[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: worked on crypto implementation
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: worked on crypto implementation (obviously with errors :D)) |
Date: |
Mon, 23 Mar 2020 21:04:19 +0100 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 3c308d9 worked on crypto implementation (obviously with errors :D))
3c308d9 is described below
commit 3c308d93bc379979c254bedd848d12b1eb75aa0f
Author: Dennis Neufeld <address@hidden>
AuthorDate: Mon Mar 23 20:04:12 2020 +0000
worked on crypto implementation (obviously with errors :D))
---
src/include/anastasis_crypto_lib.h | 5 +
src/util/Makefile.am | 4 +-
.../anastasis_crypto.c} | 218 ++++++++++++---------
3 files changed, 129 insertions(+), 98 deletions(-)
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index 47db1e4..6c865f0 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -14,6 +14,9 @@
Anastasis; see the file COPYING.GPL. If not, see
<http://www.gnu.org/licenses/>
*/
+#include <jansson.h>
+#include <gnunet/gnunet_crypto_lib.h>
+
/**
* An EdDSA public key that is used to identify a user's account.
*/
@@ -21,6 +24,7 @@ struct ANASTASIS_CRYPTO_AccountPublicKey
{
struct GNUNET_CRYPTO_EddsaPublicKey pub;
};
+
/**
* Specifies a Key Share from an escrow provider, the combined keyshares
generate the EscrowMasterKey
* which is used to decrypt the Secret from the user.
@@ -29,6 +33,7 @@ struct ANASTASIS_CRYPTO_KeyShare
{
uint32_t key[8];
};
+
/**
* Specifies a TruthKey which is used to decrypt the Truth stored by the user.
*/
diff --git a/src/util/Makefile.am b/src/util/Makefile.am
index 677ad84..f06178f 100644
--- a/src/util/Makefile.am
+++ b/src/util/Makefile.am
@@ -18,9 +18,11 @@ lib_LTLIBRARIES = \
libanastasisutil.la
libanastasisutil_la_SOURCES = \
- os_installation.c
+ os_installation.c \
+ anastasis_crypto.c
libanastasisutil_la_LIBADD = \
-lgnunetutil \
+ -ljansson \
$(XLIB)
libanastasisutil_la_LDFLAGS = \
-version-info 0:0:0 \
diff --git a/src/include/anastasis_crypto_lib.h b/src/util/anastasis_crypto.c
similarity index 72%
copy from src/include/anastasis_crypto_lib.h
copy to src/util/anastasis_crypto.c
index 47db1e4..19874f8 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/util/anastasis_crypto.c
@@ -13,94 +13,19 @@
You should have received a copy of the GNU General Public License along with
Anastasis; see the file COPYING.GPL. If not, see
<http://www.gnu.org/licenses/>
*/
-
/**
- * An EdDSA public key that is used to identify a user's account.
+ * @file lib/anastasis_crypto.c
+ * @brief anastasis crypto api
+ * @author Christian Grothoff
+ * @author Dominik Meister
+ * @author Dennis Neufeld
*/
-struct ANASTASIS_CRYPTO_AccountPublicKey
-{
- struct GNUNET_CRYPTO_EddsaPublicKey pub;
-};
-/**
- * Specifies a Key Share from an escrow provider, the combined keyshares
generate the EscrowMasterKey
- * which is used to decrypt the Secret from the user.
-*/
-struct ANASTASIS_CRYPTO_KeyShare
-{
- uint32_t key[8];
-};
-/**
- * Specifies a TruthKey which is used to decrypt the Truth stored by the user.
-*/
-struct ANASTASIS_CRYPTO_TruthKey
-{
- uint32_t key[8];
-};
-
-/**
- * Specifies a Salt value, here 32 Byte large.
-*/
-struct ANASTASIS_CRYPTO_Salt
-{
- uint32_t salt[8];
-};
-/**
- * Specifies a policy key which is used to decrypt the master key
-*/
-struct ANASTASIS_CRYPTO_PolicyKey
-{
- uint32_t key[8];
-};
-
-
-/**
- * Specifies an encrypted master key, the key is used to encrypt the core
secret from the user
-*/
-struct ANASTASIS_CRYPTO_EncryptedMasterKey
-{
- uint32_t key[8];
-};
-/**
- * Specifies a Nonce used for the AES encryption, here defined as 32Byte large.
-*/
-struct ANASTASIS_CRYPTO_Nonce
-{
- uint32_t nonce[8];
-};
-
-/**
- * Specifies an IV used for the AES encryption, here defined as 12Byte large.
-*/
-struct ANASTASIS_CRYPTO_Iv
-{
- uint32_t iv[3];
-};
-
-/**
- * Specifies an AES Tag used for the AES authentication, here defined as 16
Byte large.
-*/
-struct ANASTASIS_CRYPTO_AesTag
-{
- uint32_t aes_tag[4];
-};
-
-/**
- * The escrow master key is the key used to encrypt the user secret
(MasterKey).
- */
-struct ANASTASIS_CRYPTO_EscrowMasterKey
-{
- uint32_t key[8];
-};
-
-/**
- * The user identifier consists of user information and the server salt. It is
used as
- * entropy source to generate the account public key and the encryption keys.
- */
-struct ANASTASIS_CRYPTO_UserIdentifier
-{
- uint32_t hash[8];
-};
+#include "platform.h"
+#include "anastasis_crypto_lib.h"
+#include <gcrypt.h>
+#include <taler/taler_json_lib.h>
+#include <gnunet/gnunet_util_lib.h>
/**
* Creates the UserIdentifier, it is used as entropy source for the encryption
keys and
@@ -111,7 +36,21 @@ struct ANASTASIS_CRYPTO_UserIdentifier
void
ANASTASIS_CRYPTO_user_identifier_derive (
const json_t *id_data,
- struct ANASTASIS_CRYPTO_UserIdentifier *id);
+ struct ANASTASIS_CRYPTO_UserIdentifier *id)
+{
+
+ /*
+ GNUNET_break (0 == gcry_kdf_derive (buf,
+ buf_len,
+ GCRY_KDF_SCRYPT,
+ 1 ,
+ salt,
+ strlen (salt),
+ 2 ,
+ sizeof(twofish_key),
+ &twofish_key));
+ */
+}
/**
* Generates the eddsa public Key used as the account identifier on the
providers
@@ -121,7 +60,21 @@ ANASTASIS_CRYPTO_user_identifier_derive (
void
ANASTASIS_CRYPTO_account_public_key_derive (
struct ANASTASIS_CRYPTO_AccountPublicKey *pub_key,
- const struct ANASTASIS_CRYPTO_UserIdentifier *id);
+ const struct ANASTASIS_CRYPTO_UserIdentifier *id)
+{
+ struct GNUNET_CRYPTO_EddsaPrivateKey priv_key;
+ char *val;
+ val = GNUNET_STRINGS_data_to_string_alloc (&id,
+ sizeof (id));
+ GNUNET_CRYPTO_eddsa_private_key_from_string (val,
+ sizeof (val),
+ &priv_key);
+
+ GNUNET_CRYPTO_eddsa_key_get_public (&priv_key,
+ &pub_key->pub);
+
+ GNUNET_free (val);
+}
/**
* Encrypt and signs the recovery document with AES256, the recovery document
is
@@ -140,7 +93,49 @@ ANASTASIS_CRYPTO_recovery_document_encrypt (
const void *data,
size_t data_size,
void **res,
- size_t *res_size);
+ size_t *res_size)
+{
+ char key[256 / 8];
+ char iv[96 / 8];
+
+ const void *buf;
+ int rc;
+ gcry_cipher_hd_t handle;
+
+ GNUNET_break (0 == gcry_kdf_derive (buf,
+ strlen (buf),
+ GCRY_KDF_SCRYPT,
+ 1 /* subalgo */,
+ "erd",
+ strlen ("erd"),
+ 2 /* iterations; keep cost of individual
op small */,
+ sizeof(twofish_key),
+ &twofish_key));
+
+ GNUNET_CRYPTO_kdf (twofish_iv,
+ sizeof (twofish_iv),
+ "gnunet-proof-of-work-iv",
+ strlen ("gnunet-proof-of-work-iv"),
+ twofish_key,
+ sizeof(twofish_key),
+ salt,
+ strlen (salt),
+ NULL, 0);
+ GNUNET_assert (0 ==
+ gcry_cipher_open (&handle, GCRY_CIPHER_TWOFISH,
+ GCRY_CIPHER_MODE_CFB, 0));
+ rc = gcry_cipher_setkey (handle,
+ twofish_key,
+ sizeof(twofish_key));
+ GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
+ rc = gcry_cipher_setiv (handle,
+ twofish_iv,
+ sizeof(twofish_iv));
+ GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
+ GNUNET_assert (0 == gcry_cipher_encrypt (handle, &rbuf, buf_len, buf,
+ buf_len));
+ gcry_cipher_close (handle);
+}
/**
* Decrypts the recovery document with AES256, the decryption key is generated
with
@@ -160,7 +155,10 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
const void *data,
size_t data_size,
void **res,
- size_t *res_size);
+ size_t *res_size)
+{
+
+}
/**
* Encrypts a keyshare with a key generated with the user identification as
entropy and the salt "eks".
@@ -175,7 +173,10 @@ ANASTASIS_CRYPTO_key_share_encrypt (
const struct ANASTASIS_CRYPTO_KeyShare *key_share,
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
void **res,
- void *res_size);
+ void *res_size)
+{
+
+}
/**
* Decrypts a keyshare with a key generated with the user identification as
entropy and the salt "eks".
@@ -190,7 +191,10 @@ ANASTASIS_CRYPTO_key_share_decrypt (
struct ANASTASIS_CRYPTO_KeyShare *key_share,
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
const void *data,
- size_t data_size);
+ size_t data_size)
+{
+
+}
/**
* Encrypts the truth data which contains the hashed answer or the phone
number..
@@ -210,7 +214,10 @@ ANASTASIS_CRYPTO_truth_encrypt (
const void *data,
size_t data_size,
void **res,
- size_t *res_size);
+ size_t *res_size)
+{
+
+}
/**
* Decrypts the truth data which contains the hashed answer or the phone
number..
@@ -229,7 +236,10 @@ ANASTASIS_CRYPTO_truth_decrypt (
const void *data,
size_t data_size,
void **res,
- size_t *res_size);
+ size_t *res_size)
+{
+
+}
/**
@@ -240,7 +250,10 @@ ANASTASIS_CRYPTO_truth_decrypt (
*/
void
ANASTASIS_CRYPTO_key_share_create (
- struct ANASTASIS_CRYPTO_KeyShare *key_share);
+ struct ANASTASIS_CRYPTO_KeyShare *key_share)
+{
+
+}
/**
@@ -255,7 +268,10 @@ void
ANASTASIS_CRYPTO_policy_key_derive (
const struct ANASTASIS_CRYPTO_KeyShare *key_shares,
unsigned int keyshare_length,
- struct ANASTASIS_CRYPTO_PolicyKey *policy_key);
+ struct ANASTASIS_CRYPTO_PolicyKey *policy_key)
+{
+
+}
/**
@@ -281,7 +297,10 @@ ANASTASIS_CRYPTO_core_secret_encrypt (
size_t core_secret_size,
void **enc_core_secret,
size_t *enc_core_secret_size,
- struct ANASTASIS_CRYPTO_EncryptedMasterKey *encrypted_master_keys);
+ struct ANASTASIS_CRYPTO_EncryptedMasterKey *encrypted_master_keys)
+{
+
+}
/**
* Decrypts the core secret with the master key. First the master key is
decrypted with the provided policy key.
@@ -301,4 +320,9 @@ ANASTASIS_CRYPTO_core_secret_recover (
const void *encrypted_core_secret,
size_t encrypted_core_secret_size,
void **core_secret,
- size_t *core_secret_size);
\ No newline at end of file
+ size_t *core_secret_size)
+{
+
+}
+
+/* end of anastasis_crypto.c */
\ No newline at end of file
--
To stop receiving notification emails like this one, please contact
address@hidden.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: worked on crypto implementation (obviously with errors :D)),
gnunet <=