diff options
| author | Christian Grothoff <christian@grothoff.org> | 2015-03-24 17:53:13 +0100 | 
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2015-03-24 17:53:13 +0100 | 
| commit | 324bf3f980542cb9f209ee7edc6f142c5c34e5a2 (patch) | |
| tree | df399447258fc9233706575f72a5f3d9df91c30c | |
| parent | d5acf537323bc8c2e04844b4d0c2521406011db8 (diff) | |
fix #3484: sign over full key set as well
| -rw-r--r-- | src/include/taler_signatures.h | 32 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_keystate.c | 21 | 
2 files changed, 51 insertions, 2 deletions
| diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 3ad97a57..007a309f 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -83,6 +83,11 @@   */  #define TALER_SIGNATURE_MINT_DEPOSIT 7 +/** + * Signature where the Mint confirms the full /keys response set. + */ +#define TALER_SIGNATURE_KEYS_SET 8 +  /***********************/  /* Merchant signatures */ @@ -346,6 +351,31 @@ struct TALER_MINT_SignKeyIssue  /** + * Signature made by the mint over the full set of keys, used + * to detect cheating mints that give out different sets to + * different users. + */ +struct TALER_MINT_KeySetSignature +{ + +  /** +   * Purpose is #TALER_SIGNATURE_KEYS_SET +   */ +  struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + +  /** +   * Time of the key set issue. +   */ +  struct GNUNET_TIME_AbsoluteNBO list_issue_date; + +  /** +   * Hash over the "inner" JSON with the key set. +   */ +  struct GNUNET_HashCode hc; +}; + + +/**   * Information about a denomination key. Denomination keys   * are used to sign coins of a certain value into existence.   */ @@ -358,7 +388,7 @@ struct TALER_MINT_DenomKeyIssue    struct TALER_MasterSignature signature;    /** -   * Purpose ist #TALER_SIGNATURE_MASTER_DENOM. +   * Purpose is #TALER_SIGNATURE_MASTER_DENOM.     */    struct GNUNET_CRYPTO_EccSignaturePurpose purpose; diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c index b795323e..c29c5c51 100644 --- a/src/mint/taler-mint-httpd_keystate.c +++ b/src/mint/taler-mint-httpd_keystate.c @@ -378,6 +378,9 @@ TALER_MINT_key_state_acquire (void)    struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();    struct MintKeyState *key_state;    json_t *keys; +  char *inner; +  struct TALER_MINT_KeySetSignature ks; +  struct TALER_MintSignature sig;    GNUNET_assert (0 == pthread_mutex_lock (&internal_key_state_mutex));    if (internal_key_state->next_reload.abs_value_us <= now.abs_value_us) @@ -413,8 +416,24 @@ TALER_MINT_key_state_acquire (void)                        "signkeys", key_state->sign_keys_array,                        "denoms", key_state->denom_keys_array,                        "list_issue_date", TALER_JSON_from_abs (key_state->reload_time)); +    inner = json_dumps (keys, +                        JSON_INDENT(2)); +    ks.purpose.size = htonl (sizeof (ks)); +    ks.purpose.purpose = htonl (TALER_SIGNATURE_KEYS_SET); +    ks.list_issue_date = GNUNET_TIME_absolute_hton (key_state->reload_time); +    GNUNET_CRYPTO_hash (inner, +                        strlen (inner), +                        &ks.hc); +    GNUNET_free (inner); +    TALER_MINT_keys_sign (&ks.purpose, +                          &sig); +    keys = json_pack ("{s:o, s:o}", +                      "keys", keys, +                      "eddsa-signature", TALER_JSON_from_eddsa_sig (&ks.purpose, +                                                                    &sig.eddsa_signature));      key_state->keys_json = json_dumps (keys, -                                       JSON_INDENT(2)); +                                       JSON_INDENT (2)); +    json_decref (keys);      internal_key_state = key_state;    }    key_state = internal_key_state; | 
