diff options
| author | Gian Demarmels <gian@demarmels.org> | 2022-01-01 12:41:49 +0100 |
|---|---|---|
| committer | Gian Demarmels <gian@demarmels.org> | 2022-02-04 15:33:11 +0100 |
| commit | f239b01be196f5ce64fdd9f0a6f42a11077c33c6 (patch) | |
| tree | 22acb0363bf4e34c37cac8aea8ac0e3ced91ddcb /src/include/taler_crypto_lib.h | |
| parent | fbb6d03f69e829b4ffbb4cc13e678cb0585c67c7 (diff) | |
| download | exchange-f239b01be196f5ce64fdd9f0a6f42a11077c33c6.tar.gz exchange-f239b01be196f5ce64fdd9f0a6f42a11077c33c6.tar.bz2 exchange-f239b01be196f5ce64fdd9f0a6f42a11077c33c6.zip | |
secmod cs signatures implementation
Diffstat (limited to 'src/include/taler_crypto_lib.h')
| -rw-r--r-- | src/include/taler_crypto_lib.h | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index bf82b8f0e..ff145cc41 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -409,6 +409,20 @@ struct TALER_WireSalt /** + * Hash used to represent an CS public key. Does not include age + * restrictions and is ONLY for CS. Used ONLY for interactions with the CS + * security module. + */ +struct TALER_CsPubHashP +{ + /** + * Actual hash value. + */ + struct GNUNET_HashCode hash; +}; + + +/** * Hash used to represent an RSA public key. Does not include age * restrictions and is ONLY for RSA. Used ONLY for interactions with the RSA * security module. @@ -2449,6 +2463,47 @@ TALER_exchange_secmod_rsa_verify ( /** + * Create security module denomination signature. + * + * @param h_cs hash of the CS public key to sign + * @param section_name name of the section in the configuration + * @param start_sign starting point of validity for signing + * @param duration how long will the key be in use + * @param secm_priv security module key to sign with + * @param[out] secm_sig where to write the signature + */ +void +TALER_exchange_secmod_cs_sign ( + const struct TALER_CsPubHashP *h_cs, + const char *section_name, + struct GNUNET_TIME_Timestamp start_sign, + struct GNUNET_TIME_Relative duration, + const struct TALER_SecurityModulePrivateKeyP *secm_priv, + struct TALER_SecurityModuleSignatureP *secm_sig); + + +/** + * Verify security module denomination signature. + * + * @param h_cs hash of the public key to validate + * @param section_name name of the section in the configuration + * @param start_sign starting point of validity for signing + * @param duration how long will the key be in use + * @param secm_pub public key to verify against + * @param secm_sig the signature the signature + * @return #GNUNET_OK if the signature is valid + */ +enum GNUNET_GenericReturnValue +TALER_exchange_secmod_cs_verify ( + const struct TALER_CsPubHashP *h_cs, + const char *section_name, + struct GNUNET_TIME_Timestamp start_sign, + struct GNUNET_TIME_Relative duration, + const struct TALER_SecurityModulePublicKeyP *secm_pub, + const struct TALER_SecurityModuleSignatureP *secm_sig); + + +/** * Create denomination key validity signature by the auditor. * * @param auditor_url BASE URL of the auditor's API |