fix /test/rsa API to persist private RSA key and use it across requests and allow client to fetch it before requesting the signature
This commit is contained in:
parent
28a10c22a6
commit
c154e50148
@ -242,10 +242,17 @@ handle_mhd_request (void *cls,
|
||||
"Only POST is allowed", 0,
|
||||
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
|
||||
|
||||
{ "/test/rsa", MHD_HTTP_METHOD_POST, "application/json",
|
||||
{ "/test/rsa/get", MHD_HTTP_METHOD_GET, "application/json",
|
||||
NULL, 0,
|
||||
&TMH_TEST_handler_test_rsa, MHD_HTTP_OK },
|
||||
{ "/test/rsa", NULL, "text/plain",
|
||||
&TMH_TEST_handler_test_rsa_get, MHD_HTTP_OK },
|
||||
{ "/test/rsa/get", NULL, "text/plain",
|
||||
"Only GET is allowed", 0,
|
||||
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
|
||||
|
||||
{ "/test/rsa/sign", MHD_HTTP_METHOD_POST, "application/json",
|
||||
NULL, 0,
|
||||
&TMH_TEST_handler_test_rsa_sign, MHD_HTTP_OK },
|
||||
{ "/test/rsa/sign", NULL, "text/plain",
|
||||
"Only POST is allowed", 0,
|
||||
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
|
||||
|
||||
|
@ -29,6 +29,12 @@
|
||||
#include "taler-mint-httpd_responses.h"
|
||||
|
||||
|
||||
/**
|
||||
* Private key the test module uses for signing.
|
||||
*/
|
||||
static struct GNUNET_CRYPTO_rsa_PrivateKey *rsa_pk;
|
||||
|
||||
|
||||
/**
|
||||
* Handle a "/test/base32" request. Parses the JSON in the post, runs
|
||||
* the Crockford Base32 decoder on the "input" field in the JSON,
|
||||
@ -384,9 +390,8 @@ TMH_TEST_handler_test_eddsa (struct TMH_RequestHandler *rh,
|
||||
|
||||
|
||||
/**
|
||||
* Handle a "/test/rsa" request. Parses the JSON in the post, which
|
||||
* must contain an "blind_ev" blinded value. An RSA public key
|
||||
* ("rsa_pub") and a blinded signature ("rsa_blind_sig") are returned.
|
||||
* Handle a "/test/rsa/get" request. Returns the RSA public key
|
||||
* ("rsa_pub") which is used for signing in "/test/rsa/sign".
|
||||
*
|
||||
* @param rh context of the handler
|
||||
* @param connection the MHD connection to handle
|
||||
@ -396,7 +401,54 @@ TMH_TEST_handler_test_eddsa (struct TMH_RequestHandler *rh,
|
||||
* @return MHD result code
|
||||
*/
|
||||
int
|
||||
TMH_TEST_handler_test_rsa (struct TMH_RequestHandler *rh,
|
||||
TMH_TEST_handler_test_rsa_get (struct TMH_RequestHandler *rh,
|
||||
struct MHD_Connection *connection,
|
||||
void **connection_cls,
|
||||
const char *upload_data,
|
||||
size_t *upload_data_size)
|
||||
{
|
||||
int res;
|
||||
struct GNUNET_CRYPTO_rsa_PublicKey *pub;
|
||||
|
||||
if (NULL == rsa_pk)
|
||||
rsa_pk = GNUNET_CRYPTO_rsa_private_key_create (1024);
|
||||
if (NULL == rsa_pk)
|
||||
{
|
||||
GNUNET_break (0);
|
||||
return TMH_RESPONSE_reply_internal_error (connection,
|
||||
"Failed to create RSA key");
|
||||
}
|
||||
pub = GNUNET_CRYPTO_rsa_private_key_get_public (rsa_pk);
|
||||
if (NULL == pub)
|
||||
{
|
||||
GNUNET_break (0);
|
||||
return TMH_RESPONSE_reply_internal_error (connection,
|
||||
"Failed to get public RSA key");
|
||||
}
|
||||
res = TMH_RESPONSE_reply_json_pack (connection,
|
||||
MHD_HTTP_OK,
|
||||
"{s:o}",
|
||||
"rsa_pub",
|
||||
TALER_json_from_rsa_public_key (pub));
|
||||
GNUNET_CRYPTO_rsa_public_key_free (pub);
|
||||
return res;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Handle a "/test/rsa/sign" request. Parses the JSON in the post, which
|
||||
* must contain an "blind_ev" blinded value. A a blinded signature
|
||||
* ("rsa_blind_sig") is returned.
|
||||
*
|
||||
* @param rh context of the handler
|
||||
* @param connection the MHD connection to handle
|
||||
* @param[in,out] connection_cls the connection's closure (can be updated)
|
||||
* @param upload_data upload data
|
||||
* @param[in,out] upload_data_size number of bytes (left) in @a upload_data
|
||||
* @return MHD result code
|
||||
*/
|
||||
int
|
||||
TMH_TEST_handler_test_rsa_sign (struct TMH_RequestHandler *rh,
|
||||
struct MHD_Connection *connection,
|
||||
void **connection_cls,
|
||||
const char *upload_data,
|
||||
@ -404,13 +456,11 @@ TMH_TEST_handler_test_rsa (struct TMH_RequestHandler *rh,
|
||||
{
|
||||
json_t *json;
|
||||
int res;
|
||||
struct GNUNET_CRYPTO_rsa_PublicKey *pub;
|
||||
struct GNUNET_CRYPTO_rsa_Signature *sig;
|
||||
struct TMH_PARSE_FieldSpecification spec[] = {
|
||||
TMH_PARSE_MEMBER_VARIABLE ("blind_ev"),
|
||||
TMH_PARSE_MEMBER_END
|
||||
};
|
||||
struct GNUNET_CRYPTO_rsa_PrivateKey *pk;
|
||||
|
||||
res = TMH_PARSE_post_json (connection,
|
||||
connection_cls,
|
||||
@ -427,44 +477,32 @@ TMH_TEST_handler_test_rsa (struct TMH_RequestHandler *rh,
|
||||
json_decref (json);
|
||||
if (GNUNET_YES != res)
|
||||
return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
|
||||
pk = GNUNET_CRYPTO_rsa_private_key_create (1024);
|
||||
if (NULL == pk)
|
||||
if (NULL == rsa_pk)
|
||||
rsa_pk = GNUNET_CRYPTO_rsa_private_key_create (1024);
|
||||
if (NULL == rsa_pk)
|
||||
{
|
||||
GNUNET_break (0);
|
||||
TMH_PARSE_release_data (spec);
|
||||
return TMH_RESPONSE_reply_internal_error (connection,
|
||||
"Failed to create RSA key");
|
||||
}
|
||||
sig = GNUNET_CRYPTO_rsa_sign (pk,
|
||||
sig = GNUNET_CRYPTO_rsa_sign (rsa_pk,
|
||||
spec[0].destination,
|
||||
spec[0].destination_size_out);
|
||||
if (NULL == sig)
|
||||
{
|
||||
GNUNET_break (0);
|
||||
GNUNET_CRYPTO_rsa_private_key_free (pk);
|
||||
TMH_PARSE_release_data (spec);
|
||||
return TMH_RESPONSE_reply_internal_error (connection,
|
||||
"Failed to RSA-sign");
|
||||
}
|
||||
TMH_PARSE_release_data (spec);
|
||||
pub = GNUNET_CRYPTO_rsa_private_key_get_public (pk);
|
||||
GNUNET_CRYPTO_rsa_private_key_free (pk);
|
||||
if (NULL == pub)
|
||||
{
|
||||
GNUNET_break (0);
|
||||
GNUNET_CRYPTO_rsa_signature_free (sig);
|
||||
return TMH_RESPONSE_reply_internal_error (connection,
|
||||
"Failed to get public RSA key");
|
||||
}
|
||||
res = TMH_RESPONSE_reply_json_pack (connection,
|
||||
MHD_HTTP_OK,
|
||||
"{s:o, s:o}",
|
||||
"rsa_pub",
|
||||
TALER_json_from_rsa_public_key (pub),
|
||||
"{s:o}",
|
||||
"rsa_blind_sig",
|
||||
TALER_json_from_rsa_signature (sig));
|
||||
GNUNET_CRYPTO_rsa_signature_free (sig);
|
||||
GNUNET_CRYPTO_rsa_public_key_free (pub);
|
||||
return res;
|
||||
}
|
||||
|
||||
|
@ -143,10 +143,10 @@ TMH_TEST_handler_test_eddsa (struct TMH_RequestHandler *rh,
|
||||
const char *upload_data,
|
||||
size_t *upload_data_size);
|
||||
|
||||
|
||||
/**
|
||||
* Handle a "/test/rsa" request. Parses the JSON in the post, which
|
||||
* must contain an "blind_ev" blinded value. An RSA public key
|
||||
* ("rsa_pub") and a blinded signature ("rsa_blind_sig") are returned.
|
||||
* Handle a "/test/rsa/get" request. Returns the RSA public key
|
||||
* ("rsa_pub") which is used for signing in "/test/rsa/sign".
|
||||
*
|
||||
* @param rh context of the handler
|
||||
* @param connection the MHD connection to handle
|
||||
@ -156,7 +156,27 @@ TMH_TEST_handler_test_eddsa (struct TMH_RequestHandler *rh,
|
||||
* @return MHD result code
|
||||
*/
|
||||
int
|
||||
TMH_TEST_handler_test_rsa (struct TMH_RequestHandler *rh,
|
||||
TMH_TEST_handler_test_rsa_get (struct TMH_RequestHandler *rh,
|
||||
struct MHD_Connection *connection,
|
||||
void **connection_cls,
|
||||
const char *upload_data,
|
||||
size_t *upload_data_size);
|
||||
|
||||
|
||||
/**
|
||||
* Handle a "/test/rsa/sign" request. Parses the JSON in the post, which
|
||||
* must contain an "blind_ev" blinded value. A a blinded signature
|
||||
* ("rsa_blind_sig") is returned.
|
||||
*
|
||||
* @param rh context of the handler
|
||||
* @param connection the MHD connection to handle
|
||||
* @param[in,out] connection_cls the connection's closure (can be updated)
|
||||
* @param upload_data upload data
|
||||
* @param[in,out] upload_data_size number of bytes (left) in @a upload_data
|
||||
* @return MHD result code
|
||||
*/
|
||||
int
|
||||
TMH_TEST_handler_test_rsa_sign (struct TMH_RequestHandler *rh,
|
||||
struct MHD_Connection *connection,
|
||||
void **connection_cls,
|
||||
const char *upload_data,
|
||||
|
Loading…
Reference in New Issue
Block a user