LCOV - code coverage report
Current view: top level - util - secmod_signatures.c (source / functions) Hit Total Coverage
Test: GNU Taler exchange coverage report Lines: 53 53 100.0 %
Date: 2022-08-09 06:13:43 Functions: 6 6 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :   This file is part of TALER
       3             :   Copyright (C) 2020, 2021 Taler Systems SA
       4             : 
       5             :   TALER is free software; you can redistribute it and/or modify it under the
       6             :   terms of the GNU General Public License as published by the Free Software
       7             :   Foundation; either version 3, or (at your option) any later version.
       8             : 
       9             :   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
      10             :   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
      11             :   A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
      12             : 
      13             :   You should have received a copy of the GNU General Public License along with
      14             :   TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
      15             : */
      16             : /**
      17             :  * @file secmod_signatures.c
      18             :  * @brief Utility functions for Taler security module signatures
      19             :  * @author Christian Grothoff
      20             :  */
      21             : #include "platform.h"
      22             : #include "taler_util.h"
      23             : #include "taler_signatures.h"
      24             : 
      25             : 
      26             : /**
      27             :  * @brief format used by the signing crypto helper when affirming
      28             :  *        that it created an exchange signing key.
      29             :  */
      30             : struct TALER_SigningKeyAnnouncementPS
      31             : {
      32             : 
      33             :   /**
      34             :    * Purpose must be #TALER_SIGNATURE_SM_SIGNING_KEY.
      35             :    * Used with an EdDSA signature of a `struct TALER_SecurityModulePublicKeyP`.
      36             :    */
      37             :   struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
      38             : 
      39             :   /**
      40             :    * Public signing key of the exchange this is about.
      41             :    */
      42             :   struct TALER_ExchangePublicKeyP exchange_pub;
      43             : 
      44             :   /**
      45             :    * When does the key become available?
      46             :    */
      47             :   struct GNUNET_TIME_TimestampNBO anchor_time;
      48             : 
      49             :   /**
      50             :    * How long is the key available after @e anchor_time?
      51             :    */
      52             :   struct GNUNET_TIME_RelativeNBO duration;
      53             : 
      54             : };
      55             : 
      56             : 
      57             : void
      58          81 : TALER_exchange_secmod_eddsa_sign (
      59             :   const struct TALER_ExchangePublicKeyP *exchange_pub,
      60             :   struct GNUNET_TIME_Timestamp start_sign,
      61             :   struct GNUNET_TIME_Relative duration,
      62             :   const struct TALER_SecurityModulePrivateKeyP *secm_priv,
      63             :   struct TALER_SecurityModuleSignatureP *secm_sig)
      64             : {
      65          81 :   struct TALER_SigningKeyAnnouncementPS ska = {
      66          81 :     .purpose.purpose = htonl (TALER_SIGNATURE_SM_SIGNING_KEY),
      67          81 :     .purpose.size = htonl (sizeof (ska)),
      68             :     .exchange_pub = *exchange_pub,
      69          81 :     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
      70          81 :     .duration = GNUNET_TIME_relative_hton (duration)
      71             :   };
      72             : 
      73          81 :   GNUNET_CRYPTO_eddsa_sign (&secm_priv->eddsa_priv,
      74             :                             &ska,
      75             :                             &secm_sig->eddsa_signature);
      76          81 : }
      77             : 
      78             : 
      79             : enum GNUNET_GenericReturnValue
      80          81 : TALER_exchange_secmod_eddsa_verify (
      81             :   const struct TALER_ExchangePublicKeyP *exchange_pub,
      82             :   struct GNUNET_TIME_Timestamp start_sign,
      83             :   struct GNUNET_TIME_Relative duration,
      84             :   const struct TALER_SecurityModulePublicKeyP *secm_pub,
      85             :   const struct TALER_SecurityModuleSignatureP *secm_sig)
      86             : {
      87          81 :   struct TALER_SigningKeyAnnouncementPS ska = {
      88          81 :     .purpose.purpose = htonl (TALER_SIGNATURE_SM_SIGNING_KEY),
      89          81 :     .purpose.size = htonl (sizeof (ska)),
      90             :     .exchange_pub = *exchange_pub,
      91          81 :     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
      92          81 :     .duration = GNUNET_TIME_relative_hton (duration)
      93             :   };
      94             : 
      95             :   return
      96          81 :     GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_SM_SIGNING_KEY,
      97             :                                 &ska,
      98             :                                 &secm_sig->eddsa_signature,
      99             :                                 &secm_pub->eddsa_pub);
     100             : }
     101             : 
     102             : 
     103             : /**
     104             :  * @brief format used by the denomination crypto helper when affirming
     105             :  *        that it created a denomination key.
     106             :  */
     107             : struct TALER_DenominationKeyAnnouncementPS
     108             : {
     109             : 
     110             :   /**
     111             :    * Purpose must be #TALER_SIGNATURE_SM_RSA_DENOMINATION_KEY.
     112             :    * Used with an EdDSA signature of a `struct TALER_SecurityModulePublicKeyP`.
     113             :    */
     114             :   struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
     115             : 
     116             :   /**
     117             :    * Hash of the denomination public key.
     118             :    */
     119             :   struct TALER_DenominationHashP h_denom;
     120             : 
     121             :   /**
     122             :    * Hash of the section name in the configuration of this denomination.
     123             :    */
     124             :   struct GNUNET_HashCode h_section_name;
     125             : 
     126             :   /**
     127             :    * When does the key become available?
     128             :    */
     129             :   struct GNUNET_TIME_TimestampNBO anchor_time;
     130             : 
     131             :   /**
     132             :    * How long is the key available after @e anchor_time?
     133             :    */
     134             :   struct GNUNET_TIME_RelativeNBO duration_withdraw;
     135             : 
     136             : };
     137             : 
     138             : void
     139           9 : TALER_exchange_secmod_rsa_sign (
     140             :   const struct TALER_RsaPubHashP *h_rsa,
     141             :   const char *section_name,
     142             :   struct GNUNET_TIME_Timestamp start_sign,
     143             :   struct GNUNET_TIME_Relative duration,
     144             :   const struct TALER_SecurityModulePrivateKeyP *secm_priv,
     145             :   struct TALER_SecurityModuleSignatureP *secm_sig)
     146             : {
     147           9 :   struct TALER_DenominationKeyAnnouncementPS dka = {
     148           9 :     .purpose.purpose = htonl (TALER_SIGNATURE_SM_RSA_DENOMINATION_KEY),
     149           9 :     .purpose.size = htonl (sizeof (dka)),
     150             :     .h_denom.hash = h_rsa->hash,
     151           9 :     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
     152           9 :     .duration_withdraw = GNUNET_TIME_relative_hton (duration)
     153             :   };
     154             : 
     155           9 :   GNUNET_CRYPTO_hash (section_name,
     156           9 :                       strlen (section_name) + 1,
     157             :                       &dka.h_section_name);
     158           9 :   GNUNET_CRYPTO_eddsa_sign (&secm_priv->eddsa_priv,
     159             :                             &dka,
     160             :                             &secm_sig->eddsa_signature);
     161             : 
     162           9 : }
     163             : 
     164             : 
     165             : enum GNUNET_GenericReturnValue
     166          81 : TALER_exchange_secmod_rsa_verify (
     167             :   const struct TALER_RsaPubHashP *h_rsa,
     168             :   const char *section_name,
     169             :   struct GNUNET_TIME_Timestamp start_sign,
     170             :   struct GNUNET_TIME_Relative duration,
     171             :   const struct TALER_SecurityModulePublicKeyP *secm_pub,
     172             :   const struct TALER_SecurityModuleSignatureP *secm_sig)
     173             : {
     174          81 :   struct TALER_DenominationKeyAnnouncementPS dka = {
     175          81 :     .purpose.purpose = htonl (TALER_SIGNATURE_SM_RSA_DENOMINATION_KEY),
     176          81 :     .purpose.size = htonl (sizeof (dka)),
     177             :     .h_denom.hash = h_rsa->hash,
     178          81 :     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
     179          81 :     .duration_withdraw = GNUNET_TIME_relative_hton (duration)
     180             :   };
     181             : 
     182          81 :   GNUNET_CRYPTO_hash (section_name,
     183          81 :                       strlen (section_name) + 1,
     184             :                       &dka.h_section_name);
     185             :   return
     186          81 :     GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_SM_RSA_DENOMINATION_KEY,
     187             :                                 &dka,
     188             :                                 &secm_sig->eddsa_signature,
     189             :                                 &secm_pub->eddsa_pub);
     190             : }
     191             : 
     192             : 
     193             : void
     194           9 : TALER_exchange_secmod_cs_sign (
     195             :   const struct TALER_CsPubHashP *h_cs,
     196             :   const char *section_name,
     197             :   struct GNUNET_TIME_Timestamp start_sign,
     198             :   struct GNUNET_TIME_Relative duration,
     199             :   const struct TALER_SecurityModulePrivateKeyP *secm_priv,
     200             :   struct TALER_SecurityModuleSignatureP *secm_sig)
     201             : {
     202           9 :   struct TALER_DenominationKeyAnnouncementPS dka = {
     203           9 :     .purpose.purpose = htonl (TALER_SIGNATURE_SM_CS_DENOMINATION_KEY),
     204           9 :     .purpose.size = htonl (sizeof (dka)),
     205             :     .h_denom.hash = h_cs->hash,
     206           9 :     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
     207           9 :     .duration_withdraw = GNUNET_TIME_relative_hton (duration)
     208             :   };
     209             : 
     210           9 :   GNUNET_CRYPTO_hash (section_name,
     211           9 :                       strlen (section_name) + 1,
     212             :                       &dka.h_section_name);
     213           9 :   GNUNET_CRYPTO_eddsa_sign (&secm_priv->eddsa_priv,
     214             :                             &dka,
     215             :                             &secm_sig->eddsa_signature);
     216             : 
     217           9 : }
     218             : 
     219             : 
     220             : enum GNUNET_GenericReturnValue
     221          81 : TALER_exchange_secmod_cs_verify (
     222             :   const struct TALER_CsPubHashP *h_cs,
     223             :   const char *section_name,
     224             :   struct GNUNET_TIME_Timestamp start_sign,
     225             :   struct GNUNET_TIME_Relative duration,
     226             :   const struct TALER_SecurityModulePublicKeyP *secm_pub,
     227             :   const struct TALER_SecurityModuleSignatureP *secm_sig)
     228             : {
     229          81 :   struct TALER_DenominationKeyAnnouncementPS dka = {
     230          81 :     .purpose.purpose = htonl (TALER_SIGNATURE_SM_CS_DENOMINATION_KEY),
     231          81 :     .purpose.size = htonl (sizeof (dka)),
     232             :     .h_denom.hash = h_cs->hash,
     233          81 :     .anchor_time = GNUNET_TIME_timestamp_hton (start_sign),
     234          81 :     .duration_withdraw = GNUNET_TIME_relative_hton (duration)
     235             :   };
     236             : 
     237          81 :   GNUNET_CRYPTO_hash (section_name,
     238          81 :                       strlen (section_name) + 1,
     239             :                       &dka.h_section_name);
     240             :   return
     241          81 :     GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_SM_CS_DENOMINATION_KEY,
     242             :                                 &dka,
     243             :                                 &secm_sig->eddsa_signature,
     244             :                                 &secm_pub->eddsa_pub);
     245             : }
     246             : 
     247             : 
     248             : /* end of secmod_signatures.c */

Generated by: LCOV version 1.14