From 62d8368b1b89d8b2259dee4abd1b1970ac385d4a Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sun, 6 Feb 2022 19:53:23 +0100 Subject: -fix more FTBFS issues --- src/include/taler_crypto_lib.h | 21 ++++++++++++++++++--- src/lib/exchange_api_melt.c | 26 +++++++++++--------------- src/util/crypto.c | 40 ++++++++++++++++++++++++++++++---------- 3 files changed, 59 insertions(+), 28 deletions(-) diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index e9d7feb23..8be76aef8 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -1021,10 +1021,10 @@ TALER_planchet_setup_coin_priv ( /** - * @brief Method to derive withdraw nonce + * @brief Method to derive withdraw /csr nonce * - * @param coin_priv private key of the coin - * @param nonce withdraw nonce included in the request to generate R_0 and R_1 + * @param ps planchet secrets of the coin + * @param[out] nonce withdraw nonce included in the request to generate R_0 and R_1 */ void TALER_cs_withdraw_nonce_derive ( @@ -1032,6 +1032,21 @@ TALER_cs_withdraw_nonce_derive ( struct TALER_CsNonce *nonce); +/** + * @brief Method to derive /csr nonce + * to be used during refresh/melt operation. + * + * @param coin_priv private key of the coin + * @param idx index of the fresh coin + * @param[out] nonce set to nonce included in the request to generate R_0 and R_1 + */ +void +TALER_cs_refresh_nonce_derive ( + const struct TALER_PlanchetSecretsP *ps, + uint32_t idx, + struct TALER_CsNonce *nonce); + + /** * Initialize denomination public-private key pair. * diff --git a/src/lib/exchange_api_melt.c b/src/lib/exchange_api_melt.c index 149ab72ac..da0c904ba 100644 --- a/src/lib/exchange_api_melt.c +++ b/src/lib/exchange_api_melt.c @@ -104,7 +104,7 @@ struct TALER_EXCHANGE_MeltHandle /** * @brief Public information about the coin's denomination key */ - struct TALER_EXCHANGE_DenomPublicKey dki; + const struct TALER_EXCHANGE_DenomPublicKey *dki; }; @@ -206,8 +206,8 @@ verify_melt_signature_denom_conflict (struct TALER_EXCHANGE_MeltHandle *mh, history = json_object_get (json, "history"); if (GNUNET_OK != - TALER_EXCHANGE_verify_coin_history (&mh->dki, - mh->dki.value.currency, + TALER_EXCHANGE_verify_coin_history (mh->dki, + mh->dki->value.currency, &mh->coin_pub, history, &h_denom_pub, @@ -216,7 +216,7 @@ verify_melt_signature_denom_conflict (struct TALER_EXCHANGE_MeltHandle *mh, GNUNET_break_op (0); return GNUNET_SYSERR; } - if (0 != GNUNET_memcmp (&mh->dki.h_key, + if (0 != GNUNET_memcmp (&mh->dki->h_key, &h_denom_pub)) return GNUNET_OK; /* indeed, proof with different denomination key provided */ /* invalid proof provided */ @@ -266,7 +266,7 @@ verify_melt_signature_spend_conflict (struct TALER_EXCHANGE_MeltHandle *mh, history = json_object_get (json, "history"); if (GNUNET_OK != - TALER_EXCHANGE_verify_coin_history (&mh->dki, + TALER_EXCHANGE_verify_coin_history (mh->dki, mc->original_value.currency, &mh->coin_pub, history, @@ -305,7 +305,7 @@ verify_melt_signature_spend_conflict (struct TALER_EXCHANGE_MeltHandle *mh, /* everything OK, valid proof of double-spending was provided */ return GNUNET_OK; case TALER_EC_EXCHANGE_GENERIC_COIN_CONFLICTING_DENOMINATION_KEY: - if (0 != GNUNET_memcmp (&mh->dki.h_key, + if (0 != GNUNET_memcmp (&mh->dki->h_key, &h_denom_pub)) return GNUNET_OK; /* indeed, proof with different denomination key provided */ /* invalid proof provided */ @@ -461,7 +461,6 @@ static enum GNUNET_GenericReturnValue start_melt (struct TALER_EXCHANGE_MeltHandle *mh) { const struct TALER_EXCHANGE_Keys *key_state; - const struct TALER_EXCHANGE_DenomPublicKey *dki; json_t *melt_obj; CURL *eh; struct GNUNET_CURL_Context *ctx; @@ -518,8 +517,8 @@ start_melt (struct TALER_EXCHANGE_MeltHandle *mh) ctx = TEAH_handle_to_context (mh->exchange); key_state = TALER_EXCHANGE_get_keys (mh->exchange); - dki = TALER_EXCHANGE_get_denomination_key (key_state, - &mh->md.melted_coin.pub_key); + mh->dki = TALER_EXCHANGE_get_denomination_key (key_state, + &mh->md.melted_coin.pub_key); /* and now we can at last begin the actual request handling */ @@ -659,12 +658,9 @@ TALER_EXCHANGE_melt (struct TALER_EXCHANGE_Handle *exchange, case TALER_DENOMINATION_CS: wv->cipher = TALER_DENOMINATION_CS; nks[nks_off].pk = fresh_pk; - // derive nonce for refresh by index and ps; - // FIXME: include fresh_pk or not? - TALER_CRYPTO_XXX (ps, - fresh_pk, - i, - &nks[nks_off].nonce); + TALER_cs_refresh_nonce_derive (ps, + i, + &nks[nks_off].nonce); nks_off++; break; } diff --git a/src/util/crypto.c b/src/util/crypto.c index 37810d40d..b315cd31a 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -195,16 +195,36 @@ TALER_cs_withdraw_nonce_derive (const struct struct TALER_CsNonce *nonce) { GNUNET_assert (GNUNET_YES == - GNUNET_CRYPTO_hkdf (nonce, - sizeof (*nonce), - GCRY_MD_SHA512, - GCRY_MD_SHA256, - "n", - strlen ("n"), - ps, - sizeof(*ps), - NULL, - 0)); + GNUNET_CRYPTO_kdf (nonce, + sizeof (*nonce), + "n", + strlen ("n"), + ps, + sizeof(*ps), + NULL, + 0)); +} + + +void +TALER_cs_refresh_nonce_derive ( + const struct TALER_PlanchetSecretsP *ps, + uint32_t coin_num_salt, + struct TALER_CsNonce *nonce) +{ + uint32_t be_salt = htonl (coin_num_salt); + + GNUNET_assert (GNUNET_YES == + GNUNET_CRYPTO_kdf (nonce, + sizeof (*nonce), + &be_salt, + sizeof (be_salt), + "refresh-n", // FIXME: value used in spec? + strlen ("refresh-n"), + ps, + sizeof(*ps), + NULL, + 0)); } -- cgit v1.2.3