible_opts = -2; gcry_mpi_cmp (tmp1, m) > 0; possible_opts++) { |
118 | gcry_mpi_div(tmp1, NULL, tmp1, tmp2, 0); | 119 | gcry_mpi_div (tmp1, NULL, tmp1, tmp2, 0); |
119 | } | 120 | } |
120 | gcry_mpi_release(tmp1); | 121 | gcry_mpi_release (tmp1); |
121 | gcry_mpi_release(tmp2); | 122 | gcry_mpi_release (tmp2); |
122 | if (possible_opts < 1) | 123 | if (possible_opts < 1) |
123 | return -1; | 124 | return -1; |
124 | else | 125 | else |
125 | // reduce by one to guarantee the final homomorphic operation | 126 | // reduce by one to guarantee the final homomorphic operation |
126 | ciphertext->remaining_ops = htonl(possible_opts); | 127 | ciphertext->remaining_ops = htonl (possible_opts); |
127 | 128 | ||
128 | GNUNET_assert (0 != (n_square = gcry_mpi_new (0))); | 129 | GNUNET_assert (0 != (n_square = gcry_mpi_new (0))); |
129 | GNUNET_assert (0 != (r = gcry_mpi_new (0))); | 130 | GNUNET_assert (0 != (r = gcry_mpi_new (0))); |
130 | GNUNET_assert (0 != (g = gcry_mpi_new (0))); | 131 | GNUNET_assert (0 != (g = gcry_mpi_new (0))); |
@@ -135,8 +136,7 @@ GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *pu | |||
135 | gcry_mpi_mul (n_square, n, n); | 136 | gcry_mpi_mul (n_square, n, n); |
136 | 137 | ||
137 | // generate r < n | 138 | // generate r < n |
138 | do | 139 | do { |
139 | { | ||
140 | gcry_mpi_randomize (r, GNUNET_CRYPTO_PAILLIER_BITS, GCRY_WEAK_RANDOM); | 140 | gcry_mpi_randomize (r, GNUNET_CRYPTO_PAILLIER_BITS, GCRY_WEAK_RANDOM); |
141 | } | 141 | } |
142 | while (gcry_mpi_cmp (r, n) >= 0); | 142 | while (gcry_mpi_cmp (r, n) >= 0); |
@@ -149,14 +149,14 @@ GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *pu | |||
149 | // c <- r*c mod n^2 | 149 | // c <- r*c mod n^2 |
150 | gcry_mpi_mulm (c, r, c, n_square); | 150 | gcry_mpi_mulm (c, r, c, n_square); |
151 | 151 | ||
152 | GNUNET_CRYPTO_mpi_print_unsigned (ciphertext->bits, | 152 | GNUNET_CRYPTO_mpi_print_unsigned (ciphertext->bits, |
153 | sizeof ciphertext->bits, | 153 | sizeof ciphertext->bits, |
154 | c); | 154 | c); |
155 | 155 | ||
156 | gcry_mpi_release (n_square); | 156 | gcry_mpi_release (n_square); |
157 | gcry_mpi_release (r); | 157 | gcry_mpi_release (r); |
158 | gcry_mpi_release (c); | 158 | gcry_mpi_release (c); |
159 | 159 | ||
160 | return possible_opts; | 160 | return possible_opts; |
161 | } | 161 | } |
162 | 162 | ||
@@ -230,29 +230,29 @@ GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierPublicKey *pu | |||
230 | gcry_mpi_t n_square; | 230 | gcry_mpi_t n_square; |
231 | int32_t o1; | 231 | int32_t o1; |
232 | int32_t o2; | 232 | int32_t o2; |
233 | 233 | ||
234 | o1 = ntohl(c1->remaining_ops); | 234 | o1 = ntohl (c1->remaining_ops); |
235 | o2 = ntohl(c2->remaining_ops); | 235 | o2 = ntohl (c2->remaining_ops); |
236 | if (0 >= o1 || 0 >= o2) | 236 | if (0 >= o1 || 0 >= o2) |
237 | return GNUNET_SYSERR; | 237 | return GNUNET_SYSERR; |
238 | 238 | ||
239 | GNUNET_assert (0 != (c = gcry_mpi_new (0))); | 239 | GNUNET_assert (0 != (c = gcry_mpi_new (0))); |
240 | 240 | ||
241 | GNUNET_CRYPTO_mpi_scan_unsigned (&a, c1->bits, sizeof c1->bits); | 241 | GNUNET_CRYPTO_mpi_scan_unsigned (&a, c1->bits, sizeof c1->bits); |
242 | GNUNET_CRYPTO_mpi_scan_unsigned (&b, c1->bits, sizeof c2->bits); | 242 | GNUNET_CRYPTO_mpi_scan_unsigned (&b, c1->bits, sizeof c2->bits); |
243 | GNUNET_CRYPTO_mpi_scan_unsigned (&n_square, public_key, sizeof *public_key); | 243 | GNUNET_CRYPTO_mpi_scan_unsigned (&n_square, public_key, sizeof *public_key); |
244 | gcry_mpi_mul(n_square, n_square,n_square); | 244 | gcry_mpi_mul (n_square, n_square, n_square); |
245 | gcry_mpi_mulm(c,a,b,n_square); | 245 | gcry_mpi_mulm (c, a, b, n_square); |
246 | 246 | ||
247 | result->remaining_ops = htonl(((o2 > o1) ? o1 : o2) - 1); | 247 | result->remaining_ops = htonl (((o2 > o1) ? o1 : o2) - 1); |
248 | GNUNET_CRYPTO_mpi_print_unsigned (result->bits, | 248 | GNUNET_CRYPTO_mpi_print_unsigned (result->bits, |
249 | sizeof result->bits, | 249 | sizeof result->bits, |
250 | c); | 250 | c); |
251 | gcry_mpi_release (a); | 251 | gcry_mpi_release (a); |
252 | gcry_mpi_release (b); | 252 | gcry_mpi_release (b); |
253 | gcry_mpi_release (c); | 253 | gcry_mpi_release (c); |
254 | gcry_mpi_release (n_square); | 254 | gcry_mpi_release (n_square); |
255 | return ntohl(result->remaining_ops); | 255 | return ntohl (result->remaining_ops); |
256 | } | 256 | } |
257 | 257 | ||
258 | 258 | ||
@@ -265,8 +265,8 @@ GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierPublicKey *pu | |||
265 | int | 265 | int |
266 | GNUNET_CRYPTO_paillier_hom_get_remaining (const struct GNUNET_CRYPTO_PaillierCiphertext *c) | 266 | GNUNET_CRYPTO_paillier_hom_get_remaining (const struct GNUNET_CRYPTO_PaillierCiphertext *c) |
267 | { | 267 | { |
268 | GNUNET_assert(NULL != c); | 268 | GNUNET_assert (NULL != c); |
269 | return ntohl(c->remaining_ops); | 269 | return ntohl (c->remaining_ops); |
270 | } | 270 | } |
271 | 271 | ||
272 | /* end of crypto_paillier.c */ | 272 | /* end of crypto_paillier.c */ |
diff --git a/src/util/test_crypto_paillier.c b/src/util/test_crypto_paillier.c index aaefd5ac0..2fe7b6de0 100644 --- a/src/util/test_crypto_paillier.c +++ b/src/util/test_crypto_paillier.c | |||
@@ -51,10 +51,10 @@ main (int argc, char *argv[]) | |||
51 | GNUNET_assert (NULL != (hom_result = gcry_mpi_new (0))); | 51 | GNUNET_assert (NULL != (hom_result = gcry_mpi_new (0))); |
52 | //gcry_mpi_randomize (m1, GNUNET_CRYPTO_PAILLIER_BITS-2, GCRY_WEAK_RANDOM); | 52 | //gcry_mpi_randomize (m1, GNUNET_CRYPTO_PAILLIER_BITS-2, GCRY_WEAK_RANDOM); |
53 | m1 = gcry_mpi_set_ui(m1,1); | 53 | m1 = gcry_mpi_set_ui(m1,1); |
54 | gcry_mpi_mul_2exp(m1,m1,GNUNET_CRYPTO_PAILLIER_BITS-2); | 54 | gcry_mpi_mul_2exp(m1,m1,GNUNET_CRYPTO_PAILLIER_BITS-3); |
55 | //gcry_mpi_randomize (m2, GNUNET_CRYPTO_PAILLIER_BITS-2, GCRY_WEAK_RANDOM); | 55 | //gcry_mpi_randomize (m2, GNUNET_CRYPTO_PAILLIER_BITS-2, GCRY_WEAK_RANDOM); |
56 | m2 = gcry_mpi_set_ui(m2,1); | 56 | m2 = gcry_mpi_set_ui(m2,1); |
57 | gcry_mpi_mul_2exp(m2,m2,GNUNET_CRYPTO_PAILLIER_BITS-2); | 57 | gcry_mpi_mul_2exp(m2,m2,GNUNET_CRYPTO_PAILLIER_BITS-3); |
58 | gcry_mpi_add(result,m1,m2); | 58 | gcry_mpi_add(result,m1,m2); |
59 | 59 | ||
60 | if (1 != (ret = GNUNET_CRYPTO_paillier_encrypt (&public_key, m1, &c1))){ | 60 | if (1 != (ret = GNUNET_CRYPTO_paillier_encrypt (&public_key, m1, &c1))){ |