[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: challenge lookup
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated: challenge lookup |
|
Date: |
Sun, 03 May 2020 18:44:08 +0200 |
This is an automated email from the git hooks/post-receive script.
ds-meister pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 423c8ae challenge lookup
423c8ae is described below
commit 423c8ae2def3bf8241944f81458835af4f24f881
Author: Dominik Meister <address@hidden>
AuthorDate: Sun May 3 18:44:00 2020 +0200
challenge lookup
---
src/lib/anastasis.c | 295 ++++++++++++++++++++++++++++++++++------------------
1 file changed, 191 insertions(+), 104 deletions(-)
diff --git a/src/lib/anastasis.c b/src/lib/anastasis.c
index f8884e2..e7a2016 100644
--- a/src/lib/anastasis.c
+++ b/src/lib/anastasis.c
@@ -116,6 +116,81 @@ salt_cleanup (struct SaltState *ss)
}
+/**
+ * stores provider URLs, identity key material, decrypted recovery document
(internally!)
+*/
+struct ANASTASIS_Recovery
+{
+ /**
+ * Callback to send back a recovery document with the policies and the
version
+ */
+ ANASTASIS_PolicyCallback pc;
+ /**
+ * closure for the Policy callback
+ */
+ void *pc_cls;
+ /**
+ * Callback to send back the core secret which was saved by anastasis, after
all challenges are completed
+ */
+ ANASTASIS_CoreSecretCallback csc;
+ /**
+ * Closure for the core secret callback
+ */
+ void *csc_cls;
+ /**
+ * Identity key material used for the derivation of keys
+ */
+ struct ANASTASIS_CRYPTO_UserIdentifierP id;
+ /**
+ * Public key for a request
+ */
+ struct ANASTASIS_CRYPTO_AccountPublicKeyP pub_key;
+ /**
+ * Curl context
+ */
+ struct GNUNET_CURL_Context *ctx;
+ /**
+ * Reference to the policy lookup operation which is executed
+ */
+ struct ANASTASIS_PolicyLookupOperation *plo;
+ /**
+ * encrypted recovery document, only used for the decription
+ */
+ void *encrypted_recovery_document;
+ /**
+ * size of the ecrypted recovery document
+ */
+ size_t enc_rec_doc_size;
+ /**
+ * expected http status
+ */
+ unsigned int http_status;
+ /**
+ * expected http status
+ */
+ unsigned int response_code;
+ /**
+ * retrieved encrypted core secret from policy
+ */
+ void *enc_core_secret;
+ /**
+ * size of the core secret
+ */
+ size_t enc_core_secret_size;
+ /**
+ * Available decryption policies, iterated after each successfull challenge
+ */
+ struct ANASTASIS_DecryptionPolicy *dps;
+ /**
+ * Length of available decryption policies
+ */
+ unsigned int dps_len;
+
+ struct ANASTASIS_CRYPTO_SaltP policy_salt;
+ struct ANASTASIS_Challenge *solved_challenges[10];
+ unsigned int solved_challenge_pos;
+};
+
/**
* Challenge struct contains the UUID's needed for the recovery process and a
reference to
* ANASTASIS_Recovery.
@@ -141,7 +216,7 @@ struct ANASTASIS_Challenge
/**
* Reference to the recovery proccess which is ongoing
*/
- struct ANASTASIS_Recovery *r;
+ struct ANASTASIS_Recovery *recovery;
/**
* url to the escrow provider for this challenge
*/
@@ -181,7 +256,19 @@ struct ANASTASIS_Challenge
/**
* Encrypted key share
*/
- struct ANASTASIS_CRYPTO_EncryptedKeyShareP enc_key_share;
+ struct ANASTASIS_CRYPTO_KeyShareP *key_share;
+ /**
+ * Status of the challenge 0 pending, 1 solved
+ */
+ unsigned int solved;
+ /**
+ * Expected http status
+ */
+ unsigned int http_status;
+ /**
+ * Challenge instructions
+ */
+ char *instructions;
};
/**
* Function called with the results of a #ANASTASIS_keyshare_lookup().
@@ -197,8 +284,93 @@ keyshare_lookup_cb (void *cls,
{
struct ANASTASIS_Challenge *c = cls;
c->kslo = NULL;
- memcpy (&c->enc_key_share, dd->encrypted_key_share, sizeof(struct
-
ANASTASIS_CRYPTO_EncryptedKeyShareP));
+ if (http_status != c->http_status)
+ {
+ c->af (c->af_cls,
+ http_status);
+ return;
+ }
+ ANASTASIS_CRYPTO_keyshare_decrypt (dd->encrypted_key_share,
+ &c->recovery->id,
+ &c->key_share);
+ c->recovery->solved_challenges[c->recovery->solved_challenge_pos] = c;
+ c->recovery->solved_challenge_pos++;
+ /**
+ * determines if atleast one policy was completed
+ */
+ unsigned int finished = 0;
+ /**
+ * 0 equals the uuid was not solved 1 it was solved
+ */
+ unsigned int contains = 0;
+ /**
+ * Index of the policy which was completed
+ */
+ unsigned int success;
+
+ for (unsigned int i = 0; i < c->recovery->dps_len; i++)
+ {
+ for (unsigned int j = 0; j < c->recovery->dps[i].uuids_length; j++)
+ {
+ contains = 0;
+ for (unsigned int k = 0; k < c->recovery->solved_challenge_pos; k++)
+ {
+ if (0 == strncmp (c->recovery->dps[i].escrow_uuids[j],
+ c->recovery->solved_challenges[k]->challenge_uuid,
+ sizeof(uuid_t)))
+ {
+ contains = 1;
+ break;
+ }
+ }
+ if (contains == 0)
+ {
+ break;
+ }
+ }
+ if (contains == 1)
+ {
+ finished = 1;
+ success = i;
+ }
+ }
+
+ if (finished == 1)
+ {
+ void *core_secret;
+ size_t core_secret_size;
+ struct ANASTASIS_CRYPTO_KeyShareP
+ key_shares[c->recovery->dps[success].uuids_length];
+ struct ANASTASIS_CRYPTO_PolicyKeyP policy_key;
+ for (unsigned int l = 0; l < c->recovery->dps[success].uuids_length; l++)
+ {
+ for (unsigned int m = 0; m < c->recovery->solved_challenge_pos; m++)
+ {
+ if (0 == strncmp (c->recovery->dps[l].escrow_uuids[m],
+ c->recovery->solved_challenges[m]->challenge_uuid,
+ sizeof(uuid_t)))
+ {
+ key_shares[l] = *c->recovery->solved_challenges[m]->key_share;
+ }
+ }
+ }
+ ANASTASIS_CRYPTO_policy_key_derive (key_shares,
+ c->recovery->dps[success].uuids_length,
+ &c->recovery->policy_salt,
+ &policy_key);
+
+ ANASTASIS_CRYPTO_core_secret_recover (c->recovery->dps[success].emk,
+ policy_key,
+ c->recovery->enc_core_secret,
+ c->recovery->enc_core_secret_size,
+ &core_secret,
+ &core_secret_size);
+ c->recovery->csc (c->recovery->csc_cls,
+ core_secret,
+ core_secret_size);
+ }
+ c->af (c->af_cls,
+ http_status);
}
/**
* Challenge answer from the user like input SMS pin. Is referenced to a
challenge and
@@ -219,13 +391,12 @@ ANASTASIS_challenge_answer (struct ANASTASIS_Challenge *c,
{
c->af = af;
c->af_cls = af_cls;
-// struct ANASTASIS_Recovery *r = c->r;
struct GNUNET_HashCode hashed_answer;
GNUNET_CRYPTO_hash (answer,
answer_size,
&hashed_answer);
- struct ANASTASIS_CRYPTO_KeyShareP *key_share;
+ c->http_status = MHD_HTTP_OK;
c->kslo = ANASTASIS_keyshare_lookup (c->ctx,
c->url,
c->challenge_uuid,
@@ -233,14 +404,6 @@ ANASTASIS_challenge_answer (struct ANASTASIS_Challenge *c,
&hashed_answer,
&keyshare_lookup_cb,
c);
-
-// ANASTASIS_CRYPTO_keyshare_decrypt (&c->enc_key_share,
-// r->id,
-// &key_share);
-
- // r->key_shares[r->key_share_pos] = key_share;
-// r->key_share_pos++;
- return;
}
/**
@@ -256,20 +419,18 @@ ANASTASIS_challenge_run (struct ANASTASIS_Challenge
*challenge,
ANASTASIS_ChallengeCallback cc,
void *cc_cls)
{
-
-}
-
-void
-ANASTASIS_policy_select (struct ANASTASIS_DecryptionPolicy *dp,
- struct ANASTASIS_Recovery *r)
-{
- // r->dp = dp;
- struct ANASTASIS_CRYPTO_KeyShareP key_shares[dp->uuids_length];
-// r->key_shares = key_shares;
- return;
+ struct ANASTASIS_ChallengeInformation *ci;
+ ci = GNUNET_new (struct ANASTASIS_ChallengeInformation);
+ challenge->cc = cc;
+ challenge->cc_cls = cc_cls;
+ ci->method = challenge->escrow_method;
+ ci->url = challenge->url;
+ ci->instructions = challenge->instructions;
+ challenge->cc (challenge->cc_cls,
+ ci,
+ 200);
}
-
/**
* User decides which method is to be used, and wants to pay for the
authentication
* this is only needed if the cost for the authentication is not zero. Opens a
Challenge Payment Callback
@@ -287,81 +448,6 @@ ANASTASIS_challenge_select_to_pay (struct
ANASTASIS_Challenge *challenge,
}
-/**
- * stores provider URLs, identity key material, decrypted recovery document
(internally!)
-*/
-struct ANASTASIS_Recovery
-{
- /**
- * Callback to send back a recovery document with the policies and the
version
- */
- ANASTASIS_PolicyCallback pc;
- /**
- * closure for the Policy callback
- */
- void *pc_cls;
- /**
- * Callback to send back the core secret which was saved by anastasis, after
all challenges are completed
- */
- ANASTASIS_CoreSecretCallback csc;
- /**
- * Closure for the core secret callback
- */
- void *csc_cls;
- /**
- * Identity key material used for the derivation of keys
- */
- struct ANASTASIS_CRYPTO_UserIdentifierP id;
- /**
- * Public key for a request
- */
- struct ANASTASIS_CRYPTO_AccountPublicKeyP pub_key;
- /**
- * Curl context
- */
- struct GNUNET_CURL_Context *ctx;
- /**
- * Reference to the policy lookup operation which is executed
- */
- struct ANASTASIS_PolicyLookupOperation *plo;
- /**
- * encrypted recovery document, only used for the decription
- */
- void *encrypted_recovery_document;
- /**
- * size of the ecrypted recovery document
- */
- size_t enc_rec_doc_size;
- /**
- * expected http status
- */
- unsigned int http_status;
- /**
- * expected http status
- */
- unsigned int response_code;
- /**
- * retrieved encrypted core secret from policy
- */
- void *enc_core_secret;
- /**
- * size of the core secret
- */
- size_t enc_core_secret_size;
- /**
- * Selected decryption policy
- */
- struct ANASTASIS_DecryptionPolicy *dp;
- /**
- * Successfull downloaded keyshares
- */
- struct ANASTASIS_CRYPTO_KeyShareP **key_shares;
- /**
- * Current keyshare position
- */
- unsigned int key_share_pos;
-};
-
/**
* Function called with the results of a ANASTASIS_policy_lookup
*
@@ -430,13 +516,14 @@ ANASTASIS_recovery_begin (const json_t *id_data,
r = GNUNET_new (struct ANASTASIS_Recovery);
struct ANASTASIS_RecoveryInformation *ri;
ri = GNUNET_new (struct ANASTASIS_RecoveryInformation);
+ r->csc = csc;
+ r->csc_cls = csc_cls;
void *plaintext;
size_t size_plaintext;
json_t *recovery_document;
json_error_t json_error;
json_t *dec_policies = json_array ();
json_t *esc_methods = json_array ();
- r->key_share_pos = 0;
r->http_status = MHD_HTTP_OK;
ANASTASIS_CRYPTO_user_identifier_derive (id_data,
salt,
@@ -504,7 +591,7 @@ ANASTASIS_recovery_begin (const json_t *id_data,
"truth_key",cs[i].truth_key,
"salt",cs[i].truth_salt,
"escrow_method", cs[i].escrow_method));
- cs[i].r = r;
+ cs[i].recovery = r;
}
for (unsigned int j = 0; j < ri->dps_len; j++ )
@@ -518,7 +605,7 @@ ANASTASIS_recovery_begin (const json_t *id_data,
"uuids",dps[j].escrow_uuids,
"uuid_length", dps[j].uuids_length));
}
-
+ r->solved_challenge_pos = 0;
// SETUP POLICY CALLBACK
ri->dps = dps;
ri->cs = cs;
--
To stop receiving notification emails like this one, please contact
address@hidden.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: challenge lookup,
gnunet <=