taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

eliminating ECDSA, replacing with EdDSA-ECDHE-combo in transfer protocol

Browse Source
This commit is contained in:
Christian Grothoff 2015-05-16 14:15:34 +02:00
parent d080e59e27
commit f4a59d1ccc
15 changed files with 95 additions and 231 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
src/include/taler_crypto_lib.h
View File

@ -17,6 +17,7 @@
* @file include/taler_crypto_lib.h
* @brief taler-specific crypto functions
* @author Sree Harsha Totakura <sreeharsha@totakura.in>
* @author Christian Grothoff <christian@grothoff.org>
*/
#ifndef TALER_CRYPTO_LIB_H
#define TALER_CRYPTO_LIB_H
@ -100,7 +101,7 @@ struct TALER_MerchantPrivateKeyP
struct TALER_TransferPublicKeyP
{
/**
* Taler uses ECDSA for transfer keys.
* Taler uses ECDHE for transfer keys.
*/
struct GNUNET_CRYPTO_EcdhePublicKey ecdhe_pub;
};
@ -113,7 +114,7 @@ struct TALER_TransferPublicKeyP
struct TALER_TransferPrivateKeyP
{
/**
* Taler uses ECDSA for melting session keys.
* Taler uses ECDHE for melting session keys.
*/
struct GNUNET_CRYPTO_EcdhePrivateKey ecdhe_priv;
};
@ -196,37 +197,28 @@ struct TALER_MasterSignatureP
/**
* @brief Type of public keys for Taler coins. The same key material is used
* for ECDSA and ECDHE operations.
* for EdDSA and ECDHE operations.
*/
union TALER_CoinSpendPublicKeyP
struct TALER_CoinSpendPublicKeyP
{
/**
* Taler uses ECDSA for coins when signing deposit requests.
* Taler uses EdDSA for coins when signing deposit requests.
*/
struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_pub;
struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
/**
* Taler uses ECDH(E) for coin linkage during refresh operations.
*/
struct GNUNET_CRYPTO_EcdhePublicKey ecdhe_pub;
};
/**
* @brief Type of private keys for Taler coins. The same key material is used
* for ECDSA and ECDHE operations.
* for EdDSA and ECDHE operations.
*/
union TALER_CoinSpendPrivateKeyP
struct TALER_CoinSpendPrivateKeyP
{
/**
* Taler uses ECDSA for coins when signing deposit requests.
* Taler uses EdDSA for coins when signing deposit requests.
*/
struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_priv;
/**
* Taler uses ECDHE for coin linkage during refresh operations.
*/
struct GNUNET_CRYPTO_EcdhePrivateKey ecdhe_priv;
struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
};
@ -236,9 +228,9 @@ union TALER_CoinSpendPrivateKeyP
struct TALER_CoinSpendSignatureP
{
/**
* Taler uses ECDSA for coins.
* Taler uses EdDSA for coins.
*/
struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature;
struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
};
@ -302,7 +294,7 @@ struct TALER_CoinPublicInfo
/**
* The coin's public key.
*/
union TALER_CoinSpendPublicKeyP coin_pub;
struct TALER_CoinSpendPublicKeyP coin_pub;
/**
* Public key representing the denomination of the coin
@ -383,7 +375,7 @@ struct TALER_RefreshLinkDecrypted
/**
* Private key of the coin.
*/
union TALER_CoinSpendPrivateKeyP coin_priv;
struct TALER_CoinSpendPrivateKeyP coin_priv;
/**
* Blinding key.
@ -416,7 +408,7 @@ struct TALER_RefreshLinkEncrypted
/**
* Encrypted private key of the coin.
*/
char coin_priv_enc[sizeof (union TALER_CoinSpendPrivateKeyP)];
char coin_priv_enc[sizeof (struct TALER_CoinSpendPrivateKeyP)];
};
@ -435,7 +427,7 @@ struct TALER_RefreshLinkEncrypted
int
TALER_link_decrypt_secret (const struct TALER_EncryptedLinkSecretP *secret_enc,
const struct TALER_TransferPrivateKeyP *trans_priv,
const union TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
struct TALER_LinkSecretP *secret);
@ -453,7 +445,7 @@ TALER_link_decrypt_secret (const struct TALER_EncryptedLinkSecretP *secret_enc,
int
TALER_link_decrypt_secret2 (const struct TALER_EncryptedLinkSecretP *secret_enc,
const struct TALER_TransferPublicKeyP *trans_pub,
const union TALER_CoinSpendPrivateKeyP *coin_priv,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
struct TALER_LinkSecretP *secret);
@ -470,7 +462,7 @@ TALER_link_decrypt_secret2 (const struct TALER_EncryptedLinkSecretP *secret_enc,
*/
int
TALER_link_encrypt_secret (const struct TALER_LinkSecretP *secret,
const union TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
struct TALER_TransferPrivateKeyP *trans_priv,
struct TALER_TransferPublicKeyP *trans_pub,
struct TALER_EncryptedLinkSecretP *secret_enc);

6
src/include/taler_mintdb_plugin.h
View File

@ -1068,7 +1068,7 @@ struct TALER_MINTDB_Plugin
struct TALER_MINTDB_LinkDataList *
(*get_link_data_list) (void *cls,
struct TALER_MINTDB_Session *sesssion,
const union TALER_CoinSpendPublicKeyP *coin_pub);
const struct TALER_CoinSpendPublicKeyP *coin_pub);
/**
@ -1101,7 +1101,7 @@ struct TALER_MINTDB_Plugin
int
(*get_transfer) (void *cls,
struct TALER_MINTDB_Session *sesssion,
const union TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
struct TALER_TransferPublicKeyP *transfer_pub,
struct TALER_EncryptedLinkSecretP *shared_secret_enc);
@ -1149,7 +1149,7 @@ struct TALER_MINTDB_Plugin
struct TALER_MINTDB_TransactionList *
(*get_coin_transactions) (void *cls,
struct TALER_MINTDB_Session *sesssion,
const union TALER_CoinSpendPublicKeyP *coin_pub);
const struct TALER_CoinSpendPublicKeyP *coin_pub);
/**

26
src/include/taler_signatures.h
View File

@ -122,16 +122,6 @@
/*******************/
/**
* ECDSA test signature.
*/
#define TALER_SIGNATURE_CLIENT_TEST_ECDSA 1300
/**
* ECDSA test signature.
*/
#define TALER_SIGNATURE_MINT_TEST_ECDSA 1301
/**
* EdDSA test signature.
*/
@ -207,7 +197,7 @@ struct TALER_DepositRequestPS
{
/**
* Purpose must be #TALER_SIGNATURE_WALLET_COIN_DEPOSIT.
* Used for an ECDSA signature with the `union TALER_CoinSpendPublicKeyP`.
* Used for an EdDSA signature with the `struct TALER_CoinSpendPublicKeyP`.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@ -283,9 +273,9 @@ struct TALER_DepositRequestPS
/**
* The coin's public key. This is the value that must have been
* signed (blindly) by the Mint. The deposit request is to be
* signed by the corresponding private key (using ECDSA).
* signed by the corresponding private key (using EdDSA).
*/
union TALER_CoinSpendPublicKeyP coin_pub;
struct TALER_CoinSpendPublicKeyP coin_pub;
};
@ -341,9 +331,9 @@ struct TALER_DepositConfirmationPS
/**
* The coin's public key. This is the value that must have been
* signed (blindly) by the Mint. The deposit request is to be
* signed by the corresponding private key (using ECDSA).
* signed by the corresponding private key (using EdDSA).
*/
union TALER_CoinSpendPublicKeyP coin_pub;
struct TALER_CoinSpendPublicKeyP coin_pub;
/**
* The Merchant's public key. Allows the merchant to later refund
@ -363,7 +353,7 @@ struct TALER_RefreshMeltCoinAffirmationPS
{
/**
* Purpose is #TALER_SIGNATURE_WALLET_COIN_MELT.
* Used for an ECDSA signature with the `union TALER_CoinSpendPublicKeyP`.
* Used for an EdDSA signature with the `struct TALER_CoinSpendPublicKeyP`.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@ -396,9 +386,9 @@ struct TALER_RefreshMeltCoinAffirmationPS
/**
* The coin's public key. This is the value that must have been
* signed (blindly) by the Mint. The deposit request is to be
* signed by the corresponding private key (using ECDSA).
* signed by the corresponding private key (using EdDSA).
*/
union TALER_CoinSpendPublicKeyP coin_pub;
struct TALER_CoinSpendPublicKeyP coin_pub;
};

7
src/mint/taler-mint-httpd.c
View File

@ -232,13 +232,6 @@ handle_mhd_request (void *cls,
"Only POST is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/test/ecdsa", MHD_HTTP_METHOD_POST, "application/json",
NULL, 0,
&TMH_TEST_handler_test_ecdsa, MHD_HTTP_OK },
{ "/test/ecdsa", NULL, "text/plain",
"Only POST is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/test/eddsa", MHD_HTTP_METHOD_POST, "application/json",
NULL, 0,
&TMH_TEST_handler_test_eddsa, MHD_HTTP_OK },

10
src/mint/taler-mint-httpd_db.c
View File

@ -926,7 +926,7 @@ check_commitment (struct MHD_Connection *connection,
for (j = 0; j < num_newcoins; j++)
{
struct TALER_RefreshLinkDecrypted *link_data;
union TALER_CoinSpendPublicKeyP coin_pub;
struct TALER_CoinSpendPublicKeyP coin_pub;
struct GNUNET_HashCode h_msg;
char *buf;
size_t buf_len;
@ -942,10 +942,10 @@ check_commitment (struct MHD_Connection *connection,
? GNUNET_NO : GNUNET_SYSERR;
}
GNUNET_CRYPTO_ecdsa_key_get_public (&link_data->coin_priv.ecdsa_priv,
&coin_pub.ecdsa_pub);
GNUNET_CRYPTO_eddsa_key_get_public (&link_data->coin_priv.eddsa_priv,
&coin_pub.eddsa_pub);
GNUNET_CRYPTO_hash (&coin_pub,
sizeof (union TALER_CoinSpendPublicKeyP),
sizeof (struct TALER_CoinSpendPublicKeyP),
&h_msg);
if (0 == (buf_len =
GNUNET_CRYPTO_rsa_blind (&h_msg,
@ -1248,7 +1248,7 @@ TMH_DB_execute_refresh_reveal (struct MHD_Connection *connection,
*/
int
TMH_DB_execute_refresh_link (struct MHD_Connection *connection,
const union TALER_CoinSpendPublicKeyP *coin_pub)
const struct TALER_CoinSpendPublicKeyP *coin_pub)
{
int res;
struct TALER_MINTDB_Session *session;

2
src/mint/taler-mint-httpd_db.h
View File

@ -166,7 +166,7 @@ TMH_DB_execute_refresh_reveal (struct MHD_Connection *connection,
*/
int
TMH_DB_execute_refresh_link (struct MHD_Connection *connection,
const union TALER_CoinSpendPublicKeyP *coin_pub);
const struct TALER_CoinSpendPublicKeyP *coin_pub);
#endif

6
src/mint/taler-mint-httpd_deposit.c
View File

@ -73,10 +73,10 @@ verify_and_execute_deposit (struct MHD_Connection *connection,
dr.merchant = deposit->merchant_pub;
dr.coin_pub = deposit->coin.coin_pub;
if (GNUNET_OK !=
GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT,
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT,
&dr.purpose,
&deposit->csig.ecdsa_signature,
&deposit->coin.coin_pub.ecdsa_pub))
&deposit->csig.eddsa_signature,
&deposit->coin.coin_pub.eddsa_pub))
{
TALER_LOG_WARNING ("Invalid signature on /deposit request\n");
return TMH_RESPONSE_reply_signature_invalid (connection,

14
src/mint/taler-mint-httpd_refresh.c
View File

@ -269,10 +269,10 @@ verify_coin_public_info (struct MHD_Connection *connection,
TMH_KS_release (key_state);
if (GNUNET_OK !=
GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT,
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT,
&body.purpose,
&melt_detail->melt_sig.ecdsa_signature,
&melt_detail->coin_info.coin_pub.ecdsa_pub))
&melt_detail->melt_sig.eddsa_signature,
&melt_detail->coin_info.coin_pub.eddsa_pub))
{
if (MHD_YES !=
TMH_RESPONSE_reply_signature_invalid (connection,
@ -439,7 +439,7 @@ handle_refresh_melt_json (struct MHD_Connection *connection,
{
if (0 == memcmp (&coin_melt_details[i].coin_info.coin_pub,
&coin_melt_details[j].coin_info.coin_pub,
sizeof (union TALER_CoinSpendPublicKeyP)))
sizeof (struct TALER_CoinSpendPublicKeyP)))
{
for (j=0;j<i;j++)
{
@ -458,7 +458,7 @@ handle_refresh_melt_json (struct MHD_Connection *connection,
&coin_melt_details[i].melt_amount_with_fee);
GNUNET_CRYPTO_hash_context_read (hash_context,
&coin_melt_details[i].coin_info.coin_pub,
sizeof (union TALER_CoinSpendPublicKeyP));
sizeof (struct TALER_CoinSpendPublicKeyP));
GNUNET_CRYPTO_hash_context_read (hash_context,
&melt_amount,
sizeof (struct TALER_AmountNBO));
@ -891,13 +891,13 @@ TMH_REFRESH_handler_refresh_link (struct TMH_RequestHandler *rh,
const char *upload_data,
size_t *upload_data_size)
{
union TALER_CoinSpendPublicKeyP coin_pub;
struct TALER_CoinSpendPublicKeyP coin_pub;
int res;
res = TMH_PARSE_mhd_request_arg_data (connection,
"coin_pub",
&coin_pub,
sizeof (union TALER_CoinSpendPublicKeyP));
sizeof (struct TALER_CoinSpendPublicKeyP));
if (GNUNET_SYSERR == res)
return MHD_NO;
if (GNUNET_OK != res)

20
src/mint/taler-mint-httpd_responses.c
View File

@ -303,7 +303,7 @@ TMH_RESPONSE_reply_invalid_json (struct MHD_Connection *connection)
*/
int
TMH_RESPONSE_reply_deposit_success (struct MHD_Connection *connection,
const union TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct GNUNET_HashCode *h_wire,
const struct GNUNET_HashCode *h_contract,
uint64_t transaction_id,
@ -381,8 +381,8 @@ compile_transaction_history (const struct TALER_MINTDB_TransactionList *tl)
&deposit->deposit_fee);
dr.merchant = deposit->merchant_pub;
dr.coin_pub = deposit->coin.coin_pub;
transaction = TALER_json_from_ecdsa_sig (&dr.purpose,
&deposit->csig.ecdsa_signature);
transaction = TALER_json_from_eddsa_sig (&dr.purpose,
&deposit->csig.eddsa_signature);
break;
}
case TALER_MINTDB_TT_REFRESH_MELT:
@ -400,8 +400,8 @@ compile_transaction_history (const struct TALER_MINTDB_TransactionList *tl)
TALER_amount_hton (&ms.melt_fee,
&melt->melt_fee);
ms.coin_pub = melt->coin.coin_pub;
transaction = TALER_json_from_ecdsa_sig (&ms.purpose,
&melt->coin_sig.ecdsa_signature);
transaction = TALER_json_from_eddsa_sig (&ms.purpose,
&melt->coin_sig.eddsa_signature);
}
break;
case TALER_MINTDB_TT_LOCK:
@ -678,7 +678,7 @@ TMH_RESPONSE_reply_withdraw_sign_success (struct MHD_Connection *connection,
*/
int
TMH_RESPONSE_reply_refresh_melt_insufficient_funds (struct MHD_Connection *connection,
const union TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
struct TALER_Amount coin_value,
struct TALER_MINTDB_TransactionList *tl,
struct TALER_Amount requested,
@ -692,7 +692,7 @@ TMH_RESPONSE_reply_refresh_melt_insufficient_funds (struct MHD_Connection *conne
"{s:s, s:o, s:o, s:o, s:o, s:o}",
"error", "insufficient funds",
"coin-pub", TALER_json_from_data (coin_pub,
sizeof (union TALER_CoinSpendPublicKeyP)),
sizeof (struct TALER_CoinSpendPublicKeyP)),
"original-value", TALER_json_from_amount (&coin_value),
"residual-value", TALER_json_from_amount (&residual),
"requested-value", TALER_json_from_amount (&requested),
@ -814,7 +814,7 @@ TMH_RESPONSE_reply_refresh_reveal_missmatch (struct MHD_Connection *connection,
json_object_set_new (rm_json,
"coin_pub",
TALER_json_from_data (&rm->coin.coin_pub,
sizeof (union TALER_CoinSpendPublicKeyP)));
sizeof (struct TALER_CoinSpendPublicKeyP)));
json_object_set_new (rm_json,
"melt_amount_with_fee",
TALER_json_from_amount (&rm->amount_with_fee));
@ -856,7 +856,7 @@ TMH_RESPONSE_reply_refresh_reveal_missmatch (struct MHD_Connection *connection,
json_object_set_new (cc_json,
"coin_priv_enc",
TALER_json_from_data (cc->refresh_link->coin_priv_enc,
sizeof (union TALER_CoinSpendPrivateKeyP)));
sizeof (struct TALER_CoinSpendPrivateKeyP)));
json_object_set_new (cc_json,
"blinding_key_enc",
TALER_json_from_data (cc->refresh_link->blinding_key_enc,
@ -933,7 +933,7 @@ TMH_RESPONSE_reply_refresh_link_success (struct MHD_Connection *connection,
json_object_set_new (obj,
"link_enc",
TALER_json_from_data (ldl->link_data_enc->coin_priv_enc,
sizeof (union TALER_CoinSpendPrivateKeyP) +
sizeof (struct TALER_CoinSpendPrivateKeyP) +
ldl->link_data_enc->blinding_key_enc_size));
json_object_set_new (obj,
"denom_pub",

4
src/mint/taler-mint-httpd_responses.h
View File

@ -200,7 +200,7 @@ TMH_RESPONSE_reply_invalid_json (struct MHD_Connection *connection);
*/
int
TMH_RESPONSE_reply_deposit_success (struct MHD_Connection *connection,
const union TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct GNUNET_HashCode *h_wire,
const struct GNUNET_HashCode *h_contract,
uint64_t transaction_id,
@ -291,7 +291,7 @@ TMH_RESPONSE_reply_refresh_melt_success (struct MHD_Connection *connection,
*/
int
TMH_RESPONSE_reply_refresh_melt_insufficient_funds (struct MHD_Connection *connection,
const union TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
struct TALER_Amount coin_value,
struct TALER_MINTDB_TransactionList *tl,
struct TALER_Amount requested,

92
src/mint/taler-mint-httpd_test.c
View File

@ -296,98 +296,10 @@ TMH_TEST_handler_test_ecdhe (struct TMH_RequestHandler *rh,
}
/**
* Handle a "/test/ecdsa" request. Parses the JSON in the post,
* which must contain a "ecdsa_pub" with a public key and an
*"ecdsa_sig" with the corresponding signature for a purpose
* of #TALER_SIGNATURE_CLIENT_TEST_ECDSA. If the signature is
* valid, a reply with a #TALER_SIGNATURE_MINT_TEST_ECDSA is
* returned using the same JSON format.
*
* @param rh context of the handler
* @param connection the MHD connection to handle
* @param[in,out] connection_cls the connection's closure (can be updated)
* @param upload_data upload data
* @param[in,out] upload_data_size number of bytes (left) in @a upload_data
* @return MHD result code
*/
int
TMH_TEST_handler_test_ecdsa (struct TMH_RequestHandler *rh,
struct MHD_Connection *connection,
void **connection_cls,
const char *upload_data,
size_t *upload_data_size)
{
json_t *json;
int res;
struct GNUNET_CRYPTO_EcdsaPublicKey pub;
struct GNUNET_CRYPTO_EcdsaSignature sig;
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
struct TMH_PARSE_FieldSpecification spec[] = {
TMH_PARSE_MEMBER_FIXED ("ecdsa_pub", &pub),
TMH_PARSE_MEMBER_FIXED ("ecdsa_sig", &sig),
TMH_PARSE_MEMBER_END
};
struct GNUNET_CRYPTO_EcdsaPrivateKey *pk;
res = TMH_PARSE_post_json (connection,
connection_cls,
upload_data,
upload_data_size,
&json);
if (GNUNET_SYSERR == res)
return MHD_NO;
if ( (GNUNET_NO == res) || (NULL == json) )
return MHD_YES;
res = TMH_PARSE_json_data (connection,
json,
spec);
json_decref (json);
if (GNUNET_YES != res)
return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
purpose.size = htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose));
purpose.purpose = htonl (TALER_SIGNATURE_CLIENT_TEST_ECDSA);
if (GNUNET_OK !=
GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_CLIENT_TEST_ECDSA,
&purpose,
&sig,
&pub))
{
TMH_PARSE_release_data (spec);
return TMH_RESPONSE_reply_signature_invalid (connection,
"ecdsa_sig");
}
TMH_PARSE_release_data (spec);
pk = GNUNET_CRYPTO_ecdsa_key_create ();
purpose.purpose = htonl (TALER_SIGNATURE_MINT_TEST_ECDSA);
if (GNUNET_OK !=
GNUNET_CRYPTO_ecdsa_sign (pk,
&purpose,
&sig))
{
GNUNET_free (pk);
return TMH_RESPONSE_reply_internal_error (connection,
"Failed to ECDSA-sign");
}
GNUNET_CRYPTO_ecdsa_key_get_public (pk,
&pub);
GNUNET_free (pk);
return TMH_RESPONSE_reply_json_pack (connection,
MHD_HTTP_OK,
"{s:o, s:o}",
"ecdsa_pub",
TALER_json_from_data (&pub,
sizeof (pub)),
"ecdsa_sig",
TALER_json_from_data (&sig,
sizeof (sig)));
}
/**
* Handle a "/test/eddsa" request. Parses the JSON in the post,
* which must contain a "eddsa_pub" with a public key and an
*"ecdsa_sig" with the corresponding signature for a purpose
*"eddsa_sig" with the corresponding signature for a purpose
* of #TALER_SIGNATURE_CLIENT_TEST_EDDSA. If the signature is
* valid, a reply with a #TALER_SIGNATURE_MINT_TEST_EDDSA is
* returned using the same JSON format.
@ -583,7 +495,7 @@ TMH_TEST_handler_test_transfer (struct TMH_RequestHandler *rh,
int res;
struct TALER_EncryptedLinkSecretP secret_enc;
struct TALER_TransferPrivateKeyP trans_priv;
union TALER_CoinSpendPublicKeyP coin_pub;
struct TALER_CoinSpendPublicKeyP coin_pub;
struct TMH_PARSE_FieldSpecification spec[] = {
TMH_PARSE_MEMBER_FIXED ("secret_enc", &secret_enc),
TMH_PARSE_MEMBER_FIXED ("trans_priv", &trans_priv),

23
src/mint/taler-mint-httpd_test.h
View File

@ -121,29 +121,6 @@ TMH_TEST_handler_test_ecdhe (struct TMH_RequestHandler *rh,
size_t *upload_data_size);
/**
* Handle a "/test/ecdsa" request. Parses the JSON in the post,
* which must contain a "ecdsa_pub" with a public key and an
*"ecdsa_sig" with the corresponding signature for a purpose
* of #TALER_SIGNATURE_CLIENT_TEST_ECDSA. If the signature is
* valid, a reply with a #TALER_SIGNATURE_MINT_TEST_ECDSA is
* returned using the same JSON format.
*
* @param rh context of the handler
* @param connection the MHD connection to handle
* @param[in,out] connection_cls the connection's closure (can be updated)
* @param upload_data upload data
* @param[in,out] upload_data_size number of bytes (left) in @a upload_data
* @return MHD result code
*/
int
TMH_TEST_handler_test_ecdsa (struct TMH_RequestHandler *rh,
struct MHD_Connection *connection,
void **connection_cls,
const char *upload_data,
size_t *upload_data_size);
/**
* Handle a "/test/eddsa" request. Parses the JSON in the post,
* which must contain a "eddsa_pub" with a public key and an

18
src/mintdb/plugin_mintdb_postgres.c
View File

@ -1869,7 +1869,7 @@ postgres_insert_refresh_commit_coins (void *cls,
TALER_PQ_QUERY_PARAM_PTR(&newcoin_index_nbo),
TALER_PQ_QUERY_PARAM_PTR_SIZED (commit_coins->refresh_link->coin_priv_enc,
commit_coins->refresh_link->blinding_key_enc_size +
sizeof (union TALER_CoinSpendPrivateKeyP)),
sizeof (struct TALER_CoinSpendPrivateKeyP)),
TALER_PQ_QUERY_PARAM_END
};
@ -1960,7 +1960,7 @@ postgres_get_refresh_commit_coins (void *cls,
return GNUNET_SYSERR;
}
PQclear (result);
if (rl_buf_size < sizeof (union TALER_CoinSpendPrivateKeyP))
if (rl_buf_size < sizeof (struct TALER_CoinSpendPrivateKeyP))
{
GNUNET_free (c_buf);
GNUNET_free (rl_buf);
@ -2199,7 +2199,7 @@ postgres_insert_refresh_collectable (void *cls,
static struct TALER_MINTDB_LinkDataList *
postgres_get_link_data_list (void *cls,
struct TALER_MINTDB_Session *session,
const union TALER_CoinSpendPublicKeyP *coin_pub)
const struct TALER_CoinSpendPublicKeyP *coin_pub)
{
// FIXME: check logic!
struct TALER_MINTDB_LinkDataList *ldl;
@ -2247,7 +2247,7 @@ postgres_get_link_data_list (void *cls,
ldl);
return NULL;
}
if (ld_buf_size < sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))
if (ld_buf_size < sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey))
{
PQclear (result);
GNUNET_free (ld_buf);
@ -2257,9 +2257,9 @@ postgres_get_link_data_list (void *cls,
}
// FIXME: use util API for this!
link_enc = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) +
ld_buf_size - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
ld_buf_size - sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
link_enc->blinding_key_enc = (const char *) &link_enc[1];
link_enc->blinding_key_enc_size = ld_buf_size - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey);
link_enc->blinding_key_enc_size = ld_buf_size - sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey);
memcpy (link_enc->coin_priv_enc,
ld_buf,
ld_buf_size);
@ -2293,7 +2293,7 @@ postgres_get_link_data_list (void *cls,
static int
postgres_get_transfer (void *cls,
struct TALER_MINTDB_Session *session,
const union TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
struct TALER_TransferPublicKeyP *transfer_pub,
struct TALER_EncryptedLinkSecretP *shared_secret_enc)
{
@ -2357,7 +2357,7 @@ postgres_get_transfer (void *cls,
static struct TALER_MINTDB_TransactionList *
postgres_get_coin_transactions (void *cls,
struct TALER_MINTDB_Session *session,
const union TALER_CoinSpendPublicKeyP *coin_pub)
const struct TALER_CoinSpendPublicKeyP *coin_pub)
{
PGresult *result;
struct TALER_MINTDB_TransactionList *head;
@ -2375,7 +2375,7 @@ postgres_get_coin_transactions (void *cls,
{
struct TALER_MINTDB_Deposit *deposit;
struct TALER_PQ_QueryParam params[] = {
TALER_PQ_QUERY_PARAM_PTR (&coin_pub->ecdsa_pub),
TALER_PQ_QUERY_PARAM_PTR (&coin_pub->eddsa_pub),
TALER_PQ_QUERY_PARAM_END
};
json_error_t json_error;

36
src/util/crypto.c
View File

@ -214,7 +214,7 @@ TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input,
ret = GNUNET_new (struct TALER_RefreshLinkDecrypted);
memcpy (&ret->coin_priv,
buf,
sizeof (union TALER_CoinSpendPrivateKeyP));
sizeof (struct TALER_CoinSpendPrivateKeyP));
ret->blinding_key.rsa_blinding_key
= GNUNET_CRYPTO_rsa_blinding_key_decode (&buf[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)],
input->blinding_key_enc_size);
@ -290,7 +290,7 @@ TALER_refresh_link_encrypted_decode (const char *buf,
{
struct TALER_RefreshLinkEncrypted *rle;
if (buf_len < sizeof (union TALER_CoinSpendPrivateKeyP))
if (buf_len < sizeof (struct TALER_CoinSpendPrivateKeyP))
return NULL;
if (buf_len >= GNUNET_MAX_MALLOC_CHECKED)
{
@ -298,9 +298,9 @@ TALER_refresh_link_encrypted_decode (const char *buf,
return NULL;
}
rle = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) +
buf_len - sizeof (union TALER_CoinSpendPrivateKeyP));
buf_len - sizeof (struct TALER_CoinSpendPrivateKeyP));
rle->blinding_key_enc = (const char *) &rle[1];
rle->blinding_key_enc_size = buf_len - sizeof (union TALER_CoinSpendPrivateKeyP);
rle->blinding_key_enc_size = buf_len - sizeof (struct TALER_CoinSpendPrivateKeyP);
memcpy (rle->coin_priv_enc,
buf,
buf_len);
@ -321,12 +321,12 @@ TALER_refresh_link_encrypted_encode (const struct TALER_RefreshLinkEncrypted *rl
{
char *buf;
if (rle->blinding_key_enc_size >= GNUNET_MAX_MALLOC_CHECKED - sizeof (union TALER_CoinSpendPrivateKeyP))
if (rle->blinding_key_enc_size >= GNUNET_MAX_MALLOC_CHECKED - sizeof (struct TALER_CoinSpendPrivateKeyP))
{
GNUNET_break (0);
return NULL;
}
*buf_len = sizeof (union TALER_CoinSpendPrivateKeyP) + rle->blinding_key_enc_size;
*buf_len = sizeof (struct TALER_CoinSpendPrivateKeyP) + rle->blinding_key_enc_size;
buf = GNUNET_malloc (*buf_len);
memcpy (buf,
rle->coin_priv_enc,
@ -379,15 +379,15 @@ TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info)
int
TALER_link_decrypt_secret (const struct TALER_EncryptedLinkSecretP *secret_enc,
const struct TALER_TransferPrivateKeyP *trans_priv,
const union TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
struct TALER_LinkSecretP *secret)
{
struct TALER_TransferSecretP transfer_secret;
if (GNUNET_OK !=
GNUNET_CRYPTO_ecc_ecdh (&trans_priv->ecdhe_priv,
&coin_pub->ecdhe_pub,
&transfer_secret.key))
GNUNET_CRYPTO_ecdh_eddsa (&trans_priv->ecdhe_priv,
&coin_pub->eddsa_pub,
&transfer_secret.key))
{
GNUNET_break (0);
return GNUNET_SYSERR;
@ -418,15 +418,15 @@ TALER_link_decrypt_secret (const struct TALER_EncryptedLinkSecretP *secret_enc,
int
TALER_link_decrypt_secret2 (const struct TALER_EncryptedLinkSecretP *secret_enc,
const struct TALER_TransferPublicKeyP *trans_pub,
const union TALER_CoinSpendPrivateKeyP *coin_priv,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
struct TALER_LinkSecretP *secret)
{
struct TALER_TransferSecretP transfer_secret;
if (GNUNET_OK !=
GNUNET_CRYPTO_ecc_ecdh (&coin_priv->ecdhe_priv,
&trans_pub->ecdhe_pub,
&transfer_secret.key))
GNUNET_CRYPTO_eddsa_ecdh (&coin_priv->eddsa_priv,
&trans_pub->ecdhe_pub,
&transfer_secret.key))
{
GNUNET_break (0);
return GNUNET_SYSERR;
@ -456,7 +456,7 @@ TALER_link_decrypt_secret2 (const struct TALER_EncryptedLinkSecretP *secret_enc,
*/
int
TALER_link_encrypt_secret (const struct TALER_LinkSecretP *secret,
const union TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
struct TALER_TransferPrivateKeyP *trans_priv,
struct TALER_TransferPublicKeyP *trans_pub,
struct TALER_EncryptedLinkSecretP *secret_enc)
@ -466,9 +466,9 @@ TALER_link_encrypt_secret (const struct TALER_LinkSecretP *secret,
pk = GNUNET_CRYPTO_ecdhe_key_create ();
if (GNUNET_OK !=
GNUNET_CRYPTO_ecc_ecdh (pk,
&coin_pub->ecdhe_pub,
&transfer_secret.key))
GNUNET_CRYPTO_ecdh_eddsa (pk,
&coin_pub->eddsa_pub,
&transfer_secret.key))
{
GNUNET_break (0);
GNUNET_free (pk);

16
src/util/test_crypto.c
View File

@ -71,7 +71,7 @@ test_basics ()
GNUNET_assert (NULL != rld);
GNUNET_assert (0 == memcmp (&rld->coin_priv,
&rl.coin_priv,
sizeof (union TALER_CoinSpendPrivateKeyP)));
sizeof (struct TALER_CoinSpendPrivateKeyP)));
GNUNET_assert (0 ==
GNUNET_CRYPTO_rsa_blinding_key_cmp (rl.blinding_key.rsa_blinding_key,
rld->blinding_key.rsa_blinding_key));
@ -121,21 +121,21 @@ test_rled ()
static int
test_high_level ()
{
struct GNUNET_CRYPTO_EcdsaPrivateKey *pk;
struct GNUNET_CRYPTO_EddsaPrivateKey *pk;
struct TALER_LinkSecretP secret;
struct TALER_LinkSecretP secret2;
union TALER_CoinSpendPublicKeyP coin_pub;
union TALER_CoinSpendPrivateKeyP coin_priv;
struct TALER_CoinSpendPublicKeyP coin_pub;
struct TALER_CoinSpendPrivateKeyP coin_priv;
struct TALER_TransferPrivateKeyP trans_priv;
struct TALER_TransferPublicKeyP trans_pub;
struct TALER_EncryptedLinkSecretP secret_enc;
pk = GNUNET_CRYPTO_ecdsa_key_create ();
pk = GNUNET_CRYPTO_eddsa_key_create ();
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&secret,
sizeof (secret));
GNUNET_CRYPTO_ecdsa_key_get_public (pk,
&coin_pub.ecdsa_pub);
GNUNET_CRYPTO_eddsa_key_get_public (pk,
&coin_pub.eddsa_pub);
GNUNET_assert (GNUNET_OK ==
TALER_link_encrypt_secret (&secret,
&coin_pub,
@ -151,7 +151,7 @@ test_high_level ()
memcmp (&secret,
&secret2,
sizeof (secret)));
coin_priv.ecdsa_priv = *pk;
coin_priv.eddsa_priv = *pk;
GNUNET_assert (GNUNET_OK ==
TALER_link_decrypt_secret2 (&secret_enc,
&trans_pub,