aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2021-10-09 16:11:04 +0200
committerChristian Grothoff <christian@grothoff.org>2021-10-09 16:11:04 +0200
commitd8922f82e5f6853c35a8a282e51471da908bdacf (patch)
tree191edb2430ea64987258dfd423051b4ae1db6c22
parent676ccdc06589d4af329d016c04d79d71697092d1 (diff)
-introduce 'struct TALER_WireSalt'
-rw-r--r--src/include/taler_crypto_lib.h20
-rw-r--r--src/json/json_wire.c21
-rw-r--r--src/util/crypto_wire.c28
3 files changed, 52 insertions, 17 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 71579170a..0284fc55b 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -359,6 +359,20 @@ struct TALER_ClaimTokenP
};
+/**
+ * Salt used to hash a merchant's payto:// URI to
+ * compute the "h_wire" (say for deposit requests).
+ */
+struct TALER_WireSalt
+{
+ /**
+ * Actual salt value.
+ * FIXME: #7032: change to 16 byte value!
+ */
+ struct GNUNET_HashCode data;
+};
+
+
GNUNET_NETWORK_STRUCT_END
@@ -1658,7 +1672,7 @@ TALER_exchange_wire_signature_make (
*/
void
TALER_merchant_wire_signature_hash (const char *payto_uri,
- const char *salt,
+ const struct TALER_WireSalt *salt,
struct GNUNET_HashCode *hc);
@@ -1674,7 +1688,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri,
enum GNUNET_GenericReturnValue
TALER_merchant_wire_signature_check (
const char *payto_uri,
- const char *salt,
+ const struct TALER_WireSalt *salt,
const struct TALER_MerchantPublicKeyP *merch_pub,
const struct TALER_MerchantSignatureP *merch_sig);
@@ -1690,7 +1704,7 @@ TALER_merchant_wire_signature_check (
void
TALER_merchant_wire_signature_make (
const char *payto_uri,
- const char *salt,
+ const struct TALER_WireSalt *salt,
const struct TALER_MerchantPrivateKeyP *merch_priv,
struct TALER_MerchantSignatureP *merch_sig);
diff --git a/src/json/json_wire.c b/src/json/json_wire.c
index e8620728a..7ec21da65 100644
--- a/src/json/json_wire.c
+++ b/src/json/json_wire.c
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- Copyright (C) 2018 Taler Systems SA
+ Copyright (C) 2018, 2021 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
@@ -37,13 +37,12 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,
struct GNUNET_HashCode *hc)
{
const char *payto_uri;
- const char *salt;
- /* Current merchant backend will always make the salt
- a `struct GNUNET_HashCode`, but *we* do not insist
- on that. */
+ struct TALER_WireSalt salt;
struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_string ("payto_uri", &payto_uri),
- GNUNET_JSON_spec_string ("salt", &salt),
+ GNUNET_JSON_spec_string ("payto_uri",
+ &payto_uri),
+ GNUNET_JSON_spec_fixed_auto ("salt",
+ &salt),
GNUNET_JSON_spec_end ()
};
@@ -73,7 +72,7 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,
}
}
TALER_merchant_wire_signature_hash (payto_uri,
- salt,
+ &salt,
hc);
return GNUNET_OK;
}
@@ -95,8 +94,10 @@ TALER_JSON_exchange_wire_signature_check (
const char *payto_uri;
struct TALER_MasterSignatureP master_sig;
struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_string ("payto_uri", &payto_uri),
- GNUNET_JSON_spec_fixed_auto ("master_sig", &master_sig),
+ GNUNET_JSON_spec_string ("payto_uri",
+ &payto_uri),
+ GNUNET_JSON_spec_fixed_auto ("master_sig",
+ &master_sig),
GNUNET_JSON_spec_end ()
};
diff --git a/src/util/crypto_wire.c b/src/util/crypto_wire.c
index 0d31720a7..ee3215ca6 100644
--- a/src/util/crypto_wire.c
+++ b/src/util/crypto_wire.c
@@ -110,19 +110,39 @@ TALER_exchange_wire_signature_make (
*/
void
TALER_merchant_wire_signature_hash (const char *payto_uri,
- const char *salt,
+ const struct TALER_WireSalt *salt,
struct GNUNET_HashCode *hc)
{
+#if FIXED_7032
+ /* new logic to use once #7032 is being addressed */
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_kdf (hc,
sizeof (*hc),
salt,
- strlen (salt) + 1,
+ sizeof (*salt),
payto_uri,
strlen (payto_uri) + 1,
"merchant-wire-signature",
strlen ("merchant-wire-signature"),
NULL, 0));
+#else
+ /* compatibility logic to avoid protocol breakage... */
+ char *sstr;
+
+ sstr = GNUNET_STRINGS_data_to_string_alloc (salt,
+ sizeof (*salt));
+ GNUNET_assert (GNUNET_YES ==
+ GNUNET_CRYPTO_kdf (hc,
+ sizeof (*hc),
+ sstr,
+ strlen (sstr) + 1,
+ payto_uri,
+ strlen (payto_uri) + 1,
+ "merchant-wire-signature",
+ strlen ("merchant-wire-signature"),
+ NULL, 0));
+ GNUNET_free (sstr);
+#endif
}
@@ -146,7 +166,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri,
enum GNUNET_GenericReturnValue
TALER_merchant_wire_signature_check (
const char *payto_uri,
- const char *salt,
+ const struct TALER_WireSalt *salt,
const struct TALER_MerchantPublicKeyP *merch_pub,
const struct TALER_MerchantSignatureP *merch_sig)
{
@@ -176,7 +196,7 @@ TALER_merchant_wire_signature_check (
void
TALER_merchant_wire_signature_make (
const char *payto_uri,
- const char *salt,
+ const struct TALER_WireSalt *salt,
const struct TALER_MerchantPrivateKeyP *merch_priv,
struct TALER_MerchantSignatureP *merch_sig)
{