diff options
| author | Christian Grothoff <christian@grothoff.org> | 2015-05-16 14:15:34 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2015-05-16 14:15:34 +0200 |
| commit | f4a59d1cccd058b3180ea23ed9fdea69cb2129b8 (patch) | |
| tree | ad732a3b92fcd74f5c1295ceee5c06e3a63b3206 /src/mint | |
| parent | d080e59e272e307b9ebc267f2c4dd2941cd79436 (diff) | |
eliminating ECDSA, replacing with EdDSA-ECDHE-combo in transfer protocol
Diffstat (limited to 'src/mint')
| -rw-r--r-- | src/mint/taler-mint-httpd.c | 7 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_db.c | 10 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_db.h | 2 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_deposit.c | 6 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_refresh.c | 14 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_responses.c | 20 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_responses.h | 4 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_test.c | 92 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_test.h | 23 |
9 files changed, 30 insertions, 148 deletions
diff --git a/src/mint/taler-mint-httpd.c b/src/mint/taler-mint-httpd.c index d7e2c353a..deb30661f 100644 --- a/src/mint/taler-mint-httpd.c +++ b/src/mint/taler-mint-httpd.c @@ -232,13 +232,6 @@ handle_mhd_request (void *cls, "Only POST is allowed", 0, &TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED }, - { "/test/ecdsa", MHD_HTTP_METHOD_POST, "application/json", - NULL, 0, - &TMH_TEST_handler_test_ecdsa, MHD_HTTP_OK }, - { "/test/ecdsa", NULL, "text/plain", - "Only POST is allowed", 0, - &TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED }, - { "/test/eddsa", MHD_HTTP_METHOD_POST, "application/json", NULL, 0, &TMH_TEST_handler_test_eddsa, MHD_HTTP_OK }, diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 53567a92a..b4256c037 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -926,7 +926,7 @@ check_commitment (struct MHD_Connection *connection, for (j = 0; j < num_newcoins; j++) { struct TALER_RefreshLinkDecrypted *link_data; - union TALER_CoinSpendPublicKeyP coin_pub; + struct TALER_CoinSpendPublicKeyP coin_pub; struct GNUNET_HashCode h_msg; char *buf; size_t buf_len; @@ -942,10 +942,10 @@ check_commitment (struct MHD_Connection *connection, ? GNUNET_NO : GNUNET_SYSERR; } - GNUNET_CRYPTO_ecdsa_key_get_public (&link_data->coin_priv.ecdsa_priv, - &coin_pub.ecdsa_pub); + GNUNET_CRYPTO_eddsa_key_get_public (&link_data->coin_priv.eddsa_priv, + &coin_pub.eddsa_pub); GNUNET_CRYPTO_hash (&coin_pub, - sizeof (union TALER_CoinSpendPublicKeyP), + sizeof (struct TALER_CoinSpendPublicKeyP), &h_msg); if (0 == (buf_len = GNUNET_CRYPTO_rsa_blind (&h_msg, @@ -1248,7 +1248,7 @@ TMH_DB_execute_refresh_reveal (struct MHD_Connection *connection, */ int TMH_DB_execute_refresh_link (struct MHD_Connection *connection, - const union TALER_CoinSpendPublicKeyP *coin_pub) + const struct TALER_CoinSpendPublicKeyP *coin_pub) { int res; struct TALER_MINTDB_Session *session; diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h index 5a8e1aee8..4319a81e5 100644 --- a/src/mint/taler-mint-httpd_db.h +++ b/src/mint/taler-mint-httpd_db.h @@ -166,7 +166,7 @@ TMH_DB_execute_refresh_reveal (struct MHD_Connection *connection, */ int TMH_DB_execute_refresh_link (struct MHD_Connection *connection, - const union TALER_CoinSpendPublicKeyP *coin_pub); + const struct TALER_CoinSpendPublicKeyP *coin_pub); #endif diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c index a45cf354b..bf182d00c 100644 --- a/src/mint/taler-mint-httpd_deposit.c +++ b/src/mint/taler-mint-httpd_deposit.c @@ -73,10 +73,10 @@ verify_and_execute_deposit (struct MHD_Connection *connection, dr.merchant = deposit->merchant_pub; dr.coin_pub = deposit->coin.coin_pub; if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, &dr.purpose, - &deposit->csig.ecdsa_signature, - &deposit->coin.coin_pub.ecdsa_pub)) + &deposit->csig.eddsa_signature, + &deposit->coin.coin_pub.eddsa_pub)) { TALER_LOG_WARNING ("Invalid signature on /deposit request\n"); return TMH_RESPONSE_reply_signature_invalid (connection, diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c index 759c55bb2..cde7d22ca 100644 --- a/src/mint/taler-mint-httpd_refresh.c +++ b/src/mint/taler-mint-httpd_refresh.c @@ -269,10 +269,10 @@ verify_coin_public_info (struct MHD_Connection *connection, TMH_KS_release (key_state); if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT, + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT, &body.purpose, - &melt_detail->melt_sig.ecdsa_signature, - &melt_detail->coin_info.coin_pub.ecdsa_pub)) + &melt_detail->melt_sig.eddsa_signature, + &melt_detail->coin_info.coin_pub.eddsa_pub)) { if (MHD_YES != TMH_RESPONSE_reply_signature_invalid (connection, @@ -439,7 +439,7 @@ handle_refresh_melt_json (struct MHD_Connection *connection, { if (0 == memcmp (&coin_melt_details[i].coin_info.coin_pub, &coin_melt_details[j].coin_info.coin_pub, - sizeof (union TALER_CoinSpendPublicKeyP))) + sizeof (struct TALER_CoinSpendPublicKeyP))) { for (j=0;j<i;j++) { @@ -458,7 +458,7 @@ handle_refresh_melt_json (struct MHD_Connection *connection, &coin_melt_details[i].melt_amount_with_fee); GNUNET_CRYPTO_hash_context_read (hash_context, &coin_melt_details[i].coin_info.coin_pub, - sizeof (union TALER_CoinSpendPublicKeyP)); + sizeof (struct TALER_CoinSpendPublicKeyP)); GNUNET_CRYPTO_hash_context_read (hash_context, &melt_amount, sizeof (struct TALER_AmountNBO)); @@ -891,13 +891,13 @@ TMH_REFRESH_handler_refresh_link (struct TMH_RequestHandler *rh, const char *upload_data, size_t *upload_data_size) { - union TALER_CoinSpendPublicKeyP coin_pub; + struct TALER_CoinSpendPublicKeyP coin_pub; int res; res = TMH_PARSE_mhd_request_arg_data (connection, "coin_pub", &coin_pub, - sizeof (union TALER_CoinSpendPublicKeyP)); + sizeof (struct TALER_CoinSpendPublicKeyP)); if (GNUNET_SYSERR == res) return MHD_NO; if (GNUNET_OK != res) diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c index e37eea188..f8240df52 100644 --- a/src/mint/taler-mint-httpd_responses.c +++ b/src/mint/taler-mint-httpd_responses.c @@ -303,7 +303,7 @@ TMH_RESPONSE_reply_invalid_json (struct MHD_Connection *connection) */ int TMH_RESPONSE_reply_deposit_success (struct MHD_Connection *connection, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct GNUNET_HashCode *h_wire, const struct GNUNET_HashCode *h_contract, uint64_t transaction_id, @@ -381,8 +381,8 @@ compile_transaction_history (const struct TALER_MINTDB_TransactionList *tl) &deposit->deposit_fee); dr.merchant = deposit->merchant_pub; dr.coin_pub = deposit->coin.coin_pub; - transaction = TALER_json_from_ecdsa_sig (&dr.purpose, - &deposit->csig.ecdsa_signature); + transaction = TALER_json_from_eddsa_sig (&dr.purpose, + &deposit->csig.eddsa_signature); break; } case TALER_MINTDB_TT_REFRESH_MELT: @@ -400,8 +400,8 @@ compile_transaction_history (const struct TALER_MINTDB_TransactionList *tl) TALER_amount_hton (&ms.melt_fee, &melt->melt_fee); ms.coin_pub = melt->coin.coin_pub; - transaction = TALER_json_from_ecdsa_sig (&ms.purpose, - &melt->coin_sig.ecdsa_signature); + transaction = TALER_json_from_eddsa_sig (&ms.purpose, + &melt->coin_sig.eddsa_signature); } break; case TALER_MINTDB_TT_LOCK: @@ -678,7 +678,7 @@ TMH_RESPONSE_reply_withdraw_sign_success (struct MHD_Connection *connection, */ int TMH_RESPONSE_reply_refresh_melt_insufficient_funds (struct MHD_Connection *connection, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_Amount coin_value, struct TALER_MINTDB_TransactionList *tl, struct TALER_Amount requested, @@ -692,7 +692,7 @@ TMH_RESPONSE_reply_refresh_melt_insufficient_funds (struct MHD_Connection *conne "{s:s, s:o, s:o, s:o, s:o, s:o}", "error", "insufficient funds", "coin-pub", TALER_json_from_data (coin_pub, - sizeof (union TALER_CoinSpendPublicKeyP)), + sizeof (struct TALER_CoinSpendPublicKeyP)), "original-value", TALER_json_from_amount (&coin_value), "residual-value", TALER_json_from_amount (&residual), "requested-value", TALER_json_from_amount (&requested), @@ -814,7 +814,7 @@ TMH_RESPONSE_reply_refresh_reveal_missmatch (struct MHD_Connection *connection, json_object_set_new (rm_json, "coin_pub", TALER_json_from_data (&rm->coin.coin_pub, - sizeof (union TALER_CoinSpendPublicKeyP))); + sizeof (struct TALER_CoinSpendPublicKeyP))); json_object_set_new (rm_json, "melt_amount_with_fee", TALER_json_from_amount (&rm->amount_with_fee)); @@ -856,7 +856,7 @@ TMH_RESPONSE_reply_refresh_reveal_missmatch (struct MHD_Connection *connection, json_object_set_new (cc_json, "coin_priv_enc", TALER_json_from_data (cc->refresh_link->coin_priv_enc, - sizeof (union TALER_CoinSpendPrivateKeyP))); + sizeof (struct TALER_CoinSpendPrivateKeyP))); json_object_set_new (cc_json, "blinding_key_enc", TALER_json_from_data (cc->refresh_link->blinding_key_enc, @@ -933,7 +933,7 @@ TMH_RESPONSE_reply_refresh_link_success (struct MHD_Connection *connection, json_object_set_new (obj, "link_enc", TALER_json_from_data (ldl->link_data_enc->coin_priv_enc, - sizeof (union TALER_CoinSpendPrivateKeyP) + + sizeof (struct TALER_CoinSpendPrivateKeyP) + ldl->link_data_enc->blinding_key_enc_size)); json_object_set_new (obj, "denom_pub", diff --git a/src/mint/taler-mint-httpd_responses.h b/src/mint/taler-mint-httpd_responses.h index ab062c2a7..8392e73d7 100644 --- a/src/mint/taler-mint-httpd_responses.h +++ b/src/mint/taler-mint-httpd_responses.h @@ -200,7 +200,7 @@ TMH_RESPONSE_reply_invalid_json (struct MHD_Connection *connection); */ int TMH_RESPONSE_reply_deposit_success (struct MHD_Connection *connection, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct GNUNET_HashCode *h_wire, const struct GNUNET_HashCode *h_contract, uint64_t transaction_id, @@ -291,7 +291,7 @@ TMH_RESPONSE_reply_refresh_melt_success (struct MHD_Connection *connection, */ int TMH_RESPONSE_reply_refresh_melt_insufficient_funds (struct MHD_Connection *connection, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_Amount coin_value, struct TALER_MINTDB_TransactionList *tl, struct TALER_Amount requested, diff --git a/src/mint/taler-mint-httpd_test.c b/src/mint/taler-mint-httpd_test.c index 6bf11c33e..61bd4d968 100644 --- a/src/mint/taler-mint-httpd_test.c +++ b/src/mint/taler-mint-httpd_test.c @@ -297,97 +297,9 @@ TMH_TEST_handler_test_ecdhe (struct TMH_RequestHandler *rh, /** - * Handle a "/test/ecdsa" request. Parses the JSON in the post, - * which must contain a "ecdsa_pub" with a public key and an - *"ecdsa_sig" with the corresponding signature for a purpose - * of #TALER_SIGNATURE_CLIENT_TEST_ECDSA. If the signature is - * valid, a reply with a #TALER_SIGNATURE_MINT_TEST_ECDSA is - * returned using the same JSON format. - * - * @param rh context of the handler - * @param connection the MHD connection to handle - * @param[in,out] connection_cls the connection's closure (can be updated) - * @param upload_data upload data - * @param[in,out] upload_data_size number of bytes (left) in @a upload_data - * @return MHD result code - */ -int -TMH_TEST_handler_test_ecdsa (struct TMH_RequestHandler *rh, - struct MHD_Connection *connection, - void **connection_cls, - const char *upload_data, - size_t *upload_data_size) -{ - json_t *json; - int res; - struct GNUNET_CRYPTO_EcdsaPublicKey pub; - struct GNUNET_CRYPTO_EcdsaSignature sig; - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - struct TMH_PARSE_FieldSpecification spec[] = { - TMH_PARSE_MEMBER_FIXED ("ecdsa_pub", &pub), - TMH_PARSE_MEMBER_FIXED ("ecdsa_sig", &sig), - TMH_PARSE_MEMBER_END - }; - struct GNUNET_CRYPTO_EcdsaPrivateKey *pk; - - res = TMH_PARSE_post_json (connection, - connection_cls, - upload_data, - upload_data_size, - &json); - if (GNUNET_SYSERR == res) - return MHD_NO; - if ( (GNUNET_NO == res) || (NULL == json) ) - return MHD_YES; - res = TMH_PARSE_json_data (connection, - json, - spec); - json_decref (json); - if (GNUNET_YES != res) - return (GNUNET_NO == res) ? MHD_YES : MHD_NO; - purpose.size = htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose)); - purpose.purpose = htonl (TALER_SIGNATURE_CLIENT_TEST_ECDSA); - if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_CLIENT_TEST_ECDSA, - &purpose, - &sig, - &pub)) - { - TMH_PARSE_release_data (spec); - return TMH_RESPONSE_reply_signature_invalid (connection, - "ecdsa_sig"); - } - TMH_PARSE_release_data (spec); - pk = GNUNET_CRYPTO_ecdsa_key_create (); - purpose.purpose = htonl (TALER_SIGNATURE_MINT_TEST_ECDSA); - if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_sign (pk, - &purpose, - &sig)) - { - GNUNET_free (pk); - return TMH_RESPONSE_reply_internal_error (connection, - "Failed to ECDSA-sign"); - } - GNUNET_CRYPTO_ecdsa_key_get_public (pk, - &pub); - GNUNET_free (pk); - return TMH_RESPONSE_reply_json_pack (connection, - MHD_HTTP_OK, - "{s:o, s:o}", - "ecdsa_pub", - TALER_json_from_data (&pub, - sizeof (pub)), - "ecdsa_sig", - TALER_json_from_data (&sig, - sizeof (sig))); -} - - -/** * Handle a "/test/eddsa" request. Parses the JSON in the post, * which must contain a "eddsa_pub" with a public key and an - *"ecdsa_sig" with the corresponding signature for a purpose + *"eddsa_sig" with the corresponding signature for a purpose * of #TALER_SIGNATURE_CLIENT_TEST_EDDSA. If the signature is * valid, a reply with a #TALER_SIGNATURE_MINT_TEST_EDDSA is * returned using the same JSON format. @@ -583,7 +495,7 @@ TMH_TEST_handler_test_transfer (struct TMH_RequestHandler *rh, int res; struct TALER_EncryptedLinkSecretP secret_enc; struct TALER_TransferPrivateKeyP trans_priv; - union TALER_CoinSpendPublicKeyP coin_pub; + struct TALER_CoinSpendPublicKeyP coin_pub; struct TMH_PARSE_FieldSpecification spec[] = { TMH_PARSE_MEMBER_FIXED ("secret_enc", &secret_enc), TMH_PARSE_MEMBER_FIXED ("trans_priv", &trans_priv), diff --git a/src/mint/taler-mint-httpd_test.h b/src/mint/taler-mint-httpd_test.h index e220e438a..1bc5fb66c 100644 --- a/src/mint/taler-mint-httpd_test.h +++ b/src/mint/taler-mint-httpd_test.h @@ -122,29 +122,6 @@ TMH_TEST_handler_test_ecdhe (struct TMH_RequestHandler *rh, /** - * Handle a "/test/ecdsa" request. Parses the JSON in the post, - * which must contain a "ecdsa_pub" with a public key and an - *"ecdsa_sig" with the corresponding signature for a purpose - * of #TALER_SIGNATURE_CLIENT_TEST_ECDSA. If the signature is - * valid, a reply with a #TALER_SIGNATURE_MINT_TEST_ECDSA is - * returned using the same JSON format. - * - * @param rh context of the handler - * @param connection the MHD connection to handle - * @param[in,out] connection_cls the connection's closure (can be updated) - * @param upload_data upload data - * @param[in,out] upload_data_size number of bytes (left) in @a upload_data - * @return MHD result code - */ -int -TMH_TEST_handler_test_ecdsa (struct TMH_RequestHandler *rh, - struct MHD_Connection *connection, - void **connection_cls, - const char *upload_data, - size_t *upload_data_size); - - -/** * Handle a "/test/eddsa" request. Parses the JSON in the post, * which must contain a "eddsa_pub" with a public key and an *"ecdsa_sig" with the corresponding signature for a purpose |