[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: modified keyshare enc/dec
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: modified keyshare enc/dec |
Date: |
Wed, 01 Apr 2020 15:59:29 +0200 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 4ff80e1 modified keyshare enc/dec
4ff80e1 is described below
commit 4ff80e110724a1b5cfe464bdfb1317cd8ead544e
Author: Dennis Neufeld <address@hidden>
AuthorDate: Wed Apr 1 13:52:59 2020 +0000
modified keyshare enc/dec
---
src/include/anastasis_crypto_lib.h | 60 +++++++++++++++++++++++++++-----------
src/util/anastasis_crypto.c | 47 ++++++++++++++++++++---------
src/util/test_anastasis_crypto.c | 16 ++++------
3 files changed, 81 insertions(+), 42 deletions(-)
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index 728fcaf..2be02a7 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -33,6 +33,7 @@ struct ANASTASIS_CRYPTO_AccountPublicKey
struct GNUNET_CRYPTO_EddsaPublicKey pub;
};
+
/**
* An EdDSA private key that is used to identify a user's account.
*/
@@ -41,14 +42,6 @@ struct ANASTASIS_CRYPTO_AccountPrivateKey
struct GNUNET_CRYPTO_EddsaPrivateKey priv;
};
-/**
- * Specifies a Key Share from an escrow provider, the combined keyshares
generate the EscrowMasterKey
- * which is used to decrypt the Secret from the user.
-*/
-struct ANASTASIS_CRYPTO_KeyShare
-{
- uint32_t key[8];
-};
/**
* Specifies a TruthKey which is used to decrypt the Truth stored by the user.
@@ -58,6 +51,7 @@ struct ANASTASIS_CRYPTO_TruthKey
uint32_t key[8];
};
+
/**
* Specifies a Salt value, here 32 Byte large.
*/
@@ -65,6 +59,8 @@ struct ANASTASIS_CRYPTO_Salt
{
uint32_t salt[8];
};
+
+
/**
* Specifies a policy key which is used to decrypt the master key
*/
@@ -82,6 +78,7 @@ struct ANASTASIS_CRYPTO_EncryptedMasterKey
uint32_t key[8];
};
+
/**
* Specifies a Nonce used for the AES encryption, here defined as 32Byte large.
*/
@@ -90,6 +87,7 @@ struct ANASTASIS_CRYPTO_Nonce
uint32_t nonce[8];
};
+
/**
* Specifies an IV used for the AES encryption, here defined as 12Byte large.
*/
@@ -98,6 +96,7 @@ struct ANASTASIS_CRYPTO_Iv
uint32_t iv[3];
};
+
/**
* Specifies an symmetric key used for the AES encryption, here defined as
32Byte large.
*/
@@ -106,6 +105,7 @@ struct ANASTASIS_CRYPTO_SymKey
uint32_t key[8];
};
+
/**
* Specifies an AES Tag used for the AES authentication, here defined as 16
Byte large.
*/
@@ -114,6 +114,28 @@ struct ANASTASIS_CRYPTO_AesTag
uint32_t aes_tag[4];
};
+
+/**
+ * Specifies a Key Share from an escrow provider, the combined keyshares
generate the EscrowMasterKey
+ * which is used to decrypt the Secret from the user.
+*/
+struct ANASTASIS_CRYPTO_KeyShare
+{
+ uint32_t key[8];
+};
+
+
+/**
+ * Specifies an encrypted KeyShare
+*/
+struct ANASTASIS_CRYPTO_EncryptedKeyShare
+{
+ struct ANASTASIS_CRYPTO_Nonce nonce;
+ struct ANASTASIS_CRYPTO_AesTag tag;
+ struct ANASTASIS_CRYPTO_KeyShare keyshare;
+};
+
+
/**
* The escrow master key is the key used to encrypt the user secret
(MasterKey).
*/
@@ -122,6 +144,7 @@ struct ANASTASIS_CRYPTO_EscrowMasterKey
uint32_t key[8];
};
+
/**
* The user identifier consists of user information and the server salt. It is
used as
* entropy source to generate the account public key and the encryption keys.
@@ -131,6 +154,7 @@ struct ANASTASIS_CRYPTO_UserIdentifier
uint32_t hash[8];
};
+
/**
* Creates the UserIdentifier, it is used as entropy source for the encryption
keys and
* for the public and private key for signing the data.
@@ -142,6 +166,7 @@ ANASTASIS_CRYPTO_user_identifier_derive (
const json_t *id_data,
struct ANASTASIS_CRYPTO_UserIdentifier *id);
+
/**
* Generates the eddsa public Key used as the account identifier on the
providers
* @param id holds a hashed user secret which is used as entropy source for
the public key generation
@@ -152,6 +177,7 @@ ANASTASIS_CRYPTO_account_public_key_derive (
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
struct ANASTASIS_CRYPTO_AccountPublicKey *pub_key);
+
/**
* Encrypt and signs the recovery document with AES256, the recovery document
is
* encrypted with a derivation from the user identifier and the salt "erd".
@@ -171,6 +197,7 @@ ANASTASIS_CRYPTO_recovery_document_encrypt (
void **enc_rec_doc,
size_t *erd_size);
+
/**
* Decrypts the recovery document with AES256, the decryption key is generated
with
* the user identifier provided by the user and the salt "erd". The nonce and
IV used for the encryption
@@ -191,37 +218,34 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
void **rec_doc,
size_t *rd_size);
+
/**
* Encrypts a keyshare with a key generated with the user identification as
entropy and the salt "eks".
*
* @param key_share the key share which is afterwards encrypted
* @param id the user identification which is the entropy source for the key
generation
* @param enc_key_share[out] holds the encrypted share, the first 48 Bytes are
the used nonce and tag
- * @param eks_size[out] defines the size of the data
*/
void
ANASTASIS_CRYPTO_key_share_encrypt (
const struct ANASTASIS_CRYPTO_KeyShare *key_share,
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
- void **enc_key_share,
- size_t *eks_size);
+ struct ANASTASIS_CRYPTO_EncryptedKeyShare **enc_key_share);
+
/**
* Decrypts a keyshare with a key generated with the user identification as
entropy and the salt "eks".
*
* @param enc_key_share holds the encrypted share, the first 48 Bytes are the
used nonce and tag
- * @param size_eks size of encrypted key share
* @param id the user identification which is the entropy source for the key
generation
* @param key_share[out] the result of decryption
- * @param ks_size[out] size of result
*/
void
ANASTASIS_CRYPTO_key_share_decrypt (
- const void *enc_key_share,
- const size_t size_eks,
+ const struct ANASTASIS_CRYPTO_EncryptedKeyShare *enc_key_share,
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
- void **key_share,
- size_t *ks_size);
+ struct ANASTASIS_CRYPTO_KeyShare **key_share);
+
/**
* Encrypts the truth data which contains the hashed answer or the phone
number..
@@ -243,6 +267,7 @@ ANASTASIS_CRYPTO_truth_encrypt (
void **enc_truth,
size_t *ect_size);
+
/**
* Decrypts the truth data which contains the hashed answer or the phone
number..
* It is decrypted with AES256, the key is generated with the user
identification as
@@ -316,6 +341,7 @@ ANASTASIS_CRYPTO_core_secret_encrypt (
size_t *enc_core_secret_size,
struct ANASTASIS_CRYPTO_EncryptedMasterKey *encrypted_master_keys);
+
/**
* Decrypts the core secret with the master key. First the master key is
decrypted with the provided policy key.
* Afterwards the core secret is encrypted with the master key. The core
secret is returned.
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index 0b2128e..ab765ee 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -140,6 +140,15 @@ anastasis_encrypt (const void *key,
tag,
sizeof (struct ANASTASIS_CRYPTO_AesTag)));
gcry_cipher_close (cipher);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "NONCE_E: %s\n",
+ TALER_B2S (nonce));
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "TAG_E: %s\n",
+ TALER_B2S (tag));
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "CIPHERTEXT_E: %s\n",
+ TALER_b2s (ciphertext, strlen (ciphertext)));
}
@@ -181,6 +190,15 @@ anastasis_decrypt (const void *key,
nonce = (struct ANASTASIS_CRYPTO_Nonce *) data;
tag = (struct ANASTASIS_CRYPTO_AesTag *) &nonce[1];
ciphertext = (char *) &tag[1];
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "NONCE_D: %s\n",
+ TALER_B2S (nonce));
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "TAG_D: %s\n",
+ TALER_B2S (tag));
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "CIPHERTEXT_D: %s\n",
+ TALER_b2s (ciphertext, strlen (ciphertext)));
get_iv_key (key,
key_len,
nonce,
@@ -355,16 +373,16 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
* @param key_share the key share which is afterwards encrypted
* @param id the user identification which is the entropy source for the key
generation
* @param enc_key_share[out] holds the encrypted share, the first 48 Bytes are
the used nonce and tag
- * @param eks_size[out] defines the size of the data
*/
void
ANASTASIS_CRYPTO_key_share_encrypt (
const struct ANASTASIS_CRYPTO_KeyShare *key_share,
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
- void **enc_key_share,
- size_t *eks_size)
+ struct ANASTASIS_CRYPTO_EncryptedKeyShare **enc_key_share
+ )
{
const char *salt = "eks";
+ size_t eks_size;
/* FIXME: the HKDF (in get_iv_key()) should be able to take additional
bits from the response (e.g. some hash over the answer to the
security question, see 12.6.-> interface EncryptedKeyShare in spec)
@@ -376,8 +394,10 @@ ANASTASIS_CRYPTO_key_share_encrypt (
sizeof (struct
ANASTASIS_CRYPTO_KeyShare),
salt,
- enc_key_share,
- eks_size);
+ (void **) enc_key_share,
+ &eks_size);
+ GNUNET_assert (eks_size == sizeof (struct
+ ANASTASIS_CRYPTO_EncryptedKeyShare));
}
@@ -385,28 +405,27 @@ ANASTASIS_CRYPTO_key_share_encrypt (
* Decrypts a keyshare with a key generated with the user identification as
entropy and the salt "eks".
*
* @param enc_key_share holds the encrypted share, the first 48 Bytes are the
used nonce and tag
- * @param size_eks size of encrypted key share
* @param id the user identification which is the entropy source for the key
generation
* @param key_share[out] the result of decryption
- * @param ks_size[out] size of result
*/
void
ANASTASIS_CRYPTO_key_share_decrypt (
- const void *enc_key_share,
- const size_t eks_size,
+ const struct ANASTASIS_CRYPTO_EncryptedKeyShare *enc_key_share,
const struct ANASTASIS_CRYPTO_UserIdentifier *id,
- void **key_share,
- size_t *ks_size)
+ struct ANASTASIS_CRYPTO_KeyShare **key_share)
{
const char *salt = "eks";
+ size_t ks_size;
anastasis_decrypt (id,
sizeof (struct
ANASTASIS_CRYPTO_UserIdentifier),
enc_key_share,
- eks_size,
+ sizeof (struct
+ ANASTASIS_CRYPTO_EncryptedKeyShare),
salt,
- key_share,
- ks_size);
+ (void **) key_share,
+ &ks_size);
+ GNUNET_assert (ks_size == sizeof (struct ANASTASIS_CRYPTO_KeyShare));
}
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c
index 6be5792..514fd83 100644
--- a/src/util/test_anastasis_crypto.c
+++ b/src/util/test_anastasis_crypto.c
@@ -113,10 +113,8 @@ test_recovery_document (void)
static int
test_key_share (void)
{
- void *ciphertext;
- size_t size_ciphertext;
- void *plaintext;
- size_t size_plaintext;
+ struct ANASTASIS_CRYPTO_EncryptedKeyShare *ciphertext;
+ struct ANASTASIS_CRYPTO_KeyShare *plaintext;
struct ANASTASIS_CRYPTO_UserIdentifier id;
struct ANASTASIS_CRYPTO_KeyShare key_share;
@@ -133,17 +131,13 @@ test_key_share (void)
ANASTASIS_CRYPTO_key_share_encrypt (&key_share,
&id,
- &ciphertext,
- &size_ciphertext);
-
+ &ciphertext);
ANASTASIS_CRYPTO_key_share_decrypt (ciphertext,
- size_ciphertext,
&id,
- &plaintext,
- &size_plaintext);
+ &plaintext);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"KEYSHARE_AFTER: %s\n",
- TALER_b2s (plaintext, size_plaintext));
+ TALER_B2S (plaintext));
return GNUNET_memcmp (&key_share, plaintext);
}
--
To stop receiving notification emails like this one, please contact
address@hidden.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: modified keyshare enc/dec,
gnunet <=