aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-01-27 22:05:31 +0100
committerChristian Grothoff <christian@grothoff.org>2015-01-27 22:05:31 +0100
commit162af316d39f1bf526e3dc63e67dd6ae6f7be91b (patch)
tree1675c0c5626e374a32dc36e81ab328d18b5f5b11
parent27a72fdafe67bcba304e274e839a2780009bd8da (diff)
downloadexchange-162af316d39f1bf526e3dc63e67dd6ae6f7be91b.tar.gz
exchange-162af316d39f1bf526e3dc63e67dd6ae6f7be91b.zip
cleaning up types used some more: also use a new struct for the transfer key secret
-rw-r--r--src/include/taler_util.h25
-rw-r--r--src/mint/taler-mint-httpd_db.c4
-rw-r--r--src/util/crypto.c14
3 files changed, 28 insertions, 15 deletions
diff --git a/src/include/taler_util.h b/src/include/taler_util.h
index 19e6bacf1..2c5faaa52 100644
--- a/src/include/taler_util.h
+++ b/src/include/taler_util.h
@@ -241,6 +241,20 @@ TALER_data_to_string_alloc (const void *buf,
241/* ****************** Refresh crypto primitives ************* */ 241/* ****************** Refresh crypto primitives ************* */
242 242
243/** 243/**
244 * Secret used to decrypt the key to decrypt link secrets.
245 */
246struct TALER_TransferSecret
247{
248 /**
249 * Secret used to encrypt/decrypt the `struct TALER_LinkSecret`.
250 * Must be (currently) a hash as this is what
251 * #GNUNET_CRYPTO_ecc_ecdh() returns to us.
252 */
253 struct GNUNET_HashCode key;
254};
255
256
257/**
244 * Secret used to decrypt refresh links. 258 * Secret used to decrypt refresh links.
245 */ 259 */
246struct TALER_LinkSecret 260struct TALER_LinkSecret
@@ -312,15 +326,14 @@ struct TALER_RefreshLinkDecrypted
312 * Use the @a trans_sec (from ECDHE) to decrypt the @a secret_enc 326 * Use the @a trans_sec (from ECDHE) to decrypt the @a secret_enc
313 * to obtain the @a secret to decrypt the linkage data. 327 * to obtain the @a secret to decrypt the linkage data.
314 * 328 *
315 * @param secret_enc encrypted secret (FIXME: use different type!) 329 * @param secret_enc encrypted secret
316 * @param trans_sec transfer secret (FIXME: use different type?) 330 * @param trans_sec transfer secret
317 * @param secret shared secret for refresh link decryption 331 * @param secret shared secret for refresh link decryption
318 * (FIXME: use different type?)
319 * @return #GNUNET_OK on success 332 * @return #GNUNET_OK on success
320 */ 333 */
321int 334int
322TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc, 335TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc,
323 const struct GNUNET_HashCode *trans_sec, 336 const struct TALER_TransferSecret *trans_sec,
324 struct TALER_LinkSecret *secret); 337 struct TALER_LinkSecret *secret);
325 338
326 339
@@ -329,13 +342,13 @@ TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc,
329 * to obtain the @a secret_enc. 342 * to obtain the @a secret_enc.
330 * 343 *
331 * @param secret shared secret for refresh link decryption 344 * @param secret shared secret for refresh link decryption
332 * @param trans_sec transfer secret (FIXME: use different type?) 345 * @param trans_sec transfer secret
333 * @param secret_enc[out] encrypted secret 346 * @param secret_enc[out] encrypted secret
334 * @return #GNUNET_OK on success 347 * @return #GNUNET_OK on success
335 */ 348 */
336int 349int
337TALER_transfer_encrypt (const struct TALER_LinkSecret *secret, 350TALER_transfer_encrypt (const struct TALER_LinkSecret *secret,
338 const struct GNUNET_HashCode *trans_sec, 351 const struct TALER_TransferSecret *trans_sec,
339 struct TALER_EncryptedLinkSecret *secret_enc); 352 struct TALER_EncryptedLinkSecret *secret_enc);
340 353
341 354
diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c
index 8f7553896..baf5d12aa 100644
--- a/src/mint/taler-mint-httpd_db.c
+++ b/src/mint/taler-mint-httpd_db.c
@@ -918,7 +918,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
918 { 918 {
919 struct RefreshCommitLink commit_link; 919 struct RefreshCommitLink commit_link;
920 struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub; 920 struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub;
921 struct GNUNET_HashCode transfer_secret; 921 struct TALER_TransferSecret transfer_secret;
922 struct TALER_LinkSecret shared_secret; 922 struct TALER_LinkSecret shared_secret;
923 923
924 res = TALER_MINT_DB_get_refresh_commit_link (db_conn, 924 res = TALER_MINT_DB_get_refresh_commit_link (db_conn,
@@ -946,7 +946,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
946 if (GNUNET_OK != 946 if (GNUNET_OK !=
947 GNUNET_CRYPTO_ecc_ecdh ((const struct GNUNET_CRYPTO_EcdhePrivateKey *) &transfer_privs[i+off][j], 947 GNUNET_CRYPTO_ecc_ecdh ((const struct GNUNET_CRYPTO_EcdhePrivateKey *) &transfer_privs[i+off][j],
948 (const struct GNUNET_CRYPTO_EcdhePublicKey *) &coin_pub, 948 (const struct GNUNET_CRYPTO_EcdhePublicKey *) &coin_pub,
949 &transfer_secret)) 949 &transfer_secret.key))
950 { 950 {
951 GNUNET_break (0); 951 GNUNET_break (0);
952 // FIXME: return 'internal error'? 952 // FIXME: return 'internal error'?
diff --git a/src/util/crypto.c b/src/util/crypto.c
index 65c586d75..184662987 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -102,7 +102,7 @@ derive_refresh_key (const struct TALER_LinkSecret *secret,
102 * @param[out] skey set to session key 102 * @param[out] skey set to session key
103 */ 103 */
104static void 104static void
105derive_transfer_key (const struct GNUNET_HashCode *secret, 105derive_transfer_key (const struct TALER_TransferSecret *secret,
106 struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, 106 struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
107 struct GNUNET_CRYPTO_SymmetricSessionKey *skey) 107 struct GNUNET_CRYPTO_SymmetricSessionKey *skey)
108{ 108{
@@ -112,12 +112,12 @@ derive_transfer_key (const struct GNUNET_HashCode *secret,
112 GNUNET_assert (GNUNET_YES == 112 GNUNET_assert (GNUNET_YES ==
113 GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), 113 GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey),
114 ctx_key, strlen (ctx_key), 114 ctx_key, strlen (ctx_key),
115 secret, sizeof (struct GNUNET_HashCode), 115 secret, sizeof (struct TALER_TransferSecret),
116 NULL, 0)); 116 NULL, 0));
117 GNUNET_assert (GNUNET_YES == 117 GNUNET_assert (GNUNET_YES ==
118 GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_SymmetricInitializationVector), 118 GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_SymmetricInitializationVector),
119 ctx_iv, strlen (ctx_iv), 119 ctx_iv, strlen (ctx_iv),
120 secret, sizeof (struct GNUNET_HashCode), 120 secret, sizeof (struct TALER_TransferSecret),
121 NULL, 0)); 121 NULL, 0));
122} 122}
123 123
@@ -127,13 +127,13 @@ derive_transfer_key (const struct GNUNET_HashCode *secret,
127 * to obtain the @a secret to decrypt the linkage data. 127 * to obtain the @a secret to decrypt the linkage data.
128 * 128 *
129 * @param secret_enc encrypted secret 129 * @param secret_enc encrypted secret
130 * @param trans_sec transfer secret (FIXME: use different type?) 130 * @param trans_sec transfer secret
131 * @param secret shared secret for refresh link decryption 131 * @param secret shared secret for refresh link decryption
132 * @return #GNUNET_OK on success 132 * @return #GNUNET_OK on success
133 */ 133 */
134int 134int
135TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc, 135TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc,
136 const struct GNUNET_HashCode *trans_sec, 136 const struct TALER_TransferSecret *trans_sec,
137 struct TALER_LinkSecret *secret) 137 struct TALER_LinkSecret *secret)
138{ 138{
139 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 139 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
@@ -155,13 +155,13 @@ TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc,
155 * to obtain the @a secret_enc. 155 * to obtain the @a secret_enc.
156 * 156 *
157 * @param secret shared secret for refresh link decryption 157 * @param secret shared secret for refresh link decryption
158 * @param trans_sec transfer secret (FIXME: use different type?) 158 * @param trans_sec transfer secret
159 * @param secret_enc[out] encrypted secret 159 * @param secret_enc[out] encrypted secret
160 * @return #GNUNET_OK on success 160 * @return #GNUNET_OK on success
161 */ 161 */
162int 162int
163TALER_transfer_encrypt (const struct TALER_LinkSecret *secret, 163TALER_transfer_encrypt (const struct TALER_LinkSecret *secret,
164 const struct GNUNET_HashCode *trans_sec, 164 const struct TALER_TransferSecret *trans_sec,
165 struct TALER_EncryptedLinkSecret *secret_enc) 165 struct TALER_EncryptedLinkSecret *secret_enc)
166{ 166{
167 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 167 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;