2 This file is part of GNUnet.
3 Copyright (C) 2013, 2014, 2017 GNUnet e.V.
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
21 * @file scalarproduct/gnunet-service-scalarproduct_alice.c
22 * @brief scalarproduct service implementation
23 * @author Christian M. Fuchs
24 * @author Christian Grothoff
29 #include "gnunet_util_lib.h"
30 #include "gnunet_core_service.h"
31 #include "gnunet_cadet_service.h"
32 #include "gnunet_applications.h"
33 #include "gnunet_protocols.h"
34 #include "gnunet_scalarproduct_service.h"
35 #include "gnunet_set_service.h"
36 #include "scalarproduct.h"
37 #include "gnunet-service-scalarproduct.h"
39 #define LOG(kind,...) GNUNET_log_from (kind, "scalarproduct-alice", __VA_ARGS__)
42 * An encrypted element key-value pair.
47 * Key used to identify matching pairs of values to multiply.
48 * Points into an existing data structure, to avoid copying
49 * and doubling memory use.
51 const struct GNUNET_HashCode *key;
54 * Value represented (a).
61 * A scalarproduct session which tracks
62 * a request form the client to our final response.
64 struct AliceServiceSession
68 * (hopefully) unique transaction ID
70 struct GNUNET_HashCode session_id;
73 * Alice or Bob's peerID
75 struct GNUNET_PeerIdentity peer;
78 * The client this request is related to.
80 struct GNUNET_SERVICE_Client *client;
83 * The message queue for the client.
85 struct GNUNET_MQ_Handle *client_mq;
88 * The message queue for CADET.
90 struct GNUNET_MQ_Handle *cadet_mq;
93 * all non-0-value'd elements transmitted to us.
94 * Values are of type `struct GNUNET_SCALARPRODUCT_Element *`
96 struct GNUNET_CONTAINER_MultiHashMap *intersected_elements;
99 * Set of elements for which will conduction an intersection.
100 * the resulting elements are then used for computing the scalar product.
102 struct GNUNET_SET_Handle *intersection_set;
105 * Set of elements for which will conduction an intersection.
106 * the resulting elements are then used for computing the scalar product.
108 struct GNUNET_SET_OperationHandle *intersection_op;
111 * Handle to Alice's Intersection operation listening for Bob
113 struct GNUNET_SET_ListenHandle *intersection_listen;
116 * channel-handle associated with our cadet handle
118 struct GNUNET_CADET_Channel *channel;
121 * a(Alice), sorted array by key of length @e used_element_count.
123 struct MpiElement *sorted_elements;
126 * Bob's permutation p of R
128 struct GNUNET_CRYPTO_PaillierCiphertext *r;
131 * Bob's permutation q of R
133 struct GNUNET_CRYPTO_PaillierCiphertext *r_prime;
138 struct GNUNET_CRYPTO_PaillierCiphertext s;
143 struct GNUNET_CRYPTO_PaillierCiphertext s_prime;
146 * The computed scalar
151 * How many elements we were supplied with from the client (total
152 * count before intersection).
157 * How many elements actually are used for the scalar product.
158 * Size of the arrays in @e r and @e r_prime. Sometimes also
159 * reset to 0 and used as a counter!
161 uint32_t used_element_count;
164 * Already transferred elements from client to us.
165 * Less or equal than @e total.
167 uint32_t client_received_element_count;
170 * Already transferred elements from Bob to us.
171 * Less or equal than @e total.
173 uint32_t cadet_received_element_count;
176 * State of this session. In
177 * #GNUNET_SCALARPRODUCT_STATUS_ACTIVE while operation is
178 * ongoing, afterwards in #GNUNET_SCALARPRODUCT_STATUS_SUCCESS or
179 * #GNUNET_SCALARPRODUCT_STATUS_FAILURE.
181 enum GNUNET_SCALARPRODUCT_ResponseStatus status;
184 * Flag to prevent recursive calls to #destroy_service_session() from
193 * GNUnet configuration handle
195 static const struct GNUNET_CONFIGURATION_Handle *cfg;
198 * Service's own public key
200 static struct GNUNET_CRYPTO_PaillierPublicKey my_pubkey;
203 * Service's own private key
205 static struct GNUNET_CRYPTO_PaillierPrivateKey my_privkey;
208 * Service's offset for values that could possibly be negative but are plaintext for encryption.
210 static gcry_mpi_t my_offset;
213 * Handle to the CADET service.
215 static struct GNUNET_CADET_Handle *my_cadet;
219 * Iterator called to free elements.
221 * @param cls the `struct AliceServiceSession *` (unused)
222 * @param key the key (unused)
223 * @param value value to free
224 * @return #GNUNET_OK (continue to iterate)
227 free_element_cb (void *cls,
228 const struct GNUNET_HashCode *key,
231 struct GNUNET_SCALARPRODUCT_Element *e = value;
239 * Destroy session state, we are done with it.
241 * @param s the session to free elements from
244 destroy_service_session (struct AliceServiceSession *s)
246 if (GNUNET_YES == s->in_destroy)
248 s->in_destroy = GNUNET_YES;
249 if (NULL != s->client)
251 struct GNUNET_SERVICE_Client *c = s->client;
254 GNUNET_SERVICE_client_drop (c);
256 if (NULL != s->channel)
258 GNUNET_CADET_channel_destroy (s->channel);
261 if (NULL != s->intersected_elements)
263 GNUNET_CONTAINER_multihashmap_iterate (s->intersected_elements,
266 GNUNET_CONTAINER_multihashmap_destroy (s->intersected_elements);
267 s->intersected_elements = NULL;
269 if (NULL != s->intersection_listen)
271 GNUNET_SET_listen_cancel (s->intersection_listen);
272 s->intersection_listen = NULL;
274 if (NULL != s->intersection_op)
276 GNUNET_SET_operation_cancel (s->intersection_op);
277 s->intersection_op = NULL;
279 if (NULL != s->intersection_set)
281 GNUNET_SET_destroy (s->intersection_set);
282 s->intersection_set = NULL;
284 if (NULL != s->sorted_elements)
286 for (unsigned int i=0;i<s->used_element_count;i++)
287 gcry_mpi_release (s->sorted_elements[i].value);
288 GNUNET_free (s->sorted_elements);
289 s->sorted_elements = NULL;
296 if (NULL != s->r_prime)
298 GNUNET_free (s->r_prime);
301 if (NULL != s->product)
303 gcry_mpi_release (s->product);
311 * Notify the client that the session has failed. A message gets sent
312 * to Alice's client if we encountered any error.
314 * @param session the associated client session to fail or succeed
317 prepare_client_end_notification (struct AliceServiceSession *session)
319 struct ClientResponseMessage *msg;
320 struct GNUNET_MQ_Envelope *e;
322 if (NULL == session->client_mq)
323 return; /* no client left to be notified */
324 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
325 "Sending session-end notification with status %d to client for session %s\n",
327 GNUNET_h2s (&session->session_id));
328 e = GNUNET_MQ_msg (msg,
329 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_RESULT);
330 msg->product_length = htonl (0);
331 msg->status = htonl (session->status);
332 GNUNET_MQ_send (session->client_mq,
338 * Prepare the final (positive) response we will send to Alice's
341 * @param s the session associated with our client.
344 transmit_client_response (struct AliceServiceSession *s)
346 struct ClientResponseMessage *msg;
347 struct GNUNET_MQ_Envelope *e;
348 unsigned char *product_exported = NULL;
349 size_t product_length = 0;
355 if (NULL == s->product)
358 prepare_client_end_notification (s);
361 value = gcry_mpi_new (0);
362 sign = gcry_mpi_cmp_ui (s->product, 0);
373 gcry_mpi_add (value, value, s->product);
377 /* result is exactly zero */
380 gcry_mpi_release (s->product);
384 (0 != (rc = gcry_mpi_aprint (GCRYMPI_FMT_STD,
389 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
392 prepare_client_end_notification (s);
395 gcry_mpi_release (value);
396 e = GNUNET_MQ_msg_extra (msg,
398 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_RESULT);
399 msg->status = htonl (GNUNET_SCALARPRODUCT_STATUS_SUCCESS);
400 msg->range = htonl (range);
401 msg->product_length = htonl (product_length);
402 if (NULL != product_exported)
404 GNUNET_memcpy (&msg[1],
407 GNUNET_free (product_exported);
409 GNUNET_MQ_send (s->client_mq,
411 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
412 "Sent result to client, session %s has ended!\n",
413 GNUNET_h2s (&s->session_id));
419 * Function called whenever a channel is destroyed. Should clean up
420 * any associated state.
422 * It must NOT call #GNUNET_CADET_channel_destroy() on the channel.
424 * @param cls our `struct AliceServiceSession`
425 * @param channel connection to the other end (henceforth invalid)
428 cb_channel_destruction (void *cls,
429 const struct GNUNET_CADET_Channel *channel)
431 struct AliceServiceSession *s = cls;
433 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
434 "Peer disconnected, terminating session %s with peer %s\n",
435 GNUNET_h2s (&s->session_id),
436 GNUNET_i2s (&s->peer));
437 if (GNUNET_SCALARPRODUCT_STATUS_ACTIVE == s->status)
439 /* We didn't get an answer yet, fail with error */
440 s->status = GNUNET_SCALARPRODUCT_STATUS_FAILURE;
441 prepare_client_end_notification (s);
448 * Computes the square sum over a vector of a given length.
450 * @param vector the vector to compute over
451 * @param length the length of the vector
452 * @return an MPI value containing the calculated sum, never NULL
455 compute_square_sum_mpi_elements (const struct MpiElement *vector,
462 GNUNET_assert (NULL != (sum = gcry_mpi_new (0)));
463 GNUNET_assert (NULL != (elem = gcry_mpi_new (0)));
464 for (i = 0; i < length; i++)
466 gcry_mpi_mul (elem, vector[i].value, vector[i].value);
467 gcry_mpi_add (sum, sum, elem);
469 gcry_mpi_release (elem);
475 * Computes the square sum over a vector of a given length.
477 * @param vector the vector to compute over
478 * @param length the length of the vector
479 * @return an MPI value containing the calculated sum, never NULL
482 compute_square_sum (const gcry_mpi_t *vector,
489 GNUNET_assert (NULL != (sum = gcry_mpi_new (0)));
490 GNUNET_assert (NULL != (elem = gcry_mpi_new (0)));
491 for (i = 0; i < length; i++)
493 gcry_mpi_mul (elem, vector[i], vector[i]);
494 gcry_mpi_add (sum, sum, elem);
496 gcry_mpi_release (elem);
502 * Compute our scalar product, done by Alice
504 * @param session the session associated with this computation
505 * @return product as MPI, never NULL
508 compute_scalar_product (struct AliceServiceSession *session)
517 gcry_mpi_t r[session->used_element_count];
518 gcry_mpi_t r_prime[session->used_element_count];
523 count = session->used_element_count;
524 // due to the introduced static offset S, we now also have to remove this
525 // from the E(a_pi)(+)E(-b_pi-r_pi) and E(a_qi)(+)E(-r_qi) twice each,
526 // the result is E((S + a_pi) + (S -b_pi-r_pi)) and E(S + a_qi + S - r_qi)
527 for (i = 0; i < count; i++)
529 r[i] = gcry_mpi_new (0);
530 GNUNET_CRYPTO_paillier_decrypt (&my_privkey,
540 r_prime[i] = gcry_mpi_new (0);
541 GNUNET_CRYPTO_paillier_decrypt (&my_privkey,
543 &session->r_prime[i],
545 gcry_mpi_sub (r_prime[i],
548 gcry_mpi_sub (r_prime[i],
553 // calculate t = sum(ai)
554 t = compute_square_sum_mpi_elements (session->sorted_elements,
557 u = gcry_mpi_new (0);
558 tmp = compute_square_sum (r, count);
559 gcry_mpi_sub (u, u, tmp);
560 gcry_mpi_release (tmp);
563 u_prime = gcry_mpi_new (0);
564 tmp = compute_square_sum (r_prime, count);
565 gcry_mpi_sub (u_prime, u_prime, tmp);
567 GNUNET_assert (p = gcry_mpi_new (0));
568 GNUNET_assert (p_prime = gcry_mpi_new (0));
569 GNUNET_assert (s = gcry_mpi_new (0));
570 GNUNET_assert (s_prime = gcry_mpi_new (0));
573 GNUNET_CRYPTO_paillier_decrypt (&my_privkey,
577 GNUNET_CRYPTO_paillier_decrypt (&my_privkey,
583 gcry_mpi_add (p, s, t);
584 gcry_mpi_add (p, p, u);
587 gcry_mpi_add (p_prime, s_prime, t);
588 gcry_mpi_add (p_prime, p_prime, u_prime);
590 gcry_mpi_release (t);
591 gcry_mpi_release (u);
592 gcry_mpi_release (u_prime);
593 gcry_mpi_release (s);
594 gcry_mpi_release (s_prime);
597 gcry_mpi_sub (p, p, p_prime);
598 gcry_mpi_release (p_prime);
599 tmp = gcry_mpi_set_ui (tmp, 2);
600 gcry_mpi_div (p, NULL, p, tmp, 0);
602 gcry_mpi_release (tmp);
603 for (i = 0; i < count; i++)
605 gcry_mpi_release (session->sorted_elements[i].value);
606 gcry_mpi_release (r[i]);
607 gcry_mpi_release (r_prime[i]);
609 GNUNET_free (session->sorted_elements);
610 session->sorted_elements = NULL;
611 GNUNET_free (session->r);
613 GNUNET_free (session->r_prime);
614 session->r_prime = NULL;
621 * Check a multipart chunk of a response we got from another service
622 * we wanted to calculate a scalarproduct with.
624 * @param cls the `struct AliceServiceSession`
625 * @param msg the actual message
626 * @return #GNUNET_OK to keep the connection open,
627 * #GNUNET_SYSERR to close it (signal serious error)
630 check_bobs_cryptodata_multipart (void *cls,
631 const struct BobCryptodataMultipartMessage *msg)
633 struct AliceServiceSession *s = cls;
636 size_t required_size;
638 msg_size = ntohs (msg->header.size);
639 contained = ntohl (msg->contained_element_count);
640 required_size = sizeof (struct BobCryptodataMultipartMessage)
641 + 2 * contained * sizeof (struct GNUNET_CRYPTO_PaillierCiphertext);
642 if ( (required_size != msg_size) ||
643 (s->cadet_received_element_count + contained > s->used_element_count) )
646 return GNUNET_SYSERR;
652 * Handle a multipart chunk of a response we got from another service
653 * we wanted to calculate a scalarproduct with.
655 * @param cls the `struct AliceServiceSession`
656 * @param msg the actual message
659 handle_bobs_cryptodata_multipart (void *cls,
660 const struct BobCryptodataMultipartMessage *msg)
662 struct AliceServiceSession *s = cls;
663 const struct GNUNET_CRYPTO_PaillierCiphertext *payload;
667 contained = ntohl (msg->contained_element_count);
668 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
669 "Received %u additional crypto values from Bob\n",
670 (unsigned int) contained);
672 payload = (const struct GNUNET_CRYPTO_PaillierCiphertext *) &msg[1];
673 /* Convert each k[][perm] to its MPI_value */
674 for (i = 0; i < contained; i++)
676 GNUNET_memcpy (&s->r[s->cadet_received_element_count + i],
678 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
679 GNUNET_memcpy (&s->r_prime[s->cadet_received_element_count + i],
681 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
683 s->cadet_received_element_count += contained;
684 GNUNET_CADET_receive_done (s->channel);
685 if (s->cadet_received_element_count != s->used_element_count)
686 return; /* more to come */
688 s->product = compute_scalar_product (s);
689 transmit_client_response (s);
694 * Check a response we got from another service we wanted to
695 * calculate a scalarproduct with.
697 * @param cls our `struct AliceServiceSession`
698 * @param message the actual message
699 * @return #GNUNET_OK to keep the connection open,
700 * #GNUNET_SYSERR to close it (we are done)
703 check_bobs_cryptodata_message (void *cls,
704 const struct BobCryptodataMessage *msg)
706 struct AliceServiceSession *s = cls;
709 size_t required_size;
711 msg_size = ntohs (msg->header.size);
712 contained = ntohl (msg->contained_element_count);
713 required_size = sizeof (struct BobCryptodataMessage)
714 + 2 * contained * sizeof (struct GNUNET_CRYPTO_PaillierCiphertext)
715 + 2 * sizeof (struct GNUNET_CRYPTO_PaillierCiphertext);
716 if ( (msg_size != required_size) ||
717 (contained > UINT16_MAX) ||
718 (s->used_element_count < contained) )
721 return GNUNET_SYSERR;
723 if (NULL == s->sorted_elements)
725 /* we're not ready yet, how can Bob be? */
727 return GNUNET_SYSERR;
729 if (s->total != s->client_received_element_count)
731 /* we're not ready yet, how can Bob be? */
733 return GNUNET_SYSERR;
740 * Handle a response we got from another service we wanted to
741 * calculate a scalarproduct with.
743 * @param cls our `struct AliceServiceSession`
744 * @param msg the actual message
747 handle_bobs_cryptodata_message (void *cls,
748 const struct BobCryptodataMessage *msg)
750 struct AliceServiceSession *s = cls;
751 const struct GNUNET_CRYPTO_PaillierCiphertext *payload;
755 contained = ntohl (msg->contained_element_count);
756 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
757 "Received %u crypto values from Bob\n",
758 (unsigned int) contained);
759 payload = (const struct GNUNET_CRYPTO_PaillierCiphertext *) &msg[1];
760 GNUNET_memcpy (&s->s,
762 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
763 GNUNET_memcpy (&s->s_prime,
765 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
766 payload = &payload[2];
768 s->r = GNUNET_new_array (s->used_element_count,
769 struct GNUNET_CRYPTO_PaillierCiphertext);
770 s->r_prime = GNUNET_new_array (s->used_element_count,
771 struct GNUNET_CRYPTO_PaillierCiphertext);
772 for (i = 0; i < contained; i++)
774 GNUNET_memcpy (&s->r[i],
776 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
777 GNUNET_memcpy (&s->r_prime[i],
779 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
781 s->cadet_received_element_count = contained;
782 GNUNET_CADET_receive_done (s->channel);
784 if (s->cadet_received_element_count != s->used_element_count)
789 s->product = compute_scalar_product (s);
790 transmit_client_response (s);
795 * Iterator to copy over messages from the hash map
796 * into an array for sorting.
798 * @param cls the `struct AliceServiceSession *`
799 * @param key the key (unused)
800 * @param value the `struct GNUNET_SCALARPRODUCT_Element *`
803 copy_element_cb (void *cls,
804 const struct GNUNET_HashCode *key,
807 struct AliceServiceSession *s = cls;
808 struct GNUNET_SCALARPRODUCT_Element *e = value;
812 mval = gcry_mpi_new (0);
813 val = (int64_t) GNUNET_ntohll (e->value);
815 gcry_mpi_sub_ui (mval, mval, -val);
817 gcry_mpi_add_ui (mval, mval, val);
818 s->sorted_elements [s->used_element_count].value = mval;
819 s->sorted_elements [s->used_element_count].key = &e->key;
820 s->used_element_count++;
826 * Compare two `struct MpiValue`s by key for sorting.
828 * @param a pointer to first `struct MpiValue *`
829 * @param b pointer to first `struct MpiValue *`
830 * @return -1 for a < b, 0 for a=b, 1 for a > b.
833 element_cmp (const void *a,
836 const struct MpiElement *ma = a;
837 const struct MpiElement *mb = b;
839 return GNUNET_CRYPTO_hash_cmp (ma->key,
845 * Maximum number of elements we can put into a single cryptodata
848 #define ELEMENT_CAPACITY ((GNUNET_CONSTANTS_MAX_CADET_MESSAGE_SIZE - 1 - sizeof (struct AliceCryptodataMessage)) / sizeof (struct GNUNET_CRYPTO_PaillierCiphertext))
852 * Send the cryptographic data from Alice to Bob.
853 * Does nothing if we already transferred all elements.
855 * @param s the associated service session
858 send_alices_cryptodata_message (struct AliceServiceSession *s)
860 struct AliceCryptodataMessage *msg;
861 struct GNUNET_MQ_Envelope *e;
862 struct GNUNET_CRYPTO_PaillierCiphertext *payload;
869 = GNUNET_malloc (GNUNET_CONTAINER_multihashmap_size (s->intersected_elements) *
870 sizeof (struct MpiElement));
871 s->used_element_count = 0;
872 GNUNET_CONTAINER_multihashmap_iterate (s->intersected_elements,
875 LOG (GNUNET_ERROR_TYPE_DEBUG,
876 "Finished intersection, %d items remain\n",
877 s->used_element_count);
878 qsort (s->sorted_elements,
879 s->used_element_count,
880 sizeof (struct MpiElement),
883 while (off < s->used_element_count)
885 todo_count = s->used_element_count - off;
886 if (todo_count > ELEMENT_CAPACITY)
887 todo_count = ELEMENT_CAPACITY;
888 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
889 "Sending %u/%u crypto values to Bob\n",
890 (unsigned int) todo_count,
891 (unsigned int) s->used_element_count);
893 e = GNUNET_MQ_msg_extra (msg,
894 todo_count * sizeof (struct GNUNET_CRYPTO_PaillierCiphertext),
895 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_ALICE_CRYPTODATA);
896 msg->contained_element_count = htonl (todo_count);
897 payload = (struct GNUNET_CRYPTO_PaillierCiphertext *) &msg[1];
898 a = gcry_mpi_new (0);
899 for (i = off; i < off + todo_count; i++)
902 s->sorted_elements[i].value,
905 GNUNET_CRYPTO_paillier_encrypt (&my_pubkey,
910 gcry_mpi_release (a);
912 GNUNET_MQ_send (s->cadet_mq,
919 * Callback for set operation results. Called for each element
920 * that should be removed from the result set, and then once
921 * to indicate that the set intersection operation is done.
923 * @param cls closure with the `struct AliceServiceSession`
924 * @param element a result element, only valid if status is #GNUNET_SET_STATUS_OK
925 * @param current_size current set size
926 * @param status what has happened with the set intersection?
929 cb_intersection_element_removed (void *cls,
930 const struct GNUNET_SET_Element *element,
931 uint64_t current_size,
932 enum GNUNET_SET_Status status)
934 struct AliceServiceSession *s = cls;
935 struct GNUNET_SCALARPRODUCT_Element *se;
939 case GNUNET_SET_STATUS_OK:
940 /* this element has been removed from the set */
941 se = GNUNET_CONTAINER_multihashmap_get (s->intersected_elements,
943 GNUNET_assert (NULL != se);
944 LOG (GNUNET_ERROR_TYPE_DEBUG,
945 "Intersection removed element with key %s and value %lld\n",
946 GNUNET_h2s (&se->key),
947 (long long) GNUNET_ntohll (se->value));
948 GNUNET_assert (GNUNET_YES ==
949 GNUNET_CONTAINER_multihashmap_remove (s->intersected_elements,
954 case GNUNET_SET_STATUS_DONE:
955 s->intersection_op = NULL;
956 if (NULL != s->intersection_set)
958 GNUNET_SET_destroy (s->intersection_set);
959 s->intersection_set = NULL;
961 send_alices_cryptodata_message (s);
963 case GNUNET_SET_STATUS_HALF_DONE:
964 /* unexpected for intersection */
967 case GNUNET_SET_STATUS_FAILURE:
968 /* unhandled status code */
969 LOG (GNUNET_ERROR_TYPE_DEBUG,
970 "Set intersection failed!\n");
971 if (NULL != s->intersection_listen)
973 GNUNET_SET_listen_cancel (s->intersection_listen);
974 s->intersection_listen = NULL;
976 s->intersection_op = NULL;
977 if (NULL != s->intersection_set)
979 GNUNET_SET_destroy (s->intersection_set);
980 s->intersection_set = NULL;
982 s->status = GNUNET_SCALARPRODUCT_STATUS_FAILURE;
983 prepare_client_end_notification (s);
993 * Called when another peer wants to do a set operation with the
994 * local peer. If a listen error occurs, the @a request is NULL.
996 * @param cls closure with the `struct AliceServiceSession *`
997 * @param other_peer the other peer
998 * @param context_msg message with application specific information from
1000 * @param request request from the other peer (never NULL), use GNUNET_SET_accept()
1001 * to accept it, otherwise the request will be refused
1002 * Note that we can't just return value from the listen callback,
1003 * as it is also necessary to specify the set we want to do the
1004 * operation with, whith sometimes can be derived from the context
1005 * message. It's necessary to specify the timeout.
1008 cb_intersection_request_alice (void *cls,
1009 const struct GNUNET_PeerIdentity *other_peer,
1010 const struct GNUNET_MessageHeader *context_msg,
1011 struct GNUNET_SET_Request *request)
1013 struct AliceServiceSession *s = cls;
1015 if (0 != memcmp (other_peer,
1017 sizeof (struct GNUNET_PeerIdentity)))
1019 GNUNET_break_op (0);
1023 = GNUNET_SET_accept (request,
1024 GNUNET_SET_RESULT_REMOVED,
1025 (struct GNUNET_SET_Option[]) {{ 0 }},
1026 &cb_intersection_element_removed,
1028 if (NULL == s->intersection_op)
1031 s->status = GNUNET_SCALARPRODUCT_STATUS_FAILURE;
1032 prepare_client_end_notification (s);
1036 GNUNET_SET_commit (s->intersection_op,
1037 s->intersection_set))
1040 s->status = GNUNET_SCALARPRODUCT_STATUS_FAILURE;
1041 prepare_client_end_notification (s);
1048 * Our client has finished sending us its multipart message.
1050 * @param session the service session context
1053 client_request_complete_alice (struct AliceServiceSession *s)
1055 struct GNUNET_MQ_MessageHandler cadet_handlers[] = {
1056 GNUNET_MQ_hd_var_size (bobs_cryptodata_message,
1057 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_BOB_CRYPTODATA,
1058 struct BobCryptodataMessage,
1060 GNUNET_MQ_hd_var_size (bobs_cryptodata_multipart,
1061 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_BOB_CRYPTODATA_MULTIPART,
1062 struct BobCryptodataMultipartMessage,
1064 GNUNET_MQ_handler_end ()
1066 struct ServiceRequestMessage *msg;
1067 struct GNUNET_MQ_Envelope *e;
1069 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1070 "Creating new channel for session with key %s.\n",
1071 GNUNET_h2s (&s->session_id));
1073 = GNUNET_CADET_channel_create (my_cadet,
1077 GNUNET_CADET_OPTION_RELIABLE,
1079 &cb_channel_destruction,
1081 if (NULL == s->channel)
1083 s->status = GNUNET_SCALARPRODUCT_STATUS_FAILURE;
1084 prepare_client_end_notification (s);
1087 s->cadet_mq = GNUNET_CADET_get_mq (s->channel);
1088 s->intersection_listen
1089 = GNUNET_SET_listen (cfg,
1090 GNUNET_SET_OPERATION_INTERSECTION,
1092 &cb_intersection_request_alice,
1094 if (NULL == s->intersection_listen)
1096 s->status = GNUNET_SCALARPRODUCT_STATUS_FAILURE;
1097 GNUNET_CADET_channel_destroy (s->channel);
1099 prepare_client_end_notification (s);
1103 e = GNUNET_MQ_msg (msg,
1104 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_SESSION_INITIALIZATION);
1105 msg->session_id = s->session_id;
1106 msg->public_key = my_pubkey;
1107 GNUNET_MQ_send (s->cadet_mq,
1113 * We're receiving additional set data. Check if
1114 * @a msg is well-formed.
1116 * @param cls client identification of the client
1117 * @param msg the actual message
1118 * @return #GNUNET_OK if @a msg is well-formed
1121 check_alice_client_message_multipart (void *cls,
1122 const struct ComputationBobCryptodataMultipartMessage *msg)
1124 struct AliceServiceSession *s = cls;
1125 uint32_t contained_count;
1128 msize = ntohs (msg->header.size);
1129 contained_count = ntohl (msg->element_count_contained);
1130 if ( (msize != (sizeof (struct ComputationBobCryptodataMultipartMessage) +
1131 contained_count * sizeof (struct GNUNET_SCALARPRODUCT_Element))) ||
1132 (0 == contained_count) ||
1133 (s->total == s->client_received_element_count) ||
1134 (s->total < s->client_received_element_count + contained_count) )
1136 GNUNET_break_op (0);
1137 return GNUNET_SYSERR;
1144 * We're receiving additional set data. Add it to our
1145 * set and if we are done, initiate the transaction.
1147 * @param cls client identification of the client
1148 * @param msg the actual message
1151 handle_alice_client_message_multipart (void *cls,
1152 const struct ComputationBobCryptodataMultipartMessage *msg)
1154 struct AliceServiceSession *s = cls;
1155 uint32_t contained_count;
1156 const struct GNUNET_SCALARPRODUCT_Element *elements;
1157 struct GNUNET_SET_Element set_elem;
1158 struct GNUNET_SCALARPRODUCT_Element *elem;
1160 contained_count = ntohl (msg->element_count_contained);
1161 s->client_received_element_count += contained_count;
1162 elements = (const struct GNUNET_SCALARPRODUCT_Element *) &msg[1];
1163 for (uint32_t i = 0; i < contained_count; i++)
1165 elem = GNUNET_new (struct GNUNET_SCALARPRODUCT_Element);
1166 GNUNET_memcpy (elem,
1168 sizeof (struct GNUNET_SCALARPRODUCT_Element));
1169 if (GNUNET_SYSERR ==
1170 GNUNET_CONTAINER_multihashmap_put (s->intersected_elements,
1173 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY))
1179 set_elem.data = &elem->key;
1180 set_elem.size = sizeof (elem->key);
1181 set_elem.element_type = 0;
1182 GNUNET_SET_add_element (s->intersection_set,
1185 s->used_element_count++;
1187 GNUNET_SERVICE_client_continue (s->client);
1188 if (s->total != s->client_received_element_count)
1193 client_request_complete_alice (s);
1198 * Handler for Alice's client request message.
1199 * Check that @a msg is well-formed.
1201 * @param cls identification of the client
1202 * @param msg the actual message
1203 * @return #GNUNET_OK if @a msg is well-formed
1206 check_alice_client_message (void *cls,
1207 const struct AliceComputationMessage *msg)
1209 struct AliceServiceSession *s = cls;
1211 uint32_t total_count;
1212 uint32_t contained_count;
1214 if (NULL != s->intersected_elements)
1216 /* only one concurrent session per client connection allowed,
1217 simplifies logic a lot... */
1219 return GNUNET_SYSERR;
1221 msize = ntohs (msg->header.size);
1222 total_count = ntohl (msg->element_count_total);
1223 contained_count = ntohl (msg->element_count_contained);
1224 if ( (0 == total_count) ||
1225 (0 == contained_count) ||
1226 (msize != (sizeof (struct AliceComputationMessage) +
1227 contained_count * sizeof (struct GNUNET_SCALARPRODUCT_Element))) )
1229 GNUNET_break_op (0);
1230 return GNUNET_SYSERR;
1237 * Handler for Alice's client request message.
1238 * We are doing request-initiation to compute a scalar product with a peer.
1240 * @param cls identification of the client
1241 * @param msg the actual message
1244 handle_alice_client_message (void *cls,
1245 const struct AliceComputationMessage *msg)
1247 struct AliceServiceSession *s = cls;
1248 uint32_t contained_count;
1249 uint32_t total_count;
1250 const struct GNUNET_SCALARPRODUCT_Element *elements;
1251 struct GNUNET_SET_Element set_elem;
1252 struct GNUNET_SCALARPRODUCT_Element *elem;
1254 total_count = ntohl (msg->element_count_total);
1255 contained_count = ntohl (msg->element_count_contained);
1256 s->peer = msg->peer;
1257 s->status = GNUNET_SCALARPRODUCT_STATUS_ACTIVE;
1258 s->total = total_count;
1259 s->client_received_element_count = contained_count;
1260 s->session_id = msg->session_key;
1261 elements = (const struct GNUNET_SCALARPRODUCT_Element *) &msg[1];
1262 s->intersected_elements = GNUNET_CONTAINER_multihashmap_create (s->total,
1264 s->intersection_set = GNUNET_SET_create (cfg,
1265 GNUNET_SET_OPERATION_INTERSECTION);
1267 for (uint32_t i = 0; i < contained_count; i++)
1269 if (0 == GNUNET_ntohll (elements[i].value))
1271 elem = GNUNET_new (struct GNUNET_SCALARPRODUCT_Element);
1272 GNUNET_memcpy (elem,
1274 sizeof (struct GNUNET_SCALARPRODUCT_Element));
1275 if (GNUNET_SYSERR ==
1276 GNUNET_CONTAINER_multihashmap_put (s->intersected_elements,
1279 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY))
1281 /* element with same key encountered twice! */
1286 set_elem.data = &elem->key;
1287 set_elem.size = sizeof (elem->key);
1288 set_elem.element_type = 0;
1289 GNUNET_SET_add_element (s->intersection_set,
1292 s->used_element_count++;
1294 GNUNET_SERVICE_client_continue (s->client);
1295 if (s->total != s->client_received_element_count)
1297 /* wait for multipart msg */
1300 client_request_complete_alice (s);
1305 * Task run during shutdown.
1310 shutdown_task (void *cls)
1312 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1313 "Shutting down, initiating cleanup.\n");
1314 // FIXME: we have to cut our connections to CADET first!
1315 if (NULL != my_cadet)
1317 GNUNET_CADET_disconnect (my_cadet);
1324 * A client connected.
1326 * Setup the associated data structure.
1328 * @param cls closure, NULL
1329 * @param client identification of the client
1330 * @param mq message queue to communicate with @a client
1331 * @return our `struct AliceServiceSession`
1334 client_connect_cb (void *cls,
1335 struct GNUNET_SERVICE_Client *client,
1336 struct GNUNET_MQ_Handle *mq)
1338 struct AliceServiceSession *s;
1340 s = GNUNET_new (struct AliceServiceSession);
1348 * A client disconnected.
1350 * Remove the associated session(s), release data structures
1351 * and cancel pending outgoing transmissions to the client.
1353 * @param cls closure, NULL
1354 * @param client identification of the client
1355 * @param app_cls our `struct AliceServiceSession`
1358 client_disconnect_cb (void *cls,
1359 struct GNUNET_SERVICE_Client *client,
1362 struct AliceServiceSession *s = app_cls;
1364 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1365 "Client %p disconnected from us.\n",
1368 s->client_mq = NULL;
1369 destroy_service_session (s);
1374 * Initialization of the program and message handlers
1376 * @param cls closure
1377 * @param c configuration to use
1378 * @param service the initialized service
1382 const struct GNUNET_CONFIGURATION_Handle *c,
1383 struct GNUNET_SERVICE_Handle *service)
1387 offset has to be sufficiently small to allow computation of:
1388 m1+m2 mod n == (S + a) + (S + b) mod n,
1389 if we have more complex operations, this factor needs to be lowered */
1390 my_offset = gcry_mpi_new (GNUNET_CRYPTO_PAILLIER_BITS / 3);
1391 gcry_mpi_set_bit (my_offset,
1392 GNUNET_CRYPTO_PAILLIER_BITS / 3);
1393 GNUNET_CRYPTO_paillier_create (&my_pubkey,
1395 my_cadet = GNUNET_CADET_connect (cfg);
1396 GNUNET_SCHEDULER_add_shutdown (&shutdown_task,
1398 if (NULL == my_cadet)
1400 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1401 _("Connect to CADET failed\n"));
1402 GNUNET_SCHEDULER_shutdown ();
1409 * Define "main" method using service macro.
1412 ("scalarproduct-alice",
1413 GNUNET_SERVICE_OPTION_NONE,
1416 &client_disconnect_cb,
1418 GNUNET_MQ_hd_var_size (alice_client_message,
1419 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_CLIENT_TO_ALICE,
1420 struct AliceComputationMessage,
1422 GNUNET_MQ_hd_var_size (alice_client_message_multipart,
1423 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_CLIENT_MULTIPART_ALICE,
1424 struct ComputationBobCryptodataMultipartMessage,
1426 GNUNET_MQ_handler_end ());
1429 /* end of gnunet-service-scalarproduct_alice.c */