1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
/*
This file is part of TALER
(C) 2014 GNUnet e.V.
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU Affero General Public License as published by the Free Software
Foundation; either version 3, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with
TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/>
*/
/**
* @file taler-mint-httpd_keys.c
* @brief Handle /keys requests
* @author Florian Dold
* @author Benedikt Mueller
* @author Christian Grothoff
*/
#include "platform.h"
#include <gnunet/gnunet_util_lib.h>
#include <jansson.h>
#include <microhttpd.h>
#include "mint.h"
#include "taler-mint-httpd_keys.h"
#include "taler-mint-httpd_keystate.h"
/**
* Function to call to handle the request by sending
* back static data from the @a rh.
*
* @param rh context of the handler
* @param connection the MHD connection to handle
* @param[IN|OUT] connection_cls the connection's closure (can be updated)
* @param upload_data upload data
* @param[IN|OUT] upload_data_size number of bytes (left) in @a upload_data
* @return MHD result code
*/
int
TALER_MINT_handler_keys (struct RequestHandler *rh,
struct MHD_Connection *connection,
void **connection_cls,
const char *upload_data,
size_t *upload_data_size)
{
struct MintKeyState *key_state;
struct MHD_Response *response;
int ret;
key_state = TALER_MINT_key_state_acquire ();
response = MHD_create_response_from_buffer (strlen (key_state->keys_json),
key_state->keys_json,
MHD_RESPMEM_MUST_COPY);
TALER_MINT_key_state_release (key_state);
if (NULL == response)
{
GNUNET_break (0);
return MHD_NO;
}
(void) MHD_add_response_header (response,
"Content-Type",
rh->mime_type);
ret = MHD_queue_response (connection,
rh->response_code,
response);
MHD_destroy_response (response);
return ret;
}
/**
* Check if a coin is valid; that is, whether the denomination key exists,
* is not expired, and the signature is correct.
*
* @param key_state the key state to use for checking the coin's validity
* @param coin_public_info the coin public info to check for validity
* @return #GNUNET_YES if the coin is valid,
* #GNUNET_NO if it is invalid
* #GNUNET_SYSERROR if an internal error occured
*/
int
TALER_MINT_test_coin_valid (const struct MintKeyState *key_state,
const struct TALER_CoinPublicInfo *coin_public_info)
{
struct TALER_MINT_DenomKeyIssuePriv *dki;
struct GNUNET_HashCode c_hash;
dki = TALER_MINT_get_denom_key (key_state, coin_public_info->denom_pub);
if (NULL == dki)
return GNUNET_NO;
/* FIXME: we had envisioned a more complex scheme... */
GNUNET_CRYPTO_hash (&coin_public_info->coin_pub,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
&c_hash);
if (GNUNET_OK !=
GNUNET_CRYPTO_rsa_verify (&c_hash,
coin_public_info->denom_sig,
dki->issue.denom_pub))
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"coin signature is invalid\n");
return GNUNET_NO;
}
return GNUNET_YES;
}
/**
* Sign the message in @a purpose with the mint's signing
* key.
*
* @param purpose the message to sign
* @param[OUT] sig signature over purpose using current signing key
*/
void
TALER_MINT_keys_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
struct GNUNET_CRYPTO_EddsaSignature *sig)
{
struct MintKeyState *key_state;
key_state = TALER_MINT_key_state_acquire ();
GNUNET_assert (GNUNET_OK ==
GNUNET_CRYPTO_eddsa_sign (&key_state->current_sign_key_issue.signkey_priv,
purpose,
sig));
TALER_MINT_key_state_release (key_state);
}
/* end of taler-mint-httpd_keys.c */
|
