taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

implement exchange online signing key client library

Browse Source
This commit is contained in:
Christian Grothoff 2020-11-23 20:30:10 +01:00
parent 3e37c63fbd
commit 77dbb83276
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
8 changed files with 715 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

144
src/include/taler_crypto_lib.h
View File

@ -1,6 +1,6 @@
/*
This file is part of TALER
Copyright (C) 2014-2018 Taler Systems SA
Copyright (C) 2014-2020 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
@ -837,7 +837,7 @@ TALER_CRYPTO_helper_denom_connect (
* @param dh helper process connection
*/
void
TALER_CRYPTO_helper_poll (struct TALER_CRYPTO_DenominationHelper *dh);
TALER_CRYPTO_helper_denom_poll (struct TALER_CRYPTO_DenominationHelper *dh);
/**
@ -898,6 +898,146 @@ TALER_CRYPTO_helper_denom_disconnect (
struct TALER_CRYPTO_DenominationHelper *dh);
/**
* Handle for talking to an online key signing helper.
*/
struct TALER_CRYPTO_ExchangeSignHelper;
/**
* Function called with information about available keys for signing. Usually
* only called once per key upon connect. Also called again in case a key is
* being revoked, in that case with an @a end_time of zero.
*
* @param cls closure
* @param start_time when does the key become available for signing;
* zero if the key has been revoked or purged
* @param validity_duration how long does the key remain available for signing;
* zero if the key has been revoked or purged
* @param exchange_pub the public key itself, NULL if the key was revoked or purged
* @param sm_pub public key of the security module, NULL if the key was revoked or purged
* @param sm_sig signature from the security module, NULL if the key was revoked or purged
* The signature was already verified against @a sm_pub.
*/
typedef void
(*TALER_CRYPTO_ExchangeKeyStatusCallback)(
void *cls,
struct GNUNET_TIME_Absolute start_time,
struct GNUNET_TIME_Relative validity_duration,
const struct TALER_ExchangePublicKeyP *exchange_pub,
const struct TALER_SecurityModulePublicKeyP *sm_pub,
const struct TALER_SecurityModuleSignatureP *sm_sig);
/**
* Initiate connection to an online signing key helper.
*
* @param cfg configuration to use
* @param ekc function to call with key information
* @param ekc_cls closure for @a ekc
* @return NULL on error (such as bad @a cfg).
*/
struct TALER_CRYPTO_ExchangeSignHelper *
TALER_CRYPTO_helper_esign_connect (
const struct GNUNET_CONFIGURATION_Handle *cfg,
TALER_CRYPTO_ExchangeKeyStatusCallback ekc,
void *ekc_cls);
/**
* Function to call to 'poll' for updates to the available key material.
* Should be called whenever it is important that the key material status is
* current, like when handling a "/keys" request. This function basically
* briefly checks if there are messages from the helper announcing changes to
* exchange online signing keys.
*
* @param esh helper process connection
*/
void
TALER_CRYPTO_helper_esign_poll (struct TALER_CRYPTO_ExchangeSignHelper *esh);
/**
* Request helper @a esh to sign @a msg using the current online
* signing key.
*
* This operation will block until the signature has been obtained. Should
* this process receive a signal (that is not ignored) while the operation is
* pending, the operation will fail. Note that the helper may still believe
* that it created the signature. Thus, signals may result in a small
* differences in the signature counters. Retrying in this case may work.
*
* @param esh helper process connection
* @param purpose message to sign (must extend beyond the purpose)
* @param[out] exchange_pub set to the public key used for the signature upon success
* @param[out] exchange_sig set to the signature upon success
* @return the error code (or #TALER_EC_NONE on success)
*/
enum TALER_ErrorCode
TALER_CRYPTO_helper_esign_sign_ (
struct TALER_CRYPTO_ExchangeSignHelper *esh,
const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
struct TALER_ExchangePublicKeyP *exchange_pub,
struct TALER_ExchangeSignatureP *exchange_sig);
/**
* Request helper @a esh to sign @a msg using the current online
* signing key.
*
* This operation will block until the signature has been obtained. Should
* this process receive a signal (that is not ignored) while the operation is
* pending, the operation will fail. Note that the helper may still believe
* that it created the signature. Thus, signals may result in a small
* differences in the signature counters. Retrying in this case may work.
*
* @param esh helper process connection
* @param ps message to sign (MUST begin with a purpose)
* @param[out] exchange_pub set to the public key used for the signature upon success
* @param[out] exchange_sig set to the signature upon success
* @return the error code (or #TALER_EC_NONE on success)
*/
#define TALER_CRYPTO_helper_esign_sign(esh,ps,epub,esig) ( \
/* check size is set correctly */ \
GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)), \
/* check 'ps' begins with the purpose */ \
GNUNET_static_assert (((void*) (ps)) == \
((void*) &(ps)->purpose)), \
TALER_CRYPTO_helper_esign_sign_ (esh, \
&(ps)->purpose, \
epub, \
esig) )
/**
* Ask the helper to revoke the public key @param exchange_pub.
* Will cause the helper to tell all clients that the key is now unavailable,
* and to create a replacement key.
*
* This operation will block until the revocation request has been
* transmitted. Should this process receive a signal (that is not ignored)
* while the operation is pending, the operation may fail. If the key is
* unknown, this function will also appear to have succeeded. To be sure that
* the revocation worked, clients must watch the signing key status callback.
*
* @param esh helper to process connection
* @param exchange_pub the public key to revoke
*/
void
TALER_CRYPTO_helper_esign_revoke (
struct TALER_CRYPTO_ExchangeSignHelper *esh,
const struct TALER_ExchangePublicKeyP *exchange_pub);
/**
* Close connection to @a esh.
*
* @param[in] esh connection to close
*/
void
TALER_CRYPTO_helper_esign_disconnect (
struct TALER_CRYPTO_ExchangeSignHelper *esh);
/* **************** /wire account offline signing **************** */

2
src/include/taler_signatures.h
View File

@ -329,7 +329,7 @@ struct TALER_SigningKeyAnnouncementPS
/**
* How long is the key available after @e anchor_time?
*/
struct GNUNET_TIME_RelativeNBO duration_withdraw;
struct GNUNET_TIME_RelativeNBO duration;
};

1
src/util/Makefile.am
View File

@ -62,6 +62,7 @@ libtalerutil_la_SOURCES = \
config.c \
crypto.c \
crypto_helper_denom.c \
crypto_helper_esign.c \
crypto_wire.c \
getopt.c \
lang.c \

4
src/util/crypto_helper_denom.c
View File

@ -234,7 +234,7 @@ TALER_CRYPTO_helper_denom_connect (
}
dh->template = template;
}
TALER_CRYPTO_helper_poll (dh);
TALER_CRYPTO_helper_denom_poll (dh);
return dh;
}
@ -350,7 +350,7 @@ handle_mt_purge (struct TALER_CRYPTO_DenominationHelper *dh,
void
TALER_CRYPTO_helper_poll (struct TALER_CRYPTO_DenominationHelper *dh)
TALER_CRYPTO_helper_denom_poll (struct TALER_CRYPTO_DenominationHelper *dh)
{
char buf[UINT16_MAX];
ssize_t ret;

551
src/util/crypto_helper_esign.c Normal file
View File

@ -0,0 +1,551 @@
/*
This file is part of TALER
Copyright (C) 2020 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
Foundation; either version 3, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
*/
/**
* @file util/crypto_helper_esign.c
* @brief utility functions for running out-of-process private key operations
* @author Christian Grothoff
*/
#include "platform.h"
#include "taler_util.h"
#include "taler_signatures.h"
#include "taler-helper-crypto-eddsa.h"
struct TALER_CRYPTO_ExchangeSignHelper
{
/**
* Function to call with updates to available key material.
*/
TALER_CRYPTO_ExchangeKeyStatusCallback ekc;
/**
* Closure for @e ekc
*/
void *ekc_cls;
/**
* Socket address of the denomination helper process.
* Used to reconnect if the connection breaks.
*/
struct sockaddr_un sa;
/**
* Socket address of this process.
*/
struct sockaddr_un my_sa;
/**
* Template for @e my_sa.
*/
char *template;
/**
* The UNIX domain socket, -1 if we are currently not connected.
*/
int sock;
};
/**
* Disconnect from the helper process. Updates
* @e sock field in @a esh.
*
* @param[in,out] esh handle to tear down connection of
*/
static void
do_disconnect (struct TALER_CRYPTO_ExchangeSignHelper *esh)
{
GNUNET_break (0 == close (esh->sock));
if (0 != unlink (esh->my_sa.sun_path))
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"unlink",
esh->my_sa.sun_path);
esh->sock = -1;
}
/**
* Try to connect to the helper process. Updates
* @e sock field in @a esh.
*
* @param[in,out] esh handle to establish connection for
*/
static void
try_connect (struct TALER_CRYPTO_ExchangeSignHelper *esh)
{
if (-1 != esh->sock)
return;
esh->sock = socket (AF_UNIX,
SOCK_DGRAM,
0);
if (-1 == esh->sock)
{
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"socket");
return;
}
{
char *tmpdir;
tmpdir = GNUNET_DISK_mktemp (esh->template);
if (NULL == tmpdir)
{
do_disconnect (esh);
return;
}
/* we use >= here because we want the sun_path to always
be 0-terminated */
if (strlen (tmpdir) >= sizeof (esh->sa.sun_path))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"PATHS",
"TALER_RUNTIME_DIR",
"path too long");
GNUNET_free (tmpdir);
do_disconnect (esh);
return;
}
esh->my_sa.sun_family = AF_UNIX;
strncpy (esh->my_sa.sun_path,
tmpdir,
sizeof (esh->sa.sun_path));
if (0 != unlink (tmpdir))
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"unlink",
tmpdir);
GNUNET_free (tmpdir);
}
if (0 != bind (esh->sock,
(const struct sockaddr *) &esh->my_sa,
sizeof (esh->my_sa)))
{
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"bind");
do_disconnect (esh);
return;
}
{
struct GNUNET_MessageHeader hdr = {
.size = htons (sizeof (hdr)),
.type = htons (TALER_HELPER_EDDSA_MT_REQ_INIT)
};
ssize_t ret;
ret = sendto (esh->sock,
&hdr,
sizeof (hdr),
0,
(const struct sockaddr *) &esh->sa,
sizeof (esh->sa));
if (ret < 0)
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"sendto",
esh->sa.sun_path);
do_disconnect (esh);
return;
}
/* We are using SOCK_DGRAM, partial writes should not be possible */
GNUNET_break (((size_t) ret) == sizeof (hdr));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Successfully sent REQ_INIT\n");
}
}
struct TALER_CRYPTO_ExchangeSignHelper *
TALER_CRYPTO_helper_esign_connect (
const struct GNUNET_CONFIGURATION_Handle *cfg,
TALER_CRYPTO_ExchangeKeyStatusCallback ekc,
void *ekc_cls)
{
struct TALER_CRYPTO_ExchangeSignHelper *esh;
char *unixpath;
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_filename (cfg,
"taler-helper-crypto-eddsa",
"UNIXPATH",
&unixpath))
{
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
"taler-helper-crypto-eddsa",
"UNIXPATH");
return NULL;
}
/* we use >= here because we want the sun_path to always
be 0-terminated */
if (strlen (unixpath) >= sizeof (esh->sa.sun_path))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"taler-helper-crypto-eddsa",
"UNIXPATH",
"path too long");
GNUNET_free (unixpath);
return NULL;
}
esh = GNUNET_new (struct TALER_CRYPTO_ExchangeSignHelper);
esh->ekc = ekc;
esh->ekc_cls = ekc_cls;
esh->sa.sun_family = AF_UNIX;
strncpy (esh->sa.sun_path,
unixpath,
sizeof (esh->sa.sun_path));
esh->sock = -1;
{
char *tmpdir;
char *template;
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_filename (cfg,
"PATHS",
"TALER_RUNTIME_DIR",
&tmpdir))
{
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_WARNING,
"PATHS",
"TALER_RUNTIME_DIR");
tmpdir = GNUNET_strdup ("/tmp");
}
GNUNET_asprintf (&template,
"%s/crypto-eddsa-client/XXXXXX",
tmpdir);
GNUNET_free (tmpdir);
if (GNUNET_OK !=
GNUNET_DISK_directory_create_for_file (template))
{
GNUNET_free (esh);
GNUNET_free (template);
return NULL;
}
esh->template = template;
}
TALER_CRYPTO_helper_esign_poll (esh);
return esh;
}
/**
* Handle a #TALER_HELPER_EDDSA_MT_AVAIL message from the helper.
*
* @param esh helper context
* @param hdr message that we received
* @return #GNUNET_OK on success
*/
static int
handle_mt_avail (struct TALER_CRYPTO_ExchangeSignHelper *esh,
const struct GNUNET_MessageHeader *hdr)
{
const struct TALER_CRYPTO_EddsaKeyAvailableNotification *kan
= (const struct TALER_CRYPTO_EddsaKeyAvailableNotification *) hdr;
if (sizeof (*kan) != ntohs (hdr->size))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
{
struct TALER_SigningKeyAnnouncementPS ska = {
.purpose.purpose = htonl (TALER_SIGNATURE_SM_SIGNING_KEY),
.purpose.size = htonl (sizeof (ska)),
.exchange_pub = kan->exchange_pub,
.anchor_time = kan->anchor_time,
.duration = kan->duration
};
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_SM_SIGNING_KEY,
&ska,
&kan->secm_sig.eddsa_signature,
&kan->secm_pub.eddsa_pub))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
esh->ekc (esh->ekc_cls,
GNUNET_TIME_absolute_ntoh (kan->anchor_time),
GNUNET_TIME_relative_ntoh (kan->duration),
&kan->exchange_pub,
&kan->secm_pub,
&kan->secm_sig);
}
return GNUNET_OK;
}
/**
* Handle a #TALER_HELPER_EDDSA_MT_PURGE message from the helper.
*
* @param esh helper context
* @param hdr message that we received
* @return #GNUNET_OK on success
*/
static int
handle_mt_purge (struct TALER_CRYPTO_ExchangeSignHelper *esh,
const struct GNUNET_MessageHeader *hdr)
{
const struct TALER_CRYPTO_EddsaKeyPurgeNotification *pn
= (const struct TALER_CRYPTO_EddsaKeyPurgeNotification *) hdr;
if (sizeof (*pn) != ntohs (hdr->size))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
esh->ekc (esh->ekc_cls,
GNUNET_TIME_UNIT_ZERO_ABS,
GNUNET_TIME_UNIT_ZERO,
&pn->exchange_pub,
NULL,
NULL);
return GNUNET_OK;
}
void
TALER_CRYPTO_helper_esign_poll (struct TALER_CRYPTO_ExchangeSignHelper *esh)
{
char buf[UINT16_MAX];
ssize_t ret;
const struct GNUNET_MessageHeader *hdr
= (const struct GNUNET_MessageHeader *) buf;
try_connect (esh);
if (-1 == esh->sock)
return; /* give up */
while (1)
{
ret = recv (esh->sock,
buf,
sizeof (buf),
MSG_DONTWAIT);
if (ret < 0)
{
if (EAGAIN == errno)
break;
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"recv");
do_disconnect (esh);
return;
}
if ( (ret < sizeof (struct GNUNET_MessageHeader)) ||
(ret != ntohs (hdr->size)) )
{
GNUNET_break_op (0);
do_disconnect (esh);
return;
}
switch (ntohs (hdr->type))
{
case TALER_HELPER_EDDSA_MT_AVAIL:
if (GNUNET_OK !=
handle_mt_avail (esh,
hdr))
{
GNUNET_break_op (0);
do_disconnect (esh);
return;
}
break;
case TALER_HELPER_EDDSA_MT_PURGE:
if (GNUNET_OK !=
handle_mt_purge (esh,
hdr))
{
GNUNET_break_op (0);
do_disconnect (esh);
return;
}
break;
default:
GNUNET_break_op (0);
do_disconnect (esh);
return;
}
}
}
enum TALER_ErrorCode
TALER_CRYPTO_helper_esign_sign_ (
struct TALER_CRYPTO_ExchangeSignHelper *esh,
const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
struct TALER_ExchangePublicKeyP *exchange_pub,
struct TALER_ExchangeSignatureP *exchange_sig)
{
{
uint32_t purpose_size = ntohl (purpose->size);
char buf[sizeof (struct TALER_CRYPTO_EddsaSignRequest) + purpose_size
- sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose)];
struct TALER_CRYPTO_EddsaSignRequest *sr
= (struct TALER_CRYPTO_EddsaSignRequest *) buf;
ssize_t ret;
try_connect (esh);
if (-1 == esh->sock)
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE;
sr->header.size = htons (sizeof (buf));
sr->header.type = htons (TALER_HELPER_EDDSA_MT_REQ_SIGN);
sr->reserved = htonl (0);
memcpy (&sr->purpose,
purpose,
purpose_size);
ret = sendto (esh->sock,
buf,
sizeof (buf),
0,
&esh->sa,
sizeof (esh->sa));
if (ret < 0)
{
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"sendto");
do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE;
}
/* We are using SOCK_DGRAM, partial writes should not be possible */
GNUNET_break (((size_t) ret) == sizeof (buf));
}
while (1)
{
char buf[UINT16_MAX];
ssize_t ret;
const struct GNUNET_MessageHeader *hdr
= (const struct GNUNET_MessageHeader *) buf;
ret = recv (esh->sock,
buf,
sizeof (buf),
0);
if (ret < 0)
{
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"recv");
do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE;
}
if ( (ret < sizeof (struct GNUNET_MessageHeader)) ||
(ret != ntohs (hdr->size)) )
{
GNUNET_break_op (0);
do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
}
switch (ntohs (hdr->type))
{
case TALER_HELPER_EDDSA_MT_RES_SIGNATURE:
if (ret != sizeof (struct TALER_CRYPTO_EddsaSignResponse))
{
GNUNET_break_op (0);
do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
}
{
const struct TALER_CRYPTO_EddsaSignResponse *sr =
(const struct TALER_CRYPTO_EddsaSignResponse *) buf;
*exchange_sig = sr->exchange_sig;
*exchange_pub = sr->exchange_pub;
return TALER_EC_NONE;
}
case TALER_HELPER_EDDSA_MT_RES_SIGN_FAILURE:
if (ret != sizeof (struct TALER_CRYPTO_EddsaSignFailure))
{
GNUNET_break_op (0);
do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
}
{
const struct TALER_CRYPTO_EddsaSignFailure *sf =
(const struct TALER_CRYPTO_EddsaSignFailure *) buf;
return (enum TALER_ErrorCode) ntohl (sf->ec);
}
case TALER_HELPER_EDDSA_MT_AVAIL:
if (GNUNET_OK !=
handle_mt_avail (esh,
hdr))
{
GNUNET_break_op (0);
do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
}
break; /* while(1) loop ensures we recvfrom() again */
case TALER_HELPER_EDDSA_MT_PURGE:
if (GNUNET_OK !=
handle_mt_purge (esh,
hdr))
{
GNUNET_break_op (0);
do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
}
break; /* while(1) loop ensures we recvfrom() again */
default:
GNUNET_break_op (0);
do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
}
}
}
void
TALER_CRYPTO_helper_esign_revoke (
struct TALER_CRYPTO_ExchangeSignHelper *esh,
const struct TALER_ExchangePublicKeyP *exchange_pub)
{
struct TALER_CRYPTO_EddsaRevokeRequest rr = {
.header.size = htons (sizeof (rr)),
.header.type = htons (TALER_HELPER_EDDSA_MT_REQ_REVOKE),
.exchange_pub = *exchange_pub
};
ssize_t ret;
try_connect (esh);
if (-1 == esh->sock)
return; /* give up */
ret = sendto (esh->sock,
&rr,
sizeof (rr),
0,
(const struct sockaddr *) &esh->sa,
sizeof (esh->sa));
if (ret < 0)
{
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"sendto");
do_disconnect (esh);
return;
}
/* We are using SOCK_DGRAM, partial writes should not be possible */
GNUNET_break (((size_t) ret) == sizeof (rr));
}
void
TALER_CRYPTO_helper_esign_disconnect (
struct TALER_CRYPTO_ExchangeSignHelper *esh)
{
do_disconnect (esh);
GNUNET_free (esh->template);
GNUNET_free (esh);
}
/* end of crypto_helper_esign.c */

21
src/util/taler-helper-crypto-eddsa.c
View File

@ -495,7 +495,7 @@ handle_done (void *cls)
GNUNET_assert (0 == pthread_mutex_unlock (&done_lock));
if (TALER_EC_NONE != wi->ec)
{
struct TALER_CRYPTO_SignFailure sf = {
struct TALER_CRYPTO_EddsaSignFailure sf = {
.header.size = htons (sizeof (sf)),
.header.type = htons (TALER_HELPER_EDDSA_MT_RES_SIGN_FAILURE),
.ec = htonl (wi->ec)
@ -509,7 +509,7 @@ handle_done (void *cls)
}
else
{
struct TALER_CRYPTO_SignResponse sr = {
struct TALER_CRYPTO_EddsaSignResponse sr = {
.header.size = htons (sizeof (sr)),
.header.type = htons (TALER_HELPER_EDDSA_MT_RES_SIGNATURE),
.exchange_pub = wi->key->exchange_pub,
@ -548,7 +548,7 @@ handle_done (void *cls)
static void
handle_sign_request (const struct sockaddr_un *addr,
socklen_t addr_size,
const struct TALER_CRYPTO_SignRequest *sr)
const struct TALER_CRYPTO_EddsaSignRequest *sr)
{
const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose = &sr->purpose;
struct WorkItem *wi;
@ -557,7 +557,7 @@ handle_sign_request (const struct sockaddr_un *addr,
if (purpose_size != htonl (purpose->size))
{
struct TALER_CRYPTO_SignFailure sf = {
struct TALER_CRYPTO_EddsaSignFailure sf = {
.header.size = htons (sizeof (sr)),
.header.type = htons (TALER_HELPER_EDDSA_MT_RES_SIGN_FAILURE),
.ec = htonl (TALER_EC_GENERIC_PARAMETER_MALFORMED)
@ -606,7 +606,7 @@ notify_client_key_add (struct Client *client,
.purpose.size = htonl (sizeof (ska)),
.exchange_pub = key->exchange_pub,
.anchor_time = GNUNET_TIME_absolute_hton (key->anchor),
.duration_withdraw = GNUNET_TIME_relative_hton (duration)
.duration = GNUNET_TIME_relative_hton (duration)
};
struct TALER_CRYPTO_EddsaKeyAvailableNotification an = {
.header.size = htons (sizeof (an)),
@ -743,7 +743,7 @@ setup_key (struct Key *key,
static void
handle_revoke_request (const struct sockaddr_un *addr,
socklen_t addr_size,
const struct TALER_CRYPTO_RevokeRequest *rr)
const struct TALER_CRYPTO_EddsaRevokeRequest *rr)
{
struct Key *key;
struct Key *nkey;
@ -884,24 +884,25 @@ read_job (void *cls)
}
break;
case TALER_HELPER_EDDSA_MT_REQ_SIGN:
if (ntohs (hdr->size) <= sizeof (struct TALER_CRYPTO_SignRequest))
if (ntohs (hdr->size) < sizeof (struct TALER_CRYPTO_EddsaSignRequest))
{
GNUNET_break_op (0);
return;
}
handle_sign_request (&addr,
addr_size,
(const struct TALER_CRYPTO_SignRequest *) buf);
(const struct TALER_CRYPTO_EddsaSignRequest *) buf);
break;
case TALER_HELPER_EDDSA_MT_REQ_REVOKE:
if (ntohs (hdr->size) != sizeof (struct TALER_CRYPTO_RevokeRequest))
if (ntohs (hdr->size) != sizeof (struct TALER_CRYPTO_EddsaRevokeRequest))
{
GNUNET_break_op (0);
return;
}
handle_revoke_request (&addr,
addr_size,
(const struct TALER_CRYPTO_RevokeRequest *) buf);
(const struct
TALER_CRYPTO_EddsaRevokeRequest *) buf);
break;
default:
GNUNET_break_op (0);

8
src/util/taler-helper-crypto-eddsa.h
View File

@ -103,7 +103,7 @@ struct TALER_CRYPTO_EddsaKeyPurgeNotification
/**
* Message sent if a signature is requested.
*/
struct TALER_CRYPTO_SignRequest
struct TALER_CRYPTO_EddsaSignRequest
{
/**
* Type is #TALER_HELPER_EDDSA_MT_REQ_SIGN.
@ -127,7 +127,7 @@ struct TALER_CRYPTO_SignRequest
/**
* Message sent if a key was revoked.
*/
struct TALER_CRYPTO_RevokeRequest
struct TALER_CRYPTO_EddsaRevokeRequest
{
/**
* Type is #TALER_HELPER_EDDSA_MT_REQ_REVOKE.
@ -150,7 +150,7 @@ struct TALER_CRYPTO_RevokeRequest
/**
* Message sent if a signature was successfully computed.
*/
struct TALER_CRYPTO_SignResponse
struct TALER_CRYPTO_EddsaSignResponse
{
/**
* Type is #TALER_HELPER_EDDSA_MT_RES_SIGNATURE.
@ -178,7 +178,7 @@ struct TALER_CRYPTO_SignResponse
/**
* Message sent if signing failed.
*/
struct TALER_CRYPTO_SignFailure
struct TALER_CRYPTO_EddsaSignFailure
{
/**
* Type is #TALER_HELPER_EDDSA_MT_RES_SIGN_FAILURE.

6
src/util/test_helper_rsa.c
View File

@ -196,7 +196,7 @@ test_revocation (struct TALER_CRYPTO_DenominationHelper *dh)
&keys[j].h_denom_pub);
for (unsigned int k = 0; k<1000; k++)
{
TALER_CRYPTO_helper_poll (dh);
TALER_CRYPTO_helper_denom_poll (dh);
if (! keys[j].revoked)
break;
nanosleep (&req, NULL);
@ -387,7 +387,7 @@ perf_signing (struct TALER_CRYPTO_DenominationHelper *dh)
duration = GNUNET_TIME_UNIT_ZERO;
for (unsigned int j = 0; j<NUM_SIGN_TESTS;)
{
TALER_CRYPTO_helper_poll (dh);
TALER_CRYPTO_helper_denom_poll (dh);
for (unsigned int i = 0; i<MAX_KEYS; i++)
{
if (! keys[i].valid)
@ -476,7 +476,7 @@ run_test (void)
fprintf (stderr, "Waiting for helper to start ");
for (unsigned int i = 0; i<1000; i++)
{
TALER_CRYPTO_helper_poll (dh);
TALER_CRYPTO_helper_denom_poll (dh);
if (0 != num_keys)
break;
nanosleep (&req, NULL);