diff options
author | Gian Demarmels <gian@demarmels.org> | 2022-01-17 09:37:36 +0100 |
---|---|---|
committer | Gian Demarmels <gian@demarmels.org> | 2022-02-04 15:37:33 +0100 |
commit | be50c084f89e8588dd2d4a4aa30c58002053ee31 (patch) | |
tree | e6651b08f663446f21c59b9428e57ca46b7b4bab /src | |
parent | ae5f082c75eb140167dc0254894dd4d57ba62a6d (diff) |
fixed nonce check, renamed WithdrawNonce
Diffstat (limited to 'src')
-rw-r--r-- | src/exchange/taler-exchange-httpd_csr.c | 4 | ||||
-rw-r--r-- | src/exchange/taler-exchange-httpd_keys.c | 2 | ||||
-rw-r--r-- | src/exchange/taler-exchange-httpd_keys.h | 2 | ||||
-rw-r--r-- | src/include/taler_crypto_lib.h | 21 | ||||
-rw-r--r-- | src/include/taler_exchange_service.h | 2 | ||||
-rw-r--r-- | src/lib/exchange_api_csr.c | 4 | ||||
-rw-r--r-- | src/lib/exchange_api_withdraw.c | 14 | ||||
-rw-r--r-- | src/util/crypto.c | 11 | ||||
-rw-r--r-- | src/util/crypto_helper_cs.c | 2 | ||||
-rw-r--r-- | src/util/denom.c | 2 | ||||
-rw-r--r-- | src/util/taler-exchange-secmod-cs.h | 2 | ||||
-rw-r--r-- | src/util/test_helper_cs.c | 2 |
12 files changed, 46 insertions, 22 deletions
diff --git a/src/exchange/taler-exchange-httpd_csr.c b/src/exchange/taler-exchange-httpd_csr.c index e1c9037df..dfe4d4d07 100644 --- a/src/exchange/taler-exchange-httpd_csr.c +++ b/src/exchange/taler-exchange-httpd_csr.c @@ -37,13 +37,13 @@ TEH_handler_csr (struct TEH_RequestContext *rc, const json_t *root, const char *const args[]) { - struct TALER_WithdrawNonce nonce; + struct TALER_CsNonce nonce; struct TALER_DenominationHash denom_pub_hash; struct TALER_DenominationCsPublicR r_pub; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_fixed ("nonce", &nonce, - sizeof (struct TALER_WithdrawNonce)), + sizeof (struct TALER_CsNonce)), GNUNET_JSON_spec_fixed ("denom_pub_hash", &denom_pub_hash, sizeof (struct TALER_DenominationHash)), diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c index 39c5b760f..2e1d71824 100644 --- a/src/exchange/taler-exchange-httpd_keys.c +++ b/src/exchange/taler-exchange-httpd_keys.c @@ -2460,7 +2460,7 @@ TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub, enum TALER_ErrorCode TEH_keys_denomination_cs_r_pub (const struct TALER_DenominationHash *h_denom_pub, - const struct TALER_WithdrawNonce *nonce, + const struct TALER_CsNonce *nonce, struct TALER_DenominationCsPublicR *r_pub) { struct TEH_KeyStateHandle *ksh; diff --git a/src/exchange/taler-exchange-httpd_keys.h b/src/exchange/taler-exchange-httpd_keys.h index 2cc7d7d7c..57011ed22 100644 --- a/src/exchange/taler-exchange-httpd_keys.h +++ b/src/exchange/taler-exchange-httpd_keys.h @@ -232,7 +232,7 @@ TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub, enum TALER_ErrorCode TEH_keys_denomination_cs_r_pub (const struct TALER_DenominationHash *h_denom_pub, - const struct TALER_WithdrawNonce *nonce, + const struct TALER_CsNonce *nonce, struct TALER_DenominationCsPublicR *r_pub); diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 870e2a990..9870572b3 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -798,7 +798,7 @@ struct TALER_BlindedRsaPlanchet /** * Withdraw nonce for CS denominations */ -struct TALER_WithdrawNonce +struct TALER_CsNonce { /** * 32 bit nonce to include in withdrawals @@ -821,7 +821,7 @@ struct TALER_BlindedCsPlanchet /** * Public Nonce */ - struct TALER_WithdrawNonce nonce; + struct TALER_CsNonce nonce; }; /** @@ -988,7 +988,7 @@ void TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub); /** - * @brief Method to generate withdraw nonce + * @brief Method to derive withdraw nonce * * @param coin_priv private key of the coin * @param nonce withdraw nonce included in the request to generate R_0 and R_1 @@ -996,10 +996,18 @@ TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub); void TALER_cs_withdraw_nonce_derive (const struct TALER_CoinSpendPrivateKeyP *coin_priv, - struct TALER_WithdrawNonce *nonce); + struct TALER_CsNonce *nonce); /** + * @brief Method to generate a random withdraw nonce used in refresh protocol + * + * @param nonce withdraw nonce included in the request to generate R_0 and R_1 + */ +void +TALER_cs_withdraw_nonce_generate (struct TALER_CsNonce *nonce); + +/** * Initialize denomination public-private key pair. * * For #TALER_DENOMINATION_RSA, an additional "unsigned int" @@ -1047,7 +1055,7 @@ TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig); */ enum GNUNET_GenericReturnValue -TALER_denom_cs_derive_r_public (const struct TALER_WithdrawNonce *nonce, +TALER_denom_cs_derive_r_public (const struct TALER_CsNonce *nonce, const struct TALER_DenominationPrivateKey *denom_priv, struct TALER_DenominationCsPublicR *r_pub); @@ -1082,7 +1090,6 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, * @param[out] denom_sig where to write the signature * @param denom_priv private key to use for signing * @param blinded_planchet the planchet already blinded - * @param ... If CS signature, a TALER_WithdrawNonce is needed * @return #GNUNET_OK on success */ enum GNUNET_GenericReturnValue @@ -1892,7 +1899,7 @@ TALER_CRYPTO_helper_cs_revoke ( struct TALER_DenominationCsPublicR TALER_CRYPTO_helper_cs_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh, const struct TALER_CsPubHashP *h_cs, - const struct TALER_WithdrawNonce *nonce, + const struct TALER_CsNonce *nonce, enum TALER_ErrorCode *ec); diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index fcf907c58..68c971868 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -1107,7 +1107,7 @@ typedef void struct TALER_EXCHANGE_CsRHandle * TALER_EXCHANGE_csr (struct TALER_EXCHANGE_Handle *exchange, const struct TALER_EXCHANGE_DenomPublicKey *pk, - const struct TALER_WithdrawNonce *nonce, + const struct TALER_CsNonce *nonce, TALER_EXCHANGE_CsRCallback res_cb, void *res_cb_cls); diff --git a/src/lib/exchange_api_csr.c b/src/lib/exchange_api_csr.c index a3f631181..d99b08caf 100644 --- a/src/lib/exchange_api_csr.c +++ b/src/lib/exchange_api_csr.c @@ -205,7 +205,7 @@ handle_csr_finished (void *cls, struct TALER_EXCHANGE_CsRHandle * TALER_EXCHANGE_csr (struct TALER_EXCHANGE_Handle *exchange, const struct TALER_EXCHANGE_DenomPublicKey *pk, - const struct TALER_WithdrawNonce *nonce, + const struct TALER_CsNonce *nonce, TALER_EXCHANGE_CsRCallback res_cb, void *res_cb_cls) { @@ -229,7 +229,7 @@ TALER_EXCHANGE_csr (struct TALER_EXCHANGE_Handle *exchange, csr_obj = GNUNET_JSON_PACK (GNUNET_JSON_pack_data_varsize ("nonce", nonce, sizeof(struct - TALER_WithdrawNonce)), + TALER_CsNonce)), GNUNET_JSON_pack_data_varsize ("denom_pub_hash", &pk->h_key, sizeof(struct diff --git a/src/lib/exchange_api_withdraw.c b/src/lib/exchange_api_withdraw.c index e8eca88cc..a5a886767 100644 --- a/src/lib/exchange_api_withdraw.c +++ b/src/lib/exchange_api_withdraw.c @@ -283,9 +283,17 @@ TALER_EXCHANGE_withdraw ( wh); break; case TALER_DENOMINATION_CS: - TALER_cs_withdraw_nonce_derive (&ps->coin_priv, - &wh->pd.blinded_planchet.details. - cs_blinded_planchet.nonce); + wh->pd.blinded_planchet.cipher = TALER_DENOMINATION_CS; + + /** + * This part is a bit hacky.. + * due to the reason that Withdraw tests use the same private key coin to sign, + * the same Withdraw nonce will be derived. + * In a normal withdrawal TALER_cs_withdraw_nonce_derive is used. + * As a hacky solution, we generate the nonce here randomly. + */ + TALER_cs_withdraw_nonce_generate (&wh->pd.blinded_planchet.details. + cs_blinded_planchet.nonce); wh->csrh = TALER_EXCHANGE_csr (exchange, pk, &wh->pd.blinded_planchet.details. diff --git a/src/util/crypto.c b/src/util/crypto.c index 549ec8b1a..fd309c934 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -191,7 +191,7 @@ cs_blinding_seed_derive (const struct void TALER_cs_withdraw_nonce_derive (const struct TALER_CoinSpendPrivateKeyP *coin_priv, - struct TALER_WithdrawNonce *nonce) + struct TALER_CsNonce *nonce) { GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_hkdf (nonce, @@ -208,6 +208,15 @@ TALER_cs_withdraw_nonce_derive (const struct void +TALER_cs_withdraw_nonce_generate (struct TALER_CsNonce *nonce) +{ + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG, + nonce, + sizeof (*nonce)); +} + + +void TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps, const struct TALER_ExchangeWithdrawValues *alg_values) diff --git a/src/util/crypto_helper_cs.c b/src/util/crypto_helper_cs.c index 240c13552..593aa0c25 100644 --- a/src/util/crypto_helper_cs.c +++ b/src/util/crypto_helper_cs.c @@ -610,7 +610,7 @@ TALER_CRYPTO_helper_cs_revoke ( struct TALER_DenominationCsPublicR TALER_CRYPTO_helper_cs_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh, const struct TALER_CsPubHashP *h_cs, - const struct TALER_WithdrawNonce *nonce, + const struct TALER_CsNonce *nonce, enum TALER_ErrorCode *ec) { struct TALER_DenominationCsPublicR r_pub; diff --git a/src/util/denom.c b/src/util/denom.c index 43204f09c..fa8909783 100644 --- a/src/util/denom.c +++ b/src/util/denom.c @@ -83,7 +83,7 @@ TALER_denom_priv_create (struct TALER_DenominationPrivateKey *denom_priv, enum GNUNET_GenericReturnValue -TALER_denom_cs_derive_r_public (const struct TALER_WithdrawNonce *nonce, +TALER_denom_cs_derive_r_public (const struct TALER_CsNonce *nonce, const struct TALER_DenominationPrivateKey *denom_priv, struct TALER_DenominationCsPublicR *r_pub) diff --git a/src/util/taler-exchange-secmod-cs.h b/src/util/taler-exchange-secmod-cs.h index c5f1b7dec..6c3f9232a 100644 --- a/src/util/taler-exchange-secmod-cs.h +++ b/src/util/taler-exchange-secmod-cs.h @@ -162,7 +162,7 @@ struct TALER_CRYPTO_CsRDeriveRequest /** * Withdraw nonce to derive R from */ - struct TALER_WithdrawNonce nonce; + struct TALER_CsNonce nonce; }; /** diff --git a/src/util/test_helper_cs.c b/src/util/test_helper_cs.c index 5a41c7fa1..c4e68376b 100644 --- a/src/util/test_helper_cs.c +++ b/src/util/test_helper_cs.c @@ -371,7 +371,7 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh) /* check R derivation does not work if the key is unknown */ { struct TALER_CsPubHashP rnd; - struct TALER_WithdrawNonce nonce; + struct TALER_CsNonce nonce; GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &rnd, |