aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/include/taler_crypto_lib.h22
-rw-r--r--src/include/taler_mintdb_plugin.h6
-rw-r--r--src/include/taler_signatures.h257
-rw-r--r--src/mint-lib/mint_api.c8
-rw-r--r--src/mint-tools/taler-mint-keycheck.c4
-rw-r--r--src/mint-tools/taler-mint-keyup.c4
-rw-r--r--src/mint/taler-mint-httpd_db.h2
-rw-r--r--src/mint/taler-mint-httpd_deposit.c4
-rw-r--r--src/mint/taler-mint-httpd_refresh.c6
-rw-r--r--src/mint/taler-mint-httpd_responses.c10
-rw-r--r--src/mint/taler-mint-httpd_withdraw.c4
11 files changed, 228 insertions, 99 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index cfd588a52..5b45661b7 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -197,33 +197,45 @@ struct TALER_MasterSignatureP
/**
- * Type of public keys for Taler coins.
+ * Type of public keys for Taler coins. The same key material is used
+ * for ECDSA and ECDHE operations.
*/
union TALER_CoinSpendPublicKeyP
{
/**
- * Taler uses ECDSA for coins.
+ * Taler uses ECDSA for coins when signing deposit requests.
*/
struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_pub;
+
+ /**
+ * Taler uses ECDH(E) for coin linkage during refresh operations.
+ */
+ struct GNUNET_CRYPTO_EcdhePublicKey ecdhe_pub;
};
/**
- * Type of private keys for Taler coins.
+ * Type of private keys for Taler coins. The same key material is used
+ * for ECDSA and ECDHE operations.
*/
union TALER_CoinSpendPrivateKeyP
{
/**
- * Taler uses ECDSA for coins.
+ * Taler uses ECDSA for coins when signing deposit requests.
*/
struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_priv;
+
+ /**
+ * Taler uses ECDHE for coin linkage during refresh operations.
+ */
+ struct GNUNET_CRYPTO_EcdhePrivateKey ecdhe_priv;
};
/**
* Type of signatures made with Taler coins.
*/
-union TALER_CoinSpendSignatureP
+struct TALER_CoinSpendSignatureP
{
/**
* Taler uses ECDSA for coins.
diff --git a/src/include/taler_mintdb_plugin.h b/src/include/taler_mintdb_plugin.h
index 7cd3e9202..e6f87c4aa 100644
--- a/src/include/taler_mintdb_plugin.h
+++ b/src/include/taler_mintdb_plugin.h
@@ -186,7 +186,7 @@ struct Deposit
* by @e h_wire in relation to the contract identified
* by @e h_contract.
*/
- union TALER_CoinSpendSignatureP csig;
+ struct TALER_CoinSpendSignatureP csig;
/**
* Public key of the merchant. Enables later identification
@@ -268,7 +268,7 @@ struct RefreshMelt
/**
* Signature over the melting operation.
*/
- union TALER_CoinSpendSignatureP coin_sig;
+ struct TALER_CoinSpendSignatureP coin_sig;
/**
* Hash of the refresh session this coin is melted into.
@@ -384,7 +384,7 @@ struct Lock
/**
* Signature over the locking operation.
*/
- union TALER_CoinSpendSignatureP coin_sig;
+ struct TALER_CoinSpendSignatureP coin_sig;
/**
* How much value is being locked?
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index 8363c23dd..4e9418966 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -40,53 +40,47 @@
*/
#define TALER_CNC_KAPPA 3
+/*********************************************/
+/* Mint offline signatures (with master key) */
+/*********************************************/
/**
- * Purpose for signing public keys signed
- * by the mint master key.
+ * Purpose for signing public keys signed by the mint master key.
*/
-#define TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY 1
+#define TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY 1
/**
- * Purpose for denomination keys signed
- * by the mint master key.
+ * Purpose for denomination keys signed by the mint master key.
*/
-#define TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY 2
+#define TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY 2
-/**
- * Purpose for the state of a reserve,
- * signed by the mint's signing key.
- */
-#define TALER_SIGNATURE_MINT_RESERVE_STATUS 3
-/**
- * Signature where the reserve key
- * confirms a withdraw request.
- */
-#define TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST 4
+/*********************************************/
+/* Mint online signatures (with signing key) */
+/*********************************************/
/**
- * Signature using a coin key confirming the melting of
- * a coin.
+ * Purpose for the state of a reserve, signed by the mint's signing
+ * key.
*/
-#define TALER_SIGNATURE_COIN_MELT 5
+#define TALER_SIGNATURE_MINT_RESERVE_STATUS 32
/**
- * Signature where the mint (current signing key)
- * confirms the no-reveal index for cut-and-choose and
- * the validity of the melted coins.
+ * Signature where the Mint confirms a deposit request.
*/
-#define TALER_SIGNATURE_MINT_MELT_RESPONSE 6
+#define TALER_SIGNATURE_MINT_CONFIRM_DEPOSIT 33
/**
- * Signature where the Mint confirms a deposit request.
+ * Signature where the mint (current signing key) confirms the
+ * no-reveal index for cut-and-choose and the validity of the melted
+ * coins.
*/
-#define TALER_SIGNATURE_COIN_DEPOSIT 7
+#define TALER_SIGNATURE_MINT_CONFIRM_MELT 34
/**
* Signature where the Mint confirms the full /keys response set.
*/
-#define TALER_SIGNATURE_MINT_KEY_SET 8
+#define TALER_SIGNATURE_MINT_KEY_SET 35
/***********************/
@@ -94,26 +88,34 @@
/***********************/
/**
- * Signature where the merchant confirms a contract
+ * Signature where the merchant confirms a contract (to the customer).
*/
#define TALER_SIGNATURE_MERCHANT_CONTRACT 101
+/**
+ * Signature where the merchant confirms a refund (of a coin).
+ */
+#define TALER_SIGNATURE_MERCHANT_REFUND 102
+
+
/*********************/
/* Wallet signatures */
/*********************/
/**
- * Signature made by the wallet of a user to confirm a deposit permission
- * FIXME: this is #TALER_SIGNATURE_COIN_DEPOSIT already!
+ * Signature where the reserve key confirms a withdraw request.
*/
-#define TALER_SIGNATURE_WALLET_DEPOSIT 201
+#define TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW 200
/**
- * Signature made by the wallet of a user to confirm a incremental
- * deposit permission.
- * FIXME: this MIGHT also be #TALER_SIGNATURE_COIN_DEPOSIT already!
+ * Signature made by the wallet of a user to confirm a deposit of a coin.
*/
-#define TALER_SIGNATURE_WALLET_DEPOSIT_INCREMENTAL 202
+#define TALER_SIGNATURE_WALLET_COIN_DEPOSIT 201
+
+/**
+ * Signature using a coin key confirming the melting of a coin.
+ */
+#define TALER_SIGNATURE_WALLET_COIN_MELT 202
@@ -127,7 +129,8 @@ struct TALER_WithdrawRequestPS
{
/**
- * Purpose must be #TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST.
+ * Purpose must be #TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW.
+ * Used with an EdDSA signature of a `struct TALER_ReservePublicKeyP`.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@@ -165,7 +168,8 @@ struct TALER_WithdrawRequestPS
struct TALER_DepositRequestPS
{
/**
- * Purpose must be #TALER_SIGNATURE_WALLET_DEPOSIT
+ * Purpose must be #TALER_SIGNATURE_WALLET_COIN_DEPOSIT.
+ * Used for an ECDSA signature with the `union TALER_CoinSpendPublicKeyP`.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@@ -180,20 +184,68 @@ struct TALER_DepositRequestPS
struct GNUNET_HashCode h_wire;
/**
+ * Time when this request was generated. Used, for example, to
+ * assess when (roughly) the income was achieved for tax purposes.
+ * Note that the Mint will only check that the timestamp is not "too
+ * far" into the future (i.e. several days). The fact that the
+ * timestamp falls within the validity period of the coin's
+ * denomination key is irrelevant for the validity of the deposit
+ * request, as obviously the customer and merchant could conspire to
+ * set any timestamp. Also, the Mint must accept very old deposit
+ * requests, as the merchant might have been unable to transmit the
+ * deposit request in a timely fashion (so back-dating is not
+ * prevented).
+ */
+ struct GNUNET_TIME_AbsoluteNBO timestamp;
+
+ /**
+ * How much time does the merchant have to issue a refund request?
+ * Zero if refunds are not allowed. After this time, the coin
+ * cannot be refunded.
+ */
+ struct GNUNET_TIME_AbsoluteNBO refund_deadline;
+
+ /**
* Merchant-generated transaction ID to detect duplicate
- * transactions.
+ * transactions. The merchant must communicate a merchant-unique ID
+ * to the customer for each transaction. Note that different coins
+ * that are part of the same transaction can use the same
+ * transaction ID. The transaction ID is useful for later disputes,
+ * and the merchant's contract offer (@e h_contract) with the
+ * customer should include the offer's term and transaction ID
+ * signed with a key from the merchant.
*/
uint64_t transaction_id GNUNET_PACKED;
/**
- * Amount to be deposited, including fee.
+ * Amount to be deposited, including deposit fee charged by the
+ * mint. This is the total amount that the coin's value at the mint
+ * will be reduced by.
*/
struct TALER_AmountNBO amount_with_fee;
- /* FIXME: we should probably also include the value of
- the depositing fee here as well! */
/**
- * The coin's public key.
+ * Depositing fee charged by the mint. This must match the Mint's
+ * denomination key's depositing fee. If the client puts in an
+ * invalid deposit fee (too high or too low) that does not match the
+ * Mint's denomination key, the deposit operation is invalid and
+ * will be rejected by the mint. The @e amount_with_fee minus the
+ * @e deposit_fee is the amount that will be transferred to the
+ * account identified by @e h_wire.
+ */
+ struct TALER_AmountNBO deposit_fee;
+
+ /**
+ * The Merchant's public key. Allows the merchant to later refund
+ * the transaction. All zeros if nobody is allowed to refund the
+ * transaction later.
+ */
+ struct TALER_MerchantPublicKeyP merchant;
+
+ /**
+ * The coin's public key. This is the value that must have been
+ * signed (blindly) by the Mint. The deposit request is to be
+ * signed by the corresponding private key (using ECDSA).
*/
union TALER_CoinSpendPublicKeyP coin_pub;
@@ -207,7 +259,8 @@ struct TALER_DepositRequestPS
struct TALER_DepositConfirmationPS
{
/**
- * Purpose must be #TALER_SIGNATURE_COIN_DEPOSIT
+ * Purpose must be #TALER_SIGNATURE_MINT_CONFIRM_DEPOSIT. Signed
+ * by a `struct TALER_MintPublicKeyP` using EdDSA.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@@ -228,20 +281,36 @@ struct TALER_DepositConfirmationPS
uint64_t transaction_id GNUNET_PACKED;
/**
- * Amount to be deposited, including fee.
+ * Time when this confirmation was generated.
*/
- struct TALER_AmountNBO amount_with_fee;
+ struct GNUNET_TIME_AbsoluteNBO timestamp;
+
+ /**
+ * How much time does the @e merchant have to issue a refund
+ * request? Zero if refunds are not allowed. After this time, the
+ * coin cannot be refunded. Note that the wire transfer will not be
+ * performed by the mint until the refund deadline. This value
+ * is taken from the original deposit request.
+ */
+ struct GNUNET_TIME_AbsoluteNBO refund_deadline;
- /* FIXME: we should probably also include the value of
- the depositing fee here as well! */
+ /**
+ * Amount to be deposited, excluding fee. Calculated from the
+ * amount with fee and the fee from the deposit request.
+ */
+ struct TALER_AmountNBO amount_without_fee;
/**
- * The coin's public key.
+ * The coin's public key. This is the value that must have been
+ * signed (blindly) by the Mint. The deposit request is to be
+ * signed by the corresponding private key (using ECDSA).
*/
union TALER_CoinSpendPublicKeyP coin_pub;
/**
- * The Merchant's public key.
+ * The Merchant's public key. Allows the merchant to later refund
+ * the transaction. All zeros if nobody is allowed to refund the
+ * transaction later.
*/
struct TALER_MerchantPublicKeyP merchant;
@@ -249,13 +318,14 @@ struct TALER_DepositConfirmationPS
/**
- * Message signed by a coin to indicate that the coin should
- * be melted.
+ * Message signed by a coin to indicate that the coin should be
+ * melted.
*/
struct TALER_RefreshMeltCoinAffirmationPS
{
/**
- * Purpose is #TALER_SIGNATURE_COIN_MELT.
+ * Purpose is #TALER_SIGNATURE_WALLET_COIN_MELT.
+ * Used for an ECDSA signature with the `union TALER_CoinSpendPublicKeyP`.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@@ -274,11 +344,21 @@ struct TALER_RefreshMeltCoinAffirmationPS
*/
struct TALER_AmountNBO amount_with_fee;
- /* FIXME: we should probably also include the value of
- the melting fee here as well! */
+ /**
+ * Melting fee charged by the mint. This must match the Mint's
+ * denomination key's melting fee. If the client puts in an invalid
+ * melting fee (too high or too low) that does not match the Mint's
+ * denomination key, the melting operation is invalid and will be
+ * rejected by the mint. The @e amount_with_fee minus the @e
+ * melt_fee is the amount that will be credited to the melting
+ * session.
+ */
+ struct TALER_AmountNBO melt_fee;
/**
- * The coin's public key.
+ * The coin's public key. This is the value that must have been
+ * signed (blindly) by the Mint. The deposit request is to be
+ * signed by the corresponding private key (using ECDSA).
*/
union TALER_CoinSpendPublicKeyP coin_pub;
};
@@ -293,7 +373,8 @@ struct TALER_RefreshMeltCoinAffirmationPS
struct TALER_RefreshMeltConfirmationPS
{
/**
- * Purpose is #TALER_SIGNATURE_MINT_MELT_RESPONSE.
+ * Purpose is #TALER_SIGNATURE_MINT_CONFIRM_MELT. Signed
+ * by a `struct TALER_MintPublicKeyP` using EdDSA.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@@ -303,7 +384,8 @@ struct TALER_RefreshMeltConfirmationPS
struct GNUNET_HashCode session_hash;
/**
- * Index that the client will not have to reveal.
+ * Index that the client will not have to reveal, in NBO.
+ * Must be smaller than #TALER_CNC_KAPPA.
*/
uint16_t noreveal_index GNUNET_PACKED;
};
@@ -322,7 +404,7 @@ struct TALER_MintSigningKeyValidityPS
struct TALER_MasterSignatureP signature;
/**
- * Purpose is #TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY.
+ * Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@@ -338,14 +420,25 @@ struct TALER_MintSigningKeyValidityPS
struct GNUNET_TIME_AbsoluteNBO start;
/**
- * When does this signing key expire? Note: This is
- * currently when the Mint will definitively stop using it.
- * This does not mean that all signatures with tkey key are
- * afterwards invalid.
+ * When does this signing key expire? Note: This is currently when
+ * the Mint will definitively stop using it. Signatures made with
+ * the key remain valid until @e end. When checking validity periods,
+ * clients should allow for some overlap between keys and tolerate
+ * the use of either key during the overlap time (due to the
+ * possibility of clock skew).
*/
struct GNUNET_TIME_AbsoluteNBO expire;
/**
+ * When do signatures with this signing key become invalid? After
+ * this point, these signatures cannot be used in (legal) disputes
+ * anymore, as the Mint is then allowed to destroy its side of the
+ * evidence. @e end is expected to be significantly larger than @e
+ * expire (by a year or more).
+ */
+ struct GNUNET_TIME_AbsoluteNBO end;
+
+ /**
* The public online signing key that the mint will use
* between @e start and @e expire.
*/
@@ -362,7 +455,8 @@ struct TALER_MintKeySetPS
{
/**
- * Purpose is #TALER_SIGNATURE_MINT_KEY_SET
+ * Purpose is #TALER_SIGNATURE_MINT_KEY_SET. Signed
+ * by a `struct TALER_MintPublicKeyP` using EdDSA.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@@ -372,7 +466,11 @@ struct TALER_MintKeySetPS
struct GNUNET_TIME_AbsoluteNBO list_issue_date;
/**
- * Hash over the "inner" JSON with the key set.
+ * Hash over the "inner" JSON with the key set. FIXME: The use of
+ * JSON as what is being signed here is a bit of a hack, as the
+ * result depends on the JSON indentation and being canonical.
+ * We should consider using a more well-defined binary format to
+ * sign. (#3739)
*/
struct GNUNET_HashCode hc;
};
@@ -385,13 +483,12 @@ struct TALER_MintKeySetPS
struct TALER_DenominationKeyValidityPS
{
/**
- * Signature over this struct to affirm the validity
- * of the key.
+ * Signature over this struct to affirm the validity of the key.
*/
struct TALER_MasterSignatureP signature;
/**
- * Purpose is #TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY.
+ * Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@@ -407,8 +504,16 @@ struct TALER_DenominationKeyValidityPS
struct GNUNET_TIME_AbsoluteNBO start;
/**
- * The mint will sign fresh coins between @e start and
- * this time.
+ * The mint will sign fresh coins between @e start and this time.
+ * @e expire_withdraw will be somewhat larger than @e start to
+ * ensure a sufficiently large anonymity set, while also allowing
+ * the Mint to limit the financial damage in case of a key being
+ * compromised. Thus, mints with low volume are expected to have a
+ * longer withdraw period (@e expire_withdraw - @e start) than mints
+ * with high transaction volume. The period may also differ between
+ * types of coins. A mint may also have a few denomination keys
+ * with the same value with overlapping validity periods, to address
+ * issues such as clock skew.
*/
struct GNUNET_TIME_AbsoluteNBO expire_withdraw;
@@ -418,11 +523,22 @@ struct TALER_DenominationKeyValidityPS
* mint will refuse transactions involving this key as it will
* "drop" the table with double-spending information (shortly after)
* this time. Note that wallets should refresh coins significantly
- * before this time to be on the safe side.
+ * before this time to be on the safe side. @e expire_spend must be
+ * significantly larger than @e expire_withdraw (by months or even
+ * years).
*/
struct GNUNET_TIME_AbsoluteNBO expire_spend;
/**
+ * When do signatures with this denomination key become invalid?
+ * After this point, these signatures cannot be used in (legal)
+ * disputes anymore, as the Mint is then allowed to destroy its side
+ * of the evidence. @e expire_legal is expected to be significantly
+ * larger than @e expire_spend (by a year or more).
+ */
+ struct GNUNET_TIME_AbsoluteNBO expire_legal;
+
+ /**
* The value of the coins signed with this denomination key.
*/
struct TALER_AmountNBO value;
@@ -446,7 +562,8 @@ struct TALER_DenominationKeyValidityPS
struct TALER_AmountNBO fee_refresh;
/**
- * Hash code of the denomination public key.
+ * Hash code of the denomination public key. (Used to avoid having
+ * the variable-size RSA key this struct.)
*/
struct GNUNET_HashCode denom_hash;
diff --git a/src/mint-lib/mint_api.c b/src/mint-lib/mint_api.c
index 019793b78..24d617f56 100644
--- a/src/mint-lib/mint_api.c
+++ b/src/mint-lib/mint_api.c
@@ -286,7 +286,7 @@ parse_json_signkey (struct TALER_MINT_SigningPublicKey **_sign_key,
GNUNET_CRYPTO_eddsa_public_key_from_string (key_enc,
52,
&sign_key_issue.signkey_pub.eddsa_pub));
- sign_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY);
+ sign_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY);
sign_key_issue.purpose.size =
htonl (sizeof (sign_key_issue)
- offsetof (struct TALER_MintSigningKeyValidityPS, purpose));
@@ -294,7 +294,7 @@ parse_json_signkey (struct TALER_MINT_SigningPublicKey **_sign_key,
sign_key_issue.start = GNUNET_TIME_absolute_hton (valid_from);
sign_key_issue.expire = GNUNET_TIME_absolute_hton (valid_until);
EXITIF (GNUNET_OK !=
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY,
+ GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY,
&sign_key_issue.purpose,
&sig,
&master_key->eddsa_pub));
@@ -408,7 +408,7 @@ parse_json_denomkey (struct TALER_MINT_DenomPublicKey **_denom_key,
EXITIF (GNUNET_SYSERR == parse_json_amount (obj, &fee_deposit));
EXITIF (NULL == (obj = json_object_get (denom_key_obj, "fee_refresh")));
EXITIF (GNUNET_SYSERR == parse_json_amount (obj, &fee_refresh));
- denom_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY);
+ denom_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY);
denom_key_issue.purpose.size = htonl
(sizeof (struct TALER_DenominationKeyValidityPS) -
offsetof (struct TALER_DenominationKeyValidityPS, purpose));
@@ -425,7 +425,7 @@ parse_json_denomkey (struct TALER_MINT_DenomPublicKey **_denom_key,
TALER_amount_hton (&denom_key_issue.fee_refresh,
&fee_refresh);
EXITIF (GNUNET_SYSERR ==
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY,
+ GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY,
&denom_key_issue.purpose,
&sig,
&master_key->eddsa_pub));
diff --git a/src/mint-tools/taler-mint-keycheck.c b/src/mint-tools/taler-mint-keycheck.c
index df228994d..06b544afa 100644
--- a/src/mint-tools/taler-mint-keycheck.c
+++ b/src/mint-tools/taler-mint-keycheck.c
@@ -68,7 +68,7 @@ signkeys_iter (void *cls,
return GNUNET_SYSERR;
}
if (GNUNET_OK !=
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY,
+ GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY,
&ski->issue.purpose,
&ski->issue.signature.eddsa_signature,
&ski->issue.master_public_key.eddsa_pub))
@@ -128,7 +128,7 @@ denomkeys_iter (void *cls,
}
if (GNUNET_OK !=
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY,
+ GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY,
&dki->issue.purpose,
&dki->issue.signature.eddsa_signature,
&dki->issue.master.eddsa_pub))
diff --git a/src/mint-tools/taler-mint-keyup.c b/src/mint-tools/taler-mint-keyup.c
index 0d84635af..c459dc549 100644
--- a/src/mint-tools/taler-mint-keyup.c
+++ b/src/mint-tools/taler-mint-keyup.c
@@ -448,7 +448,7 @@ create_signkey_issue_priv (struct GNUNET_TIME_Absolute start,
duration));
GNUNET_CRYPTO_eddsa_key_get_public (&pi->signkey_priv.eddsa_priv,
&issue->signkey_pub.eddsa_pub);
- issue->purpose.purpose = htonl (TALER_SIGNATURE_MINT_SIGNING_KEY_VALIDITY);
+ issue->purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY);
issue->purpose.size = htonl (sizeof (struct TALER_MintSigningKeyValidityPS) -
offsetof (struct TALER_MintSigningKeyValidityPS,
purpose));
@@ -701,7 +701,7 @@ create_denomkey_issue (const struct CoinTypeParams *params,
&params->fee_deposit);
TALER_amount_hton (&dki->issue.fee_refresh,
&params->fee_refresh);
- dki->issue.purpose.purpose = htonl (TALER_SIGNATURE_MINT_DENOMINATION_KEY_VALIDITY);
+ dki->issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY);
dki->issue.purpose.size = htonl (sizeof (struct TALER_MINTDB_DenominationKeyIssueInformation) -
offsetof (struct TALER_MINTDB_DenominationKeyIssueInformation,
issue.purpose));
diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h
index 3e8a7df7f..8d51463d8 100644
--- a/src/mint/taler-mint-httpd_db.h
+++ b/src/mint/taler-mint-httpd_db.h
@@ -87,7 +87,7 @@ struct TMH_DB_MeltDetails
* Signature allowing the melt (using
* a `struct RefreshMeltConfirmSignRequestBody`) to sign over.
*/
- union TALER_CoinSpendSignatureP melt_sig;
+ struct TALER_CoinSpendSignatureP melt_sig;
/**
* How much of the coin's value did the client allow to be melted?
diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c
index e732c87d7..09e101f60 100644
--- a/src/mint/taler-mint-httpd_deposit.c
+++ b/src/mint/taler-mint-httpd_deposit.c
@@ -60,7 +60,7 @@ verify_and_execute_deposit (struct MHD_Connection *connection,
struct TALER_MINTDB_DenominationKeyIssueInformation *dki;
struct TALER_Amount fee_deposit;
- dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_DEPOSIT);
+ dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT);
dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS));
dr.h_contract = deposit->h_contract;
dr.h_wire = deposit->h_wire;
@@ -69,7 +69,7 @@ verify_and_execute_deposit (struct MHD_Connection *connection,
&deposit->amount_with_fee);
dr.coin_pub = deposit->coin.coin_pub;
if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_DEPOSIT,
+ GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT,
&dr.purpose,
&deposit->csig.ecdsa_signature,
&deposit->coin.coin_pub.ecdsa_pub))
diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c
index ef7fb03ad..53671dfab 100644
--- a/src/mint/taler-mint-httpd_refresh.c
+++ b/src/mint/taler-mint-httpd_refresh.c
@@ -176,7 +176,7 @@ get_coin_public_info (struct MHD_Connection *connection,
struct TMH_DB_MeltDetails *r_melt_detail)
{
int ret;
- union TALER_CoinSpendSignatureP melt_sig;
+ struct TALER_CoinSpendSignatureP melt_sig;
struct TALER_DenominationSignature sig;
struct TALER_DenominationPublicKey pk;
struct TALER_Amount amount;
@@ -244,13 +244,13 @@ verify_coin_public_info (struct MHD_Connection *connection,
struct TALER_Amount fee_refresh;
body.purpose.size = htonl (sizeof (struct TALER_RefreshMeltCoinAffirmationPS));
- body.purpose.purpose = htonl (TALER_SIGNATURE_COIN_MELT);
+ body.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT);
body.session_hash = *session_hash;
TALER_amount_hton (&body.amount_with_fee,
&r_melt_detail->melt_amount_with_fee);
body.coin_pub = r_public_info->coin_pub;
if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_COIN_MELT,
+ GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT,
&body.purpose,
&r_melt_detail->melt_sig.ecdsa_signature,
&r_public_info->coin_pub.ecdsa_pub))
diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c
index 95bb95cef..c9ca51413 100644
--- a/src/mint/taler-mint-httpd_responses.c
+++ b/src/mint/taler-mint-httpd_responses.c
@@ -294,7 +294,7 @@ TMH_RESPONSE_reply_deposit_success (struct MHD_Connection *connection,
json_t *sig_json;
int ret;
- dc.purpose.purpose = htonl (TALER_SIGNATURE_COIN_DEPOSIT);
+ dc.purpose.purpose = htonl (TALER_SIGNATURE_MINT_CONFIRM_DEPOSIT);
dc.purpose.size = htonl (sizeof (struct TALER_DepositConfirmationPS));
dc.h_contract = *h_contract;
dc.h_wire = *h_wire;
@@ -344,7 +344,7 @@ compile_transaction_history (const struct TALER_MINT_DB_TransactionList *tl)
type = "deposit";
value = deposit->amount_with_fee;
- dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_DEPOSIT);
+ dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT);
dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS));
dr.h_contract = deposit->h_contract;
dr.h_wire = deposit->h_wire;
@@ -363,7 +363,7 @@ compile_transaction_history (const struct TALER_MINT_DB_TransactionList *tl)
type = "melt";
value = melt->amount_with_fee;
- ms.purpose.purpose = htonl (TALER_SIGNATURE_COIN_MELT);
+ ms.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT);
ms.purpose.size = htonl (sizeof (struct TALER_RefreshMeltCoinAffirmationPS));
ms.session_hash = melt->session_hash;
TALER_amount_hton (&ms.amount_with_fee,
@@ -498,7 +498,7 @@ compile_reserve_history (const struct ReserveHistory *rh,
return NULL;
}
ret = 1;
- wr.purpose.purpose = htonl (TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST);
+ wr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW);
wr.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS));
wr.reserve_pub = pos->details.withdraw->reserve_pub;
GNUNET_CRYPTO_rsa_public_key_hash (pos->details.withdraw->denom_pub.rsa_public_key,
@@ -683,7 +683,7 @@ TMH_RESPONSE_reply_refresh_melt_success (struct MHD_Connection *connection,
int ret;
body.purpose.size = htonl (sizeof (struct TALER_RefreshMeltConfirmationPS));
- body.purpose.purpose = htonl (TALER_SIGNATURE_MINT_MELT_RESPONSE);
+ body.purpose.purpose = htonl (TALER_SIGNATURE_MINT_CONFIRM_MELT);
body.session_hash = *session_hash;
body.noreveal_index = htons (noreveal_index);
TMH_KS_sign (&body.purpose,
diff --git a/src/mint/taler-mint-httpd_withdraw.c b/src/mint/taler-mint-httpd_withdraw.c
index 0d700df6f..e7a122213 100644
--- a/src/mint/taler-mint-httpd_withdraw.c
+++ b/src/mint/taler-mint-httpd_withdraw.c
@@ -138,7 +138,7 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh,
/* verify signature! */
wsrd.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS));
- wsrd.purpose.purpose = htonl (TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST);
+ wsrd.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW);
GNUNET_CRYPTO_hash (denomination_pub_data,
denomination_pub_data_size,
&wsrd.h_denomination_pub);
@@ -146,7 +146,7 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh,
blinded_msg_len,
&wsrd.h_coin_envelope);
if (GNUNET_OK !=
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_RESERVE_WITHDRAW_REQUEST,
+ GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW,
&wsrd.purpose,
&signature.eddsa_signature,
&wsrd.reserve_pub.eddsa_pub))