diff options
author | Christian Grothoff <christian@grothoff.org> | 2015-01-27 22:05:31 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2015-01-27 22:05:31 +0100 |
commit | 162af316d39f1bf526e3dc63e67dd6ae6f7be91b (patch) | |
tree | 1675c0c5626e374a32dc36e81ab328d18b5f5b11 | |
parent | 27a72fdafe67bcba304e274e839a2780009bd8da (diff) | |
download | exchange-162af316d39f1bf526e3dc63e67dd6ae6f7be91b.tar.gz exchange-162af316d39f1bf526e3dc63e67dd6ae6f7be91b.zip |
cleaning up types used some more: also use a new struct for the transfer key secret
-rw-r--r-- | src/include/taler_util.h | 25 | ||||
-rw-r--r-- | src/mint/taler-mint-httpd_db.c | 4 | ||||
-rw-r--r-- | src/util/crypto.c | 14 |
3 files changed, 28 insertions, 15 deletions
diff --git a/src/include/taler_util.h b/src/include/taler_util.h index 19e6bacf1..2c5faaa52 100644 --- a/src/include/taler_util.h +++ b/src/include/taler_util.h | |||
@@ -241,6 +241,20 @@ TALER_data_to_string_alloc (const void *buf, | |||
241 | /* ****************** Refresh crypto primitives ************* */ | 241 | /* ****************** Refresh crypto primitives ************* */ |
242 | 242 | ||
243 | /** | 243 | /** |
244 | * Secret used to decrypt the key to decrypt link secrets. | ||
245 | */ | ||
246 | struct TALER_TransferSecret | ||
247 | { | ||
248 | /** | ||
249 | * Secret used to encrypt/decrypt the `struct TALER_LinkSecret`. | ||
250 | * Must be (currently) a hash as this is what | ||
251 | * #GNUNET_CRYPTO_ecc_ecdh() returns to us. | ||
252 | */ | ||
253 | struct GNUNET_HashCode key; | ||
254 | }; | ||
255 | |||
256 | |||
257 | /** | ||
244 | * Secret used to decrypt refresh links. | 258 | * Secret used to decrypt refresh links. |
245 | */ | 259 | */ |
246 | struct TALER_LinkSecret | 260 | struct TALER_LinkSecret |
@@ -312,15 +326,14 @@ struct TALER_RefreshLinkDecrypted | |||
312 | * Use the @a trans_sec (from ECDHE) to decrypt the @a secret_enc | 326 | * Use the @a trans_sec (from ECDHE) to decrypt the @a secret_enc |
313 | * to obtain the @a secret to decrypt the linkage data. | 327 | * to obtain the @a secret to decrypt the linkage data. |
314 | * | 328 | * |
315 | * @param secret_enc encrypted secret (FIXME: use different type!) | 329 | * @param secret_enc encrypted secret |
316 | * @param trans_sec transfer secret (FIXME: use different type?) | 330 | * @param trans_sec transfer secret |
317 | * @param secret shared secret for refresh link decryption | 331 | * @param secret shared secret for refresh link decryption |
318 | * (FIXME: use different type?) | ||
319 | * @return #GNUNET_OK on success | 332 | * @return #GNUNET_OK on success |
320 | */ | 333 | */ |
321 | int | 334 | int |
322 | TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc, | 335 | TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc, |
323 | const struct GNUNET_HashCode *trans_sec, | 336 | const struct TALER_TransferSecret *trans_sec, |
324 | struct TALER_LinkSecret *secret); | 337 | struct TALER_LinkSecret *secret); |
325 | 338 | ||
326 | 339 | ||
@@ -329,13 +342,13 @@ TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc, | |||
329 | * to obtain the @a secret_enc. | 342 | * to obtain the @a secret_enc. |
330 | * | 343 | * |
331 | * @param secret shared secret for refresh link decryption | 344 | * @param secret shared secret for refresh link decryption |
332 | * @param trans_sec transfer secret (FIXME: use different type?) | 345 | * @param trans_sec transfer secret |
333 | * @param secret_enc[out] encrypted secret | 346 | * @param secret_enc[out] encrypted secret |
334 | * @return #GNUNET_OK on success | 347 | * @return #GNUNET_OK on success |
335 | */ | 348 | */ |
336 | int | 349 | int |
337 | TALER_transfer_encrypt (const struct TALER_LinkSecret *secret, | 350 | TALER_transfer_encrypt (const struct TALER_LinkSecret *secret, |
338 | const struct GNUNET_HashCode *trans_sec, | 351 | const struct TALER_TransferSecret *trans_sec, |
339 | struct TALER_EncryptedLinkSecret *secret_enc); | 352 | struct TALER_EncryptedLinkSecret *secret_enc); |
340 | 353 | ||
341 | 354 | ||
diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 8f7553896..baf5d12aa 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c | |||
@@ -918,7 +918,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, | |||
918 | { | 918 | { |
919 | struct RefreshCommitLink commit_link; | 919 | struct RefreshCommitLink commit_link; |
920 | struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub; | 920 | struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub; |
921 | struct GNUNET_HashCode transfer_secret; | 921 | struct TALER_TransferSecret transfer_secret; |
922 | struct TALER_LinkSecret shared_secret; | 922 | struct TALER_LinkSecret shared_secret; |
923 | 923 | ||
924 | res = TALER_MINT_DB_get_refresh_commit_link (db_conn, | 924 | res = TALER_MINT_DB_get_refresh_commit_link (db_conn, |
@@ -946,7 +946,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, | |||
946 | if (GNUNET_OK != | 946 | if (GNUNET_OK != |
947 | GNUNET_CRYPTO_ecc_ecdh ((const struct GNUNET_CRYPTO_EcdhePrivateKey *) &transfer_privs[i+off][j], | 947 | GNUNET_CRYPTO_ecc_ecdh ((const struct GNUNET_CRYPTO_EcdhePrivateKey *) &transfer_privs[i+off][j], |
948 | (const struct GNUNET_CRYPTO_EcdhePublicKey *) &coin_pub, | 948 | (const struct GNUNET_CRYPTO_EcdhePublicKey *) &coin_pub, |
949 | &transfer_secret)) | 949 | &transfer_secret.key)) |
950 | { | 950 | { |
951 | GNUNET_break (0); | 951 | GNUNET_break (0); |
952 | // FIXME: return 'internal error'? | 952 | // FIXME: return 'internal error'? |
diff --git a/src/util/crypto.c b/src/util/crypto.c index 65c586d75..184662987 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c | |||
@@ -102,7 +102,7 @@ derive_refresh_key (const struct TALER_LinkSecret *secret, | |||
102 | * @param[out] skey set to session key | 102 | * @param[out] skey set to session key |
103 | */ | 103 | */ |
104 | static void | 104 | static void |
105 | derive_transfer_key (const struct GNUNET_HashCode *secret, | 105 | derive_transfer_key (const struct TALER_TransferSecret *secret, |
106 | struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, | 106 | struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, |
107 | struct GNUNET_CRYPTO_SymmetricSessionKey *skey) | 107 | struct GNUNET_CRYPTO_SymmetricSessionKey *skey) |
108 | { | 108 | { |
@@ -112,12 +112,12 @@ derive_transfer_key (const struct GNUNET_HashCode *secret, | |||
112 | GNUNET_assert (GNUNET_YES == | 112 | GNUNET_assert (GNUNET_YES == |
113 | GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), | 113 | GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), |
114 | ctx_key, strlen (ctx_key), | 114 | ctx_key, strlen (ctx_key), |
115 | secret, sizeof (struct GNUNET_HashCode), | 115 | secret, sizeof (struct TALER_TransferSecret), |
116 | NULL, 0)); | 116 | NULL, 0)); |
117 | GNUNET_assert (GNUNET_YES == | 117 | GNUNET_assert (GNUNET_YES == |
118 | GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_SymmetricInitializationVector), | 118 | GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_SymmetricInitializationVector), |
119 | ctx_iv, strlen (ctx_iv), | 119 | ctx_iv, strlen (ctx_iv), |
120 | secret, sizeof (struct GNUNET_HashCode), | 120 | secret, sizeof (struct TALER_TransferSecret), |
121 | NULL, 0)); | 121 | NULL, 0)); |
122 | } | 122 | } |
123 | 123 | ||
@@ -127,13 +127,13 @@ derive_transfer_key (const struct GNUNET_HashCode *secret, | |||
127 | * to obtain the @a secret to decrypt the linkage data. | 127 | * to obtain the @a secret to decrypt the linkage data. |
128 | * | 128 | * |
129 | * @param secret_enc encrypted secret | 129 | * @param secret_enc encrypted secret |
130 | * @param trans_sec transfer secret (FIXME: use different type?) | 130 | * @param trans_sec transfer secret |
131 | * @param secret shared secret for refresh link decryption | 131 | * @param secret shared secret for refresh link decryption |
132 | * @return #GNUNET_OK on success | 132 | * @return #GNUNET_OK on success |
133 | */ | 133 | */ |
134 | int | 134 | int |
135 | TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc, | 135 | TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc, |
136 | const struct GNUNET_HashCode *trans_sec, | 136 | const struct TALER_TransferSecret *trans_sec, |
137 | struct TALER_LinkSecret *secret) | 137 | struct TALER_LinkSecret *secret) |
138 | { | 138 | { |
139 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 139 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
@@ -155,13 +155,13 @@ TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc, | |||
155 | * to obtain the @a secret_enc. | 155 | * to obtain the @a secret_enc. |
156 | * | 156 | * |
157 | * @param secret shared secret for refresh link decryption | 157 | * @param secret shared secret for refresh link decryption |
158 | * @param trans_sec transfer secret (FIXME: use different type?) | 158 | * @param trans_sec transfer secret |
159 | * @param secret_enc[out] encrypted secret | 159 | * @param secret_enc[out] encrypted secret |
160 | * @return #GNUNET_OK on success | 160 | * @return #GNUNET_OK on success |
161 | */ | 161 | */ |
162 | int | 162 | int |
163 | TALER_transfer_encrypt (const struct TALER_LinkSecret *secret, | 163 | TALER_transfer_encrypt (const struct TALER_LinkSecret *secret, |
164 | const struct GNUNET_HashCode *trans_sec, | 164 | const struct TALER_TransferSecret *trans_sec, |
165 | struct TALER_EncryptedLinkSecret *secret_enc) | 165 | struct TALER_EncryptedLinkSecret *secret_enc) |
166 | { | 166 | { |
167 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 167 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |