diff options
Diffstat (limited to 'src/mint-lib')
-rw-r--r-- | src/mint-lib/mint_api_common.c | 126 | ||||
-rw-r--r-- | src/mint-lib/mint_api_json.c | 71 | ||||
-rw-r--r-- | src/mint-lib/mint_api_json.h | 19 | ||||
-rw-r--r-- | src/mint-lib/mint_api_reserve.c | 27 |
4 files changed, 98 insertions, 145 deletions
diff --git a/src/mint-lib/mint_api_common.c b/src/mint-lib/mint_api_common.c index d8e83c785..fd85fbdc4 100644 --- a/src/mint-lib/mint_api_common.c +++ b/src/mint-lib/mint_api_common.c @@ -62,13 +62,20 @@ TALER_MINT_verify_coin_history_ (const char *currency, { json_t *transaction; struct TALER_Amount amount; - struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; + struct TALER_CoinSpendSignatureP sig; + void *details; + size_t details_size; + const char *type; struct MAJ_Specification spec[] = { MAJ_spec_amount ("amount", &amount), - MAJ_spec_eddsa_signed_purpose ("signature", - &purpose, - &coin_pub->eddsa_pub), + MAJ_spec_string ("type", + &type), + MAJ_spec_fixed_auto ("signature", + &sig), + MAJ_spec_varsize ("details", + &details, + &details_size), MAJ_spec_end }; @@ -81,57 +88,90 @@ TALER_MINT_verify_coin_history_ (const char *currency, GNUNET_break_op (0); return GNUNET_SYSERR; } - switch (ntohl (purpose->purpose)) + if (0 == strcasecmp (type, + "DEPOSIT")) { - case TALER_SIGNATURE_WALLET_COIN_DEPOSIT: - { - const struct TALER_DepositRequestPS *dr; - struct TALER_Amount dr_amount; + const struct TALER_DepositRequestPS *dr; + struct TALER_Amount dr_amount; - if (ntohl (purpose->size) != sizeof (struct TALER_DepositRequestPS)) - { - GNUNET_break (0); - MAJ_parse_free (spec); - return GNUNET_SYSERR; - } - dr = (const struct TALER_DepositRequestPS *) purpose; - TALER_amount_ntoh (&dr_amount, - &dr->amount_with_fee); - if (0 != TALER_amount_cmp (&dr_amount, - &amount)) - { - GNUNET_break (0); - MAJ_parse_free (spec); - return GNUNET_SYSERR; - } + if (details_size != sizeof (struct TALER_DepositRequestPS)) + { + GNUNET_break_op (0); + MAJ_parse_free (spec); + return GNUNET_SYSERR; } - break; - case TALER_SIGNATURE_WALLET_COIN_MELT: + dr = (const struct TALER_DepositRequestPS *) details; + if (details_size != ntohl (dr->purpose.size)) { - const struct TALER_RefreshMeltCoinAffirmationPS *rm; - struct TALER_Amount rm_amount; - - if (ntohl (purpose->size) != sizeof (struct TALER_RefreshMeltCoinAffirmationPS)) + GNUNET_break_op (0); + MAJ_parse_free (spec); + return GNUNET_SYSERR; + } + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, + &dr->purpose, + &sig.eddsa_signature, + &coin_pub->eddsa_pub)) { - GNUNET_break (0); - MAJ_parse_free (spec); - return GNUNET_SYSERR; - } - rm = (const struct TALER_RefreshMeltCoinAffirmationPS *) purpose; - TALER_amount_ntoh (&rm_amount, - &rm->amount_with_fee); - if (0 != TALER_amount_cmp (&rm_amount, - &amount)) + GNUNET_break_op (0); + MAJ_parse_free (spec); + return GNUNET_SYSERR; + } + + // FIXME: check sig! + TALER_amount_ntoh (&dr_amount, + &dr->amount_with_fee); + if (0 != TALER_amount_cmp (&dr_amount, + &amount)) { GNUNET_break (0); MAJ_parse_free (spec); return GNUNET_SYSERR; } + } + else if (0 == strcasecmp (type, + "MELT")) + { + const struct TALER_RefreshMeltCoinAffirmationPS *rm; + struct TALER_Amount rm_amount; + + if (details_size != sizeof (struct TALER_RefreshMeltCoinAffirmationPS)) + { + GNUNET_break_op (0); + MAJ_parse_free (spec); + return GNUNET_SYSERR; + } + rm = (const struct TALER_RefreshMeltCoinAffirmationPS *) details; + if (details_size != ntohl (rm->purpose.size)) + { + GNUNET_break_op (0); + MAJ_parse_free (spec); + return GNUNET_SYSERR; + } + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT, + &rm->purpose, + &sig.eddsa_signature, + &coin_pub->eddsa_pub)) + { + GNUNET_break_op (0); + MAJ_parse_free (spec); + return GNUNET_SYSERR; + } + TALER_amount_ntoh (&rm_amount, + &rm->amount_with_fee); + if (0 != TALER_amount_cmp (&rm_amount, + &amount)) + { + GNUNET_break_op (0); + MAJ_parse_free (spec); + return GNUNET_SYSERR; } - break; - default: + } + else + { /* signature not supported, new version on server? */ - GNUNET_break (0); + GNUNET_break_op (0); MAJ_parse_free (spec); return GNUNET_SYSERR; } diff --git a/src/mint-lib/mint_api_json.c b/src/mint-lib/mint_api_json.c index 46f54d948..a728a5495 100644 --- a/src/mint-lib/mint_api_json.c +++ b/src/mint-lib/mint_api_json.c @@ -213,49 +213,6 @@ parse_json (json_t *root, } break; - case MAJ_CMD_EDDSA_SIGNATURE: - { - struct TALER_CoinSpendSignatureP sig; - struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; - size_t size; - struct MAJ_Specification sig_spec[] = { - MAJ_spec_fixed_auto ("eddsa_sig", &sig), - MAJ_spec_varsize ("eddsa_val", (void**) &purpose, &size), - MAJ_spec_end - }; - - if (GNUNET_OK != - MAJ_parse_json (pos, - sig_spec)) - { - GNUNET_break_op (0); - MAJ_parse_free (sig_spec); - return i; - } - if (size != ntohl (purpose->size)) - { - GNUNET_break_op (0); - MAJ_parse_free (sig_spec); - return i; - } - - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (ntohl (purpose->purpose), - purpose, - &sig.eddsa_signature, - spec[i].details.eddsa_signature.pub_key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Failed to verify signature of purpose %u\n", - ntohl (purpose->purpose)); - GNUNET_break_op (0); - MAJ_parse_free (sig_spec); - return i; - } - *spec[i].details.eddsa_signature.purpose_p = purpose; - } - break; - case MAJ_CMD_UINT16: { json_int_t val; @@ -337,10 +294,6 @@ parse_free (struct MAJ_Specification *spec, GNUNET_CRYPTO_rsa_signature_free (*spec[i].details.rsa_signature); *spec[i].details.rsa_signature = NULL; break; - case MAJ_CMD_EDDSA_SIGNATURE: - GNUNET_free (*spec[i].details.eddsa_signature.purpose_p); - *spec[i].details.eddsa_signature.purpose_p = NULL; - break; case MAJ_CMD_JSON_OBJECT: json_decref (*spec[i].details.obj); *spec[i].details.obj = NULL; @@ -535,28 +488,4 @@ MAJ_spec_rsa_signature (const char *name, } -/** - * Specification for parsing an EdDSA object signature with purpose. - * Also validates the signature (!). - * - * @param name name of the JSON field - * @param purpose_p where to store the purpose - * @param pub_key public key to use for validation - */ -struct MAJ_Specification -MAJ_spec_eddsa_signed_purpose (const char *name, - struct GNUNET_CRYPTO_EccSignaturePurpose **purpose_p, - const struct GNUNET_CRYPTO_EddsaPublicKey *pub_key) -{ - struct MAJ_Specification ret = - { - .cmd = MAJ_CMD_EDDSA_SIGNATURE, - .field = name, - .details.eddsa_signature.purpose_p = purpose_p, - .details.eddsa_signature.pub_key = pub_key - }; - return ret; -} - - /* end of mint_api_json.c */ diff --git a/src/mint-lib/mint_api_json.h b/src/mint-lib/mint_api_json.h index 2af5588e5..68809059e 100644 --- a/src/mint-lib/mint_api_json.h +++ b/src/mint-lib/mint_api_json.h @@ -69,11 +69,6 @@ enum MAJ_Command MAJ_CMD_RSA_SIGNATURE, /** - * Parse object with EdDSA signature and purpose at current position. - */ - MAJ_CMD_EDDSA_SIGNATURE, - - /** * Parse `const char *` JSON string at current position. */ MAJ_CMD_STRING, @@ -310,20 +305,6 @@ MAJ_spec_amount (const char *name, /** - * Specification for parsing an EdDSA object signature with purpose. - * Also validates the signature (!). - * - * @param name name of the JSON field - * @param purpose_p where to store the purpose - * @param pub_key public key to use for validation - */ -struct MAJ_Specification -MAJ_spec_eddsa_signed_purpose (const char *name, - struct GNUNET_CRYPTO_EccSignaturePurpose **purpose_p, - const struct GNUNET_CRYPTO_EddsaPublicKey *pub_key); - - -/** * Specification for parsing an RSA public key. * * @param name name of the JSON field diff --git a/src/mint-lib/mint_api_reserve.c b/src/mint-lib/mint_api_reserve.c index 57e8552cc..a726eca46 100644 --- a/src/mint-lib/mint_api_reserve.c +++ b/src/mint-lib/mint_api_reserve.c @@ -167,13 +167,14 @@ parse_reserve_history (json_t *history, else if (0 == strcasecmp (type, "WITHDRAW")) { - struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; - const struct TALER_WithdrawRequestPS *withdraw_purpose; + struct TALER_ReserveSignatureP sig; + struct TALER_WithdrawRequestPS withdraw_purpose; struct TALER_Amount amount_from_purpose; struct MAJ_Specification withdraw_spec[] = { - MAJ_spec_eddsa_signed_purpose ("signature", - &purpose, - &reserve_pub->eddsa_pub), + MAJ_spec_fixed_auto ("signature", + &sig), + MAJ_spec_fixed_auto ("details", + &withdraw_purpose), MAJ_spec_end }; unsigned int i; @@ -186,17 +187,19 @@ parse_reserve_history (json_t *history, GNUNET_break_op (0); return GNUNET_SYSERR; } - /* Check that the signature actually signed a withdraw request */ - if ( (ntohl (purpose->purpose) != TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW) || - (ntohl (purpose->size) != sizeof (struct TALER_WithdrawRequestPS)) ) + /* Check that the signature is a valid withdraw request */ + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW, + &withdraw_purpose.purpose, + &sig.eddsa_signature, + &reserve_pub->eddsa_pub)) { GNUNET_break_op (0); MAJ_parse_free (withdraw_spec); return GNUNET_SYSERR; } - withdraw_purpose = (const struct TALER_WithdrawRequestPS *) purpose; TALER_amount_ntoh (&amount_from_purpose, - &withdraw_purpose->amount_with_fee); + &withdraw_purpose.amount_with_fee); if (0 != TALER_amount_cmp (&amount, &amount_from_purpose)) { @@ -211,8 +214,8 @@ parse_reserve_history (json_t *history, "uuid" array to remember the hashes of all purposes, and compare the hashes to find duplicates. */ - GNUNET_CRYPTO_hash (withdraw_purpose, - ntohl (withdraw_purpose->purpose.size), + GNUNET_CRYPTO_hash (&withdraw_purpose, + ntohl (withdraw_purpose.purpose.size), &uuid[uuid_off]); for (i=0;i<uuid_off;i++) { |