From 9110a8eefdb632d52d8bd61ea48b930b4a60de97 Mon Sep 17 00:00:00 2001 From: aniampio Date: Wed, 20 Oct 2021 16:35:13 +0100 Subject: [PATCH] Add proper creation of bandwidth attributes --- clients/native/src/client/mod.rs | 13 +++++++------ clients/native/src/commands/init.rs | 14 +++++++------- clients/socks5/src/client/mod.rs | 13 +++++++------ clients/socks5/src/commands/init.rs | 14 +++++++------- common/credentials/src/bandwidth.rs | 5 +---- common/nymcoconut/src/scheme/setup.rs | 2 +- validator-api/src/network_monitor/mod.rs | 14 +++++++------- 7 files changed, 37 insertions(+), 38 deletions(-) diff --git a/clients/native/src/client/mod.rs b/clients/native/src/client/mod.rs index 8c78ed059f..e8296ad529 100644 --- a/clients/native/src/client/mod.rs +++ b/clients/native/src/client/mod.rs @@ -22,8 +22,8 @@ use client_core::client::topology_control::{ TopologyAccessor, TopologyRefresher, TopologyRefresherConfig, }; use client_core::config::persistence::key_pathfinder::ClientKeyPathfinder; -use coconut_interface::{Credential, hash_to_scalar}; -use credentials::bandwidth::{prepare_for_spending, BandwidthVoucherAttributes, BANDWIDTH_VALUE}; +use coconut_interface::{Credential, hash_to_scalar, Parameters}; +use credentials::bandwidth::{prepare_for_spending, BandwidthVoucherAttributes, BANDWIDTH_VALUE, TOTAL_ATTRIBUTES}; use credentials::obtain_aggregate_verification_key; use crypto::asymmetric::identity; use futures::channel::mpsc; @@ -173,15 +173,16 @@ impl NymClient { .await .expect("could not obtain aggregate verification key of validators"); + let params = Parameters::new(TOTAL_ATTRIBUTES).unwrap(); let bandwidth_credential_attributes = BandwidthVoucherAttributes{ - serial_number : hash_to_scalar(self.key_manager.identity_keypair().public_key().to_bytes()), - binding_number : hash_to_scalar(self.key_manager.identity_keypair().public_key().to_bytes()), + serial_number : params.random_scalar(), + binding_number : params.random_scalar(), voucher_value : hash_to_scalar(BANDWIDTH_VALUE.to_be_bytes()), - voucher_info : hash_to_scalar("BANDWIDTH_VOUCHER".as_bytes()), - + voucher_info : hash_to_scalar(String::from("BandwidthVoucher").as_bytes()), }; let bandwidth_credential = credentials::bandwidth::obtain_signature( + ¶ms, &bandwidth_credential_attributes, &self.config.get_base().get_validator_api_endpoints(), &verification_key, diff --git a/clients/native/src/commands/init.rs b/clients/native/src/commands/init.rs index 7c171debdf..02f2a98ac9 100644 --- a/clients/native/src/commands/init.rs +++ b/clients/native/src/commands/init.rs @@ -6,9 +6,9 @@ use crate::commands::override_config; use clap::{App, Arg, ArgMatches}; use client_core::client::key_manager::KeyManager; use client_core::config::persistence::key_pathfinder::ClientKeyPathfinder; -use coconut_interface::{Credential, hash_to_scalar}; +use coconut_interface::{Credential, hash_to_scalar, Parameters}; use config::NymConfig; -use credentials::bandwidth::{prepare_for_spending, BandwidthVoucherAttributes, BANDWIDTH_VALUE}; +use credentials::bandwidth::{prepare_for_spending, BandwidthVoucherAttributes, BANDWIDTH_VALUE, TOTAL_ATTRIBUTES}; use credentials::obtain_aggregate_verification_key; use crypto::asymmetric::{encryption, identity}; use gateway_client::GatewayClient; @@ -67,15 +67,15 @@ async fn prepare_temporary_credential(validators: &[Url], raw_identity: &[u8]) - .await .expect("could not obtain aggregate verification key of validators"); + let params = Parameters::new(TOTAL_ATTRIBUTES).unwrap(); let bandwidth_credential_attributes = BandwidthVoucherAttributes{ - serial_number : hash_to_scalar(raw_identity), - binding_number : hash_to_scalar(raw_identity), + serial_number : params.random_scalar(), + binding_number : params.random_scalar(), voucher_value : hash_to_scalar(BANDWIDTH_VALUE.to_be_bytes()), - voucher_info : hash_to_scalar("BANDWIDTH_VOUCHER".as_bytes()), - + voucher_info : hash_to_scalar(String::from("BandwidthVoucher").as_bytes()), }; - let bandwidth_credential = credentials::bandwidth::obtain_signature(&bandwidth_credential_attributes, validators, &verification_key) + let bandwidth_credential = credentials::bandwidth::obtain_signature(¶ms, &bandwidth_credential_attributes, validators, &verification_key) .await .expect("could not obtain bandwidth credential"); diff --git a/clients/socks5/src/client/mod.rs b/clients/socks5/src/client/mod.rs index fc012c3600..885bde77ca 100644 --- a/clients/socks5/src/client/mod.rs +++ b/clients/socks5/src/client/mod.rs @@ -23,8 +23,8 @@ use client_core::client::topology_control::{ TopologyAccessor, TopologyRefresher, TopologyRefresherConfig, }; use client_core::config::persistence::key_pathfinder::ClientKeyPathfinder; -use coconut_interface::{Credential, hash_to_scalar}; -use credentials::bandwidth::{prepare_for_spending, BandwidthVoucherAttributes, BANDWIDTH_VALUE}; +use coconut_interface::{Credential, hash_to_scalar, Parameters}; +use credentials::bandwidth::{prepare_for_spending, BandwidthVoucherAttributes, BANDWIDTH_VALUE, TOTAL_ATTRIBUTES}; use credentials::obtain_aggregate_verification_key; use crypto::asymmetric::identity; use futures::channel::mpsc; @@ -161,15 +161,16 @@ impl NymClient { .await .expect("could not obtain aggregate verification key of validators"); + let params = Parameters::new(TOTAL_ATTRIBUTES).unwrap(); let bandwidth_credential_attributes = BandwidthVoucherAttributes{ - serial_number : hash_to_scalar(self.key_manager.identity_keypair().public_key().to_bytes()), - binding_number : hash_to_scalar(self.key_manager.identity_keypair().public_key().to_bytes()), + serial_number : params.random_scalar(), + binding_number : params.random_scalar(), voucher_value : hash_to_scalar(BANDWIDTH_VALUE.to_be_bytes()), - voucher_info : hash_to_scalar("BANDWIDTH_VOUCHER".as_bytes()), - + voucher_info : hash_to_scalar(String::from("BandwidthVoucher").as_bytes()), }; let bandwidth_credential = credentials::bandwidth::obtain_signature( + ¶ms, &bandwidth_credential_attributes, &self.config.get_base().get_validator_api_endpoints(), &verification_key, diff --git a/clients/socks5/src/commands/init.rs b/clients/socks5/src/commands/init.rs index 0a8a50ee04..c319113fdc 100644 --- a/clients/socks5/src/commands/init.rs +++ b/clients/socks5/src/commands/init.rs @@ -6,9 +6,9 @@ use crate::commands::override_config; use clap::{App, Arg, ArgMatches}; use client_core::client::key_manager::KeyManager; use client_core::config::persistence::key_pathfinder::ClientKeyPathfinder; -use coconut_interface::{Credential, hash_to_scalar}; +use coconut_interface::{Credential, hash_to_scalar, Parameters}; use config::NymConfig; -use credentials::bandwidth::{prepare_for_spending, BandwidthVoucherAttributes, BANDWIDTH_VALUE}; +use credentials::bandwidth::{prepare_for_spending, BandwidthVoucherAttributes, BANDWIDTH_VALUE, TOTAL_ATTRIBUTES}; use credentials::obtain_aggregate_verification_key; use crypto::asymmetric::{encryption, identity}; use gateway_client::GatewayClient; @@ -67,15 +67,15 @@ async fn prepare_temporary_credential(validators: &[Url], raw_identity: &[u8]) - .await .expect("could not obtain aggregate verification key of validators"); + let params = Parameters::new(TOTAL_ATTRIBUTES).unwrap(); let bandwidth_credential_attributes = BandwidthVoucherAttributes{ - serial_number : hash_to_scalar(raw_identity), - binding_number : hash_to_scalar(raw_identity), + serial_number : params.random_scalar(), + binding_number : params.random_scalar(), voucher_value : hash_to_scalar(BANDWIDTH_VALUE.to_be_bytes()), - voucher_info : hash_to_scalar("BANDWIDTH_VOUCHER".as_bytes()), - + voucher_info : hash_to_scalar(String::from("BandwidthVoucher").as_bytes()), }; - let bandwidth_credential = credentials::bandwidth::obtain_signature(&bandwidth_credential_attributes, validators, &verification_key) + let bandwidth_credential = credentials::bandwidth::obtain_signature(¶ms, &bandwidth_credential_attributes, validators, &verification_key) .await .expect("could not obtain bandwidth credential"); diff --git a/common/credentials/src/bandwidth.rs b/common/credentials/src/bandwidth.rs index 48d8fdc559..8f839c8d29 100644 --- a/common/credentials/src/bandwidth.rs +++ b/common/credentials/src/bandwidth.rs @@ -48,11 +48,8 @@ impl BandwidthVoucherAttributes { } // TODO: this definitely has to be moved somewhere else. It's just a temporary solution -pub async fn obtain_signature(attributes: &BandwidthVoucherAttributes, validators: &[Url], verification_key: &VerificationKey) -> Result { - // let public_attributes = vec![hash_to_scalar(BANDWIDTH_VALUE.to_be_bytes())]; - // let private_attributes = vec![hash_to_scalar(raw_identity)]; +pub async fn obtain_signature(params: &Parameters, attributes: &BandwidthVoucherAttributes, validators: &[Url], verification_key: &VerificationKey) -> Result { - let params = Parameters::new(TOTAL_ATTRIBUTES)?; let public_attributes = attributes.get_public_attributes(); let private_attributes = attributes.get_private_attributes(); diff --git a/common/nymcoconut/src/scheme/setup.rs b/common/nymcoconut/src/scheme/setup.rs index 9608ac56ef..e7cdfc6c46 100644 --- a/common/nymcoconut/src/scheme/setup.rs +++ b/common/nymcoconut/src/scheme/setup.rs @@ -69,7 +69,7 @@ impl Parameters { &self.hs } - pub(crate) fn random_scalar(&self) -> Scalar { + pub fn random_scalar(&self) -> Scalar { // lazily-initialized thread-local random number generator, seeded by the system let mut rng = thread_rng(); Scalar::random(&mut rng) diff --git a/validator-api/src/network_monitor/mod.rs b/validator-api/src/network_monitor/mod.rs index 096a69d3b2..bcf411d701 100644 --- a/validator-api/src/network_monitor/mod.rs +++ b/validator-api/src/network_monitor/mod.rs @@ -15,8 +15,8 @@ use crate::network_monitor::monitor::summary_producer::SummaryProducer; use crate::network_monitor::monitor::Monitor; use crate::network_monitor::tested_network::TestedNetwork; use crate::storage::NodeStatusStorage; -use coconut_interface::{Credential, hash_to_scalar}; -use credentials::bandwidth::{prepare_for_spending, BandwidthVoucherAttributes, BANDWIDTH_VALUE}; +use coconut_interface::{Credential, hash_to_scalar, Parameters}; +use credentials::bandwidth::{prepare_for_spending, BandwidthVoucherAttributes, BANDWIDTH_VALUE, TOTAL_ATTRIBUTES}; use credentials::obtain_aggregate_verification_key; use crypto::asymmetric::{encryption, identity}; use futures::channel::mpsc; @@ -175,16 +175,16 @@ async fn TEMPORARY_obtain_bandwidth_credential( .await .expect("could not obtain aggregate verification key of ALL validators"); + let params = Parameters::new(TOTAL_ATTRIBUTES).unwrap(); let bandwidth_credential_attributes = BandwidthVoucherAttributes{ - serial_number : hash_to_scalar(identity.to_bytes()), - binding_number : hash_to_scalar(identity.to_bytes()), + serial_number : params.random_scalar(), + binding_number : params.random_scalar(), voucher_value : hash_to_scalar(BANDWIDTH_VALUE.to_be_bytes()), - voucher_info : hash_to_scalar("BANDWIDTH_VOUCHER".as_bytes()), - + voucher_info : hash_to_scalar(String::from("BandwidthVoucher").as_bytes()), }; let bandwidth_credential = - credentials::bandwidth::obtain_signature(&bandwidth_credential_attributes, &validators, &verification_key) + credentials::bandwidth::obtain_signature(¶ms, &bandwidth_credential_attributes, &validators, &verification_key) .await .expect("failed to obtain bandwidth credential!");