From 3e37c63fbd0abff5d0d05eea60a05f6b28598ee6 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Mon, 23 Nov 2020 16:36:07 +0100
Subject: implement sm signing of key announcements

---
 src/include/taler_crypto_lib.h | 45 +++++++++++++++++++++++-
 src/include/taler_signatures.h | 80 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 124 insertions(+), 1 deletion(-)

(limited to 'src/include')

diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index e09051049..ff742d557 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -32,6 +32,44 @@
 
 GNUNET_NETWORK_STRUCT_BEGIN
 
+/**
+ * @brief Type of public keys for Taler security modules (software or hardware).
+ * Note that there are usually at least two security modules (RSA and EdDSA),
+ * each with its own private key.
+ */
+struct TALER_SecurityModulePublicKeyP
+{
+  /**
+   * Taler uses EdDSA for security modules.
+   */
+  struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * @brief Type of private keys for Taler security modules (software or hardware).
+ */
+struct TALER_SecurityModulePrivateKeyP
+{
+  /**
+   * Taler uses EdDSA for security modules.
+   */
+  struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * @brief Type of signatures used for Taler security modules (software or hardware).
+ */
+struct TALER_SecurityModuleSignatureP
+{
+  /**
+   * Taler uses EdDSA for security modules.
+   */
+  struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
 /**
  * @brief Type of public keys for Taler reserves.
  */
@@ -758,6 +796,9 @@ struct TALER_CRYPTO_DenominationHelper;
  *                 zero if the key has been revoked or purged
  * @param h_denom_pub hash of the @a denom_pub that is available (or was purged)
  * @param denom_pub the public key itself, NULL if the key was revoked or purged
+ * @param sm_pub public key of the security module, NULL if the key was revoked or purged
+ * @param sm_sig signature from the security module, NULL if the key was revoked or purged
+ *               The signature was already verified against @a sm_pub.
  */
 typedef void
 (*TALER_CRYPTO_DenominationKeyStatusCallback)(
@@ -766,7 +807,9 @@ typedef void
   struct GNUNET_TIME_Absolute start_time,
   struct GNUNET_TIME_Relative validity_duration,
   const struct GNUNET_HashCode *h_denom_pub,
-  const struct TALER_DenominationPublicKey *denom_pub);
+  const struct TALER_DenominationPublicKey *denom_pub,
+  const struct TALER_SecurityModulePublicKeyP *sm_pub,
+  const struct TALER_SecurityModuleSignatureP *sm_sig);
 
 
 /**
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index 3da11b303..1b197b2c7 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -210,6 +210,20 @@
 #define TALER_SIGNATURE_WALLET_COIN_LINK 1204
 
 
+/******************************/
+/* Security module signatures */
+/******************************/
+
+/**
+ * Signature on a denomination key announcement.
+ */
+#define TALER_SIGNATURE_SM_DENOMINATION_KEY 1250
+
+/**
+ * Signature on an exchange message signing key announcement.
+ */
+#define TALER_SIGNATURE_SM_SIGNING_KEY 1251
+
 /*******************/
 /* Test signatures */
 /*******************/
@@ -253,6 +267,72 @@
 
 GNUNET_NETWORK_STRUCT_BEGIN
 
+/**
+ * @brief format used by the denomination crypto helper when affirming
+ *        that it created a denomination key.
+ */
+struct TALER_DenominationKeyAnnouncementPS
+{
+
+  /**
+   * Purpose must be #TALER_SIGNATURE_SM_DENOMINATION_KEY.
+   * Used with an EdDSA signature of a `struct TALER_SecurityModulePublicKeyP`.
+   */
+  struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+
+  /**
+   * Hash of the denomination public key.
+   */
+  struct GNUNET_HashCode h_denom_pub;
+
+  /**
+   * Hash of the section name in the configuration of this denomination.
+   */
+  struct GNUNET_HashCode h_section_name;
+
+  /**
+   * When does the key become available?
+   */
+  struct GNUNET_TIME_AbsoluteNBO anchor_time;
+
+  /**
+   * How long is the key available after @e anchor_time?
+   */
+  struct GNUNET_TIME_RelativeNBO duration_withdraw;
+
+};
+
+
+/**
+ * @brief format used by the signing crypto helper when affirming
+ *        that it created an exchange signing key.
+ */
+struct TALER_SigningKeyAnnouncementPS
+{
+
+  /**
+   * Purpose must be #TALER_SIGNATURE_SM_SIGNING_KEY.
+   * Used with an EdDSA signature of a `struct TALER_SecurityModulePublicKeyP`.
+   */
+  struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+
+  /**
+   * Public signing key of the exchange this is about.
+   */
+  struct TALER_ExchangePublicKeyP exchange_pub;
+
+  /**
+   * When does the key become available?
+   */
+  struct GNUNET_TIME_AbsoluteNBO anchor_time;
+
+  /**
+   * How long is the key available after @e anchor_time?
+   */
+  struct GNUNET_TIME_RelativeNBO duration_withdraw;
+
+};
+
 /**
  * @brief Format used for to allow the wallet to authenticate
  * link data provided by the exchange.
-- 
cgit v1.2.3