separate RSA modulus from DL modulus; we still need the RSA modulus to generate the...

diff --git a/d0_blind_id.c b/d0_blind_id.c
index c0352cdb5fc21fbec304b0c7d6633d9a5f374ca6..673245525f1211f41a21a143656a0d0609b71d14 100644 (file)
--- a/d0_blind_id.c
+++ b/d0_blind_id.c
@@ -223,28 +223,24 @@ void d0_blind_id_copy(d0_blind_id_t *ctx, const d0_blind_id_t *src)
        // TODO xnbh, msg, msglen?
 }
 
-WARN_UNUSED_RESULT BOOL d0_blind_id_generate_private_keys(d0_blind_id_t *ctx, int k)
+WARN_UNUSED_RESULT BOOL d0_blind_id_generate_private_key(d0_blind_id_t *ctx, int k)
 {
        d0_blind_id_clear(ctx);
-       CHECK_ASSIGN(ctx->schnorr_G, d0_bignum_new());
-       CHECK(d0_dl_generate_key(k, ctx->schnorr_G));
-       CHECK_ASSIGN(ctx->rsa_e, d0_bignum_int(NULL, 65537));
-       CHECK_ASSIGN(ctx->rsa_d, d0_bignum_new());
-       CHECK_ASSIGN(ctx->rsa_n, d0_bignum_new());
+       CHECK_ASSIGN(ctx->rsa_e, d0_bignum_int(ctx->rsa_e, 65537));
+       CHECK_ASSIGN(ctx->rsa_d, d0_bignum_zero(ctx->rsa_d));
+       CHECK_ASSIGN(ctx->rsa_n, d0_bignum_zero(ctx->rsa_n));
        CHECK(d0_rsa_generate_key(k+1, ctx->rsa_e, ctx->rsa_d, ctx->rsa_n)); // must fit G for sure
        return 1;
 fail:
        return 0;
 }
 
-WARN_UNUSED_RESULT BOOL d0_blind_id_read_private_keys(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen)
+WARN_UNUSED_RESULT BOOL d0_blind_id_read_private_key(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen)
 {
        d0_iobuf_t *in = d0_iobuf_open_read(inbuf, inbuflen);
-       d0_blind_id_clear(ctx);
-       CHECK_ASSIGN(ctx->schnorr_G, d0_iobuf_read_bignum(in, NULL));
-       CHECK_ASSIGN(ctx->rsa_n, d0_iobuf_read_bignum(in, NULL));
-       CHECK_ASSIGN(ctx->rsa_e, d0_iobuf_read_bignum(in, NULL));
-       CHECK_ASSIGN(ctx->rsa_d, d0_iobuf_read_bignum(in, NULL));
+       CHECK_ASSIGN(ctx->rsa_n, d0_iobuf_read_bignum(in, ctx->rsa_n));
+       CHECK_ASSIGN(ctx->rsa_e, d0_iobuf_read_bignum(in, ctx->rsa_e));
+       CHECK_ASSIGN(ctx->rsa_d, d0_iobuf_read_bignum(in, ctx->rsa_d));
        return d0_iobuf_close(in, NULL);
 
 fail:
@@ -252,13 +248,11 @@ fail:
        return 0;
 }
 
-WARN_UNUSED_RESULT BOOL d0_blind_id_read_public_keys(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen)
+WARN_UNUSED_RESULT BOOL d0_blind_id_read_public_key(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen)
 {
        d0_iobuf_t *in = d0_iobuf_open_read(inbuf, inbuflen);
-       d0_blind_id_clear(ctx);
-       CHECK_ASSIGN(ctx->schnorr_G, d0_iobuf_read_bignum(in, NULL));
-       CHECK_ASSIGN(ctx->rsa_n, d0_iobuf_read_bignum(in, NULL));
-       CHECK_ASSIGN(ctx->rsa_e, d0_iobuf_read_bignum(in, NULL));
+       CHECK_ASSIGN(ctx->rsa_n, d0_iobuf_read_bignum(in, ctx->rsa_n));
+       CHECK_ASSIGN(ctx->rsa_e, d0_iobuf_read_bignum(in, ctx->rsa_e));
        return d0_iobuf_close(in, NULL);
 
 fail:
@@ -269,14 +263,13 @@ fail:
 #define USING(x) if(!(ctx->x)) return 0
 #define REPLACING(x)
 
-WARN_UNUSED_RESULT BOOL d0_blind_id_write_private_keys(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen)
+WARN_UNUSED_RESULT BOOL d0_blind_id_write_private_key(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen)
 {
        d0_iobuf_t *out;
 
        USING(rsa_n); USING(rsa_e); USING(rsa_d);
 
        out = d0_iobuf_open_write(outbuf, *outbuflen);
-       CHECK(d0_iobuf_write_bignum(out, ctx->schnorr_G));
        CHECK(d0_iobuf_write_bignum(out, ctx->rsa_n));
        CHECK(d0_iobuf_write_bignum(out, ctx->rsa_e));
        CHECK(d0_iobuf_write_bignum(out, ctx->rsa_d));
@@ -287,14 +280,13 @@ fail:
        return 0;
 }
 
-WARN_UNUSED_RESULT BOOL d0_blind_id_write_public_keys(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen)
+WARN_UNUSED_RESULT BOOL d0_blind_id_write_public_key(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen)
 {
        d0_iobuf_t *out;
 
-       USING(rsa_n); USING(rsa_e); USING(rsa_d);
+       USING(rsa_n); USING(rsa_e);
 
        out = d0_iobuf_open_write(outbuf, *outbuflen);
-       CHECK(d0_iobuf_write_bignum(out, ctx->schnorr_G));
        CHECK(d0_iobuf_write_bignum(out, ctx->rsa_n));
        CHECK(d0_iobuf_write_bignum(out, ctx->rsa_e));
        return d0_iobuf_close(out, outbuflen);
@@ -305,6 +297,44 @@ fail:
        return 0;
 }
 
+WARN_UNUSED_RESULT BOOL d0_blind_id_generate_private_id_modulus(d0_blind_id_t *ctx)
+{
+       USING(rsa_n);
+       REPLACING(schnorr_G);
+
+       CHECK_ASSIGN(ctx->schnorr_G, d0_bignum_zero(ctx->schnorr_G));
+       CHECK(d0_dl_generate_key(d0_bignum_size(ctx->rsa_n)-1, ctx->schnorr_G));
+       return 1;
+fail:
+       return 0;
+}
+
+WARN_UNUSED_RESULT BOOL d0_blind_id_read_private_id_modulus(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen)
+{
+       d0_iobuf_t *in = d0_iobuf_open_read(inbuf, inbuflen);
+       CHECK_ASSIGN(ctx->schnorr_G, d0_iobuf_read_bignum(in, ctx->schnorr_G));
+       return d0_iobuf_close(in, NULL);
+
+fail:
+       d0_iobuf_close(in, NULL);
+       return 0;
+}
+
+WARN_UNUSED_RESULT BOOL d0_blind_id_write_private_id_modulus(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen)
+{
+       d0_iobuf_t *out;
+
+       USING(schnorr_G);
+
+       out = d0_iobuf_open_write(outbuf, *outbuflen);
+       CHECK(d0_iobuf_write_bignum(out, ctx->schnorr_G));
+       return d0_iobuf_close(out, outbuflen);
+
+fail:
+       d0_iobuf_close(out, outbuflen);
+       return 0;
+}
+
 WARN_UNUSED_RESULT BOOL d0_blind_id_generate_private_id_start(d0_blind_id_t *ctx)
 {
        // temps: temp0 order
@@ -461,7 +491,7 @@ fail:
        return 0;
 }
 
-WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_start(d0_blind_id_t *ctx, int is_first, char *msg, size_t msglen, char *outbuf, size_t *outbuflen)
+WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_start(d0_blind_id_t *ctx, BOOL is_first, BOOL send_modulus, char *msg, size_t msglen, char *outbuf, size_t *outbuflen)
 // start =
 //   first run: send 4^s, 4^s signature
 //   1. get random r, send HASH(4^r)
@@ -483,6 +513,8 @@ WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_start(d0_blind_
        if(is_first)
        {
                // send ID
+               if(send_modulus)
+                       CHECK(d0_iobuf_write_bignum(out, ctx->schnorr_G));
                CHECK(d0_iobuf_write_bignum(out, ctx->schnorr_4_to_s));
                CHECK(d0_iobuf_write_bignum(out, ctx->schnorr_4_to_s_signature));
        }
@@ -510,7 +542,7 @@ fail:
        return 0;
 }
 
-WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_challenge(d0_blind_id_t *ctx, int is_first, const char *inbuf, size_t inbuflen, char *outbuf, size_t *outbuflen, BOOL *status)
+WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_challenge(d0_blind_id_t *ctx, BOOL is_first, BOOL recv_modulus, const char *inbuf, size_t inbuflen, char *outbuf, size_t *outbuflen, BOOL *status)
 //   first run: get 4^s, 4^s signature
 //   1. check sig
 //   2. save HASH(4^r)
@@ -522,11 +554,14 @@ WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_challenge(d0_bl
        if(is_first)
        {
                REPLACING(schnorr_4_to_s); REPLACING(k); REPLACING(schnorr_4_to_s_signature);
-               USING(schnorr_G); USING(rsa_n);
+               USING(rsa_n);
+               if(!recv_modulus)
+                       USING(schnorr_G);
        }
        else
        {
                USING(schnorr_4_to_s_signature); USING(schnorr_4_to_s);
+               USING(schnorr_G);
        }
        USING(rsa_e); USING(rsa_n);
        REPLACING(e); REPLACING(msg); REPLACING(msglen);
@@ -536,8 +571,14 @@ WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_challenge(d0_bl
 
        if(is_first)
        {
-               CHECK_ASSIGN(ctx->schnorr_4_to_s, d0_iobuf_read_bignum(in, NULL));
-               CHECK(d0_bignum_cmp(ctx->schnorr_4_to_s, zero) >= 0);
+               if(recv_modulus)
+               {
+                       CHECK_ASSIGN(ctx->schnorr_G, d0_iobuf_read_bignum(in, ctx->schnorr_G));
+                       CHECK(d0_bignum_cmp(ctx->schnorr_G, zero) > 0);
+                       CHECK(d0_bignum_cmp(ctx->schnorr_G, ctx->rsa_n) < 0);
+               }
+               CHECK_ASSIGN(ctx->schnorr_4_to_s, d0_iobuf_read_bignum(in, ctx->schnorr_4_to_s));
+               CHECK(d0_bignum_cmp(ctx->schnorr_4_to_s, zero) > 0);
                CHECK(d0_bignum_cmp(ctx->schnorr_4_to_s, ctx->schnorr_G) < 0);
                CHECK_ASSIGN(ctx->schnorr_4_to_s_signature, d0_iobuf_read_bignum(in, ctx->schnorr_4_to_s_signature));
                CHECK(d0_bignum_cmp(ctx->schnorr_4_to_s_signature, zero) >= 0);

diff --git a/d0_blind_id.h b/d0_blind_id.h
index a7ae46ec9e1c01a866fdb596a5be60b077e8ab69..e962a476d53c6cb31e3c87909be6d5876b94b5e4 100644 (file)
--- a/d0_blind_id.h
+++ b/d0_blind_id.h
@@ -9,12 +9,15 @@ EXPORT WARN_UNUSED_RESULT d0_blind_id_t *d0_blind_id_new(void);
 EXPORT void d0_blind_id_free(d0_blind_id_t *a);
 EXPORT void d0_blind_id_clear(d0_blind_id_t *ctx);
 EXPORT void d0_blind_id_copy(d0_blind_id_t *ctx, const d0_blind_id_t *src);
-EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_generate_private_keys(d0_blind_id_t *ctx, int k);
-EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_read_private_keys(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen);
-EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_read_public_keys(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen);
-EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_write_private_keys(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);
-EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_write_public_keys(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);
-EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_generate_private_id_start(d0_blind_id_t *ctx);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_generate_private_key(d0_blind_id_t *ctx, int k);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_read_private_key(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_read_public_key(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_write_private_key(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_write_public_key(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_generate_private_id_modulus(d0_blind_id_t *ctx);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_read_private_id_modulus(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_write_private_id_modulus(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_generate_private_id_start(d0_blind_id_t *ctx); // generates a modulus if necessary
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_generate_private_id_request(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_answer_private_id_request(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen, char *outbuf, size_t *outbuflen);
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_finish_private_id_request(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen);
@@ -22,8 +25,8 @@ EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_read_private_id(d0_blind_id_t *ctx, c
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_read_public_id(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen);
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_write_private_id(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_write_public_id(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);
-EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_start(d0_blind_id_t *ctx, int is_first, char *message, size_t msglen, char *outbuf, size_t *outbuflen);
-EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_challenge(d0_blind_id_t *ctx, int is_first, const char *inbuf, size_t inbuflen, char *outbuf, size_t *outbuflen, BOOL *status);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_start(d0_blind_id_t *ctx, BOOL is_first, BOOL send_modulus, char *message, size_t msglen, char *outbuf, size_t *outbuflen);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_challenge(d0_blind_id_t *ctx, BOOL is_first, BOOL recv_modulus, const char *inbuf, size_t inbuflen, char *outbuf, size_t *outbuflen, BOOL *status);
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_response(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen, char *outbuf, size_t *outbuflen);
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_verify(d0_blind_id_t *ctx, const char *inbuf, size_t inbuflen, char *msg, ssize_t *msglen, BOOL *status);
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_fingerprint64_public_id(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);

diff --git a/main.c b/main.c
index 50197e6e4cfb919a0edc98b41c6d25de383fd5b7..5da16d066629c4bdfdd085e38f8ef66288f1691d 100644 (file)
--- a/main.c
+++ b/main.c
@@ -53,13 +53,24 @@ int main(int argc, char **argv)
        ctx_self = d0_blind_id_new();
        ctx_other = d0_blind_id_new();
 
-       if(!d0_blind_id_generate_private_keys(ctx_self, 1024))
+       printf("keygen RSA...\n");
+       if(!d0_blind_id_generate_private_key(ctx_self, 1024))
                errx(1, "keygen fail");
-       bufsize = sizeof(buf); if(!d0_blind_id_write_public_keys(ctx_self, buf, &bufsize))
+       bufsize = sizeof(buf); if(!d0_blind_id_write_public_key(ctx_self, buf, &bufsize))
                errx(2, "writepub fail");
-       if(!d0_blind_id_read_public_keys(ctx_other, buf, bufsize))
+       if(!d0_blind_id_read_public_key(ctx_other, buf, bufsize))
                errx(3, "readpub fail");
 
+       printf("keygen modulus...\n");
+       if(!d0_blind_id_generate_private_id_modulus(ctx_other))
+               errx(1, "keygen fail");
+       /*
+       bufsize = sizeof(buf); if(!d0_blind_id_write_private_id_modulus(ctx_other, buf, &bufsize))
+               errx(2, "writepub fail");
+       if(!d0_blind_id_read_private_id_modulus(ctx_self, buf, bufsize))
+               errx(3, "readpub fail");
+       */
+
        signal(SIGINT, mysignal);
 
        int n = 0;
@@ -100,10 +111,10 @@ int main(int argc, char **argv)
        while(!quit)
        {
                bench(&bench_auth);
-               bufsize = sizeof(buf); if(!d0_blind_id_authenticate_with_private_id_start(ctx_other, 1, "hello world", 11, buf, &bufsize))
+               bufsize = sizeof(buf); if(!d0_blind_id_authenticate_with_private_id_start(ctx_other, 1, 1, "hello world", 11, buf, &bufsize))
                        errx(9, "start fail");
                bench(&bench_chall);
-               buf2size = sizeof(buf2); if(!d0_blind_id_authenticate_with_private_id_challenge(ctx_self, 1, buf, bufsize, buf2, &buf2size, NULL))
+               buf2size = sizeof(buf2); if(!d0_blind_id_authenticate_with_private_id_challenge(ctx_self, 1, 1, buf, bufsize, buf2, &buf2size, NULL))
                        errx(10, "challenge fail");
                bench(&bench_resp);
                bufsize = sizeof(buf); if(!d0_blind_id_authenticate_with_private_id_response(ctx_other, buf2, buf2size, buf, &bufsize))