commit 193d93545ee3cebef77e55deabd5931a4bc49706
parent bad14bd70143aaa680bde62fa97e5f941e6284a2
Author: Iván Ávalos <avalos@disroot.org>
Date: Mon, 30 Jun 2025 20:33:01 +0200
wallet-core: rsaVerify via wex.cryptoApi
Diffstat:
2 files changed, 12 insertions(+), 44 deletions(-)
diff --git a/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts b/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts
@@ -182,10 +182,6 @@ export interface TalerCryptoInterface {
req: PaymentSignatureValidationRequest,
): Promise<ValidationResult>;
- isValidTokenIssueSignature(
- req: TokenSignatureValidationRequest,
- ): Promise<ValidationResult>;
-
isValidWireFee(req: WireFeeValidationRequest): Promise<ValidationResult>;
isValidGlobalFees(
@@ -359,11 +355,6 @@ export const nullCrypto: TalerCryptoInterface = {
): Promise<ValidationResult> {
throw new Error("Function not implemented.");
},
- isValidTokenIssueSignature: function (
- req: TokenSignatureValidationRequest,
- ): Promise<ValidationResult> {
- throw new Error("Function not implemented.");
- },
isValidWireFee: function (
req: WireFeeValidationRequest,
): Promise<ValidationResult> {
@@ -710,12 +701,6 @@ export interface PaymentSignatureValidationRequest {
merchantPub: string;
}
-export interface TokenSignatureValidationRequest {
- tokenUsePub: string;
- tokenIssuePub: TokenIssuePublicKey;
- sig: UnblindedDenominationSignature;
-}
-
export interface ContractTermsValidationRequest {
contractTermsHash: string;
sig: string;
@@ -1189,30 +1174,6 @@ export const nativeCryptoR: TalerCryptoInterfaceR = {
},
/**
- * Check if a token issue signature is valid.
- */
- async isValidTokenIssueSignature(
- tci: TalerCryptoInterfaceR,
- req: TokenSignatureValidationRequest,
- ): Promise<ValidationResult> {
- if (req.sig.cipher !== req.tokenIssuePub.cipher) {
- throw Error(`token issue signature mismatch`);
- }
-
- if (req.sig.cipher === DenomKeyType.Rsa) {
- const { valid } = await tci.rsaVerify(tci, {
- hm: req.tokenUsePub,
- pk: req.tokenIssuePub.rsa_pub,
- sig: req.sig.rsa_signature,
- });
-
- return { valid };
- }
-
- throw Error(`verification for ${req.sig.cipher} signature not implemented`);
- },
-
- /**
* Check if a wire fee is correctly signed.
*/
async isValidWireFee(
diff --git a/packages/taler-wallet-core/src/pay-merchant.ts b/packages/taler-wallet-core/src/pay-merchant.ts
@@ -49,6 +49,7 @@ import {
ConfirmPayResult,
ConfirmPayResultType,
ContractTermsUtil,
+ DenomKeyType,
Duration,
encodeCrock,
ForcedCoinSel,
@@ -3425,11 +3426,17 @@ export async function validateAndStoreToken(
evSig: blindedEv.blind_sig,
});
- const { valid } = await wex.cryptoApi.isValidTokenIssueSignature({
- sig: tokenIssueSig,
- tokenUsePub,
- tokenIssuePub,
- });
+ if (tokenIssueSig.cipher !== tokenIssuePub.cipher)
+ throw Error("token issue signature mismatch");
+
+ if (!(tokenIssuePub.cipher === DenomKeyType.Rsa))
+ throw Error("unsupported cipher");
+
+ const valid = await wex.cryptoApi.rsaVerify({
+ hm: tokenUsePub,
+ pk: tokenIssuePub.rsa_pub,
+ sig: tokenIssueSig.rsa_signature,
+ })
if (!valid) {
logger.error("token issue signature invalid");
