[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: worked on keyshare enc-/decrypt
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: worked on keyshare enc-/decryption |
Date: |
Thu, 26 Mar 2020 19:07:22 +0100 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 62c786d worked on keyshare enc-/decryption
62c786d is described below
commit 62c786da5fa0c0e183a6280c75c9f2e0f3a92a09
Author: Dennis Neufeld <address@hidden>
AuthorDate: Thu Mar 26 18:07:17 2020 +0000
worked on keyshare enc-/decryption
---
src/include/anastasis_crypto_lib.h | 18 +++++++++-------
src/util/anastasis_crypto.c | 37 +++++++++++++++++++-------------
src/util/test_anastasis_crypto.c | 43 ++++++++++++++++++++++++++++++++++++--
3 files changed, 73 insertions(+), 25 deletions(-)
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index e158473..34d26e9 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -180,7 +180,7 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
*
* @param key_share the key share which is afterwards encrypted
* @param id the user identification which is the entropy source for the key
generation
- * @param res holds the encrypted share, the first 48 Bytes are the used nonce
and iv
+ * @param res holds the encrypted share, the first 48 Bytes are the used nonce
and tag
* @param res_size defines the size of the data
*/
void
@@ -188,22 +188,24 @@ ANASTASIS_CRYPTO_key_share_encrypt (
const struct ANASTASIS_CRYPTO_KeyShare *key_share,
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
void **res,
- void *res_size);
+ size_t *res_size);
/**
* Decrypts a keyshare with a key generated with the user identification as
entropy and the salt "eks".
*
- * @param key_share handle for the key share which will be decrypted
+ * @param enc_key_share holds the encrypted share, the first 48 Bytes are the
used nonce and tag
+ * @param size_eks size of encrypted key share
* @param id the user identification which is the entropy source for the key
generation
- * @param data holds the encrypted share, the first 48 Bytes are the used
nonce and iv
- * @param data_size defines the size of the data
+ * @param key_share the result of decryption
+ * @param ks_size size of result
*/
void
ANASTASIS_CRYPTO_key_share_decrypt (
- struct ANASTASIS_CRYPTO_KeyShare *key_share,
+ const void *enc_key_share,
+ const size_t size_eks,
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
- const void *data,
- size_t data_size);
+ void **key_share,
+ size_t *ks_size);
/**
* Encrypts the truth data which contains the hashed answer or the phone
number..
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index c883867..884cebc 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -128,7 +128,7 @@ encrypt (const void *msec,
+ sizeof (struct
ANASTASIS_CRYPTO_Nonce)
+ GCM_TAG_SIZE,
- sizeof (data_size),
+ data_size,
data,
data_size));
GNUNET_assert (0 == gcry_cipher_gettag (cipher,
@@ -282,10 +282,6 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
- GCM_TAG_SIZE;
*res = GNUNET_malloc (*res_size);
decrypt (id, data, data_size, salt, res, res_size);
-
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "PLAINTEXT_AFTER(int): %s\n",
- TALER_B2S (*res));
}
/**
@@ -293,7 +289,7 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
*
* @param key_share the key share which is afterwards encrypted
* @param id the user identification which is the entropy source for the key
generation
- * @param res holds the encrypted share, the first 48 Bytes are the used nonce
and iv
+ * @param res holds the encrypted share, the first 48 Bytes are the used nonce
and tag
* @param res_size defines the size of the data
*/
void
@@ -301,27 +297,38 @@ ANASTASIS_CRYPTO_key_share_encrypt (
const struct ANASTASIS_CRYPTO_KeyShare *key_share,
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
void **res,
- void *res_size)
+ size_t *res_size)
{
-
+ char *salt = "eks";
+ *res_size = sizeof (struct ANASTASIS_CRYPTO_KeyShare)
+ + sizeof (struct ANASTASIS_CRYPTO_Nonce)
+ + GCM_TAG_SIZE;
+ *res = GNUNET_malloc (*res_size);
+ encrypt (id, key_share, sizeof (struct ANASTASIS_CRYPTO_KeyShare), salt, res,
+ res_size);
}
/**
* Decrypts a keyshare with a key generated with the user identification as
entropy and the salt "eks".
*
- * @param key_share handle for the key share which will be decrypted
+ * @param enc_key_share holds the encrypted share, the first 48 Bytes are the
used nonce and tag
+ * @param size_eks size of encrypted key share
* @param id the user identification which is the entropy source for the key
generation
- * @param data holds the encrypted share, the first 48 Bytes are the used
nonce and iv
- * @param data_size defines the size of the data
+ * @param key_share the result of decryption
+ * @param ks_size size of result
*/
void
ANASTASIS_CRYPTO_key_share_decrypt (
- struct ANASTASIS_CRYPTO_KeyShare *key_share,
+ const void *enc_key_share,
+ const size_t eks_size,
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
- const void *data,
- size_t data_size)
+ void **key_share,
+ size_t *ks_size)
{
-
+ char *salt = "eks";
+ *ks_size = sizeof (struct ANASTASIS_CRYPTO_KeyShare);
+ *key_share = GNUNET_malloc (*ks_size);
+ decrypt (id, enc_key_share, eks_size, salt, key_share, ks_size);
}
/**
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c
index 06922b0..dd8eac4 100644
--- a/src/util/test_anastasis_crypto.c
+++ b/src/util/test_anastasis_crypto.c
@@ -87,7 +87,7 @@ test_recovery_document ()
sizeof (struct ANASTASIS_CRYPTO_UserIdentifier));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "PLAINTEXT_BEFORE: %s\n",
+ "ERD_BEFORE: %s\n",
TALER_B2S ("TestTest"));
ANASTASIS_CRYPTO_recovery_document_encrypt (&id,
@@ -102,11 +102,48 @@ test_recovery_document ()
&plaintext,
&size_plaintext);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "PLAINTEXT_AFTER(ext): %s\n",
+ "ERD_AFTER: %s\n",
TALER_B2S (plaintext));
return GNUNET_memcmp ("TestTest", plaintext);
}
+static int
+test_key_share ()
+{
+ void *ciphertext;
+ size_t size_ciphertext;
+ void *plaintext;
+ size_t size_plaintext;
+ struct ANASTASIS_CRYPTO_UserIdentifier id;
+ struct ANASTASIS_CRYPTO_KeyShare key_share;
+
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+ &id,
+ sizeof (struct ANASTASIS_CRYPTO_UserIdentifier));
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+ &key_share,
+ sizeof (struct ANASTASIS_CRYPTO_KeyShare));
+
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "KEYSHARE_BEFORE: %s\n",
+ TALER_B2S (&key_share));
+
+ ANASTASIS_CRYPTO_key_share_encrypt (&key_share,
+ &id,
+ &ciphertext,
+ &size_ciphertext);
+
+ ANASTASIS_CRYPTO_key_share_decrypt (ciphertext,
+ size_ciphertext,
+ &id,
+ &plaintext,
+ &size_plaintext);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "KEYSHARE_AFTER: %s\n",
+ TALER_B2S (plaintext));
+ return GNUNET_memcmp (&key_share, plaintext);
+}
+
int
main (int argc,
const char *const argv[])
@@ -116,6 +153,8 @@ main (int argc,
return 1;
if (0 != test_user_identifier_derive ())
return 1;
+ if (0 != test_key_share ())
+ return 1;
return 0;
--
To stop receiving notification emails like this one, please contact
address@hidden.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: worked on keyshare enc-/decryption,
gnunet <=