aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/include/taler_crypto_lib.h36
-rw-r--r--src/include/taler_exchange_service.h8
-rw-r--r--src/lib/exchange_api_purse_create_with_merge.c420
-rw-r--r--src/util/crypto_contract.c209
-rw-r--r--src/util/merchant_signatures.c2
5 files changed, 659 insertions, 16 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 554cb1a26..71ad07712 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -2207,7 +2207,7 @@ TALER_CRYPTO_contract_encrypt_for_merge (
/**
- * Encrypt contract for the party that will
+ * Decrypt contract for the party that will
* merge it into a reserve.
*
* @param purse_pub public key of the purse
@@ -2226,6 +2226,40 @@ TALER_CRYPTO_contract_decrypt_for_merge (
struct TALER_PurseMergePrivateKeyP *merge_priv);
+/**
+ * Encrypt contract for transmission to a party that will
+ * pay for it.
+ *
+ * @param purse_pub public key of the purse
+ * @param contract_priv private key of the contract
+ * @param contract_terms contract terms to encrypt
+ * @param[out] econtract set to encrypted contract
+ * @param[out] econtract_size set to number of bytes in @a econtract
+ */
+void
+TALER_CRYPTO_contract_encrypt_for_deposit (
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_ContractDiffiePrivateP *contract_priv,
+ const json_t *contract_terms,
+ void **econtract,
+ size_t *econtract_size);
+
+
+/**
+ * Decrypt contract for the party that will pay for it.
+ *
+ * @param contract_priv private key of the contract
+ * @param econtract encrypted contract
+ * @param econtract_size number of bytes in @a econtract
+ * @return decrypted contract terms, or NULL on failure
+ */
+json_t *
+TALER_CRYPTO_contract_decrypt_for_deposit (
+ const struct TALER_ContractDiffiePrivateP *contract_priv,
+ const void *econtract,
+ size_t econtract_size);
+
+
/* **************** Helper-based RSA operations **************** */
/**
diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h
index 93f6816c7..3095ac2b8 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -4433,6 +4433,8 @@ struct TALER_EXCHANGE_PurseCreateMergeHandle;
* @param exchange the exchange hosting the reserve
* @param reserve_priv private key of the reserve
* @param purse_priv private key of the purse
+ * @param merge_priv private key of the merge capability
+ * @param contract_priv private key to get the contract
* @param contract_terms contract the purse is about
* @param upload_contract true to upload the contract
* @param purse_expiration when will the unmerged purse expire
@@ -4447,6 +4449,8 @@ TALER_EXCHANGE_purse_create_with_merge (
struct TALER_EXCHANGE_Handle *exchange,
const struct TALER_ReservePrivateKeyP *reserve_priv,
const struct TALER_PurseContractPrivateKeyP *purse_priv,
+ const struct TALER_PurseMergePrivateKeyP *merge_priv,
+ const struct TALER_ContractDiffiePrivateP *contract_priv,
const json_t *contract_terms,
bool upload_contract,
struct GNUNET_TIME_Timestamp purse_expiration,
@@ -4459,11 +4463,11 @@ TALER_EXCHANGE_purse_create_with_merge (
/**
* Cancel #TALER_EXCHANGE_purse_create_with_merge() operation.
*
- * @param pch handle of the operation to cancel
+ * @param pcm handle of the operation to cancel
*/
void
TALER_EXCHANGE_purse_create_with_merge_cancel (
- struct TALER_EXCHANGE_PurseCreateMergeHandle *pch);
+ struct TALER_EXCHANGE_PurseCreateMergeHandle *pcm);
/**
diff --git a/src/lib/exchange_api_purse_create_with_merge.c b/src/lib/exchange_api_purse_create_with_merge.c
new file mode 100644
index 000000000..226542b62
--- /dev/null
+++ b/src/lib/exchange_api_purse_create_with_merge.c
@@ -0,0 +1,420 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2022 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ TALER; see the file COPYING. If not, see
+ <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file lib/exchange_api_purse_create_with_merge.c
+ * @brief Implementation of the client to create a
+ * purse for an account
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <jansson.h>
+#include <microhttpd.h> /* just for HTTP status codes */
+#include <gnunet/gnunet_util_lib.h>
+#include <gnunet/gnunet_json_lib.h>
+#include <gnunet/gnunet_curl_lib.h>
+#include "taler_json_lib.h"
+#include "taler_exchange_service.h"
+#include "exchange_api_handle.h"
+#include "taler_signatures.h"
+#include "exchange_api_curl_defaults.h"
+
+
+/**
+ * @brief A purse create with merge handle
+ */
+struct TALER_EXCHANGE_PurseCreateMergeHandle
+{
+
+ /**
+ * The connection to exchange this request handle will use
+ */
+ struct TALER_EXCHANGE_Handle *exchange;
+
+ /**
+ * The url for this request.
+ */
+ char *url;
+
+ /**
+ * Context for #TEH_curl_easy_post(). Keeps the data that must
+ * persist for Curl to make the upload.
+ */
+ struct TALER_CURL_PostContext ctx;
+
+ /**
+ * Handle for the request.
+ */
+ struct GNUNET_CURL_Job *job;
+
+ /**
+ * Function to call with the result.
+ */
+ TALER_EXCHANGE_PurseCreateMergeCallback cb;
+
+ /**
+ * Closure for @a cb.
+ */
+ void *cb_cls;
+
+ /**
+ * Expected value in the purse after fees.
+ */
+ struct TALER_Amount purse_value_after_fees;
+
+ /**
+ * Public key of the reserve public key.
+ */
+ struct TALER_ReservePublicKeyP reserve_pub;
+
+ /**
+ * Public key of the purse.
+ */
+ struct TALER_PurseContractPublicKeyP purse_pub;
+
+ /**
+ * Hash over the purse's contrac terms.
+ */
+ struct TALER_PrivateContractHashP h_contract_terms;
+
+ /**
+ * When does the purse expire.
+ */
+ struct GNUNET_TIME_Timestamp purse_expiration;
+
+ /**
+ * When does the purse get merged/created.
+ */
+ struct GNUNET_TIME_Timestamp merge_timestamp;
+};
+
+
+/**
+ * Function called when we're done processing the
+ * HTTP /reserves/$RID/purse request.
+ *
+ * @param cls the `struct TALER_EXCHANGE_PurseCreateMergeHandle`
+ * @param response_code HTTP response code, 0 on error
+ * @param response parsed JSON result, NULL on error
+ */
+static void
+handle_purse_create_with_merge_finished (void *cls,
+ long response_code,
+ const void *response)
+{
+ struct TALER_EXCHANGE_PurseCreateMergeHandle *pcm = cls;
+ const json_t *j = response;
+ struct TALER_EXCHANGE_PurseCreateMergeResponse dr = {
+ .hr.reply = j,
+ .hr.http_status = (unsigned int) response_code
+ };
+
+ pcm->job = NULL;
+ switch (response_code)
+ {
+ case 0:
+ dr.hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE;
+ break;
+ case MHD_HTTP_OK:
+ {
+#if FIXME
+ const struct TALER_EXCHANGE_Keys *key_state;
+ struct GNUNET_TIME_Timestamp etime;
+ struct TALER_Amount total_deposited;
+ struct TALER_ExchangeSignatureP exchange_sig;
+ struct TALER_ExchangePublicKeyP exchange_pub;
+ struct GNUNET_JSON_Specification spec[] = {
+ GNUNET_JSON_spec_fixed_auto ("exchange_sig",
+ &exchange_sig),
+ GNUNET_JSON_spec_fixed_auto ("exchange_pub",
+ &exchange_pub),
+ GNUNET_JSON_spec_timestamp ("exchange_timestamp",
+ &etime),
+ GNUNET_JSON_spec_end ()
+ };
+
+ if (GNUNET_OK !=
+ GNUNET_JSON_parse (j,
+ spec,
+ NULL, NULL))
+ {
+ GNUNET_break_op (0);
+ dr.hr.http_status = 0;
+ dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED;
+ break;
+ }
+ key_state = TALER_EXCHANGE_get_keys (pcm->exchange);
+ if (GNUNET_OK !=
+ TALER_EXCHANGE_test_signing_key (key_state,
+ &exchange_pub))
+ {
+ GNUNET_break_op (0);
+ dr.hr.http_status = 0;
+ dr.hr.ec =
+ TALER_EC_EXCHANGE_PURSE_CREATE_WITH_MERGE_EXCHANGE_SIGNATURE_INVALID;
+ break;
+ }
+ if (GNUNET_OK !=
+ TALER_exchange_online_purse_create_with_merged_verify (
+ etime,
+ pcm->purse_expiration,
+ &pcm->purse_value_after_fees,
+ &pcm->purse_pub,
+ &pcm->h_contract_terms,
+ &pcm->reserve_pub,
+ pcm->provider_url,
+ &exchange_pub,
+ &exchange_sig))
+ {
+ GNUNET_break_op (0);
+ dr.hr.http_status = 0;
+ dr.hr.ec =
+ TALER_EC_EXCHANGE_PURSE_CREATE_WITH_MERGE_EXCHANGE_SIGNATURE_INVALID;
+ break;
+ }
+#endif
+ }
+ break;
+ case MHD_HTTP_BAD_REQUEST:
+ /* This should never happen, either us or the exchange is buggy
+ (or API version conflict); just pass JSON reply to the application */
+ dr.hr.ec = TALER_JSON_get_error_code (j);
+ dr.hr.hint = TALER_JSON_get_error_hint (j);
+ break;
+ case MHD_HTTP_FORBIDDEN:
+ dr.hr.ec = TALER_JSON_get_error_code (j);
+ dr.hr.hint = TALER_JSON_get_error_hint (j);
+ /* Nothing really to verify, exchange says one of the signatures is
+ invalid; as we checked them, this should never happen, we
+ should pass the JSON reply to the application */
+ break;
+ case MHD_HTTP_NOT_FOUND:
+ dr.hr.ec = TALER_JSON_get_error_code (j);
+ dr.hr.hint = TALER_JSON_get_error_hint (j);
+ /* Nothing really to verify, this should never
+ happen, we should pass the JSON reply to the application */
+ break;
+ case MHD_HTTP_CONFLICT:
+ // FIXME: check reply!
+ break;
+ case MHD_HTTP_GONE:
+ /* could happen if denomination was revoked */
+ /* Note: one might want to check /keys for revocation
+ signature here, alas tricky in case our /keys
+ is outdated => left to clients */
+ dr.hr.ec = TALER_JSON_get_error_code (j);
+ dr.hr.hint = TALER_JSON_get_error_hint (j);
+ break;
+ case MHD_HTTP_INTERNAL_SERVER_ERROR:
+ dr.hr.ec = TALER_JSON_get_error_code (j);
+ dr.hr.hint = TALER_JSON_get_error_hint (j);
+ /* Server had an internal issue; we should retry, but this API
+ leaves this to the application */
+ break;
+ default:
+ /* unexpected response code */
+ dr.hr.ec = TALER_JSON_get_error_code (j);
+ dr.hr.hint = TALER_JSON_get_error_hint (j);
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Unexpected response code %u/%d for exchange deposit\n",
+ (unsigned int) response_code,
+ dr.hr.ec);
+ GNUNET_break_op (0);
+ break;
+ }
+ pcm->cb (pcm->cb_cls,
+ &dr);
+ TALER_EXCHANGE_account_create_with_merge_cancel (pcm);
+}
+
+
+struct TALER_EXCHANGE_PurseCreateMergeHandle *
+TALER_EXCHANGE_purse_create_with_merge (
+ struct TALER_EXCHANGE_Handle *exchange,
+ const struct TALER_ReservePrivateKeyP *reserve_priv,
+ const struct TALER_PurseContractPrivateKeyP *purse_priv,
+ const struct TALER_PurseMergePrivateKeyP *merge_priv,
+ const struct TALER_ContractDiffiePrivateP *contract_priv,
+ const json_t *contract_terms,
+ bool upload_contract,
+ struct GNUNET_TIME_Timestamp purse_expiration,
+ struct GNUNET_TIME_Timestamp merge_timestamp,
+ const struct TALER_Amount *purse_value_after_fees,
+ TALER_EXCHANGE_PurseCreateMergeCallback cb,
+ void *cb_cls)
+{
+ struct TALER_EXCHANGE_PurseCreateMergeHandle *pcm;
+ struct GNUNET_CURL_Context *ctx;
+ json_t *create_with_merge_obj;
+ CURL *eh;
+ struct TALER_PurseMergeSignatureP merge_sig;
+ struct TALER_ReserveSignatureP reserve_sig;
+ char arg_str[sizeof (pcm->reserve_pub) * 2 + 32];
+ uint32_t min_age = 0;
+ struct TALER_PurseMergePublicKeyP merge_pub;
+ struct TALER_PurseMergeSignatureP merge_sig;
+ void *econtract = NULL;
+ size_t econtract_size = 0;
+
+ pcm = GNUNET_new (struct TALER_EXCHANGE_PurseCreateMergeHandle);
+ pcm->exchange = exchange;
+ pcm->cb = cb;
+ pcm->cb_cls = cb_cls;
+ if (GNUNET_OK !=
+ TALER_JSON_contract_hash (contract_terms,
+ &pcm->h_contract_terms))
+ {
+ GNUNET_break (0);
+ GNUNET_free (pcm);
+ return NULL;
+ }
+ pcm->h_contract_terms = *h_contract_terms;
+ pcm->purse_expiration = purse_expiration;
+ pcm->merge_timestamp = merge_timestamp;
+ pcm->purse_value_after_fees = *purse_value_after_fees;
+ GNUNET_CRYPTO_eddsa_key_get_public (&purse_priv->eddsa_priv,
+ &pcm->purse_pub.eddsa_pub);
+ GNUNET_CRYPTO_eddsa_key_get_public (&reserve_priv->eddsa_priv,
+ &pcm->reserve_pub.eddsa_pub);
+ GNUNET_CRYPTO_eddsa_key_get_public (&merge_priv->eddsa_priv,
+ &merge_pub.eddsa_pub);
+
+ // FIXME: extract min_age from contract_terms!
+
+ GNUNET_assert (GNUNET_YES ==
+ TEAH_handle_is_ready (exchange));
+ {
+ char pub_str[sizeof (pcm->reserve_pub) * 2];
+ char *end;
+
+ end = GNUNET_STRINGS_data_to_string (
+ &pcm->reserve_pub,
+ sizeof (pcm->reserve_pub),
+ pub_str,
+ sizeof (pub_str));
+ *end = '\0';
+ GNUNET_snprintf (arg_str,
+ sizeof (arg_str),
+ "/reserves/%s/purse",
+ pub_str);
+ }
+ pcm->url = TEAH_path_to_url (exchange,
+ arg_str);
+ if (NULL == pcm->url)
+ {
+ GNUNET_break (0);
+ GNUNET_free (pcm);
+ return NULL;
+ }
+ TALER_wallet_purse_create_sign (purse_expiration,
+ &pcm->h_contract_terms,
+ &merge_pub,
+ min_age,
+ &pcm->purse_value,
+ purse_priv,
+ &purse_sig);
+ TALER_wallet_purse_merge_sign (exchange_url,
+ merge_timestamp,
+ &purse_pub,
+ &merge_priv,
+ &merge_sig);
+ TALER_wallet_account_merge_sign (merge_timestamp,
+ &pcm->purse_pub,
+ purse_expiration,
+ &pcm->h_contract_terms,
+ &pcm->purse_value,
+ min_age,
+ reserve_priv,
+ &reserve_sig);
+ if (upload_contract)
+ {
+ TALER_CRYPTO_contract_encrypt_for_deposit (
+ &purse_pub,
+ &contract_priv,
+ contract_terms,
+ &econtract,
+ &econtract_size);
+ }
+ create_with_merge_obj = GNUNET_JSON_PACK (
+ GNUNET_JSON_allow_null (
+ GNUNET_JSON_pack_data_varsize ("econtract",
+ econtract,
+ econtract_size)),
+ GNUNET_JSON_pack_data_auto ("merge_sig",
+ &merge_sig),
+ GNUNET_JSON_pack_data_auto ("reserve_sig",
+ &reserve_sig),
+ GNUNET_JSON_pack_data_auto ("purse_sig",
+ &purse_sig),
+ GNUNET_JSON_pack_data_auto ("merge_pub",
+ &merge_pub),
+ GNUNET_JSON_pack_data_auto ("purse_pub",
+ &pcm->purse_pub),
+ GNUNET_JSON_pack_data_auto ("h_contract_terms",
+ &pcm->h_contract_terms),
+ TALER_JSON_pack_amount ("purse_value",
+ purse_value_after_fees),
+ GNUNET_JSON_pack_timestamp ("merge_timestamp",
+ merge_timestamp)
+ GNUNET_JSON_pack_timestamp ("purse_expiration",
+ purse_expiration));
+ GNUNET_assert (NULL != create_with_merge_obj);
+ GNUNET_free (econtract);
+ eh = TALER_EXCHANGE_curl_easy_get_ (pcm->url);
+ if ( (NULL == eh) ||
+ (GNUNET_OK !=
+ TALER_curl_easy_post (&pcm->ctx,
+ eh,
+ create_with_merge_obj)) )
+ {
+ GNUNET_break (0);
+ if (NULL != eh)
+ curl_easy_cleanup (eh);
+ json_decref (create_with_merge_obj);
+ GNUNET_free (pcm->url);
+ GNUNET_free (pcm);
+ return NULL;
+ }
+ json_decref (create_with_merge_obj);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "URL for purse create_with_merge: `%s'\n",
+ pcm->url);
+ ctx = TEAH_handle_to_context (exchange);
+ pcm->job = GNUNET_CURL_job_add2 (ctx,
+ eh,
+ pcm->ctx.headers,
+ &handle_purse_create_with_merge_finished,
+ pcm);
+ return pcm;
+}
+
+
+void
+TALER_EXCHANGE_account_create_with_merge_cancel (
+ struct TALER_EXCHANGE_PurseCreateMergeHandle *pcm)
+{
+ if (NULL != pcm->job)
+ {
+ GNUNET_CURL_job_cancel (pcm->job);
+ pcm->job = NULL;
+ }
+ GNUNET_free (pcm->url);
+ TALER_curl_easy_post_finished (&pcm->ctx);
+ GNUNET_free (pcm);
+}
+
+
+/* end of exchange_api_purse_create_with_merge.c */
diff --git a/src/util/crypto_contract.c b/src/util/crypto_contract.c
index 30fdec789..fe6b1e6af 100644
--- a/src/util/crypto_contract.c
+++ b/src/util/crypto_contract.c
@@ -34,7 +34,12 @@ enum ContractFormats
* can merge it into a reserve/account to accept the contract and
* obtain the payment.
*/
- TALER_EXCHANGE_CONTRACT_PAYMENT_OFFER = 0
+ TALER_EXCHANGE_CONTRACT_PAYMENT_OFFER = 0,
+
+ /**
+ * The encrypted contract represents a payment request.
+ */
+ TALER_EXCHANGE_CONTRACT_PAYMENT_REQUEST = 1
};
@@ -192,7 +197,7 @@ contract_decrypt (const void *key,
/**
* Header for encrypted contracts.
*/
-struct ContractHeader
+struct ContractHeaderP
{
/**
* Type of the contract, in NBO.
@@ -203,15 +208,23 @@ struct ContractHeader
* Length of the encrypted contract, in NBO.
*/
uint32_t clen;
+};
+
+/**
+ * Header for encrypted contracts.
+ */
+struct ContractHeaderMergeP
+{
/**
- * Included key material, depending on @e ctype.
+ * Generic header.
*/
- union
- {
- struct TALER_PurseMergePrivateKeyP merge_priv;
- } keys;
+ struct ContractHeaderP header;
+ /**
+ * Private key with the merge capability.
+ */
+ struct TALER_PurseMergePrivateKeyP merge_priv;
};
@@ -234,7 +247,7 @@ TALER_CRYPTO_contract_encrypt_for_merge (
char *cstr;
size_t clen;
void *xbuf;
- struct ContractHeader *hdr;
+ struct ContractHeaderMergeP *hdr;
struct NonceP nonce;
uLongf cbuf_size;
int ret;
@@ -255,9 +268,9 @@ TALER_CRYPTO_contract_encrypt_for_merge (
GNUNET_assert (Z_OK == ret);
free (cstr);
hdr = GNUNET_malloc (sizeof (*hdr) + cbuf_size);
- hdr->ctype = htonl (TALER_EXCHANGE_CONTRACT_PAYMENT_OFFER);
- hdr->clen = htonl ((uint32_t) clen);
- hdr->keys.merge_priv = *merge_priv;
+ hdr->header.ctype = htonl (TALER_EXCHANGE_CONTRACT_PAYMENT_OFFER);
+ hdr->header.clen = htonl ((uint32_t) clen);
+ hdr->merge_priv = *merge_priv;
memcpy (&hdr[1],
xbuf,
cbuf_size);
@@ -288,7 +301,7 @@ TALER_CRYPTO_contract_decrypt_for_merge (
struct GNUNET_HashCode key;
void *xhdr;
size_t hdr_size;
- const struct ContractHeader *hdr;
+ const struct ContractHeaderMergeP *hdr;
char *cstr;
uLongf clen;
json_error_t json_error;
@@ -321,6 +334,177 @@ TALER_CRYPTO_contract_decrypt_for_merge (
return NULL;
}
hdr = xhdr;
+ if (TALER_EXCHANGE_CONTRACT_PAYMENT_OFFER != ntohl (hdr->header.ctype))
+ {
+ GNUNET_break_op (0);
+ GNUNET_free (xhdr);
+ return NULL;
+ }
+ clen = ntohl (hdr->header.clen);
+ if (clen >= GNUNET_MAX_MALLOC_CHECKED)
+ {
+ GNUNET_break_op (0);
+ GNUNET_free (xhdr);
+ return NULL;
+ }
+ cstr = GNUNET_malloc (clen + 1);
+ if (Z_OK !=
+ uncompress ((Bytef *) cstr,
+ &clen,
+ (const Bytef *) &hdr[1],
+ hdr_size - sizeof (*hdr)))
+ {
+ GNUNET_break_op (0);
+ GNUNET_free (cstr);
+ GNUNET_free (xhdr);
+ return NULL;
+ }
+ *merge_priv = hdr->merge_priv;
+ GNUNET_free (xhdr);
+ ret = json_loadb ((char *) cstr,
+ clen,
+ JSON_DECODE_ANY,
+ &json_error);
+ if (NULL == ret)
+ {
+ GNUNET_break_op (0);
+ GNUNET_free (cstr);
+ return NULL;
+ }
+ GNUNET_free (cstr);
+ return ret;
+}
+
+
+/**
+ * Salt we use when encrypting contracts for merge.
+ */
+#define DEPOSIT_SALT "p2p-deposit-contract"
+
+
+void
+TALER_CRYPTO_contract_encrypt_for_deposit (
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_ContractDiffiePrivateP *contract_priv,
+ const json_t *contract_terms,
+ void **econtract,
+ size_t *econtract_size)
+{
+ struct GNUNET_HashCode key;
+ char *cstr;
+ size_t clen;
+ void *xbuf;
+ struct ContractHeaderP *hdr;
+ struct NonceP nonce;
+ uLongf cbuf_size;
+ int ret;
+ void *xecontract;
+ size_t xecontract_size;
+
+ GNUNET_assert (GNUNET_OK ==
+ GNUNET_CRYPTO_ecdh_eddsa (&contract_priv->ecdhe_priv,
+ &purse_pub->eddsa_pub,
+ &key));
+ cstr = json_dumps (contract_terms,
+ JSON_COMPACT | JSON_SORT_KEYS);
+ clen = strlen (cstr);
+ cbuf_size = compressBound (clen);
+ xbuf = GNUNET_malloc (cbuf_size);
+ ret = compress (xbuf,
+ &cbuf_size,
+ (const Bytef *) cstr,
+ clen);
+ GNUNET_assert (Z_OK == ret);
+ free (cstr);
+ hdr = GNUNET_malloc (sizeof (*hdr) + cbuf_size);
+ hdr->ctype = htonl (TALER_EXCHANGE_CONTRACT_PAYMENT_REQUEST);
+ hdr->clen = htonl ((uint32_t) clen);
+ memcpy (&hdr[1],
+ xbuf,
+ cbuf_size);
+ GNUNET_free (xbuf);
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+ &nonce,
+ sizeof (nonce));
+ contract_encrypt (&nonce,
+ &key,
+ sizeof (key),
+ hdr,
+ sizeof (*hdr) + cbuf_size,
+ DEPOSIT_SALT,
+ &xecontract,
+ &xecontract_size);
+ GNUNET_free (hdr);
+ /* prepend purse_pub */
+ *econtract = GNUNET_malloc (xecontract_size + sizeof (*purse_pub));
+ memcpy (*econtract,
+ purse_pub,
+ sizeof (*purse_pub));
+ memcpy (sizeof (*purse_pub) + *econtract,
+ xecontract,
+ xecontract_size);
+ *econtract_size = xecontract_size + sizeof (*purse_pub);
+ GNUNET_free (xecontract);
+}
+
+
+json_t *
+TALER_CRYPTO_contract_decrypt_for_deposit (
+ const struct TALER_ContractDiffiePrivateP *contract_priv,
+ const void *econtract,
+ size_t econtract_size)
+{
+ const struct TALER_PurseContractPublicKeyP *purse_pub = econtract;
+
+ if (econtract_size < sizeof (*purse_pub))
+ {
+ GNUNET_break_op (0);
+ return NULL;
+ }
+ struct GNUNET_HashCode key;
+ void *xhdr;
+ size_t hdr_size;
+ const struct ContractHeaderP *hdr;
+ char *cstr;
+ uLongf clen;
+ json_error_t json_error;
+ json_t *ret;
+
+ if (GNUNET_OK !=
+ GNUNET_CRYPTO_ecdh_eddsa (&contract_priv->ecdhe_priv,
+ &purse_pub->eddsa_pub,
+ &key))
+ {
+ GNUNET_break (0);
+ return NULL;
+ }
+ econtract += sizeof (*purse_pub);
+ econtract_size -= sizeof (*purse_pub);
+ if (GNUNET_OK !=
+ contract_decrypt (&key,
+ sizeof (key),
+ econtract,
+ econtract_size,
+ DEPOSIT_SALT,
+ &xhdr,
+ &hdr_size))
+ {
+ GNUNET_break_op (0);
+ return NULL;
+ }
+ if (hdr_size < sizeof (*hdr))
+ {
+ GNUNET_break_op (0);
+ GNUNET_free (xhdr);
+ return NULL;
+ }
+ hdr = xhdr;
+ if (TALER_EXCHANGE_CONTRACT_PAYMENT_REQUEST != ntohl (hdr->ctype))
+ {
+ GNUNET_break_op (0);
+ GNUNET_free (xhdr);
+ return NULL;
+ }
clen = ntohl (hdr->clen);
if (clen >= GNUNET_MAX_MALLOC_CHECKED)
{
@@ -340,7 +524,6 @@ TALER_CRYPTO_contract_decrypt_for_merge (
GNUNET_free (xhdr);
return NULL;
}
- *merge_priv = hdr->keys.merge_priv;
GNUNET_free (xhdr);
ret = json_loadb ((char *) cstr,
clen,
diff --git a/src/util/merchant_signatures.c b/src/util/merchant_signatures.c
index 84daca2c4..1ad94e005 100644
--- a/src/util/merchant_signatures.c
+++ b/src/util/merchant_signatures.c
@@ -210,6 +210,7 @@ TALER_merchant_pay_sign (
merch_sig);
}
+
enum GNUNET_GenericReturnValue
TALER_merchant_pay_verify (
const struct TALER_PrivateContractHashP *h_contract_terms,
@@ -265,6 +266,7 @@ TALER_merchant_contract_sign (
merch_sig);
}
+
// NB: "TALER_merchant_contract_verify" not (yet?) needed / not defined.
/* end of merchant_signatures.c */