[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] 02/02: Pulled crypto lib
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] 02/02: Pulled crypto lib |
|
Date: |
Thu, 19 Dec 2019 08:59:15 +0100 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
commit 839eb51d90c6599c155cb8885284c67f8e5f4cfc
Merge: 63d0369 789e02c
Author: Dennis Neufeld <address@hidden>
AuthorDate: Wed Dec 18 21:58:08 2019 +0000
Pulled crypto lib
src/backend/anastasis-httpd_policy_upload.c | 24 ++--
src/include/anastasis_crypto_lib.h | 177 +++++++++++++++++++++-------
src/lib/anastasis_api_policy_store.c | 11 +-
src/lib/testing_api_cmd_policy_store.c | 24 ++--
src/stasis/plugin_anastasis_postgres.c | 2 +-
5 files changed, 167 insertions(+), 71 deletions(-)
diff --cc src/backend/anastasis-httpd_policy_upload.c
index da589b1,ce121f5..0e14436
--- a/src/backend/anastasis-httpd_policy_upload.c
+++ b/src/backend/anastasis-httpd_policy_upload.c
@@@ -447,29 -455,15 +447,30 @@@ begin_payment (struct PolicyUploadConte
MHD_destroy_response (resp);
return ret;
}
-
+
+ // generate new payment identifier
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
+ &puc->payment_identifier,
+ sizeof (
+ struct ANASTASIS_PaymentSecretP));
+
if (qs == ANASTASIS_DB_STATUS_NO_RESULTS)
{
- //create new user
++ // create new user
qs = db->increment_lifetime (db->cls,
&puc->account,
&puc->payment_identifier,
GNUNET_TIME_UNIT_ZERO);
}
+ order_id = GNUNET_STRINGS_data_to_string_alloc (&puc->payment_identifier,
- sizeof(
- struct ANASTASIS_PaymentSecretP));
++ sizeof(
++ struct
++
ANASTASIS_PaymentSecretP));
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "\n\n\n ORDER ID: %s\n\n\n",
+ order_id);
+
GNUNET_CONTAINER_DLL_insert (puc_head,
puc_tail,
puc);
@@@ -516,16 -509,16 +517,17 @@@ handle_database_error (struct PolicyUpl
TALER_EC_SYNC_PREVIOUS_BACKUP_UNKNOWN,
"Cannot update, unknown previous
recovery document");
case ANASTASIS_DB_STATUS_PAYMENT_REQUIRED:
- /* FIXME: payment handling */
-
{
- const char *order_id;
+ char *order_id;
-
++
+ order_id = GNUNET_STRINGS_data_to_string_alloc
(&puc->payment_identifier,
- sizeof (
- struct
ANASTASIS_PaymentSecretP));
++ sizeof (
++ struct
++
ANASTASIS_PaymentSecretP));
- order_id = MHD_lookup_connection_value (puc->con,
- MHD_GET_ARGUMENT_KIND,
- "paying");
+ puc->order_id = order_id;
- if (NULL == order_id || GNUNET_is_zero (order_id))
- if (NULL == order_id)
++ if ((NULL == order_id)|| GNUNET_is_zero (order_id))
{
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Payment required, starting payment process\n");
@@@ -671,29 -664,6 +673,29 @@@ AH_handler_policy_post (struct MHD_Conn
"If-Match does not include a
base32-encoded SHA-512 hash");
}
}
+ {
+ // Check if header contains Payment-Identifier
+ const char *pay_id;
+
+ pay_id = MHD_lookup_connection_value (connection,
+ MHD_HEADER_KIND,
+ "Payment-Identifier");
-
++
+ if ( (NULL != pay_id) &&
+ (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (pay_id,
+ strlen (pay_id),
+ &puc->payment_identifier,
+ sizeof
(&puc->payment_identifier))) )
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_BAD_REQUEST,
- //FIXME: find error code
++ // FIXME: find error code
+ TALER_EC_SYNC_BAD_IF_MATCH,
+ "Payment-Identifier does not
include a base32-encoded SHA-512 hash");
+ }
+ }
{
// Check if header contains Anastasis-Policy-Signature
const char *sig_s;
@@@ -775,9 -745,8 +777,9 @@@
memset (&hc, 0, sizeof (hc));
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"User not known. Payment required to create new
account\n");
+ qs = ANASTASIS_DB_STATUS_PAYMENT_REQUIRED;
return handle_database_error (puc,
- qs);
- ANASTASIS_DB_STATUS_PAYMENT_REQUIRED);
++ qs);
}
if (0 == GNUNET_memcmp (&hc,
&puc->new_policy_upload_hash))
diff --cc src/include/anastasis_crypto_lib.h
index 4b3cf01,1d62dcd..50058e2
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@@ -8,52 -42,50 +42,50 @@@ struct ANASTASIS_CRYPTO_UserIdentifie
{
uint32_t hash[32];
};
-
+ /**
+ * the uuids are used as Identifiers for the Truths
+ */
struct ANASTASIS_CRYPTO_EscrowUuid
{
- uint32_t uuid[32];
+ uuid_t uuid;
};
-
+ /**
+ * id_data contains the secret provided by the user and the server salt for
the Generation of the keys
+ * @param id Reference to the generated Hash
+ * @param id_data JSON encoded data, which contains the raw user secret and a
server salt
+ */
void
ANASTASIS_CRYPTO_uid_hash (const json_t *id_data,
- struct ANASTASIS_CRYPTO_UserIdentifier *id);
-
-
-
- struct ANASTASIS_EscrowProvider *
- ANASTASIS_CRYPTO_escrow_provider_create (const char *base_url,
- const char *method);
-
-
- struct ANASTASIS_CRYPTO_RecoveryDocument *
- ANASTASIS_CRYPTO_recovery_document_create (const struct
- ANASTASIS_CRYPTO_MasterKeyP *
- master_key);
-
-
- // uuid is RETURNED / set!
- int
- ANASTASIS_CRYPTO_recovery_document_add_escrow (struct
-
ANASTASIS_CRYPTO_RecoveryDocument
- *p,
- struct
ANASTASIS_EscrowProvider *
- ep,
- struct
- ANASTASIS_CRYPTO_EscrowUuid *
- uuid);
-
-
- // uuids == array!
- int
- ANASTASIS_CRYPTO_recovery_document_add_policy (struct
-
ANASTASIS_CRYPTO_RecoveryDocument
- *p,
- unsigned int uuids_length,
- const struct
- ANASTASIS_CRYPTO_EscrowUuid *
- uuids);
-
+ struct ANASTASIS_CRYPTO_UserIdentifier
+ *id);
+ /**
+ * Generates the eddsa Public Key
+ * @param uid Hashed Userinput, used as entropy source for the key Generation
+ * @return AccountPrivP the generated eddsa private Key
+ */
+ struct ANASTASIS_AccountPrivP *
+ ANASTASIS_CRYPTO_privKey (const struct
- ANASTASIS_CRYPTO_UserIdentifier
- *uid);
++ ANASTASIS_CRYPTO_UserIdentifier
++ *uid);
+ /**
+ * Generates the eddsa public Key from the private Key
+ * @param privP generated eddsa private key
+ * @return AccountPrivP the generated eddsa private Key
+ */
+ struct ANASTASIS_AccountPubP *
+ ANASTASIS_CRYPTO_pubKey (const struct
+ ANASTASIS_AccountPrivP
+ *privP);
+ /**
+ * Encrypts the Recoverydocument
+ * @param p Reference to the Recoverydocument which should be encrypted
+ * @param id Hashed User input, used for the generation of the encryption key
+ * @param res return from the result, which contains the encrypted
recoverydocument
+ * and the nonce and iv used for the encryption as Additional Data
+ * @param res_size size of the result
+ * @return int Status code FIXME
+ */
int
ANASTASIS_CRYPTO_recovery_document_encrypt (const struct
ANASTASIS_CRYPTO_RecoveryDocument
*p,
@@@ -70,6 -107,52 +107,52 @@@ ANASTASIS_CRYPTO_recovery_document_decr
size_t data_size);
+ struct ANASTASIS_CRYPTO_EscrowMasterKey *
+ ANASTASIS_CRYPTO_escrow_master_key_create (const struct
+ ANASTASIS_CRYPTO_KeyShare *
+ keyShare
+ unsigned int keyshare_length);
+
+
+
+ struct ANASTASIS_CRYPTO_Policy *
+ ANSTASIS_CRYPTO_policy_create (const struct
+ ANASTASIS_CRYPTO_salt *
+ salt,
+ ANASTASIS_CRYPTO_encMasterkey *
+ masterkey,
+ const struct
+ ANASTASIS_CRYPTO_EscrowUuid *
+ uuid,
+ unsigned int uuid_length);
+
+
+ struct ANASTASIS_CRYPTO_EscrowMethod *
+ ANASTASIS_CRYPTO_escrow_method_create (const char *base_url,
+ const char *method,
+ struct
+ ANASTASIS_CRYPTO_EscrowUuid *
+ uuid,
+ struct
+ ANASTASIS_CRYPTO_truth_key *
+ key,
+ ANASTASIS_CRYPTO_salt *
+ salt,
- void * challenge,
++ void *challenge,
+ size_t challange_size
+ );
+
+
+ struct ANASTASIS_CRYPTO_RecoveryDocument *
+ ANASTASIS_CRYPTO_recovery_document_create (struct
+ ANASTASIS_CRYPTO_EscrowMethod *
+ escrowMethod,
+ unsigned int method_lenght,
+ struct
+ ANASTASIS_CRYPTO_Policy *
+ policy,
+ unsigned int policy_lenght);
+
void
ANASTASIS_CRYPTO_recovery_document_destroy (struct
ANASTASIS_CRYPTO_RecoveryDocument
*p);
diff --cc src/lib/anastasis_api_policy_store.c
index fc40e36,e9371a0..8aa1f41
--- a/src/lib/anastasis_api_policy_store.c
+++ b/src/lib/anastasis_api_policy_store.c
@@@ -358,24 -358,22 +358,25 @@@ ANASTASIS_policy_store (struct GNUNET_C
}
/* Setup Payment-Identifier header */
- if (NULL != paymentSecretP) {
- val = GNUNET_STRINGS_data_to_string_alloc (&paymentSecretP,
- sizeof (paymentSecretP));
- GNUNET_asprintf (&hdr,
- "Payment-Identifier: %s",
- val);
- GNUNET_free (val);
- ext = curl_slist_append (job_headers,
- hdr);
- GNUNET_free (hdr);
- if (NULL == ext)
++ if (NULL != paymentSecretP)
+ {
- GNUNET_break (0);
- curl_slist_free_all (job_headers);
- return NULL;
+ val = GNUNET_STRINGS_data_to_string_alloc (&paymentSecretP,
- sizeof (paymentSecretP));
++ sizeof (paymentSecretP));
+ GNUNET_asprintf (&hdr,
- "Payment-Identifier: %s",
- val);
++ "Payment-Identifier: %s",
++ val);
+ GNUNET_free (val);
+ ext = curl_slist_append (job_headers,
- hdr);
++ hdr);
+ GNUNET_free (hdr);
+ if (NULL == ext)
+ {
+ GNUNET_break (0);
+ curl_slist_free_all (job_headers);
+ return NULL;
+ }
+ job_headers = ext;
}
- job_headers = ext;
}
/* Finished setting up headers */
diff --cc src/lib/testing_api_cmd_policy_store.c
index 28046e0,e2d752b..f044f70
--- a/src/lib/testing_api_cmd_policy_store.c
+++ b/src/lib/testing_api_cmd_policy_store.c
@@@ -364,40 -364,14 +364,44 @@@ policy_store_run (void *cls
pss->recovery_data_size,
&pss->curr_hash);
}
+ if (NULL != pss->payment_order_req)
+ {
- if (!GNUNET_is_zero (pss->payment_order_req))
++ if (! GNUNET_is_zero (pss->payment_order_req))
+ {
+ const char *pay_req;
+ struct ANASTASIS_PaymentSecretP pay_sec;
+
+ pay_req = pss->payment_order_req;
+
+ GNUNET_STRINGS_string_to_data (pay_req,
- strlen (pay_req),
- &pay_sec,
- sizeof (
- struct ANASTASIS_PaymentSecretP));
++ strlen (pay_req),
++ &pay_sec,
++ sizeof (
++ struct ANASTASIS_PaymentSecretP));
+ pss->payment_id = &pay_sec;
+ GNUNET_free (&pay_req);
+ GNUNET_free (&pay_sec);
+ }
+ }
pss->pso = ANASTASIS_policy_store (is->ctx,
pss->anastasis_url,
&pss->anastasis_priv,
- NULL /* pre_recovery_data_hash */,
+ ( ( (NULL != pss->prev_upload) &&
- (0 != GNUNET_is_zero
(&pss->prev_hash)) ) ||
- (0 !=
(ANASTASIS_TESTING_PSO_PREV_HASH_WRONG
- & pss->psopt)) )
++ (0 != GNUNET_is_zero (
++ &pss->prev_hash)) ) ||
++ (0 !=
++ (ANASTASIS_TESTING_PSO_PREV_HASH_WRONG
++ & pss->psopt)) )
+ ? &pss->prev_hash
+ : NULL,
pss->recovery_data,
pss->recovery_data_size,
- (0 !=
(ANASTASIS_TESTING_PSO_REQUEST_PAYMENT & pss->psopt)),
- ( NULL != pss->payment_id)
- GNUNET_NO /* payment req */,
- pss->payment_id,
++ (0 !=
++ (ANASTASIS_TESTING_PSO_REQUEST_PAYMENT
++ & pss->psopt)),
++ (NULL != pss->payment_id)
+ ? pss->payment_id
+ : NULL,
&policy_store_cb,
pss);
if (NULL == pss->pso)
--
To stop receiving notification emails like this one, please contact
address@hidden.