diff options
| author | Christian Grothoff <christian@grothoff.org> | 2022-02-12 01:00:31 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2022-02-12 01:00:31 +0100 |
| commit | c93150b8cd8122821216c8ca4c92eaff73d3ae47 (patch) | |
| tree | 9352b5e98f4423734fa656c2084307eeeb19d23f | |
| parent | 94a5359494bcc24916c9f7f8323ace4643bc0065 (diff) | |
-work on more FIXMEs
| -rw-r--r-- | src/include/taler_crypto_lib.h | 17 | ||||
| -rw-r--r-- | src/lib/exchange_api_melt.c | 31 | ||||
| -rw-r--r-- | src/util/exchange_signatures.c | 24 |
3 files changed, 51 insertions, 21 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 6f64de2ea..3a4278298 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -2331,6 +2331,23 @@ TALER_wallet_withdraw_verify ( /** + * Verify exchange melt confirmation. + * + * @param rc refresh session this is about + * @param noreveal_index gamma value chosen by the exchange + * @param exchange_pub public signing key used + * @param exchange_sig signature to check + * @return #GNUNET_OK if the signature is valid + */ +enum GNUNET_GenericReturnValue +TALER_exchange_melt_confirmation_verify ( + const struct TALER_RefreshCommitmentP *rc, + uint32_t noreveal_index, + const struct TALER_ExchangePublicKeyP *exchange_pub, + const struct TALER_ExchangeSignatureP *exchange_sig); + + +/** * Verify recoup signature. * * @param h_denom_pub hash of the denomiantion public key of the coin diff --git a/src/lib/exchange_api_melt.c b/src/lib/exchange_api_melt.c index eec2d0a53..828e1ca1f 100644 --- a/src/lib/exchange_api_melt.c +++ b/src/lib/exchange_api_melt.c @@ -78,7 +78,7 @@ struct TALER_EXCHANGE_MeltHandle /** * The secret the entire melt operation is seeded from. */ - const struct TALER_RefreshMasterSecretP *rms; + struct TALER_RefreshMasterSecretP rms; /** * Details about the characteristics of the requested melt operation. @@ -171,24 +171,15 @@ verify_melt_signature_ok (struct TALER_EXCHANGE_MeltHandle *mh, return GNUNET_SYSERR; } - /* verify signature by exchange -- FIXME: move to util! */ + if (GNUNET_OK != + TALER_exchange_melt_confirmation_verify ( + &mh->md.rc, + mh->noreveal_index, + exchange_pub, + &exchange_sig)) { - struct TALER_RefreshMeltConfirmationPS confirm = { - .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_MELT), - .purpose.size = htonl (sizeof (confirm)), - .rc = mh->md.rc, - .noreveal_index = htonl (mh->noreveal_index) - }; - - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_MELT, - &confirm, - &exchange_sig.eddsa_signature, - &exchange_pub->eddsa_pub)) - { - GNUNET_break_op (0); - return GNUNET_SYSERR; - } + GNUNET_break_op (0); + return GNUNET_SYSERR; } return GNUNET_OK; } @@ -490,7 +481,7 @@ start_melt (struct TALER_EXCHANGE_MeltHandle *mh) struct TALER_DenominationHash h_denom_pub; if (GNUNET_OK != - TALER_EXCHANGE_get_melt_data_ (mh->rms, + TALER_EXCHANGE_get_melt_data_ (&mh->rms, mh->rd, mh->alg_values, &mh->md)) @@ -657,7 +648,7 @@ TALER_EXCHANGE_melt (struct TALER_EXCHANGE_Handle *exchange, mh->noreveal_index = TALER_CNC_KAPPA; /* invalid value */ mh->exchange = exchange; mh->rd = rd; - mh->rms = rms; /* FIXME: deep copy might be safer... */ + mh->rms = *rms; mh->melt_cb = melt_cb; mh->melt_cb_cls = melt_cb_cls; mh->alg_values = GNUNET_new_array (rd->fresh_pks_len, diff --git a/src/util/exchange_signatures.c b/src/util/exchange_signatures.c index b923c29de..c0c775dc0 100644 --- a/src/util/exchange_signatures.c +++ b/src/util/exchange_signatures.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2021 Taler Systems SA + Copyright (C) 2021, 2022 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software @@ -66,4 +66,26 @@ TALER_exchange_deposit_confirm_verify ( } +enum GNUNET_GenericReturnValue +TALER_exchange_melt_confirmation_verify ( + const struct TALER_RefreshCommitmentP *rc, + uint32_t noreveal_index, + const struct TALER_ExchangePublicKeyP *exchange_pub, + const struct TALER_ExchangeSignatureP *exchange_sig) +{ + struct TALER_RefreshMeltConfirmationPS confirm = { + .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_MELT), + .purpose.size = htonl (sizeof (confirm)), + .rc = *rc, + .noreveal_index = htonl (noreveal_index) + }; + + return + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_MELT, + &confirm, + &exchange_sig->eddsa_signature, + &exchange_pub->eddsa_pub); +} + + /* end of exchange_signatures.c */ |