taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

clean up struct TALER_ExchangeSigningKeyValidityPS

Browse Source 
(long-standing fixme: should not have contained the signature itself)
This commit is contained in:
Christian Grothoff 2018-10-27 18:39:12 +02:00
parent bfd8a6fa68
commit 60fe2395fd
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
6 changed files with 40 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/exchange-lib/exchange_api_handle.c
View File

@ -223,9 +223,10 @@ parse_json_signkey (struct TALER_EXCHANGE_SigningPublicKey *sign_key,
const struct TALER_MasterPublicKeyP *master_key)
{
struct TALER_ExchangeSigningKeyValidityPS sign_key_issue;
struct TALER_MasterSignatureP sign_key_issue_sig;
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_fixed_auto ("master_sig",
&sign_key->master_sig),
&sign_key_issue_sig),
GNUNET_JSON_spec_fixed_auto ("key",
&sign_key->key),
GNUNET_JSON_spec_absolute_time ("stamp_start",
@ -250,10 +251,7 @@ parse_json_signkey (struct TALER_EXCHANGE_SigningPublicKey *sign_key,
return GNUNET_OK;
sign_key_issue.signkey_pub = sign_key->key;
sign_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY);
sign_key_issue.purpose.size =
htonl (sizeof (struct TALER_ExchangeSigningKeyValidityPS)
- offsetof (struct TALER_ExchangeSigningKeyValidityPS,
purpose));
sign_key_issue.purpose.size = htonl (sizeof (struct TALER_ExchangeSigningKeyValidityPS));
sign_key_issue.master_public_key = *master_key;
sign_key_issue.start = GNUNET_TIME_absolute_hton (sign_key->valid_from);
sign_key_issue.expire = GNUNET_TIME_absolute_hton (sign_key->valid_until);
@ -261,7 +259,7 @@ parse_json_signkey (struct TALER_EXCHANGE_SigningPublicKey *sign_key,
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY,
&sign_key_issue.purpose,
&sign_key->master_sig.eddsa_signature,
&sign_key_issue_sig.eddsa_signature,
&master_key->eddsa_pub))
{
GNUNET_break_op (0);

6
src/exchange-tools/taler-exchange-keycheck.c
View File

@ -64,9 +64,7 @@ signkeys_iter (void *cls,
(GNUNET_TIME_absolute_ntoh (ski->issue.start)));
if (ntohl (ski->issue.purpose.size) !=
(sizeof (struct TALER_ExchangeSigningKeyValidityPS) -
offsetof (struct TALER_ExchangeSigningKeyValidityPS,
purpose)))
(sizeof (struct TALER_ExchangeSigningKeyValidityPS)))
{
fprintf (stderr,
"Signing key `%s' has invalid purpose size\n",
@ -85,7 +83,7 @@ signkeys_iter (void *cls,
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY,
&ski->issue.purpose,
&ski->issue.signature.eddsa_signature,
&ski->master_sig.eddsa_signature,
&ski->issue.master_public_key.eddsa_pub))
{
fprintf (stderr,

7
src/exchange-tools/taler-exchange-keyup.c
View File

@ -472,14 +472,11 @@ create_signkey_issue_priv (struct GNUNET_TIME_Absolute start,
GNUNET_CRYPTO_eddsa_key_get_public (&pi->signkey_priv.eddsa_priv,
&issue->signkey_pub.eddsa_pub);
issue->purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY);
issue->purpose.size = htonl (sizeof (struct TALER_ExchangeSigningKeyValidityPS) -
offsetof (struct TALER_ExchangeSigningKeyValidityPS,
purpose));
issue->purpose.size = htonl (sizeof (struct TALER_ExchangeSigningKeyValidityPS));
GNUNET_assert (GNUNET_OK ==
GNUNET_CRYPTO_eddsa_sign (&master_priv.eddsa_priv,
&issue->purpose,
&issue->signature.eddsa_signature));
&pi->master_sig.eddsa_signature));
}

10
src/exchange/taler-exchange-httpd_keystate.c
View File

@ -795,10 +795,12 @@ reload_keys_denom_iter (void *cls,
* Convert the public part of a sign key issue to a JSON object.
*
* @param ski the sign key issue
* @param ski_sig signature over @a ski
* @return a JSON object describing the sign key issue (public part)
*/
static json_t *
sign_key_issue_to_json (const struct TALER_ExchangeSigningKeyValidityPS *ski)
sign_key_issue_to_json (const struct TALER_ExchangeSigningKeyValidityPS *ski,
struct TALER_MasterSignatureP *ski_sig)
{
return
json_pack ("{s:o, s:o, s:o, s:o, s:o}",
@ -809,7 +811,7 @@ sign_key_issue_to_json (const struct TALER_ExchangeSigningKeyValidityPS *ski)
"stamp_end",
GNUNET_JSON_from_time_abs (GNUNET_TIME_absolute_ntoh (ski->end)),
"master_sig",
GNUNET_JSON_from_data_auto (&ski->signature),
GNUNET_JSON_from_data_auto (ski_sig),
"key",
GNUNET_JSON_from_data_auto (&ski->signkey_pub));
}
@ -823,6 +825,7 @@ sign_key_issue_to_json (const struct TALER_ExchangeSigningKeyValidityPS *ski)
* @param cls closure with the `struct ResponseFactoryContext *`
* @param filename name of the file the key came from
* @param ski the sign key issue
* @param ski_sig signature over @a ski
* @return #GNUNET_OK to continue to iterate,
* #GNUNET_NO to stop iteration with no error,
* #GNUNET_SYSERR to abort iteration with error!
@ -878,7 +881,8 @@ reload_keys_sign_iter (void *cls,
}
GNUNET_assert (0 ==
json_array_append_new (rfc->sign_keys_array,
sign_key_issue_to_json (&ski->issue)));
sign_key_issue_to_json (&ski->issue,
&ski->master_sig)));
return GNUNET_OK;
}

6
src/include/taler_exchangedb_lib.h
View File

@ -55,10 +55,16 @@ struct TALER_EXCHANGEDB_PrivateSigningKeyInformationP
*/
struct TALER_ExchangePrivateKeyP signkey_priv;
/**
* Signature over @e issue
*/
struct TALER_MasterSignatureP master_sig;
/**
* Public information about a exchange signing key.
*/
struct TALER_ExchangeSigningKeyValidityPS issue;
};

7
src/include/taler_signatures.h
View File

@ -607,13 +607,6 @@ struct TALER_RefreshMeltConfirmationPS
*/
struct TALER_ExchangeSigningKeyValidityPS
{
/**
* Signature over the signing key (by the master key of the exchange).
*
* FIXME: should be moved outside of the "PS" struct, this is ugly.
* (and makes this struct different from all of the others)
*/
struct TALER_MasterSignatureP signature;
/**
* Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY.