fix #5434 (no more salt in exchange wire replies)
This commit is contained in:
parent
81ce7abe19
commit
a56e2e34bc
@ -2095,8 +2095,8 @@ wire_transfer_information_cb (void *cls,
|
||||
struct GNUNET_HashCode hw;
|
||||
|
||||
if (GNUNET_OK !=
|
||||
TALER_JSON_wire_signature_hash (account_details,
|
||||
&hw))
|
||||
TALER_JSON_merchant_wire_signature_hash (account_details,
|
||||
&hw))
|
||||
{
|
||||
wcc->qs = GNUNET_DB_STATUS_HARD_ERROR;
|
||||
report_row_inconsistency ("aggregation",
|
||||
@ -2411,8 +2411,8 @@ check_wire_out_cb (void *cls,
|
||||
TALER_amount_get_zero (amount->currency,
|
||||
&wcc.total_deposits));
|
||||
if (GNUNET_OK !=
|
||||
TALER_JSON_wire_signature_hash (wire,
|
||||
&wcc.h_wire))
|
||||
TALER_JSON_merchant_wire_signature_hash (wire,
|
||||
&wcc.h_wire))
|
||||
{
|
||||
GNUNET_break (0);
|
||||
return GNUNET_SYSERR;
|
||||
@ -3430,8 +3430,8 @@ deposit_cb (void *cls,
|
||||
dr.purpose.size = htonl (sizeof (dr));
|
||||
dr.h_contract_terms = *h_contract_terms;
|
||||
if (GNUNET_OK !=
|
||||
TALER_JSON_wire_signature_hash (receiver_wire_account,
|
||||
&dr.h_wire))
|
||||
TALER_JSON_merchant_wire_signature_hash (receiver_wire_account,
|
||||
&dr.h_wire))
|
||||
{
|
||||
GNUNET_break (0);
|
||||
cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
|
||||
|
@ -416,8 +416,8 @@ TALER_EXCHANGE_deposit (struct TALER_EXCHANGE_Handle *exchange,
|
||||
MAH_handle_is_ready (exchange));
|
||||
/* initialize h_wire */
|
||||
if (GNUNET_OK !=
|
||||
TALER_JSON_wire_signature_hash (wire_details,
|
||||
&h_wire))
|
||||
TALER_JSON_merchant_wire_signature_hash (wire_details,
|
||||
&h_wire))
|
||||
{
|
||||
GNUNET_break (0);
|
||||
return NULL;
|
||||
|
@ -272,7 +272,6 @@ handle_wire_finished (void *cls,
|
||||
json_t *account;
|
||||
struct GNUNET_JSON_Specification spec_account[] = {
|
||||
GNUNET_JSON_spec_string ("url", &wa->url),
|
||||
GNUNET_JSON_spec_string ("salt", &wa->salt),
|
||||
GNUNET_JSON_spec_fixed_auto ("master_sig", &wa->master_sig),
|
||||
GNUNET_JSON_spec_end()
|
||||
};
|
||||
@ -281,8 +280,8 @@ handle_wire_finished (void *cls,
|
||||
account = json_array_get (accounts,
|
||||
i);
|
||||
if (GNUNET_OK !=
|
||||
TALER_JSON_wire_signature_check (account,
|
||||
&key_state->master_pub))
|
||||
TALER_JSON_exchange_wire_signature_check (account,
|
||||
&key_state->master_pub))
|
||||
{
|
||||
/* bogus reply */
|
||||
GNUNET_break_op (0);
|
||||
|
@ -1,5 +1,4 @@
|
||||
{
|
||||
"url": "payto://x-taler-bank/localhost:8082/2",
|
||||
"salt": "TMXB995ZZVKA02AG4074X3C6XX0BFTHY8XK76EF4BSG5XVDF069FEBN4TCKW9GS7NKZH409GKAVHMQPA3T361MC6VM7J268V3GBH42R",
|
||||
"master_sig": "CK7BGHKYVAT7DMVCN00DQ0761NCTJVESZT69049BCF3SKNJKVHXXEQ5X6FH2HFGHCJ18YA1MGHBD8RRG4W3G4KJWQJDY2CGPGTHDJ2G"
|
||||
"master_sig": "HC47BZN3C0KJ2VPMJ5EJWD2FXJ72AET0NWFE6JGSGK5CXS4GSKJJ6Z7BTS56JWM7B40SD61Z5GYYMRRE3X9JTJBVMWE0X7XHNXQ9P38"
|
||||
}
|
@ -1,5 +1,4 @@
|
||||
{
|
||||
"url": "payto://x-taler-bank/http://localhost:8082/2",
|
||||
"salt": "WGRD0W7YKD8ZAN960B0JBRARRY0K5FQ4920Q3DJBTYH4GY7W0XNAX1F04R5B1E0RWH1NFG08TM8K1517WNCXTJM9KMH4913Q5XPK0N8",
|
||||
"master_sig": "J4N0KP64MGNEQX9HST9TDWK67152MSHHM9CTZH8GSMKD607BXSAF209AQYDKYT6QJP0NQXYXC1JMM9Z405DJHGV75JFMWP4G6WB6A00"
|
||||
"master_sig": "KQ0BWSCNVR7HGGSAMCYK8ZM30RBS1MHMXT3QBN01PZWC9TV72FEE5RJ7T84C8134EPV6WEBXXY2MTFNE8ZXST6JEJQKR8HX6FQPVY10"
|
||||
}
|
@ -330,8 +330,8 @@ deposit_run (void *cls,
|
||||
dr.h_contract_terms = h_contract_terms;
|
||||
GNUNET_assert
|
||||
(GNUNET_OK ==
|
||||
TALER_JSON_wire_signature_hash (ds->wire_details,
|
||||
&dr.h_wire));
|
||||
TALER_JSON_merchant_wire_signature_hash (ds->wire_details,
|
||||
&dr.h_wire));
|
||||
dr.timestamp = GNUNET_TIME_absolute_hton (timestamp);
|
||||
dr.refund_deadline = GNUNET_TIME_absolute_hton
|
||||
(refund_deadline);
|
||||
|
@ -328,8 +328,8 @@ track_transaction_run (void *cls,
|
||||
/* Should not fail here, json has been parsed already */
|
||||
GNUNET_assert
|
||||
( (GNUNET_OK ==
|
||||
TALER_JSON_wire_signature_hash (wire_details,
|
||||
&h_wire_details)) &&
|
||||
TALER_JSON_merchant_wire_signature_hash (wire_details,
|
||||
&h_wire_details)) &&
|
||||
(GNUNET_OK ==
|
||||
TALER_JSON_hash (j_contract_terms,
|
||||
&h_contract_terms)) );
|
||||
@ -614,8 +614,10 @@ track_transfer_cb
|
||||
return;
|
||||
}
|
||||
|
||||
if (GNUNET_OK != TALER_TESTING_get_trait_wire_details
|
||||
(wire_details_cmd, 0, &wire_details))
|
||||
if (GNUNET_OK !=
|
||||
TALER_TESTING_get_trait_wire_details (wire_details_cmd,
|
||||
0,
|
||||
&wire_details))
|
||||
{
|
||||
GNUNET_break (0);
|
||||
TALER_TESTING_interpreter_fail (is);
|
||||
@ -623,9 +625,9 @@ track_transfer_cb
|
||||
}
|
||||
|
||||
GNUNET_assert
|
||||
(GNUNET_OK == TALER_JSON_wire_signature_hash
|
||||
(wire_details,
|
||||
&h_wire_details));
|
||||
(GNUNET_OK ==
|
||||
TALER_JSON_merchant_wire_signature_hash (wire_details,
|
||||
&h_wire_details));
|
||||
|
||||
if (0 != memcmp (&h_wire_details,
|
||||
h_wire,
|
||||
|
@ -59,6 +59,7 @@ sign_account_data (void *cls,
|
||||
json_t *wire;
|
||||
char *json_out;
|
||||
FILE *out;
|
||||
int ret;
|
||||
|
||||
if (GNUNET_NO == ai->credit_enabled)
|
||||
return;
|
||||
@ -70,8 +71,9 @@ sign_account_data (void *cls,
|
||||
global_ret = 1;
|
||||
return;
|
||||
}
|
||||
wire = TALER_JSON_wire_signature_make (ai->payto_url,
|
||||
&master_priv);
|
||||
wire = TALER_JSON_exchange_wire_signature_make (ai->payto_url,
|
||||
&master_priv);
|
||||
GNUNET_assert (NULL != wire);
|
||||
json_out = json_dumps (wire,
|
||||
JSON_INDENT(2));
|
||||
json_decref (wire);
|
||||
@ -98,10 +100,20 @@ sign_account_data (void *cls,
|
||||
free (json_out);
|
||||
return;
|
||||
}
|
||||
fprintf (out,
|
||||
"%s",
|
||||
json_out);
|
||||
ret = fprintf (out,
|
||||
"%s",
|
||||
json_out);
|
||||
fclose (out);
|
||||
if ( (0 == fclose (out)) &&
|
||||
(-1 != ret) )
|
||||
fprintf (stdout,
|
||||
"Created wire account file `%s'\n",
|
||||
ai->wire_response_filename);
|
||||
else
|
||||
fprintf (stderr,
|
||||
"Failure creating wire account file `%s': %s\n",
|
||||
ai->wire_response_filename,
|
||||
STRERROR (errno));
|
||||
free (json_out);
|
||||
}
|
||||
|
||||
|
@ -705,8 +705,8 @@ deposit_cb (void *cls,
|
||||
GNUNET_break (0);
|
||||
return GNUNET_DB_STATUS_HARD_ERROR;
|
||||
}
|
||||
TALER_JSON_wire_signature_hash (wire,
|
||||
&au->h_wire);
|
||||
TALER_JSON_merchant_wire_signature_hash (wire,
|
||||
&au->h_wire);
|
||||
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
|
||||
&au->wtid,
|
||||
sizeof (au->wtid));
|
||||
|
@ -457,8 +457,8 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh,
|
||||
"timestamp");
|
||||
}
|
||||
if (GNUNET_OK !=
|
||||
TALER_JSON_wire_signature_hash (wire,
|
||||
&my_h_wire))
|
||||
TALER_JSON_merchant_wire_signature_hash (wire,
|
||||
&my_h_wire))
|
||||
{
|
||||
TALER_LOG_WARNING ("Failed to parse JSON wire format specification for /deposit request\n");
|
||||
GNUNET_JSON_parse_free (spec);
|
||||
|
@ -1633,6 +1633,9 @@ TEH_KS_release_ (const char *location,
|
||||
struct TEH_KS_StateHandle *key_state)
|
||||
{
|
||||
GNUNET_assert (0 == pthread_mutex_lock (&internal_key_state_mutex));
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
||||
"KS released at %s\n",
|
||||
location);
|
||||
ks_release (key_state);
|
||||
GNUNET_assert (0 == pthread_mutex_unlock (&internal_key_state_mutex));
|
||||
}
|
||||
@ -1653,6 +1656,9 @@ TEH_KS_acquire_ (const char *location)
|
||||
struct TEH_KS_StateHandle *key_state;
|
||||
|
||||
GNUNET_assert (0 == pthread_mutex_lock (&internal_key_state_mutex));
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
||||
"KS acquired at %s\n",
|
||||
location);
|
||||
if ( (NULL != internal_key_state) &&
|
||||
(internal_key_state->next_reload.abs_value_us <= now.abs_value_us) )
|
||||
{
|
||||
|
@ -158,8 +158,8 @@ load_account (void *cls,
|
||||
}
|
||||
GNUNET_free (url);
|
||||
if (GNUNET_OK !=
|
||||
TALER_JSON_wire_signature_check (wire_s,
|
||||
&TEH_master_public_key))
|
||||
TALER_JSON_exchange_wire_signature_check (wire_s,
|
||||
&TEH_master_public_key))
|
||||
{
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
||||
"Invalid signature in `%s'\n",
|
||||
|
@ -447,8 +447,8 @@ do_deposit (struct Command *cmd)
|
||||
GNUNET_free (str);
|
||||
}
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
TALER_JSON_wire_signature_hash (deposit.receiver_wire_account,
|
||||
&deposit.h_wire));
|
||||
TALER_JSON_merchant_wire_signature_hash (deposit.receiver_wire_account,
|
||||
&deposit.h_wire));
|
||||
deposit.timestamp = GNUNET_TIME_absolute_get ();
|
||||
GNUNET_TIME_round_abs (&deposit.timestamp);
|
||||
deposit.wire_deadline = GNUNET_TIME_relative_to_absolute (cmd->details.deposit.wire_deadline);
|
||||
|
@ -904,8 +904,8 @@ deposit_cb (void *cls,
|
||||
deposit_rowid = rowid;
|
||||
if (NULL != wire)
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
TALER_JSON_wire_signature_hash (wire,
|
||||
&h_wire));
|
||||
TALER_JSON_merchant_wire_signature_hash (wire,
|
||||
&h_wire));
|
||||
if ( (0 != memcmp (merchant_pub,
|
||||
&deposit->merchant_pub,
|
||||
sizeof (struct TALER_MerchantPublicKeyP))) ||
|
||||
@ -1438,8 +1438,8 @@ wire_missing_cb (void *cls,
|
||||
|
||||
if (NULL != wire)
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
TALER_JSON_wire_signature_hash (wire,
|
||||
&h_wire));
|
||||
TALER_JSON_merchant_wire_signature_hash (wire,
|
||||
&h_wire));
|
||||
else
|
||||
memset (&h_wire,
|
||||
0,
|
||||
@ -1922,8 +1922,8 @@ run (void *cls)
|
||||
RND_BLK (&deposit.merchant_pub);
|
||||
RND_BLK (&deposit.h_contract_terms);
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
TALER_JSON_wire_signature_hash (wire,
|
||||
&deposit.h_wire));
|
||||
TALER_JSON_merchant_wire_signature_hash (wire,
|
||||
&deposit.h_wire));
|
||||
deposit.receiver_wire_account = wire;
|
||||
deposit.amount_with_fee = value;
|
||||
deposit.deposit_fee = fee_deposit;
|
||||
|
@ -733,6 +733,45 @@ TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc,
|
||||
/* **************** /wire account offline signing **************** */
|
||||
|
||||
|
||||
/**
|
||||
* Compute the hash of the given wire details. The resulting
|
||||
* hash is what is put into the contract.
|
||||
*
|
||||
* @param payto_url bank account
|
||||
* @param hc[out] set to the hash
|
||||
*/
|
||||
void
|
||||
TALER_exchange_wire_signature_hash (const char *payto_url,
|
||||
struct GNUNET_HashCode *hc);
|
||||
|
||||
|
||||
/**
|
||||
* Check the signature in @a wire_s.
|
||||
*
|
||||
* @param payto_url URL that is signed
|
||||
* @param master_pub master public key of the exchange
|
||||
* @param master_sig signature of the exchange
|
||||
* @return #GNUNET_OK if signature is valid
|
||||
*/
|
||||
int
|
||||
TALER_exchange_wire_signature_check (const char *payto_url,
|
||||
const struct TALER_MasterPublicKeyP *master_pub,
|
||||
const struct TALER_MasterSignatureP *master_sig);
|
||||
|
||||
|
||||
/**
|
||||
* Create a signed wire statement for the given account.
|
||||
*
|
||||
* @param payto_url account specification
|
||||
* @param master_priv private key to sign with
|
||||
* @param master_sig[out] where to write the signature
|
||||
*/
|
||||
void
|
||||
TALER_exchange_wire_signature_make (const char *payto_url,
|
||||
const struct TALER_MasterPrivateKeyP *master_priv,
|
||||
struct TALER_MasterSignatureP *master_sig);
|
||||
|
||||
|
||||
/**
|
||||
* Compute the hash of the given wire details. The resulting
|
||||
* hash is what is put into the contract.
|
||||
@ -742,24 +781,25 @@ TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc,
|
||||
* @param hc[out] set to the hash
|
||||
*/
|
||||
void
|
||||
TALER_wire_signature_hash (const char *payto_url,
|
||||
const char *salt,
|
||||
struct GNUNET_HashCode *hc);
|
||||
TALER_merchant_wire_signature_hash (const char *payto_url,
|
||||
const char *salt,
|
||||
struct GNUNET_HashCode *hc);
|
||||
|
||||
|
||||
/**
|
||||
* Check the signature in @a wire_s.
|
||||
*
|
||||
* @param payto_url URL that is signed
|
||||
* @param salt the salt used to salt the @a payto_url when hashing
|
||||
* @param master_pub master public key of the exchange
|
||||
* @param master_sig signature of the exchange
|
||||
* @param merch_pub public key of the merchant
|
||||
* @param merch_sig signature of the merchant
|
||||
* @return #GNUNET_OK if signature is valid
|
||||
*/
|
||||
int
|
||||
TALER_wire_signature_check (const char *payto_url,
|
||||
const char *salt,
|
||||
const struct TALER_MasterPublicKeyP *master_pub,
|
||||
const struct TALER_MasterSignatureP *master_sig);
|
||||
TALER_merchant_wire_signature_check (const char *payto_url,
|
||||
const char *salt,
|
||||
const struct TALER_MerchantPublicKeyP *merch_pub,
|
||||
const struct TALER_MerchantSignatureP *merch_sig);
|
||||
|
||||
|
||||
/**
|
||||
@ -767,14 +807,14 @@ TALER_wire_signature_check (const char *payto_url,
|
||||
*
|
||||
* @param payto_url account specification
|
||||
* @param salt the salt used to salt the @a payto_url when hashing
|
||||
* @param master_priv private key to sign with
|
||||
* @param master_sig[out] where to write the signature
|
||||
* @param merch_priv private key to sign with
|
||||
* @param merch_sig[out] where to write the signature
|
||||
*/
|
||||
void
|
||||
TALER_wire_signature_make (const char *payto_url,
|
||||
const char *salt,
|
||||
const struct TALER_MasterPrivateKeyP *master_priv,
|
||||
struct TALER_MasterSignatureP *master_sig);
|
||||
TALER_merchant_wire_signature_make (const char *payto_url,
|
||||
const char *salt,
|
||||
const struct TALER_MerchantPrivateKeyP *merch_priv,
|
||||
struct TALER_MerchantSignatureP *merch_sig);
|
||||
|
||||
|
||||
#endif
|
||||
|
@ -479,11 +479,6 @@ struct TALER_EXCHANGE_WireAccount
|
||||
*/
|
||||
const char *url;
|
||||
|
||||
/**
|
||||
* Salt used to generate @e master_sig.
|
||||
*/
|
||||
const char *salt;
|
||||
|
||||
/**
|
||||
* Signature of the exchange over the account (was checked by the API).
|
||||
*/
|
||||
|
@ -137,8 +137,22 @@ TALER_JSON_get_error_code (const json_t *json);
|
||||
* @return #GNUNET_OK on success, #GNUNET_SYSERR if @a wire_s is malformed
|
||||
*/
|
||||
int
|
||||
TALER_JSON_wire_signature_hash (const json_t *wire_s,
|
||||
struct GNUNET_HashCode *hc);
|
||||
TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,
|
||||
struct GNUNET_HashCode *hc);
|
||||
|
||||
|
||||
/**
|
||||
* Compute the hash of the given wire details. The resulting
|
||||
* hash is what is signed by the master public key.
|
||||
*
|
||||
* @param wire_s wire details to hash
|
||||
* @param hc[out] set to the hash
|
||||
* @return #GNUNET_OK on success, #GNUNET_SYSERR if @a wire_s is malformed
|
||||
*/
|
||||
int
|
||||
TALER_JSON_exchange_wire_signature_hash (const json_t *wire_s,
|
||||
struct GNUNET_HashCode *hc);
|
||||
|
||||
|
||||
/**
|
||||
* Check the signature in @a wire_s.
|
||||
@ -148,8 +162,8 @@ TALER_JSON_wire_signature_hash (const json_t *wire_s,
|
||||
* @return #GNUNET_OK if signature is valid
|
||||
*/
|
||||
int
|
||||
TALER_JSON_wire_signature_check (const json_t *wire_s,
|
||||
const struct TALER_MasterPublicKeyP *master_pub);
|
||||
TALER_JSON_exchange_wire_signature_check (const json_t *wire_s,
|
||||
const struct TALER_MasterPublicKeyP *master_pub);
|
||||
|
||||
|
||||
/**
|
||||
@ -159,8 +173,8 @@ TALER_JSON_wire_signature_check (const json_t *wire_s,
|
||||
* @param master_priv private key to sign with, NULL to not sign
|
||||
*/
|
||||
json_t *
|
||||
TALER_JSON_wire_signature_make (const char *payto_url,
|
||||
const struct TALER_MasterPrivateKeyP *master_priv);
|
||||
TALER_JSON_exchange_wire_signature_make (const char *payto_url,
|
||||
const struct TALER_MasterPrivateKeyP *master_priv);
|
||||
|
||||
|
||||
/**
|
||||
|
@ -178,6 +178,12 @@
|
||||
*/
|
||||
#define TALER_SIGNATURE_MERCHANT_PAY_SESSION 1106
|
||||
|
||||
/**
|
||||
* Signature where the merchant confirms its own (salted)
|
||||
* wire details (not yet really used).
|
||||
*/
|
||||
#define TALER_SIGNATURE_MERCHANT_WIRE_DETAILS 1107
|
||||
|
||||
|
||||
/*********************/
|
||||
/* Wallet signatures */
|
||||
|
@ -46,6 +46,7 @@ struct TALER_WIRE_Plugin *
|
||||
TALER_WIRE_plugin_load (const struct GNUNET_CONFIGURATION_Handle *cfg,
|
||||
const char *plugin_name);
|
||||
|
||||
|
||||
/**
|
||||
* Unload a WIRE plugin.
|
||||
*
|
||||
|
@ -34,8 +34,40 @@
|
||||
* @return #GNUNET_OK on success, #GNUNET_SYSERR if @a wire_s is malformed
|
||||
*/
|
||||
int
|
||||
TALER_JSON_wire_signature_hash (const json_t *wire_s,
|
||||
struct GNUNET_HashCode *hc)
|
||||
TALER_JSON_exchange_wire_signature_hash (const json_t *wire_s,
|
||||
struct GNUNET_HashCode *hc)
|
||||
{
|
||||
const char *payto_url;
|
||||
struct GNUNET_JSON_Specification spec[] = {
|
||||
GNUNET_JSON_spec_string ("url", &payto_url),
|
||||
GNUNET_JSON_spec_end ()
|
||||
};
|
||||
|
||||
if (GNUNET_OK !=
|
||||
GNUNET_JSON_parse (wire_s,
|
||||
spec,
|
||||
NULL, NULL))
|
||||
{
|
||||
GNUNET_break_op (0);
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
TALER_exchange_wire_signature_hash (payto_url,
|
||||
hc);
|
||||
return GNUNET_OK;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Compute the hash of the given wire details. The resulting
|
||||
* hash is what is put into the contract.
|
||||
*
|
||||
* @param wire_s wire details to hash
|
||||
* @param hc[out] set to the hash
|
||||
* @return #GNUNET_OK on success, #GNUNET_SYSERR if @a wire_s is malformed
|
||||
*/
|
||||
int
|
||||
TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,
|
||||
struct GNUNET_HashCode *hc)
|
||||
{
|
||||
const char *payto_url;
|
||||
const char *salt;
|
||||
@ -53,9 +85,9 @@ TALER_JSON_wire_signature_hash (const json_t *wire_s,
|
||||
GNUNET_break_op (0);
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
TALER_wire_signature_hash (payto_url,
|
||||
salt,
|
||||
hc);
|
||||
TALER_merchant_wire_signature_hash (payto_url,
|
||||
salt,
|
||||
hc);
|
||||
return GNUNET_OK;
|
||||
}
|
||||
|
||||
@ -68,15 +100,13 @@ TALER_JSON_wire_signature_hash (const json_t *wire_s,
|
||||
* @return #GNUNET_OK if signature is valid
|
||||
*/
|
||||
int
|
||||
TALER_JSON_wire_signature_check (const json_t *wire_s,
|
||||
const struct TALER_MasterPublicKeyP *master_pub)
|
||||
TALER_JSON_exchange_wire_signature_check (const json_t *wire_s,
|
||||
const struct TALER_MasterPublicKeyP *master_pub)
|
||||
{
|
||||
const char *payto_url;
|
||||
const char *salt;
|
||||
struct TALER_MasterSignatureP master_sig;
|
||||
struct GNUNET_JSON_Specification spec[] = {
|
||||
GNUNET_JSON_spec_string ("url", &payto_url),
|
||||
GNUNET_JSON_spec_string ("salt", &salt),
|
||||
GNUNET_JSON_spec_fixed_auto ("master_sig", &master_sig),
|
||||
GNUNET_JSON_spec_end ()
|
||||
};
|
||||
@ -89,10 +119,9 @@ TALER_JSON_wire_signature_check (const json_t *wire_s,
|
||||
GNUNET_break_op (0);
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
return TALER_wire_signature_check (payto_url,
|
||||
salt,
|
||||
master_pub,
|
||||
&master_sig);
|
||||
return TALER_exchange_wire_signature_check (payto_url,
|
||||
master_pub,
|
||||
&master_sig);
|
||||
}
|
||||
|
||||
|
||||
@ -103,38 +132,17 @@ TALER_JSON_wire_signature_check (const json_t *wire_s,
|
||||
* @param master_priv private key to sign with, NULL to not sign
|
||||
*/
|
||||
json_t *
|
||||
TALER_JSON_wire_signature_make (const char *payto_url,
|
||||
const struct TALER_MasterPrivateKeyP *master_priv)
|
||||
TALER_JSON_exchange_wire_signature_make (const char *payto_url,
|
||||
const struct TALER_MasterPrivateKeyP *master_priv)
|
||||
{
|
||||
struct TALER_MasterSignatureP master_sig;
|
||||
struct GNUNET_HashCode salt;
|
||||
char *salt_str;
|
||||
json_t *ret;
|
||||
|
||||
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
|
||||
&salt,
|
||||
sizeof (salt));
|
||||
salt_str = GNUNET_STRINGS_data_to_string_alloc (&salt,
|
||||
sizeof (salt));
|
||||
if (NULL != master_priv)
|
||||
{
|
||||
TALER_wire_signature_make (payto_url,
|
||||
salt_str,
|
||||
master_priv,
|
||||
&master_sig);
|
||||
ret = json_pack ("{s:s, s:s, s:o}",
|
||||
"url", payto_url,
|
||||
"salt", salt_str,
|
||||
"master_sig", GNUNET_JSON_from_data_auto (&master_sig));
|
||||
}
|
||||
else
|
||||
{
|
||||
ret = json_pack ("{s:s, s:s}",
|
||||
"url", payto_url,
|
||||
"salt", salt_str);
|
||||
}
|
||||
GNUNET_free (salt_str);
|
||||
return ret;
|
||||
TALER_exchange_wire_signature_make (payto_url,
|
||||
master_priv,
|
||||
&master_sig);
|
||||
return json_pack ("{s:s, s:o}",
|
||||
"url", payto_url,
|
||||
"master_sig", GNUNET_JSON_from_data_auto (&master_sig));
|
||||
}
|
||||
|
||||
|
||||
|
@ -22,28 +22,25 @@
|
||||
#include "taler_crypto_lib.h"
|
||||
#include "taler_signatures.h"
|
||||
|
||||
|
||||
/**
|
||||
* Compute the hash of the given wire details. The resulting
|
||||
* hash is what is put into the contract.
|
||||
*
|
||||
* @param payto_url bank account
|
||||
* @param salt salt used to eliminate brute-force inversion
|
||||
* @param hc[out] set to the hash
|
||||
*/
|
||||
void
|
||||
TALER_wire_signature_hash (const char *payto_url,
|
||||
const char *salt,
|
||||
struct GNUNET_HashCode *hc)
|
||||
TALER_exchange_wire_signature_hash (const char *payto_url,
|
||||
struct GNUNET_HashCode *hc)
|
||||
{
|
||||
GNUNET_assert (GNUNET_YES ==
|
||||
GNUNET_CRYPTO_kdf (hc,
|
||||
sizeof (*hc),
|
||||
salt,
|
||||
strlen (salt) + 1,
|
||||
payto_url,
|
||||
strlen (payto_url) + 1,
|
||||
"wire-signature",
|
||||
strlen ("wire-signature"),
|
||||
"exchange-wire-signature",
|
||||
strlen ("exchange-wire-signature"),
|
||||
NULL, 0));
|
||||
}
|
||||
|
||||
@ -52,24 +49,21 @@ TALER_wire_signature_hash (const char *payto_url,
|
||||
* Check the signature in @a wire_s.
|
||||
*
|
||||
* @param payto_url URL that is signed
|
||||
* @param salt the salt used to salt the @a payto_url when hashing
|
||||
* @param master_pub master public key of the exchange
|
||||
* @param master_sig signature of the exchange
|
||||
* @return #GNUNET_OK if signature is valid
|
||||
*/
|
||||
int
|
||||
TALER_wire_signature_check (const char *payto_url,
|
||||
const char *salt,
|
||||
const struct TALER_MasterPublicKeyP *master_pub,
|
||||
const struct TALER_MasterSignatureP *master_sig)
|
||||
TALER_exchange_wire_signature_check (const char *payto_url,
|
||||
const struct TALER_MasterPublicKeyP *master_pub,
|
||||
const struct TALER_MasterSignatureP *master_sig)
|
||||
{
|
||||
struct TALER_MasterWireDetailsPS wd;
|
||||
|
||||
wd.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS);
|
||||
wd.purpose.size = htonl (sizeof (wd));
|
||||
TALER_wire_signature_hash (payto_url,
|
||||
salt,
|
||||
&wd.h_wire_details);
|
||||
TALER_exchange_wire_signature_hash (payto_url,
|
||||
&wd.h_wire_details);
|
||||
return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_DETAILS,
|
||||
&wd.purpose,
|
||||
&master_sig->eddsa_signature,
|
||||
@ -81,23 +75,20 @@ TALER_wire_signature_check (const char *payto_url,
|
||||
* Create a signed wire statement for the given account.
|
||||
*
|
||||
* @param payto_url account specification
|
||||
* @param salt the salt used to salt the @a payto_url when hashing
|
||||
* @param master_priv private key to sign with
|
||||
* @param master_sig[out] where to write the signature
|
||||
*/
|
||||
void
|
||||
TALER_wire_signature_make (const char *payto_url,
|
||||
const char *salt,
|
||||
const struct TALER_MasterPrivateKeyP *master_priv,
|
||||
struct TALER_MasterSignatureP *master_sig)
|
||||
TALER_exchange_wire_signature_make (const char *payto_url,
|
||||
const struct TALER_MasterPrivateKeyP *master_priv,
|
||||
struct TALER_MasterSignatureP *master_sig)
|
||||
{
|
||||
struct TALER_MasterWireDetailsPS wd;
|
||||
|
||||
wd.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS);
|
||||
wd.purpose.size = htonl (sizeof (wd));
|
||||
TALER_wire_signature_hash (payto_url,
|
||||
salt,
|
||||
&wd.h_wire_details);
|
||||
TALER_exchange_wire_signature_hash (payto_url,
|
||||
&wd.h_wire_details);
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
|
||||
&wd.purpose,
|
||||
@ -105,4 +96,87 @@ TALER_wire_signature_make (const char *payto_url,
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Compute the hash of the given wire details. The resulting
|
||||
* hash is what is put into the contract.
|
||||
*
|
||||
* @param payto_url bank account
|
||||
* @param salt salt used to eliminate brute-force inversion
|
||||
* @param hc[out] set to the hash
|
||||
*/
|
||||
void
|
||||
TALER_merchant_wire_signature_hash (const char *payto_url,
|
||||
const char *salt,
|
||||
struct GNUNET_HashCode *hc)
|
||||
{
|
||||
GNUNET_assert (GNUNET_YES ==
|
||||
GNUNET_CRYPTO_kdf (hc,
|
||||
sizeof (*hc),
|
||||
salt,
|
||||
strlen (salt) + 1,
|
||||
payto_url,
|
||||
strlen (payto_url) + 1,
|
||||
"merchant-wire-signature",
|
||||
strlen ("merchant-wire-signature"),
|
||||
NULL, 0));
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Check the signature in @a merch_sig. (Not yet used anywhere.)
|
||||
*
|
||||
* @param payto_url URL that is signed
|
||||
* @param salt the salt used to salt the @a payto_url when hashing
|
||||
* @param merch_pub master public key of the merchant
|
||||
* @param merch_sig signature of the merchant
|
||||
* @return #GNUNET_OK if signature is valid
|
||||
*/
|
||||
int
|
||||
TALER_merchant_wire_signature_check (const char *payto_url,
|
||||
const char *salt,
|
||||
const struct TALER_MerchantPublicKeyP *merch_pub,
|
||||
const struct TALER_MerchantSignatureP *merch_sig)
|
||||
{
|
||||
struct TALER_MasterWireDetailsPS wd;
|
||||
|
||||
wd.purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS);
|
||||
wd.purpose.size = htonl (sizeof (wd));
|
||||
TALER_merchant_wire_signature_hash (payto_url,
|
||||
salt,
|
||||
&wd.h_wire_details);
|
||||
return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS,
|
||||
&wd.purpose,
|
||||
&merch_sig->eddsa_sig,
|
||||
&merch_pub->eddsa_pub);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Create a signed wire statement for the given account. (Not yet used anywhere.)
|
||||
*
|
||||
* @param payto_url account specification
|
||||
* @param salt the salt used to salt the @a payto_url when hashing
|
||||
* @param merchant_priv private key to sign with
|
||||
* @param merchant_sig[out] where to write the signature
|
||||
*/
|
||||
void
|
||||
TALER_merchant_wire_signature_make (const char *payto_url,
|
||||
const char *salt,
|
||||
const struct TALER_MerchantPrivateKeyP *merch_priv,
|
||||
struct TALER_MerchantSignatureP *merch_sig)
|
||||
{
|
||||
struct TALER_MasterWireDetailsPS wd;
|
||||
|
||||
wd.purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS);
|
||||
wd.purpose.size = htonl (sizeof (wd));
|
||||
TALER_merchant_wire_signature_hash (payto_url,
|
||||
salt,
|
||||
&wd.h_wire_details);
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
GNUNET_CRYPTO_eddsa_sign (&merch_priv->eddsa_priv,
|
||||
&wd.purpose,
|
||||
&merch_sig->eddsa_sig));
|
||||
}
|
||||
|
||||
|
||||
/* end of crypto_wire.c */
|
||||
|
Loading…
Reference in New Issue
Block a user