aboutsummaryrefslogtreecommitdiff
path: root/src/include
diff options
context:
space:
mode:
authorGian Demarmels <gian@demarmels.org>2022-01-01 12:41:49 +0100
committerGian Demarmels <gian@demarmels.org>2022-02-04 15:33:11 +0100
commitf239b01be196f5ce64fdd9f0a6f42a11077c33c6 (patch)
tree22acb0363bf4e34c37cac8aea8ac0e3ced91ddcb /src/include
parentfbb6d03f69e829b4ffbb4cc13e678cb0585c67c7 (diff)
secmod cs signatures implementation
Diffstat (limited to 'src/include')
-rw-r--r--src/include/taler_crypto_lib.h55
-rw-r--r--src/include/taler_signatures.h7
2 files changed, 61 insertions, 1 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index bf82b8f0e..ff145cc41 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -409,6 +409,20 @@ struct TALER_WireSalt
/**
+ * Hash used to represent an CS public key. Does not include age
+ * restrictions and is ONLY for CS. Used ONLY for interactions with the CS
+ * security module.
+ */
+struct TALER_CsPubHashP
+{
+ /**
+ * Actual hash value.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
* Hash used to represent an RSA public key. Does not include age
* restrictions and is ONLY for RSA. Used ONLY for interactions with the RSA
* security module.
@@ -2449,6 +2463,47 @@ TALER_exchange_secmod_rsa_verify (
/**
+ * Create security module denomination signature.
+ *
+ * @param h_cs hash of the CS public key to sign
+ * @param section_name name of the section in the configuration
+ * @param start_sign starting point of validity for signing
+ * @param duration how long will the key be in use
+ * @param secm_priv security module key to sign with
+ * @param[out] secm_sig where to write the signature
+ */
+void
+TALER_exchange_secmod_cs_sign (
+ const struct TALER_CsPubHashP *h_cs,
+ const char *section_name,
+ struct GNUNET_TIME_Timestamp start_sign,
+ struct GNUNET_TIME_Relative duration,
+ const struct TALER_SecurityModulePrivateKeyP *secm_priv,
+ struct TALER_SecurityModuleSignatureP *secm_sig);
+
+
+/**
+ * Verify security module denomination signature.
+ *
+ * @param h_cs hash of the public key to validate
+ * @param section_name name of the section in the configuration
+ * @param start_sign starting point of validity for signing
+ * @param duration how long will the key be in use
+ * @param secm_pub public key to verify against
+ * @param secm_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_secmod_cs_verify (
+ const struct TALER_CsPubHashP *h_cs,
+ const char *section_name,
+ struct GNUNET_TIME_Timestamp start_sign,
+ struct GNUNET_TIME_Relative duration,
+ const struct TALER_SecurityModulePublicKeyP *secm_pub,
+ const struct TALER_SecurityModuleSignatureP *secm_sig);
+
+
+/**
* Create denomination key validity signature by the auditor.
*
* @param auditor_url BASE URL of the auditor's API
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index 3ad1121ca..3c31a4b60 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -287,6 +287,11 @@
*/
#define TALER_SIGNATURE_SM_SIGNING_KEY 1251
+/**
+ * Signature on a denomination key announcement.
+ */
+#define TALER_SIGNATURE_SM_CS_DENOMINATION_KEY 1252
+
/*******************/
/* Test signatures */
/*******************/
@@ -341,7 +346,7 @@ struct TALER_DenominationKeyAnnouncementPS
/**
* Hash of the denomination public key.
*/
- struct TALER_RsaPubHashP h_rsa;
+ struct TALER_DenominationHash h_denom;
/**
* Hash of the section name in the configuration of this denomination.