From 008ba5cf8993221fe236b94a2aadbf6f60739b01 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Wed, 9 Feb 2022 19:24:29 +0100 Subject: [PATCH] implement CS refresh-reveal signing, simplify TEH keys logic --- src/exchange/taler-exchange-httpd_keys.c | 12 +++--- src/exchange/taler-exchange-httpd_keys.h | 41 +------------------ .../taler-exchange-httpd_refreshes_reveal.c | 9 +--- src/exchange/taler-exchange-httpd_withdraw.c | 32 ++------------- 4 files changed, 14 insertions(+), 80 deletions(-) diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c index 3fa1007ce..81ebf291b 100644 --- a/src/exchange/taler-exchange-httpd_keys.c +++ b/src/exchange/taler-exchange-httpd_keys.c @@ -2415,7 +2415,7 @@ TEH_keys_denomination_by_hash2 ( struct TALER_BlindedDenominationSignature TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub, - const struct TEH_SignDetails *msg, + const struct TALER_BlindedPlanchet *bp, enum TALER_ErrorCode *ec) { struct TEH_KeyStateHandle *ksh; @@ -2438,7 +2438,7 @@ TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub, *ec = TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN; return none; } - if (msg->cipher != hd->denom_pub.cipher) + if (bp->cipher != hd->denom_pub.cipher) { *ec = TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE; return none; @@ -2448,13 +2448,15 @@ TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub, case TALER_DENOMINATION_RSA: return TALER_CRYPTO_helper_rsa_sign (ksh->helpers->rsadh, &hd->h_details.h_rsa, - msg->details.rsa_message.msg, - msg->details.rsa_message.msg_size, + bp->details.rsa_blinded_planchet. + blinded_msg, + bp->details.rsa_blinded_planchet. + blinded_msg_size, ec); case TALER_DENOMINATION_CS: return TALER_CRYPTO_helper_cs_sign (ksh->helpers->csdh, &hd->h_details.h_cs, - &msg->details.cs_message, + &bp->details.cs_blinded_planchet, ec); default: *ec = TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE; diff --git a/src/exchange/taler-exchange-httpd_keys.h b/src/exchange/taler-exchange-httpd_keys.h index 0cab75070..6dbd0d195 100644 --- a/src/exchange/taler-exchange-httpd_keys.h +++ b/src/exchange/taler-exchange-httpd_keys.h @@ -82,42 +82,6 @@ struct TEH_DenominationKey }; -struct TEH_SignDetails_RSA -{ - /** - * message to sign - */ - const void *msg; - - /** - * number of bytes in msg - */ - size_t msg_size; -}; - - -struct TEH_SignDetails -{ - /** - * Cipher type of the message - */ - enum TALER_DenominationCipher cipher; - - union - { - /** - * If we use #TALER_DENOMINATION_RSA in @a cipher. - */ - struct TEH_SignDetails_RSA rsa_message; - - /** - * If we use #TALER_DENOMINATION_CS in @a cipher. - */ - struct TALER_BlindedCsPlanchet cs_message; - } details; -}; - - /** * Snapshot of the (coin and signing) keys (including private keys) of * the exchange. There can be multiple instances of this struct, as it is @@ -207,15 +171,14 @@ TEH_keys_denomination_by_hash2 (struct TEH_KeyStateHandle *ksh, * @a h_denom_pub. * * @param h_denom_pub hash of the public key to use to sign - * @param msg message to sign - * @param msg_size number of bytes in @a msg + * @param bp blinded planchet to sign * @param[out] ec set to the error code (or #TALER_EC_NONE on success) * @return signature, the value inside the structure will be NULL on failure, * see @a ec for details about the failure */ struct TALER_BlindedDenominationSignature TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub, - const struct TEH_SignDetails *msg, + const struct TALER_BlindedPlanchet *bp, enum TALER_ErrorCode *ec); diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c index 646728ecd..568278144 100644 --- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c +++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c @@ -603,18 +603,11 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection, for (unsigned int i = 0; inum_fresh_coins; i++) { enum TALER_ErrorCode ec = TALER_EC_NONE; - struct TEH_SignDetails sign_details; - const struct TALER_BlindedRsaPlanchet *rp; - // FIXME: implement cipher handling - rp = &rcds[i].blinded_planchet.details.rsa_blinded_planchet; - sign_details.cipher = TALER_DENOMINATION_RSA; - sign_details.details.rsa_message.msg = rp->blinded_msg; - sign_details.details.rsa_message.msg_size = rp->blinded_msg_size; rrcs[i].coin_sig = TEH_keys_denomination_sign ( &rrcs[i].h_denom_pub, - &sign_details, + &rcds[i].blinded_planchet, &ec); if (TALER_EC_NONE != ec) { diff --git a/src/exchange/taler-exchange-httpd_withdraw.c b/src/exchange/taler-exchange-httpd_withdraw.c index 5cae883e2..adac25659 100644 --- a/src/exchange/taler-exchange-httpd_withdraw.c +++ b/src/exchange/taler-exchange-httpd_withdraw.c @@ -502,34 +502,10 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc, /* Sign before transaction! */ ec = TALER_EC_NONE; - { - struct TEH_SignDetails sign_details; - sign_details.cipher = wc.blinded_planchet.cipher; - switch (wc.blinded_planchet.cipher) - { - case TALER_DENOMINATION_RSA: - sign_details.details.rsa_message.msg = - wc.blinded_planchet.details.rsa_blinded_planchet.blinded_msg; - sign_details.details.rsa_message.msg_size = - wc.blinded_planchet.details.rsa_blinded_planchet.blinded_msg_size; - break; - case TALER_DENOMINATION_CS: - sign_details.details.cs_message = - wc.blinded_planchet.details.cs_blinded_planchet; - break; - default: - GNUNET_break (0); - GNUNET_JSON_parse_free (spec); - return TALER_MHD_reply_with_error (rc->connection, - MHD_HTTP_FORBIDDEN, - TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE, - NULL); - } - wc.collectable.sig = TEH_keys_denomination_sign ( - &wc.collectable.denom_pub_hash, - &sign_details, - &ec); - } + wc.collectable.sig = TEH_keys_denomination_sign ( + &wc.collectable.denom_pub_hash, + &wc.blinded_planchet, + &ec); if (TALER_EC_NONE != ec) { GNUNET_break (0);