diff options
author | Gian Demarmels <gian@demarmels.org> | 2022-01-01 12:41:49 +0100 |
---|---|---|
committer | Gian Demarmels <gian@demarmels.org> | 2022-02-04 15:33:11 +0100 |
commit | f239b01be196f5ce64fdd9f0a6f42a11077c33c6 (patch) | |
tree | 22acb0363bf4e34c37cac8aea8ac0e3ced91ddcb /src/include | |
parent | fbb6d03f69e829b4ffbb4cc13e678cb0585c67c7 (diff) |
secmod cs signatures implementation
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/taler_crypto_lib.h | 55 | ||||
-rw-r--r-- | src/include/taler_signatures.h | 7 |
2 files changed, 61 insertions, 1 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index bf82b8f0e..ff145cc41 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -409,6 +409,20 @@ struct TALER_WireSalt /** + * Hash used to represent an CS public key. Does not include age + * restrictions and is ONLY for CS. Used ONLY for interactions with the CS + * security module. + */ +struct TALER_CsPubHashP +{ + /** + * Actual hash value. + */ + struct GNUNET_HashCode hash; +}; + + +/** * Hash used to represent an RSA public key. Does not include age * restrictions and is ONLY for RSA. Used ONLY for interactions with the RSA * security module. @@ -2449,6 +2463,47 @@ TALER_exchange_secmod_rsa_verify ( /** + * Create security module denomination signature. + * + * @param h_cs hash of the CS public key to sign + * @param section_name name of the section in the configuration + * @param start_sign starting point of validity for signing + * @param duration how long will the key be in use + * @param secm_priv security module key to sign with + * @param[out] secm_sig where to write the signature + */ +void +TALER_exchange_secmod_cs_sign ( + const struct TALER_CsPubHashP *h_cs, + const char *section_name, + struct GNUNET_TIME_Timestamp start_sign, + struct GNUNET_TIME_Relative duration, + const struct TALER_SecurityModulePrivateKeyP *secm_priv, + struct TALER_SecurityModuleSignatureP *secm_sig); + + +/** + * Verify security module denomination signature. + * + * @param h_cs hash of the public key to validate + * @param section_name name of the section in the configuration + * @param start_sign starting point of validity for signing + * @param duration how long will the key be in use + * @param secm_pub public key to verify against + * @param secm_sig the signature the signature + * @return #GNUNET_OK if the signature is valid + */ +enum GNUNET_GenericReturnValue +TALER_exchange_secmod_cs_verify ( + const struct TALER_CsPubHashP *h_cs, + const char *section_name, + struct GNUNET_TIME_Timestamp start_sign, + struct GNUNET_TIME_Relative duration, + const struct TALER_SecurityModulePublicKeyP *secm_pub, + const struct TALER_SecurityModuleSignatureP *secm_sig); + + +/** * Create denomination key validity signature by the auditor. * * @param auditor_url BASE URL of the auditor's API diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 3ad1121ca..3c31a4b60 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -287,6 +287,11 @@ */ #define TALER_SIGNATURE_SM_SIGNING_KEY 1251 +/** + * Signature on a denomination key announcement. + */ +#define TALER_SIGNATURE_SM_CS_DENOMINATION_KEY 1252 + /*******************/ /* Test signatures */ /*******************/ @@ -341,7 +346,7 @@ struct TALER_DenominationKeyAnnouncementPS /** * Hash of the denomination public key. */ - struct TALER_RsaPubHashP h_rsa; + struct TALER_DenominationHash h_denom; /** * Hash of the section name in the configuration of this denomination. |