LCOV - code coverage report
Current view: top level - util - crypto_wire.c (source / functions) Hit Total Coverage
Test: GNU Taler exchange coverage report Lines: 32 32 100.0 %
Date: 2021-08-30 06:43:37 Functions: 6 6 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :   This file is part of TALER
       3             :   Copyright (C) 2018 Taler Systems SA
       4             : 
       5             :   TALER is free software; you can redistribute it and/or modify it under the
       6             :   terms of the GNU General Public License as published by the Free Software
       7             :   Foundation; either version 3, or (at your option) any later version.
       8             : 
       9             :   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
      10             :   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
      11             :   A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
      12             : 
      13             :   You should have received a copy of the GNU General Public License along with
      14             :   TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
      15             : */
      16             : /**
      17             :  * @file util/crypto_wire.c
      18             :  * @brief functions for making and verifying /wire account signatures
      19             :  * @author Christian Grothoff <christian@grothoff.org>
      20             :  */
      21             : #include "platform.h"
      22             : #include "taler_crypto_lib.h"
      23             : #include "taler_signatures.h"
      24             : 
      25             : 
      26             : /**
      27             :  * Compute the hash of the given wire details. The resulting
      28             :  * hash is what is signed by the master key.
      29             :  *
      30             :  * @param payto_uri bank account
      31             :  * @param[out] hc set to the hash
      32             :  */
      33             : void
      34          55 : TALER_exchange_wire_signature_hash (const char *payto_uri,
      35             :                                     struct GNUNET_HashCode *hc)
      36             : {
      37          55 :   GNUNET_assert (GNUNET_YES ==
      38             :                  GNUNET_CRYPTO_kdf (hc,
      39             :                                     sizeof (*hc),
      40             :                                     payto_uri,
      41             :                                     strlen (payto_uri) + 1,
      42             :                                     "exchange-wire-signature",
      43             :                                     strlen ("exchange-wire-signature"),
      44             :                                     NULL, 0));
      45          55 : }
      46             : 
      47             : 
      48             : /**
      49             :  * Check the signature in @a master_sig.
      50             :  *
      51             :  * @param payto_uri URL that is signed
      52             :  * @param master_pub master public key of the exchange
      53             :  * @param master_sig signature of the exchange
      54             :  * @return #GNUNET_OK if signature is valid
      55             :  */
      56             : enum GNUNET_GenericReturnValue
      57          16 : TALER_exchange_wire_signature_check (
      58             :   const char *payto_uri,
      59             :   const struct TALER_MasterPublicKeyP *master_pub,
      60             :   const struct TALER_MasterSignatureP *master_sig)
      61             : {
      62          16 :   struct TALER_MasterWireDetailsPS wd = {
      63          16 :     .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS),
      64          16 :     .purpose.size = htonl (sizeof (wd))
      65             :   };
      66             : 
      67          16 :   TALER_exchange_wire_signature_hash (payto_uri,
      68             :                                       &wd.h_wire_details);
      69          16 :   return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_DETAILS,
      70             :                                      &wd,
      71             :                                      &master_sig->eddsa_signature,
      72             :                                      &master_pub->eddsa_pub);
      73             : }
      74             : 
      75             : 
      76             : /**
      77             :  * Create a signed wire statement for the given account.
      78             :  *
      79             :  * @param payto_uri account specification
      80             :  * @param master_priv private key to sign with
      81             :  * @param[out] master_sig where to write the signature
      82             :  */
      83             : void
      84          13 : TALER_exchange_wire_signature_make (
      85             :   const char *payto_uri,
      86             :   const struct TALER_MasterPrivateKeyP *master_priv,
      87             :   struct TALER_MasterSignatureP *master_sig)
      88             : {
      89          13 :   struct TALER_MasterWireDetailsPS wd = {
      90          13 :     .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS),
      91          13 :     .purpose.size = htonl (sizeof (wd))
      92             :   };
      93             : 
      94          13 :   TALER_exchange_wire_signature_hash (payto_uri,
      95             :                                       &wd.h_wire_details);
      96          13 :   GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
      97             :                             &wd,
      98             :                             &master_sig->eddsa_signature);
      99          13 : }
     100             : 
     101             : 
     102             : /**
     103             :  * Compute the hash of the given wire details.   The resulting
     104             :  * @a hc is what will be put into the contract between customer
     105             :  * and merchant for signing by both parties.
     106             :  *
     107             :  * @param payto_uri bank account
     108             :  * @param salt salt used to eliminate brute-force inversion
     109             :  * @param[out] hc set to the hash
     110             :  */
     111             : void
     112         484 : TALER_merchant_wire_signature_hash (const char *payto_uri,
     113             :                                     const char *salt,
     114             :                                     struct GNUNET_HashCode *hc)
     115             : {
     116         484 :   GNUNET_assert (GNUNET_YES ==
     117             :                  GNUNET_CRYPTO_kdf (hc,
     118             :                                     sizeof (*hc),
     119             :                                     salt,
     120             :                                     strlen (salt) + 1,
     121             :                                     payto_uri,
     122             :                                     strlen (payto_uri) + 1,
     123             :                                     "merchant-wire-signature",
     124             :                                     strlen ("merchant-wire-signature"),
     125             :                                     NULL, 0));
     126         484 : }
     127             : 
     128             : 
     129             : /**
     130             :  * Check the signature in @a merch_sig.
     131             :  * (Not yet used anywhere.)
     132             :  *
     133             :  * Expected to be used if/when we get @a merch_pub signed via
     134             :  * X.509 *and* have a way for the WebEx wallet to check that the
     135             :  * @a merch_pub provided matches that of the X.509 certificate
     136             :  * from the Web site. Until then, @a merch_pub cannto be
     137             :  * validated (no PKI), and hence there is no point in checking
     138             :  * these signatures. (See #5129 and #3946).
     139             :  *
     140             :  * @param payto_uri URL that is signed
     141             :  * @param salt the salt used to salt the @a payto_uri when hashing
     142             :  * @param merch_pub master public key of the merchant
     143             :  * @param merch_sig signature of the merchant
     144             :  * @return #GNUNET_OK if signature is valid
     145             :  */
     146             : enum GNUNET_GenericReturnValue
     147           3 : TALER_merchant_wire_signature_check (
     148             :   const char *payto_uri,
     149             :   const char *salt,
     150             :   const struct TALER_MerchantPublicKeyP *merch_pub,
     151             :   const struct TALER_MerchantSignatureP *merch_sig)
     152             : {
     153           3 :   struct TALER_MasterWireDetailsPS wd = {
     154           3 :     .purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS),
     155           3 :     .purpose.size = htonl (sizeof (wd))
     156             :   };
     157             : 
     158           3 :   TALER_merchant_wire_signature_hash (payto_uri,
     159             :                                       salt,
     160             :                                       &wd.h_wire_details);
     161           3 :   return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS,
     162             :                                      &wd,
     163             :                                      &merch_sig->eddsa_sig,
     164             :                                      &merch_pub->eddsa_pub);
     165             : }
     166             : 
     167             : 
     168             : /**
     169             :  * Create a signed wire statement for the given account. (Not yet used anywhere.)
     170             :  *
     171             :  * @param payto_uri account specification
     172             :  * @param salt the salt used to salt the @a payto_uri when hashing
     173             :  * @param merch_priv private key to sign with
     174             :  * @param[out] merch_sig where to write the signature
     175             :  */
     176             : void
     177           1 : TALER_merchant_wire_signature_make (
     178             :   const char *payto_uri,
     179             :   const char *salt,
     180             :   const struct TALER_MerchantPrivateKeyP *merch_priv,
     181             :   struct TALER_MerchantSignatureP *merch_sig)
     182             : {
     183           1 :   struct TALER_MasterWireDetailsPS wd = {
     184           1 :     .purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_WIRE_DETAILS),
     185           1 :     .purpose.size = htonl (sizeof (wd))
     186             :   };
     187             : 
     188           1 :   TALER_merchant_wire_signature_hash (payto_uri,
     189             :                                       salt,
     190             :                                       &wd.h_wire_details);
     191           1 :   GNUNET_CRYPTO_eddsa_sign (&merch_priv->eddsa_priv,
     192             :                             &wd,
     193             :                             &merch_sig->eddsa_sig);
     194           1 : }
     195             : 
     196             : 
     197             : /* end of crypto_wire.c */

Generated by: LCOV version 1.14