diff options
Diffstat (limited to 'src/secretsharing/gnunet-service-secretsharing.c')
-rw-r--r-- | src/secretsharing/gnunet-service-secretsharing.c | 60 |
1 files changed, 36 insertions, 24 deletions
diff --git a/src/secretsharing/gnunet-service-secretsharing.c b/src/secretsharing/gnunet-service-secretsharing.c index d4c01fedb..1ffde0436 100644 --- a/src/secretsharing/gnunet-service-secretsharing.c +++ b/src/secretsharing/gnunet-service-secretsharing.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | 17 | ||
@@ -898,7 +898,9 @@ restore_fair (const struct GNUNET_CRYPTO_PaillierPublicKey *ppub, | |||
898 | GNUNET_assert (NULL != (big_b = gcry_mpi_new (0))); | 898 | GNUNET_assert (NULL != (big_b = gcry_mpi_new (0))); |
899 | 899 | ||
900 | // a = (N,0)^T | 900 | // a = (N,0)^T |
901 | GNUNET_CRYPTO_mpi_scan_unsigned (&a_1, ppub, sizeof (struct GNUNET_CRYPTO_PaillierPublicKey)); | 901 | GNUNET_CRYPTO_mpi_scan_unsigned (&a_1, |
902 | ppub, | ||
903 | sizeof (struct GNUNET_CRYPTO_PaillierPublicKey)); | ||
902 | GNUNET_assert (NULL != (a_2 = gcry_mpi_new (0))); | 904 | GNUNET_assert (NULL != (a_2 = gcry_mpi_new (0))); |
903 | gcry_mpi_set_ui (a_2, 0); | 905 | gcry_mpi_set_ui (a_2, 0); |
904 | // b = (x,1)^T | 906 | // b = (x,1)^T |
@@ -957,15 +959,9 @@ restore_fair (const struct GNUNET_CRYPTO_PaillierPublicKey *ppub, | |||
957 | gcry_mpi_set (big_b, big_t); | 959 | gcry_mpi_set (big_b, big_t); |
958 | } | 960 | } |
959 | 961 | ||
960 | { | 962 | gcry_mpi_set (xres, b_2); |
961 | gcry_mpi_t paillier_n; | 963 | gcry_mpi_invm (xres, xres, elgamal_q); |
962 | 964 | gcry_mpi_mulm (xres, xres, b_1, elgamal_q); | |
963 | GNUNET_CRYPTO_mpi_scan_unsigned (&paillier_n, ppub, sizeof (struct GNUNET_CRYPTO_PaillierPublicKey)); | ||
964 | |||
965 | gcry_mpi_set (xres, b_2); | ||
966 | gcry_mpi_invm (xres, xres, elgamal_q); | ||
967 | gcry_mpi_mulm (xres, xres, b_1, elgamal_q); | ||
968 | } | ||
969 | 965 | ||
970 | gcry_mpi_release (a_1); | 966 | gcry_mpi_release (a_1); |
971 | gcry_mpi_release (a_2); | 967 | gcry_mpi_release (a_2); |
@@ -984,7 +980,8 @@ restore_fair (const struct GNUNET_CRYPTO_PaillierPublicKey *ppub, | |||
984 | 980 | ||
985 | 981 | ||
986 | static void | 982 | static void |
987 | get_fair_encryption_challenge (const struct GNUNET_SECRETSHARING_FairEncryption *fe, gcry_mpi_t e) | 983 | get_fair_encryption_challenge (const struct GNUNET_SECRETSHARING_FairEncryption *fe, |
984 | gcry_mpi_t *e) | ||
988 | { | 985 | { |
989 | struct { | 986 | struct { |
990 | struct GNUNET_CRYPTO_PaillierCiphertext c; | 987 | struct GNUNET_CRYPTO_PaillierCiphertext c; |
@@ -994,18 +991,27 @@ get_fair_encryption_challenge (const struct GNUNET_SECRETSHARING_FairEncryption | |||
994 | } hash_data; | 991 | } hash_data; |
995 | struct GNUNET_HashCode e_hash; | 992 | struct GNUNET_HashCode e_hash; |
996 | 993 | ||
994 | memset (&hash_data, | ||
995 | 0, | ||
996 | sizeof (hash_data)); | ||
997 | GNUNET_memcpy (&hash_data.c, &fe->c, sizeof (struct GNUNET_CRYPTO_PaillierCiphertext)); | 997 | GNUNET_memcpy (&hash_data.c, &fe->c, sizeof (struct GNUNET_CRYPTO_PaillierCiphertext)); |
998 | GNUNET_memcpy (&hash_data.h, &fe->h, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8); | 998 | GNUNET_memcpy (&hash_data.h, &fe->h, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8); |
999 | GNUNET_memcpy (&hash_data.t1, &fe->t1, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8); | 999 | GNUNET_memcpy (&hash_data.t1, &fe->t1, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8); |
1000 | GNUNET_memcpy (&hash_data.t2, &fe->t2, GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8); | 1000 | GNUNET_memcpy (&hash_data.t2, &fe->t2, GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8); |
1001 | 1001 | GNUNET_CRYPTO_hash (&hash_data, | |
1002 | GNUNET_CRYPTO_mpi_scan_unsigned (&e, &e_hash, sizeof (struct GNUNET_HashCode)); | 1002 | sizeof (hash_data), |
1003 | gcry_mpi_mod (e, e, elgamal_q); | 1003 | &e_hash); |
1004 | /* This allocates "e" */ | ||
1005 | GNUNET_CRYPTO_mpi_scan_unsigned (e, | ||
1006 | &e_hash, | ||
1007 | sizeof (struct GNUNET_HashCode)); | ||
1008 | gcry_mpi_mod (*e, *e, elgamal_q); | ||
1004 | } | 1009 | } |
1005 | 1010 | ||
1006 | 1011 | ||
1007 | static int | 1012 | static int |
1008 | verify_fair (const struct GNUNET_CRYPTO_PaillierPublicKey *ppub, const struct GNUNET_SECRETSHARING_FairEncryption *fe) | 1013 | verify_fair (const struct GNUNET_CRYPTO_PaillierPublicKey *ppub, |
1014 | const struct GNUNET_SECRETSHARING_FairEncryption *fe) | ||
1009 | { | 1015 | { |
1010 | gcry_mpi_t n; | 1016 | gcry_mpi_t n; |
1011 | gcry_mpi_t n_sq; | 1017 | gcry_mpi_t n_sq; |
@@ -1023,11 +1029,13 @@ verify_fair (const struct GNUNET_CRYPTO_PaillierPublicKey *ppub, const struct GN | |||
1023 | GNUNET_assert (NULL != (n_sq = gcry_mpi_new (0))); | 1029 | GNUNET_assert (NULL != (n_sq = gcry_mpi_new (0))); |
1024 | GNUNET_assert (NULL != (tmp1 = gcry_mpi_new (0))); | 1030 | GNUNET_assert (NULL != (tmp1 = gcry_mpi_new (0))); |
1025 | GNUNET_assert (NULL != (tmp2 = gcry_mpi_new (0))); | 1031 | GNUNET_assert (NULL != (tmp2 = gcry_mpi_new (0))); |
1026 | GNUNET_assert (NULL != (e = gcry_mpi_new (0))); | ||
1027 | 1032 | ||
1028 | get_fair_encryption_challenge (fe, e); | 1033 | get_fair_encryption_challenge (fe, |
1034 | &e /* this allocates e */); | ||
1029 | 1035 | ||
1030 | GNUNET_CRYPTO_mpi_scan_unsigned (&n, ppub, sizeof (struct GNUNET_CRYPTO_PaillierPublicKey)); | 1036 | GNUNET_CRYPTO_mpi_scan_unsigned (&n, |
1037 | ppub, | ||
1038 | sizeof (struct GNUNET_CRYPTO_PaillierPublicKey)); | ||
1031 | GNUNET_CRYPTO_mpi_scan_unsigned (&t1, fe->t1, GNUNET_CRYPTO_PAILLIER_BITS / 8); | 1039 | GNUNET_CRYPTO_mpi_scan_unsigned (&t1, fe->t1, GNUNET_CRYPTO_PAILLIER_BITS / 8); |
1032 | GNUNET_CRYPTO_mpi_scan_unsigned (&z, fe->z, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8); | 1040 | GNUNET_CRYPTO_mpi_scan_unsigned (&z, fe->z, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8); |
1033 | GNUNET_CRYPTO_mpi_scan_unsigned (&y, fe->h, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8); | 1041 | GNUNET_CRYPTO_mpi_scan_unsigned (&y, fe->h, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8); |
@@ -1096,7 +1104,9 @@ cleanup: | |||
1096 | * @param[out] fe the fair encryption | 1104 | * @param[out] fe the fair encryption |
1097 | */ | 1105 | */ |
1098 | static void | 1106 | static void |
1099 | encrypt_fair (gcry_mpi_t v, const struct GNUNET_CRYPTO_PaillierPublicKey *ppub, struct GNUNET_SECRETSHARING_FairEncryption *fe) | 1107 | encrypt_fair (gcry_mpi_t v, |
1108 | const struct GNUNET_CRYPTO_PaillierPublicKey *ppub, | ||
1109 | struct GNUNET_SECRETSHARING_FairEncryption *fe) | ||
1100 | { | 1110 | { |
1101 | gcry_mpi_t r; | 1111 | gcry_mpi_t r; |
1102 | gcry_mpi_t s; | 1112 | gcry_mpi_t s; |
@@ -1111,6 +1121,7 @@ encrypt_fair (gcry_mpi_t v, const struct GNUNET_CRYPTO_PaillierPublicKey *ppub, | |||
1111 | gcry_mpi_t Y; | 1121 | gcry_mpi_t Y; |
1112 | gcry_mpi_t G; | 1122 | gcry_mpi_t G; |
1113 | gcry_mpi_t h; | 1123 | gcry_mpi_t h; |
1124 | |||
1114 | GNUNET_assert (NULL != (r = gcry_mpi_new (0))); | 1125 | GNUNET_assert (NULL != (r = gcry_mpi_new (0))); |
1115 | GNUNET_assert (NULL != (s = gcry_mpi_new (0))); | 1126 | GNUNET_assert (NULL != (s = gcry_mpi_new (0))); |
1116 | GNUNET_assert (NULL != (t1 = gcry_mpi_new (0))); | 1127 | GNUNET_assert (NULL != (t1 = gcry_mpi_new (0))); |
@@ -1118,13 +1129,14 @@ encrypt_fair (gcry_mpi_t v, const struct GNUNET_CRYPTO_PaillierPublicKey *ppub, | |||
1118 | GNUNET_assert (NULL != (z = gcry_mpi_new (0))); | 1129 | GNUNET_assert (NULL != (z = gcry_mpi_new (0))); |
1119 | GNUNET_assert (NULL != (w = gcry_mpi_new (0))); | 1130 | GNUNET_assert (NULL != (w = gcry_mpi_new (0))); |
1120 | GNUNET_assert (NULL != (n_sq = gcry_mpi_new (0))); | 1131 | GNUNET_assert (NULL != (n_sq = gcry_mpi_new (0))); |
1121 | GNUNET_assert (NULL != (e = gcry_mpi_new (0))); | ||
1122 | GNUNET_assert (NULL != (u = gcry_mpi_new (0))); | 1132 | GNUNET_assert (NULL != (u = gcry_mpi_new (0))); |
1123 | GNUNET_assert (NULL != (Y = gcry_mpi_new (0))); | 1133 | GNUNET_assert (NULL != (Y = gcry_mpi_new (0))); |
1124 | GNUNET_assert (NULL != (G = gcry_mpi_new (0))); | 1134 | GNUNET_assert (NULL != (G = gcry_mpi_new (0))); |
1125 | GNUNET_assert (NULL != (h = gcry_mpi_new (0))); | 1135 | GNUNET_assert (NULL != (h = gcry_mpi_new (0))); |
1126 | 1136 | ||
1127 | GNUNET_CRYPTO_mpi_scan_unsigned (&n, ppub, sizeof (struct GNUNET_CRYPTO_PaillierPublicKey)); | 1137 | GNUNET_CRYPTO_mpi_scan_unsigned (&n, |
1138 | ppub, | ||
1139 | sizeof (struct GNUNET_CRYPTO_PaillierPublicKey)); | ||
1128 | gcry_mpi_mul (n_sq, n, n); | 1140 | gcry_mpi_mul (n_sq, n, n); |
1129 | gcry_mpi_add_ui (G, n, 1); | 1141 | gcry_mpi_add_ui (G, n, 1); |
1130 | 1142 | ||
@@ -1170,8 +1182,8 @@ encrypt_fair (gcry_mpi_t v, const struct GNUNET_CRYPTO_PaillierPublicKey *ppub, | |||
1170 | GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8, | 1182 | GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8, |
1171 | t2); | 1183 | t2); |
1172 | 1184 | ||
1173 | 1185 | get_fair_encryption_challenge (fe, | |
1174 | get_fair_encryption_challenge (fe, e); | 1186 | &e /* This allocates "e" */); |
1175 | 1187 | ||
1176 | // compute z | 1188 | // compute z |
1177 | gcry_mpi_mul (z, e, v); | 1189 | gcry_mpi_mul (z, e, v); |