diff options
Diffstat (limited to 'src/exchange')
| -rw-r--r-- | src/exchange/taler-exchange-httpd_deposit.c | 4 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_deposits_get.c | 4 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_keystate.c | 26 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_keystate.h | 36 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_melt.c | 16 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_recoup.c | 2 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_refreshes_reveal.c | 10 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_refund.c | 4 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_responses.c | 16 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_transfers_get.c | 2 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_withdraw.c | 4 |
11 files changed, 78 insertions, 46 deletions
diff --git a/src/exchange/taler-exchange-httpd_deposit.c b/src/exchange/taler-exchange-httpd_deposit.c index 193101c08..ac854de68 100644 --- a/src/exchange/taler-exchange-httpd_deposit.c +++ b/src/exchange/taler-exchange-httpd_deposit.c @@ -79,7 +79,7 @@ reply_deposit_success (struct MHD_Connection *connection, TALER_amount_hton (&dc.amount_without_fee, amount_without_fee); if (GNUNET_OK != - TEH_KS_sign (&dc.purpose, + TEH_KS_sign (&dc, &pub, &sig)) { @@ -508,7 +508,7 @@ TEH_handler_deposit (struct MHD_Connection *connection, &deposit.deposit_fee); if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, - &dr.purpose, + &dr, &deposit.csig.eddsa_signature, &deposit.coin.coin_pub.eddsa_pub)) { diff --git a/src/exchange/taler-exchange-httpd_deposits_get.c b/src/exchange/taler-exchange-httpd_deposits_get.c index 1c9c58d11..f2b364caa 100644 --- a/src/exchange/taler-exchange-httpd_deposits_get.c +++ b/src/exchange/taler-exchange-httpd_deposits_get.c @@ -69,7 +69,7 @@ reply_deposit_details (struct MHD_Connection *connection, TALER_amount_hton (&cw.coin_contribution, coin_contribution); if (GNUNET_OK != - TEH_KS_sign (&cw.purpose, + TEH_KS_sign (&cw, &pub, &sig)) { @@ -381,7 +381,7 @@ TEH_handler_deposits_get (const struct TEH_RequestHandler *rh, return MHD_YES; /* parse error */ if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION, - &tps.purpose, + &tps, &merchant_sig.eddsa_sig, &tps.merchant.eddsa_pub)) { diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c index 1c56b7a0f..acdec8d7f 100644 --- a/src/exchange/taler-exchange-httpd_keystate.c +++ b/src/exchange/taler-exchange-httpd_keystate.c @@ -593,7 +593,7 @@ store_in_map (struct GNUNET_CONTAINER_MultiHashMap *map, if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_verify ( TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY, - &denom_key_issue.purpose, + &denom_key_issue, &dkip->signature.eddsa_signature, &TEH_master_public_key.eddsa_pub)) { @@ -1489,12 +1489,10 @@ build_keys_response (const struct ResponseFactoryContext *rfc, GNUNET_CRYPTO_hash_context_finish (rbc.hash_context, &ks.hc); rbc.hash_context = NULL; - GNUNET_assert (GNUNET_OK == - GNUNET_CRYPTO_eddsa_sign ( - &rfc->key_state->current_sign_key_issue.signkey_priv. - eddsa_priv, - &ks.purpose, - &sig.eddsa_signature)); + GNUNET_CRYPTO_eddsa_sign ( + &rfc->key_state->current_sign_key_issue.signkey_priv.eddsa_priv, + &ks, + &sig.eddsa_signature); if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_time (TEH_cfg, "exchangedb", @@ -2399,16 +2397,20 @@ TEH_KS_free (void) /** * Sign the message in @a purpose with the exchange's signing key. * + * The @a purpose data is the beginning of the data of which the signature is + * to be created. The `size` field in @a purpose must correctly indicate the + * number of bytes of the data structure, including its header. Use + * #TEH_KS_sign() instead of calling this function directly! + * * @param purpose the message to sign * @param[out] pub set to the current public signing key of the exchange * @param[out] sig signature over purpose using current signing key * @return #GNUNET_OK on success, #GNUNET_SYSERR if we lack key material */ int -TEH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, - struct TALER_ExchangePublicKeyP *pub, - struct TALER_ExchangeSignatureP *sig) - +TEH_KS_sign_ (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, + struct TALER_ExchangePublicKeyP *pub, + struct TALER_ExchangeSignatureP *sig) { struct TEH_KS_StateHandle *key_state; @@ -2424,7 +2426,7 @@ TEH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, } *pub = key_state->current_sign_key_issue.issue.signkey_pub; GNUNET_assert (GNUNET_OK == - GNUNET_CRYPTO_eddsa_sign ( + GNUNET_CRYPTO_eddsa_sign_ ( &key_state->current_sign_key_issue.signkey_priv.eddsa_priv, purpose, &sig->eddsa_signature)); diff --git a/src/exchange/taler-exchange-httpd_keystate.h b/src/exchange/taler-exchange-httpd_keystate.h index 671652387..65a006bbe 100644 --- a/src/exchange/taler-exchange-httpd_keystate.h +++ b/src/exchange/taler-exchange-httpd_keystate.h @@ -171,15 +171,45 @@ TEH_KS_loop (void); * Sign the message in @a purpose with the exchange's signing * key. * + * The @a purpose data is the beginning of the data of which the signature is + * to be created. The `size` field in @a purpose must correctly indicate the + * number of bytes of the data structure, including its header. Use + * #TEH_KS_sign() instead of calling this function directly! + * * @param purpose the message to sign * @param[out] pub set to the current public signing key of the exchange * @param[out] sig signature over purpose using current signing key * @return #GNUNET_OK on success, #GNUNET_SYSERR if we lack key material */ int -TEH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, - struct TALER_ExchangePublicKeyP *pub, - struct TALER_ExchangeSignatureP *sig); +TEH_KS_sign_ (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, + struct TALER_ExchangePublicKeyP *pub, + struct TALER_ExchangeSignatureP *sig); + +/** + * @ingroup crypto + * @brief EdDSA sign a given block. + * + * The @a ps data must be a fixed-size struct for which the signature is to be + * created. The `size` field in @a ps->purpose must correctly indicate the + * number of bytes of the data structure, including its header. + * + * @param ps packed struct with what to sign, MUST begin with a purpose + * @param[out] pub where to store the public key to use for the signing + * @param[out] sig where to write the signature + */ +#define TEH_KS_sign(ps,pub,sig) \ + ({ \ + /* check size is set correctly */ \ + GNUNET_assert (htonl ((ps)->purpose.size) == \ + sizeof (*ps)); \ + /* check 'ps' begins with the purpose */ \ + GNUNET_static_assert (((void*) (ps)) == \ + ((void*) &(ps)->purpose)); \ + TEH_KS_sign_ (&(ps)->purpose, \ + pub, \ + sig); \ + }) /** diff --git a/src/exchange/taler-exchange-httpd_melt.c b/src/exchange/taler-exchange-httpd_melt.c index f5bd0b5aa..fab0f106b 100644 --- a/src/exchange/taler-exchange-httpd_melt.c +++ b/src/exchange/taler-exchange-httpd_melt.c @@ -109,7 +109,7 @@ reply_melt_success (struct MHD_Connection *connection, }; if (GNUNET_OK != - TEH_KS_sign (&body.purpose, + TEH_KS_sign (&body, &pub, &sig)) { @@ -376,22 +376,22 @@ handle_melt (struct MHD_Connection *connection, { /* verify signature of coin for melt operation */ { - struct TALER_RefreshMeltCoinAffirmationPS body; + struct TALER_RefreshMeltCoinAffirmationPS body = { + .purpose.size = htonl (sizeof (body)), + .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT), + .rc = rmc->refresh_session.rc, + .coin_pub = rmc->refresh_session.coin.coin_pub + }; - body.purpose.size = htonl (sizeof (struct - TALER_RefreshMeltCoinAffirmationPS)); - body.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT); - body.rc = rmc->refresh_session.rc; TALER_amount_hton (&body.amount_with_fee, &rmc->refresh_session.amount_with_fee); TALER_amount_hton (&body.melt_fee, &rmc->coin_refresh_fee); - body.coin_pub = rmc->refresh_session.coin.coin_pub; if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify ( TALER_SIGNATURE_WALLET_COIN_MELT, - &body.purpose, + &body, &rmc->refresh_session.coin_sig.eddsa_signature, &rmc->refresh_session.coin.coin_pub.eddsa_pub)) { diff --git a/src/exchange/taler-exchange-httpd_recoup.c b/src/exchange/taler-exchange-httpd_recoup.c index d8e7d189f..ccb75622e 100644 --- a/src/exchange/taler-exchange-httpd_recoup.c +++ b/src/exchange/taler-exchange-httpd_recoup.c @@ -414,7 +414,7 @@ verify_and_execute_recoup (struct MHD_Connection *connection, if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_RECOUP, - &pr.purpose, + &pr, &coin_sig->eddsa_signature, &coin->coin_pub.eddsa_pub)) { diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c index b7db0a4b4..5b6ca2d32 100644 --- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c +++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c @@ -676,11 +676,11 @@ resolve_refreshes_reveal_denominations (struct TEH_KS_StateHandle *key_state, rcds[i].coin_ev_size, &ldp.coin_envelope_hash); if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_LINK, - &ldp.purpose, - &link_sigs[i].eddsa_signature, - &melt.session.coin.coin_pub. - eddsa_pub)) + GNUNET_CRYPTO_eddsa_verify ( + TALER_SIGNATURE_WALLET_COIN_LINK, + &ldp, + &link_sigs[i].eddsa_signature, + &melt.session.coin.coin_pub.eddsa_pub)) { GNUNET_break_op (0); res = TALER_MHD_reply_with_error (connection, diff --git a/src/exchange/taler-exchange-httpd_refund.c b/src/exchange/taler-exchange-httpd_refund.c index 9fd9575f9..036a04739 100644 --- a/src/exchange/taler-exchange-httpd_refund.c +++ b/src/exchange/taler-exchange-httpd_refund.c @@ -64,7 +64,7 @@ reply_refund_success (struct MHD_Connection *connection, TALER_amount_hton (&rc.refund_fee, &refund->refund_fee); if (GNUNET_OK != - TEH_KS_sign (&rc.purpose, + TEH_KS_sign (&rc, &pub, &sig)) { @@ -365,7 +365,7 @@ verify_and_execute_refund (struct MHD_Connection *connection, &refund->details.refund_fee); if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_REFUND, - &rr.purpose, + &rr, &refund->details.merchant_sig.eddsa_sig, &refund->details.merchant_pub.eddsa_pub)) { diff --git a/src/exchange/taler-exchange-httpd_responses.c b/src/exchange/taler-exchange-httpd_responses.c index 452841190..4ddd9cd89 100644 --- a/src/exchange/taler-exchange-httpd_responses.c +++ b/src/exchange/taler-exchange-httpd_responses.c @@ -81,7 +81,7 @@ TEH_RESPONSE_compile_transaction_history ( /* internal sanity check before we hand out a bogus sig... */ if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, - &dr.purpose, + &dr, &deposit->csig.eddsa_signature, &coin_pub->eddsa_pub)) { @@ -139,7 +139,7 @@ TEH_RESPONSE_compile_transaction_history ( /* internal sanity check before we hand out a bogus sig... */ if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT, - &ms.purpose, + &ms, &melt->coin_sig.eddsa_signature, &coin_pub->eddsa_pub)) { @@ -191,7 +191,7 @@ TEH_RESPONSE_compile_transaction_history ( /* internal sanity check before we hand out a bogus sig... */ if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_REFUND, - &rr.purpose, + &rr, &refund->merchant_sig.eddsa_sig, &refund->merchant_pub.eddsa_pub)) { @@ -253,7 +253,7 @@ TEH_RESPONSE_compile_transaction_history ( TALER_amount_hton (&pc.recoup_amount, &pr->value); if (GNUNET_OK != - TEH_KS_sign (&pc.purpose, + TEH_KS_sign (&pc, &epub, &esig)) { @@ -306,7 +306,7 @@ TEH_RESPONSE_compile_transaction_history ( TALER_amount_hton (&pc.recoup_amount, &recoup->value); if (GNUNET_OK != - TEH_KS_sign (&pc.purpose, + TEH_KS_sign (&pc, &epub, &esig)) { @@ -355,7 +355,7 @@ TEH_RESPONSE_compile_transaction_history ( TALER_amount_hton (&pc.recoup_amount, &pr->value); if (GNUNET_OK != - TEH_KS_sign (&pc.purpose, + TEH_KS_sign (&pc, &epub, &esig)) { @@ -593,7 +593,7 @@ TEH_RESPONSE_compile_reserve_history ( TALER_amount_hton (&pc.recoup_amount, &recoup->value); if (GNUNET_OK != - TEH_KS_sign (&pc.purpose, + TEH_KS_sign (&pc, &pub, &sig)) { @@ -669,7 +669,7 @@ TEH_RESPONSE_compile_reserve_history ( strlen (closing->receiver_account_details) + 1, &rcc.h_wire); if (GNUNET_OK != - TEH_KS_sign (&rcc.purpose, + TEH_KS_sign (&rcc, &pub, &sig)) { diff --git a/src/exchange/taler-exchange-httpd_transfers_get.c b/src/exchange/taler-exchange-httpd_transfers_get.c index 9407ad791..4cc855d7e 100644 --- a/src/exchange/taler-exchange-httpd_transfers_get.c +++ b/src/exchange/taler-exchange-httpd_transfers_get.c @@ -159,7 +159,7 @@ reply_transfer_details (struct MHD_Connection *connection, GNUNET_CRYPTO_hash_context_finish (hash_context, &wdp.h_details); if (GNUNET_OK != - TEH_KS_sign (&wdp.purpose, + TEH_KS_sign (&wdp, &pub, &sig)) { diff --git a/src/exchange/taler-exchange-httpd_withdraw.c b/src/exchange/taler-exchange-httpd_withdraw.c index bbd926a5c..58ef97bae 100644 --- a/src/exchange/taler-exchange-httpd_withdraw.c +++ b/src/exchange/taler-exchange-httpd_withdraw.c @@ -442,7 +442,7 @@ TEH_handler_withdraw (const struct TEH_RequestHandler *rh, /* verify signature! */ wc.wsrd.purpose.size - = htonl (sizeof (struct TALER_WithdrawRequestPS)); + = htonl (sizeof (wc.wsrd)); wc.wsrd.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW); wc.wsrd.h_denomination_pub @@ -452,7 +452,7 @@ TEH_handler_withdraw (const struct TEH_RequestHandler *rh, &wc.wsrd.h_coin_envelope); if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW, - &wc.wsrd.purpose, + &wc.wsrd, &wc.signature.eddsa_signature, &wc.wsrd.reserve_pub.eddsa_pub)) { |