exchange

Base system with REST service to issue digital coins, run by the payment service provider
Log | Files | Refs | Submodules | README | LICENSE

secmod_signatures.c (7944B)

      1 /*
      2   This file is part of TALER
      3   Copyright (C) 2020, 2021 Taler Systems SA
      4 
      5   TALER is free software; you can redistribute it and/or modify it under the
      6   terms of the GNU General Public License as published by the Free Software
      7   Foundation; either version 3, or (at your option) any later version.
      8 
      9   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
     10   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
     11   A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
     12 
     13   You should have received a copy of the GNU General Public License along with
     14   TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
     15 */
     16 /**
     17  * @file secmod_signatures.c
     18  * @brief Utility functions for Taler security module signatures
     19  * @author Christian Grothoff
     20  */
     21 #include "taler/platform.h"
     22 #include "taler/taler_util.h"
     23 #include "taler/taler_signatures.h"
     24 
     25 
     26 /**
     27  * @brief format used by the signing crypto helper when affirming
     28  *        that it created an exchange signing key.
     29  */
     30 struct TALER_SigningKeyAnnouncementPS
     31 {
     32 
     33   /**
     34    * Purpose must be #TALER_SIGNATURE_SM_SIGNING_KEY.
     35    * Used with an EdDSA signature of a `struct TALER_SecurityModulePublicKeyP`.
     36    */
     37   struct GNUNET_CRYPTO_SignaturePurpose purpose;
     38 
     39   /**
     40    * Public signing key of the exchange this is about.
     41    */
     42   struct TALER_ExchangePublicKeyP exchange_pub;
     43 
     44   /**
     45    * When does the key become available?
     46    */
     47   struct GNUNET_TIME_TimestampNBO anchor_time;
     48 
     49   /**
     50    * How long is the key available after @e anchor_time?
     51    */
     52   struct GNUNET_TIME_RelativeNBO duration;
     53 
     54 };
     55 
     56 
     57 void
     58 TALER_exchange_secmod_eddsa_sign (
     59   const struct TALER_ExchangePublicKeyP *exchange_pub,
     60   struct GNUNET_TIME_Timestamp start_sign,
     61   struct GNUNET_TIME_Relative duration,
     62   const struct TALER_SecurityModulePrivateKeyP *secm_priv,
     63   struct TALER_SecurityModuleSignatureP *secm_sig)
     64 {
     65   struct TALER_SigningKeyAnnouncementPS ska = {
     66     .purpose.purpose = htonl (TALER_SIGNATURE_SM_SIGNING_KEY),
     67     .purpose.size = htonl (sizeof (ska)),
     68     .exchange_pub = *exchange_pub,
     69     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
     70     .duration = GNUNET_TIME_relative_hton (duration)
     71   };
     72 
     73   GNUNET_CRYPTO_eddsa_sign (&secm_priv->eddsa_priv,
     74                             &ska,
     75                             &secm_sig->eddsa_signature);
     76 }
     77 
     78 
     79 enum GNUNET_GenericReturnValue
     80 TALER_exchange_secmod_eddsa_verify (
     81   const struct TALER_ExchangePublicKeyP *exchange_pub,
     82   struct GNUNET_TIME_Timestamp start_sign,
     83   struct GNUNET_TIME_Relative duration,
     84   const struct TALER_SecurityModulePublicKeyP *secm_pub,
     85   const struct TALER_SecurityModuleSignatureP *secm_sig)
     86 {
     87   struct TALER_SigningKeyAnnouncementPS ska = {
     88     .purpose.purpose = htonl (TALER_SIGNATURE_SM_SIGNING_KEY),
     89     .purpose.size = htonl (sizeof (ska)),
     90     .exchange_pub = *exchange_pub,
     91     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
     92     .duration = GNUNET_TIME_relative_hton (duration)
     93   };
     94 
     95   return
     96     GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_SM_SIGNING_KEY,
     97                                 &ska,
     98                                 &secm_sig->eddsa_signature,
     99                                 &secm_pub->eddsa_pub);
    100 }
    101 
    102 
    103 /**
    104  * @brief format used by the denomination crypto helper when affirming
    105  *        that it created a denomination key.
    106  */
    107 struct TALER_DenominationKeyAnnouncementPS
    108 {
    109 
    110   /**
    111    * Purpose must be #TALER_SIGNATURE_SM_RSA_DENOMINATION_KEY.
    112    * Used with an EdDSA signature of a `struct TALER_SecurityModulePublicKeyP`.
    113    */
    114   struct GNUNET_CRYPTO_SignaturePurpose purpose;
    115 
    116   /**
    117    * Hash of the denomination public key.
    118    */
    119   struct TALER_DenominationHashP h_denom;
    120 
    121   /**
    122    * Hash of the section name in the configuration of this denomination.
    123    */
    124   struct GNUNET_HashCode h_section_name;
    125 
    126   /**
    127    * When does the key become available?
    128    */
    129   struct GNUNET_TIME_TimestampNBO anchor_time;
    130 
    131   /**
    132    * How long is the key available after @e anchor_time?
    133    */
    134   struct GNUNET_TIME_RelativeNBO duration_withdraw;
    135 
    136 };
    137 
    138 void
    139 TALER_exchange_secmod_rsa_sign (
    140   const struct TALER_RsaPubHashP *h_rsa,
    141   const char *section_name,
    142   struct GNUNET_TIME_Timestamp start_sign,
    143   struct GNUNET_TIME_Relative duration,
    144   const struct TALER_SecurityModulePrivateKeyP *secm_priv,
    145   struct TALER_SecurityModuleSignatureP *secm_sig)
    146 {
    147   struct TALER_DenominationKeyAnnouncementPS dka = {
    148     .purpose.purpose = htonl (TALER_SIGNATURE_SM_RSA_DENOMINATION_KEY),
    149     .purpose.size = htonl (sizeof (dka)),
    150     .h_denom.hash = h_rsa->hash,
    151     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
    152     .duration_withdraw = GNUNET_TIME_relative_hton (duration)
    153   };
    154 
    155   GNUNET_CRYPTO_hash (section_name,
    156                       strlen (section_name) + 1,
    157                       &dka.h_section_name);
    158   GNUNET_CRYPTO_eddsa_sign (&secm_priv->eddsa_priv,
    159                             &dka,
    160                             &secm_sig->eddsa_signature);
    161 
    162 }
    163 
    164 
    165 enum GNUNET_GenericReturnValue
    166 TALER_exchange_secmod_rsa_verify (
    167   const struct TALER_RsaPubHashP *h_rsa,
    168   const char *section_name,
    169   struct GNUNET_TIME_Timestamp start_sign,
    170   struct GNUNET_TIME_Relative duration,
    171   const struct TALER_SecurityModulePublicKeyP *secm_pub,
    172   const struct TALER_SecurityModuleSignatureP *secm_sig)
    173 {
    174   struct TALER_DenominationKeyAnnouncementPS dka = {
    175     .purpose.purpose = htonl (TALER_SIGNATURE_SM_RSA_DENOMINATION_KEY),
    176     .purpose.size = htonl (sizeof (dka)),
    177     .h_denom.hash = h_rsa->hash,
    178     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
    179     .duration_withdraw = GNUNET_TIME_relative_hton (duration)
    180   };
    181 
    182   GNUNET_CRYPTO_hash (section_name,
    183                       strlen (section_name) + 1,
    184                       &dka.h_section_name);
    185   return
    186     GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_SM_RSA_DENOMINATION_KEY,
    187                                 &dka,
    188                                 &secm_sig->eddsa_signature,
    189                                 &secm_pub->eddsa_pub);
    190 }
    191 
    192 
    193 void
    194 TALER_exchange_secmod_cs_sign (
    195   const struct TALER_CsPubHashP *h_cs,
    196   const char *section_name,
    197   struct GNUNET_TIME_Timestamp start_sign,
    198   struct GNUNET_TIME_Relative duration,
    199   const struct TALER_SecurityModulePrivateKeyP *secm_priv,
    200   struct TALER_SecurityModuleSignatureP *secm_sig)
    201 {
    202   struct TALER_DenominationKeyAnnouncementPS dka = {
    203     .purpose.purpose = htonl (TALER_SIGNATURE_SM_CS_DENOMINATION_KEY),
    204     .purpose.size = htonl (sizeof (dka)),
    205     .h_denom.hash = h_cs->hash,
    206     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
    207     .duration_withdraw = GNUNET_TIME_relative_hton (duration)
    208   };
    209 
    210   GNUNET_CRYPTO_hash (section_name,
    211                       strlen (section_name) + 1,
    212                       &dka.h_section_name);
    213   GNUNET_CRYPTO_eddsa_sign (&secm_priv->eddsa_priv,
    214                             &dka,
    215                             &secm_sig->eddsa_signature);
    216 
    217 }
    218 
    219 
    220 enum GNUNET_GenericReturnValue
    221 TALER_exchange_secmod_cs_verify (
    222   const struct TALER_CsPubHashP *h_cs,
    223   const char *section_name,
    224   struct GNUNET_TIME_Timestamp start_sign,
    225   struct GNUNET_TIME_Relative duration,
    226   const struct TALER_SecurityModulePublicKeyP *secm_pub,
    227   const struct TALER_SecurityModuleSignatureP *secm_sig)
    228 {
    229   struct TALER_DenominationKeyAnnouncementPS dka = {
    230     .purpose.purpose = htonl (TALER_SIGNATURE_SM_CS_DENOMINATION_KEY),
    231     .purpose.size = htonl (sizeof (dka)),
    232     .h_denom.hash = h_cs->hash,
    233     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
    234     .duration_withdraw = GNUNET_TIME_relative_hton (duration)
    235   };
    236 
    237   GNUNET_CRYPTO_hash (section_name,
    238                       strlen (section_name) + 1,
    239                       &dka.h_section_name);
    240   return
    241     GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_SM_CS_DENOMINATION_KEY,
    242                                 &dka,
    243                                 &secm_sig->eddsa_signature,
    244                                 &secm_pub->eddsa_pub);
    245 }
    246 
    247 
    248 /* end of secmod_signatures.c */