aboutsummaryrefslogtreecommitdiff
path: root/src/util/crypto_wire.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/util/crypto_wire.c')
-rw-r--r--src/util/crypto_wire.c108
1 files changed, 108 insertions, 0 deletions
diff --git a/src/util/crypto_wire.c b/src/util/crypto_wire.c
new file mode 100644
index 000000000..494573ffa
--- /dev/null
+++ b/src/util/crypto_wire.c
@@ -0,0 +1,108 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2018 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file util/crypto_wire.c
+ * @brief functions for making and verifying /wire account signatures
+ * @author Christian Grothoff <christian@grothoff.org>
+ */
+#include "platform.h"
+#include "taler_crypto_lib.h"
+#include "taler_signatures.h"
+
+/**
+ * Compute the hash of the given wire details. The resulting
+ * hash is what is put into the contract.
+ *
+ * @param payto_url bank account
+ * @param salt salt used to eliminate brute-force inversion
+ * @param hc[out] set to the hash
+ */
+void
+TALER_wire_signature_hash (const char *payto_url,
+ const char *salt,
+ struct GNUNET_HashCode *hc)
+{
+ GNUNET_assert (GNUNET_YES ==
+ GNUNET_CRYPTO_kdf (hc,
+ sizeof (*hc),
+ salt,
+ strlen (salt) + 1,
+ payto_url,
+ strlen (payto_url) + 1,
+ "wire-signature",
+ strlen ("wire-signature"),
+ NULL, 0));
+}
+
+
+/**
+ * Check the signature in @a wire_s.
+ *
+ * @param payto_url URL that is signed
+ * @param salt the salt used to salt the @a payto_url when hashing
+ * @param master_pub master public key of the exchange
+ * @param master_sig signature of the exchange
+ * @return #GNUNET_OK if signature is valid
+ */
+int
+TALER_wire_signature_check (const char *payto_url,
+ const char *salt,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig)
+{
+ struct TALER_MasterWireDetailsPS wd;
+
+ wd.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS);
+ wd.purpose.size = htonl (sizeof (wd));
+ TALER_wire_signature_hash (payto_url,
+ salt,
+ &wd.h_wire_details);
+ return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_DETAILS,
+ &wd.purpose,
+ &master_sig->eddsa_signature,
+ &master_pub->eddsa_pub);
+}
+
+
+/**
+ * Create a signed wire statement for the given account.
+ *
+ * @param payto_url account specification
+ * @param salt the salt used to salt the @a payto_url when hashing
+ * @param master_priv private key to sign with
+ * @param master_sig[out] where to write the signature
+ */
+void
+TALER_wire_signature_make (const char *payto_url,
+ const char *salt,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig)
+{
+ struct TALER_MasterWireDetailsPS wd;
+
+ wd.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS);
+ wd.purpose.size = htonl (sizeof (wd));
+ TALER_wire_signature_hash (payto_url,
+ salt,
+ &wd.h_wire_details);
+ GNUNET_assert (GNUNET_OK ==
+ GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
+ &wd.purpose,
+ &master_sig->eddsa_signature));
+}
+
+
+/* end of crypto_wire.c */