summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-03-24 17:53:13 +0100
committerChristian Grothoff <christian@grothoff.org>2015-03-24 17:53:13 +0100
commit324bf3f980542cb9f209ee7edc6f142c5c34e5a2 (patch)
treedf399447258fc9233706575f72a5f3d9df91c30c
parentd5acf537323bc8c2e04844b4d0c2521406011db8 (diff)
downloadexchange-324bf3f980542cb9f209ee7edc6f142c5c34e5a2.tar.gz
exchange-324bf3f980542cb9f209ee7edc6f142c5c34e5a2.tar.bz2
exchange-324bf3f980542cb9f209ee7edc6f142c5c34e5a2.zip
fix #3484: sign over full key set as well
-rw-r--r--src/include/taler_signatures.h32
-rw-r--r--src/mint/taler-mint-httpd_keystate.c21
2 files changed, 51 insertions, 2 deletions
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index 3ad97a577..007a309f3 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -83,6 +83,11 @@
*/
#define TALER_SIGNATURE_MINT_DEPOSIT 7
+/**
+ * Signature where the Mint confirms the full /keys response set.
+ */
+#define TALER_SIGNATURE_KEYS_SET 8
+
/***********************/
/* Merchant signatures */
@@ -346,6 +351,31 @@ struct TALER_MINT_SignKeyIssue
/**
+ * Signature made by the mint over the full set of keys, used
+ * to detect cheating mints that give out different sets to
+ * different users.
+ */
+struct TALER_MINT_KeySetSignature
+{
+
+ /**
+ * Purpose is #TALER_SIGNATURE_KEYS_SET
+ */
+ struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+
+ /**
+ * Time of the key set issue.
+ */
+ struct GNUNET_TIME_AbsoluteNBO list_issue_date;
+
+ /**
+ * Hash over the "inner" JSON with the key set.
+ */
+ struct GNUNET_HashCode hc;
+};
+
+
+/**
* Information about a denomination key. Denomination keys
* are used to sign coins of a certain value into existence.
*/
@@ -358,7 +388,7 @@ struct TALER_MINT_DenomKeyIssue
struct TALER_MasterSignature signature;
/**
- * Purpose ist #TALER_SIGNATURE_MASTER_DENOM.
+ * Purpose is #TALER_SIGNATURE_MASTER_DENOM.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c
index b795323ee..c29c5c516 100644
--- a/src/mint/taler-mint-httpd_keystate.c
+++ b/src/mint/taler-mint-httpd_keystate.c
@@ -378,6 +378,9 @@ TALER_MINT_key_state_acquire (void)
struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
struct MintKeyState *key_state;
json_t *keys;
+ char *inner;
+ struct TALER_MINT_KeySetSignature ks;
+ struct TALER_MintSignature sig;
GNUNET_assert (0 == pthread_mutex_lock (&internal_key_state_mutex));
if (internal_key_state->next_reload.abs_value_us <= now.abs_value_us)
@@ -413,8 +416,24 @@ TALER_MINT_key_state_acquire (void)
"signkeys", key_state->sign_keys_array,
"denoms", key_state->denom_keys_array,
"list_issue_date", TALER_JSON_from_abs (key_state->reload_time));
+ inner = json_dumps (keys,
+ JSON_INDENT(2));
+ ks.purpose.size = htonl (sizeof (ks));
+ ks.purpose.purpose = htonl (TALER_SIGNATURE_KEYS_SET);
+ ks.list_issue_date = GNUNET_TIME_absolute_hton (key_state->reload_time);
+ GNUNET_CRYPTO_hash (inner,
+ strlen (inner),
+ &ks.hc);
+ GNUNET_free (inner);
+ TALER_MINT_keys_sign (&ks.purpose,
+ &sig);
+ keys = json_pack ("{s:o, s:o}",
+ "keys", keys,
+ "eddsa-signature", TALER_JSON_from_eddsa_sig (&ks.purpose,
+ &sig.eddsa_signature));
key_state->keys_json = json_dumps (keys,
- JSON_INDENT(2));
+ JSON_INDENT (2));
+ json_decref (keys);
internal_key_state = key_state;
}
key_state = internal_key_state;