From f4a59d1cccd058b3180ea23ed9fdea69cb2129b8 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 16 May 2015 14:15:34 +0200 Subject: eliminating ECDSA, replacing with EdDSA-ECDHE-combo in transfer protocol --- src/include/taler_crypto_lib.h | 46 ++++++++---------- src/include/taler_mintdb_plugin.h | 6 +-- src/include/taler_signatures.h | 26 +++------- src/mint/taler-mint-httpd.c | 7 --- src/mint/taler-mint-httpd_db.c | 10 ++-- src/mint/taler-mint-httpd_db.h | 2 +- src/mint/taler-mint-httpd_deposit.c | 6 +-- src/mint/taler-mint-httpd_refresh.c | 14 +++--- src/mint/taler-mint-httpd_responses.c | 20 ++++---- src/mint/taler-mint-httpd_responses.h | 4 +- src/mint/taler-mint-httpd_test.c | 92 +---------------------------------- src/mint/taler-mint-httpd_test.h | 23 --------- src/mintdb/plugin_mintdb_postgres.c | 18 +++---- src/util/crypto.c | 36 +++++++------- src/util/test_crypto.c | 16 +++--- 15 files changed, 95 insertions(+), 231 deletions(-) (limited to 'src') diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 0ab05f5d0..fce27ce5e 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -17,6 +17,7 @@ * @file include/taler_crypto_lib.h * @brief taler-specific crypto functions * @author Sree Harsha Totakura + * @author Christian Grothoff */ #ifndef TALER_CRYPTO_LIB_H #define TALER_CRYPTO_LIB_H @@ -100,7 +101,7 @@ struct TALER_MerchantPrivateKeyP struct TALER_TransferPublicKeyP { /** - * Taler uses ECDSA for transfer keys. + * Taler uses ECDHE for transfer keys. */ struct GNUNET_CRYPTO_EcdhePublicKey ecdhe_pub; }; @@ -113,7 +114,7 @@ struct TALER_TransferPublicKeyP struct TALER_TransferPrivateKeyP { /** - * Taler uses ECDSA for melting session keys. + * Taler uses ECDHE for melting session keys. */ struct GNUNET_CRYPTO_EcdhePrivateKey ecdhe_priv; }; @@ -196,37 +197,28 @@ struct TALER_MasterSignatureP /** * @brief Type of public keys for Taler coins. The same key material is used - * for ECDSA and ECDHE operations. + * for EdDSA and ECDHE operations. */ -union TALER_CoinSpendPublicKeyP +struct TALER_CoinSpendPublicKeyP { /** - * Taler uses ECDSA for coins when signing deposit requests. + * Taler uses EdDSA for coins when signing deposit requests. */ - struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_pub; + struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub; - /** - * Taler uses ECDH(E) for coin linkage during refresh operations. - */ - struct GNUNET_CRYPTO_EcdhePublicKey ecdhe_pub; }; /** * @brief Type of private keys for Taler coins. The same key material is used - * for ECDSA and ECDHE operations. + * for EdDSA and ECDHE operations. */ -union TALER_CoinSpendPrivateKeyP +struct TALER_CoinSpendPrivateKeyP { /** - * Taler uses ECDSA for coins when signing deposit requests. - */ - struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_priv; - - /** - * Taler uses ECDHE for coin linkage during refresh operations. + * Taler uses EdDSA for coins when signing deposit requests. */ - struct GNUNET_CRYPTO_EcdhePrivateKey ecdhe_priv; + struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv; }; @@ -236,9 +228,9 @@ union TALER_CoinSpendPrivateKeyP struct TALER_CoinSpendSignatureP { /** - * Taler uses ECDSA for coins. + * Taler uses EdDSA for coins. */ - struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature; + struct GNUNET_CRYPTO_EddsaSignature eddsa_signature; }; @@ -302,7 +294,7 @@ struct TALER_CoinPublicInfo /** * The coin's public key. */ - union TALER_CoinSpendPublicKeyP coin_pub; + struct TALER_CoinSpendPublicKeyP coin_pub; /** * Public key representing the denomination of the coin @@ -383,7 +375,7 @@ struct TALER_RefreshLinkDecrypted /** * Private key of the coin. */ - union TALER_CoinSpendPrivateKeyP coin_priv; + struct TALER_CoinSpendPrivateKeyP coin_priv; /** * Blinding key. @@ -416,7 +408,7 @@ struct TALER_RefreshLinkEncrypted /** * Encrypted private key of the coin. */ - char coin_priv_enc[sizeof (union TALER_CoinSpendPrivateKeyP)]; + char coin_priv_enc[sizeof (struct TALER_CoinSpendPrivateKeyP)]; }; @@ -435,7 +427,7 @@ struct TALER_RefreshLinkEncrypted int TALER_link_decrypt_secret (const struct TALER_EncryptedLinkSecretP *secret_enc, const struct TALER_TransferPrivateKeyP *trans_priv, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_LinkSecretP *secret); @@ -453,7 +445,7 @@ TALER_link_decrypt_secret (const struct TALER_EncryptedLinkSecretP *secret_enc, int TALER_link_decrypt_secret2 (const struct TALER_EncryptedLinkSecretP *secret_enc, const struct TALER_TransferPublicKeyP *trans_pub, - const union TALER_CoinSpendPrivateKeyP *coin_priv, + const struct TALER_CoinSpendPrivateKeyP *coin_priv, struct TALER_LinkSecretP *secret); @@ -470,7 +462,7 @@ TALER_link_decrypt_secret2 (const struct TALER_EncryptedLinkSecretP *secret_enc, */ int TALER_link_encrypt_secret (const struct TALER_LinkSecretP *secret, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_TransferPrivateKeyP *trans_priv, struct TALER_TransferPublicKeyP *trans_pub, struct TALER_EncryptedLinkSecretP *secret_enc); diff --git a/src/include/taler_mintdb_plugin.h b/src/include/taler_mintdb_plugin.h index 1f4707b4d..0c9b21ebd 100644 --- a/src/include/taler_mintdb_plugin.h +++ b/src/include/taler_mintdb_plugin.h @@ -1068,7 +1068,7 @@ struct TALER_MINTDB_Plugin struct TALER_MINTDB_LinkDataList * (*get_link_data_list) (void *cls, struct TALER_MINTDB_Session *sesssion, - const union TALER_CoinSpendPublicKeyP *coin_pub); + const struct TALER_CoinSpendPublicKeyP *coin_pub); /** @@ -1101,7 +1101,7 @@ struct TALER_MINTDB_Plugin int (*get_transfer) (void *cls, struct TALER_MINTDB_Session *sesssion, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_TransferPublicKeyP *transfer_pub, struct TALER_EncryptedLinkSecretP *shared_secret_enc); @@ -1149,7 +1149,7 @@ struct TALER_MINTDB_Plugin struct TALER_MINTDB_TransactionList * (*get_coin_transactions) (void *cls, struct TALER_MINTDB_Session *sesssion, - const union TALER_CoinSpendPublicKeyP *coin_pub); + const struct TALER_CoinSpendPublicKeyP *coin_pub); /** diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index de6dbfc24..bc34c32e9 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -122,16 +122,6 @@ /*******************/ -/** - * ECDSA test signature. - */ -#define TALER_SIGNATURE_CLIENT_TEST_ECDSA 1300 - -/** - * ECDSA test signature. - */ -#define TALER_SIGNATURE_MINT_TEST_ECDSA 1301 - /** * EdDSA test signature. */ @@ -207,7 +197,7 @@ struct TALER_DepositRequestPS { /** * Purpose must be #TALER_SIGNATURE_WALLET_COIN_DEPOSIT. - * Used for an ECDSA signature with the `union TALER_CoinSpendPublicKeyP`. + * Used for an EdDSA signature with the `struct TALER_CoinSpendPublicKeyP`. */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; @@ -283,9 +273,9 @@ struct TALER_DepositRequestPS /** * The coin's public key. This is the value that must have been * signed (blindly) by the Mint. The deposit request is to be - * signed by the corresponding private key (using ECDSA). + * signed by the corresponding private key (using EdDSA). */ - union TALER_CoinSpendPublicKeyP coin_pub; + struct TALER_CoinSpendPublicKeyP coin_pub; }; @@ -341,9 +331,9 @@ struct TALER_DepositConfirmationPS /** * The coin's public key. This is the value that must have been * signed (blindly) by the Mint. The deposit request is to be - * signed by the corresponding private key (using ECDSA). + * signed by the corresponding private key (using EdDSA). */ - union TALER_CoinSpendPublicKeyP coin_pub; + struct TALER_CoinSpendPublicKeyP coin_pub; /** * The Merchant's public key. Allows the merchant to later refund @@ -363,7 +353,7 @@ struct TALER_RefreshMeltCoinAffirmationPS { /** * Purpose is #TALER_SIGNATURE_WALLET_COIN_MELT. - * Used for an ECDSA signature with the `union TALER_CoinSpendPublicKeyP`. + * Used for an EdDSA signature with the `struct TALER_CoinSpendPublicKeyP`. */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; @@ -396,9 +386,9 @@ struct TALER_RefreshMeltCoinAffirmationPS /** * The coin's public key. This is the value that must have been * signed (blindly) by the Mint. The deposit request is to be - * signed by the corresponding private key (using ECDSA). + * signed by the corresponding private key (using EdDSA). */ - union TALER_CoinSpendPublicKeyP coin_pub; + struct TALER_CoinSpendPublicKeyP coin_pub; }; diff --git a/src/mint/taler-mint-httpd.c b/src/mint/taler-mint-httpd.c index d7e2c353a..deb30661f 100644 --- a/src/mint/taler-mint-httpd.c +++ b/src/mint/taler-mint-httpd.c @@ -232,13 +232,6 @@ handle_mhd_request (void *cls, "Only POST is allowed", 0, &TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED }, - { "/test/ecdsa", MHD_HTTP_METHOD_POST, "application/json", - NULL, 0, - &TMH_TEST_handler_test_ecdsa, MHD_HTTP_OK }, - { "/test/ecdsa", NULL, "text/plain", - "Only POST is allowed", 0, - &TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED }, - { "/test/eddsa", MHD_HTTP_METHOD_POST, "application/json", NULL, 0, &TMH_TEST_handler_test_eddsa, MHD_HTTP_OK }, diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 53567a92a..b4256c037 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -926,7 +926,7 @@ check_commitment (struct MHD_Connection *connection, for (j = 0; j < num_newcoins; j++) { struct TALER_RefreshLinkDecrypted *link_data; - union TALER_CoinSpendPublicKeyP coin_pub; + struct TALER_CoinSpendPublicKeyP coin_pub; struct GNUNET_HashCode h_msg; char *buf; size_t buf_len; @@ -942,10 +942,10 @@ check_commitment (struct MHD_Connection *connection, ? GNUNET_NO : GNUNET_SYSERR; } - GNUNET_CRYPTO_ecdsa_key_get_public (&link_data->coin_priv.ecdsa_priv, - &coin_pub.ecdsa_pub); + GNUNET_CRYPTO_eddsa_key_get_public (&link_data->coin_priv.eddsa_priv, + &coin_pub.eddsa_pub); GNUNET_CRYPTO_hash (&coin_pub, - sizeof (union TALER_CoinSpendPublicKeyP), + sizeof (struct TALER_CoinSpendPublicKeyP), &h_msg); if (0 == (buf_len = GNUNET_CRYPTO_rsa_blind (&h_msg, @@ -1248,7 +1248,7 @@ TMH_DB_execute_refresh_reveal (struct MHD_Connection *connection, */ int TMH_DB_execute_refresh_link (struct MHD_Connection *connection, - const union TALER_CoinSpendPublicKeyP *coin_pub) + const struct TALER_CoinSpendPublicKeyP *coin_pub) { int res; struct TALER_MINTDB_Session *session; diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h index 5a8e1aee8..4319a81e5 100644 --- a/src/mint/taler-mint-httpd_db.h +++ b/src/mint/taler-mint-httpd_db.h @@ -166,7 +166,7 @@ TMH_DB_execute_refresh_reveal (struct MHD_Connection *connection, */ int TMH_DB_execute_refresh_link (struct MHD_Connection *connection, - const union TALER_CoinSpendPublicKeyP *coin_pub); + const struct TALER_CoinSpendPublicKeyP *coin_pub); #endif diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c index a45cf354b..bf182d00c 100644 --- a/src/mint/taler-mint-httpd_deposit.c +++ b/src/mint/taler-mint-httpd_deposit.c @@ -73,10 +73,10 @@ verify_and_execute_deposit (struct MHD_Connection *connection, dr.merchant = deposit->merchant_pub; dr.coin_pub = deposit->coin.coin_pub; if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, &dr.purpose, - &deposit->csig.ecdsa_signature, - &deposit->coin.coin_pub.ecdsa_pub)) + &deposit->csig.eddsa_signature, + &deposit->coin.coin_pub.eddsa_pub)) { TALER_LOG_WARNING ("Invalid signature on /deposit request\n"); return TMH_RESPONSE_reply_signature_invalid (connection, diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c index 759c55bb2..cde7d22ca 100644 --- a/src/mint/taler-mint-httpd_refresh.c +++ b/src/mint/taler-mint-httpd_refresh.c @@ -269,10 +269,10 @@ verify_coin_public_info (struct MHD_Connection *connection, TMH_KS_release (key_state); if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT, + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT, &body.purpose, - &melt_detail->melt_sig.ecdsa_signature, - &melt_detail->coin_info.coin_pub.ecdsa_pub)) + &melt_detail->melt_sig.eddsa_signature, + &melt_detail->coin_info.coin_pub.eddsa_pub)) { if (MHD_YES != TMH_RESPONSE_reply_signature_invalid (connection, @@ -439,7 +439,7 @@ handle_refresh_melt_json (struct MHD_Connection *connection, { if (0 == memcmp (&coin_melt_details[i].coin_info.coin_pub, &coin_melt_details[j].coin_info.coin_pub, - sizeof (union TALER_CoinSpendPublicKeyP))) + sizeof (struct TALER_CoinSpendPublicKeyP))) { for (j=0;jdeposit_fee); dr.merchant = deposit->merchant_pub; dr.coin_pub = deposit->coin.coin_pub; - transaction = TALER_json_from_ecdsa_sig (&dr.purpose, - &deposit->csig.ecdsa_signature); + transaction = TALER_json_from_eddsa_sig (&dr.purpose, + &deposit->csig.eddsa_signature); break; } case TALER_MINTDB_TT_REFRESH_MELT: @@ -400,8 +400,8 @@ compile_transaction_history (const struct TALER_MINTDB_TransactionList *tl) TALER_amount_hton (&ms.melt_fee, &melt->melt_fee); ms.coin_pub = melt->coin.coin_pub; - transaction = TALER_json_from_ecdsa_sig (&ms.purpose, - &melt->coin_sig.ecdsa_signature); + transaction = TALER_json_from_eddsa_sig (&ms.purpose, + &melt->coin_sig.eddsa_signature); } break; case TALER_MINTDB_TT_LOCK: @@ -678,7 +678,7 @@ TMH_RESPONSE_reply_withdraw_sign_success (struct MHD_Connection *connection, */ int TMH_RESPONSE_reply_refresh_melt_insufficient_funds (struct MHD_Connection *connection, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_Amount coin_value, struct TALER_MINTDB_TransactionList *tl, struct TALER_Amount requested, @@ -692,7 +692,7 @@ TMH_RESPONSE_reply_refresh_melt_insufficient_funds (struct MHD_Connection *conne "{s:s, s:o, s:o, s:o, s:o, s:o}", "error", "insufficient funds", "coin-pub", TALER_json_from_data (coin_pub, - sizeof (union TALER_CoinSpendPublicKeyP)), + sizeof (struct TALER_CoinSpendPublicKeyP)), "original-value", TALER_json_from_amount (&coin_value), "residual-value", TALER_json_from_amount (&residual), "requested-value", TALER_json_from_amount (&requested), @@ -814,7 +814,7 @@ TMH_RESPONSE_reply_refresh_reveal_missmatch (struct MHD_Connection *connection, json_object_set_new (rm_json, "coin_pub", TALER_json_from_data (&rm->coin.coin_pub, - sizeof (union TALER_CoinSpendPublicKeyP))); + sizeof (struct TALER_CoinSpendPublicKeyP))); json_object_set_new (rm_json, "melt_amount_with_fee", TALER_json_from_amount (&rm->amount_with_fee)); @@ -856,7 +856,7 @@ TMH_RESPONSE_reply_refresh_reveal_missmatch (struct MHD_Connection *connection, json_object_set_new (cc_json, "coin_priv_enc", TALER_json_from_data (cc->refresh_link->coin_priv_enc, - sizeof (union TALER_CoinSpendPrivateKeyP))); + sizeof (struct TALER_CoinSpendPrivateKeyP))); json_object_set_new (cc_json, "blinding_key_enc", TALER_json_from_data (cc->refresh_link->blinding_key_enc, @@ -933,7 +933,7 @@ TMH_RESPONSE_reply_refresh_link_success (struct MHD_Connection *connection, json_object_set_new (obj, "link_enc", TALER_json_from_data (ldl->link_data_enc->coin_priv_enc, - sizeof (union TALER_CoinSpendPrivateKeyP) + + sizeof (struct TALER_CoinSpendPrivateKeyP) + ldl->link_data_enc->blinding_key_enc_size)); json_object_set_new (obj, "denom_pub", diff --git a/src/mint/taler-mint-httpd_responses.h b/src/mint/taler-mint-httpd_responses.h index ab062c2a7..8392e73d7 100644 --- a/src/mint/taler-mint-httpd_responses.h +++ b/src/mint/taler-mint-httpd_responses.h @@ -200,7 +200,7 @@ TMH_RESPONSE_reply_invalid_json (struct MHD_Connection *connection); */ int TMH_RESPONSE_reply_deposit_success (struct MHD_Connection *connection, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct GNUNET_HashCode *h_wire, const struct GNUNET_HashCode *h_contract, uint64_t transaction_id, @@ -291,7 +291,7 @@ TMH_RESPONSE_reply_refresh_melt_success (struct MHD_Connection *connection, */ int TMH_RESPONSE_reply_refresh_melt_insufficient_funds (struct MHD_Connection *connection, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_Amount coin_value, struct TALER_MINTDB_TransactionList *tl, struct TALER_Amount requested, diff --git a/src/mint/taler-mint-httpd_test.c b/src/mint/taler-mint-httpd_test.c index 6bf11c33e..61bd4d968 100644 --- a/src/mint/taler-mint-httpd_test.c +++ b/src/mint/taler-mint-httpd_test.c @@ -296,98 +296,10 @@ TMH_TEST_handler_test_ecdhe (struct TMH_RequestHandler *rh, } -/** - * Handle a "/test/ecdsa" request. Parses the JSON in the post, - * which must contain a "ecdsa_pub" with a public key and an - *"ecdsa_sig" with the corresponding signature for a purpose - * of #TALER_SIGNATURE_CLIENT_TEST_ECDSA. If the signature is - * valid, a reply with a #TALER_SIGNATURE_MINT_TEST_ECDSA is - * returned using the same JSON format. - * - * @param rh context of the handler - * @param connection the MHD connection to handle - * @param[in,out] connection_cls the connection's closure (can be updated) - * @param upload_data upload data - * @param[in,out] upload_data_size number of bytes (left) in @a upload_data - * @return MHD result code - */ -int -TMH_TEST_handler_test_ecdsa (struct TMH_RequestHandler *rh, - struct MHD_Connection *connection, - void **connection_cls, - const char *upload_data, - size_t *upload_data_size) -{ - json_t *json; - int res; - struct GNUNET_CRYPTO_EcdsaPublicKey pub; - struct GNUNET_CRYPTO_EcdsaSignature sig; - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - struct TMH_PARSE_FieldSpecification spec[] = { - TMH_PARSE_MEMBER_FIXED ("ecdsa_pub", &pub), - TMH_PARSE_MEMBER_FIXED ("ecdsa_sig", &sig), - TMH_PARSE_MEMBER_END - }; - struct GNUNET_CRYPTO_EcdsaPrivateKey *pk; - - res = TMH_PARSE_post_json (connection, - connection_cls, - upload_data, - upload_data_size, - &json); - if (GNUNET_SYSERR == res) - return MHD_NO; - if ( (GNUNET_NO == res) || (NULL == json) ) - return MHD_YES; - res = TMH_PARSE_json_data (connection, - json, - spec); - json_decref (json); - if (GNUNET_YES != res) - return (GNUNET_NO == res) ? MHD_YES : MHD_NO; - purpose.size = htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose)); - purpose.purpose = htonl (TALER_SIGNATURE_CLIENT_TEST_ECDSA); - if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_CLIENT_TEST_ECDSA, - &purpose, - &sig, - &pub)) - { - TMH_PARSE_release_data (spec); - return TMH_RESPONSE_reply_signature_invalid (connection, - "ecdsa_sig"); - } - TMH_PARSE_release_data (spec); - pk = GNUNET_CRYPTO_ecdsa_key_create (); - purpose.purpose = htonl (TALER_SIGNATURE_MINT_TEST_ECDSA); - if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_sign (pk, - &purpose, - &sig)) - { - GNUNET_free (pk); - return TMH_RESPONSE_reply_internal_error (connection, - "Failed to ECDSA-sign"); - } - GNUNET_CRYPTO_ecdsa_key_get_public (pk, - &pub); - GNUNET_free (pk); - return TMH_RESPONSE_reply_json_pack (connection, - MHD_HTTP_OK, - "{s:o, s:o}", - "ecdsa_pub", - TALER_json_from_data (&pub, - sizeof (pub)), - "ecdsa_sig", - TALER_json_from_data (&sig, - sizeof (sig))); -} - - /** * Handle a "/test/eddsa" request. Parses the JSON in the post, * which must contain a "eddsa_pub" with a public key and an - *"ecdsa_sig" with the corresponding signature for a purpose + *"eddsa_sig" with the corresponding signature for a purpose * of #TALER_SIGNATURE_CLIENT_TEST_EDDSA. If the signature is * valid, a reply with a #TALER_SIGNATURE_MINT_TEST_EDDSA is * returned using the same JSON format. @@ -583,7 +495,7 @@ TMH_TEST_handler_test_transfer (struct TMH_RequestHandler *rh, int res; struct TALER_EncryptedLinkSecretP secret_enc; struct TALER_TransferPrivateKeyP trans_priv; - union TALER_CoinSpendPublicKeyP coin_pub; + struct TALER_CoinSpendPublicKeyP coin_pub; struct TMH_PARSE_FieldSpecification spec[] = { TMH_PARSE_MEMBER_FIXED ("secret_enc", &secret_enc), TMH_PARSE_MEMBER_FIXED ("trans_priv", &trans_priv), diff --git a/src/mint/taler-mint-httpd_test.h b/src/mint/taler-mint-httpd_test.h index e220e438a..1bc5fb66c 100644 --- a/src/mint/taler-mint-httpd_test.h +++ b/src/mint/taler-mint-httpd_test.h @@ -121,29 +121,6 @@ TMH_TEST_handler_test_ecdhe (struct TMH_RequestHandler *rh, size_t *upload_data_size); -/** - * Handle a "/test/ecdsa" request. Parses the JSON in the post, - * which must contain a "ecdsa_pub" with a public key and an - *"ecdsa_sig" with the corresponding signature for a purpose - * of #TALER_SIGNATURE_CLIENT_TEST_ECDSA. If the signature is - * valid, a reply with a #TALER_SIGNATURE_MINT_TEST_ECDSA is - * returned using the same JSON format. - * - * @param rh context of the handler - * @param connection the MHD connection to handle - * @param[in,out] connection_cls the connection's closure (can be updated) - * @param upload_data upload data - * @param[in,out] upload_data_size number of bytes (left) in @a upload_data - * @return MHD result code - */ -int -TMH_TEST_handler_test_ecdsa (struct TMH_RequestHandler *rh, - struct MHD_Connection *connection, - void **connection_cls, - const char *upload_data, - size_t *upload_data_size); - - /** * Handle a "/test/eddsa" request. Parses the JSON in the post, * which must contain a "eddsa_pub" with a public key and an diff --git a/src/mintdb/plugin_mintdb_postgres.c b/src/mintdb/plugin_mintdb_postgres.c index baf94ddab..8bf3302df 100644 --- a/src/mintdb/plugin_mintdb_postgres.c +++ b/src/mintdb/plugin_mintdb_postgres.c @@ -1869,7 +1869,7 @@ postgres_insert_refresh_commit_coins (void *cls, TALER_PQ_QUERY_PARAM_PTR(&newcoin_index_nbo), TALER_PQ_QUERY_PARAM_PTR_SIZED (commit_coins->refresh_link->coin_priv_enc, commit_coins->refresh_link->blinding_key_enc_size + - sizeof (union TALER_CoinSpendPrivateKeyP)), + sizeof (struct TALER_CoinSpendPrivateKeyP)), TALER_PQ_QUERY_PARAM_END }; @@ -1960,7 +1960,7 @@ postgres_get_refresh_commit_coins (void *cls, return GNUNET_SYSERR; } PQclear (result); - if (rl_buf_size < sizeof (union TALER_CoinSpendPrivateKeyP)) + if (rl_buf_size < sizeof (struct TALER_CoinSpendPrivateKeyP)) { GNUNET_free (c_buf); GNUNET_free (rl_buf); @@ -2199,7 +2199,7 @@ postgres_insert_refresh_collectable (void *cls, static struct TALER_MINTDB_LinkDataList * postgres_get_link_data_list (void *cls, struct TALER_MINTDB_Session *session, - const union TALER_CoinSpendPublicKeyP *coin_pub) + const struct TALER_CoinSpendPublicKeyP *coin_pub) { // FIXME: check logic! struct TALER_MINTDB_LinkDataList *ldl; @@ -2247,7 +2247,7 @@ postgres_get_link_data_list (void *cls, ldl); return NULL; } - if (ld_buf_size < sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)) + if (ld_buf_size < sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) { PQclear (result); GNUNET_free (ld_buf); @@ -2257,9 +2257,9 @@ postgres_get_link_data_list (void *cls, } // FIXME: use util API for this! link_enc = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) + - ld_buf_size - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); + ld_buf_size - sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)); link_enc->blinding_key_enc = (const char *) &link_enc[1]; - link_enc->blinding_key_enc_size = ld_buf_size - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey); + link_enc->blinding_key_enc_size = ld_buf_size - sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey); memcpy (link_enc->coin_priv_enc, ld_buf, ld_buf_size); @@ -2293,7 +2293,7 @@ postgres_get_link_data_list (void *cls, static int postgres_get_transfer (void *cls, struct TALER_MINTDB_Session *session, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_TransferPublicKeyP *transfer_pub, struct TALER_EncryptedLinkSecretP *shared_secret_enc) { @@ -2357,7 +2357,7 @@ postgres_get_transfer (void *cls, static struct TALER_MINTDB_TransactionList * postgres_get_coin_transactions (void *cls, struct TALER_MINTDB_Session *session, - const union TALER_CoinSpendPublicKeyP *coin_pub) + const struct TALER_CoinSpendPublicKeyP *coin_pub) { PGresult *result; struct TALER_MINTDB_TransactionList *head; @@ -2375,7 +2375,7 @@ postgres_get_coin_transactions (void *cls, { struct TALER_MINTDB_Deposit *deposit; struct TALER_PQ_QueryParam params[] = { - TALER_PQ_QUERY_PARAM_PTR (&coin_pub->ecdsa_pub), + TALER_PQ_QUERY_PARAM_PTR (&coin_pub->eddsa_pub), TALER_PQ_QUERY_PARAM_END }; json_error_t json_error; diff --git a/src/util/crypto.c b/src/util/crypto.c index 529caa930..966f010e4 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -214,7 +214,7 @@ TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input, ret = GNUNET_new (struct TALER_RefreshLinkDecrypted); memcpy (&ret->coin_priv, buf, - sizeof (union TALER_CoinSpendPrivateKeyP)); + sizeof (struct TALER_CoinSpendPrivateKeyP)); ret->blinding_key.rsa_blinding_key = GNUNET_CRYPTO_rsa_blinding_key_decode (&buf[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)], input->blinding_key_enc_size); @@ -290,7 +290,7 @@ TALER_refresh_link_encrypted_decode (const char *buf, { struct TALER_RefreshLinkEncrypted *rle; - if (buf_len < sizeof (union TALER_CoinSpendPrivateKeyP)) + if (buf_len < sizeof (struct TALER_CoinSpendPrivateKeyP)) return NULL; if (buf_len >= GNUNET_MAX_MALLOC_CHECKED) { @@ -298,9 +298,9 @@ TALER_refresh_link_encrypted_decode (const char *buf, return NULL; } rle = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) + - buf_len - sizeof (union TALER_CoinSpendPrivateKeyP)); + buf_len - sizeof (struct TALER_CoinSpendPrivateKeyP)); rle->blinding_key_enc = (const char *) &rle[1]; - rle->blinding_key_enc_size = buf_len - sizeof (union TALER_CoinSpendPrivateKeyP); + rle->blinding_key_enc_size = buf_len - sizeof (struct TALER_CoinSpendPrivateKeyP); memcpy (rle->coin_priv_enc, buf, buf_len); @@ -321,12 +321,12 @@ TALER_refresh_link_encrypted_encode (const struct TALER_RefreshLinkEncrypted *rl { char *buf; - if (rle->blinding_key_enc_size >= GNUNET_MAX_MALLOC_CHECKED - sizeof (union TALER_CoinSpendPrivateKeyP)) + if (rle->blinding_key_enc_size >= GNUNET_MAX_MALLOC_CHECKED - sizeof (struct TALER_CoinSpendPrivateKeyP)) { GNUNET_break (0); return NULL; } - *buf_len = sizeof (union TALER_CoinSpendPrivateKeyP) + rle->blinding_key_enc_size; + *buf_len = sizeof (struct TALER_CoinSpendPrivateKeyP) + rle->blinding_key_enc_size; buf = GNUNET_malloc (*buf_len); memcpy (buf, rle->coin_priv_enc, @@ -379,15 +379,15 @@ TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info) int TALER_link_decrypt_secret (const struct TALER_EncryptedLinkSecretP *secret_enc, const struct TALER_TransferPrivateKeyP *trans_priv, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_LinkSecretP *secret) { struct TALER_TransferSecretP transfer_secret; if (GNUNET_OK != - GNUNET_CRYPTO_ecc_ecdh (&trans_priv->ecdhe_priv, - &coin_pub->ecdhe_pub, - &transfer_secret.key)) + GNUNET_CRYPTO_ecdh_eddsa (&trans_priv->ecdhe_priv, + &coin_pub->eddsa_pub, + &transfer_secret.key)) { GNUNET_break (0); return GNUNET_SYSERR; @@ -418,15 +418,15 @@ TALER_link_decrypt_secret (const struct TALER_EncryptedLinkSecretP *secret_enc, int TALER_link_decrypt_secret2 (const struct TALER_EncryptedLinkSecretP *secret_enc, const struct TALER_TransferPublicKeyP *trans_pub, - const union TALER_CoinSpendPrivateKeyP *coin_priv, + const struct TALER_CoinSpendPrivateKeyP *coin_priv, struct TALER_LinkSecretP *secret) { struct TALER_TransferSecretP transfer_secret; if (GNUNET_OK != - GNUNET_CRYPTO_ecc_ecdh (&coin_priv->ecdhe_priv, - &trans_pub->ecdhe_pub, - &transfer_secret.key)) + GNUNET_CRYPTO_eddsa_ecdh (&coin_priv->eddsa_priv, + &trans_pub->ecdhe_pub, + &transfer_secret.key)) { GNUNET_break (0); return GNUNET_SYSERR; @@ -456,7 +456,7 @@ TALER_link_decrypt_secret2 (const struct TALER_EncryptedLinkSecretP *secret_enc, */ int TALER_link_encrypt_secret (const struct TALER_LinkSecretP *secret, - const union TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_TransferPrivateKeyP *trans_priv, struct TALER_TransferPublicKeyP *trans_pub, struct TALER_EncryptedLinkSecretP *secret_enc) @@ -466,9 +466,9 @@ TALER_link_encrypt_secret (const struct TALER_LinkSecretP *secret, pk = GNUNET_CRYPTO_ecdhe_key_create (); if (GNUNET_OK != - GNUNET_CRYPTO_ecc_ecdh (pk, - &coin_pub->ecdhe_pub, - &transfer_secret.key)) + GNUNET_CRYPTO_ecdh_eddsa (pk, + &coin_pub->eddsa_pub, + &transfer_secret.key)) { GNUNET_break (0); GNUNET_free (pk); diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c index ce946dd53..a5313195a 100644 --- a/src/util/test_crypto.c +++ b/src/util/test_crypto.c @@ -71,7 +71,7 @@ test_basics () GNUNET_assert (NULL != rld); GNUNET_assert (0 == memcmp (&rld->coin_priv, &rl.coin_priv, - sizeof (union TALER_CoinSpendPrivateKeyP))); + sizeof (struct TALER_CoinSpendPrivateKeyP))); GNUNET_assert (0 == GNUNET_CRYPTO_rsa_blinding_key_cmp (rl.blinding_key.rsa_blinding_key, rld->blinding_key.rsa_blinding_key)); @@ -121,21 +121,21 @@ test_rled () static int test_high_level () { - struct GNUNET_CRYPTO_EcdsaPrivateKey *pk; + struct GNUNET_CRYPTO_EddsaPrivateKey *pk; struct TALER_LinkSecretP secret; struct TALER_LinkSecretP secret2; - union TALER_CoinSpendPublicKeyP coin_pub; - union TALER_CoinSpendPrivateKeyP coin_priv; + struct TALER_CoinSpendPublicKeyP coin_pub; + struct TALER_CoinSpendPrivateKeyP coin_priv; struct TALER_TransferPrivateKeyP trans_priv; struct TALER_TransferPublicKeyP trans_pub; struct TALER_EncryptedLinkSecretP secret_enc; - pk = GNUNET_CRYPTO_ecdsa_key_create (); + pk = GNUNET_CRYPTO_eddsa_key_create (); GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &secret, sizeof (secret)); - GNUNET_CRYPTO_ecdsa_key_get_public (pk, - &coin_pub.ecdsa_pub); + GNUNET_CRYPTO_eddsa_key_get_public (pk, + &coin_pub.eddsa_pub); GNUNET_assert (GNUNET_OK == TALER_link_encrypt_secret (&secret, &coin_pub, @@ -151,7 +151,7 @@ test_high_level () memcmp (&secret, &secret2, sizeof (secret))); - coin_priv.ecdsa_priv = *pk; + coin_priv.eddsa_priv = *pk; GNUNET_assert (GNUNET_OK == TALER_link_decrypt_secret2 (&secret_enc, &trans_pub, -- cgit v1.2.3