From 6cceb617af887df49df74729bb1813bbd75a1346 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Fri, 4 Dec 2020 20:29:18 +0100
Subject: centralize (most) offline signing/verifying operations into
 offline_signatures.c

---
 .../taler-auditor-httpd_deposit-confirmation.c     | 11 +++++----
 src/auditor/taler-helper-auditor-aggregation.c     | 26 +++++++---------------
 src/auditor/taler-helper-auditor-coins.c           | 16 ++++---------
 src/auditor/taler-helper-auditor-reserves.c        | 17 ++++----------
 4 files changed, 23 insertions(+), 47 deletions(-)

(limited to 'src/auditor')

diff --git a/src/auditor/taler-auditor-httpd_deposit-confirmation.c b/src/auditor/taler-auditor-httpd_deposit-confirmation.c
index 67bac1b79..08a781f30 100644
--- a/src/auditor/taler-auditor-httpd_deposit-confirmation.c
+++ b/src/auditor/taler-auditor-httpd_deposit-confirmation.c
@@ -111,10 +111,13 @@ verify_and_execute_deposit_confirmation (
   {
     /* Not in cache, need to verify the signature, persist it, and possibly cache it */
     if (GNUNET_OK !=
-        GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY,
-                                    &skv,
-                                    &es->master_sig.eddsa_signature,
-                                    &es->master_public_key.eddsa_pub))
+        TALER_exchange_offline_signkey_validity_verify (
+          &es->exchange_pub,
+          es->ep_start,
+          es->ep_expire,
+          es->ep_end,
+          &es->master_public_key,
+          &es->master_sig))
     {
       TALER_LOG_WARNING ("Invalid signature on exchange signing key\n");
       return TALER_MHD_reply_with_error (connection,
diff --git a/src/auditor/taler-helper-auditor-aggregation.c b/src/auditor/taler-helper-auditor-aggregation.c
index e3e840e8e..f3f65ffb3 100644
--- a/src/auditor/taler-helper-auditor-aggregation.c
+++ b/src/auditor/taler-helper-auditor-aggregation.c
@@ -944,25 +944,15 @@ get_wire_fee (struct AggregationContext *ac,
      easily make this one up, but it means that we have proof that the master
      key was used for inconsistent wire fees if a merchant complains.) */
   {
-    struct TALER_MasterWireFeePS wf = {
-      .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_FEES),
-      .purpose.size = htonl (sizeof (wf)),
-      .start_date = GNUNET_TIME_absolute_hton (wfi->start_date),
-      .end_date = GNUNET_TIME_absolute_hton (wfi->end_date)
-    };
-
-    GNUNET_CRYPTO_hash (method,
-                        strlen (method) + 1,
-                        &wf.h_wire_method);
-    TALER_amount_hton (&wf.wire_fee,
-                       &wfi->wire_fee);
-    TALER_amount_hton (&wf.closing_fee,
-                       &wfi->closing_fee);
     if (GNUNET_OK !=
-        GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_FEES,
-                                    &wf,
-                                    &master_sig.eddsa_signature,
-                                    &TALER_ARL_master_pub.eddsa_pub))
+        TALER_exchange_offline_wire_fee_verify (
+          method,
+          wfi->start_date,
+          wfi->end_date,
+          &wfi->wire_fee,
+          &wfi->closing_fee,
+          &TALER_ARL_master_pub,
+          &master_sig))
     {
       report_row_inconsistency ("wire-fee",
                                 timestamp.abs_value_us,
diff --git a/src/auditor/taler-helper-auditor-coins.c b/src/auditor/taler-helper-auditor-coins.c
index 067d6703a..55feeec36 100644
--- a/src/auditor/taler-helper-auditor-coins.c
+++ b/src/auditor/taler-helper-auditor-coins.c
@@ -715,19 +715,11 @@ init_denomination (const struct GNUNET_HashCode *denom_hash,
   if (0 < qs)
   {
     /* check revocation signature */
-    struct TALER_MasterDenominationKeyRevocationPS rm = {
-      .purpose.purpose = htonl (
-        TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED),
-      .purpose.size = htonl (sizeof (rm)),
-      .h_denom_pub = *denom_hash
-    };
-
     if (GNUNET_OK !=
-        GNUNET_CRYPTO_eddsa_verify (
-          TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED,
-          &rm,
-          &msig.eddsa_signature,
-          &TALER_ARL_master_pub.eddsa_pub))
+        TALER_exchange_offline_denomination_revoke_verify (
+          denom_hash,
+          &TALER_ARL_master_pub,
+          &msig))
     {
       report_row_inconsistency ("denomination revocations",
                                 rowid,
diff --git a/src/auditor/taler-helper-auditor-reserves.c b/src/auditor/taler-helper-auditor-reserves.c
index d666aae85..8f7921fa8 100644
--- a/src/auditor/taler-helper-auditor-reserves.c
+++ b/src/auditor/taler-helper-auditor-reserves.c
@@ -747,20 +747,11 @@ handle_recoup_by_reserve (
     }
     else
     {
-      /* verify msig */
-      struct TALER_MasterDenominationKeyRevocationPS kr = {
-        .purpose.purpose = htonl (
-          TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED),
-        .purpose.size = htonl (sizeof (kr)),
-        .h_denom_pub = coin->denom_pub_hash
-      };
-
       if (GNUNET_OK !=
-          GNUNET_CRYPTO_eddsa_verify (
-            TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED,
-            &kr,
-            &msig.eddsa_signature,
-            &TALER_ARL_master_pub.eddsa_pub))
+          TALER_exchange_offline_denomination_revoke_verify (
+            &coin->denom_pub_hash,
+            &TALER_ARL_master_pub,
+            &msig))
       {
         rev = "master signature invalid";
       }
-- 
cgit v1.2.3