taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

minor renaming of signature values and improved documentation of signatures, also adding a few missing fields to signatures to address #3631

Browse Source
This commit is contained in:
Christian Grothoff 2015-03-28 14:22:21 +01:00
parent 28b6b26567
commit 891018f69f
11 changed files with 233 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/include/taler_crypto_lib.h
View File

@ -197,33 +197,45 @@ struct TALER_MasterSignatureP
/** /**
* Type of public keys for Taler coins. * Type of public keys for Taler coins. The same key material is used
* for ECDSA and ECDHE operations.
*/ */
union TALER_CoinSpendPublicKeyP union TALER_CoinSpendPublicKeyP
{ {
/** /**
* Taler uses ECDSA for coins. * Taler uses ECDSA for coins when signing deposit requests.
*/ */
struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_pub; struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_pub;
/**
* Taler uses ECDH(E) for coin linkage during refresh operations.
*/
struct GNUNET_CRYPTO_EcdhePublicKey ecdhe_pub;
}; };
/** /**
* Type of private keys for Taler coins. * Type of private keys for Taler coins. The same key material is used
* for ECDSA and ECDHE operations.
*/ */
union TALER_CoinSpendPrivateKeyP union TALER_CoinSpendPrivateKeyP
{ {
/** /**
* Taler uses ECDSA for coins. * Taler uses ECDSA for coins when signing deposit requests.
*/ */
struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_priv; struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_priv;
/**
* Taler uses ECDHE for coin linkage during refresh operations.
*/
struct GNUNET_CRYPTO_EcdhePrivateKey ecdhe_priv;
}; };
/** /**
* Type of signatures made with Taler coins. * Type of signatures made with Taler coins.
*/ */
union TALER_CoinSpendSignatureP struct TALER_CoinSpendSignatureP
{ {
/** /**
* Taler uses ECDSA for coins. * Taler uses ECDSA for coins.

6
src/include/taler_mintdb_plugin.h
View File

@ -186,7 +186,7 @@ struct Deposit
* by @e h_wire in relation to the contract identified * by @e h_wire in relation to the contract identified
* by @e h_contract. * by @e h_contract.
*/ */
union TALER_CoinSpendSignatureP csig; struct TALER_CoinSpendSignatureP csig;
/** /**
* Public key of the merchant. Enables later identification * Public key of the merchant. Enables later identification
@ -268,7 +268,7 @@ struct RefreshMelt
/** /**
* Signature over the melting operation. * Signature over the melting operation.
*/ */
union TALER_CoinSpendSignatureP coin_sig; struct TALER_CoinSpendSignatureP coin_sig;
/** /**
* Hash of the refresh session this coin is melted into. * Hash of the refresh session this coin is melted into.
@ -384,7 +384,7 @@ struct Lock
/** /**
* Signature over the locking operation. * Signature over the locking operation.
*/ */
union TALER_CoinSpendSignatureP coin_sig; struct TALER_CoinSpendSignatureP coin_sig;
/** /**
* How much value is being locked? * How much value is being locked?

267
src/include/taler_signatures.h
View File

@ -40,53 +40,47 @@
*/ */
#define TALER_CNC_KAPPA 3 #define TALER_CNC_KAPPA 3
/*********************************************/
/* Mint offline signatures (with master key) */
/*********************************************/
/** /**
* Purpose for signing public keys signed * Purpose for signing public keys signed by the mint master key.
* by the mint master key.
*/ */
#define TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY 1 #define TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY 1
/** /**
* Purpose for denomination keys signed * Purpose for denomination keys signed by the mint master key.
* by the mint master key.
*/ */
#define TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY 2 #define TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY 2
/*********************************************/
/* Mint online signatures (with signing key) */
/*********************************************/
/** /**
* Purpose for the state of a reserve, * Purpose for the state of a reserve, signed by the mint's signing
* signed by the mint's signing key. * key.
*/ */
#define TALER_SIGNATURE_MINT_RESERVE_STATUS 3 #define TALER_SIGNATURE_MINT_RESERVE_STATUS 32
/**
* Signature where the reserve key
* confirms a withdraw request.
*/
#define TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST 4
/**
* Signature using a coin key confirming the melting of
* a coin.
*/
#define TALER_SIGNATURE_COIN_MELT 5
/**
* Signature where the mint (current signing key)
* confirms the no-reveal index for cut-and-choose and
* the validity of the melted coins.
*/
#define TALER_SIGNATURE_MINT_MELT_RESPONSE 6
/** /**
* Signature where the Mint confirms a deposit request. * Signature where the Mint confirms a deposit request.
*/ */
#define TALER_SIGNATURE_COIN_DEPOSIT 7 #define TALER_SIGNATURE_MINT_CONFIRM_DEPOSIT 33
/**
* Signature where the mint (current signing key) confirms the
* no-reveal index for cut-and-choose and the validity of the melted
* coins.
*/
#define TALER_SIGNATURE_MINT_CONFIRM_MELT 34
/** /**
* Signature where the Mint confirms the full /keys response set. * Signature where the Mint confirms the full /keys response set.
*/ */
#define TALER_SIGNATURE_MINT_KEY_SET 8 #define TALER_SIGNATURE_MINT_KEY_SET 35
/***********************/ /***********************/
@ -94,26 +88,34 @@
/***********************/ /***********************/
/** /**
* Signature where the merchant confirms a contract * Signature where the merchant confirms a contract (to the customer).
*/ */
#define TALER_SIGNATURE_MERCHANT_CONTRACT 101 #define TALER_SIGNATURE_MERCHANT_CONTRACT 101
/**
* Signature where the merchant confirms a refund (of a coin).
*/
#define TALER_SIGNATURE_MERCHANT_REFUND 102
/*********************/ /*********************/
/* Wallet signatures */ /* Wallet signatures */
/*********************/ /*********************/
/** /**
* Signature made by the wallet of a user to confirm a deposit permission * Signature where the reserve key confirms a withdraw request.
* FIXME: this is #TALER_SIGNATURE_COIN_DEPOSIT already!
*/ */
#define TALER_SIGNATURE_WALLET_DEPOSIT 201 #define TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW 200
/** /**
* Signature made by the wallet of a user to confirm a incremental * Signature made by the wallet of a user to confirm a deposit of a coin.
* deposit permission.
* FIXME: this MIGHT also be #TALER_SIGNATURE_COIN_DEPOSIT already!
*/ */
#define TALER_SIGNATURE_WALLET_DEPOSIT_INCREMENTAL 202 #define TALER_SIGNATURE_WALLET_COIN_DEPOSIT 201
/**
* Signature using a coin key confirming the melting of a coin.
*/
#define TALER_SIGNATURE_WALLET_COIN_MELT 202
@ -127,7 +129,8 @@ struct TALER_WithdrawRequestPS
{ {
/** /**
* Purpose must be #TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST. * Purpose must be #TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW.
* Used with an EdDSA signature of a `struct TALER_ReservePublicKeyP`.
*/ */
struct GNUNET_CRYPTO_EccSignaturePurpose purpose; struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@ -165,7 +168,8 @@ struct TALER_WithdrawRequestPS
struct TALER_DepositRequestPS struct TALER_DepositRequestPS
{ {
/** /**
* Purpose must be #TALER_SIGNATURE_WALLET_DEPOSIT * Purpose must be #TALER_SIGNATURE_WALLET_COIN_DEPOSIT.
* Used for an ECDSA signature with the `union TALER_CoinSpendPublicKeyP`.
*/ */
struct GNUNET_CRYPTO_EccSignaturePurpose purpose; struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@ -179,21 +183,69 @@ struct TALER_DepositRequestPS
*/ */
struct GNUNET_HashCode h_wire; struct GNUNET_HashCode h_wire;
/**
* Time when this request was generated. Used, for example, to
* assess when (roughly) the income was achieved for tax purposes.
* Note that the Mint will only check that the timestamp is not "too
* far" into the future (i.e. several days). The fact that the
* timestamp falls within the validity period of the coin's
* denomination key is irrelevant for the validity of the deposit
* request, as obviously the customer and merchant could conspire to
* set any timestamp. Also, the Mint must accept very old deposit
* requests, as the merchant might have been unable to transmit the
* deposit request in a timely fashion (so back-dating is not
* prevented).
*/
struct GNUNET_TIME_AbsoluteNBO timestamp;
/**
* How much time does the merchant have to issue a refund request?
* Zero if refunds are not allowed. After this time, the coin
* cannot be refunded.
*/
struct GNUNET_TIME_AbsoluteNBO refund_deadline;
/** /**
* Merchant-generated transaction ID to detect duplicate * Merchant-generated transaction ID to detect duplicate
* transactions. * transactions. The merchant must communicate a merchant-unique ID
* to the customer for each transaction. Note that different coins
* that are part of the same transaction can use the same
* transaction ID. The transaction ID is useful for later disputes,
* and the merchant's contract offer (@e h_contract) with the
* customer should include the offer's term and transaction ID
* signed with a key from the merchant.
*/ */
uint64_t transaction_id GNUNET_PACKED; uint64_t transaction_id GNUNET_PACKED;
/** /**
* Amount to be deposited, including fee. * Amount to be deposited, including deposit fee charged by the
* mint. This is the total amount that the coin's value at the mint
* will be reduced by.
*/ */
struct TALER_AmountNBO amount_with_fee; struct TALER_AmountNBO amount_with_fee;
/* FIXME: we should probably also include the value of
the depositing fee here as well! */
/** /**
* The coin's public key. * Depositing fee charged by the mint. This must match the Mint's
* denomination key's depositing fee. If the client puts in an
* invalid deposit fee (too high or too low) that does not match the
* Mint's denomination key, the deposit operation is invalid and
* will be rejected by the mint. The @e amount_with_fee minus the
* @e deposit_fee is the amount that will be transferred to the
* account identified by @e h_wire.
*/
struct TALER_AmountNBO deposit_fee;
/**
* The Merchant's public key. Allows the merchant to later refund
* the transaction. All zeros if nobody is allowed to refund the
* transaction later.
*/
struct TALER_MerchantPublicKeyP merchant;
/**
* The coin's public key. This is the value that must have been
* signed (blindly) by the Mint. The deposit request is to be
* signed by the corresponding private key (using ECDSA).
*/ */
union TALER_CoinSpendPublicKeyP coin_pub; union TALER_CoinSpendPublicKeyP coin_pub;
@ -207,7 +259,8 @@ struct TALER_DepositRequestPS
struct TALER_DepositConfirmationPS struct TALER_DepositConfirmationPS
{ {
/** /**
* Purpose must be #TALER_SIGNATURE_COIN_DEPOSIT * Purpose must be #TALER_SIGNATURE_MINT_CONFIRM_DEPOSIT. Signed
* by a `struct TALER_MintPublicKeyP` using EdDSA.
*/ */
struct GNUNET_CRYPTO_EccSignaturePurpose purpose; struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@ -228,20 +281,36 @@ struct TALER_DepositConfirmationPS
uint64_t transaction_id GNUNET_PACKED; uint64_t transaction_id GNUNET_PACKED;
/** /**
* Amount to be deposited, including fee. * Time when this confirmation was generated.
*/ */
struct TALER_AmountNBO amount_with_fee; struct GNUNET_TIME_AbsoluteNBO timestamp;
/* FIXME: we should probably also include the value of
the depositing fee here as well! */
/** /**
* The coin's public key. * How much time does the @e merchant have to issue a refund
* request? Zero if refunds are not allowed. After this time, the
* coin cannot be refunded. Note that the wire transfer will not be
* performed by the mint until the refund deadline. This value
* is taken from the original deposit request.
*/
struct GNUNET_TIME_AbsoluteNBO refund_deadline;
/**
* Amount to be deposited, excluding fee. Calculated from the
* amount with fee and the fee from the deposit request.
*/
struct TALER_AmountNBO amount_without_fee;
/**
* The coin's public key. This is the value that must have been
* signed (blindly) by the Mint. The deposit request is to be
* signed by the corresponding private key (using ECDSA).
*/ */
union TALER_CoinSpendPublicKeyP coin_pub; union TALER_CoinSpendPublicKeyP coin_pub;
/** /**
* The Merchant's public key. * The Merchant's public key. Allows the merchant to later refund
* the transaction. All zeros if nobody is allowed to refund the
* transaction later.
*/ */
struct TALER_MerchantPublicKeyP merchant; struct TALER_MerchantPublicKeyP merchant;
@ -249,13 +318,14 @@ struct TALER_DepositConfirmationPS
/** /**
* Message signed by a coin to indicate that the coin should * Message signed by a coin to indicate that the coin should be
* be melted. * melted.
*/ */
struct TALER_RefreshMeltCoinAffirmationPS struct TALER_RefreshMeltCoinAffirmationPS
{ {
/** /**
* Purpose is #TALER_SIGNATURE_COIN_MELT. * Purpose is #TALER_SIGNATURE_WALLET_COIN_MELT.
* Used for an ECDSA signature with the `union TALER_CoinSpendPublicKeyP`.
*/ */
struct GNUNET_CRYPTO_EccSignaturePurpose purpose; struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@ -274,11 +344,21 @@ struct TALER_RefreshMeltCoinAffirmationPS
*/ */
struct TALER_AmountNBO amount_with_fee; struct TALER_AmountNBO amount_with_fee;
/* FIXME: we should probably also include the value of /**
the melting fee here as well! */ * Melting fee charged by the mint. This must match the Mint's
* denomination key's melting fee. If the client puts in an invalid
* melting fee (too high or too low) that does not match the Mint's
* denomination key, the melting operation is invalid and will be
* rejected by the mint. The @e amount_with_fee minus the @e
* melt_fee is the amount that will be credited to the melting
* session.
*/
struct TALER_AmountNBO melt_fee;
/** /**
* The coin's public key. * The coin's public key. This is the value that must have been
* signed (blindly) by the Mint. The deposit request is to be
* signed by the corresponding private key (using ECDSA).
*/ */
union TALER_CoinSpendPublicKeyP coin_pub; union TALER_CoinSpendPublicKeyP coin_pub;
}; };
@ -293,7 +373,8 @@ struct TALER_RefreshMeltCoinAffirmationPS
struct TALER_RefreshMeltConfirmationPS struct TALER_RefreshMeltConfirmationPS
{ {
/** /**
* Purpose is #TALER_SIGNATURE_MINT_MELT_RESPONSE. * Purpose is #TALER_SIGNATURE_MINT_CONFIRM_MELT. Signed
* by a `struct TALER_MintPublicKeyP` using EdDSA.
*/ */
struct GNUNET_CRYPTO_EccSignaturePurpose purpose; struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@ -303,7 +384,8 @@ struct TALER_RefreshMeltConfirmationPS
struct GNUNET_HashCode session_hash; struct GNUNET_HashCode session_hash;
/** /**
* Index that the client will not have to reveal. * Index that the client will not have to reveal, in NBO.
* Must be smaller than #TALER_CNC_KAPPA.
*/ */
uint16_t noreveal_index GNUNET_PACKED; uint16_t noreveal_index GNUNET_PACKED;
}; };
@ -322,7 +404,7 @@ struct TALER_MintSigningKeyValidityPS
struct TALER_MasterSignatureP signature; struct TALER_MasterSignatureP signature;
/** /**
* Purpose is #TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY. * Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY.
*/ */
struct GNUNET_CRYPTO_EccSignaturePurpose purpose; struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@ -338,13 +420,24 @@ struct TALER_MintSigningKeyValidityPS
struct GNUNET_TIME_AbsoluteNBO start; struct GNUNET_TIME_AbsoluteNBO start;
/** /**
* When does this signing key expire? Note: This is * When does this signing key expire? Note: This is currently when
* currently when the Mint will definitively stop using it. * the Mint will definitively stop using it. Signatures made with
* This does not mean that all signatures with tkey key are * the key remain valid until @e end. When checking validity periods,
* afterwards invalid. * clients should allow for some overlap between keys and tolerate
* the use of either key during the overlap time (due to the
* possibility of clock skew).
*/ */
struct GNUNET_TIME_AbsoluteNBO expire; struct GNUNET_TIME_AbsoluteNBO expire;
/**
* When do signatures with this signing key become invalid? After
* this point, these signatures cannot be used in (legal) disputes
* anymore, as the Mint is then allowed to destroy its side of the
* evidence. @e end is expected to be significantly larger than @e
* expire (by a year or more).
*/
struct GNUNET_TIME_AbsoluteNBO end;
/** /**
* The public online signing key that the mint will use * The public online signing key that the mint will use
* between @e start and @e expire. * between @e start and @e expire.
@ -362,7 +455,8 @@ struct TALER_MintKeySetPS
{ {
/** /**
* Purpose is #TALER_SIGNATURE_MINT_KEY_SET * Purpose is #TALER_SIGNATURE_MINT_KEY_SET. Signed
* by a `struct TALER_MintPublicKeyP` using EdDSA.
*/ */
struct GNUNET_CRYPTO_EccSignaturePurpose purpose; struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@ -372,7 +466,11 @@ struct TALER_MintKeySetPS
struct GNUNET_TIME_AbsoluteNBO list_issue_date; struct GNUNET_TIME_AbsoluteNBO list_issue_date;
/** /**
* Hash over the "inner" JSON with the key set. * Hash over the "inner" JSON with the key set. FIXME: The use of
* JSON as what is being signed here is a bit of a hack, as the
* result depends on the JSON indentation and being canonical.
* We should consider using a more well-defined binary format to
* sign. (#3739)
*/ */
struct GNUNET_HashCode hc; struct GNUNET_HashCode hc;
}; };
@ -385,13 +483,12 @@ struct TALER_MintKeySetPS
struct TALER_DenominationKeyValidityPS struct TALER_DenominationKeyValidityPS
{ {
/** /**
* Signature over this struct to affirm the validity * Signature over this struct to affirm the validity of the key.
* of the key.
*/ */
struct TALER_MasterSignatureP signature; struct TALER_MasterSignatureP signature;
/** /**
* Purpose is #TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY. * Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY.
*/ */
struct GNUNET_CRYPTO_EccSignaturePurpose purpose; struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@ -407,8 +504,16 @@ struct TALER_DenominationKeyValidityPS
struct GNUNET_TIME_AbsoluteNBO start; struct GNUNET_TIME_AbsoluteNBO start;
/** /**
* The mint will sign fresh coins between @e start and * The mint will sign fresh coins between @e start and this time.
* this time. * @e expire_withdraw will be somewhat larger than @e start to
* ensure a sufficiently large anonymity set, while also allowing
* the Mint to limit the financial damage in case of a key being
* compromised. Thus, mints with low volume are expected to have a
* longer withdraw period (@e expire_withdraw - @e start) than mints
* with high transaction volume. The period may also differ between
* types of coins. A mint may also have a few denomination keys
* with the same value with overlapping validity periods, to address
* issues such as clock skew.
*/ */
struct GNUNET_TIME_AbsoluteNBO expire_withdraw; struct GNUNET_TIME_AbsoluteNBO expire_withdraw;
@ -418,10 +523,21 @@ struct TALER_DenominationKeyValidityPS
* mint will refuse transactions involving this key as it will * mint will refuse transactions involving this key as it will
* "drop" the table with double-spending information (shortly after) * "drop" the table with double-spending information (shortly after)
* this time. Note that wallets should refresh coins significantly * this time. Note that wallets should refresh coins significantly
* before this time to be on the safe side. * before this time to be on the safe side. @e expire_spend must be
* significantly larger than @e expire_withdraw (by months or even
* years).
*/ */
struct GNUNET_TIME_AbsoluteNBO expire_spend; struct GNUNET_TIME_AbsoluteNBO expire_spend;
/**
* When do signatures with this denomination key become invalid?
* After this point, these signatures cannot be used in (legal)
* disputes anymore, as the Mint is then allowed to destroy its side
* of the evidence. @e expire_legal is expected to be significantly
* larger than @e expire_spend (by a year or more).
*/
struct GNUNET_TIME_AbsoluteNBO expire_legal;
/** /**
* The value of the coins signed with this denomination key. * The value of the coins signed with this denomination key.
*/ */
@ -446,7 +562,8 @@ struct TALER_DenominationKeyValidityPS
struct TALER_AmountNBO fee_refresh; struct TALER_AmountNBO fee_refresh;
/** /**
* Hash code of the denomination public key. * Hash code of the denomination public key. (Used to avoid having
* the variable-size RSA key this struct.)
*/ */
struct GNUNET_HashCode denom_hash; struct GNUNET_HashCode denom_hash;

8
src/mint-lib/mint_api.c
View File

@ -286,7 +286,7 @@ parse_json_signkey (struct TALER_MINT_SigningPublicKey **_sign_key,
GNUNET_CRYPTO_eddsa_public_key_from_string (key_enc, GNUNET_CRYPTO_eddsa_public_key_from_string (key_enc,
52, 52,
&sign_key_issue.signkey_pub.eddsa_pub)); &sign_key_issue.signkey_pub.eddsa_pub));
sign_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY); sign_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY);
sign_key_issue.purpose.size = sign_key_issue.purpose.size =
htonl (sizeof (sign_key_issue) htonl (sizeof (sign_key_issue)
- offsetof (struct TALER_MintSigningKeyValidityPS, purpose)); - offsetof (struct TALER_MintSigningKeyValidityPS, purpose));
@ -294,7 +294,7 @@ parse_json_signkey (struct TALER_MINT_SigningPublicKey **_sign_key,
sign_key_issue.start = GNUNET_TIME_absolute_hton (valid_from); sign_key_issue.start = GNUNET_TIME_absolute_hton (valid_from);
sign_key_issue.expire = GNUNET_TIME_absolute_hton (valid_until); sign_key_issue.expire = GNUNET_TIME_absolute_hton (valid_until);
EXITIF (GNUNET_OK != EXITIF (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY, GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY,
&sign_key_issue.purpose, &sign_key_issue.purpose,
&sig, &sig,
&master_key->eddsa_pub)); &master_key->eddsa_pub));
@ -408,7 +408,7 @@ parse_json_denomkey (struct TALER_MINT_DenomPublicKey **_denom_key,
EXITIF (GNUNET_SYSERR == parse_json_amount (obj, &fee_deposit)); EXITIF (GNUNET_SYSERR == parse_json_amount (obj, &fee_deposit));
EXITIF (NULL == (obj = json_object_get (denom_key_obj, "fee_refresh"))); EXITIF (NULL == (obj = json_object_get (denom_key_obj, "fee_refresh")));
EXITIF (GNUNET_SYSERR == parse_json_amount (obj, &fee_refresh)); EXITIF (GNUNET_SYSERR == parse_json_amount (obj, &fee_refresh));
denom_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY); denom_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY);
denom_key_issue.purpose.size = htonl denom_key_issue.purpose.size = htonl
(sizeof (struct TALER_DenominationKeyValidityPS) - (sizeof (struct TALER_DenominationKeyValidityPS) -
offsetof (struct TALER_DenominationKeyValidityPS, purpose)); offsetof (struct TALER_DenominationKeyValidityPS, purpose));
@ -425,7 +425,7 @@ parse_json_denomkey (struct TALER_MINT_DenomPublicKey **_denom_key,
TALER_amount_hton (&denom_key_issue.fee_refresh, TALER_amount_hton (&denom_key_issue.fee_refresh,
&fee_refresh); &fee_refresh);
EXITIF (GNUNET_SYSERR == EXITIF (GNUNET_SYSERR ==
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY, GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY,
&denom_key_issue.purpose, &denom_key_issue.purpose,
&sig, &sig,
&master_key->eddsa_pub)); &master_key->eddsa_pub));

4
src/mint-tools/taler-mint-keycheck.c
View File

@ -68,7 +68,7 @@ signkeys_iter (void *cls,
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY, GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY,
&ski->issue.purpose, &ski->issue.purpose,
&ski->issue.signature.eddsa_signature, &ski->issue.signature.eddsa_signature,
&ski->issue.master_public_key.eddsa_pub)) &ski->issue.master_public_key.eddsa_pub))
@ -128,7 +128,7 @@ denomkeys_iter (void *cls,
} }
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY, GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY,
&dki->issue.purpose, &dki->issue.purpose,
&dki->issue.signature.eddsa_signature, &dki->issue.signature.eddsa_signature,
&dki->issue.master.eddsa_pub)) &dki->issue.master.eddsa_pub))

4
src/mint-tools/taler-mint-keyup.c
View File

@ -448,7 +448,7 @@ create_signkey_issue_priv (struct GNUNET_TIME_Absolute start,
duration)); duration));
GNUNET_CRYPTO_eddsa_key_get_public (&pi->signkey_priv.eddsa_priv, GNUNET_CRYPTO_eddsa_key_get_public (&pi->signkey_priv.eddsa_priv,
&issue->signkey_pub.eddsa_pub); &issue->signkey_pub.eddsa_pub);
issue->purpose.purpose = htonl (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY); issue->purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY);
issue->purpose.size = htonl (sizeof (struct TALER_MintSigningKeyValidityPS) - issue->purpose.size = htonl (sizeof (struct TALER_MintSigningKeyValidityPS) -
offsetof (struct TALER_MintSigningKeyValidityPS, offsetof (struct TALER_MintSigningKeyValidityPS,
purpose)); purpose));
@ -701,7 +701,7 @@ create_denomkey_issue (const struct CoinTypeParams *params,
&params->fee_deposit); &params->fee_deposit);
TALER_amount_hton (&dki->issue.fee_refresh, TALER_amount_hton (&dki->issue.fee_refresh,
&params->fee_refresh); &params->fee_refresh);
dki->issue.purpose.purpose = htonl (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY); dki->issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY);
dki->issue.purpose.size = htonl (sizeof (struct TALER_MINTDB_DenominationKeyIssueInformation) - dki->issue.purpose.size = htonl (sizeof (struct TALER_MINTDB_DenominationKeyIssueInformation) -
offsetof (struct TALER_MINTDB_DenominationKeyIssueInformation, offsetof (struct TALER_MINTDB_DenominationKeyIssueInformation,
issue.purpose)); issue.purpose));

2
src/mint/taler-mint-httpd_db.h
View File

@ -87,7 +87,7 @@ struct TMH_DB_MeltDetails
* Signature allowing the melt (using * Signature allowing the melt (using
* a `struct RefreshMeltConfirmSignRequestBody`) to sign over. * a `struct RefreshMeltConfirmSignRequestBody`) to sign over.
*/ */
union TALER_CoinSpendSignatureP melt_sig; struct TALER_CoinSpendSignatureP melt_sig;
/** /**
* How much of the coin's value did the client allow to be melted? * How much of the coin's value did the client allow to be melted?

4
src/mint/taler-mint-httpd_deposit.c
View File

@ -60,7 +60,7 @@ verify_and_execute_deposit (struct MHD_Connection *connection,
struct TALER_MINTDB_DenominationKeyIssueInformation *dki; struct TALER_MINTDB_DenominationKeyIssueInformation *dki;
struct TALER_Amount fee_deposit; struct TALER_Amount fee_deposit;
dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_DEPOSIT); dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT);
dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS)); dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS));
dr.h_contract = deposit->h_contract; dr.h_contract = deposit->h_contract;
dr.h_wire = deposit->h_wire; dr.h_wire = deposit->h_wire;
@ -69,7 +69,7 @@ verify_and_execute_deposit (struct MHD_Connection *connection,
&deposit->amount_with_fee); &deposit->amount_with_fee);
dr.coin_pub = deposit->coin.coin_pub; dr.coin_pub = deposit->coin.coin_pub;
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_DEPOSIT, GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT,
&dr.purpose, &dr.purpose,
&deposit->csig.ecdsa_signature, &deposit->csig.ecdsa_signature,
&deposit->coin.coin_pub.ecdsa_pub)) &deposit->coin.coin_pub.ecdsa_pub))

6
src/mint/taler-mint-httpd_refresh.c
View File

@ -176,7 +176,7 @@ get_coin_public_info (struct MHD_Connection *connection,
struct TMH_DB_MeltDetails *r_melt_detail) struct TMH_DB_MeltDetails *r_melt_detail)
{ {
int ret; int ret;
union TALER_CoinSpendSignatureP melt_sig; struct TALER_CoinSpendSignatureP melt_sig;
struct TALER_DenominationSignature sig; struct TALER_DenominationSignature sig;
struct TALER_DenominationPublicKey pk; struct TALER_DenominationPublicKey pk;
struct TALER_Amount amount; struct TALER_Amount amount;
@ -244,13 +244,13 @@ verify_coin_public_info (struct MHD_Connection *connection,
struct TALER_Amount fee_refresh; struct TALER_Amount fee_refresh;
body.purpose.size = htonl (sizeof (struct TALER_RefreshMeltCoinAffirmationPS)); body.purpose.size = htonl (sizeof (struct TALER_RefreshMeltCoinAffirmationPS));
body.purpose.purpose = htonl (TALER_SIGNATURE_COIN_MELT); body.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT);
body.session_hash = *session_hash; body.session_hash = *session_hash;
TALER_amount_hton (&body.amount_with_fee, TALER_amount_hton (&body.amount_with_fee,
&r_melt_detail->melt_amount_with_fee); &r_melt_detail->melt_amount_with_fee);
body.coin_pub = r_public_info->coin_pub; body.coin_pub = r_public_info->coin_pub;
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_COIN_MELT, GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT,
&body.purpose, &body.purpose,
&r_melt_detail->melt_sig.ecdsa_signature, &r_melt_detail->melt_sig.ecdsa_signature,
&r_public_info->coin_pub.ecdsa_pub)) &r_public_info->coin_pub.ecdsa_pub))

10
src/mint/taler-mint-httpd_responses.c
View File

@ -294,7 +294,7 @@ TMH_RESPONSE_reply_deposit_success (struct MHD_Connection *connection,
json_t *sig_json; json_t *sig_json;
int ret; int ret;
dc.purpose.purpose = htonl (TALER_SIGNATURE_COIN_DEPOSIT); dc.purpose.purpose = htonl (TALER_SIGNATURE_MINT_CONFIRM_DEPOSIT);
dc.purpose.size = htonl (sizeof (struct TALER_DepositConfirmationPS)); dc.purpose.size = htonl (sizeof (struct TALER_DepositConfirmationPS));
dc.h_contract = *h_contract; dc.h_contract = *h_contract;
dc.h_wire = *h_wire; dc.h_wire = *h_wire;
@ -344,7 +344,7 @@ compile_transaction_history (const struct TALER_MINT_DB_TransactionList *tl)
type = "deposit"; type = "deposit";
value = deposit->amount_with_fee; value = deposit->amount_with_fee;
dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_DEPOSIT); dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT);
dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS)); dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS));
dr.h_contract = deposit->h_contract; dr.h_contract = deposit->h_contract;
dr.h_wire = deposit->h_wire; dr.h_wire = deposit->h_wire;
@ -363,7 +363,7 @@ compile_transaction_history (const struct TALER_MINT_DB_TransactionList *tl)
type = "melt"; type = "melt";
value = melt->amount_with_fee; value = melt->amount_with_fee;
ms.purpose.purpose = htonl (TALER_SIGNATURE_COIN_MELT); ms.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT);
ms.purpose.size = htonl (sizeof (struct TALER_RefreshMeltCoinAffirmationPS)); ms.purpose.size = htonl (sizeof (struct TALER_RefreshMeltCoinAffirmationPS));
ms.session_hash = melt->session_hash; ms.session_hash = melt->session_hash;
TALER_amount_hton (&ms.amount_with_fee, TALER_amount_hton (&ms.amount_with_fee,
@ -498,7 +498,7 @@ compile_reserve_history (const struct ReserveHistory *rh,
return NULL; return NULL;
} }
ret = 1; ret = 1;
wr.purpose.purpose = htonl (TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST); wr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW);
wr.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS)); wr.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS));
wr.reserve_pub = pos->details.withdraw->reserve_pub; wr.reserve_pub = pos->details.withdraw->reserve_pub;
GNUNET_CRYPTO_rsa_public_key_hash (pos->details.withdraw->denom_pub.rsa_public_key, GNUNET_CRYPTO_rsa_public_key_hash (pos->details.withdraw->denom_pub.rsa_public_key,
@ -683,7 +683,7 @@ TMH_RESPONSE_reply_refresh_melt_success (struct MHD_Connection *connection,
int ret; int ret;
body.purpose.size = htonl (sizeof (struct TALER_RefreshMeltConfirmationPS)); body.purpose.size = htonl (sizeof (struct TALER_RefreshMeltConfirmationPS));
body.purpose.purpose = htonl (TALER_SIGNATURE_MINT_MELT_RESPONSE); body.purpose.purpose = htonl (TALER_SIGNATURE_MINT_CONFIRM_MELT);
body.session_hash = *session_hash; body.session_hash = *session_hash;
body.noreveal_index = htons (noreveal_index); body.noreveal_index = htons (noreveal_index);
TMH_KS_sign (&body.purpose, TMH_KS_sign (&body.purpose,

4
src/mint/taler-mint-httpd_withdraw.c
View File

@ -138,7 +138,7 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh,
/* verify signature! */ /* verify signature! */
wsrd.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS)); wsrd.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS));
wsrd.purpose.purpose = htonl (TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST); wsrd.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW);
GNUNET_CRYPTO_hash (denomination_pub_data, GNUNET_CRYPTO_hash (denomination_pub_data,
denomination_pub_data_size, denomination_pub_data_size,
&wsrd.h_denomination_pub); &wsrd.h_denomination_pub);
@ -146,7 +146,7 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh,
blinded_msg_len, blinded_msg_len,
&wsrd.h_coin_envelope); &wsrd.h_coin_envelope);
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST, GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW,
&wsrd.purpose, &wsrd.purpose,
&signature.eddsa_signature, &signature.eddsa_signature,
&wsrd.reserve_pub.eddsa_pub)) &wsrd.reserve_pub.eddsa_pub))