}
-/**
- * Encrypts an element using the paillier crypto system
- *
- * @param c ciphertext (output)
- * @param m plaintext
- * @param g the public base
- * @param n the module from which which r is chosen (Z*_n)
- * @param n_square the module for encryption, for performance reasons.
- */
-static void
-encrypt_element (gcry_mpi_t c, gcry_mpi_t m, gcry_mpi_t g, gcry_mpi_t n, gcry_mpi_t n_square)
-{
- gcry_mpi_t tmp;
-
- GNUNET_assert (tmp = gcry_mpi_new (0));
-
- while (0 >= gcry_mpi_cmp_ui (tmp, 1)) {
- gcry_mpi_randomize (tmp, KEYBITS / 3, GCRY_WEAK_RANDOM);
- // r must be 1 < r < n
- }
-
- gcry_mpi_powm (c, g, m, n_square);
- gcry_mpi_powm (tmp, tmp, n, n_square);
- gcry_mpi_mulm (c, tmp, c, n_square);
-
- gcry_mpi_release (tmp);
-}
-
-
/**
* decrypts an element using the paillier crypto system
*
msg_length = sizeof (struct GNUNET_SCALARPRODUCT_client_response) +product_length;
msg = GNUNET_malloc (msg_length);
msg->key = session->key;
- &msg->peer = session->peer;
+ msg->peer = session->peer;
if (product_exported != NULL)
{
memcpy (&msg[1], product_exported, product_length);
uint32_t count;
gcry_mpi_t * rand = NULL;
gcry_mpi_t * r = NULL;
+ struct GNUNET_CRYPTO_PaillierCiphertext * R;
gcry_mpi_t * r_prime = NULL;
+ struct GNUNET_CRYPTO_PaillierCiphertext * R_prime;
gcry_mpi_t * b;
gcry_mpi_t * a_pi;
gcry_mpi_t * a_pi_prime;
gcry_mpi_t * rand_pi;
gcry_mpi_t * rand_pi_prime;
gcry_mpi_t s = NULL;
+ struct GNUNET_CRYPTO_PaillierCiphertext * S;
gcry_mpi_t s_prime = NULL;
- gcry_mpi_t remote_n = NULL;
- gcry_mpi_t remote_nsquare;
- gcry_mpi_t remote_g = NULL;
- gcry_sexp_t tmp_exp;
+ struct GNUNET_CRYPTO_PaillierCiphertext * S_prime;
+
uint32_t value;
count = request->used;
rand_pi_prime = GNUNET_malloc (sizeof (gcry_mpi_t) * count);
// convert responder session to from long to mpi
- for (i = 0, j = 0; i < response->total && j < count; i++) {
- if (request->mask[i / 8] & (1 << (i % 8))) {
+ for (i = 0, j = 0; i < response->total && j < count; i++)
+ {
+ if (request->mask[i / 8] & (1 << (i % 8)))
+ {
value = response->vector[i] >= 0 ? response->vector[i] : -response->vector[i];
// long to gcry_mpi_t
- if (0 > response->vector[i]) {
+ if (0 > response->vector[i])
+ {
b[j] = gcry_mpi_new (0);
gcry_mpi_sub_ui (b[j], b[j], value);
}
}
GNUNET_free (response->vector);
response->vector = NULL;
-
- tmp_exp = gcry_sexp_find_token (request->remote_pubkey, "n", 0);
- if (!tmp_exp) {
- GNUNET_break_op (0);
- gcry_sexp_release (request->remote_pubkey);
- request->remote_pubkey = NULL;
- goto except;
- }
- remote_n = gcry_sexp_nth_mpi (tmp_exp, 1, GCRYMPI_FMT_USG);
- if (!remote_n) {
- GNUNET_break (0);
- gcry_sexp_release (tmp_exp);
- goto except;
- }
- remote_nsquare = gcry_mpi_new (KEYBITS + 1);
- gcry_mpi_mul (remote_nsquare, remote_n, remote_n);
- gcry_sexp_release (tmp_exp);
- tmp_exp = gcry_sexp_find_token (request->remote_pubkey, "g", 0);
- gcry_sexp_release (request->remote_pubkey);
- request->remote_pubkey = NULL;
- if (!tmp_exp) {
- GNUNET_break_op (0);
- gcry_mpi_release (remote_n);
- goto except;
- }
- remote_g = gcry_sexp_nth_mpi (tmp_exp, 1, GCRYMPI_FMT_USG);
- if (!remote_g) {
- GNUNET_break (0);
- gcry_mpi_release (remote_n);
- gcry_sexp_release (tmp_exp);
- goto except;
- }
- gcry_sexp_release (tmp_exp);
+ q = NULL;
+ p = NULL;
// generate r, p and q
rand = initialize_mpi_vector (count);
- for (i = 0; i < count; i++) {
- value = (int32_t) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX);
+ for (i = 0; i < count; i++)
+ {
+ int32_t svalue;
+
+ svalue = (int32_t) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX);
// long to gcry_mpi_t
- if (value < 0)
+ if (svalue < 0)
gcry_mpi_sub_ui (rand[i],
rand[i],
- -value);
+ -svalue);
else
- rand[i] = gcry_mpi_set_ui (rand[i], value);
+ rand[i] = gcry_mpi_set_ui (rand[i], svalue);
}
p = GNUNET_CRYPTO_random_permute (GNUNET_CRYPTO_QUALITY_WEAK, count);
q = GNUNET_CRYPTO_random_permute (GNUNET_CRYPTO_QUALITY_WEAK, count);
memcpy (b_pi, b, sizeof (gcry_mpi_t) * count);
memcpy (rand_pi, rand, sizeof (gcry_mpi_t) * count);
memcpy (rand_pi_prime, rand, sizeof (gcry_mpi_t) * count);
+
+ //todo get API-cryptoblocks, instead of MPI values
// generate p and q permutations for a, b and r
+ // TODO: APIify
GNUNET_assert (permute_vector (a_pi, p, count));
GNUNET_assert (permute_vector (b_pi, p, count));
GNUNET_assert (permute_vector (rand_pi, p, count));
// vectors, which get rid of all the lookups in p/q.
// however, ap/aq are not absolutely necessary but are just abstraction
// Calculate Kp = E(S + a_pi) (+) E(S - r_pi - b_pi)
- for (i = 0; i < count; i++) {
+ for (i = 0; i < count; i++)
+ {
// E(S - r_pi - b_pi)
gcry_mpi_sub (r[i], my_offset, rand_pi[i]);
gcry_mpi_sub (r[i], r[i], b_pi[i]);
- encrypt_element (r[i], r[i], remote_g, remote_n, remote_nsquare);
-
+ GNUNET_CRYPTO_paillier_encrypt (&request->remote_pubkey,
+ r[i],
+ &R[i]);
+
// E(S - r_pi - b_pi) * E(S + a_pi) == E(2*S + a - r - b)
- gcry_mpi_mulm (r[i], r[i], a_pi[i], remote_nsquare);
+ GNUNET_CRYPTO_paillier_hom_add (&request->remote_pubkey,
+ &R[i],
+ &A_pi[i],
+ &R[i]);
}
GNUNET_free (a_pi);
GNUNET_free (b_pi);
GNUNET_free (rand_pi);
// Calculate Kq = E(S + a_qi) (+) E(S - r_qi)
- for (i = 0; i < count; i++) {
+ for (i = 0; i < count; i++)
+ {
// E(S - r_qi)
gcry_mpi_sub (r_prime[i], my_offset, rand_pi_prime[i]);
- encrypt_element (r_prime[i], r_prime[i], remote_g, remote_n, remote_nsquare);
+ GNUNET_CRYPTO_paillier_encrypt (&request->remote_pubkey,
+ r_prime[i],
+ &R_prime[i]);
// E(S - r_qi) * E(S + a_qi) == E(2*S + a_qi - r_qi)
- gcry_mpi_mulm (r_prime[i], r_prime[i], a_pi_prime[i], remote_nsquare);
+ GNUNET_CRYPTO_paillier_hom_add (&request->remote_pubkey,
+ &R_prime[i],
+ &A_pi_prime[i],
+ &R_prime[i]);
}
GNUNET_free (a_pi_prime);
GNUNET_free (rand_pi_prime);
// Calculate S' = E(SUM( r_i^2 ))
s_prime = compute_square_sum (rand, count);
- encrypt_element (s_prime, s_prime, remote_g, remote_n, remote_nsquare);
+ GNUNET_CRYPTO_paillier_encrypt (&request->remote_pubkey,
+ s_prime,
+ &S_prime);
// Calculate S = E(SUM( (r_i + b_i)^2 ))
for (i = 0; i < count; i++) {
gcry_mpi_add (rand[i], rand[i], b[i]);
}
s = compute_square_sum (rand, count);
- encrypt_element (s, s, remote_g, remote_n, remote_nsquare);
- gcry_mpi_release (remote_n);
- gcry_mpi_release (remote_g);
- gcry_mpi_release (remote_nsquare);
+ GNUNET_CRYPTO_paillier_encrypt (&request->remote_pubkey,
+ s[i],
+ &S);
// release r and tmp
for (i = 0; i < count; i++)
gcry_mpi_release (rand[i]);
// copy the r[], r_prime[], S and Stick into a new message, prepare_service_response frees these
- if (GNUNET_YES != prepare_service_response (s, s_prime, request))
+ if (GNUNET_YES != prepare_service_response (S, S_prime, request))
GNUNET_log (GNUNET_ERROR_TYPE_INFO, _ ("Failed to communicate with `%s', scalar product calculation aborted.\n"),
GNUNET_i2s (&request->peer));
else
ret = GNUNET_OK;
except:
- for (i = 0; i < count; i++) {
+ for (i = 0; i < count; i++)
+ {
gcry_mpi_release (b[i]);
gcry_mpi_release (request->a[i]);
}
GNUNET_free (b);
GNUNET_free (request->a);
request->a = NULL;
-
+ GNUNET_free_non_null (p);
+ GNUNET_free_non_null (q);
+ GNUNET_free (rand);
return ret;
}
a = gcry_mpi_new (KEYBITS * 2);
current = (unsigned char *) &msg[1];
// encrypt our vector and generate string representations
- for (i = session->last_processed, j = 0; i < session->total; i++) {
+ for (i = session->last_processed, j = 0; i < session->total; i++)
+ {
// is this a used element?
if (session->mask[i / 8] & 1 << (i % 8)) {
if (todo_count <= j)
if ((ntohs (msg->header.size) != (sizeof (struct GNUNET_SCALARPRODUCT_client_request) +element_count * sizeof (int32_t) + mask_length))
|| (0 == element_count)) {
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- _ ("Invalid message received from client, session information incorrect!\n"));
+ _("Invalid message received from client, session information incorrect!\n"));
GNUNET_SERVER_receive_done (client, GNUNET_SYSERR);
return;
}
element_count,
NULL, NULL)) {
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- _ ("Duplicate session information received, cannot create new session with key `%s'\n"),
+ _("Duplicate session information received, cannot create new session with key `%s'\n"),
GNUNET_h2s (&msg->key));
GNUNET_SERVER_receive_done (client, GNUNET_SYSERR);
return;
session->vector = GNUNET_malloc (sizeof (int32_t) * element_count);
vector = (int32_t *) & msg[1];
- if (GNUNET_MESSAGE_TYPE_SCALARPRODUCT_CLIENT_TO_ALICE == msg_type) {
+ if (GNUNET_MESSAGE_TYPE_SCALARPRODUCT_CLIENT_TO_ALICE == msg_type)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- _ ("Got client-request-session with key %s, preparing channel to remote service.\n"),
+ _("Got client-request-session with key %s, preparing channel to remote service.\n"),
GNUNET_h2s (&session->key));
session->role = ALICE;
// copy over the elements
session->used = 0;
- for (i = 0; i < element_count; i++) {
+ for (i = 0; i < element_count; i++)
+ {
session->vector[i] = ntohl (vector[i]);
if (session->vector[i] == 0)
session->mask[i / 8] &= ~(1 << (i % 8));
session->used++;
}
- if (0 == session->used) {
+ if (0 == session->used)
+ {
GNUNET_break_op (0);
GNUNET_free (session->vector);
GNUNET_free (session);
return;
}
//session with ourself makes no sense!
- if (!memcmp (&msg->peer, &me, sizeof (struct GNUNET_PeerIdentity))) {
+ if (!memcmp (&msg->peer, &me, sizeof (struct GNUNET_PeerIdentity)))
+ {
GNUNET_break (0);
GNUNET_free (session->vector);
GNUNET_free (session);
session);
}
- else {
+ else
+ {
struct ServiceSession * requesting_session;
enum SessionState needed_state = SERVICE_REQUEST_RECEIVED;
&session->key,
session->total,
&needed_state, NULL);
- if (NULL != requesting_session) {
- GNUNET_log (GNUNET_ERROR_TYPE_INFO, _ ("Got client-responder-session with key %s and a matching service-request-session set, processing.\n"), GNUNET_h2s (&session->key));
+ if (NULL != requesting_session)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ _("Got client-responder-session with key %s and a matching service-request-session set, processing.\n"),
+ GNUNET_h2s (&session->key));
if (GNUNET_OK != compute_service_response (requesting_session, session))
session->client_notification_task =
GNUNET_SCHEDULER_add_now (&prepare_client_end_notification,
session);
}
- else {
- GNUNET_log (GNUNET_ERROR_TYPE_INFO, _ ("Got client-responder-session with key %s but NO matching service-request-session set, queuing element for later use.\n"), GNUNET_h2s (&session->key));
+ else
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ _("Got client-responder-session with key %s but NO matching service-request-session set, queuing element for later use.\n"),
+ GNUNET_h2s (&session->key));
// no matching session exists yet, store the response
// for later processing by handle_service_request()
}
channel_incoming_handler (void *cls,
struct GNUNET_MESH_Channel *channel,
const struct GNUNET_PeerIdentity *initiator,
- uint32_t port, enum MeshOption options)
+ uint32_t port, enum GNUNET_MESH_ChannelOption options)
{
struct ServiceSession * c = GNUNET_new (struct ServiceSession);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, _ ("New incoming channel from peer %s.\n"), GNUNET_i2s (initiator));
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ _("New incoming channel from peer %s.\n"),
+ GNUNET_i2s (initiator));
c->peer = *initiator;
c->channel = channel;
// due to the introduced static offset S, we now also have to remove this
// from the E(a_pi)(+)E(-b_pi-r_pi) and E(a_qi)(+)E(-r_qi) twice each,
// the result is E((S + a_pi) + (S -b_pi-r_pi)) and E(S + a_qi + S - r_qi)
- for (i = 0; i < count; i++) {
+ for (i = 0; i < count; i++)
+ {
decrypt_element (session->r[i], session->r[i], my_mu, my_lambda, my_n, my_nsquare);
gcry_mpi_sub (session->r[i], session->r[i], my_offset);
gcry_mpi_sub (session->r[i], session->r[i], my_offset);
}
session->transferred += contained_elements;
- if (session->transferred == used_elements) {
+ if (session->transferred == used_elements)
+ {
// single part finished
session->state = SERVICE_REQUEST_RECEIVED;
- if (session->response) {
- GNUNET_log (GNUNET_ERROR_TYPE_INFO, _ ("Got session with key %s and a matching element set, processing.\n"), GNUNET_h2s (&session->key));
+ if (session->response)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ _ ("Got session with key %s and a matching element set, processing.\n"),
+ GNUNET_h2s (&session->key));
if (GNUNET_OK != compute_service_response (session, session->response)) {
//something went wrong, remove it again...
goto except;
}
}
else
- GNUNET_log (GNUNET_ERROR_TYPE_INFO, _ ("Got session with key %s without a matching element set, queueing.\n"), GNUNET_h2s (&session->key));
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ _("Got session with key %s without a matching element set, queueing.\n"),
+ GNUNET_h2s (&session->key));
}
- else {
+ else
+ {
// multipart message
}
}
+mask_length + pk_length + contained_elements * PAILLIER_ELEMENT_LENGTH;
//sanity check: is the message as long as the message_count fields suggests?
- if ((ntohs (msg->header.size) != msg_length) || (element_count < used_elements) || (used_elements < contained_elements)
- || (used_elements == 0) || (mask_length != (element_count / 8 + (element_count % 8 ? 1 : 0)))
- ) {
+ if ( (ntohs (msg->header.size) != msg_length) ||
+ (element_count < used_elements) ||
+ (used_elements < contained_elements) ||
+ (0 == used_elements) ||
+ (mask_length != (element_count / 8 + ((element_count % 8) ? 1 : 0))) )
+ {
GNUNET_free (session);
GNUNET_break_op (0);
return GNUNET_SYSERR;
&msg->key,
element_count,
NULL,
- NULL)) {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, _ ("Got message with duplicate session key (`%s'), ignoring service request.\n"), (const char *) &(msg->key));
+ NULL))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ _ ("Got message with duplicate session key (`%s'), ignoring service request.\n"),
+ (const char *) &(msg->key));
GNUNET_free (session);
return GNUNET_SYSERR;
}