diff options
| author | Christian Grothoff <christian@grothoff.org> | 2021-10-09 16:11:04 +0200 | 
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2021-10-09 16:11:04 +0200 | 
| commit | d8922f82e5f6853c35a8a282e51471da908bdacf (patch) | |
| tree | 191edb2430ea64987258dfd423051b4ae1db6c22 /src | |
| parent | 676ccdc06589d4af329d016c04d79d71697092d1 (diff) | |
-introduce 'struct TALER_WireSalt'
Diffstat (limited to 'src')
| -rw-r--r-- | src/include/taler_crypto_lib.h | 20 | ||||
| -rw-r--r-- | src/json/json_wire.c | 21 | ||||
| -rw-r--r-- | src/util/crypto_wire.c | 28 | 
3 files changed, 52 insertions, 17 deletions
| diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 71579170..0284fc55 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -359,6 +359,20 @@ struct TALER_ClaimTokenP  }; +/** + * Salt used to hash a merchant's payto:// URI to + * compute the "h_wire" (say for deposit requests). + */ +struct TALER_WireSalt +{ +  /** +   * Actual salt value. +   * FIXME: #7032: change to 16 byte value! +   */ +  struct GNUNET_HashCode data; +}; + +  GNUNET_NETWORK_STRUCT_END @@ -1658,7 +1672,7 @@ TALER_exchange_wire_signature_make (   */  void  TALER_merchant_wire_signature_hash (const char *payto_uri, -                                    const char *salt, +                                    const struct TALER_WireSalt *salt,                                      struct GNUNET_HashCode *hc); @@ -1674,7 +1688,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri,  enum GNUNET_GenericReturnValue  TALER_merchant_wire_signature_check (    const char *payto_uri, -  const char *salt, +  const struct TALER_WireSalt *salt,    const struct TALER_MerchantPublicKeyP *merch_pub,    const struct TALER_MerchantSignatureP *merch_sig); @@ -1690,7 +1704,7 @@ TALER_merchant_wire_signature_check (  void  TALER_merchant_wire_signature_make (    const char *payto_uri, -  const char *salt, +  const struct TALER_WireSalt *salt,    const struct TALER_MerchantPrivateKeyP *merch_priv,    struct TALER_MerchantSignatureP *merch_sig); diff --git a/src/json/json_wire.c b/src/json/json_wire.c index e8620728..7ec21da6 100644 --- a/src/json/json_wire.c +++ b/src/json/json_wire.c @@ -1,6 +1,6 @@  /*    This file is part of TALER -  Copyright (C) 2018 Taler Systems SA +  Copyright (C) 2018, 2021 Taler Systems SA    TALER is free software; you can redistribute it and/or modify it under the    terms of the GNU General Public License as published by the Free Software @@ -37,13 +37,12 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,                                           struct GNUNET_HashCode *hc)  {    const char *payto_uri; -  const char *salt; -  /* Current merchant backend will always make the salt -     a `struct GNUNET_HashCode`, but *we* do not insist -     on that. */ +  struct TALER_WireSalt salt;    struct GNUNET_JSON_Specification spec[] = { -    GNUNET_JSON_spec_string ("payto_uri", &payto_uri), -    GNUNET_JSON_spec_string ("salt", &salt), +    GNUNET_JSON_spec_string ("payto_uri", +                             &payto_uri), +    GNUNET_JSON_spec_fixed_auto ("salt", +                                 &salt),      GNUNET_JSON_spec_end ()    }; @@ -73,7 +72,7 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,      }    }    TALER_merchant_wire_signature_hash (payto_uri, -                                      salt, +                                      &salt,                                        hc);    return GNUNET_OK;  } @@ -95,8 +94,10 @@ TALER_JSON_exchange_wire_signature_check (    const char *payto_uri;    struct TALER_MasterSignatureP master_sig;    struct GNUNET_JSON_Specification spec[] = { -    GNUNET_JSON_spec_string ("payto_uri", &payto_uri), -    GNUNET_JSON_spec_fixed_auto ("master_sig", &master_sig), +    GNUNET_JSON_spec_string ("payto_uri", +                             &payto_uri), +    GNUNET_JSON_spec_fixed_auto ("master_sig", +                                 &master_sig),      GNUNET_JSON_spec_end ()    }; diff --git a/src/util/crypto_wire.c b/src/util/crypto_wire.c index 0d31720a..ee3215ca 100644 --- a/src/util/crypto_wire.c +++ b/src/util/crypto_wire.c @@ -110,19 +110,39 @@ TALER_exchange_wire_signature_make (   */  void  TALER_merchant_wire_signature_hash (const char *payto_uri, -                                    const char *salt, +                                    const struct TALER_WireSalt *salt,                                      struct GNUNET_HashCode *hc)  { +#if FIXED_7032 +  /* new logic to use once #7032 is being addressed */    GNUNET_assert (GNUNET_YES ==                   GNUNET_CRYPTO_kdf (hc,                                      sizeof (*hc),                                      salt, -                                    strlen (salt) + 1, +                                    sizeof (*salt),                                      payto_uri,                                      strlen (payto_uri) + 1,                                      "merchant-wire-signature",                                      strlen ("merchant-wire-signature"),                                      NULL, 0)); +#else +  /* compatibility logic to avoid protocol breakage... */ +  char *sstr; + +  sstr = GNUNET_STRINGS_data_to_string_alloc (salt, +                                              sizeof (*salt)); +  GNUNET_assert (GNUNET_YES == +                 GNUNET_CRYPTO_kdf (hc, +                                    sizeof (*hc), +                                    sstr, +                                    strlen (sstr) + 1, +                                    payto_uri, +                                    strlen (payto_uri) + 1, +                                    "merchant-wire-signature", +                                    strlen ("merchant-wire-signature"), +                                    NULL, 0)); +  GNUNET_free (sstr); +#endif  } @@ -146,7 +166,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri,  enum GNUNET_GenericReturnValue  TALER_merchant_wire_signature_check (    const char *payto_uri, -  const char *salt, +  const struct TALER_WireSalt *salt,    const struct TALER_MerchantPublicKeyP *merch_pub,    const struct TALER_MerchantSignatureP *merch_sig)  { @@ -176,7 +196,7 @@ TALER_merchant_wire_signature_check (  void  TALER_merchant_wire_signature_make (    const char *payto_uri, -  const char *salt, +  const struct TALER_WireSalt *salt,    const struct TALER_MerchantPrivateKeyP *merch_priv,    struct TALER_MerchantSignatureP *merch_sig)  { | 
