aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorGian Demarmels <gian@demarmels.org>2022-01-17 09:37:36 +0100
committerGian Demarmels <gian@demarmels.org>2022-02-04 15:37:33 +0100
commitbe50c084f89e8588dd2d4a4aa30c58002053ee31 (patch)
treee6651b08f663446f21c59b9428e57ca46b7b4bab /src
parentae5f082c75eb140167dc0254894dd4d57ba62a6d (diff)
fixed nonce check, renamed WithdrawNonce
Diffstat (limited to 'src')
-rw-r--r--src/exchange/taler-exchange-httpd_csr.c4
-rw-r--r--src/exchange/taler-exchange-httpd_keys.c2
-rw-r--r--src/exchange/taler-exchange-httpd_keys.h2
-rw-r--r--src/include/taler_crypto_lib.h21
-rw-r--r--src/include/taler_exchange_service.h2
-rw-r--r--src/lib/exchange_api_csr.c4
-rw-r--r--src/lib/exchange_api_withdraw.c14
-rw-r--r--src/util/crypto.c11
-rw-r--r--src/util/crypto_helper_cs.c2
-rw-r--r--src/util/denom.c2
-rw-r--r--src/util/taler-exchange-secmod-cs.h2
-rw-r--r--src/util/test_helper_cs.c2
12 files changed, 46 insertions, 22 deletions
diff --git a/src/exchange/taler-exchange-httpd_csr.c b/src/exchange/taler-exchange-httpd_csr.c
index e1c9037df..dfe4d4d07 100644
--- a/src/exchange/taler-exchange-httpd_csr.c
+++ b/src/exchange/taler-exchange-httpd_csr.c
@@ -37,13 +37,13 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
const json_t *root,
const char *const args[])
{
- struct TALER_WithdrawNonce nonce;
+ struct TALER_CsNonce nonce;
struct TALER_DenominationHash denom_pub_hash;
struct TALER_DenominationCsPublicR r_pub;
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_fixed ("nonce",
&nonce,
- sizeof (struct TALER_WithdrawNonce)),
+ sizeof (struct TALER_CsNonce)),
GNUNET_JSON_spec_fixed ("denom_pub_hash",
&denom_pub_hash,
sizeof (struct TALER_DenominationHash)),
diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c
index 39c5b760f..2e1d71824 100644
--- a/src/exchange/taler-exchange-httpd_keys.c
+++ b/src/exchange/taler-exchange-httpd_keys.c
@@ -2460,7 +2460,7 @@ TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub,
enum TALER_ErrorCode
TEH_keys_denomination_cs_r_pub (const struct
TALER_DenominationHash *h_denom_pub,
- const struct TALER_WithdrawNonce *nonce,
+ const struct TALER_CsNonce *nonce,
struct TALER_DenominationCsPublicR *r_pub)
{
struct TEH_KeyStateHandle *ksh;
diff --git a/src/exchange/taler-exchange-httpd_keys.h b/src/exchange/taler-exchange-httpd_keys.h
index 2cc7d7d7c..57011ed22 100644
--- a/src/exchange/taler-exchange-httpd_keys.h
+++ b/src/exchange/taler-exchange-httpd_keys.h
@@ -232,7 +232,7 @@ TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub,
enum TALER_ErrorCode
TEH_keys_denomination_cs_r_pub (const struct
TALER_DenominationHash *h_denom_pub,
- const struct TALER_WithdrawNonce *nonce,
+ const struct TALER_CsNonce *nonce,
struct TALER_DenominationCsPublicR *r_pub);
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 870e2a990..9870572b3 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -798,7 +798,7 @@ struct TALER_BlindedRsaPlanchet
/**
* Withdraw nonce for CS denominations
*/
-struct TALER_WithdrawNonce
+struct TALER_CsNonce
{
/**
* 32 bit nonce to include in withdrawals
@@ -821,7 +821,7 @@ struct TALER_BlindedCsPlanchet
/**
* Public Nonce
*/
- struct TALER_WithdrawNonce nonce;
+ struct TALER_CsNonce nonce;
};
/**
@@ -988,7 +988,7 @@ void
TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub);
/**
- * @brief Method to generate withdraw nonce
+ * @brief Method to derive withdraw nonce
*
* @param coin_priv private key of the coin
* @param nonce withdraw nonce included in the request to generate R_0 and R_1
@@ -996,10 +996,18 @@ TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub);
void
TALER_cs_withdraw_nonce_derive (const struct
TALER_CoinSpendPrivateKeyP *coin_priv,
- struct TALER_WithdrawNonce *nonce);
+ struct TALER_CsNonce *nonce);
/**
+ * @brief Method to generate a random withdraw nonce used in refresh protocol
+ *
+ * @param nonce withdraw nonce included in the request to generate R_0 and R_1
+ */
+void
+TALER_cs_withdraw_nonce_generate (struct TALER_CsNonce *nonce);
+
+/**
* Initialize denomination public-private key pair.
*
* For #TALER_DENOMINATION_RSA, an additional "unsigned int"
@@ -1047,7 +1055,7 @@ TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig);
*/
enum GNUNET_GenericReturnValue
-TALER_denom_cs_derive_r_public (const struct TALER_WithdrawNonce *nonce,
+TALER_denom_cs_derive_r_public (const struct TALER_CsNonce *nonce,
const struct
TALER_DenominationPrivateKey *denom_priv,
struct TALER_DenominationCsPublicR *r_pub);
@@ -1082,7 +1090,6 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk,
* @param[out] denom_sig where to write the signature
* @param denom_priv private key to use for signing
* @param blinded_planchet the planchet already blinded
- * @param ... If CS signature, a TALER_WithdrawNonce is needed
* @return #GNUNET_OK on success
*/
enum GNUNET_GenericReturnValue
@@ -1892,7 +1899,7 @@ TALER_CRYPTO_helper_cs_revoke (
struct TALER_DenominationCsPublicR
TALER_CRYPTO_helper_cs_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CsPubHashP *h_cs,
- const struct TALER_WithdrawNonce *nonce,
+ const struct TALER_CsNonce *nonce,
enum TALER_ErrorCode *ec);
diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h
index fcf907c58..68c971868 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -1107,7 +1107,7 @@ typedef void
struct TALER_EXCHANGE_CsRHandle *
TALER_EXCHANGE_csr (struct TALER_EXCHANGE_Handle *exchange,
const struct TALER_EXCHANGE_DenomPublicKey *pk,
- const struct TALER_WithdrawNonce *nonce,
+ const struct TALER_CsNonce *nonce,
TALER_EXCHANGE_CsRCallback res_cb,
void *res_cb_cls);
diff --git a/src/lib/exchange_api_csr.c b/src/lib/exchange_api_csr.c
index a3f631181..d99b08caf 100644
--- a/src/lib/exchange_api_csr.c
+++ b/src/lib/exchange_api_csr.c
@@ -205,7 +205,7 @@ handle_csr_finished (void *cls,
struct TALER_EXCHANGE_CsRHandle *
TALER_EXCHANGE_csr (struct TALER_EXCHANGE_Handle *exchange,
const struct TALER_EXCHANGE_DenomPublicKey *pk,
- const struct TALER_WithdrawNonce *nonce,
+ const struct TALER_CsNonce *nonce,
TALER_EXCHANGE_CsRCallback res_cb,
void *res_cb_cls)
{
@@ -229,7 +229,7 @@ TALER_EXCHANGE_csr (struct TALER_EXCHANGE_Handle *exchange,
csr_obj = GNUNET_JSON_PACK (GNUNET_JSON_pack_data_varsize ("nonce",
nonce,
sizeof(struct
- TALER_WithdrawNonce)),
+ TALER_CsNonce)),
GNUNET_JSON_pack_data_varsize ("denom_pub_hash",
&pk->h_key,
sizeof(struct
diff --git a/src/lib/exchange_api_withdraw.c b/src/lib/exchange_api_withdraw.c
index e8eca88cc..a5a886767 100644
--- a/src/lib/exchange_api_withdraw.c
+++ b/src/lib/exchange_api_withdraw.c
@@ -283,9 +283,17 @@ TALER_EXCHANGE_withdraw (
wh);
break;
case TALER_DENOMINATION_CS:
- TALER_cs_withdraw_nonce_derive (&ps->coin_priv,
- &wh->pd.blinded_planchet.details.
- cs_blinded_planchet.nonce);
+ wh->pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
+
+ /**
+ * This part is a bit hacky..
+ * due to the reason that Withdraw tests use the same private key coin to sign,
+ * the same Withdraw nonce will be derived.
+ * In a normal withdrawal TALER_cs_withdraw_nonce_derive is used.
+ * As a hacky solution, we generate the nonce here randomly.
+ */
+ TALER_cs_withdraw_nonce_generate (&wh->pd.blinded_planchet.details.
+ cs_blinded_planchet.nonce);
wh->csrh = TALER_EXCHANGE_csr (exchange,
pk,
&wh->pd.blinded_planchet.details.
diff --git a/src/util/crypto.c b/src/util/crypto.c
index 549ec8b1a..fd309c934 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -191,7 +191,7 @@ cs_blinding_seed_derive (const struct
void
TALER_cs_withdraw_nonce_derive (const struct
TALER_CoinSpendPrivateKeyP *coin_priv,
- struct TALER_WithdrawNonce *nonce)
+ struct TALER_CsNonce *nonce)
{
GNUNET_assert (GNUNET_YES ==
GNUNET_CRYPTO_hkdf (nonce,
@@ -208,6 +208,15 @@ TALER_cs_withdraw_nonce_derive (const struct
void
+TALER_cs_withdraw_nonce_generate (struct TALER_CsNonce *nonce)
+{
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
+ nonce,
+ sizeof (*nonce));
+}
+
+
+void
TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps,
const struct
TALER_ExchangeWithdrawValues *alg_values)
diff --git a/src/util/crypto_helper_cs.c b/src/util/crypto_helper_cs.c
index 240c13552..593aa0c25 100644
--- a/src/util/crypto_helper_cs.c
+++ b/src/util/crypto_helper_cs.c
@@ -610,7 +610,7 @@ TALER_CRYPTO_helper_cs_revoke (
struct TALER_DenominationCsPublicR
TALER_CRYPTO_helper_cs_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh,
const struct TALER_CsPubHashP *h_cs,
- const struct TALER_WithdrawNonce *nonce,
+ const struct TALER_CsNonce *nonce,
enum TALER_ErrorCode *ec)
{
struct TALER_DenominationCsPublicR r_pub;
diff --git a/src/util/denom.c b/src/util/denom.c
index 43204f09c..fa8909783 100644
--- a/src/util/denom.c
+++ b/src/util/denom.c
@@ -83,7 +83,7 @@ TALER_denom_priv_create (struct TALER_DenominationPrivateKey *denom_priv,
enum GNUNET_GenericReturnValue
-TALER_denom_cs_derive_r_public (const struct TALER_WithdrawNonce *nonce,
+TALER_denom_cs_derive_r_public (const struct TALER_CsNonce *nonce,
const struct
TALER_DenominationPrivateKey *denom_priv,
struct TALER_DenominationCsPublicR *r_pub)
diff --git a/src/util/taler-exchange-secmod-cs.h b/src/util/taler-exchange-secmod-cs.h
index c5f1b7dec..6c3f9232a 100644
--- a/src/util/taler-exchange-secmod-cs.h
+++ b/src/util/taler-exchange-secmod-cs.h
@@ -162,7 +162,7 @@ struct TALER_CRYPTO_CsRDeriveRequest
/**
* Withdraw nonce to derive R from
*/
- struct TALER_WithdrawNonce nonce;
+ struct TALER_CsNonce nonce;
};
/**
diff --git a/src/util/test_helper_cs.c b/src/util/test_helper_cs.c
index 5a41c7fa1..c4e68376b 100644
--- a/src/util/test_helper_cs.c
+++ b/src/util/test_helper_cs.c
@@ -371,7 +371,7 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh)
/* check R derivation does not work if the key is unknown */
{
struct TALER_CsPubHashP rnd;
- struct TALER_WithdrawNonce nonce;
+ struct TALER_CsNonce nonce;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&rnd,