diff options
| author | Thien-Thi Nguyen <ttn@gnuvola.org> | 2022-04-21 06:16:33 -0400 | 
|---|---|---|
| committer | Thien-Thi Nguyen <ttn@gnuvola.org> | 2022-04-22 20:29:45 -0400 | 
| commit | a72337a5f39b4e826055974fbc5a3261759ebbec (patch) | |
| tree | e5baa6f43098d50cd2508ad719df5a5cb9db818d | |
| parent | e40a16aa8ea1b5f7257b0bf04d7413c2ad77d3d3 (diff) | |
Add abstractions: TALER_exchange_deposit_{sign,verify}
This change also removes ‘struct TALER_DepositTrackPS’
from the public API.
* src/include/taler_signatures.h (struct TALER_DepositTrackPS): Delete.
* src/util/exchange_signatures.c (struct TALER_DepositTrackPS): New.
  (TALER_exchange_deposit_sign): New func.
  (TALER_exchange_deposit_verify): New func.
* src/include/taler_crypto_lib.h
  (TALER_exchange_deposit_sign): New func decl.
  (TALER_exchange_deposit_verify): New func decl.
* src/exchange/taler-exchange-httpd_deposits_get.c
  (TEH_handler_deposits_get): Rework to use ‘TALER_exchange_deposit_verify’.
* src/lib/exchange_api_deposits_get.c
  (TALER_EXCHANGE_deposits_get): Rework to use ‘taler_exchange_deposit_sign’.
| -rw-r--r-- | src/exchange/taler-exchange-httpd_deposits_get.c | 18 | ||||
| -rw-r--r-- | src/include/taler_crypto_lib.h | 40 | ||||
| -rw-r--r-- | src/include/taler_signatures.h | 36 | ||||
| -rw-r--r-- | src/lib/exchange_api_deposits_get.c | 24 | ||||
| -rw-r--r-- | src/util/exchange_signatures.c | 87 | 
5 files changed, 142 insertions, 63 deletions
| diff --git a/src/exchange/taler-exchange-httpd_deposits_get.c b/src/exchange/taler-exchange-httpd_deposits_get.c index fdb1a606..509b8a21 100644 --- a/src/exchange/taler-exchange-httpd_deposits_get.c +++ b/src/exchange/taler-exchange-httpd_deposits_get.c @@ -328,20 +328,12 @@ TEH_handler_deposits_get (struct TEH_RequestContext *rc,      return MHD_YES; /* parse error */    TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;    { -    struct TALER_DepositTrackPS tps = { -      .purpose.size = htonl (sizeof (tps)), -      .purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION), -      .merchant = ctx.merchant, -      .coin_pub = ctx.coin_pub, -      .h_contract_terms = ctx.h_contract_terms, -      .h_wire = ctx.h_wire -    }; -      if (GNUNET_OK != -        GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION, -                                    &tps, -                                    &merchant_sig.eddsa_sig, -                                    &tps.merchant.eddsa_pub)) +        TALER_exchange_deposit_verify (&ctx.merchant, +                                       &ctx.coin_pub, +                                       &ctx.h_contract_terms, +                                       &ctx.h_wire, +                                       &merchant_sig))      {        GNUNET_break_op (0);        return TALER_MHD_reply_with_error (rc->connection, diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 1e4a278c..2cf4c8f4 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -3370,6 +3370,46 @@ TALER_merchant_refund_verify (    const struct TALER_MerchantSignatureP *merchant_sig); +/* ********************* exchange deposit signing ************************* */ + +/** + * Sign a deposit. + * + * @param h_contract_terms hash of contract terms + * @param h_wire hash of the merchant account details + * @param coin_pub coin to be deposited + * @param merchant_pub merchant public key + * @param merchant_priv private key to sign with + * @param[out] merchant_sig where to write the signature + */ +void +TALER_exchange_deposit_sign ( +  const struct TALER_PrivateContractHashP *h_contract_terms, +  const struct TALER_MerchantWireHashP *h_wire, +  const struct TALER_CoinSpendPublicKeyP *coin_pub, +  const struct TALER_MerchantPublicKeyP *merchant_pub, +  const struct TALER_MerchantPrivateKeyP *merchant_priv, +  struct TALER_MerchantSignatureP *merchant_sig); + +/** + * Verify a deposit. + * + * @param merchant merchant public key + * @param public key of the deposited coin + * @param h_contract_terms hash of contract terms + * @param h_wire hash of the merchant account details + * @param merchant_sig signature of the merchant + * @return #GNUNET_OK if the signature is valid + */ +enum GNUNET_GenericReturnValue +TALER_exchange_deposit_verify ( +  const struct TALER_MerchantPublicKeyP *merchant, +  const struct TALER_CoinSpendPublicKeyP *coin_pub, +  const struct TALER_PrivateContractHashP *h_contract_terms, +  const struct TALER_MerchantWireHashP *h_wire, +  const struct TALER_MerchantSignatureP *merchant_sig); + +  /* ********************* exchange online signing ************************** */ diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 0137ff65..81e74268 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -386,42 +386,6 @@  GNUNET_NETWORK_STRUCT_BEGIN -/** - * @brief Format used to generate the signature on a request to obtain - * the wire transfer identifier associated with a deposit. - */ -struct TALER_DepositTrackPS -{ -  /** -   * Purpose must be #TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION. -   */ -  struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - -  /** -   * Hash over the proposal data of the contract for which this deposit is made. -   */ -  struct TALER_PrivateContractHashP h_contract_terms GNUNET_PACKED; - -  /** -   * Hash over the wiring information of the merchant. -   */ -  struct TALER_MerchantWireHashP h_wire GNUNET_PACKED; - -  /** -   * The Merchant's public key.  The deposit inquiry request is to be -   * signed by the corresponding private key (using EdDSA). -   */ -  struct TALER_MerchantPublicKeyP merchant; - -  /** -   * The coin's public key.  This is the value that must have been -   * signed (blindly) by the Exchange. -   */ -  struct TALER_CoinSpendPublicKeyP coin_pub; - -}; - -  GNUNET_NETWORK_STRUCT_END  #endif diff --git a/src/lib/exchange_api_deposits_get.c b/src/lib/exchange_api_deposits_get.c index 32c60f1f..6a212de3 100644 --- a/src/lib/exchange_api_deposits_get.c +++ b/src/lib/exchange_api_deposits_get.c @@ -301,7 +301,7 @@ TALER_EXCHANGE_deposits_get (    TALER_EXCHANGE_DepositGetCallback cb,    void *cb_cls)  { -  struct TALER_DepositTrackPS dtp; +  struct TALER_MerchantPublicKeyP merchant;    struct TALER_MerchantSignatureP merchant_sig;    struct TALER_EXCHANGE_DepositGetHandle *dwh;    struct GNUNET_CURL_Context *ctx; @@ -318,18 +318,14 @@ TALER_EXCHANGE_deposits_get (      GNUNET_break (0);      return NULL;    } -  // FIXME: move to helper! -  dtp.purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION); -  dtp.purpose.size = htonl (sizeof (dtp)); -  dtp.h_contract_terms = *h_contract_terms; -  dtp.h_wire = *h_wire;    GNUNET_CRYPTO_eddsa_key_get_public (&merchant_priv->eddsa_priv, -                                      &dtp.merchant.eddsa_pub); - -  dtp.coin_pub = *coin_pub; -  GNUNET_CRYPTO_eddsa_sign (&merchant_priv->eddsa_priv, -                            &dtp, -                            &merchant_sig.eddsa_sig); +                                      &merchant.eddsa_pub); +  TALER_exchange_deposit_sign (h_contract_terms, +                               h_wire, +                               coin_pub, +                               &merchant, +                               merchant_priv, +                               &merchant_sig);    {      char cpub_str[sizeof (struct TALER_CoinSpendPublicKeyP) * 2];      char mpub_str[sizeof (struct TALER_MerchantPublicKeyP) * 2]; @@ -343,8 +339,8 @@ TALER_EXCHANGE_deposits_get (                                           whash_str,                                           sizeof (whash_str));      *end = '\0'; -    end = GNUNET_STRINGS_data_to_string (&dtp.merchant, -                                         sizeof (dtp.merchant), +    end = GNUNET_STRINGS_data_to_string (&merchant, +                                         sizeof (merchant),                                           mpub_str,                                           sizeof (mpub_str));      *end = '\0'; diff --git a/src/util/exchange_signatures.c b/src/util/exchange_signatures.c index d6214ab3..deacf32e 100644 --- a/src/util/exchange_signatures.c +++ b/src/util/exchange_signatures.c @@ -26,6 +26,93 @@  GNUNET_NETWORK_STRUCT_BEGIN  /** + * @brief Format used to generate the signature on a request to obtain + * the wire transfer identifier associated with a deposit. + */ +struct TALER_DepositTrackPS +{ +  /** +   * Purpose must be #TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION. +   */ +  struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + +  /** +   * Hash over the proposal data of the contract for which this deposit is made. +   */ +  struct TALER_PrivateContractHashP h_contract_terms GNUNET_PACKED; + +  /** +   * Hash over the wiring information of the merchant. +   */ +  struct TALER_MerchantWireHashP h_wire GNUNET_PACKED; + +  /** +   * The Merchant's public key.  The deposit inquiry request is to be +   * signed by the corresponding private key (using EdDSA). +   */ +  struct TALER_MerchantPublicKeyP merchant; + +  /** +   * The coin's public key.  This is the value that must have been +   * signed (blindly) by the Exchange. +   */ +  struct TALER_CoinSpendPublicKeyP coin_pub; + +}; + +GNUNET_NETWORK_STRUCT_END + + +void +TALER_exchange_deposit_sign ( +  const struct TALER_PrivateContractHashP *h_contract_terms, +  const struct TALER_MerchantWireHashP *h_wire, +  const struct TALER_CoinSpendPublicKeyP *coin_pub, +  const struct TALER_MerchantPublicKeyP *merchant_pub, +  const struct TALER_MerchantPrivateKeyP *merchant_priv, +  struct TALER_MerchantSignatureP *merchant_sig) +{ +  struct TALER_DepositTrackPS dtp = { +    .purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION), +    .purpose.size = htonl (sizeof (dtp)), +    .h_contract_terms = *h_contract_terms, +    .h_wire = *h_wire, +    .merchant = *merchant_pub, +    .coin_pub = *coin_pub +  }; +  GNUNET_CRYPTO_eddsa_sign (&merchant_priv->eddsa_priv, +                            &dtp, +                            &merchant_sig->eddsa_sig); +} + +enum GNUNET_GenericReturnValue +TALER_exchange_deposit_verify ( +  const struct TALER_MerchantPublicKeyP *merchant, +  const struct TALER_CoinSpendPublicKeyP *coin_pub, +  const struct TALER_PrivateContractHashP *h_contract_terms, +  const struct TALER_MerchantWireHashP *h_wire, +  const struct TALER_MerchantSignatureP *merchant_sig) +{ +  struct TALER_DepositTrackPS tps = { +    .purpose.size = htonl (sizeof (tps)), +    .purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION), +    .merchant = *merchant, +    .coin_pub = *coin_pub, +    .h_contract_terms = *h_contract_terms, +    .h_wire = *h_wire +  }; + +  return +    GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION, +                                &tps, +                                &merchant_sig->eddsa_sig, +                                &tps.merchant.eddsa_pub); +} + + +GNUNET_NETWORK_STRUCT_BEGIN + +/**   * @brief Format used to generate the signature on a confirmation   * from the exchange that a deposit request succeeded.   */ | 
