fix #5434 (no more salt in exchange wire replies)

1 files changed, 98 insertions, 24 deletions

diff --git a/src/util/crypto_wire.c b/src/util/crypto_wire.c
index 494573ffa..ca6b9d216 100644
--- a/src/util/crypto_wire.c
+++ b/src/util/crypto_wire.c
@@ -22,28 +22,25 @@
 #include "taler_crypto_lib.h"
 #include "taler_signatures.h"
 
+
 /**
  * Compute the hash of the given wire details.   The resulting
  * hash is what is put into the contract.
  *
  * @param payto_url bank account
- * @param salt salt used to eliminate brute-force inversion
  * @param hc[out] set to the hash
  */
 void
-TALER_wire_signature_hash (const char *payto_url,
-                           const char *salt,
-                           struct GNUNET_HashCode *hc)
+TALER_exchange_wire_signature_hash (const char *payto_url,
+                                    struct GNUNET_HashCode *hc)
 {
   GNUNET_assert (GNUNET_YES ==
                  GNUNET_CRYPTO_kdf (hc,
                                     sizeof (*hc),
-                                    salt,
-                                    strlen (salt) + 1,
                                     payto_url,
                                     strlen (payto_url) + 1,
-                                    "wire-signature",
-                                    strlen ("wire-signature"),
+                                    "exchange-wire-signature",
+                                    strlen ("exchange-wire-signature"),
                                     NULL, 0));
 }
 
@@ -52,24 +49,21 @@ TALER_wire_signature_hash (const char *payto_url,
  * Check the signature in @a wire_s.
  *
  * @param payto_url URL that is signed
- * @param salt the salt used to salt the @a payto_url when hashing
  * @param master_pub master public key of the exchange
  * @param master_sig signature of the exchange
  * @return #GNUNET_OK if signature is valid
  */
 int
-TALER_wire_signature_check (const char *payto_url,
-                            const char *salt,
-                            const struct TALER_MasterPublicKeyP *master_pub,
-                            const struct TALER_MasterSignatureP *master_sig)
+TALER_exchange_wire_signature_check (const char *payto_url,
+                                     const struct TALER_MasterPublicKeyP *master_pub,
+                                     const struct TALER_MasterSignatureP *master_sig)
 {
   struct TALER_MasterWireDetailsPS wd;
 
   wd.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS);
   wd.purpose.size = htonl (sizeof (wd));
-  TALER_wire_signature_hash (payto_url,
-                             salt,
-                             &wd.h_wire_details);
+  TALER_exchange_wire_signature_hash (payto_url,
+                                      &wd.h_wire_details);
   return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_DETAILS,
                                      &wd.purpose,
                                      &master_sig->eddsa_signature,
@@ -81,23 +75,20 @@ TALER_wire_signature_check (const char *payto_url,
  * Create a signed wire statement for the given account.
  *
  * @param payto_url account specification
- * @param salt the salt used to salt the @a payto_url when hashing
  * @param master_priv private key to sign with
  * @param master_sig[out] where to write the signature
  */
 void
-TALER_wire_signature_make (const char *payto_url,
-                           const char *salt,
-                           const struct TALER_MasterPrivateKeyP *master_priv,
-                           struct TALER_MasterSignatureP *master_sig)
+TALER_exchange_wire_signature_make (const char *payto_url,
+                                    const struct TALER_MasterPrivateKeyP *master_priv,
+                                    struct TALER_MasterSignatureP *master_sig)
 {
   struct TALER_MasterWireDetailsPS wd;
 
   wd.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS);
   wd.purpose.size = htonl (sizeof (wd));
-  TALER_wire_signature_hash (payto_url,
-                             salt,
-                             &wd.h_wire_details);
+  TALER_exchange_wire_signature_hash (payto_url,
+                                      &wd.h_wire_details);
   GNUNET_assert (GNUNET_OK ==
                  GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
                                            &wd.purpose,
@@ -105,4 +96,87 @@ TALER_wire_signature_make (const char *payto_url,
 }
 
 
+/**
+ * Compute the hash of the given wire details.   The resulting
+ * hash is what is put into the contract.
+ *
+ * @param payto_url bank account
+ * @param salt salt used to eliminate brute-force inversion
+ * @param hc[out] set to the hash
+ */
+void
+TALER_merchant_wire_signature_hash (const char *payto_url,
+                                    const char *salt,
+                                    struct GNUNET_HashCode *hc)
+{
+  GNUNET_assert (GNUNET_YES ==
+                 GNUNET_CRYPTO_kdf (hc,
+                                    sizeof (*hc),
+                                    salt,
+                                    strlen (salt) + 1,
+                                    payto_url,
+                                    strlen (payto_url) + 1,
+                                    "merchant-wire-signature",
+                                    strlen ("merchant-wire-signature"),
+                                    NULL, 0));
+}
+
+
+/**
+ * Check the signature in @a merch_sig. (Not yet used anywhere.)
+ *
+ * @param payto_url URL that is signed
+ * @param salt the salt used to salt the @a payto_url when hashing
+ * @param merch_pub master public key of the merchant
+ * @param merch_sig signature of the merchant
+ * @return #GNUNET_OK if signature is valid
+ */
+int
+TALER_merchant_wire_signature_check (const char *payto_url,
+                                     const char *salt,
+                                     const struct TALER_MerchantPublicKeyP *merch_pub,
+                                     const struct TALER_MerchantSignatureP *merch_sig)
+{
+  struct TALER_MasterWireDetailsPS wd;
+
+  wd.purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS);
+  wd.purpose.size = htonl (sizeof (wd));
+  TALER_merchant_wire_signature_hash (payto_url,
+                                      salt,
+                                      &wd.h_wire_details);
+  return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS,
+                                     &wd.purpose,
+                                     &merch_sig->eddsa_sig,
+                                     &merch_pub->eddsa_pub);
+}
+
+
+/**
+ * Create a signed wire statement for the given account. (Not yet used anywhere.)
+ *
+ * @param payto_url account specification
+ * @param salt the salt used to salt the @a payto_url when hashing
+ * @param merchant_priv private key to sign with
+ * @param merchant_sig[out] where to write the signature
+ */
+void
+TALER_merchant_wire_signature_make (const char *payto_url,
+                                    const char *salt,
+                                    const struct TALER_MerchantPrivateKeyP *merch_priv,
+                                    struct TALER_MerchantSignatureP *merch_sig)
+{
+  struct TALER_MasterWireDetailsPS wd;
+
+  wd.purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS);
+  wd.purpose.size = htonl (sizeof (wd));
+  TALER_merchant_wire_signature_hash (payto_url,
+                                      salt,
+                                      &wd.h_wire_details);
+  GNUNET_assert (GNUNET_OK ==
+                 GNUNET_CRYPTO_eddsa_sign (&merch_priv->eddsa_priv,
+                                           &wd.purpose,
+                                           &merch_sig->eddsa_sig));
+}
+
+
 /* end of crypto_wire.c */