diff options
| author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2016-08-10 12:48:20 +0100 |
|---|---|---|
| committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2016-08-28 21:30:19 +0100 |
| commit | d4b62a1e295a7fb19de6081733b1d8e0610cbf08 (patch) | |
| tree | a40178b339e35090117d3b3d2680a79a0bc28ac6 /src/ringct | |
| parent | rct: rework v2 txes into prunable and non prunable data (diff) | |
| download | monero-d4b62a1e295a7fb19de6081733b1d8e0610cbf08.tar.xz | |
rct amount key modified as per luigi1111's recommendations
This allows the key to be not the same for two outputs sent to
the same address (eg, if you pay yourself, and also get change
back). Also remove the key amounts lists and return parameters
since we don't actually generate random ones, so we don't need
to save them as we can recalculate them when needed if we have
the correct keys.
Diffstat (limited to 'src/ringct')
| -rw-r--r-- | src/ringct/rctOps.cpp | 18 | ||||
| -rw-r--r-- | src/ringct/rctOps.h | 6 | ||||
| -rw-r--r-- | src/ringct/rctSigs.cpp | 28 | ||||
| -rw-r--r-- | src/ringct/rctSigs.h | 2 |
4 files changed, 12 insertions, 42 deletions
diff --git a/src/ringct/rctOps.cpp b/src/ringct/rctOps.cpp index b8a0d26ad..d54aa667f 100644 --- a/src/ringct/rctOps.cpp +++ b/src/ringct/rctOps.cpp @@ -741,28 +741,18 @@ void fe_mul(fe h,const fe f,const fe g) //Elliptic Curve Diffie Helman: encodes and decodes the amount b and mask a // where C= aG + bH - void ecdhEncodeFromSharedSecret(ecdhTuple & unmasked, const key & sharedSec1) { + void ecdhEncode(ecdhTuple & unmasked, const key & sharedSec) { + key sharedSec1 = hash_to_scalar(sharedSec); key sharedSec2 = hash_to_scalar(sharedSec1); //encode sc_add(unmasked.mask.bytes, unmasked.mask.bytes, sharedSec1.bytes); sc_add(unmasked.amount.bytes, unmasked.amount.bytes, sharedSec2.bytes); } - void ecdhEncode(ecdhTuple & unmasked, const key & receiverPk) { - key esk; - //compute shared secret - skpkGen(esk, unmasked.senderPk); - key sharedSec1 = hash_to_scalar(scalarmultKey(receiverPk, esk)); - ecdhEncodeFromSharedSecret(unmasked, sharedSec1); - } - void ecdhDecodeFromSharedSecret(ecdhTuple & masked, const key & sharedSec1) { + void ecdhDecode(ecdhTuple & masked, const key & sharedSec) { + key sharedSec1 = hash_to_scalar(sharedSec); key sharedSec2 = hash_to_scalar(sharedSec1); //decode sc_sub(masked.mask.bytes, masked.mask.bytes, sharedSec1.bytes); sc_sub(masked.amount.bytes, masked.amount.bytes, sharedSec2.bytes); } - void ecdhDecode(ecdhTuple & masked, const key & receiverSk) { - //compute shared secret - key sharedSec1 = hash_to_scalar(scalarmultKey(masked.senderPk, receiverSk)); - ecdhDecodeFromSharedSecret(masked, sharedSec1); - } } diff --git a/src/ringct/rctOps.h b/src/ringct/rctOps.h index 225c5abb9..1e71c645d 100644 --- a/src/ringct/rctOps.h +++ b/src/ringct/rctOps.h @@ -165,9 +165,7 @@ namespace rct { //Elliptic Curve Diffie Helman: encodes and decodes the amount b and mask a // where C= aG + bH - void ecdhEncodeFromSharedSecret(ecdhTuple & unmasked, const key & sharedSec1); - void ecdhEncode(ecdhTuple & unmasked, const key & receiverPk); - void ecdhDecodeFromSharedSecret(ecdhTuple & masked, const key & sharedSec1); - void ecdhDecode(ecdhTuple & masked, const key & receiverSk); + void ecdhEncode(ecdhTuple & unmasked, const key & sharedSec); + void ecdhDecode(ecdhTuple & masked, const key & sharedSec); } #endif /* RCTOPS_H */ diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp index d42be0fcc..73c124067 100644 --- a/src/ringct/rctSigs.cpp +++ b/src/ringct/rctSigs.cpp @@ -613,7 +613,7 @@ namespace rct { //mask amount and mask rv.ecdhInfo[i].mask = copy(outSk[i].mask); rv.ecdhInfo[i].amount = d2h(amounts[i]); - ecdhEncodeFromSharedSecret(rv.ecdhInfo[i], amount_keys[i]); + ecdhEncode(rv.ecdhInfo[i], amount_keys[i]); } @@ -679,7 +679,7 @@ namespace rct { //mask amount and mask rv.ecdhInfo[i].mask = copy(outSk[i].mask); rv.ecdhInfo[i].amount = d2h(outamounts[i]); - ecdhEncodeFromSharedSecret(rv.ecdhInfo[i], amount_keys[i]); + ecdhEncode(rv.ecdhInfo[i], amount_keys[i]); } //set txn fee @@ -821,7 +821,7 @@ namespace rct { //decodeRct: (c.f. http://eprint.iacr.org/2015/1098 section 5.1.1) // uses the attached ecdh info to find the amounts represented by each output commitment // must know the destination private key to find the correct amount, else will return a random number - static xmr_amount decodeRctMain(const rctSig & rv, const key & sk, unsigned int i, key & mask, void (*decode)(ecdhTuple&, const key&)) { + xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask) { CHECK_AND_ASSERT_MES(rv.type == RCTTypeFull, false, "decodeRct called on non-full rctSig"); CHECK_AND_ASSERT_THROW_MES(rv.p.rangeSigs.size() > 0, "Empty rv.p.rangeSigs"); CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.p.rangeSigs.size(), "Mismatched sizes of rv.outPk and rv.p.rangeSigs"); @@ -829,7 +829,7 @@ namespace rct { //mask amount and mask ecdhTuple ecdh_info = rv.ecdhInfo[i]; - (*decode)(ecdh_info, sk); + ecdhDecode(ecdh_info, sk); mask = ecdh_info.mask; key amount = ecdh_info.amount; key C = rv.outPk[i].mask; @@ -845,20 +845,12 @@ namespace rct { return h2d(amount); } - xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask) { - return decodeRctMain(rv, sk, i, mask, &ecdhDecode); - } - - xmr_amount decodeRctFromSharedSecret(const rctSig & rv, const key & sk, unsigned int i, key & mask) { - return decodeRctMain(rv, sk, i, mask, &ecdhDecodeFromSharedSecret); - } - xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i) { key mask; return decodeRct(rv, sk, i, mask); } - static xmr_amount decodeRctSimpleMain(const rctSig & rv, const key & sk, unsigned int i, key &mask, void (*decode)(ecdhTuple &ecdh, const key&)) { + xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key &mask) { CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple, false, "decodeRct called on non simple rctSig"); CHECK_AND_ASSERT_THROW_MES(rv.p.rangeSigs.size() > 0, "Empty rv.p.rangeSigs"); CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.p.rangeSigs.size(), "Mismatched sizes of rv.outPk and rv.p.rangeSigs"); @@ -866,7 +858,7 @@ namespace rct { //mask amount and mask ecdhTuple ecdh_info = rv.ecdhInfo[i]; - (*decode)(ecdh_info, sk); + ecdhDecode(ecdh_info, sk); mask = ecdh_info.mask; key amount = ecdh_info.amount; key C = rv.outPk[i].mask; @@ -882,14 +874,6 @@ namespace rct { return h2d(amount); } - xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key &mask) { - return decodeRctSimpleMain(rv, sk, i, mask, &ecdhDecode); - } - - xmr_amount decodeRctSimpleFromSharedSecret(const rctSig & rv, const key & sk, unsigned int i, key &mask) { - return decodeRctSimpleMain(rv, sk, i, mask, &ecdhDecodeFromSharedSecret); - } - xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i) { key mask; return decodeRctSimple(rv, sk, i, mask); diff --git a/src/ringct/rctSigs.h b/src/ringct/rctSigs.h index bf9d4be81..8a686bd64 100644 --- a/src/ringct/rctSigs.h +++ b/src/ringct/rctSigs.h @@ -142,9 +142,7 @@ namespace rct { bool verRct(const rctSig & rv); bool verRctSimple(const rctSig & rv); xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask); - xmr_amount decodeRctFromSharedSecret(const rctSig & rv, const key & sk, unsigned int i, key & mask); xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i); - xmr_amount decodeRctSimpleFromSharedSecret(const rctSig & rv, const key & sk, unsigned int i, key & mask); xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key & mask); xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i); } |