aboutsummaryrefslogtreecommitdiff
path: root/src/secretsharing/gnunet-service-secretsharing.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/secretsharing/gnunet-service-secretsharing.c')
-rw-r--r--src/secretsharing/gnunet-service-secretsharing.c46
1 files changed, 24 insertions, 22 deletions
diff --git a/src/secretsharing/gnunet-service-secretsharing.c b/src/secretsharing/gnunet-service-secretsharing.c
index 4af5124ca..9c8c44264 100644
--- a/src/secretsharing/gnunet-service-secretsharing.c
+++ b/src/secretsharing/gnunet-service-secretsharing.c
@@ -238,6 +238,11 @@ struct DecryptSession
238 struct GNUNET_MQ_Handle *client_mq; 238 struct GNUNET_MQ_Handle *client_mq;
239 239
240 /** 240 /**
241 * When should we start communicating for decryption?
242 */
243 struct GNUNET_TIME_Absolute start;
244
245 /**
241 * When would we like the ciphertext to be 246 * When would we like the ciphertext to be
242 * decrypted? 247 * decrypted?
243 */ 248 */
@@ -814,8 +819,8 @@ insert_round2_element (struct KeygenSession *ks)
814 819
815 element_size = (sizeof (struct GNUNET_SECRETSHARING_KeygenRevealData) + 820 element_size = (sizeof (struct GNUNET_SECRETSHARING_KeygenRevealData) +
816 GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers + 821 GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers +
817 GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->threshold + 822 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->num_peers +
818 GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8 * ks->num_peers); 823 GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->threshold);
819 824
820 element = GNUNET_malloc (sizeof (struct GNUNET_SET_Element) + element_size); 825 element = GNUNET_malloc (sizeof (struct GNUNET_SET_Element) + element_size);
821 element->size = element_size; 826 element->size = element_size;
@@ -857,13 +862,11 @@ insert_round2_element (struct KeygenSession *ks)
857 memset (ciphertext, 0, sizeof *ciphertext); 862 memset (ciphertext, 0, sizeof *ciphertext);
858 if (GNUNET_YES == ks->info[i].round1_valid) 863 if (GNUNET_YES == ks->info[i].round1_valid)
859 { 864 {
860 struct GNUNET_CRYPTO_PaillierPlaintext plaintext;
861 gcry_mpi_set_ui (idx, i + 1); 865 gcry_mpi_set_ui (idx, i + 1);
862 // evaluate the polynomial 866 // evaluate the polynomial
863 horner_eval (v, ks->presecret_polynomial, ks->threshold, idx, elgamal_q); 867 horner_eval (v, ks->presecret_polynomial, ks->threshold, idx, elgamal_q);
864 GNUNET_CRYPTO_mpi_print_unsigned (&plaintext, sizeof plaintext, v);
865 // encrypt the result 868 // encrypt the result
866 GNUNET_CRYPTO_paillier_encrypt (&ks->info[i].paillier_public_key, &plaintext, ciphertext); 869 GNUNET_CRYPTO_paillier_encrypt (&ks->info[i].paillier_public_key, v, ciphertext);
867 } 870 }
868 pos += sizeof *ciphertext; 871 pos += sizeof *ciphertext;
869 } 872 }
@@ -904,7 +907,6 @@ keygen_round2_new_element (void *cls,
904 const struct GNUNET_SECRETSHARING_KeygenRevealData *d; 907 const struct GNUNET_SECRETSHARING_KeygenRevealData *d;
905 struct KeygenPeerInfo *info; 908 struct KeygenPeerInfo *info;
906 unsigned char *pos; 909 unsigned char *pos;
907 struct GNUNET_CRYPTO_PaillierPlaintext plaintext;
908 size_t expected_element_size; 910 size_t expected_element_size;
909 911
910 if (NULL == element) 912 if (NULL == element)
@@ -915,7 +917,7 @@ keygen_round2_new_element (void *cls,
915 917
916 expected_element_size = (sizeof (struct GNUNET_SECRETSHARING_KeygenRevealData) + 918 expected_element_size = (sizeof (struct GNUNET_SECRETSHARING_KeygenRevealData) +
917 GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers + 919 GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers +
918 GNUNET_CRYPTO_PAILLIER_BITS / 8 * 2 * ks->num_peers + 920 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->num_peers +
919 GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->threshold); 921 GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->threshold);
920 922
921 if (element->size != expected_element_size) 923 if (element->size != expected_element_size)
@@ -960,7 +962,7 @@ keygen_round2_new_element (void *cls,
960 // skip exponentiated pre-shares 962 // skip exponentiated pre-shares
961 pos += GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers; 963 pos += GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers;
962 // skip encrypted pre-shares 964 // skip encrypted pre-shares
963 pos += GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8 * ks->num_peers; 965 pos += sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->num_peers;
964 // the first exponentiated coefficient is the public key share 966 // the first exponentiated coefficient is the public key share
965 GNUNET_CRYPTO_mpi_scan_unsigned (&info->public_key_share, pos, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8); 967 GNUNET_CRYPTO_mpi_scan_unsigned (&info->public_key_share, pos, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8);
966 968
@@ -968,12 +970,11 @@ keygen_round2_new_element (void *cls,
968 // skip exp. pre-shares 970 // skip exp. pre-shares
969 pos += GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers; 971 pos += GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers;
970 // skip to the encrypted value for our peer 972 // skip to the encrypted value for our peer
971 pos += GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8 * ks->local_peer_idx; 973 pos += sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->local_peer_idx;
972 974
975 GNUNET_assert (NULL != (info->decrypted_preshare = gcry_mpi_new (0)));
973 GNUNET_CRYPTO_paillier_decrypt (&ks->paillier_private_key, &ks->info[ks->local_peer_idx].paillier_public_key, 976 GNUNET_CRYPTO_paillier_decrypt (&ks->paillier_private_key, &ks->info[ks->local_peer_idx].paillier_public_key,
974 (struct GNUNET_CRYPTO_PaillierCiphertext *) pos, &plaintext); 977 (struct GNUNET_CRYPTO_PaillierCiphertext *) pos, info->decrypted_preshare);
975 GNUNET_CRYPTO_mpi_scan_unsigned (&info->decrypted_preshare, &plaintext,
976 sizeof plaintext);
977 978
978 // TODO: validate zero knowledge proofs 979 // TODO: validate zero knowledge proofs
979 980
@@ -1009,13 +1010,13 @@ keygen_round1_conclude (void *cls)
1009 GNUNET_CONSENSUS_destroy (ks->consensus); 1010 GNUNET_CONSENSUS_destroy (ks->consensus);
1010 1011
1011 ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers, &ks->session_id, 1012 ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers, &ks->session_id,
1013 time_between (ks->start_time, ks->deadline, 1, 2),
1014 ks->deadline,
1012 keygen_round2_new_element, ks); 1015 keygen_round2_new_element, ks);
1013 1016
1014 insert_round2_element (ks); 1017 insert_round2_element (ks);
1015 1018
1016 GNUNET_CONSENSUS_conclude (ks->consensus, 1019 GNUNET_CONSENSUS_conclude (ks->consensus,
1017 /* last round, thus conclude at DKG deadline */
1018 ks->deadline,
1019 keygen_round2_conclude, 1020 keygen_round2_conclude,
1020 ks); 1021 ks);
1021} 1022}
@@ -1104,6 +1105,8 @@ static void handle_client_keygen (void *cls,
1104 1105
1105 GNUNET_log (GNUNET_ERROR_TYPE_INFO, "first round of consensus with %u peers\n", ks->num_peers); 1106 GNUNET_log (GNUNET_ERROR_TYPE_INFO, "first round of consensus with %u peers\n", ks->num_peers);
1106 ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers, &msg->session_id, 1107 ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers, &msg->session_id,
1108 GNUNET_TIME_absolute_ntoh (msg->start),
1109 GNUNET_TIME_absolute_ntoh (msg->deadline),
1107 keygen_round1_new_element, ks); 1110 keygen_round1_new_element, ks);
1108 1111
1109 ks->info = GNUNET_new_array (ks->num_peers, struct KeygenPeerInfo); 1112 ks->info = GNUNET_new_array (ks->num_peers, struct KeygenPeerInfo);
@@ -1125,8 +1128,6 @@ static void handle_client_keygen (void *cls,
1125 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "P%u: Concluding for round 1\n", ks->local_peer_idx); 1128 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "P%u: Concluding for round 1\n", ks->local_peer_idx);
1126 1129
1127 GNUNET_CONSENSUS_conclude (ks->consensus, 1130 GNUNET_CONSENSUS_conclude (ks->consensus,
1128 /* half the overall time */
1129 time_between (ks->start_time, ks->deadline, 1, 2),
1130 keygen_round1_conclude, 1131 keygen_round1_conclude,
1131 ks); 1132 ks);
1132 1133
@@ -1259,6 +1260,9 @@ insert_decrypt_element (struct DecryptSession *ds)
1259 gcry_mpi_t x; 1260 gcry_mpi_t x;
1260 gcry_mpi_t s; 1261 gcry_mpi_t s;
1261 1262
1263 /* make vagrind happy until we implement the real deal ... */
1264 memset (&d, 0, sizeof d);
1265
1262 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "P%u: Inserting decrypt element\n", 1266 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "P%u: Inserting decrypt element\n",
1263 ds->share->my_peer); 1267 ds->share->my_peer);
1264 1268
@@ -1273,11 +1277,6 @@ insert_decrypt_element (struct DecryptSession *ds)
1273 element.size = sizeof (struct GNUNET_SECRETSHARING_DecryptData); 1277 element.size = sizeof (struct GNUNET_SECRETSHARING_DecryptData);
1274 element.type = 0; 1278 element.type = 0;
1275 1279
1276 /* make vagrind happy until we implement the real deal ... */
1277 memset (&d.nizk_commit1, 0, sizeof d.nizk_commit1);
1278 memset (&d.nizk_commit2, 0, sizeof d.nizk_commit2);
1279 memset (&d.nizk_response, 0, sizeof d.nizk_response);
1280
1281 d.ciphertext = ds->ciphertext; 1280 d.ciphertext = ds->ciphertext;
1282 d.peer = my_peer; 1281 d.peer = my_peer;
1283 d.purpose.size = htonl (element.size - offsetof (struct GNUNET_SECRETSHARING_DecryptData, purpose)); 1282 d.purpose.size = htonl (element.size - offsetof (struct GNUNET_SECRETSHARING_DecryptData, purpose));
@@ -1317,6 +1316,7 @@ static void handle_client_decrypt (void *cls,
1317 GNUNET_CONTAINER_DLL_insert (decrypt_sessions_head, decrypt_sessions_tail, ds); 1316 GNUNET_CONTAINER_DLL_insert (decrypt_sessions_head, decrypt_sessions_tail, ds);
1318 ds->client = client; 1317 ds->client = client;
1319 ds->client_mq = GNUNET_MQ_queue_for_server_client (client); 1318 ds->client_mq = GNUNET_MQ_queue_for_server_client (client);
1319 ds->start = GNUNET_TIME_absolute_ntoh (msg->start);
1320 ds->deadline = GNUNET_TIME_absolute_ntoh (msg->deadline); 1320 ds->deadline = GNUNET_TIME_absolute_ntoh (msg->deadline);
1321 ds->ciphertext = msg->ciphertext; 1321 ds->ciphertext = msg->ciphertext;
1322 1322
@@ -1331,6 +1331,8 @@ static void handle_client_decrypt (void *cls,
1331 ds->share->num_peers, 1331 ds->share->num_peers,
1332 ds->share->peers, 1332 ds->share->peers,
1333 &session_id, 1333 &session_id,
1334 ds->start,
1335 ds->deadline,
1334 &decrypt_new_element, 1336 &decrypt_new_element,
1335 ds); 1337 ds);
1336 1338
@@ -1344,7 +1346,7 @@ static void handle_client_decrypt (void *cls,
1344 1346
1345 insert_decrypt_element (ds); 1347 insert_decrypt_element (ds);
1346 1348
1347 GNUNET_CONSENSUS_conclude (ds->consensus, ds->deadline, decrypt_conclude, ds); 1349 GNUNET_CONSENSUS_conclude (ds->consensus, decrypt_conclude, ds);
1348 1350
1349 GNUNET_SERVER_receive_done (client, GNUNET_OK); 1351 GNUNET_SERVER_receive_done (client, GNUNET_OK);
1350 1352
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-26 22:53:36 +0000