implement new taler-auditor-offline tool

src/exchange-tools/.gitignore

@@ -2,3 +2,4 @@ test_taler_exchange_httpd_home/.local/share/taler/exchange/live-keys/
 test_taler_exchange_httpd_home/.local/share/taler/exchange/wirefees/
 test_taler_exchange_httpd_home/.config/taler/account-1.json
 taler-exchange-offline
+taler-auditor-offline

src/exchange-tools/Makefile.am

@@ -13,6 +13,7 @@ if USE_COVERAGE
 endif
 
 bin_PROGRAMS = \
+  taler-auditor-offline \
   taler-exchange-keyup \
   taler-exchange-keycheck \
   taler-exchange-offline \
@@ -47,6 +48,20 @@ taler_exchange_offline_LDADD = \
   $(XLIB)
 
 
+taler_auditor_offline_SOURCES = \
+  taler-auditor-offline.c
+taler_auditor_offline_LDADD = \
+  $(LIBGCRYPT_LIBS) \
+  $(top_builddir)/src/lib/libtalerexchange.la \
+  $(top_builddir)/src/json/libtalerjson.la \
+  $(top_builddir)/src/util/libtalerutil.la \
+  -lgnunetjson \
+  -lgnunetcurl \
+  -ljansson \
+  -lgnunetutil \
+  $(XLIB)
+
+
 taler_exchange_wire_SOURCES = \
   taler-exchange-wire.c
 taler_exchange_wire_LDADD = \

src/exchange-tools/taler-exchange-offline.c

@@ -2391,6 +2391,9 @@ do_sign (char *const *args)
       return;
     }
   }
+  if (GNUNET_OK !=
+      load_offline_key ())
+    return;
 
   {
     const char *err_name;

src/exchange/taler-exchange-httpd_auditors.c

@@ -144,39 +144,24 @@ add_auditor_denom_sig (void *cls,
       TALER_B2S (awc->auditor_pub));
     return GNUNET_DB_STATUS_HARD_ERROR;
   }
-  {
-    struct TALER_ExchangeKeyValidityPS kv = {
-      .purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS),
-      .purpose.size = htonl (sizeof (kv)),
-      .master = TEH_master_public_key,
-      .start = GNUNET_TIME_absolute_hton (meta.start),
-      .expire_withdraw = GNUNET_TIME_absolute_hton (meta.expire_withdraw),
-      .expire_deposit = GNUNET_TIME_absolute_hton (meta.expire_deposit),
-      .expire_legal = GNUNET_TIME_absolute_hton (meta.expire_legal),
-      .denom_hash = *awc->h_denom_pub
-    };
-
-    TALER_amount_hton (&kv.value,
-                       &meta.value);
-    TALER_amount_hton (&kv.fee_withdraw,
-                       &meta.fee_withdraw);
-    TALER_amount_hton (&kv.fee_deposit,
-                       &meta.fee_deposit);
-    TALER_amount_hton (&kv.fee_refresh,
-                       &meta.fee_refresh);
-    TALER_amount_hton (&kv.fee_refund,
-                       &meta.fee_refund);
-    GNUNET_CRYPTO_hash (auditor_url,
-                        strlen (auditor_url) + 1,
-                        &kv.auditor_url_hash);
-    GNUNET_free (auditor_url);
   if (GNUNET_OK !=
-        GNUNET_CRYPTO_eddsa_verify (
+      TALER_auditor_denom_validity_verify (
-          TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS,
+        auditor_url,
-          &kv,
+        awc->h_denom_pub,
-          &awc->auditor_sig.eddsa_sig,
+        &TEH_master_public_key,
-          &TEH_master_public_key.eddsa_pub))
+        meta.start,
+        meta.expire_withdraw,
+        meta.expire_deposit,
+        meta.expire_legal,
+        &meta.value,
+        &meta.fee_withdraw,
+        &meta.fee_deposit,
+        &meta.fee_refresh,
+        &meta.fee_refund,
+        awc->auditor_pub,
+        &awc->auditor_sig))
   {
+    GNUNET_free (auditor_url);
     /* signature invalid */
     GNUNET_break_op (0);
     *mhd_ret = TALER_MHD_reply_with_error (
@@ -186,7 +171,7 @@ add_auditor_denom_sig (void *cls,
       NULL);
     return GNUNET_DB_STATUS_HARD_ERROR;
   }
-  }
+  GNUNET_free (auditor_url);
 
   qs = TEH_plugin->insert_auditor_denom_sig (TEH_plugin->cls,
                                              session,

src/include/taler_crypto_lib.h

@@ -1294,6 +1294,79 @@ TALER_exchange_secmod_rsa_verify (
   const struct TALER_SecurityModuleSignatureP *secm_sig);
 
 
+/**
+ * Create denomination key validity signature by the auditor.
+ *
+ * @param auditor_url BASE URL of the auditor's API
+ * @param h_denom_pub hash of the denomination's public key
+ * @param master_pub master public key of the exchange
+ * @param stamp_start when does the exchange begin signing with this key
+ * @param stamp_expire_withdraw when does the exchange end signing with this key
+ * @param stamp_expire_deposit how long does the exchange accept the deposit of coins with this key
+ * @param stamp_expire_legal how long does the exchange preserve information for legal disputes with this key
+ * @param coin_value what is the value of coins signed with this key
+ * @param fee_withdraw what withdraw fee does the exchange charge for this denomination
+ * @param fee_deposit what deposit fee does the exchange charge for this denomination
+ * @param fee_refresh what refresh fee does the exchange charge for this denomination
+ * @param fee_refund what refund fee does the exchange charge for this denomination
+ * @param auditor_priv private key to sign with
+ * @param[out] auditor_sig where to write the signature
+ */
+void
+TALER_auditor_denom_validity_sign (
+  const char *auditor_url,
+  const struct GNUNET_HashCode *h_denom_pub,
+  const struct TALER_MasterPublicKeyP *master_pub,
+  struct GNUNET_TIME_Absolute stamp_start,
+  struct GNUNET_TIME_Absolute stamp_expire_withdraw,
+  struct GNUNET_TIME_Absolute stamp_expire_deposit,
+  struct GNUNET_TIME_Absolute stamp_expire_legal,
+  const struct TALER_Amount *coin_value,
+  const struct TALER_Amount *fee_withdraw,
+  const struct TALER_Amount *fee_deposit,
+  const struct TALER_Amount *fee_refresh,
+  const struct TALER_Amount *fee_refund,
+  const struct TALER_AuditorPrivateKeyP *auditor_priv,
+  struct TALER_AuditorSignatureP *auditor_sig);
+
+
+/**
+ * Verify denomination key validity signature from auditor.
+ *
+ * @param auditor_url BASE URL of the auditor's API
+ * @param h_denom_pub hash of the denomination's public key
+ * @param master_pub master public key of the exchange
+ * @param stamp_start when does the exchange begin signing with this key
+ * @param stamp_expire_withdraw when does the exchange end signing with this key
+ * @param stamp_expire_deposit how long does the exchange accept the deposit of coins with this key
+ * @param stamp_expire_legal how long does the exchange preserve information for legal disputes with this key
+ * @param coin_value what is the value of coins signed with this key
+ * @param fee_withdraw what withdraw fee does the exchange charge for this denomination
+ * @param fee_deposit what deposit fee does the exchange charge for this denomination
+ * @param fee_refresh what refresh fee does the exchange charge for this denomination
+ * @param fee_refund what refund fee does the exchange charge for this denomination
+ * @param auditor_pub public key to verify against
+ * @param auditor_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+int
+TALER_auditor_denom_validity_verify (
+  const char *auditor_url,
+  const struct GNUNET_HashCode *h_denom_pub,
+  const struct TALER_MasterPublicKeyP *master_pub,
+  struct GNUNET_TIME_Absolute stamp_start,
+  struct GNUNET_TIME_Absolute stamp_expire_withdraw,
+  struct GNUNET_TIME_Absolute stamp_expire_deposit,
+  struct GNUNET_TIME_Absolute stamp_expire_legal,
+  const struct TALER_Amount *coin_value,
+  const struct TALER_Amount *fee_withdraw,
+  const struct TALER_Amount *fee_deposit,
+  const struct TALER_Amount *fee_refresh,
+  const struct TALER_Amount *fee_refund,
+  const struct TALER_AuditorPublicKeyP *auditor_pub,
+  const struct TALER_AuditorSignatureP *auditor_sig);
+
+
 /* **************** /wire account offline signing **************** */
 
 

src/include/taler_exchange_service.h

@@ -393,7 +393,7 @@ struct TALER_EXCHANGE_HttpResponse
 
 /**
  * Function called with information about who is auditing
- * a particular exchange and what key the exchange is using.
+ * a particular exchange and what keys the exchange is using.
  *
  * @param cls closure
  * @param hr HTTP response data

src/include/taler_signatures.h

@@ -1041,7 +1041,7 @@ struct TALER_ExchangeKeyValidityPS
 
   /**
    * The long-term offline master key of the exchange, affirmed by the
-   * auditor.  Hashed string, including 0-terminator.
+   * auditor.
    */
   struct TALER_MasterPublicKeyP master;
 

src/lib/exchange_api_handle.c

@@ -519,7 +519,6 @@ parse_json_auditor (struct TALER_EXCHANGE_AuditorInformation *auditor,
   unsigned int off;
   unsigned int i;
   const char *auditor_url;
-  struct TALER_ExchangeKeyValidityPS kv;
   struct GNUNET_JSON_Specification spec[] = {
     GNUNET_JSON_spec_fixed_auto ("auditor_pub",
                                  &auditor->auditor_pub),
@@ -539,12 +538,6 @@ parse_json_auditor (struct TALER_EXCHANGE_AuditorInformation *auditor,
     return GNUNET_SYSERR;
   }
   auditor->auditor_url = GNUNET_strdup (auditor_url);
-  kv.purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS);
-  kv.purpose.size = htonl (sizeof (struct TALER_ExchangeKeyValidityPS));
-  GNUNET_CRYPTO_hash (auditor_url,
-                      strlen (auditor_url) + 1,
-                      &kv.auditor_url_hash);
-  kv.master = key_data->master_pub;
   len = json_array_size (keys);
   auditor->denom_keys = GNUNET_new_array (len,
                                           struct
@@ -590,27 +583,22 @@ parse_json_auditor (struct TALER_EXCHANGE_AuditorInformation *auditor,
     }
     if (check_sigs)
     {
-      kv.start = GNUNET_TIME_absolute_hton (dk->valid_from);
-      kv.expire_withdraw = GNUNET_TIME_absolute_hton (dk->withdraw_valid_until);
-      kv.expire_deposit = GNUNET_TIME_absolute_hton (dk->expire_deposit);
-      kv.expire_legal = GNUNET_TIME_absolute_hton (dk->expire_legal);
-      TALER_amount_hton (&kv.value,
-                         &dk->value);
-      TALER_amount_hton (&kv.fee_withdraw,
-                         &dk->fee_withdraw);
-      TALER_amount_hton (&kv.fee_deposit,
-                         &dk->fee_deposit);
-      TALER_amount_hton (&kv.fee_refresh,
-                         &dk->fee_refresh);
-      TALER_amount_hton (&kv.fee_refund,
-                         &dk->fee_refund);
-      kv.denom_hash = dk->h_key;
-
       if (GNUNET_OK !=
-          GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS,
+          TALER_auditor_denom_validity_verify (
-                                      &kv,
+            auditor_url,
-                                      &auditor_sig.eddsa_sig,
+            &dk->h_key,
-                                      &auditor->auditor_pub.eddsa_pub))
+            &key_data->master_pub,
+            dk->valid_from,
+            dk->withdraw_valid_until,
+            dk->expire_deposit,
+            dk->expire_legal,
+            &dk->value,
+            &dk->fee_withdraw,
+            &dk->fee_deposit,
+            &dk->fee_refresh,
+            &dk->fee_refund,
+            &auditor->auditor_pub,
+            &auditor_sig))
       {
         GNUNET_break_op (0);
         GNUNET_JSON_parse_free (spec);

src/testing/testing_api_cmd_auditor_add_denom_sig.c

@@ -139,36 +139,25 @@ auditor_add_run (void *cls,
   }
   else
   {
-    struct TALER_ExchangeKeyValidityPS kv = {
+    struct TALER_MasterPublicKeyP master_pub;
-      .purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS),
-      .purpose.size = htonl (sizeof (struct TALER_ExchangeKeyValidityPS)),
-      .start = GNUNET_TIME_absolute_hton (dk->valid_from),
-      .expire_withdraw = GNUNET_TIME_absolute_hton (
-        dk->withdraw_valid_until),
-      .expire_deposit = GNUNET_TIME_absolute_hton (dk->expire_deposit),
-      .expire_legal = GNUNET_TIME_absolute_hton (dk->expire_legal),
-      .denom_hash = dk->h_key
-    };
 
-    TALER_amount_hton (&kv.value,
-                       &dk->value);
-    TALER_amount_hton (&kv.fee_withdraw,
-                       &dk->fee_withdraw);
-    TALER_amount_hton (&kv.fee_deposit,
-                       &dk->fee_deposit);
-    TALER_amount_hton (&kv.fee_refresh,
-                       &dk->fee_refresh);
-    TALER_amount_hton (&kv.fee_refund,
-                       &dk->fee_refund);
     GNUNET_CRYPTO_eddsa_key_get_public (&is->master_priv.eddsa_priv,
-                                        &kv.master.eddsa_pub);
+                                        &master_pub.eddsa_pub);
-    GNUNET_CRYPTO_hash (is->auditor_url,
+    TALER_auditor_denom_validity_sign (
-                        strlen (is->auditor_url) + 1,
+      is->auditor_url,
-                        &kv.auditor_url_hash);
+      &dk->h_key,
-    /* Finally sign ... */
+      &master_pub,
-    GNUNET_CRYPTO_eddsa_sign (&is->auditor_priv.eddsa_priv,
+      dk->valid_from,
-                              &kv,
+      dk->withdraw_valid_until,
-                              &auditor_sig.eddsa_sig);
+      dk->expire_deposit,
+      dk->expire_legal,
+      &dk->value,
+      &dk->fee_withdraw,
+      &dk->fee_deposit,
+      &dk->fee_refresh,
+      &dk->fee_refund,
+      &is->auditor_priv,
+      &auditor_sig);
   }
   ds->dh = TALER_EXCHANGE_add_auditor_denomination (
     is->ctx,

src/util/Makefile.am

@@ -60,6 +60,7 @@ lib_LTLIBRARIES = \
 
 libtalerutil_la_SOURCES = \
   amount.c \
+  auditor_signatures.c \
   config.c \
   crypto.c \
   crypto_helper_denom.c \

src/util/auditor_signatures.c

@@ -0,0 +1,122 @@
+/*
+  This file is part of TALER
+  Copyright (C) 2020 Taler Systems SA
+
+  TALER is free software; you can redistribute it and/or modify it under the
+  terms of the GNU General Public License as published by the Free Software
+  Foundation; either version 3, or (at your option) any later version.
+
+  TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+  A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License along with
+  TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file auditor_signatures.c
+ * @brief Utility functions for Taler auditor signatures
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "taler_util.h"
+#include "taler_signatures.h"
+
+
+void
+TALER_auditor_denom_validity_sign (
+  const char *auditor_url,
+  const struct GNUNET_HashCode *h_denom_pub,
+  const struct TALER_MasterPublicKeyP *master_pub,
+  struct GNUNET_TIME_Absolute stamp_start,
+  struct GNUNET_TIME_Absolute stamp_expire_withdraw,
+  struct GNUNET_TIME_Absolute stamp_expire_deposit,
+  struct GNUNET_TIME_Absolute stamp_expire_legal,
+  const struct TALER_Amount *coin_value,
+  const struct TALER_Amount *fee_withdraw,
+  const struct TALER_Amount *fee_deposit,
+  const struct TALER_Amount *fee_refresh,
+  const struct TALER_Amount *fee_refund,
+  const struct TALER_AuditorPrivateKeyP *auditor_priv,
+  struct TALER_AuditorSignatureP *auditor_sig)
+{
+  struct TALER_ExchangeKeyValidityPS kv = {
+    .purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS),
+    .purpose.size = htonl (sizeof (kv)),
+    .start = GNUNET_TIME_absolute_hton (stamp_start),
+    .expire_withdraw = GNUNET_TIME_absolute_hton (stamp_expire_withdraw),
+    .expire_deposit = GNUNET_TIME_absolute_hton (stamp_expire_deposit),
+    .expire_legal = GNUNET_TIME_absolute_hton (stamp_expire_legal),
+    .denom_hash = *h_denom_pub,
+    .master = *master_pub,
+  };
+
+  TALER_amount_hton (&kv.value,
+                     coin_value);
+  TALER_amount_hton (&kv.fee_withdraw,
+                     fee_withdraw);
+  TALER_amount_hton (&kv.fee_deposit,
+                     fee_deposit);
+  TALER_amount_hton (&kv.fee_refresh,
+                     fee_refresh);
+  TALER_amount_hton (&kv.fee_refund,
+                     fee_refund);
+  GNUNET_CRYPTO_hash (auditor_url,
+                      strlen (auditor_url) + 1,
+                      &kv.auditor_url_hash);
+  GNUNET_CRYPTO_eddsa_sign (&auditor_priv->eddsa_priv,
+                            &kv,
+                            &auditor_sig->eddsa_sig);
+}
+
+
+int
+TALER_auditor_denom_validity_verify (
+  const char *auditor_url,
+  const struct GNUNET_HashCode *h_denom_pub,
+  const struct TALER_MasterPublicKeyP *master_pub,
+  struct GNUNET_TIME_Absolute stamp_start,
+  struct GNUNET_TIME_Absolute stamp_expire_withdraw,
+  struct GNUNET_TIME_Absolute stamp_expire_deposit,
+  struct GNUNET_TIME_Absolute stamp_expire_legal,
+  const struct TALER_Amount *coin_value,
+  const struct TALER_Amount *fee_withdraw,
+  const struct TALER_Amount *fee_deposit,
+  const struct TALER_Amount *fee_refresh,
+  const struct TALER_Amount *fee_refund,
+  const struct TALER_AuditorPublicKeyP *auditor_pub,
+  const struct TALER_AuditorSignatureP *auditor_sig)
+{
+  struct TALER_ExchangeKeyValidityPS kv = {
+    .purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS),
+    .purpose.size = htonl (sizeof (kv)),
+    .start = GNUNET_TIME_absolute_hton (stamp_start),
+    .expire_withdraw = GNUNET_TIME_absolute_hton (stamp_expire_withdraw),
+    .expire_deposit = GNUNET_TIME_absolute_hton (stamp_expire_deposit),
+    .expire_legal = GNUNET_TIME_absolute_hton (stamp_expire_legal),
+    .denom_hash = *h_denom_pub,
+    .master = *master_pub,
+  };
+
+  TALER_amount_hton (&kv.value,
+                     coin_value);
+  TALER_amount_hton (&kv.fee_withdraw,
+                     fee_withdraw);
+  TALER_amount_hton (&kv.fee_deposit,
+                     fee_deposit);
+  TALER_amount_hton (&kv.fee_refresh,
+                     fee_refresh);
+  TALER_amount_hton (&kv.fee_refund,
+                     fee_refund);
+  GNUNET_CRYPTO_hash (auditor_url,
+                      strlen (auditor_url) + 1,
+                      &kv.auditor_url_hash);
+  return
+    GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS,
+                                &kv,
+                                &auditor_sig->eddsa_sig,
+                                &auditor_pub->eddsa_pub);
+}
+
+
+/* end of auditor_signatures.c */