From 6cceb617af887df49df74729bb1813bbd75a1346 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Fri, 4 Dec 2020 20:29:18 +0100 Subject: centralize (most) offline signing/verifying operations into offline_signatures.c --- src/lib/auditor_api_deposit_confirmation.c | 31 +++++++++++------------------- src/lib/exchange_api_handle.c | 29 ++++++++++------------------ 2 files changed, 21 insertions(+), 39 deletions(-) (limited to 'src/lib') diff --git a/src/lib/auditor_api_deposit_confirmation.c b/src/lib/auditor_api_deposit_confirmation.c index ff65036e0..bea5a78a5 100644 --- a/src/lib/auditor_api_deposit_confirmation.c +++ b/src/lib/auditor_api_deposit_confirmation.c @@ -208,27 +208,18 @@ verify_signatures (const struct GNUNET_HashCode *h_wire, return GNUNET_SYSERR; } } + if (GNUNET_OK != + TALER_exchange_offline_signkey_validity_verify ( + exchange_pub, + ep_start, + ep_expire, + ep_end, + master_pub, + master_sig)) { - struct TALER_ExchangeSigningKeyValidityPS sv = { - .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY), - .purpose.size = htonl (sizeof (sv)), - .master_public_key = *master_pub, - .start = GNUNET_TIME_absolute_hton (ep_start), - .expire = GNUNET_TIME_absolute_hton (ep_expire), - .end = GNUNET_TIME_absolute_hton (ep_end), - .signkey_pub = *exchange_pub - }; - - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY, - &sv, - &master_sig->eddsa_signature, - &master_pub->eddsa_pub)) - { - GNUNET_break (0); - TALER_LOG_WARNING ("Invalid signature on exchange signing key!\n"); - return GNUNET_SYSERR; - } + GNUNET_break (0); + TALER_LOG_WARNING ("Invalid signature on exchange signing key!\n"); + return GNUNET_SYSERR; } if (0 == GNUNET_TIME_absolute_get_remaining (ep_end).rel_value_us) { diff --git a/src/lib/exchange_api_handle.c b/src/lib/exchange_api_handle.c index 4d8f0d037..ed6093556 100644 --- a/src/lib/exchange_api_handle.c +++ b/src/lib/exchange_api_handle.c @@ -394,26 +394,17 @@ parse_json_signkey (struct TALER_EXCHANGE_SigningPublicKey *sign_key, if (! check_sigs) return GNUNET_OK; + if (GNUNET_OK != + TALER_exchange_offline_signkey_validity_verify + (&sign_key->key, + sign_key->valid_from, + sign_key->valid_until, + sign_key->valid_legal, + master_key, + &sign_key_issue_sig)) { - struct TALER_ExchangeSigningKeyValidityPS sign_key_issue = { - .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY), - .purpose.size = htonl (sizeof (sign_key_issue)), - .signkey_pub = sign_key->key, - .master_public_key = *master_key, - .start = GNUNET_TIME_absolute_hton (sign_key->valid_from), - .expire = GNUNET_TIME_absolute_hton (sign_key->valid_until), - .end = GNUNET_TIME_absolute_hton (sign_key->valid_legal) - }; - - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY, - &sign_key_issue, - &sign_key_issue_sig.eddsa_signature, - &master_key->eddsa_pub)) - { - GNUNET_break_op (0); - return GNUNET_SYSERR; - } + GNUNET_break_op (0); + return GNUNET_SYSERR; } sign_key->master_sig = sign_key_issue_sig; return GNUNET_OK; -- cgit v1.2.3