fix #5434 (no more salt in exchange wire replies)

5 files changed, 81 insertions, 25 deletions

diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index b22c55ce3..f12516177 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -738,43 +738,83 @@ TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc,
  * hash is what is put into the contract.
  *
  * @param payto_url bank account
- * @param salt salt used to eliminate brute-force inversion
  * @param hc[out] set to the hash
  */
 void
-TALER_wire_signature_hash (const char *payto_url,
-                           const char *salt,
-                           struct GNUNET_HashCode *hc);
+TALER_exchange_wire_signature_hash (const char *payto_url,
+                                    struct GNUNET_HashCode *hc);
+
 
 /**
  * Check the signature in @a wire_s.
  *
  * @param payto_url URL that is signed
- * @param salt the salt used to salt the @a payto_url when hashing
  * @param master_pub master public key of the exchange
  * @param master_sig signature of the exchange
  * @return #GNUNET_OK if signature is valid
  */
 int
-TALER_wire_signature_check (const char *payto_url,
-                            const char *salt,
-                            const struct TALER_MasterPublicKeyP *master_pub,
-                            const struct TALER_MasterSignatureP *master_sig);
+TALER_exchange_wire_signature_check (const char *payto_url,
+                                     const struct TALER_MasterPublicKeyP *master_pub,
+                                     const struct TALER_MasterSignatureP *master_sig);
 
 
 /**
  * Create a signed wire statement for the given account.
  *
  * @param payto_url account specification
- * @param salt the salt used to salt the @a payto_url when hashing
  * @param master_priv private key to sign with
  * @param master_sig[out] where to write the signature
  */
 void
-TALER_wire_signature_make (const char *payto_url,
-                           const char *salt,
-                           const struct TALER_MasterPrivateKeyP *master_priv,
-                           struct TALER_MasterSignatureP *master_sig);
+TALER_exchange_wire_signature_make (const char *payto_url,
+                                    const struct TALER_MasterPrivateKeyP *master_priv,
+                                    struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Compute the hash of the given wire details.   The resulting
+ * hash is what is put into the contract.
+ *
+ * @param payto_url bank account
+ * @param salt salt used to eliminate brute-force inversion
+ * @param hc[out] set to the hash
+ */
+void
+TALER_merchant_wire_signature_hash (const char *payto_url,
+                                    const char *salt,
+                                    struct GNUNET_HashCode *hc);
+
+
+/**
+ * Check the signature in @a wire_s.
+ *
+ * @param payto_url URL that is signed
+ * @param salt the salt used to salt the @a payto_url when hashing
+ * @param merch_pub public key of the merchant
+ * @param merch_sig signature of the merchant
+ * @return #GNUNET_OK if signature is valid
+ */
+int
+TALER_merchant_wire_signature_check (const char *payto_url,
+                                     const char *salt,
+                                     const struct TALER_MerchantPublicKeyP *merch_pub,
+                                     const struct TALER_MerchantSignatureP *merch_sig);
+
+
+/**
+ * Create a signed wire statement for the given account.
+ *
+ * @param payto_url account specification
+ * @param salt the salt used to salt the @a payto_url when hashing
+ * @param merch_priv private key to sign with
+ * @param merch_sig[out] where to write the signature
+ */
+void
+TALER_merchant_wire_signature_make (const char *payto_url,
+                                    const char *salt,
+                                    const struct TALER_MerchantPrivateKeyP *merch_priv,
+                                    struct TALER_MerchantSignatureP *merch_sig);
 
 
 #endif
diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h
index d48dd8629..a18672f5a 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -480,11 +480,6 @@ struct TALER_EXCHANGE_WireAccount
   const char *url;
 
   /**
-   * Salt used to generate @e master_sig.
-   */
-  const char *salt;
-
-  /**
    * Signature of the exchange over the account (was checked by the API).
    */
   struct TALER_MasterSignatureP master_sig;
diff --git a/src/include/taler_json_lib.h b/src/include/taler_json_lib.h
index 0504ddfb8..99a2c375c 100644
--- a/src/include/taler_json_lib.h
+++ b/src/include/taler_json_lib.h
@@ -137,8 +137,22 @@ TALER_JSON_get_error_code (const json_t *json);
  * @return #GNUNET_OK on success, #GNUNET_SYSERR if @a wire_s is malformed
  */
 int
-TALER_JSON_wire_signature_hash (const json_t *wire_s,
-                                struct GNUNET_HashCode *hc);
+TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,
+                                         struct GNUNET_HashCode *hc);
+
+
+/**
+ * Compute the hash of the given wire details.   The resulting
+ * hash is what is signed by the master public key.
+ *
+ * @param wire_s wire details to hash
+ * @param hc[out] set to the hash
+ * @return #GNUNET_OK on success, #GNUNET_SYSERR if @a wire_s is malformed
+ */
+int
+TALER_JSON_exchange_wire_signature_hash (const json_t *wire_s,
+                                         struct GNUNET_HashCode *hc);
+
 
 /**
  * Check the signature in @a wire_s.
@@ -148,8 +162,8 @@ TALER_JSON_wire_signature_hash (const json_t *wire_s,
  * @return #GNUNET_OK if signature is valid
  */
 int
-TALER_JSON_wire_signature_check (const json_t *wire_s,
-                                 const struct TALER_MasterPublicKeyP *master_pub);
+TALER_JSON_exchange_wire_signature_check (const json_t *wire_s,
+                                          const struct TALER_MasterPublicKeyP *master_pub);
 
 
 /**
@@ -159,8 +173,8 @@ TALER_JSON_wire_signature_check (const json_t *wire_s,
  * @param master_priv private key to sign with, NULL to not sign
  */
 json_t *
-TALER_JSON_wire_signature_make (const char *payto_url,
-                                const struct TALER_MasterPrivateKeyP *master_priv);
+TALER_JSON_exchange_wire_signature_make (const char *payto_url,
+                                         const struct TALER_MasterPrivateKeyP *master_priv);
 
 
 /**
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index f1148beb8..428fa96ec 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -178,6 +178,12 @@
  */
 #define TALER_SIGNATURE_MERCHANT_PAY_SESSION 1106
 
+/**
+ * Signature where the merchant confirms its own (salted)
+ * wire details (not yet really used).
+ */
+#define TALER_SIGNATURE_MERCHANT_WIRE_DETAILS 1107
+
 
 /*********************/
 /* Wallet signatures */
diff --git a/src/include/taler_wire_lib.h b/src/include/taler_wire_lib.h
index 0cf38d6d1..b75c107b0 100644
--- a/src/include/taler_wire_lib.h
+++ b/src/include/taler_wire_lib.h
@@ -46,6 +46,7 @@ struct TALER_WIRE_Plugin *
 TALER_WIRE_plugin_load (const struct GNUNET_CONFIGURATION_Handle *cfg,
                         const char *plugin_name);
 
+
 /**
  * Unload a WIRE plugin.
  *