diff options
| author | Christian Grothoff <christian@grothoff.org> | 2015-03-24 17:53:13 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2015-03-24 17:53:13 +0100 |
| commit | 324bf3f980542cb9f209ee7edc6f142c5c34e5a2 (patch) | |
| tree | df399447258fc9233706575f72a5f3d9df91c30c /src | |
| parent | d5acf537323bc8c2e04844b4d0c2521406011db8 (diff) | |
fix #3484: sign over full key set as well
Diffstat (limited to 'src')
| -rw-r--r-- | src/include/taler_signatures.h | 32 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_keystate.c | 21 |
2 files changed, 51 insertions, 2 deletions
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 3ad97a57..007a309f 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -83,6 +83,11 @@ */ #define TALER_SIGNATURE_MINT_DEPOSIT 7 +/** + * Signature where the Mint confirms the full /keys response set. + */ +#define TALER_SIGNATURE_KEYS_SET 8 + /***********************/ /* Merchant signatures */ @@ -346,6 +351,31 @@ struct TALER_MINT_SignKeyIssue /** + * Signature made by the mint over the full set of keys, used + * to detect cheating mints that give out different sets to + * different users. + */ +struct TALER_MINT_KeySetSignature +{ + + /** + * Purpose is #TALER_SIGNATURE_KEYS_SET + */ + struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + + /** + * Time of the key set issue. + */ + struct GNUNET_TIME_AbsoluteNBO list_issue_date; + + /** + * Hash over the "inner" JSON with the key set. + */ + struct GNUNET_HashCode hc; +}; + + +/** * Information about a denomination key. Denomination keys * are used to sign coins of a certain value into existence. */ @@ -358,7 +388,7 @@ struct TALER_MINT_DenomKeyIssue struct TALER_MasterSignature signature; /** - * Purpose ist #TALER_SIGNATURE_MASTER_DENOM. + * Purpose is #TALER_SIGNATURE_MASTER_DENOM. */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c index b795323e..c29c5c51 100644 --- a/src/mint/taler-mint-httpd_keystate.c +++ b/src/mint/taler-mint-httpd_keystate.c @@ -378,6 +378,9 @@ TALER_MINT_key_state_acquire (void) struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get (); struct MintKeyState *key_state; json_t *keys; + char *inner; + struct TALER_MINT_KeySetSignature ks; + struct TALER_MintSignature sig; GNUNET_assert (0 == pthread_mutex_lock (&internal_key_state_mutex)); if (internal_key_state->next_reload.abs_value_us <= now.abs_value_us) @@ -413,8 +416,24 @@ TALER_MINT_key_state_acquire (void) "signkeys", key_state->sign_keys_array, "denoms", key_state->denom_keys_array, "list_issue_date", TALER_JSON_from_abs (key_state->reload_time)); + inner = json_dumps (keys, + JSON_INDENT(2)); + ks.purpose.size = htonl (sizeof (ks)); + ks.purpose.purpose = htonl (TALER_SIGNATURE_KEYS_SET); + ks.list_issue_date = GNUNET_TIME_absolute_hton (key_state->reload_time); + GNUNET_CRYPTO_hash (inner, + strlen (inner), + &ks.hc); + GNUNET_free (inner); + TALER_MINT_keys_sign (&ks.purpose, + &sig); + keys = json_pack ("{s:o, s:o}", + "keys", keys, + "eddsa-signature", TALER_JSON_from_eddsa_sig (&ks.purpose, + &sig.eddsa_signature)); key_state->keys_json = json_dumps (keys, - JSON_INDENT(2)); + JSON_INDENT (2)); + json_decref (keys); internal_key_state = key_state; } key_state = internal_key_state; |