From 891018f69f52244fd4cb61b50e3b3aeaeb0d8f50 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 28 Mar 2015 14:22:21 +0100 Subject: minor renaming of signature values and improved documentation of signatures, also adding a few missing fields to signatures to address #3631 --- src/include/taler_crypto_lib.h | 22 ++- src/include/taler_mintdb_plugin.h | 6 +- src/include/taler_signatures.h | 257 +++++++++++++++++++++++++--------- src/mint-lib/mint_api.c | 8 +- src/mint-tools/taler-mint-keycheck.c | 4 +- src/mint-tools/taler-mint-keyup.c | 4 +- src/mint/taler-mint-httpd_db.h | 2 +- src/mint/taler-mint-httpd_deposit.c | 4 +- src/mint/taler-mint-httpd_refresh.c | 6 +- src/mint/taler-mint-httpd_responses.c | 10 +- src/mint/taler-mint-httpd_withdraw.c | 4 +- 11 files changed, 228 insertions(+), 99 deletions(-) (limited to 'src') diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index cfd588a52..5b45661b7 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -197,33 +197,45 @@ struct TALER_MasterSignatureP /** - * Type of public keys for Taler coins. + * Type of public keys for Taler coins. The same key material is used + * for ECDSA and ECDHE operations. */ union TALER_CoinSpendPublicKeyP { /** - * Taler uses ECDSA for coins. + * Taler uses ECDSA for coins when signing deposit requests. */ struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_pub; + + /** + * Taler uses ECDH(E) for coin linkage during refresh operations. + */ + struct GNUNET_CRYPTO_EcdhePublicKey ecdhe_pub; }; /** - * Type of private keys for Taler coins. + * Type of private keys for Taler coins. The same key material is used + * for ECDSA and ECDHE operations. */ union TALER_CoinSpendPrivateKeyP { /** - * Taler uses ECDSA for coins. + * Taler uses ECDSA for coins when signing deposit requests. */ struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_priv; + + /** + * Taler uses ECDHE for coin linkage during refresh operations. + */ + struct GNUNET_CRYPTO_EcdhePrivateKey ecdhe_priv; }; /** * Type of signatures made with Taler coins. */ -union TALER_CoinSpendSignatureP +struct TALER_CoinSpendSignatureP { /** * Taler uses ECDSA for coins. diff --git a/src/include/taler_mintdb_plugin.h b/src/include/taler_mintdb_plugin.h index 7cd3e9202..e6f87c4aa 100644 --- a/src/include/taler_mintdb_plugin.h +++ b/src/include/taler_mintdb_plugin.h @@ -186,7 +186,7 @@ struct Deposit * by @e h_wire in relation to the contract identified * by @e h_contract. */ - union TALER_CoinSpendSignatureP csig; + struct TALER_CoinSpendSignatureP csig; /** * Public key of the merchant. Enables later identification @@ -268,7 +268,7 @@ struct RefreshMelt /** * Signature over the melting operation. */ - union TALER_CoinSpendSignatureP coin_sig; + struct TALER_CoinSpendSignatureP coin_sig; /** * Hash of the refresh session this coin is melted into. @@ -384,7 +384,7 @@ struct Lock /** * Signature over the locking operation. */ - union TALER_CoinSpendSignatureP coin_sig; + struct TALER_CoinSpendSignatureP coin_sig; /** * How much value is being locked? diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 8363c23dd..4e9418966 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -40,53 +40,47 @@ */ #define TALER_CNC_KAPPA 3 +/*********************************************/ +/* Mint offline signatures (with master key) */ +/*********************************************/ /** - * Purpose for signing public keys signed - * by the mint master key. + * Purpose for signing public keys signed by the mint master key. */ -#define TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY 1 +#define TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY 1 /** - * Purpose for denomination keys signed - * by the mint master key. + * Purpose for denomination keys signed by the mint master key. */ -#define TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY 2 +#define TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY 2 -/** - * Purpose for the state of a reserve, - * signed by the mint's signing key. - */ -#define TALER_SIGNATURE_MINT_RESERVE_STATUS 3 -/** - * Signature where the reserve key - * confirms a withdraw request. - */ -#define TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST 4 +/*********************************************/ +/* Mint online signatures (with signing key) */ +/*********************************************/ /** - * Signature using a coin key confirming the melting of - * a coin. + * Purpose for the state of a reserve, signed by the mint's signing + * key. */ -#define TALER_SIGNATURE_COIN_MELT 5 +#define TALER_SIGNATURE_MINT_RESERVE_STATUS 32 /** - * Signature where the mint (current signing key) - * confirms the no-reveal index for cut-and-choose and - * the validity of the melted coins. + * Signature where the Mint confirms a deposit request. */ -#define TALER_SIGNATURE_MINT_MELT_RESPONSE 6 +#define TALER_SIGNATURE_MINT_CONFIRM_DEPOSIT 33 /** - * Signature where the Mint confirms a deposit request. + * Signature where the mint (current signing key) confirms the + * no-reveal index for cut-and-choose and the validity of the melted + * coins. */ -#define TALER_SIGNATURE_COIN_DEPOSIT 7 +#define TALER_SIGNATURE_MINT_CONFIRM_MELT 34 /** * Signature where the Mint confirms the full /keys response set. */ -#define TALER_SIGNATURE_MINT_KEY_SET 8 +#define TALER_SIGNATURE_MINT_KEY_SET 35 /***********************/ @@ -94,26 +88,34 @@ /***********************/ /** - * Signature where the merchant confirms a contract + * Signature where the merchant confirms a contract (to the customer). */ #define TALER_SIGNATURE_MERCHANT_CONTRACT 101 +/** + * Signature where the merchant confirms a refund (of a coin). + */ +#define TALER_SIGNATURE_MERCHANT_REFUND 102 + + /*********************/ /* Wallet signatures */ /*********************/ /** - * Signature made by the wallet of a user to confirm a deposit permission - * FIXME: this is #TALER_SIGNATURE_COIN_DEPOSIT already! + * Signature where the reserve key confirms a withdraw request. */ -#define TALER_SIGNATURE_WALLET_DEPOSIT 201 +#define TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW 200 /** - * Signature made by the wallet of a user to confirm a incremental - * deposit permission. - * FIXME: this MIGHT also be #TALER_SIGNATURE_COIN_DEPOSIT already! + * Signature made by the wallet of a user to confirm a deposit of a coin. */ -#define TALER_SIGNATURE_WALLET_DEPOSIT_INCREMENTAL 202 +#define TALER_SIGNATURE_WALLET_COIN_DEPOSIT 201 + +/** + * Signature using a coin key confirming the melting of a coin. + */ +#define TALER_SIGNATURE_WALLET_COIN_MELT 202 @@ -127,7 +129,8 @@ struct TALER_WithdrawRequestPS { /** - * Purpose must be #TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST. + * Purpose must be #TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW. + * Used with an EdDSA signature of a `struct TALER_ReservePublicKeyP`. */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; @@ -165,7 +168,8 @@ struct TALER_WithdrawRequestPS struct TALER_DepositRequestPS { /** - * Purpose must be #TALER_SIGNATURE_WALLET_DEPOSIT + * Purpose must be #TALER_SIGNATURE_WALLET_COIN_DEPOSIT. + * Used for an ECDSA signature with the `union TALER_CoinSpendPublicKeyP`. */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; @@ -179,21 +183,69 @@ struct TALER_DepositRequestPS */ struct GNUNET_HashCode h_wire; + /** + * Time when this request was generated. Used, for example, to + * assess when (roughly) the income was achieved for tax purposes. + * Note that the Mint will only check that the timestamp is not "too + * far" into the future (i.e. several days). The fact that the + * timestamp falls within the validity period of the coin's + * denomination key is irrelevant for the validity of the deposit + * request, as obviously the customer and merchant could conspire to + * set any timestamp. Also, the Mint must accept very old deposit + * requests, as the merchant might have been unable to transmit the + * deposit request in a timely fashion (so back-dating is not + * prevented). + */ + struct GNUNET_TIME_AbsoluteNBO timestamp; + + /** + * How much time does the merchant have to issue a refund request? + * Zero if refunds are not allowed. After this time, the coin + * cannot be refunded. + */ + struct GNUNET_TIME_AbsoluteNBO refund_deadline; + /** * Merchant-generated transaction ID to detect duplicate - * transactions. + * transactions. The merchant must communicate a merchant-unique ID + * to the customer for each transaction. Note that different coins + * that are part of the same transaction can use the same + * transaction ID. The transaction ID is useful for later disputes, + * and the merchant's contract offer (@e h_contract) with the + * customer should include the offer's term and transaction ID + * signed with a key from the merchant. */ uint64_t transaction_id GNUNET_PACKED; /** - * Amount to be deposited, including fee. + * Amount to be deposited, including deposit fee charged by the + * mint. This is the total amount that the coin's value at the mint + * will be reduced by. */ struct TALER_AmountNBO amount_with_fee; - /* FIXME: we should probably also include the value of - the depositing fee here as well! */ /** - * The coin's public key. + * Depositing fee charged by the mint. This must match the Mint's + * denomination key's depositing fee. If the client puts in an + * invalid deposit fee (too high or too low) that does not match the + * Mint's denomination key, the deposit operation is invalid and + * will be rejected by the mint. The @e amount_with_fee minus the + * @e deposit_fee is the amount that will be transferred to the + * account identified by @e h_wire. + */ + struct TALER_AmountNBO deposit_fee; + + /** + * The Merchant's public key. Allows the merchant to later refund + * the transaction. All zeros if nobody is allowed to refund the + * transaction later. + */ + struct TALER_MerchantPublicKeyP merchant; + + /** + * The coin's public key. This is the value that must have been + * signed (blindly) by the Mint. The deposit request is to be + * signed by the corresponding private key (using ECDSA). */ union TALER_CoinSpendPublicKeyP coin_pub; @@ -207,7 +259,8 @@ struct TALER_DepositRequestPS struct TALER_DepositConfirmationPS { /** - * Purpose must be #TALER_SIGNATURE_COIN_DEPOSIT + * Purpose must be #TALER_SIGNATURE_MINT_CONFIRM_DEPOSIT. Signed + * by a `struct TALER_MintPublicKeyP` using EdDSA. */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; @@ -228,20 +281,36 @@ struct TALER_DepositConfirmationPS uint64_t transaction_id GNUNET_PACKED; /** - * Amount to be deposited, including fee. + * Time when this confirmation was generated. */ - struct TALER_AmountNBO amount_with_fee; + struct GNUNET_TIME_AbsoluteNBO timestamp; + + /** + * How much time does the @e merchant have to issue a refund + * request? Zero if refunds are not allowed. After this time, the + * coin cannot be refunded. Note that the wire transfer will not be + * performed by the mint until the refund deadline. This value + * is taken from the original deposit request. + */ + struct GNUNET_TIME_AbsoluteNBO refund_deadline; - /* FIXME: we should probably also include the value of - the depositing fee here as well! */ + /** + * Amount to be deposited, excluding fee. Calculated from the + * amount with fee and the fee from the deposit request. + */ + struct TALER_AmountNBO amount_without_fee; /** - * The coin's public key. + * The coin's public key. This is the value that must have been + * signed (blindly) by the Mint. The deposit request is to be + * signed by the corresponding private key (using ECDSA). */ union TALER_CoinSpendPublicKeyP coin_pub; /** - * The Merchant's public key. + * The Merchant's public key. Allows the merchant to later refund + * the transaction. All zeros if nobody is allowed to refund the + * transaction later. */ struct TALER_MerchantPublicKeyP merchant; @@ -249,13 +318,14 @@ struct TALER_DepositConfirmationPS /** - * Message signed by a coin to indicate that the coin should - * be melted. + * Message signed by a coin to indicate that the coin should be + * melted. */ struct TALER_RefreshMeltCoinAffirmationPS { /** - * Purpose is #TALER_SIGNATURE_COIN_MELT. + * Purpose is #TALER_SIGNATURE_WALLET_COIN_MELT. + * Used for an ECDSA signature with the `union TALER_CoinSpendPublicKeyP`. */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; @@ -274,11 +344,21 @@ struct TALER_RefreshMeltCoinAffirmationPS */ struct TALER_AmountNBO amount_with_fee; - /* FIXME: we should probably also include the value of - the melting fee here as well! */ + /** + * Melting fee charged by the mint. This must match the Mint's + * denomination key's melting fee. If the client puts in an invalid + * melting fee (too high or too low) that does not match the Mint's + * denomination key, the melting operation is invalid and will be + * rejected by the mint. The @e amount_with_fee minus the @e + * melt_fee is the amount that will be credited to the melting + * session. + */ + struct TALER_AmountNBO melt_fee; /** - * The coin's public key. + * The coin's public key. This is the value that must have been + * signed (blindly) by the Mint. The deposit request is to be + * signed by the corresponding private key (using ECDSA). */ union TALER_CoinSpendPublicKeyP coin_pub; }; @@ -293,7 +373,8 @@ struct TALER_RefreshMeltCoinAffirmationPS struct TALER_RefreshMeltConfirmationPS { /** - * Purpose is #TALER_SIGNATURE_MINT_MELT_RESPONSE. + * Purpose is #TALER_SIGNATURE_MINT_CONFIRM_MELT. Signed + * by a `struct TALER_MintPublicKeyP` using EdDSA. */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; @@ -303,7 +384,8 @@ struct TALER_RefreshMeltConfirmationPS struct GNUNET_HashCode session_hash; /** - * Index that the client will not have to reveal. + * Index that the client will not have to reveal, in NBO. + * Must be smaller than #TALER_CNC_KAPPA. */ uint16_t noreveal_index GNUNET_PACKED; }; @@ -322,7 +404,7 @@ struct TALER_MintSigningKeyValidityPS struct TALER_MasterSignatureP signature; /** - * Purpose is #TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY. + * Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY. */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; @@ -338,13 +420,24 @@ struct TALER_MintSigningKeyValidityPS struct GNUNET_TIME_AbsoluteNBO start; /** - * When does this signing key expire? Note: This is - * currently when the Mint will definitively stop using it. - * This does not mean that all signatures with tkey key are - * afterwards invalid. + * When does this signing key expire? Note: This is currently when + * the Mint will definitively stop using it. Signatures made with + * the key remain valid until @e end. When checking validity periods, + * clients should allow for some overlap between keys and tolerate + * the use of either key during the overlap time (due to the + * possibility of clock skew). */ struct GNUNET_TIME_AbsoluteNBO expire; + /** + * When do signatures with this signing key become invalid? After + * this point, these signatures cannot be used in (legal) disputes + * anymore, as the Mint is then allowed to destroy its side of the + * evidence. @e end is expected to be significantly larger than @e + * expire (by a year or more). + */ + struct GNUNET_TIME_AbsoluteNBO end; + /** * The public online signing key that the mint will use * between @e start and @e expire. @@ -362,7 +455,8 @@ struct TALER_MintKeySetPS { /** - * Purpose is #TALER_SIGNATURE_MINT_KEY_SET + * Purpose is #TALER_SIGNATURE_MINT_KEY_SET. Signed + * by a `struct TALER_MintPublicKeyP` using EdDSA. */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; @@ -372,7 +466,11 @@ struct TALER_MintKeySetPS struct GNUNET_TIME_AbsoluteNBO list_issue_date; /** - * Hash over the "inner" JSON with the key set. + * Hash over the "inner" JSON with the key set. FIXME: The use of + * JSON as what is being signed here is a bit of a hack, as the + * result depends on the JSON indentation and being canonical. + * We should consider using a more well-defined binary format to + * sign. (#3739) */ struct GNUNET_HashCode hc; }; @@ -385,13 +483,12 @@ struct TALER_MintKeySetPS struct TALER_DenominationKeyValidityPS { /** - * Signature over this struct to affirm the validity - * of the key. + * Signature over this struct to affirm the validity of the key. */ struct TALER_MasterSignatureP signature; /** - * Purpose is #TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY. + * Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY. */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; @@ -407,8 +504,16 @@ struct TALER_DenominationKeyValidityPS struct GNUNET_TIME_AbsoluteNBO start; /** - * The mint will sign fresh coins between @e start and - * this time. + * The mint will sign fresh coins between @e start and this time. + * @e expire_withdraw will be somewhat larger than @e start to + * ensure a sufficiently large anonymity set, while also allowing + * the Mint to limit the financial damage in case of a key being + * compromised. Thus, mints with low volume are expected to have a + * longer withdraw period (@e expire_withdraw - @e start) than mints + * with high transaction volume. The period may also differ between + * types of coins. A mint may also have a few denomination keys + * with the same value with overlapping validity periods, to address + * issues such as clock skew. */ struct GNUNET_TIME_AbsoluteNBO expire_withdraw; @@ -418,10 +523,21 @@ struct TALER_DenominationKeyValidityPS * mint will refuse transactions involving this key as it will * "drop" the table with double-spending information (shortly after) * this time. Note that wallets should refresh coins significantly - * before this time to be on the safe side. + * before this time to be on the safe side. @e expire_spend must be + * significantly larger than @e expire_withdraw (by months or even + * years). */ struct GNUNET_TIME_AbsoluteNBO expire_spend; + /** + * When do signatures with this denomination key become invalid? + * After this point, these signatures cannot be used in (legal) + * disputes anymore, as the Mint is then allowed to destroy its side + * of the evidence. @e expire_legal is expected to be significantly + * larger than @e expire_spend (by a year or more). + */ + struct GNUNET_TIME_AbsoluteNBO expire_legal; + /** * The value of the coins signed with this denomination key. */ @@ -446,7 +562,8 @@ struct TALER_DenominationKeyValidityPS struct TALER_AmountNBO fee_refresh; /** - * Hash code of the denomination public key. + * Hash code of the denomination public key. (Used to avoid having + * the variable-size RSA key this struct.) */ struct GNUNET_HashCode denom_hash; diff --git a/src/mint-lib/mint_api.c b/src/mint-lib/mint_api.c index 019793b78..24d617f56 100644 --- a/src/mint-lib/mint_api.c +++ b/src/mint-lib/mint_api.c @@ -286,7 +286,7 @@ parse_json_signkey (struct TALER_MINT_SigningPublicKey **_sign_key, GNUNET_CRYPTO_eddsa_public_key_from_string (key_enc, 52, &sign_key_issue.signkey_pub.eddsa_pub)); - sign_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY); + sign_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY); sign_key_issue.purpose.size = htonl (sizeof (sign_key_issue) - offsetof (struct TALER_MintSigningKeyValidityPS, purpose)); @@ -294,7 +294,7 @@ parse_json_signkey (struct TALER_MINT_SigningPublicKey **_sign_key, sign_key_issue.start = GNUNET_TIME_absolute_hton (valid_from); sign_key_issue.expire = GNUNET_TIME_absolute_hton (valid_until); EXITIF (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY, + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY, &sign_key_issue.purpose, &sig, &master_key->eddsa_pub)); @@ -408,7 +408,7 @@ parse_json_denomkey (struct TALER_MINT_DenomPublicKey **_denom_key, EXITIF (GNUNET_SYSERR == parse_json_amount (obj, &fee_deposit)); EXITIF (NULL == (obj = json_object_get (denom_key_obj, "fee_refresh"))); EXITIF (GNUNET_SYSERR == parse_json_amount (obj, &fee_refresh)); - denom_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY); + denom_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY); denom_key_issue.purpose.size = htonl (sizeof (struct TALER_DenominationKeyValidityPS) - offsetof (struct TALER_DenominationKeyValidityPS, purpose)); @@ -425,7 +425,7 @@ parse_json_denomkey (struct TALER_MINT_DenomPublicKey **_denom_key, TALER_amount_hton (&denom_key_issue.fee_refresh, &fee_refresh); EXITIF (GNUNET_SYSERR == - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY, + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY, &denom_key_issue.purpose, &sig, &master_key->eddsa_pub)); diff --git a/src/mint-tools/taler-mint-keycheck.c b/src/mint-tools/taler-mint-keycheck.c index df228994d..06b544afa 100644 --- a/src/mint-tools/taler-mint-keycheck.c +++ b/src/mint-tools/taler-mint-keycheck.c @@ -68,7 +68,7 @@ signkeys_iter (void *cls, return GNUNET_SYSERR; } if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY, + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY, &ski->issue.purpose, &ski->issue.signature.eddsa_signature, &ski->issue.master_public_key.eddsa_pub)) @@ -128,7 +128,7 @@ denomkeys_iter (void *cls, } if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY, + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY, &dki->issue.purpose, &dki->issue.signature.eddsa_signature, &dki->issue.master.eddsa_pub)) diff --git a/src/mint-tools/taler-mint-keyup.c b/src/mint-tools/taler-mint-keyup.c index 0d84635af..c459dc549 100644 --- a/src/mint-tools/taler-mint-keyup.c +++ b/src/mint-tools/taler-mint-keyup.c @@ -448,7 +448,7 @@ create_signkey_issue_priv (struct GNUNET_TIME_Absolute start, duration)); GNUNET_CRYPTO_eddsa_key_get_public (&pi->signkey_priv.eddsa_priv, &issue->signkey_pub.eddsa_pub); - issue->purpose.purpose = htonl (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY); + issue->purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY); issue->purpose.size = htonl (sizeof (struct TALER_MintSigningKeyValidityPS) - offsetof (struct TALER_MintSigningKeyValidityPS, purpose)); @@ -701,7 +701,7 @@ create_denomkey_issue (const struct CoinTypeParams *params, ¶ms->fee_deposit); TALER_amount_hton (&dki->issue.fee_refresh, ¶ms->fee_refresh); - dki->issue.purpose.purpose = htonl (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY); + dki->issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY); dki->issue.purpose.size = htonl (sizeof (struct TALER_MINTDB_DenominationKeyIssueInformation) - offsetof (struct TALER_MINTDB_DenominationKeyIssueInformation, issue.purpose)); diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h index 3e8a7df7f..8d51463d8 100644 --- a/src/mint/taler-mint-httpd_db.h +++ b/src/mint/taler-mint-httpd_db.h @@ -87,7 +87,7 @@ struct TMH_DB_MeltDetails * Signature allowing the melt (using * a `struct RefreshMeltConfirmSignRequestBody`) to sign over. */ - union TALER_CoinSpendSignatureP melt_sig; + struct TALER_CoinSpendSignatureP melt_sig; /** * How much of the coin's value did the client allow to be melted? diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c index e732c87d7..09e101f60 100644 --- a/src/mint/taler-mint-httpd_deposit.c +++ b/src/mint/taler-mint-httpd_deposit.c @@ -60,7 +60,7 @@ verify_and_execute_deposit (struct MHD_Connection *connection, struct TALER_MINTDB_DenominationKeyIssueInformation *dki; struct TALER_Amount fee_deposit; - dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_DEPOSIT); + dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT); dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS)); dr.h_contract = deposit->h_contract; dr.h_wire = deposit->h_wire; @@ -69,7 +69,7 @@ verify_and_execute_deposit (struct MHD_Connection *connection, &deposit->amount_with_fee); dr.coin_pub = deposit->coin.coin_pub; if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_DEPOSIT, + GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, &dr.purpose, &deposit->csig.ecdsa_signature, &deposit->coin.coin_pub.ecdsa_pub)) diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c index ef7fb03ad..53671dfab 100644 --- a/src/mint/taler-mint-httpd_refresh.c +++ b/src/mint/taler-mint-httpd_refresh.c @@ -176,7 +176,7 @@ get_coin_public_info (struct MHD_Connection *connection, struct TMH_DB_MeltDetails *r_melt_detail) { int ret; - union TALER_CoinSpendSignatureP melt_sig; + struct TALER_CoinSpendSignatureP melt_sig; struct TALER_DenominationSignature sig; struct TALER_DenominationPublicKey pk; struct TALER_Amount amount; @@ -244,13 +244,13 @@ verify_coin_public_info (struct MHD_Connection *connection, struct TALER_Amount fee_refresh; body.purpose.size = htonl (sizeof (struct TALER_RefreshMeltCoinAffirmationPS)); - body.purpose.purpose = htonl (TALER_SIGNATURE_COIN_MELT); + body.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT); body.session_hash = *session_hash; TALER_amount_hton (&body.amount_with_fee, &r_melt_detail->melt_amount_with_fee); body.coin_pub = r_public_info->coin_pub; if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_COIN_MELT, + GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT, &body.purpose, &r_melt_detail->melt_sig.ecdsa_signature, &r_public_info->coin_pub.ecdsa_pub)) diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c index 95bb95cef..c9ca51413 100644 --- a/src/mint/taler-mint-httpd_responses.c +++ b/src/mint/taler-mint-httpd_responses.c @@ -294,7 +294,7 @@ TMH_RESPONSE_reply_deposit_success (struct MHD_Connection *connection, json_t *sig_json; int ret; - dc.purpose.purpose = htonl (TALER_SIGNATURE_COIN_DEPOSIT); + dc.purpose.purpose = htonl (TALER_SIGNATURE_MINT_CONFIRM_DEPOSIT); dc.purpose.size = htonl (sizeof (struct TALER_DepositConfirmationPS)); dc.h_contract = *h_contract; dc.h_wire = *h_wire; @@ -344,7 +344,7 @@ compile_transaction_history (const struct TALER_MINT_DB_TransactionList *tl) type = "deposit"; value = deposit->amount_with_fee; - dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_DEPOSIT); + dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT); dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS)); dr.h_contract = deposit->h_contract; dr.h_wire = deposit->h_wire; @@ -363,7 +363,7 @@ compile_transaction_history (const struct TALER_MINT_DB_TransactionList *tl) type = "melt"; value = melt->amount_with_fee; - ms.purpose.purpose = htonl (TALER_SIGNATURE_COIN_MELT); + ms.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT); ms.purpose.size = htonl (sizeof (struct TALER_RefreshMeltCoinAffirmationPS)); ms.session_hash = melt->session_hash; TALER_amount_hton (&ms.amount_with_fee, @@ -498,7 +498,7 @@ compile_reserve_history (const struct ReserveHistory *rh, return NULL; } ret = 1; - wr.purpose.purpose = htonl (TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST); + wr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW); wr.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS)); wr.reserve_pub = pos->details.withdraw->reserve_pub; GNUNET_CRYPTO_rsa_public_key_hash (pos->details.withdraw->denom_pub.rsa_public_key, @@ -683,7 +683,7 @@ TMH_RESPONSE_reply_refresh_melt_success (struct MHD_Connection *connection, int ret; body.purpose.size = htonl (sizeof (struct TALER_RefreshMeltConfirmationPS)); - body.purpose.purpose = htonl (TALER_SIGNATURE_MINT_MELT_RESPONSE); + body.purpose.purpose = htonl (TALER_SIGNATURE_MINT_CONFIRM_MELT); body.session_hash = *session_hash; body.noreveal_index = htons (noreveal_index); TMH_KS_sign (&body.purpose, diff --git a/src/mint/taler-mint-httpd_withdraw.c b/src/mint/taler-mint-httpd_withdraw.c index 0d700df6f..e7a122213 100644 --- a/src/mint/taler-mint-httpd_withdraw.c +++ b/src/mint/taler-mint-httpd_withdraw.c @@ -138,7 +138,7 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh, /* verify signature! */ wsrd.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS)); - wsrd.purpose.purpose = htonl (TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST); + wsrd.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW); GNUNET_CRYPTO_hash (denomination_pub_data, denomination_pub_data_size, &wsrd.h_denomination_pub); @@ -146,7 +146,7 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh, blinded_msg_len, &wsrd.h_coin_envelope); if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST, + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW, &wsrd.purpose, &signature.eddsa_signature, &wsrd.reserve_pub.eddsa_pub)) -- cgit v1.2.3