commit 98e11606174207c946d69c4a3945eebde5b393e4
parent 3b6d3d4f61c633945c293f7b3e7b0a51d796ec94
Author: Christian Grothoff <christian@grothoff.org>
Date: Wed, 10 Apr 2024 12:57:49 +0200
unify how we hash the blind signing keys
Diffstat:
2 files changed, 44 insertions(+), 47 deletions(-)
diff --git a/src/donau/donau-httpd_post-batch-issue.c b/src/donau/donau-httpd_post-batch-issue.c
@@ -46,10 +46,6 @@ struct IssueReceiptsContext
uint64_t year;
};
-/**
- * insert failure because of a bad issued receipt lookup? Try another time...
- */
-bool second_time = false;
/**
* Parse a bkp encoded in JSON.
@@ -93,7 +89,7 @@ parse_json_bkp (struct DONAU_BlindedUniqueDonationIdentifierKeyPair *bkp,
* @return #GNUNET_OK if all is fine, #GNUNET_SYSERR if we could not parse
* is malformed.
*/
-void
+static void
signatures_to_JSON (const size_t num_sig,
struct DONAU_BlindedDonationUnitSignature*signatures,
json_t *j_signatures)
@@ -116,12 +112,13 @@ DH_handler_issue_receipts_post (struct DH_RequestContext *rc,
const json_t *root,
const char *const args[1])
{
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "issue receipts request! \n");
-
+ bool second_time = false;
unsigned long long charity_id;
char dummy;
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "issue receipts request! \n");
+
if ( (NULL == args[0]) ||
(1 != sscanf (args[0],
"%llu%c",
@@ -180,10 +177,12 @@ DH_handler_issue_receipts_post (struct DH_RequestContext *rc,
= GNUNET_new_array
(num_bkp,
struct DONAU_BlindedUniqueDonationIdentifierKeyPair);
- json_array_foreach (budikeypairs, index, bkp_obj) {
+ json_array_foreach (budikeypairs, index, bkp_obj)
+ {
if (GNUNET_SYSERR ==
parse_json_bkp (&bkp[index], bkp_obj))
{
+ GNUNET_break_op (0);
return TALER_MHD_reply_with_error (rc->connection,
MHD_HTTP_BAD_REQUEST,
TALER_EC_GENERIC_PARAMETER_MALFORMED,
@@ -236,7 +235,8 @@ DH_handler_issue_receipts_post (struct DH_RequestContext *rc,
/* verify charity signature */
// FIXME
if (GNUNET_OK !=
- DONAU_charity_budi_key_pair_verify (num_bkp, irc.bkp,
+ DONAU_charity_budi_key_pair_verify (num_bkp,
+ irc.bkp,
&charity_meta.charity_pub,
&irc.charity_sig))
{
@@ -260,23 +260,30 @@ DH_handler_issue_receipts_post (struct DH_RequestContext *rc,
for (size_t i = 0; i < num_bkp; i++)
{
struct GNUNET_HashCode temp_hash;
+
GNUNET_CRYPTO_hash (&irc.bkp[i].blinded_udi,
sizeof (irc.bkp[0].blinded_udi),
&temp_hash);
- GNUNET_CRYPTO_hash_xor (&h_receipts.hash, &temp_hash, &h_receipts.hash);
+ GNUNET_CRYPTO_hash_xor (&h_receipts.hash,
+ &temp_hash,
+ &h_receipts.hash);
GNUNET_CRYPTO_hash_xor (&h_receipts.hash,
&irc.bkp[i].h_donation_unit_pub.hash,
&h_receipts.hash);
}
{
struct GNUNET_HashCode sig_hash;
+
GNUNET_CRYPTO_hash (&irc.charity_sig,
sizeof (struct DONAU_CharitySignatureP),
&sig_hash);
- GNUNET_CRYPTO_hash_xor (&h_receipts.hash, &sig_hash, &h_receipts.hash);
+ GNUNET_CRYPTO_hash_xor (&h_receipts.hash,
+ &sig_hash,
+ &h_receipts.hash);
}
start:
qs_check_receipts = DH_plugin->lookup_issued_receipts (DH_plugin->cls,
+ /* FIXME: & */
h_receipts,
&check_receipts_meta);
switch (qs_check_receipts)
@@ -304,24 +311,30 @@ start:
blind_signatures));
}
/* calculate new receipts to date and check annual limit */
- struct TALER_Amount receipts_sum = {0};
+ struct TALER_Amount receipts_sum;
+
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_set_zero (DH_currency,
+ &receipts_sum));
for (size_t i = 0; i < num_bkp; i++)
{
MHD_RESULT mret;
struct DH_DonationUnitKey *dk;
+
// FIXME always public key not found
- // if (NULL == (dk = DH_keys_donation_unit_by_hash (&irc.bkp[i].h_donation_unit_pub,
- // rc->connection,
- // &mret)))
- // return mret;
- if (GNUNET_OK != TALER_check_currency (receipts_sum.currency))
- GNUNET_memcpy (receipts_sum.currency, dk->value.currency, sizeof(char)
- * TALER_CURRENCY_LEN);
- GNUNET_assert (0 <= TALER_amount_add (&receipts_sum, &receipts_sum,
+ if (NULL == (dk = DH_keys_donation_unit_by_hash (
+ &irc.bkp[i].h_donation_unit_pub,
+ rc->connection,
+ &mret)))
+ return mret;
+ GNUNET_assert (0 <= TALER_amount_add (&receipts_sum,
+ &receipts_sum,
&dk->value));
}
struct TALER_Amount new_receipts_to_date;
- TALER_amount_add (&new_receipts_to_date, &receipts_sum,
+
+ TALER_amount_add (&new_receipts_to_date,
+ &receipts_sum,
&charity_meta.receipts_to_date);
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"new_receipts_to_date: %lu, receipts_sum: %lu, charity_max_per_year: %lu\n",
diff --git a/src/util/donau_crypto.c b/src/util/donau_crypto.c
@@ -104,39 +104,23 @@ DONAU_donation_unit_pub_hash (
{
struct GNUNET_CRYPTO_BlindSignPublicKey *bsp
= donation_unit_pub->bsign_pub_key;
- uint32_t opt[1] = {
- htonl ((uint32_t) bsp->cipher)
- };
- struct GNUNET_HashContext *hc;
- hc = GNUNET_CRYPTO_hash_context_start ();
- GNUNET_CRYPTO_hash_context_read (hc,
- opt,
- sizeof (opt));
switch (bsp->cipher)
{
case GNUNET_CRYPTO_BSA_RSA:
- {
- void *buf;
- size_t blen;
-
- blen = GNUNET_CRYPTO_rsa_public_key_encode (
- bsp->details.rsa_public_key,
- &buf);
- GNUNET_CRYPTO_hash_context_read (hc,
- buf,
- blen);
- GNUNET_free (buf);
- }
+ /* Important: this MUST match the way the RSA-secmod does the
+ hashing of the public keys (see donau-httpd_keys.c) */
+ GNUNET_CRYPTO_rsa_public_key_hash (bsp->details.rsa_public_key,
+ &donation_unit_hash->hash);
break;
case GNUNET_CRYPTO_BSA_CS:
- GNUNET_CRYPTO_hash_context_read (hc,
- &bsp->details.cs_public_key,
- sizeof(bsp->details.cs_public_key));
+ /* Important: this MUST match the way the CS-secmod does the
+ hashing of the public keys (see donau-httpd_keys.c) */
+ GNUNET_CRYPTO_hash (&bsp->details.cs_public_key,
+ sizeof(bsp->details.cs_public_key),
+ &donation_unit_hash->hash);
break;
default:
GNUNET_assert (0);
}
- GNUNET_CRYPTO_hash_context_finish (hc,
- &donation_unit_hash->hash);
}
