-introduce 'struct TALER_WireSalt'

src/include/taler_crypto_lib.h

@@ -359,6 +359,20 @@ struct TALER_ClaimTokenP
 };
 
 
+/**
+ * Salt used to hash a merchant's payto:// URI to
+ * compute the "h_wire" (say for deposit requests).
+ */
+struct TALER_WireSalt
+{
+  /**
+   * Actual salt value.
+   * FIXME: #7032: change to 16 byte value!
+   */
+  struct GNUNET_HashCode data;
+};
+
+
 GNUNET_NETWORK_STRUCT_END
 
 
@@ -1658,7 +1672,7 @@ TALER_exchange_wire_signature_make (
  */
 void
 TALER_merchant_wire_signature_hash (const char *payto_uri,
-                                    const char *salt,
+                                    const struct TALER_WireSalt *salt,
                                     struct GNUNET_HashCode *hc);
 
 
@@ -1674,7 +1688,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri,
 enum GNUNET_GenericReturnValue
 TALER_merchant_wire_signature_check (
   const char *payto_uri,
-  const char *salt,
+  const struct TALER_WireSalt *salt,
   const struct TALER_MerchantPublicKeyP *merch_pub,
   const struct TALER_MerchantSignatureP *merch_sig);
 
@@ -1690,7 +1704,7 @@ TALER_merchant_wire_signature_check (
 void
 TALER_merchant_wire_signature_make (
   const char *payto_uri,
-  const char *salt,
+  const struct TALER_WireSalt *salt,
   const struct TALER_MerchantPrivateKeyP *merch_priv,
   struct TALER_MerchantSignatureP *merch_sig);
 

src/json/json_wire.c

@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  Copyright (C) 2018 Taler Systems SA
+  Copyright (C) 2018, 2021 Taler Systems SA
 
   TALER is free software; you can redistribute it and/or modify it under the
   terms of the GNU General Public License as published by the Free Software
@@ -37,13 +37,12 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,
                                          struct GNUNET_HashCode *hc)
 {
   const char *payto_uri;
-  const char *salt;
+  struct TALER_WireSalt salt;
-  /* Current merchant backend will always make the salt
-     a `struct GNUNET_HashCode`, but *we* do not insist
-     on that. */
   struct GNUNET_JSON_Specification spec[] = {
-    GNUNET_JSON_spec_string ("payto_uri", &payto_uri),
+    GNUNET_JSON_spec_string ("payto_uri",
-    GNUNET_JSON_spec_string ("salt", &salt),
+                             &payto_uri),
+    GNUNET_JSON_spec_fixed_auto ("salt",
+                                 &salt),
     GNUNET_JSON_spec_end ()
   };
 
@@ -73,7 +72,7 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,
     }
   }
   TALER_merchant_wire_signature_hash (payto_uri,
-                                      salt,
+                                      &salt,
                                       hc);
   return GNUNET_OK;
 }
@@ -95,8 +94,10 @@ TALER_JSON_exchange_wire_signature_check (
   const char *payto_uri;
   struct TALER_MasterSignatureP master_sig;
   struct GNUNET_JSON_Specification spec[] = {
-    GNUNET_JSON_spec_string ("payto_uri", &payto_uri),
+    GNUNET_JSON_spec_string ("payto_uri",
-    GNUNET_JSON_spec_fixed_auto ("master_sig", &master_sig),
+                             &payto_uri),
+    GNUNET_JSON_spec_fixed_auto ("master_sig",
+                                 &master_sig),
     GNUNET_JSON_spec_end ()
   };
 

src/util/crypto_wire.c

@@ -110,19 +110,39 @@ TALER_exchange_wire_signature_make (
  */
 void
 TALER_merchant_wire_signature_hash (const char *payto_uri,
-                                    const char *salt,
+                                    const struct TALER_WireSalt *salt,
                                     struct GNUNET_HashCode *hc)
 {
+#if FIXED_7032
+  /* new logic to use once #7032 is being addressed */
   GNUNET_assert (GNUNET_YES ==
                  GNUNET_CRYPTO_kdf (hc,
                                     sizeof (*hc),
                                     salt,
-                                    strlen (salt) + 1,
+                                    sizeof (*salt),
                                     payto_uri,
                                     strlen (payto_uri) + 1,
                                     "merchant-wire-signature",
                                     strlen ("merchant-wire-signature"),
                                     NULL, 0));
+#else
+  /* compatibility logic to avoid protocol breakage... */
+  char *sstr;
+
+  sstr = GNUNET_STRINGS_data_to_string_alloc (salt,
+                                              sizeof (*salt));
+  GNUNET_assert (GNUNET_YES ==
+                 GNUNET_CRYPTO_kdf (hc,
+                                    sizeof (*hc),
+                                    sstr,
+                                    strlen (sstr) + 1,
+                                    payto_uri,
+                                    strlen (payto_uri) + 1,
+                                    "merchant-wire-signature",
+                                    strlen ("merchant-wire-signature"),
+                                    NULL, 0));
+  GNUNET_free (sstr);
+#endif
 }
 
 
@@ -146,7 +166,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri,
 enum GNUNET_GenericReturnValue
 TALER_merchant_wire_signature_check (
   const char *payto_uri,
-  const char *salt,
+  const struct TALER_WireSalt *salt,
   const struct TALER_MerchantPublicKeyP *merch_pub,
   const struct TALER_MerchantSignatureP *merch_sig)
 {
@@ -176,7 +196,7 @@ TALER_merchant_wire_signature_check (
 void
 TALER_merchant_wire_signature_make (
   const char *payto_uri,
-  const char *salt,
+  const struct TALER_WireSalt *salt,
   const struct TALER_MerchantPrivateKeyP *merch_priv,
   struct TALER_MerchantSignatureP *merch_sig)
 {