From c93150b8cd8122821216c8ca4c92eaff73d3ae47 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Sat, 12 Feb 2022 01:00:31 +0100
Subject: -work on more FIXMEs

---
 src/include/taler_crypto_lib.h | 17 +++++++++++++++++
 src/lib/exchange_api_melt.c    | 31 +++++++++++--------------------
 src/util/exchange_signatures.c | 24 +++++++++++++++++++++++-
 3 files changed, 51 insertions(+), 21 deletions(-)

(limited to 'src')

diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 6f64de2ea..3a4278298 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -2330,6 +2330,23 @@ TALER_wallet_withdraw_verify (
   const struct TALER_ReserveSignatureP *reserve_sig);
 
 
+/**
+ * Verify exchange melt confirmation.
+ *
+ * @param rc refresh session this is about
+ * @param noreveal_index gamma value chosen by the exchange
+ * @param exchange_pub public signing key used
+ * @param exchange_sig signature to check
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_melt_confirmation_verify (
+  const struct TALER_RefreshCommitmentP *rc,
+  uint32_t noreveal_index,
+  const struct TALER_ExchangePublicKeyP *exchange_pub,
+  const struct TALER_ExchangeSignatureP *exchange_sig);
+
+
 /**
  * Verify recoup signature.
  *
diff --git a/src/lib/exchange_api_melt.c b/src/lib/exchange_api_melt.c
index eec2d0a53..828e1ca1f 100644
--- a/src/lib/exchange_api_melt.c
+++ b/src/lib/exchange_api_melt.c
@@ -78,7 +78,7 @@ struct TALER_EXCHANGE_MeltHandle
   /**
    * The secret the entire melt operation is seeded from.
    */
-  const struct TALER_RefreshMasterSecretP *rms;
+  struct TALER_RefreshMasterSecretP rms;
 
   /**
    * Details about the characteristics of the requested melt operation.
@@ -171,24 +171,15 @@ verify_melt_signature_ok (struct TALER_EXCHANGE_MeltHandle *mh,
     return GNUNET_SYSERR;
   }
 
-  /* verify signature by exchange -- FIXME: move to util! */
+  if (GNUNET_OK !=
+      TALER_exchange_melt_confirmation_verify (
+        &mh->md.rc,
+        mh->noreveal_index,
+        exchange_pub,
+        &exchange_sig))
   {
-    struct TALER_RefreshMeltConfirmationPS confirm = {
-      .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_MELT),
-      .purpose.size = htonl (sizeof (confirm)),
-      .rc = mh->md.rc,
-      .noreveal_index = htonl (mh->noreveal_index)
-    };
-
-    if (GNUNET_OK !=
-        GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_MELT,
-                                    &confirm,
-                                    &exchange_sig.eddsa_signature,
-                                    &exchange_pub->eddsa_pub))
-    {
-      GNUNET_break_op (0);
-      return GNUNET_SYSERR;
-    }
+    GNUNET_break_op (0);
+    return GNUNET_SYSERR;
   }
   return GNUNET_OK;
 }
@@ -490,7 +481,7 @@ start_melt (struct TALER_EXCHANGE_MeltHandle *mh)
   struct TALER_DenominationHash h_denom_pub;
 
   if (GNUNET_OK !=
-      TALER_EXCHANGE_get_melt_data_ (mh->rms,
+      TALER_EXCHANGE_get_melt_data_ (&mh->rms,
                                      mh->rd,
                                      mh->alg_values,
                                      &mh->md))
@@ -657,7 +648,7 @@ TALER_EXCHANGE_melt (struct TALER_EXCHANGE_Handle *exchange,
   mh->noreveal_index = TALER_CNC_KAPPA; /* invalid value */
   mh->exchange = exchange;
   mh->rd = rd;
-  mh->rms = rms; /* FIXME: deep copy might be safer... */
+  mh->rms = *rms;
   mh->melt_cb = melt_cb;
   mh->melt_cb_cls = melt_cb_cls;
   mh->alg_values = GNUNET_new_array (rd->fresh_pks_len,
diff --git a/src/util/exchange_signatures.c b/src/util/exchange_signatures.c
index b923c29de..c0c775dc0 100644
--- a/src/util/exchange_signatures.c
+++ b/src/util/exchange_signatures.c
@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  Copyright (C) 2021 Taler Systems SA
+  Copyright (C) 2021, 2022 Taler Systems SA
 
   TALER is free software; you can redistribute it and/or modify it under the
   terms of the GNU General Public License as published by the Free Software
@@ -66,4 +66,26 @@ TALER_exchange_deposit_confirm_verify (
 }
 
 
+enum GNUNET_GenericReturnValue
+TALER_exchange_melt_confirmation_verify (
+  const struct TALER_RefreshCommitmentP *rc,
+  uint32_t noreveal_index,
+  const struct TALER_ExchangePublicKeyP *exchange_pub,
+  const struct TALER_ExchangeSignatureP *exchange_sig)
+{
+  struct TALER_RefreshMeltConfirmationPS confirm = {
+    .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_MELT),
+    .purpose.size = htonl (sizeof (confirm)),
+    .rc = *rc,
+    .noreveal_index = htonl (noreveal_index)
+  };
+
+  return
+    GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_MELT,
+                                &confirm,
+                                &exchange_sig->eddsa_signature,
+                                &exchange_pub->eddsa_pub);
+}
+
+
 /* end of exchange_signatures.c */
-- 
cgit v1.2.3