From a56e2e34bce77d41a6d3a2cbbcb89119b98ef750 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 6 Oct 2018 15:05:06 +0200 Subject: fix #5434 (no more salt in exchange wire replies) --- src/util/crypto_wire.c | 122 +++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 98 insertions(+), 24 deletions(-) (limited to 'src/util') diff --git a/src/util/crypto_wire.c b/src/util/crypto_wire.c index 494573ffa..ca6b9d216 100644 --- a/src/util/crypto_wire.c +++ b/src/util/crypto_wire.c @@ -22,28 +22,25 @@ #include "taler_crypto_lib.h" #include "taler_signatures.h" + /** * Compute the hash of the given wire details. The resulting * hash is what is put into the contract. * * @param payto_url bank account - * @param salt salt used to eliminate brute-force inversion * @param hc[out] set to the hash */ void -TALER_wire_signature_hash (const char *payto_url, - const char *salt, - struct GNUNET_HashCode *hc) +TALER_exchange_wire_signature_hash (const char *payto_url, + struct GNUNET_HashCode *hc) { GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_kdf (hc, sizeof (*hc), - salt, - strlen (salt) + 1, payto_url, strlen (payto_url) + 1, - "wire-signature", - strlen ("wire-signature"), + "exchange-wire-signature", + strlen ("exchange-wire-signature"), NULL, 0)); } @@ -52,24 +49,21 @@ TALER_wire_signature_hash (const char *payto_url, * Check the signature in @a wire_s. * * @param payto_url URL that is signed - * @param salt the salt used to salt the @a payto_url when hashing * @param master_pub master public key of the exchange * @param master_sig signature of the exchange * @return #GNUNET_OK if signature is valid */ int -TALER_wire_signature_check (const char *payto_url, - const char *salt, - const struct TALER_MasterPublicKeyP *master_pub, - const struct TALER_MasterSignatureP *master_sig) +TALER_exchange_wire_signature_check (const char *payto_url, + const struct TALER_MasterPublicKeyP *master_pub, + const struct TALER_MasterSignatureP *master_sig) { struct TALER_MasterWireDetailsPS wd; wd.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS); wd.purpose.size = htonl (sizeof (wd)); - TALER_wire_signature_hash (payto_url, - salt, - &wd.h_wire_details); + TALER_exchange_wire_signature_hash (payto_url, + &wd.h_wire_details); return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_DETAILS, &wd.purpose, &master_sig->eddsa_signature, @@ -81,23 +75,20 @@ TALER_wire_signature_check (const char *payto_url, * Create a signed wire statement for the given account. * * @param payto_url account specification - * @param salt the salt used to salt the @a payto_url when hashing * @param master_priv private key to sign with * @param master_sig[out] where to write the signature */ void -TALER_wire_signature_make (const char *payto_url, - const char *salt, - const struct TALER_MasterPrivateKeyP *master_priv, - struct TALER_MasterSignatureP *master_sig) +TALER_exchange_wire_signature_make (const char *payto_url, + const struct TALER_MasterPrivateKeyP *master_priv, + struct TALER_MasterSignatureP *master_sig) { struct TALER_MasterWireDetailsPS wd; wd.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS); wd.purpose.size = htonl (sizeof (wd)); - TALER_wire_signature_hash (payto_url, - salt, - &wd.h_wire_details); + TALER_exchange_wire_signature_hash (payto_url, + &wd.h_wire_details); GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, &wd.purpose, @@ -105,4 +96,87 @@ TALER_wire_signature_make (const char *payto_url, } +/** + * Compute the hash of the given wire details. The resulting + * hash is what is put into the contract. + * + * @param payto_url bank account + * @param salt salt used to eliminate brute-force inversion + * @param hc[out] set to the hash + */ +void +TALER_merchant_wire_signature_hash (const char *payto_url, + const char *salt, + struct GNUNET_HashCode *hc) +{ + GNUNET_assert (GNUNET_YES == + GNUNET_CRYPTO_kdf (hc, + sizeof (*hc), + salt, + strlen (salt) + 1, + payto_url, + strlen (payto_url) + 1, + "merchant-wire-signature", + strlen ("merchant-wire-signature"), + NULL, 0)); +} + + +/** + * Check the signature in @a merch_sig. (Not yet used anywhere.) + * + * @param payto_url URL that is signed + * @param salt the salt used to salt the @a payto_url when hashing + * @param merch_pub master public key of the merchant + * @param merch_sig signature of the merchant + * @return #GNUNET_OK if signature is valid + */ +int +TALER_merchant_wire_signature_check (const char *payto_url, + const char *salt, + const struct TALER_MerchantPublicKeyP *merch_pub, + const struct TALER_MerchantSignatureP *merch_sig) +{ + struct TALER_MasterWireDetailsPS wd; + + wd.purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS); + wd.purpose.size = htonl (sizeof (wd)); + TALER_merchant_wire_signature_hash (payto_url, + salt, + &wd.h_wire_details); + return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS, + &wd.purpose, + &merch_sig->eddsa_sig, + &merch_pub->eddsa_pub); +} + + +/** + * Create a signed wire statement for the given account. (Not yet used anywhere.) + * + * @param payto_url account specification + * @param salt the salt used to salt the @a payto_url when hashing + * @param merchant_priv private key to sign with + * @param merchant_sig[out] where to write the signature + */ +void +TALER_merchant_wire_signature_make (const char *payto_url, + const char *salt, + const struct TALER_MerchantPrivateKeyP *merch_priv, + struct TALER_MerchantSignatureP *merch_sig) +{ + struct TALER_MasterWireDetailsPS wd; + + wd.purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS); + wd.purpose.size = htonl (sizeof (wd)); + TALER_merchant_wire_signature_hash (payto_url, + salt, + &wd.h_wire_details); + GNUNET_assert (GNUNET_OK == + GNUNET_CRYPTO_eddsa_sign (&merch_priv->eddsa_priv, + &wd.purpose, + &merch_sig->eddsa_sig)); +} + + /* end of crypto_wire.c */ -- cgit v1.2.3