taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

moving structs relevant for signatures into taler_signatures.h, splitting of private keys that are not in messages; moving test_hash_context to GNUnet

Browse Source
This commit is contained in:
Christian Grothoff 2015-01-09 18:18:59 +01:00
parent f5e49d926a
commit 0430d6fb03
25 changed files with 390 additions and 402 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README
View File

@ -0,0 +1,14 @@
Project structure is currently as follows:
src/include/
-- installed headers for public APIs
src/util/
-- common utility functions (to be ideally eliminated)
src/mint/
-- taler mint server and helper binaries
src/lib/
-- libtalermint: C API to issue HTTP requests to mint, including testcases

1
configure.ac
View File

@ -152,5 +152,6 @@ AC_CONFIG_FILES([Makefile
src/include/Makefile src/include/Makefile
src/util/Makefile src/util/Makefile
src/mint/Makefile src/mint/Makefile
src/lib/Makefile
]) ])
AC_OUTPUT AC_OUTPUT

2
src/Makefile.am
View File

@ -1,2 +1,2 @@
AM_CPPFLAGS = -I$(top_srcdir)/src/include AM_CPPFLAGS = -I$(top_srcdir)/src/include
SUBDIRS = include util mint SUBDIRS = include util mint lib

1
src/include/Makefile.am
View File

@ -7,5 +7,4 @@ talerinclude_HEADERS = \
taler_mint_service.h \ taler_mint_service.h \
taler_rsa.h \ taler_rsa.h \
taler_signatures.h \ taler_signatures.h \
taler_types.h \
taler_util.h taler_util.h

43
src/include/taler_mint_service.h
View File

@ -3,23 +3,21 @@
(C) 2014 Christian Grothoff (and other contributing authors) (C) 2014 Christian Grothoff (and other contributing authors)
TALER is free software; you can redistribute it and/or modify it under the TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software terms of the GNU Affero General Public License as published by the Free Software
Foundation; either version 3, or (at your option) any later version. Foundation; either version 3, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY TALER is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details. A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU General Public License along with You should have received a copy of the GNU Affero General Public License along with
TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/> TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/>
*/ */
/** /**
* @file include/taler_mint_service.h * @file include/taler_mint_service.h
* @brief C interface to the mint's HTTP API * @brief C interface of libtalermint, a C library to use mint's HTTP API
* @author Sree Harsha Totakura <sreeharsha@totakura.in> * @author Sree Harsha Totakura <sreeharsha@totakura.in>
*/ */
#ifndef _TALER_MINT_SERVICE_H #ifndef _TALER_MINT_SERVICE_H
#define _TALER_MINT_SERVICE_H #define _TALER_MINT_SERVICE_H
@ -166,8 +164,9 @@ struct TALER_MINT_KeysGetHandle;
* @param emsg if the asynchronous call could not be completed due to an error, * @param emsg if the asynchronous call could not be completed due to an error,
* this parameter contains a human readable error message * this parameter contains a human readable error message
*/ */
typedef void (*TALER_MINT_ContinuationCallback) (void *cls, typedef void
const char *emsg); (*TALER_MINT_ContinuationCallback) (void *cls,
const char *emsg);
/** /**
* Functions of this type are called to provide the retrieved signing and * Functions of this type are called to provide the retrieved signing and
@ -180,9 +179,10 @@ typedef void (*TALER_MINT_ContinuationCallback) (void *cls,
* @param denom_keys NULL-terminated array of pointers to the mint's * @param denom_keys NULL-terminated array of pointers to the mint's
* denomination keys; will be NULL if no signing keys are retrieved. * denomination keys; will be NULL if no signing keys are retrieved.
*/ */
typedef void (*TALER_MINT_KeysGetCallback) (void *cls, typedef void
struct TALER_MINT_SigningPublicKey **sign_keys, (*TALER_MINT_KeysGetCallback) (void *cls,
struct TALER_MINT_DenomPublicKey **denom_keys); struct TALER_MINT_SigningPublicKey **sign_keys,
struct TALER_MINT_DenomPublicKey **denom_keys);
/** /**
@ -190,15 +190,18 @@ typedef void (*TALER_MINT_KeysGetCallback) (void *cls,
* *
* @param mint handle to the mint * @param mint handle to the mint
* @param cb the callback to call with the keys * @param cb the callback to call with the keys
* @param cls closure for the above callback * @param cb_cls closure for the @a cb callback
* @param cont_cb the callback to call after completing this asynchronous call * @param cont_cb the callback to call after completing this asynchronous call
* @param cont_cls the closure for the continuation callback * @param cont_cls the closure for the @a cont_cb callback
* @return a handle to this asynchronous call; NULL upon eror * @return a handle to this asynchronous call; NULL upon eror
*/ */
struct TALER_MINT_KeysGetHandle * struct TALER_MINT_KeysGetHandle *
TALER_MINT_keys_get (struct TALER_MINT_Handle *mint, TALER_MINT_keys_get (struct TALER_MINT_Handle *mint,
TALER_MINT_KeysGetCallback cb, void *cls, TALER_MINT_KeysGetCallback cb,
TALER_MINT_ContinuationCallback cont_cb, void *cont_cls); void *cb_cls,
TALER_MINT_ContinuationCallback cont_cb,
void *cont_cls);
/** /**
* Cancel the asynchronous call initiated by TALER_MINT_keys_get(). This should * Cancel the asynchronous call initiated by TALER_MINT_keys_get(). This should
@ -229,10 +232,12 @@ struct TALER_MINT_DepositHandle;
* @param emsg in case of unsuccessful deposit, this contains a human readable * @param emsg in case of unsuccessful deposit, this contains a human readable
* explanation. * explanation.
*/ */
typedef void (*TALER_MINT_DepositResultCallback) (void *cls, typedef void
int status, (*TALER_MINT_DepositResultCallback) (void *cls,
json_t *obj, int status,
char *emsg); json_t *obj,
char *emsg);
/** /**
* Submit a deposit permission to the mint and get the mint's response * Submit a deposit permission to the mint and get the mint's response

143
src/include/taler_signatures.h
View File

@ -13,18 +13,25 @@
You should have received a copy of the GNU General Public License along with You should have received a copy of the GNU General Public License along with
TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/> TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/>
*/ */
/** /**
* @file taler-mint-keyup.c * @file taler_signatures.h
* @brief Update the mint's keys for coins and signatures, * @brief message formats and signature constants used to define
* using the mint's offline master key. * the binary formats of signatures in Taler
* @author Florian Dold * @author Florian Dold
* @author Benedikt Mueller * @author Benedikt Mueller
*
* This file should define the constants and C structs that one
* needs to know to implement Taler clients (wallets or merchants)
* that need to produce or verify Taler signatures.
*/ */
#ifndef TALER_SIGNATURES_H #ifndef TALER_SIGNATURES_H
#define TALER_SIGNATURES_H #define TALER_SIGNATURES_H
#include <gnunet/gnunet_util_lib.h>
#include "taler_rsa.h"
/** /**
* Purpose for signing public keys signed * Purpose for signing public keys signed
* by the mint master key. * by the mint master key.
@ -102,5 +109,133 @@
*/ */
#define TALER_SIGNATURE_INCREMENTAL_DEPOSIT 202 #define TALER_SIGNATURE_INCREMENTAL_DEPOSIT 202
GNUNET_NETWORK_STRUCT_BEGIN
/**
* Request to withdraw coins from a reserve.
*/
struct TALER_WithdrawRequest
{
/**
* Signature over the rest of the message
* by the withdraw public key.
*/
struct GNUNET_CRYPTO_EddsaSignature sig;
/**
* Purpose must be #TALER_SIGNATURE_WITHDRAW.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
/**
* Reserve public key.
*/
struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub;
/**
* Denomination public key for the coin that is withdrawn.
* FIXME: change to the hash of the public key (so this
* is fixed-size).
*/
struct TALER_RSA_PublicKeyBinaryEncoded denomination_pub;
/**
* Purpose containing coin's blinded public key.
*
* FIXME: this should be explicitly a variable-size field with the
* (blinded) message to be signed by the Mint.
*/
struct TALER_RSA_BlindedSignaturePurpose coin_envelope;
};
/**
* FIXME
*/
struct TALER_MINT_SignKeyIssue
{
struct GNUNET_CRYPTO_EddsaSignature signature;
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_CRYPTO_EddsaPublicKey master_pub;
struct GNUNET_TIME_AbsoluteNBO start;
struct GNUNET_TIME_AbsoluteNBO expire;
struct GNUNET_CRYPTO_EddsaPublicKey signkey_pub;
};
/**
* FIXME
*/
struct TALER_MINT_DenomKeyIssue
{
struct GNUNET_CRYPTO_EddsaSignature signature;
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_CRYPTO_EddsaPublicKey master;
struct GNUNET_TIME_AbsoluteNBO start;
struct GNUNET_TIME_AbsoluteNBO expire_withdraw;
struct GNUNET_TIME_AbsoluteNBO expire_spend;
struct TALER_RSA_PublicKeyBinaryEncoded denom_pub;
struct TALER_AmountNBO value;
struct TALER_AmountNBO fee_withdraw;
struct TALER_AmountNBO fee_deposit;
struct TALER_AmountNBO fee_refresh;
};
/**
* FIXME
*/
struct RefreshMeltSignatureBody
{
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_HashCode melt_hash;
};
/**
* FIXME
*/
struct RefreshCommitSignatureBody
{
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_HashCode commit_hash;
};
/**
* FIXME
*/
struct RefreshCommitResponseSignatureBody
{
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
uint16_t noreveal_index;
};
/**
* FIXME
*/
struct RefreshMeltResponseSignatureBody
{
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_HashCode melt_response_hash;
};
/**
* FIXME
*/
struct RefreshMeltConfirmSignRequestBody
{
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_CRYPTO_EddsaPublicKey session_pub;
};
GNUNET_NETWORK_STRUCT_END
#endif #endif

120
src/include/taler_types.h
View File

@ -1,120 +0,0 @@
/**
* @file include/types.h
* @brief This files defines the various data and message types in TALER.
* @author Sree Harsha Totakura <sreeharsha@totakura.in>
* @author Florian Dold
*/
#ifndef TYPES_H_
#define TYPES_H_
#include "taler_rsa.h"
/**
* Public information about a coin.
*/
struct TALER_CoinPublicInfo
{
/**
* The coin's public key.
*/
struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub;
/*
* The public key signifying the coin's denomination.
*/
struct TALER_RSA_PublicKeyBinaryEncoded denom_pub;
/**
* Signature over coin_pub by denom_pub.
*/
struct TALER_RSA_Signature denom_sig;
};
/**
* Request to withdraw coins from a reserve.
*/
struct TALER_WithdrawRequest
{
/**
* Signature over the rest of the message
* by the withdraw public key.
*/
struct GNUNET_CRYPTO_EddsaSignature sig;
/**
* Purpose must be TALER_SIGNATURE_WITHDRAW.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
/**
* Reserve public key.
*/
struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub;
/**
* Denomination public key for the coin that is withdrawn.
*/
struct TALER_RSA_PublicKeyBinaryEncoded denomination_pub;
/**
* Purpose containing coin's blinded public key.
*/
struct TALER_RSA_BlindedSignaturePurpose coin_envelope;
};
/**
* Data type for messages
*/
struct TALER_MessageHeader
{
/**
* The type of the message in Network-byte order (NBO)
*/
uint16_t type;
/**
* The size of the message in NBO
*/
uint16_t size;
};
/*****************/
/* Message types */
/*****************/
/**
* The message type of a blind signature
*/
#define TALER_MSG_TYPE_BLINDED_SIGNATURE 1
/**
* The message type of a blinded message
*/
#define TALER_MSG_TYPE_BLINDED_MESSAGE 2
/**
* The message type of an unblinded signature
* @FIXME: Not currently used
*/
#define TALER_MSG_TYPE_UNBLINDED_SIGNATURE 3
/**
* The type of a blinding residue message
* @FIXME: Not currently used
*/
#define TALER_MSG_TYPE_BLINDING_RESIDUE 4
/**
* The type of a message containing the blinding factor
*/
#define TALER_MSG_TYPE_BLINDING_FACTOR 5
#endif /* TYPES_H_ */
/* end of include/types.h */

34
src/lib/Makefile.am Normal file
View File

@ -0,0 +1,34 @@
AM_CPPFLAGS = -I$(top_srcdir)/src/include $(POSTGRESQL_CPPFLAGS)
lib_LTLIBRARIES = \
libtalermint.la
libtalermint_la_LDFLAGS = \
$(POSTGRESQL_LDFLAGS) \
-version-info 0:0:0 \
-no-undefined
libtalermint_la_SOURCES = \
mint_api.c
libtalermint_la_LIBADD = \
-lgnunetutil \
-ljansson \
-lcurl
libtalermint_la_LDFLAGS = \
-version-info 0:0:0 \
-no-undefined
check_PROGRAMS = \
test_mint_api
test_mint_api_SOURCES = \
test_mint_api.c
test_mint_api_LDADD = \
libtalermint.la \
$(LIBGCRYPT_LIBS) \
$(top_builddir)/src/util/libtalerutil.la \
-lgnunetutil \
-ljansson

3
src/mint/mint_api.c → src/lib/mint_api.c
View File

@ -20,14 +20,13 @@
* @brief Implementation of the client interface to mint's HTTP API * @brief Implementation of the client interface to mint's HTTP API
* @author Sree Harsha Totakura <sreeharsha@totakura.in> * @author Sree Harsha Totakura <sreeharsha@totakura.in>
*/ */
#include "platform.h" #include "platform.h"
#include <curl/curl.h> #include <curl/curl.h>
#include <jansson.h> #include <jansson.h>
#include <gnunet/gnunet_util_lib.h> #include <gnunet/gnunet_util_lib.h>
#include "taler_mint_service.h" #include "taler_mint_service.h"
#include "taler_signatures.h" #include "taler_signatures.h"
#include "mint.h"
#define CURL_STRERROR(TYPE, FUNCTION, CODE) \ #define CURL_STRERROR(TYPE, FUNCTION, CODE) \
GNUNET_log (TYPE, "cURL function `%s' has failed at `%s:%d' with error: %s", \ GNUNET_log (TYPE, "cURL function `%s' has failed at `%s:%d' with error: %s", \

4
src/mint/test_mint_api.c → src/lib/test_mint_api.c
View File

@ -32,7 +32,7 @@ struct TALER_MINT_KeysGetHandle *dkey_get;
struct TALER_MINT_DepositHandle *dh; struct TALER_MINT_DepositHandle *dh;
static GNUNET_SCHEDULER_TaskIdentifier shutdown_task; static struct GNUNET_SCHEDULER_Task *shutdown_task;
static int result; static int result;
@ -40,7 +40,7 @@ static int result;
static void static void
do_shutdown (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc) do_shutdown (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
{ {
shutdown_task = GNUNET_SCHEDULER_NO_TASK; shutdown_task = NULL;
if (NULL != dkey_get) if (NULL != dkey_get)
TALER_MINT_keys_get_cancel (dkey_get); TALER_MINT_keys_get_cancel (dkey_get);
dkey_get = NULL; dkey_get = NULL;

44
src/mint/Makefile.am
View File

@ -1,35 +1,22 @@
AM_CPPFLAGS = -I$(top_srcdir)/src/include $(POSTGRESQL_CPPFLAGS) AM_CPPFLAGS = -I$(top_srcdir)/src/include $(POSTGRESQL_CPPFLAGS)
lib_LTLIBRARIES = \ lib_LTLIBRARIES = \
libtalermint.la \ libtalermint_common.la
libtalermintapi.la
libtalermint_la_SOURCES = \ libtalermint_common_la_SOURCES = \
mint_common.c \ mint_common.c \
mint_db.c mint_db.c
libtalermint_la_LIBADD = \ libtalermint_common_la_LIBADD = \
$(top_builddir)/src/util/libtalerutil.la \ $(top_builddir)/src/util/libtalerutil.la \
-lgnunetutil \ -lgnunetutil \
-lpq -lpq
libtalermint_la_LDFLAGS = \ libtalermint_common_la_LDFLAGS = \
$(POSTGRESQL_LDFLAGS) \ $(POSTGRESQL_LDFLAGS) \
-version-info 0:0:0 \ -version-info 0:0:0 \
-no-undefined -no-undefined
libtalermintapi_la_SOURCES = \
mint_api.c
libtalermintapi_la_LIBADD = \
-lgnunetutil \
-ljansson \
-lcurl
libtalermintapi_la_LDFLAGS = \
-version-info 0:0:0 \
-no-undefined
bin_PROGRAMS = \ bin_PROGRAMS = \
taler-mint-keyup \ taler-mint-keyup \
@ -44,7 +31,7 @@ taler_mint_keyup_SOURCES = \
taler_mint_keyup_LDADD = \ taler_mint_keyup_LDADD = \
$(LIBGCRYPT_LIBS) \ $(LIBGCRYPT_LIBS) \
$(top_builddir)/src/util/libtalerutil.la \ $(top_builddir)/src/util/libtalerutil.la \
$(top_builddir)/src/mint/libtalermint.la \ $(top_builddir)/src/mint/libtalermint_common.la \
-lpq \ -lpq \
-lgnunetutil -lgnunetutil
taler_mint_keyup_LDFLAGS = $(POSTGRESQL_LDFLAGS) taler_mint_keyup_LDFLAGS = $(POSTGRESQL_LDFLAGS)
@ -56,7 +43,7 @@ taler_mint_keycheck_SOURCES = \
taler_mint_keycheck_LDADD = \ taler_mint_keycheck_LDADD = \
$(LIBGCRYPT_LIBS) \ $(LIBGCRYPT_LIBS) \
$(top_builddir)/src/util/libtalerutil.la \ $(top_builddir)/src/util/libtalerutil.la \
$(top_builddir)/src/mint/libtalermint.la \ $(top_builddir)/src/mint/libtalermint_common.la \
-lgnunetutil \ -lgnunetutil \
-lpq -lpq
taler_mint_keycheck_LDFLAGS = $(POSTGRESQL_LDFLAGS) taler_mint_keycheck_LDFLAGS = $(POSTGRESQL_LDFLAGS)
@ -66,7 +53,7 @@ taler_mint_reservemod_SOURCES = \
taler_mint_reservemod_LDADD = \ taler_mint_reservemod_LDADD = \
$(LIBGCRYPT_LIBS) \ $(LIBGCRYPT_LIBS) \
$(top_builddir)/src/util/libtalerutil.la \ $(top_builddir)/src/util/libtalerutil.la \
$(top_builddir)/src/mint/libtalermint.la \ $(top_builddir)/src/mint/libtalermint_common.la \
-lpq \ -lpq \
-lgnunetutil -lgnunetutil
taler_mint_reservemod_LDFLAGS = \ taler_mint_reservemod_LDFLAGS = \
@ -83,7 +70,7 @@ taler_mint_httpd_SOURCES = \
taler_mint_httpd_LDADD = \ taler_mint_httpd_LDADD = \
$(LIBGCRYPT_LIBS) \ $(LIBGCRYPT_LIBS) \
$(top_builddir)/src/util/libtalerutil.la \ $(top_builddir)/src/util/libtalerutil.la \
$(top_builddir)/src/mint/libtalermint.la \ $(top_builddir)/src/mint/libtalermint_common.la \
-lpq \ -lpq \
-lmicrohttpd \ -lmicrohttpd \
-ljansson \ -ljansson \
@ -98,28 +85,19 @@ taler_mint_dbinit_SOURCES = \
taler_mint_dbinit_LDADD = \ taler_mint_dbinit_LDADD = \
$(LIBGCRYPT_LIBS) \ $(LIBGCRYPT_LIBS) \
$(top_builddir)/src/util/libtalerutil.la \ $(top_builddir)/src/util/libtalerutil.la \
$(top_builddir)/src/mint/libtalermint.la \ $(top_builddir)/src/mint/libtalermint_common.la \
-lpq \ -lpq \
-lgnunetutil -lgnunetutil
taler_mint_dbinit_LDFLAGS = $(POSTGRESQL_LDFLAGS) taler_mint_dbinit_LDFLAGS = $(POSTGRESQL_LDFLAGS)
check_PROGRAMS = \ check_PROGRAMS = \
test-mint-api \
test-mint-deposits \ test-mint-deposits \
test-mint-common test-mint-common
test_mint_api_SOURCES = test_mint_api.c
test_mint_api_LDADD = \
libtalermintapi.la \
$(LIBGCRYPT_LIBS) \
$(top_builddir)/src/util/libtalerutil.la \
-lgnunetutil \
-ljansson
test_mint_deposits_SOURCES = \ test_mint_deposits_SOURCES = \
test_mint_deposits.c test_mint_deposits.c
test_mint_deposits_LDADD = \ test_mint_deposits_LDADD = \
libtalermint.la \ libtalermint_common.la \
$(top_srcdir)/src/util/libtalerutil.la \ $(top_srcdir)/src/util/libtalerutil.la \
-lgnunetutil \ -lgnunetutil \
-lpq -lpq
@ -127,6 +105,6 @@ test_mint_deposits_LDADD = \
test_mint_common_SOURCES = \ test_mint_common_SOURCES = \
test_mint_common.c test_mint_common.c
test_mint_common_LDADD = \ test_mint_common_LDADD = \
libtalermint.la \ libtalermint_common.la \
$(top_srcdir)/src/util/libtalerutil.la \ $(top_srcdir)/src/util/libtalerutil.la \
-lgnunetutil -lgnunetutil

80
src/mint/mint.h
View File

@ -29,82 +29,38 @@
#include <libpq-fe.h> #include <libpq-fe.h>
#include "taler_util.h" #include "taler_util.h"
#include "taler_rsa.h" #include "taler_rsa.h"
#include "taler_signatures.h"
#define DIR_SIGNKEYS "signkeys" #define DIR_SIGNKEYS "signkeys"
#define DIR_DENOMKEYS "denomkeys" #define DIR_DENOMKEYS "denomkeys"
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* FIXME * On disk format used for a mint signing key.
* Includes the private key followed by the signed
* issue message.
*/ */
struct TALER_MINT_SignKeyIssue struct TALER_MINT_SignKeyIssuePriv
{ {
struct GNUNET_CRYPTO_EddsaPrivateKey signkey_priv; struct GNUNET_CRYPTO_EddsaPrivateKey signkey_priv;
struct GNUNET_CRYPTO_EddsaSignature signature; struct TALER_MINT_SignKeyIssue issue;
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_CRYPTO_EddsaPublicKey master_pub;
struct GNUNET_TIME_AbsoluteNBO start;
struct GNUNET_TIME_AbsoluteNBO expire;
struct GNUNET_CRYPTO_EddsaPublicKey signkey_pub;
}; };
struct TALER_MINT_DenomKeyIssue
struct TALER_MINT_DenomKeyIssuePriv
{ {
/** /**
* The private key of the denomination. Will be NULL if the private key is * The private key of the denomination. Will be NULL if the private key is
* not available. * not available.
*/ */
struct TALER_RSA_PrivateKey *denom_priv; struct TALER_RSA_PrivateKey *denom_priv;
struct GNUNET_CRYPTO_EddsaSignature signature; struct TALER_MINT_DenomKeyIssue issue;
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_CRYPTO_EddsaPublicKey master;
struct GNUNET_TIME_AbsoluteNBO start;
struct GNUNET_TIME_AbsoluteNBO expire_withdraw;
struct GNUNET_TIME_AbsoluteNBO expire_spend;
struct TALER_RSA_PublicKeyBinaryEncoded denom_pub;
struct TALER_AmountNBO value;
struct TALER_AmountNBO fee_withdraw;
struct TALER_AmountNBO fee_deposit;
struct TALER_AmountNBO fee_refresh;
};
struct RefreshMeltSignatureBody
{
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_HashCode melt_hash;
};
struct RefreshCommitSignatureBody
{
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_HashCode commit_hash;
};
struct RefreshCommitResponseSignatureBody
{
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
uint16_t noreveal_index;
};
struct RefreshMeltResponseSignatureBody
{
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_HashCode melt_response_hash;
}; };
struct RefreshMeltConfirmSignRequestBody
{
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct GNUNET_CRYPTO_EddsaPublicKey session_pub;
};
GNUNET_NETWORK_STRUCT_END
/** /**
@ -116,8 +72,9 @@ GNUNET_NETWORK_STRUCT_END
* #GNUNET_NO to stop iteration with no error, * #GNUNET_NO to stop iteration with no error,
* #GNUNET_SYSERR to abort iteration with error! * #GNUNET_SYSERR to abort iteration with error!
*/ */
typedef int (*TALER_MINT_SignkeyIterator)(void *cls, typedef int
const struct TALER_MINT_SignKeyIssue *ski); (*TALER_MINT_SignkeyIterator)(void *cls,
const struct TALER_MINT_SignKeyIssuePriv *ski);
/** /**
* Iterator for denomination keys. * Iterator for denomination keys.
@ -129,9 +86,10 @@ typedef int (*TALER_MINT_SignkeyIterator)(void *cls,
* #GNUNET_NO to stop iteration with no error, * #GNUNET_NO to stop iteration with no error,
* #GNUNET_SYSERR to abort iteration with error! * #GNUNET_SYSERR to abort iteration with error!
*/ */
typedef int (*TALER_MINT_DenomkeyIterator)(void *cls, typedef int
const char *alias, (*TALER_MINT_DenomkeyIterator)(void *cls,
const struct TALER_MINT_DenomKeyIssue *dki); const char *alias,
const struct TALER_MINT_DenomKeyIssuePriv *dki);
@ -160,7 +118,7 @@ TALER_MINT_denomkeys_iterate (const char *mint_base_dir,
*/ */
int int
TALER_MINT_write_denom_key (const char *filename, TALER_MINT_write_denom_key (const char *filename,
const struct TALER_MINT_DenomKeyIssue *dki); const struct TALER_MINT_DenomKeyIssuePriv *dki);
/** /**
@ -172,7 +130,7 @@ TALER_MINT_write_denom_key (const char *filename,
*/ */
int int
TALER_MINT_read_denom_key (const char *filename, TALER_MINT_read_denom_key (const char *filename,
struct TALER_MINT_DenomKeyIssue *dki); struct TALER_MINT_DenomKeyIssuePriv *dki);
/** /**

29
src/mint/mint_common.c
View File

@ -47,11 +47,12 @@ signkeys_iterate_dir_iter (void *cls,
struct SignkeysIterateContext *skc = cls; struct SignkeysIterateContext *skc = cls;
ssize_t nread; ssize_t nread;
struct TALER_MINT_SignKeyIssue issue; struct TALER_MINT_SignKeyIssuePriv issue;
nread = GNUNET_DISK_fn_read (filename, nread = GNUNET_DISK_fn_read (filename,
&issue, &issue,
sizeof (struct TALER_MINT_SignKeyIssue)); sizeof (struct TALER_MINT_SignKeyIssuePriv));
if (nread != sizeof (struct TALER_MINT_SignKeyIssue)) if (nread != sizeof (struct TALER_MINT_SignKeyIssuePriv))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid signkey file: '%s'\n", filename); GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid signkey file: '%s'\n", filename);
return GNUNET_OK; return GNUNET_OK;
@ -87,7 +88,7 @@ TALER_MINT_signkeys_iterate (const char *mint_base_dir,
*/ */
int int
TALER_MINT_read_denom_key (const char *filename, TALER_MINT_read_denom_key (const char *filename,
struct TALER_MINT_DenomKeyIssue *dki) struct TALER_MINT_DenomKeyIssuePriv *dki)
{ {
uint64_t size; uint64_t size;
size_t offset; size_t offset;
@ -97,8 +98,8 @@ TALER_MINT_read_denom_key (const char *filename,
ret = GNUNET_SYSERR; ret = GNUNET_SYSERR;
data = NULL; data = NULL;
offset = sizeof (struct TALER_MINT_DenomKeyIssue) offset = sizeof (struct TALER_MINT_DenomKeyIssuePriv)
- offsetof (struct TALER_MINT_DenomKeyIssue, signature); - offsetof (struct TALER_MINT_DenomKeyIssuePriv, issue.signature);
if (GNUNET_OK != GNUNET_DISK_file_size (filename, if (GNUNET_OK != GNUNET_DISK_file_size (filename,
&size, &size,
GNUNET_YES, GNUNET_YES,
@ -117,7 +118,7 @@ TALER_MINT_read_denom_key (const char *filename,
if (NULL == (priv = TALER_RSA_decode_key (data + offset, size - offset))) if (NULL == (priv = TALER_RSA_decode_key (data + offset, size - offset)))
goto cleanup; goto cleanup;
dki->denom_priv = priv; dki->denom_priv = priv;
(void) memcpy (&dki->signature, data, offset); memcpy (&dki->issue.signature, data, offset);
ret = GNUNET_OK; ret = GNUNET_OK;
cleanup: cleanup:
@ -135,7 +136,7 @@ TALER_MINT_read_denom_key (const char *filename,
*/ */
int int
TALER_MINT_write_denom_key (const char *filename, TALER_MINT_write_denom_key (const char *filename,
const struct TALER_MINT_DenomKeyIssue *dki) const struct TALER_MINT_DenomKeyIssuePriv *dki)
{ {
struct TALER_RSA_PrivateKeyBinaryEncoded *priv_enc; struct TALER_RSA_PrivateKeyBinaryEncoded *priv_enc;
struct GNUNET_DISK_FileHandle *fh; struct GNUNET_DISK_FileHandle *fh;
@ -153,10 +154,10 @@ TALER_MINT_write_denom_key (const char *filename,
goto cleanup; goto cleanup;
if (NULL == (priv_enc = TALER_RSA_encode_key (dki->denom_priv))) if (NULL == (priv_enc = TALER_RSA_encode_key (dki->denom_priv)))
goto cleanup; goto cleanup;
wsize = sizeof (struct TALER_MINT_DenomKeyIssue) wsize = sizeof (struct TALER_MINT_DenomKeyIssuePriv)
- offsetof (struct TALER_MINT_DenomKeyIssue, signature); - offsetof (struct TALER_MINT_DenomKeyIssuePriv, issue.signature);
if (GNUNET_SYSERR == (wrote = GNUNET_DISK_file_write (fh, if (GNUNET_SYSERR == (wrote = GNUNET_DISK_file_write (fh,
&dki->signature, &dki->issue.signature,
wsize))) wsize)))
goto cleanup; goto cleanup;
if (wrote != wsize) if (wrote != wsize)
@ -183,11 +184,13 @@ denomkeys_iterate_keydir_iter (void *cls,
{ {
struct DenomkeysIterateContext *dic = cls; struct DenomkeysIterateContext *dic = cls;
struct TALER_MINT_DenomKeyIssue issue; struct TALER_MINT_DenomKeyIssuePriv issue;
if (GNUNET_OK != TALER_MINT_read_denom_key (filename, &issue)) if (GNUNET_OK != TALER_MINT_read_denom_key (filename, &issue))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid denomkey file: '%s'\n", filename); GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Invalid denomkey file: '%s'\n",
filename);
return GNUNET_OK; return GNUNET_OK;
} }
return dic->it (dic->it_cls, dic->alias, &issue); return dic->it (dic->it_cls, dic->alias, &issue);

27
src/mint/mint_db.h
View File

@ -26,10 +26,35 @@
#include <libpq-fe.h> #include <libpq-fe.h>
#include <gnunet/gnunet_util_lib.h> #include <gnunet/gnunet_util_lib.h>
#include "taler_util.h" #include "taler_util.h"
#include "taler_types.h"
#include "taler_rsa.h" #include "taler_rsa.h"
/**
* Public information about a coin.
*/
struct TALER_CoinPublicInfo
{
/**
* The coin's public key.
*/
struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub;
/*
* The public key signifying the coin's denomination.
*/
struct TALER_RSA_PublicKeyBinaryEncoded denom_pub;
/**
* Signature over coin_pub by denom_pub.
*/
struct TALER_RSA_Signature denom_sig;
};
/** /**
* Reserve row. Corresponds to table 'reserves' in * Reserve row. Corresponds to table 'reserves' in
* the mint's database. * the mint's database.

1
src/mint/taler-mint-httpd.c
View File

@ -29,7 +29,6 @@
#include <pthread.h> #include <pthread.h>
#include "mint.h" #include "mint.h"
#include "mint_db.h" #include "mint_db.h"
#include "taler_types.h"
#include "taler_signatures.h" #include "taler_signatures.h"
#include "taler_rsa.h" #include "taler_rsa.h"
#include "taler_json_lib.h" #include "taler_json_lib.h"

1
src/mint/taler-mint-httpd_deposit.c
View File

@ -28,7 +28,6 @@
#include <pthread.h> #include <pthread.h>
#include "mint.h" #include "mint.h"
#include "mint_db.h" #include "mint_db.h"
#include "taler_types.h"
#include "taler_signatures.h" #include "taler_signatures.h"
#include "taler_rsa.h" #include "taler_rsa.h"
#include "taler_json_lib.h" #include "taler_json_lib.h"

41
src/mint/taler-mint-httpd_keys.c
View File

@ -28,7 +28,6 @@
#include <pthread.h> #include <pthread.h>
#include "mint.h" #include "mint.h"
#include "mint_db.h" #include "mint_db.h"
#include "taler_types.h"
#include "taler_signatures.h" #include "taler_signatures.h"
#include "taler_rsa.h" #include "taler_rsa.h"
#include "taler_json_lib.h" #include "taler_json_lib.h"
@ -145,7 +144,7 @@ TALER_MINT_conf_duration_provide ()
static int static int
reload_keys_denom_iter (void *cls, reload_keys_denom_iter (void *cls,
const char *alias, const char *alias,
const struct TALER_MINT_DenomKeyIssue *dki) const struct TALER_MINT_DenomKeyIssuePriv *dki)
{ {
struct MintKeyState *ctx = cls; struct MintKeyState *ctx = cls;
struct GNUNET_TIME_Absolute stamp_provide; struct GNUNET_TIME_Absolute stamp_provide;
@ -155,28 +154,30 @@ reload_keys_denom_iter (void *cls,
stamp_provide = GNUNET_TIME_absolute_add (ctx->reload_time, stamp_provide = GNUNET_TIME_absolute_add (ctx->reload_time,
TALER_MINT_conf_duration_provide ()); TALER_MINT_conf_duration_provide ());
if (GNUNET_TIME_absolute_ntoh (dki->expire_spend).abs_value_us < ctx->reload_time.abs_value_us) if (GNUNET_TIME_absolute_ntoh (dki->issue.expire_spend).abs_value_us < ctx->reload_time.abs_value_us)
{ {
// this key is expired // this key is expired
return GNUNET_OK; return GNUNET_OK;
} }
if (GNUNET_TIME_absolute_ntoh (dki->start).abs_value_us > stamp_provide.abs_value_us) if (GNUNET_TIME_absolute_ntoh (dki->issue.start).abs_value_us > stamp_provide.abs_value_us)
{ {
// we are to early for this key // we are to early for this key
return GNUNET_OK; return GNUNET_OK;
} }
GNUNET_CRYPTO_hash (&dki->denom_pub, sizeof (struct GNUNET_CRYPTO_EddsaPublicKey), &denom_key_hash); GNUNET_CRYPTO_hash (&dki->issue.denom_pub,
sizeof (struct GNUNET_CRYPTO_EddsaPublicKey),
&denom_key_hash);
res = GNUNET_CONTAINER_multihashmap_put (ctx->denomkey_map, res = GNUNET_CONTAINER_multihashmap_put (ctx->denomkey_map,
&denom_key_hash, &denom_key_hash,
GNUNET_memdup (dki, sizeof (struct TALER_MINT_DenomKeyIssue)), GNUNET_memdup (dki, sizeof (struct TALER_MINT_DenomKeyIssuePriv)),
GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY); GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
if (GNUNET_OK != res) if (GNUNET_OK != res)
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Duplicate denomination key\n"); GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Duplicate denomination key\n");
json_array_append_new (ctx->denom_keys_array, json_array_append_new (ctx->denom_keys_array,
denom_key_issue_to_json (dki)); denom_key_issue_to_json (&dki->issue));
return GNUNET_OK; return GNUNET_OK;
} }
@ -193,20 +194,20 @@ reload_keys_denom_iter (void *cls,
*/ */
static int static int
reload_keys_sign_iter (void *cls, reload_keys_sign_iter (void *cls,
const struct TALER_MINT_SignKeyIssue *ski) const struct TALER_MINT_SignKeyIssuePriv *ski)
{ {
struct MintKeyState *ctx = cls; struct MintKeyState *ctx = cls;
struct GNUNET_TIME_Absolute stamp_provide; struct GNUNET_TIME_Absolute stamp_provide;
stamp_provide = GNUNET_TIME_absolute_add (ctx->reload_time, TALER_MINT_conf_duration_provide (cfg)); stamp_provide = GNUNET_TIME_absolute_add (ctx->reload_time, TALER_MINT_conf_duration_provide (cfg));
if (GNUNET_TIME_absolute_ntoh (ski->expire).abs_value_us < ctx->reload_time.abs_value_us) if (GNUNET_TIME_absolute_ntoh (ski->issue.expire).abs_value_us < ctx->reload_time.abs_value_us)
{ {
// this key is expired // this key is expired
return GNUNET_OK; return GNUNET_OK;
} }
if (GNUNET_TIME_absolute_ntoh (ski->start).abs_value_us > stamp_provide.abs_value_us) if (GNUNET_TIME_absolute_ntoh (ski->issue.start).abs_value_us > stamp_provide.abs_value_us)
{ {
// we are to early for this key // we are to early for this key
return GNUNET_OK; return GNUNET_OK;
@ -214,16 +215,16 @@ reload_keys_sign_iter (void *cls,
// the signkey is valid for now, check // the signkey is valid for now, check
// if it's more recent than the current one! // if it's more recent than the current one!
if (GNUNET_TIME_absolute_ntoh (ctx->current_sign_key_issue.start).abs_value_us > if (GNUNET_TIME_absolute_ntoh (ctx->current_sign_key_issue.issue.start).abs_value_us >
GNUNET_TIME_absolute_ntoh (ski->start).abs_value_us) GNUNET_TIME_absolute_ntoh (ski->issue.start).abs_value_us)
ctx->current_sign_key_issue = *ski; ctx->current_sign_key_issue = *ski;
ctx->next_reload = GNUNET_TIME_absolute_min (ctx->next_reload, ctx->next_reload = GNUNET_TIME_absolute_min (ctx->next_reload,
GNUNET_TIME_absolute_ntoh (ski->expire)); GNUNET_TIME_absolute_ntoh (ski->issue.expire));
json_array_append_new (ctx->sign_keys_array, json_array_append_new (ctx->sign_keys_array,
sign_key_issue_to_json (ski)); sign_key_issue_to_json (&ski->issue));
return GNUNET_OK; return GNUNET_OK;
} }
@ -334,14 +335,16 @@ TALER_MINT_key_state_acquire (void)
* @return the denomination key issue, * @return the denomination key issue,
* or NULL if denom_pub could not be found * or NULL if denom_pub could not be found
*/ */
struct TALER_MINT_DenomKeyIssue * struct TALER_MINT_DenomKeyIssuePriv *
TALER_MINT_get_denom_key (const struct MintKeyState *key_state, TALER_MINT_get_denom_key (const struct MintKeyState *key_state,
const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub) const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub)
{ {
struct TALER_MINT_DenomKeyIssue *issue; struct TALER_MINT_DenomKeyIssuePriv *issue;
struct GNUNET_HashCode hash; struct GNUNET_HashCode hash;
GNUNET_CRYPTO_hash (denom_pub, sizeof (struct TALER_RSA_PublicKeyBinaryEncoded), &hash); GNUNET_CRYPTO_hash (denom_pub,
sizeof (struct TALER_RSA_PublicKeyBinaryEncoded),
&hash);
issue = GNUNET_CONTAINER_multihashmap_get (key_state->denomkey_map, &hash); issue = GNUNET_CONTAINER_multihashmap_get (key_state->denomkey_map, &hash);
return issue; return issue;
} }
@ -361,7 +364,7 @@ int
TALER_MINT_test_coin_valid (const struct MintKeyState *key_state, TALER_MINT_test_coin_valid (const struct MintKeyState *key_state,
struct TALER_CoinPublicInfo *coin_public_info) struct TALER_CoinPublicInfo *coin_public_info)
{ {
struct TALER_MINT_DenomKeyIssue *dki; struct TALER_MINT_DenomKeyIssuePriv *dki;
dki = TALER_MINT_get_denom_key (key_state, &coin_public_info->denom_pub); dki = TALER_MINT_get_denom_key (key_state, &coin_public_info->denom_pub);
if (NULL == dki) if (NULL == dki)
@ -369,7 +372,7 @@ TALER_MINT_test_coin_valid (const struct MintKeyState *key_state,
if (GNUNET_OK != TALER_RSA_verify (&coin_public_info->coin_pub, if (GNUNET_OK != TALER_RSA_verify (&coin_public_info->coin_pub,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey), sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
&coin_public_info->denom_sig, &coin_public_info->denom_sig,
&dki->denom_pub)) &dki->issue.denom_pub))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"coin signature is invalid\n"); "coin signature is invalid\n");

4
src/mint/taler-mint-httpd_keys.h
View File

@ -62,7 +62,7 @@ struct MintKeyState
/** /**
* Mint signing key that should be used currently. * Mint signing key that should be used currently.
*/ */
struct TALER_MINT_SignKeyIssue current_sign_key_issue; struct TALER_MINT_SignKeyIssuePriv current_sign_key_issue;
/** /**
* Cached JSON text that the mint will send for * Cached JSON text that the mint will send for
@ -105,7 +105,7 @@ TALER_MINT_key_state_acquire (void);
* @return the denomination key issue, * @return the denomination key issue,
* or NULL if denom_pub could not be found * or NULL if denom_pub could not be found
*/ */
struct TALER_MINT_DenomKeyIssue * struct TALER_MINT_DenomKeyIssuePriv *
TALER_MINT_get_denom_key (const struct MintKeyState *key_state, TALER_MINT_get_denom_key (const struct MintKeyState *key_state,
const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub); const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub);

10
src/mint/taler-mint-httpd_refresh.c
View File

@ -28,7 +28,6 @@
#include <pthread.h> #include <pthread.h>
#include "mint.h" #include "mint.h"
#include "mint_db.h" #include "mint_db.h"
#include "taler_types.h"
#include "taler_signatures.h" #include "taler_signatures.h"
#include "taler_rsa.h" #include "taler_rsa.h"
#include "taler_json_lib.h" #include "taler_json_lib.h"
@ -152,10 +151,11 @@ refresh_accept_denoms (struct MHD_Connection *connection,
if (GNUNET_OK != res) if (GNUNET_OK != res)
return res; return res;
dki = TALER_MINT_get_denom_key (key_state, &denom_pub); dki = &(TALER_MINT_get_denom_key (key_state, &denom_pub)->issue);
GNUNET_CRYPTO_hash_context_read (hash_context, GNUNET_CRYPTO_hash_context_read (hash_context,
&denom_pub, sizeof (struct TALER_RSA_PublicKeyBinaryEncoded)); &denom_pub,
sizeof (struct TALER_RSA_PublicKeyBinaryEncoded));
cost = TALER_amount_add (TALER_amount_ntoh (dki->value), cost = TALER_amount_add (TALER_amount_ntoh (dki->value),
TALER_amount_ntoh (dki->fee_withdraw)); TALER_amount_ntoh (dki->fee_withdraw));
@ -353,7 +353,7 @@ refresh_accept_melts (struct MHD_Connection *connection,
GNUNET_CRYPTO_hash_context_read (hash_context, GNUNET_CRYPTO_hash_context_read (hash_context,
&coin_public_info.coin_pub, sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)); &coin_public_info.coin_pub, sizeof (struct GNUNET_CRYPTO_EddsaPublicKey));
dki = TALER_MINT_get_denom_key (key_state, &coin_public_info.denom_pub); dki = &(TALER_MINT_get_denom_key (key_state, &coin_public_info.denom_pub)->issue);
if (NULL == dki) if (NULL == dki)
return (MHD_YES == request_send_json_pack (connection, MHD_HTTP_NOT_FOUND, return (MHD_YES == request_send_json_pack (connection, MHD_HTTP_NOT_FOUND,
@ -1344,7 +1344,7 @@ TALER_MINT_handler_refresh_reveal (struct RequestHandler *rh,
{ {
struct RefreshCommitCoin commit_coin; struct RefreshCommitCoin commit_coin;
struct TALER_RSA_PublicKeyBinaryEncoded denom_pub; struct TALER_RSA_PublicKeyBinaryEncoded denom_pub;
struct TALER_MINT_DenomKeyIssue *dki; struct TALER_MINT_DenomKeyIssuePriv *dki;
struct TALER_RSA_Signature ev_sig; struct TALER_RSA_Signature ev_sig;
res = TALER_MINT_DB_get_refresh_commit_coin (db_conn, res = TALER_MINT_DB_get_refresh_commit_coin (db_conn,

13
src/mint/taler-mint-httpd_withdraw.c
View File

@ -28,7 +28,6 @@
#include <pthread.h> #include <pthread.h>
#include "mint.h" #include "mint.h"
#include "mint_db.h" #include "mint_db.h"
#include "taler_types.h"
#include "taler_signatures.h" #include "taler_signatures.h"
#include "taler_rsa.h" #include "taler_rsa.h"
#include "taler_json_lib.h" #include "taler_json_lib.h"
@ -79,7 +78,7 @@ static void
sign_reserve (struct Reserve *reserve, sign_reserve (struct Reserve *reserve,
struct MintKeyState *key_state) struct MintKeyState *key_state)
{ {
reserve->status_sign_pub = key_state->current_sign_key_issue.signkey_pub; reserve->status_sign_pub = key_state->current_sign_key_issue.issue.signkey_pub;
reserve->status_sig_purpose.purpose = htonl (TALER_SIGNATURE_RESERVE_STATUS); reserve->status_sig_purpose.purpose = htonl (TALER_SIGNATURE_RESERVE_STATUS);
reserve->status_sig_purpose.size = htonl (sizeof (struct Reserve) - reserve->status_sig_purpose.size = htonl (sizeof (struct Reserve) -
offsetof (struct Reserve, status_sig_purpose)); offsetof (struct Reserve, status_sig_purpose));
@ -151,7 +150,7 @@ TALER_MINT_handler_withdraw_status (struct RequestHandler *rh,
return MHD_NO; return MHD_NO;
} }
key_state = TALER_MINT_key_state_acquire (); key_state = TALER_MINT_key_state_acquire ();
if (0 != memcmp (&key_state->current_sign_key_issue.signkey_pub, if (0 != memcmp (&key_state->current_sign_key_issue.issue.signkey_pub,
&reserve.status_sign_pub, &reserve.status_sign_pub,
sizeof (struct GNUNET_CRYPTO_EddsaPublicKey))) sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)))
{ {
@ -230,7 +229,7 @@ TALER_MINT_handler_withdraw_sign (struct RequestHandler *rh,
struct Reserve reserve; struct Reserve reserve;
struct MintKeyState *key_state; struct MintKeyState *key_state;
struct CollectableBlindcoin collectable; struct CollectableBlindcoin collectable;
struct TALER_MINT_DenomKeyIssue *dki; struct TALER_MINT_DenomKeyIssuePriv *dki;
struct TALER_RSA_Signature ev_sig; struct TALER_RSA_Signature ev_sig;
struct TALER_Amount amount_required; struct TALER_Amount amount_required;
@ -342,16 +341,16 @@ TALER_MINT_handler_withdraw_sign (struct RequestHandler *rh,
key_state = TALER_MINT_key_state_acquire (); key_state = TALER_MINT_key_state_acquire ();
dki = TALER_MINT_get_denom_key (key_state, dki = TALER_MINT_get_denom_key (key_state,
&wsrd.denomination_pub); &wsrd.denomination_pub);
TALER_MINT_key_state_release (key_state); TALER_MINT_key_state_release (key_state);
if (NULL == dki) if (NULL == dki)
return request_send_json_pack (connection, MHD_HTTP_NOT_FOUND, return request_send_json_pack (connection, MHD_HTTP_NOT_FOUND,
"{s:s}", "{s:s}",
"error", "Denomination not found"); "error", "Denomination not found");
amount_required = TALER_amount_ntoh (dki->value); amount_required = TALER_amount_ntoh (dki->issue.value);
amount_required = TALER_amount_add (amount_required, amount_required = TALER_amount_add (amount_required,
TALER_amount_ntoh (dki->fee_withdraw)); TALER_amount_ntoh (dki->issue.fee_withdraw));
if (0 < TALER_amount_cmp (amount_required, if (0 < TALER_amount_cmp (amount_required,
TALER_amount_ntoh (reserve.balance))) TALER_amount_ntoh (reserve.balance)))

46
src/mint/taler-mint-keycheck.c
View File

@ -32,19 +32,20 @@ static struct GNUNET_CONFIGURATION_Handle *kcfg;
static int static int
signkeys_iter (void *cls, const struct TALER_MINT_SignKeyIssue *ski) signkeys_iter (void *cls, const struct TALER_MINT_SignKeyIssuePriv *ski)
{ {
struct GNUNET_TIME_Absolute start; struct GNUNET_TIME_Absolute start;
printf ("iterating over key for start time %s\n", printf ("iterating over key for start time %s\n",
GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (ski->start))); GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (ski->issue.start)));
start = GNUNET_TIME_absolute_ntoh (ski->start); start = GNUNET_TIME_absolute_ntoh (ski->issue.start);
if (ntohl (ski->purpose.size) != if (ntohl (ski->issue.purpose.size) !=
(sizeof (struct TALER_MINT_SignKeyIssue) - offsetof (struct TALER_MINT_SignKeyIssue, purpose))) (sizeof (struct TALER_MINT_SignKeyIssue) - offsetof (struct TALER_MINT_SignKeyIssue, purpose)))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Signkey with start %s has invalid purpose field (timestamp: %llu)\n", GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Signkey with start %s has invalid purpose field (timestamp: %llu)\n",
GNUNET_STRINGS_absolute_time_to_string (start), GNUNET_STRINGS_absolute_time_to_string (start),
(long long) start.abs_value_us); (long long) start.abs_value_us);
return GNUNET_SYSERR; return GNUNET_SYSERR;
@ -52,15 +53,16 @@ signkeys_iter (void *cls, const struct TALER_MINT_SignKeyIssue *ski)
if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNKEY, if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNKEY,
&ski->purpose, &ski->issue.purpose,
&ski->signature, &ski->issue.signature,
&ski->master_pub)) &ski->issue.master_pub))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Signkey with start %s has invalid signature (timestamp: %llu)\n", GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Signkey with start %s has invalid signature (timestamp: %llu)\n",
GNUNET_STRINGS_absolute_time_to_string (start), GNUNET_STRINGS_absolute_time_to_string (start),
(long long) start.abs_value_us); (long long) start.abs_value_us);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
/* FIXME: what about private key matching the public key? */
printf ("key valid\n"); printf ("key valid\n");
return GNUNET_OK; return GNUNET_OK;
} }
@ -75,16 +77,17 @@ mint_signkeys_check ()
} }
static int denomkeys_iter (void *cls, static int
const char *alias, denomkeys_iter (void *cls,
const struct TALER_MINT_DenomKeyIssue *dki) const char *alias,
const struct TALER_MINT_DenomKeyIssuePriv *dki)
{ {
struct GNUNET_TIME_Absolute start; struct GNUNET_TIME_Absolute start;
start = GNUNET_TIME_absolute_ntoh (dki->start); start = GNUNET_TIME_absolute_ntoh (dki->issue.start);
if (ntohl (dki->purpose.size) != if (ntohl (dki->issue.purpose.size) !=
(sizeof (struct TALER_MINT_DenomKeyIssue) - offsetof (struct TALER_MINT_DenomKeyIssue, purpose))) (sizeof (struct TALER_MINT_DenomKeyIssuePriv) - offsetof (struct TALER_MINT_DenomKeyIssuePriv, issue.purpose)))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Denomkey for '%s' with start %s has invalid purpose field (timestamp: %llu)\n", GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Denomkey for '%s' with start %s has invalid purpose field (timestamp: %llu)\n",
alias, alias,
@ -93,12 +96,14 @@ static int denomkeys_iter (void *cls,
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DENOM, if (GNUNET_OK !=
&dki->purpose, GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DENOM,
&dki->signature, &dki->issue.purpose,
&dki->master)) &dki->issue.signature,
&dki->issue.master))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Denomkey for '%s'with start %s has invalid signature (timestamp: %llu)\n", GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Denomkey for '%s'with start %s has invalid signature (timestamp: %llu)\n",
alias, alias,
GNUNET_STRINGS_absolute_time_to_string (start), GNUNET_STRINGS_absolute_time_to_string (start),
(long long) start.abs_value_us); (long long) start.abs_value_us);
@ -113,7 +118,8 @@ static int denomkeys_iter (void *cls,
static int static int
mint_denomkeys_check () mint_denomkeys_check ()
{ {
if (0 > TALER_MINT_denomkeys_iterate (mintdir, denomkeys_iter, NULL)) if (0 > TALER_MINT_denomkeys_iterate (mintdir,
&denomkeys_iter, NULL))
return GNUNET_NO; return GNUNET_NO;
return GNUNET_OK; return GNUNET_OK;
} }

51
src/mint/taler-mint-keyup.c
View File

@ -292,21 +292,22 @@ get_anchor (const char *dir,
} }
static void static void
create_signkey_issue (struct GNUNET_TIME_Absolute start, create_signkey_issue_priv (struct GNUNET_TIME_Absolute start,
struct GNUNET_TIME_Relative duration, struct GNUNET_TIME_Relative duration,
struct TALER_MINT_SignKeyIssue *issue) struct TALER_MINT_SignKeyIssuePriv *pi)
{ {
struct GNUNET_CRYPTO_EddsaPrivateKey *priv; struct GNUNET_CRYPTO_EddsaPrivateKey *priv;
struct TALER_MINT_SignKeyIssue *issue = &pi->issue;
priv = GNUNET_CRYPTO_eddsa_key_create (); priv = GNUNET_CRYPTO_eddsa_key_create ();
GNUNET_assert (NULL != priv); GNUNET_assert (NULL != priv);
issue->signkey_priv = *priv; pi->signkey_priv = *priv;
GNUNET_free (priv); GNUNET_free (priv);
issue->master_pub = *master_pub; issue->master_pub = *master_pub;
issue->start = GNUNET_TIME_absolute_hton (start); issue->start = GNUNET_TIME_absolute_hton (start);
issue->expire = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_add (start, duration)); issue->expire = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_add (start, duration));
GNUNET_CRYPTO_eddsa_key_get_public (&issue->signkey_priv, &issue->signkey_pub); GNUNET_CRYPTO_eddsa_key_get_public (&pi->signkey_priv, &issue->signkey_pub);
issue->purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNKEY); issue->purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNKEY);
issue->purpose.size = htonl (sizeof (struct TALER_MINT_SignKeyIssue) - offsetof (struct TALER_MINT_SignKeyIssue, purpose)); issue->purpose.size = htonl (sizeof (struct TALER_MINT_SignKeyIssue) - offsetof (struct TALER_MINT_SignKeyIssue, purpose));
@ -354,10 +355,10 @@ mint_keys_update_signkeys ()
skf = get_signkey_file (anchor); skf = get_signkey_file (anchor);
if (GNUNET_YES != GNUNET_DISK_file_test (skf)) if (GNUNET_YES != GNUNET_DISK_file_test (skf))
{ {
struct TALER_MINT_SignKeyIssue signkey_issue; struct TALER_MINT_SignKeyIssuePriv signkey_issue;
ssize_t nwrite; ssize_t nwrite;
printf ("Generating signing key for %s.\n", GNUNET_STRINGS_absolute_time_to_string (anchor)); printf ("Generating signing key for %s.\n", GNUNET_STRINGS_absolute_time_to_string (anchor));
create_signkey_issue (anchor, signkey_duration, &signkey_issue); create_signkey_issue_priv (anchor, signkey_duration, &signkey_issue);
nwrite = GNUNET_DISK_fn_write (skf, &signkey_issue, sizeof (struct TALER_MINT_SignKeyIssue), nwrite = GNUNET_DISK_fn_write (skf, &signkey_issue, sizeof (struct TALER_MINT_SignKeyIssue),
(GNUNET_DISK_PERM_USER_WRITE | GNUNET_DISK_PERM_USER_READ)); (GNUNET_DISK_PERM_USER_WRITE | GNUNET_DISK_PERM_USER_READ));
if (nwrite != sizeof (struct TALER_MINT_SignKeyIssue)) if (nwrite != sizeof (struct TALER_MINT_SignKeyIssue))
@ -430,28 +431,32 @@ get_cointype_params (const char *ct, struct CoinTypeParams *params)
static void static void
create_denomkey_issue (struct CoinTypeParams *params, struct TALER_MINT_DenomKeyIssue *dki) create_denomkey_issue (struct CoinTypeParams *params,
struct TALER_MINT_DenomKeyIssuePriv *dki)
{ {
GNUNET_assert (NULL != (dki->denom_priv = TALER_RSA_key_create ())); GNUNET_assert (NULL != (dki->denom_priv = TALER_RSA_key_create ()));
TALER_RSA_key_get_public (dki->denom_priv, &dki->denom_pub); TALER_RSA_key_get_public (dki->denom_priv, &dki->issue.denom_pub);
dki->master = *master_pub; dki->issue.master = *master_pub;
dki->start = GNUNET_TIME_absolute_hton (params->anchor); dki->issue.start = GNUNET_TIME_absolute_hton (params->anchor);
dki->expire_withdraw = dki->issue.expire_withdraw =
GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_add (params->anchor, GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_add (params->anchor,
params->duration_withdraw)); params->duration_withdraw));
dki->expire_spend = dki->issue.expire_spend =
GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_add (params->anchor, GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_add (params->anchor,
params->duration_spend)); params->duration_spend));
dki->value = TALER_amount_hton (params->value); dki->issue.value = TALER_amount_hton (params->value);
dki->fee_withdraw = TALER_amount_hton (params->fee_withdraw); dki->issue.fee_withdraw = TALER_amount_hton (params->fee_withdraw);
dki->fee_deposit = TALER_amount_hton (params->fee_deposit); dki->issue.fee_deposit = TALER_amount_hton (params->fee_deposit);
dki->fee_refresh = TALER_amount_hton (params->fee_refresh); dki->issue.fee_refresh = TALER_amount_hton (params->fee_refresh);
dki->purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOM); dki->issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOM);
dki->purpose.size = htonl (sizeof (struct TALER_MINT_DenomKeyIssue) - offsetof (struct TALER_MINT_DenomKeyIssue, purpose)); dki->issue.purpose.size = htonl (sizeof (struct TALER_MINT_DenomKeyIssuePriv) - offsetof (struct TALER_MINT_DenomKeyIssuePriv, issue.purpose));
if (GNUNET_OK != GNUNET_CRYPTO_eddsa_sign (master_priv, &dki->purpose, &dki->signature)) if (GNUNET_OK !=
{ GNUNET_CRYPTO_eddsa_sign (master_priv,
&dki->issue.purpose,
&dki->issue.signature))
{
GNUNET_abort (); GNUNET_abort ();
} }
} }
@ -484,7 +489,7 @@ mint_keys_update_cointype (const char *coin_alias)
if (GNUNET_YES != GNUNET_DISK_file_test (dkf)) if (GNUNET_YES != GNUNET_DISK_file_test (dkf))
{ {
struct TALER_MINT_DenomKeyIssue denomkey_issue; struct TALER_MINT_DenomKeyIssuePriv denomkey_issue;
int ret; int ret;
printf ("Generating denomination key for type '%s', start %s.\n", printf ("Generating denomination key for type '%s', start %s.\n",
coin_alias, GNUNET_STRINGS_absolute_time_to_string (p.anchor)); coin_alias, GNUNET_STRINGS_absolute_time_to_string (p.anchor));

10
src/mint/test_mint_common.c
View File

@ -33,9 +33,9 @@
int int
main (int argc, const char *const argv[]) main (int argc, const char *const argv[])
{ {
struct TALER_MINT_DenomKeyIssue dki; struct TALER_MINT_DenomKeyIssuePriv dki;
struct TALER_RSA_PrivateKeyBinaryEncoded *enc; struct TALER_RSA_PrivateKeyBinaryEncoded *enc;
struct TALER_MINT_DenomKeyIssue dki_read; struct TALER_MINT_DenomKeyIssuePriv dki_read;
struct TALER_RSA_PrivateKeyBinaryEncoded *enc_read; struct TALER_RSA_PrivateKeyBinaryEncoded *enc_read;
char *tmpfile; char *tmpfile;
@ -48,7 +48,7 @@ main (int argc, const char *const argv[])
dki.denom_priv = NULL; dki.denom_priv = NULL;
dki_read.denom_priv = NULL; dki_read.denom_priv = NULL;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&dki.signature, &dki.issue.signature,
sizeof (dki) - offsetof (struct TALER_MINT_DenomKeyIssue, sizeof (dki) - offsetof (struct TALER_MINT_DenomKeyIssue,
signature)); signature));
dki.denom_priv = TALER_RSA_key_create (); dki.denom_priv = TALER_RSA_key_create ();
@ -61,8 +61,8 @@ main (int argc, const char *const argv[])
EXITIF (0 != memcmp (enc, EXITIF (0 != memcmp (enc,
enc_read, enc_read,
ntohs(enc->len))); ntohs(enc->len)));
EXITIF (0 != memcmp (&dki.signature, EXITIF (0 != memcmp (&dki.issue.signature,
&dki_read.signature, &dki_read.issue.signature,
sizeof (dki) - offsetof (struct TALER_MINT_DenomKeyIssue, sizeof (dki) - offsetof (struct TALER_MINT_DenomKeyIssue,
signature))); signature)));
ret = 0; ret = 0;

6
src/util/Makefile.am
View File

@ -22,17 +22,11 @@ libtalerutil_la_LDFLAGS = \
-export-dynamic -no-undefined -export-dynamic -no-undefined
check_PROGRAMS = \ check_PROGRAMS = \
test-hash-context \
test-rsa test-rsa
TESTS = \ TESTS = \
$(check_PROGRAMS) $(check_PROGRAMS)
test_hash_context_SOURCES = test_hash_context.c
test_hash_context_CPPFLAGS = $(AM_CPPFLAGS) $(LIBGCRYPT_CFLAGS)
test_hash_context_LDADD = libtalerutil.la \
-lgnunetutil $(LIBGCRYPT_LIBS)
test_rsa_SOURCES = test_rsa.c test_rsa_SOURCES = test_rsa.c
test_rsa_LDADD = libtalerutil.la \ test_rsa_LDADD = libtalerutil.la \
-lgnunetutil $(LIBGCRYPT_LIBS) -lgnunetutil $(LIBGCRYPT_LIBS)

48
src/util/test_hash_context.c
View File

@ -1,48 +0,0 @@
/*
This file is part of TALER
(C) 2014 Christian Grothoff (and other contributing authors)
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
Foundation; either version 3, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/>
*/
/**
* @file util/test_hash_context.c
* @brief test case for incremental hashing
* @author Florian Dold
*/
#include "platform.h"
#include "taler_util.h"
#include <gcrypt.h>
#define LEN 1234
int main()
{
char data[1234];
struct GNUNET_HashCode hc1;
struct GNUNET_HashCode hc2;
struct GNUNET_HashContext hctx;
memset (data, 42, LEN);
GNUNET_CRYPTO_hash_context_start (&hctx);
GNUNET_CRYPTO_hash_context_read (&hctx, data, LEN);
GNUNET_CRYPTO_hash_context_finish (&hctx, &hc1);
GNUNET_CRYPTO_hash (data, LEN, &hc2);
if (0 == memcmp (&hc1, &hc2, sizeof (struct GNUNET_HashCode)))
return 0;
return 1;
}