diff options
-rw-r--r-- | brandt.c | 66 | ||||
-rw-r--r-- | crypto.h | 141 | ||||
-rw-r--r-- | internals.h | 20 | ||||
-rw-r--r-- | test_crypto.c | 177 |
4 files changed, 195 insertions, 209 deletions
@@ -26,72 +26,6 @@ | |||
26 | #include "util.h" | 26 | #include "util.h" |
27 | 27 | ||
28 | 28 | ||
29 | typedef int | ||
30 | (*msg_recv)(struct BRANDT_Auction *ad, | ||
31 | const unsigned char *buf, | ||
32 | size_t buflen, | ||
33 | uint16_t sender); | ||
34 | |||
35 | |||
36 | enum { | ||
37 | auction_firstPrice, | ||
38 | auction_mPlusFirstPrice, | ||
39 | auction_last | ||
40 | }; | ||
41 | |||
42 | |||
43 | enum { | ||
44 | outcome_private, | ||
45 | outcome_public, | ||
46 | outcome_last | ||
47 | }; | ||
48 | |||
49 | |||
50 | /** | ||
51 | * stores the function pointers to receive functions for each state. | ||
52 | * | ||
53 | * The first index denotes if a first price auction or a M+1st price auction is | ||
54 | * used. If it is 0, it is a first price auction, if it is 1, it is a M+1st | ||
55 | * price auction. | ||
56 | * | ||
57 | * The second index denotes if the outcome should be public or private. A value | ||
58 | * of 0 means a private outcome, while a value of 1 means public outcome. | ||
59 | */ | ||
60 | static msg_recv handler_in[auction_last][outcome_last][msg_last] = | ||
61 | { | ||
62 | [auction_firstPrice] = | ||
63 | { | ||
64 | [outcome_private] = | ||
65 | { | ||
66 | [msg_init] = &smc_recv_keyshare, | ||
67 | [msg_bid] = &smc_recv_encrypted_bid, | ||
68 | [msg_outcome] = &fp_priv_recv_outcome, | ||
69 | [msg_decrypt] = &fp_priv_recv_decryption, | ||
70 | }, | ||
71 | [outcome_public] = | ||
72 | { | ||
73 | [msg_init] = &smc_recv_keyshare, | ||
74 | [msg_bid] = &smc_recv_encrypted_bid, | ||
75 | [msg_outcome] = &fp_pub_recv_outcome, | ||
76 | [msg_decrypt] = &fp_pub_recv_decryption, | ||
77 | } | ||
78 | }, | ||
79 | [auction_mPlusFirstPrice] = | ||
80 | { | ||
81 | [outcome_private] = | ||
82 | { | ||
83 | [msg_init] = &smc_recv_keyshare, | ||
84 | [msg_bid] = &smc_recv_encrypted_bid, | ||
85 | }, | ||
86 | [outcome_public] = | ||
87 | { | ||
88 | [msg_init] = &smc_recv_keyshare, | ||
89 | [msg_bid] = &smc_recv_encrypted_bid, | ||
90 | } | ||
91 | } | ||
92 | }; | ||
93 | |||
94 | |||
95 | void | 29 | void |
96 | BRANDT_init (struct GNUNET_CRYPTO_EccDlogContext *dlogctx) | 30 | BRANDT_init (struct GNUNET_CRYPTO_EccDlogContext *dlogctx) |
97 | { | 31 | { |
@@ -113,44 +113,141 @@ int smc_zkp_0og_check (const gcry_mpi_point_t y, | |||
113 | const gcry_mpi_point_t beta, | 113 | const gcry_mpi_point_t beta, |
114 | const struct proof_0og *proof); | 114 | const struct proof_0og *proof); |
115 | 115 | ||
116 | |||
116 | /* --- Protocol implementation --- */ | 117 | /* --- Protocol implementation --- */ |
117 | 118 | ||
118 | unsigned char *smc_gen_keyshare (struct BRANDT_Auction *ad, size_t *buflen); | 119 | unsigned char *smc_gen_keyshare (struct BRANDT_Auction *ad, size_t *buflen); |
119 | int smc_recv_keyshare (struct BRANDT_Auction *ad, | 120 | int smc_recv_keyshare (struct BRANDT_Auction *ad, |
120 | const unsigned char *buf, | 121 | const unsigned char *buf, |
121 | size_t buflen, | 122 | size_t buflen, |
122 | uint16_t sender_index); | 123 | uint16_t sender_index); |
123 | 124 | ||
124 | unsigned char *smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen); | 125 | unsigned char *smc_encrypt_bid (struct BRANDT_Auction *ad, size_t *buflen); |
125 | int smc_recv_encrypted_bid (struct BRANDT_Auction *ad, | 126 | int smc_recv_encrypted_bid (struct BRANDT_Auction *ad, |
126 | const unsigned char *buf, | 127 | const unsigned char *buf, |
127 | size_t buflen, | 128 | size_t buflen, |
128 | uint16_t sender_index); | 129 | uint16_t sender_index); |
129 | 130 | ||
130 | unsigned char *fp_priv_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen); | 131 | unsigned char *fp_priv_compute_outcome (struct BRANDT_Auction *ad, |
132 | size_t *buflen); | ||
131 | int fp_priv_recv_outcome (struct BRANDT_Auction *ad, | 133 | int fp_priv_recv_outcome (struct BRANDT_Auction *ad, |
132 | const unsigned char *buf, | 134 | const unsigned char *buf, |
133 | size_t buflen, | 135 | size_t buflen, |
134 | uint16_t sender); | 136 | uint16_t sender); |
135 | 137 | ||
136 | unsigned char *fp_priv_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen); | 138 | unsigned char *fp_priv_decrypt_outcome (struct BRANDT_Auction *ad, |
139 | size_t *buflen); | ||
137 | int fp_priv_recv_decryption (struct BRANDT_Auction *ad, | 140 | int fp_priv_recv_decryption (struct BRANDT_Auction *ad, |
138 | const unsigned char *buf, | 141 | const unsigned char *buf, |
139 | size_t buflen, | 142 | size_t buflen, |
140 | uint16_t sender); | 143 | uint16_t sender); |
141 | 144 | ||
142 | unsigned char *fp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen); | 145 | unsigned char *fp_pub_compute_outcome (struct BRANDT_Auction *ad, |
146 | size_t *buflen); | ||
143 | int fp_pub_recv_outcome (struct BRANDT_Auction *ad, | 147 | int fp_pub_recv_outcome (struct BRANDT_Auction *ad, |
144 | const unsigned char *buf, | 148 | const unsigned char *buf, |
145 | size_t buflen, | 149 | size_t buflen, |
146 | uint16_t sender); | 150 | uint16_t sender); |
147 | 151 | ||
148 | unsigned char *fp_pub_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen); | 152 | unsigned char *fp_pub_decrypt_outcome (struct BRANDT_Auction *ad, |
153 | size_t *buflen); | ||
149 | int fp_pub_recv_decryption (struct BRANDT_Auction *ad, | 154 | int fp_pub_recv_decryption (struct BRANDT_Auction *ad, |
150 | const unsigned char *buf, | 155 | const unsigned char *buf, |
151 | size_t buflen, | 156 | size_t buflen, |
152 | uint16_t sender); | 157 | uint16_t sender); |
153 | 158 | ||
154 | int32_t fp_priv_determine_outcome (struct BRANDT_Auction *ad); | 159 | int32_t fp_priv_determine_outcome (struct BRANDT_Auction *ad); |
155 | 160 | ||
161 | |||
162 | /* --- Round dictionaries --- */ | ||
163 | |||
164 | typedef int | ||
165 | (*msg_in)(struct BRANDT_Auction *ad, | ||
166 | const unsigned char *buf, | ||
167 | size_t buflen, | ||
168 | uint16_t sender); | ||
169 | |||
170 | |||
171 | typedef unsigned char * | ||
172 | (*msg_out)(struct BRANDT_Auction *ad, | ||
173 | size_t *buflen); | ||
174 | |||
175 | |||
176 | /** | ||
177 | * stores the function pointers to receive functions for each state. | ||
178 | * | ||
179 | * The first index denotes if a first price auction or a M+1st price auction is | ||
180 | * used. If it is 0, it is a first price auction, if it is 1, it is a M+1st | ||
181 | * price auction. | ||
182 | * | ||
183 | * The second index denotes if the outcome should be public or private. A value | ||
184 | * of 0 means a private outcome, while a value of 1 means public outcome. | ||
185 | */ | ||
186 | static const msg_in handler_in[auction_last][outcome_last][msg_last] = { | ||
187 | [auction_firstPrice] = { | ||
188 | [outcome_private] = { | ||
189 | [msg_init] = &smc_recv_keyshare, | ||
190 | [msg_bid] = &smc_recv_encrypted_bid, | ||
191 | [msg_outcome] = &fp_priv_recv_outcome, | ||
192 | [msg_decrypt] = &fp_priv_recv_decryption, | ||
193 | }, | ||
194 | [outcome_public] = { | ||
195 | [msg_init] = &smc_recv_keyshare, | ||
196 | [msg_bid] = &smc_recv_encrypted_bid, | ||
197 | [msg_outcome] = &fp_pub_recv_outcome, | ||
198 | [msg_decrypt] = &fp_pub_recv_decryption, | ||
199 | }, | ||
200 | }, | ||
201 | [auction_mPlusFirstPrice] = { | ||
202 | [outcome_private] = { | ||
203 | [msg_init] = &smc_recv_keyshare, | ||
204 | [msg_bid] = &smc_recv_encrypted_bid, | ||
205 | }, | ||
206 | [outcome_public] = { | ||
207 | [msg_init] = &smc_recv_keyshare, | ||
208 | [msg_bid] = &smc_recv_encrypted_bid, | ||
209 | }, | ||
210 | }, | ||
211 | }; | ||
212 | |||
213 | |||
214 | /** | ||
215 | * stores the function pointers to message buffer creating functions for each | ||
216 | * state. | ||
217 | * | ||
218 | * The first index denotes if a first price auction or a M+1st price auction is | ||
219 | * used. If it is 0, it is a first price auction, if it is 1, it is a M+1st | ||
220 | * price auction. | ||
221 | * | ||
222 | * The second index denotes if the outcome should be public or private. A value | ||
223 | * of 0 means a private outcome, while a value of 1 means public outcome. | ||
224 | */ | ||
225 | static const msg_out handler_out[auction_last][outcome_last][msg_last] = { | ||
226 | [auction_firstPrice] = { | ||
227 | [outcome_private] = { | ||
228 | [msg_init] = &smc_gen_keyshare, | ||
229 | [msg_bid] = &smc_encrypt_bid, | ||
230 | [msg_outcome] = &fp_priv_compute_outcome, | ||
231 | [msg_decrypt] = &fp_priv_decrypt_outcome, | ||
232 | }, | ||
233 | [outcome_public] = { | ||
234 | [msg_init] = &smc_gen_keyshare, | ||
235 | [msg_bid] = &smc_encrypt_bid, | ||
236 | [msg_outcome] = &fp_pub_compute_outcome, | ||
237 | [msg_decrypt] = &fp_pub_decrypt_outcome, | ||
238 | }, | ||
239 | }, | ||
240 | [auction_mPlusFirstPrice] = { | ||
241 | [outcome_private] = { | ||
242 | [msg_init] = &smc_gen_keyshare, | ||
243 | [msg_bid] = &smc_encrypt_bid, | ||
244 | }, | ||
245 | [outcome_public] = { | ||
246 | [msg_init] = &smc_gen_keyshare, | ||
247 | [msg_bid] = &smc_encrypt_bid, | ||
248 | }, | ||
249 | }, | ||
250 | }; | ||
251 | |||
252 | |||
156 | #endif /* ifndef _BRANDT_CRYPTO_H */ | 253 | #endif /* ifndef _BRANDT_CRYPTO_H */ |
diff --git a/internals.h b/internals.h index 4624347..656e798 100644 --- a/internals.h +++ b/internals.h | |||
@@ -37,13 +37,27 @@ enum rounds { | |||
37 | }; | 37 | }; |
38 | 38 | ||
39 | 39 | ||
40 | enum auction_type { | ||
41 | auction_firstPrice, | ||
42 | auction_mPlusFirstPrice, | ||
43 | auction_last | ||
44 | }; | ||
45 | |||
46 | |||
47 | enum outcome_type { | ||
48 | outcome_private, | ||
49 | outcome_public, | ||
50 | outcome_last | ||
51 | }; | ||
52 | |||
53 | |||
40 | /** | 54 | /** |
41 | * This struct describes an auction and has to be followed by #description_len | 55 | * This struct describes an auction and has to be followed by #description_len |
42 | * bytes of arbitrary data where the description of the item to be sold is | 56 | * bytes of arbitrary data where the description of the item to be sold is |
43 | * stored. | 57 | * stored. |
44 | * | 58 | * |
45 | * \todo: align to a multiple of 64bit */ | 59 | * \todo: align to a multiple of 64bit */ |
46 | struct BRANDT_AuctionDescrP { | 60 | struct BRANDT_DescrP { |
47 | /** The length of the description in bytes directly following this struct */ | 61 | /** The length of the description in bytes directly following this struct */ |
48 | uint32_t description_len; | 62 | uint32_t description_len; |
49 | 63 | ||
@@ -63,7 +77,7 @@ struct BRANDT_AuctionDescrP { | |||
63 | 77 | ||
64 | 78 | ||
65 | struct BRANDT_Auction { | 79 | struct BRANDT_Auction { |
66 | struct BRANDT_AuctionDescrP *desc; /** pointer to the auction information */ | 80 | struct BRANDT_DescrP *desc; /** pointer to the auction information */ |
67 | 81 | ||
68 | BRANDT_CbBroadcast bcast; /** broadcast callback */ | 82 | BRANDT_CbBroadcast bcast; /** broadcast callback */ |
69 | BRANDT_CbUnicast ucast; /** unicast callback */ | 83 | BRANDT_CbUnicast ucast; /** unicast callback */ |
diff --git a/test_crypto.c b/test_crypto.c index 09a0838..297ac69 100644 --- a/test_crypto.c +++ b/test_crypto.c | |||
@@ -30,8 +30,8 @@ | |||
30 | #include "test.h" | 30 | #include "test.h" |
31 | 31 | ||
32 | 32 | ||
33 | static uint16_t bidders; | 33 | static uint16_t bidders; |
34 | static uint16_t prizes; | 34 | static uint16_t prizes; |
35 | static struct BRANDT_Auction *ad; | 35 | static struct BRANDT_Auction *ad; |
36 | 36 | ||
37 | int | 37 | int |
@@ -199,141 +199,83 @@ test_setup_auction_data () | |||
199 | } | 199 | } |
200 | 200 | ||
201 | 201 | ||
202 | int | 202 | #define ROUND(type, oc, index) do { \ |
203 | test_prologue () | 203 | for (uint16_t i = 0; i < bidders; i++) \ |
204 | { | 204 | { \ |
205 | uint16_t i, s; | 205 | bufs[i] = handler_out[type][oc][index] (&ad[i], &lens[i]); \ |
206 | unsigned char *bufs[bidders]; | 206 | check (bufs[i], "failed to gen keyshare"); \ |
207 | size_t lens[bidders]; | 207 | } \ |
208 | 208 | \ | |
209 | for (i = 0; i < bidders; i++) | 209 | for (uint16_t i = 0; i < bidders; i++) \ |
210 | { | 210 | { \ |
211 | bufs[i] = smc_gen_keyshare (&ad[i], &lens[i]); | 211 | for (uint16_t s = 0; s < bidders; s++) \ |
212 | check (bufs[i], "failed to gen keyshare"); | 212 | { \ |
213 | } | 213 | if (s == i) \ |
214 | 214 | continue; \ | |
215 | for (i = 0; i < bidders; i++) | 215 | check (handler_in[type][oc][index] (&ad[i], bufs[s], lens[s], s), \ |
216 | { | 216 | "failed checking keyshare"); \ |
217 | for (s = 0; s < bidders; s++) | 217 | } \ |
218 | { | 218 | } \ |
219 | if (s == i) | 219 | \ |
220 | continue; | 220 | for (uint16_t i = 0; i < bidders; i++) \ |
221 | check (smc_recv_keyshare (&ad[i], bufs[s], lens[s], s), | 221 | free (bufs[i]); \ |
222 | "failed checking keyshare"); | 222 | } while (0) |
223 | } | ||
224 | } | ||
225 | |||
226 | for (i = 0; i < bidders; i++) | ||
227 | free (bufs[i]); | ||
228 | return 1; | ||
229 | } | ||
230 | 223 | ||
231 | 224 | ||
232 | int | 225 | int |
233 | test_round1 () | 226 | test_private_first_price () |
234 | { | 227 | { |
235 | uint16_t i, s; | ||
236 | unsigned char *bufs[bidders]; | 228 | unsigned char *bufs[bidders]; |
237 | size_t lens[bidders]; | 229 | size_t lens[bidders]; |
230 | int32_t winner = -1; | ||
238 | 231 | ||
239 | for (i = 0; i < bidders; i++) | 232 | ROUND (auction_firstPrice, outcome_private, msg_init); |
240 | { | 233 | ROUND (auction_firstPrice, outcome_private, msg_bid); |
241 | bufs[i] = smc_encrypt_bid (&ad[i], &lens[i]); | 234 | ROUND (auction_firstPrice, outcome_private, msg_outcome); |
242 | check (bufs[i], "failed to encrypt bid"); | 235 | ROUND (auction_firstPrice, outcome_private, msg_decrypt); |
243 | } | ||
244 | 236 | ||
245 | for (i = 0; i < bidders; i++) | 237 | /* outcome */ |
238 | for (uint16_t i = 0; i < ad->n; i++) | ||
246 | { | 239 | { |
247 | for (s = 0; s < bidders; s++) | 240 | if (-1 != fp_priv_determine_outcome (&ad[i])) |
248 | { | 241 | { |
249 | if (s == i) | 242 | check (-1 == winner, "multiple winners detected"); |
250 | continue; | 243 | winner = i; |
251 | check (smc_recv_encrypted_bid (&ad[i], bufs[s], lens[s], s), | ||
252 | "failed checking encrypted bid"); | ||
253 | } | 244 | } |
254 | } | 245 | } |
255 | 246 | check (-1 != winner, "no winner detected"); | |
256 | for (i = 0; i < bidders; i++) | 247 | fputs ("good: one winner detected", stderr); |
257 | free (bufs[i]); | ||
258 | return 1; | 248 | return 1; |
259 | } | 249 | } |
260 | 250 | ||
261 | 251 | ||
262 | int | 252 | int |
263 | test_round2 () | 253 | test_public_first_price () |
264 | { | ||
265 | uint16_t i, s; | ||
266 | unsigned char *bufs[bidders]; | ||
267 | size_t lens[bidders]; | ||
268 | |||
269 | for (i = 0; i < bidders; i++) | ||
270 | { | ||
271 | bufs[i] = fp_priv_compute_outcome (&ad[i], &lens[i]); | ||
272 | check (bufs[i], "failed to compute outcome"); | ||
273 | } | ||
274 | |||
275 | for (i = 0; i < bidders; i++) | ||
276 | { | ||
277 | for (s = 0; s < bidders; s++) | ||
278 | { | ||
279 | if (s == i) | ||
280 | continue; | ||
281 | check (fp_priv_recv_outcome (&ad[i], bufs[s], lens[s], s), | ||
282 | "failed checking outcome"); | ||
283 | } | ||
284 | } | ||
285 | |||
286 | for (i = 0; i < bidders; i++) | ||
287 | free (bufs[i]); | ||
288 | return 1; | ||
289 | } | ||
290 | |||
291 | |||
292 | static int | ||
293 | test_round3 () | ||
294 | { | 254 | { |
295 | uint16_t i, s; | ||
296 | unsigned char *bufs[bidders]; | 255 | unsigned char *bufs[bidders]; |
297 | size_t lens[bidders]; | 256 | size_t lens[bidders]; |
257 | int32_t wret = -1; | ||
258 | int32_t pret = -1; | ||
259 | uint16_t winner = -1; | ||
260 | uint16_t price = -1; | ||
298 | 261 | ||
299 | for (i = 0; i < bidders; i++) | 262 | ROUND (auction_firstPrice, outcome_public, msg_init); |
300 | { | 263 | ROUND (auction_firstPrice, outcome_public, msg_bid); |
301 | bufs[i] = fp_priv_decrypt_outcome (&ad[i], &lens[i]); | 264 | ROUND (auction_firstPrice, outcome_public, msg_outcome); |
302 | check (bufs[i], "failed to decrypt outcome"); | 265 | ROUND (auction_firstPrice, outcome_public, msg_decrypt); |
303 | } | ||
304 | |||
305 | for (i = 0; i < bidders; i++) | ||
306 | { | ||
307 | for (s = 0; s < bidders; s++) | ||
308 | { | ||
309 | if (s == i) | ||
310 | continue; | ||
311 | check (fp_priv_recv_decryption (&ad[i], bufs[s], lens[s], s), | ||
312 | "failed checking decrypted outcome"); | ||
313 | } | ||
314 | } | ||
315 | |||
316 | for (i = 0; i < bidders; i++) | ||
317 | free (bufs[i]); | ||
318 | return 1; | ||
319 | } | ||
320 | |||
321 | |||
322 | static int | ||
323 | test_outcome () | ||
324 | { | ||
325 | int32_t ret = -1; | ||
326 | 266 | ||
267 | /* outcome */ | ||
327 | for (uint16_t i = 0; i < ad->n; i++) | 268 | for (uint16_t i = 0; i < ad->n; i++) |
328 | { | 269 | { |
329 | if (-1 != fp_priv_determine_outcome (&ad[i])) | 270 | price = fp_pub_determine_outcome (&ad[i], &winner); |
330 | { | 271 | if (-1 == pret) |
331 | check (-1 == ret, "multiple winners detected"); | 272 | pret = price; |
332 | ret = i; | 273 | check (price == pret, "different prices detected"); |
333 | } | 274 | if (-1 == wret) |
275 | wret = winner; | ||
276 | check (winner == wret, "different winners detected"); | ||
334 | } | 277 | } |
335 | check (-1 != ret, "no winner detected"); | 278 | fputs ("good: same winner detected", stderr); |
336 | fputs ("winner detected", stderr); | ||
337 | return 1; | 279 | return 1; |
338 | } | 280 | } |
339 | 281 | ||
@@ -364,7 +306,7 @@ cleanup_auction_data () | |||
364 | int | 306 | int |
365 | main (int argc, char *argv[]) | 307 | main (int argc, char *argv[]) |
366 | { | 308 | { |
367 | int repeat = 1; | 309 | int repeat = 1; |
368 | struct GNUNET_CRYPTO_EccDlogContext *edc; | 310 | struct GNUNET_CRYPTO_EccDlogContext *edc; |
369 | 311 | ||
370 | bidders = 2; | 312 | bidders = 2; |
@@ -386,11 +328,10 @@ main (int argc, char *argv[]) | |||
386 | } | 328 | } |
387 | 329 | ||
388 | run (test_setup_auction_data); | 330 | run (test_setup_auction_data); |
389 | run (test_prologue); | 331 | run (test_private_first_price); |
390 | run (test_round1); | 332 | cleanup_auction_data (); |
391 | run (test_round2); | 333 | run (test_setup_auction_data); |
392 | run (test_round3); | 334 | run (test_public_first_price); |
393 | run (test_outcome); | ||
394 | cleanup_auction_data (); | 335 | cleanup_auction_data (); |
395 | 336 | ||
396 | GNUNET_CRYPTO_ecc_dlog_release (edc); | 337 | GNUNET_CRYPTO_ecc_dlog_release (edc); |