[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated (62e9415 -> 673a9dc)
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated (62e9415 -> 673a9dc) |
|
Date: |
Wed, 15 Jan 2020 23:42:24 +0100 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a change to branch master
in repository anastasis.
from 62e9415 crypto header added truth
new 2099054 Added testing command for policy lookup
new d7bdda5 Worked on truth upload
new b4c76be Modified db table anastasis_truth
new 12b1eb4 Worked on escrow challenge
new 800f8a1 Worked on escrow challenge
new fc3ba36 Worked on escrow challenge
new 86e1c27 Worked on truth upload
new 127b3c9 Worked on uploading truth
new 43f5500 Merged
new 673a9dc Merged
The 10 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
src/backend/Makefile.am | 6 +-
src/backend/anastasis-httpd.c | 19 ++-
src/backend/anastasis-httpd.h | 6 +
src/backend/anastasis-httpd_policy_upload.c | 6 +-
src/backend/anastasis-httpd_truth.c | 168 ++++++++++++++++++---
src/backend/anastasis-httpd_truth.h | 11 +-
src/backend/anastasis-httpd_truth_upload.c | 128 ++++++++++++++++
src/backend/anastasis.conf | 3 +
src/include/anastasis_crypto_lib.h | 18 ++-
src/include/anastasis_database_plugin.h | 69 ++++++---
src/include/anastasis_service.h | 37 ++++-
..._policy_store.c => anastasis_api_truth_store.c} | 156 +++++++++----------
src/lib/test_anastasis_api.c | 9 +-
src/stasis/plugin_anastasis_postgres.c | 97 ++++++++----
src/stasis/test_anastasis_db.c | 41 ++++-
15 files changed, 603 insertions(+), 171 deletions(-)
create mode 100644 src/backend/anastasis-httpd_truth_upload.c
copy src/lib/{anastasis_api_policy_store.c => anastasis_api_truth_store.c}
(71%)
diff --git a/src/backend/Makefile.am b/src/backend/Makefile.am
index 4e41dfa..e4cb8d8 100644
--- a/src/backend/Makefile.am
+++ b/src/backend/Makefile.am
@@ -16,7 +16,8 @@ anastasis_httpd_SOURCES = \
anastasis-httpd_mhd.c anastasis-httpd_mhd.h \
anastasis-httpd_policy.c anastasis-httpd_policy.h \
anastasis-httpd_policy_upload.c \
- anastasis-httpd_truth.c anastasis-httpd_truth.h
+ anastasis-httpd_truth.c anastasis-httpd_truth.h \
+ anastasis-httpd_truth_upload.c
anastasis_httpd_LDADD = \
$(top_builddir)/src/util/libanastasisutil.la \
@@ -30,7 +31,8 @@ anastasis_httpd_LDADD = \
-lgnunetcurl \
-lgnunetrest \
-lgnunetjson \
- -lgnunetutil
+ -lgnunetutil \
+ -luuid
EXTRA_DIST = \
$(pkgcfg_DATA)
diff --git a/src/backend/anastasis-httpd.c b/src/backend/anastasis-httpd.c
index d1d8f33..8d31620 100644
--- a/src/backend/anastasis-httpd.c
+++ b/src/backend/anastasis-httpd.c
@@ -53,6 +53,11 @@ char *AH_backend_url;
*/
char *AH_fulfillment_url;
+/**
+ * Standard time range the truth expires.
+ */
+struct GNUNET_TIME_Relative AH_truth_expiration;
+
/**
* Our context for making HTTP requests.
*/
@@ -537,7 +542,19 @@ run (void *cls,
{
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
"anastasis",
- "BASE_URL");
+ "FULLFILLMENT_URL");
+ GNUNET_SCHEDULER_shutdown ();
+ return;
+ }
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_time (config,
+ "anastasis",
+ "TRUTH_EXPIRATION",
+ &AH_truth_expiration))
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+ "anastasis",
+ "TRUTH_EXPIRATION");
GNUNET_SCHEDULER_shutdown ();
return;
}
diff --git a/src/backend/anastasis-httpd.h b/src/backend/anastasis-httpd.h
index 2bf6cf3..f08edbd 100644
--- a/src/backend/anastasis-httpd.h
+++ b/src/backend/anastasis-httpd.h
@@ -154,6 +154,12 @@ extern char *AH_backend_url;
*/
extern char *AH_fulfillment_url;
+/**
+ * Standard time range the truth expires.
+ */
+extern struct GNUNET_TIME_Relative AH_truth_expiration;
+
+
/**
* Our context for making HTTP requests.
*/
diff --git a/src/backend/anastasis-httpd_policy_upload.c
b/src/backend/anastasis-httpd_policy_upload.c
index 5428fb5..15b3c05 100644
--- a/src/backend/anastasis-httpd_policy_upload.c
+++ b/src/backend/anastasis-httpd_policy_upload.c
@@ -491,7 +491,7 @@ begin_payment (struct PolicyUploadContext *puc,
puc);
AH_trigger_curl ();
json_decref (order);
- GNUNET_free (&order_id);
+ GNUNET_free_non_null (&order_id);
return MHD_YES;
}
@@ -695,7 +695,7 @@ AH_handler_policy_post (struct MHD_Connection *connection,
MHD_HTTP_BAD_REQUEST,
// FIXME: find error code
TALER_EC_SYNC_BAD_IF_MATCH,
- "Payment-Identifier does not
include a base32-encoded SHA-512 hash");
+ "Payment-Identifier does not
include a base32-encoded Payment-Identifier");
}
}
{
@@ -761,7 +761,7 @@ AH_handler_policy_post (struct MHD_Connection *connection,
"Account signature does not match
upload");
}
}
- /* get ready to hash (done here as we may go aANASTASIS for payments next)
*/
+ /* get ready to hash (done here as we may go async for payments next) */
puc->hash_ctx = GNUNET_CRYPTO_hash_context_start ();
/* Check database to see if the transaction is permissable */
diff --git a/src/backend/anastasis-httpd_truth.c
b/src/backend/anastasis-httpd_truth.c
index 87b903e..dcf3cbd 100644
--- a/src/backend/anastasis-httpd_truth.c
+++ b/src/backend/anastasis-httpd_truth.c
@@ -22,6 +22,7 @@
*/
#include "platform.h"
#include "anastasis-httpd.h"
+#include "anastasis-httpd_truth.h"
#include <gnunet/gnunet_util_lib.h>
#include <gnunet/gnunet_rest_lib.h>
@@ -38,25 +39,154 @@ AH_handler_truth_get (struct MHD_Connection *connection,
void **con_cls)
{
// FIXME: Handle truth get
- return MHD_NO;
-}
+ uuid_t uuid;
+ struct GNUNET_CRYPTO_SymmetricSessionKey decryption_key;
+ struct GNUNET_HashCode challenge_response;
+ const char *challenge_response_s;
+ void *encrypted_truth;
+ void *decrypted_truth;
+ void *encrypted_keyshare;
+ char result[GNUNET_CRYPTO_AES_KEY_LENGTH];
+ uint32_t *nonce;
+ unsigned char *aes_gcm_tag[16];
+ char *truth_mime;
+ char *method;
+ int ret;
+ /* extract uuid from url */
+ GNUNET_assert (0 == strncmp (url,
+ "/truth/",
+ strlen ("/truth/")));
+ {
+ const char *uuid_str;
+
+ uuid_str = &url[strlen ("/truth/")];
+ uuid_parse (uuid_str, uuid);
+
+ challenge_response_s = MHD_lookup_connection_value (connection,
+ MHD_GET_ARGUMENT_KIND,
+ "response");
+ }
+ {
+ // check if header contains Truth-Decryption-Key
+ const char *tdk;
+
+ tdk = MHD_lookup_connection_value (connection,
+ MHD_HEADER_KIND,
+ "Truth-Decryption-Key");
+
+ if ( (NULL != tdk) &&
+ (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (tdk,
+ strlen (tdk),
+ &decryption_key,
+ sizeof (&decryption_key))))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_BAD_REQUEST,
+ // FIXME: find error code
+ TALER_EC_SYNC_BAD_IF_MATCH,
+ "Truth-Decryption-Key does not
include a base32-encoded decryption key");
+ }
+ else
+ return MHD_HTTP_PRECONDITION_FAILED;
+ }
+ {
+ // load encrypted truth from db
+ enum ANASTASIS_DB_QueryStatus qs;
+
+ qs = db->get_escrow_challenge (db->cls,
+ &uuid,
+ encrypted_truth,
+ sizeof (encrypted_truth),
+ &aes_gcm_tag,
+ &nonce,
+ &truth_mime,
+ &method);
+ if (qs != ANASTASIS_DB_STATUS_SUCCESS_ONE_RESULT)
+ {
+ return qs;
+ }
+
+ if (NULL == challenge_response_s)
+ {
+ // FIXME: Return escrow challenge
+ }
+ }
+ {
+ struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
+
+ GNUNET_CRYPTO_symmetric_derive_iv (&iv,
+ &decryption_key,
+ "ECT",
+ strlen ("ECT"));
+
+ decrypted_truth = GNUNET_malloc (GNUNET_CRYPTO_AES_KEY_LENGTH);
+
+ // decrypt encrypted_truth
+ if (GNUNET_CRYPTO_AES_KEY_LENGTH !=
+ GNUNET_CRYPTO_symmetric_decrypt (result,
+ GNUNET_CRYPTO_AES_KEY_LENGTH,
+ &decryption_key,
+ &iv,
+ decrypted_truth
+ ))
+ {
+ printf ("Wrong return value from decrypt block.\n");
+ ret = 1;
+ goto error;
+ }
+ }
+ {
+ // validate challenge response
+ if (method == "Secure Question")
+ {
+ GNUNET_CRYPTO_hash_from_string (challenge_response_s,
+ &challenge_response);
+
+ if (0 != GNUNET_memcmp (&challenge_response,
+ decrypted_truth))
+ {
+ GNUNET_break (0);
+ return;
+ }
+ else
+ {
+ // load encrypted keyshare from db
+ enum ANASTASIS_DB_QueryStatus qs;
+
+ qs = db->get_key_share (db->cls,
+ &uuid,
+ &encrypted_keyshare,
+ sizeof (&encrypted_keyshare));
+
+ if (qs != ANASTASIS_DB_STATUS_SUCCESS_ONE_RESULT)
+ {
+ return qs;
+ }
+
+ struct MHD_Response *resp;
+ resp = MHD_create_response_from_buffer (sizeof (encrypted_keyshare),
+ encrypted_keyshare,
+ MHD_RESPMEM_MUST_FREE);
+ GNUNET_break (MHD_YES ==
+ MHD_add_response_header (resp,
+
MHD_HTTP_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN,
+ "*"));
+ ret = MHD_queue_response (connection,
+ MHD_HTTP_OK,
+ resp);
+ MHD_destroy_response (resp);
+ return ret;
+ }
+
+ }
+ }
-/**
- * @param connection the MHD connection to handle
- * @param con_cls the connection's closure
- * @param url handles a URL of the format "/truth/$UUID"
- * @param upload_data upload data (truth)
- * @param upload_data_size number of bytes (left) in @a upload_data
- * @return MHD result code
- */
-int
-AH_handler_truth_post (struct MHD_Connection *connection,
- void **con_cls,
- const char *url,
- const char *upload_data,
- size_t *upload_data_size)
-{
- // FIXME: Handle truth get
return MHD_NO;
-}
+
+error:
+ GNUNET_free_non_null (decrypted_truth);
+ return ret;
+}
\ No newline at end of file
diff --git a/src/backend/anastasis-httpd_truth.h
b/src/backend/anastasis-httpd_truth.h
index 57774c5..aa3ae6e 100644
--- a/src/backend/anastasis-httpd_truth.h
+++ b/src/backend/anastasis-httpd_truth.h
@@ -38,17 +38,16 @@ AH_handler_truth_get (struct MHD_Connection *connection,
/**
* @param connection the MHD connection to handle
* @param con_cls the connection's closure
- * @param url handles a URL of the format "/truth/$UUID"
- * @param upload_data upload data (truth)
- * @param upload_data_size number of bytes (left) in @a upload_data
+ * @param url handles a URL of the format "/truth/$UUID
+ * @param truth_data truth data
+ * @param truth_data_size number of bytes (left) in @a truth_data
* @return MHD result code
*/
int
AH_handler_truth_post (struct MHD_Connection *connection,
void **con_cls,
const char *url,
- const char *upload_data,
- size_t *upload_data_size);
-
+ const char *truth_data,
+ size_t *truth_data_size);
#endif
\ No newline at end of file
diff --git a/src/backend/anastasis-httpd_truth_upload.c
b/src/backend/anastasis-httpd_truth_upload.c
new file mode 100644
index 0000000..9c84661
--- /dev/null
+++ b/src/backend/anastasis-httpd_truth_upload.c
@@ -0,0 +1,128 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2019 GNUnet e.V.
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free
Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
details.
+
+ You should have received a copy of the GNU Affero General Public License
along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file anastasis-httpd_truth.c
+ * @brief functions to handle incoming requests on /truth
+ * @author Dennis Neufeld
+ * @author Dominik Meister
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "anastasis-httpd.h"
+#include "anastasis_service.h"
+#include "anastasis-httpd_truth.h"
+#include <gnunet/gnunet_util_lib.h>
+#include <gnunet/gnunet_rest_lib.h>
+#include <taler/taler_json_lib.h>
+#include <taler/taler_merchant_service.h>
+#include <taler/taler_signatures.h>
+#include <uuid/uuid.h>
+
+/**
+ * @param connection the MHD connection to handle
+ * @param truth information about the truth
+ * @return MHD result code
+ */
+static int
+verify_and_execute_truth (struct MHD_Connection *connection,
+ struct ANASTASIS_DB_Truth *truth,
+ const uuid_t *uuid)
+{
+ enum ANASTASIS_DB_QueryStatus qs;
+
+ qs = db->store_truth (db->cls,
+ uuid,
+ truth->keyshare_data,
+ sizeof (&truth->keyshare_data),
+ truth->truth_mime,
+ truth->encrypted_truth,
+ sizeof (&truth->encrypted_truth),
+ &truth->aes_gcm_tag,
+ &truth->truth_hash,
+ &truth->nonce,
+ truth->method,
+ AH_truth_expiration);
+}
+
+/**
+ * @param connection the MHD connection to handle
+ * @param con_cls the connection's closure
+ * @param url handles a URL of the format "/truth/$UUID
+ * @param truth_data truth data
+ * @param truth_data_size number of bytes (left) in @a truth_data
+ * @return MHD result code
+ */
+int
+AH_handler_truth_post (struct MHD_Connection *connection,
+ void **con_cls,
+ const char *url,
+ const char *truth_data,
+ size_t *truth_data_size)
+{
+ json_t *json;
+ uuid_t uuid;
+ int res;
+ struct ANASTASIS_DB_Truth truth;
+
+ /* extract uuid from url */
+ GNUNET_assert (0 == strncmp (url,
+ "/truth/",
+ strlen ("/truth/")));
+ {
+ const char *uuid_str;
+
+ uuid_str = &url[strlen ("/truth/")];
+ uuid_parse (uuid_str, uuid);
+ }
+ {
+
+ }
+ {
+ struct GNUNET_JSON_Specification spec[] = {
+ GNUNET_JSON_spec_fixed_auto ("keyshare_data", &truth.keyshare_data),
+ GNUNET_JSON_spec_string ("method", &truth.method),
+ GNUNET_JSON_spec_uint32 ("nonce", &truth.nonce),
+ GNUNET_JSON_spec_fixed_auto ("aes_gcm_tag", &truth.aes_gcm_tag),
+ GNUNET_JSON_spec_fixed_auto ("truth_hash", &truth.truth_hash),
+ GNUNET_JSON_spec_fixed_auto ("encrypted_truth", &truth.encrypted_truth),
+ GNUNET_JSON_spec_string ("truth_mime", &truth.truth_mime),
+ GNUNET_JSON_spec_end ()
+ };
+
+ res = TALER_MHD_parse_post_json (connection,
+ con_cls,
+ truth_data,
+ truth_data_size,
+ &json);
+ if (GNUNET_SYSERR == res)
+ return MHD_NO;
+ if ( (GNUNET_NO == res) || (NULL == json) )
+ return MHD_YES;
+ res = TALER_MHD_parse_json_data (connection,
+ json,
+ spec);
+ json_decref (json);
+ if (GNUNET_SYSERR == res)
+ return MHD_NO; /* hard failure */
+ if (GNUNET_NO == res)
+ return MHD_YES; /* failure */
+ res = verify_and_execute_truth (connection,
+ &truth,
+ &uuid);
+ GNUNET_JSON_parse_free (spec);
+ return res;
+ }
+}
diff --git a/src/backend/anastasis.conf b/src/backend/anastasis.conf
index 22e00de..9c61c61 100644
--- a/src/backend/anastasis.conf
+++ b/src/backend/anastasis.conf
@@ -35,6 +35,9 @@ FULFILLMENT_URL = taler://fulfillment-success
# Base URL of our payment backend
PAYMENT_BACKEND_URL = http://localhost:9976/
+# Standard expiration time in microseconds range of truth (2 years)
+TRUTH_EXPIRATION = 63115200000000
+
# Configuration for postgres database.
[anastasisdb-postgres]
CONFIG = postgres:///anastasis
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index 7b05d07..82f4276 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -25,7 +25,7 @@ struct ANASTASIS_CRYPTO_truth_key
uint32_t key[8];
};
-struct ANASTASIS_CRYPTO_salt
+struct ANASTASIS_CRYPTO_Salt
{
uint32_t key[8];
};
@@ -129,15 +129,15 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (const struct
struct ANASTASIS_CRYPTO_EscrowMasterKey *
ANASTASIS_CRYPTO_escrow_master_key_create (const struct
- ANASTASIS_CRYPTO_KeyShare *
- keyShare
+ ANASTASIS_CRYPTO_KeyShare *keyShare,
unsigned int keyshare_length);
struct ANASTASIS_CRYPTO_Policy *
ANSTASIS_CRYPTO_policy_create (const struct
- ANASTASIS_CRYPTO_salt *
+ ANASTASIS_CRYPT_Salt *
salt,
+ struct
ANASTASIS_CRYPTO_encMasterkey *
masterkey,
const struct
@@ -155,7 +155,8 @@ ANASTASIS_CRYPTO_escrow_method_create (const char *base_url,
struct
ANASTASIS_CRYPTO_truth_key *
key,
- ANASTASIS_CRYPTO_salt *
+ struct
+ ANASTASIS_CRYPTO_Salt *
salt,
void *challenge,
size_t challange_size
@@ -202,9 +203,9 @@ ANASTASIS_CRYPTO_encrypted_keyshare_create (struct
struct ANASTAIS_CRYPTO_Encrypted_Truth *
-ANASTASIS_CRYPTO_encrypted_truth_create (void * truth,
+ANASTASIS_CRYPTO_encrypted_truth_create (void *truth,
size_t truth_size,
- char * truth_mime);
+ char *truth_mime);
@@ -224,7 +225,8 @@ ANASTASIS_CRYPTO_truth_destroy (struct
ANASTASIS_CRYPTO_Truth *p);
void
ANASTASIS_CRYPTO_encrypted_keyshare_destroy (struct
-
ANASTASIS_CRYPTO_Encrypted_KeyShare *p);
+
ANASTASIS_CRYPTO_Encrypted_KeyShare
+ *p);
void
ANASTASIS_CRYPTO_encrypted_truth_destroy (struct
ANASTAIS_CRYPTO_Encrypted_Truth *p);
diff --git a/src/include/anastasis_database_plugin.h
b/src/include/anastasis_database_plugin.h
index b9afe38..f2798d7 100644
--- a/src/include/anastasis_database_plugin.h
+++ b/src/include/anastasis_database_plugin.h
@@ -24,10 +24,31 @@
#include <gnunet/gnunet_util_lib.h>
#include <anastasis_error_codes.h>
#include "anastasis_service.h"
+#include "anastasis_crypto_lib.h"
#include <jansson.h>
#include <taler/taler_util.h>
#include <uuid/uuid.h>
+/**
+ * @brief Specification for a /truth operation.
+ */
+struct ANASTASIS_DB_Truth
+{
+ const void *keyshare_data;
+
+ uint32_t nonce;
+
+ // AES_GCM_Tag
+ const unsigned char aes_gcm_tag[16];
+
+ const struct GNUNET_HashCode *truth_hash;
+
+ const void *encrypted_truth;
+
+ const char *truth_mime;
+
+ const char *method;
+};
/**
* Function called on all pending payments for an account.
@@ -217,31 +238,42 @@ struct ANASTASIS_DatabasePlugin
uint32_t *version);
/**
- * Upload Truth, which contains the Truth and the KeyShare.
- *
- * @param cls closure
- * @param uuid the identifier for the Truth
- * @param truth_data contains the encrypted Truth which includes the ground
truth i.e. H(challange answer), phonenumber, SMS
- * @param truth_data_size the size of the Truth
- * @param truth_expiration time till the according data will be stored
- * @return transaction status
- */
+ * Upload Truth, which contains the Truth and the KeyShare.
+ *
+ * @param cls closure
+ * @param uuid the identifier for the Truth
+ * @param key_share_data contains information of an EncryptedKeyShare
+ * @param key_share_data_size size of key_share_data
+ * @param method name of method
+ * @param nonce nonce used to compute encryption key for encrypted_truth
+ * @param aes_gcm_tag authentication tag of encrypted_truth
+ * @param encrypted_truth contains the encrypted Truth which includes the
ground truth i.e. H(challange answer), phonenumber, SMS
+ * @param encrypted_truth_size the size of the Truth
+ * @param truth_expiration time till the according data will be stored
+ * @return transaction status
+ */
enum ANASTASIS_DB_QueryStatus
(*store_truth)(void *cls,
const uuid_t *uuid,
- const void *truth_data,
- size_t truth_data_size,
+ const void *key_share_data,
+ size_t key_share_data_size,
const char *mime_type,
- const void *encrypted_key_share,
- size_t encrypted_key_share_size,
- struct GNUNET_TIME_Relative truth_expiration);
+ const void *encrypted_truth,
+ size_t encrypted_truth_size,
+ const struct
+ GNUNET_HashCode *truth_data_hash,
+ const unsigned char aes_gcm_tag[16],
+ const uint32_t *nonce,
+ const char *method,
+ struct
+ GNUNET_TIME_Relative truth_expiration);
/**
* @param cls closure
* @param uuid the identifier for the Truth
- * @param truth contains the truth (base32 encoded)
- * @param truth_size size of truth
+ * @param truth contains the encrypted truth
+ * @param truth_size size of the encrypted truth
* @param truth_mime mime type of truth
* @return transaction status
*/
@@ -250,7 +282,10 @@ struct ANASTASIS_DatabasePlugin
const uuid_t *uuid,
void **truth,
size_t *truth_size,
- char **truth_mime);
+ unsigned char **aes_gcm_tag,
+ uint32_t **nonce,
+ char **truth_mime,
+ char **method);
/**
* @param cls closure
diff --git a/src/include/anastasis_service.h b/src/include/anastasis_service.h
index e99a851..6dc8477 100644
--- a/src/include/anastasis_service.h
+++ b/src/include/anastasis_service.h
@@ -27,6 +27,7 @@
#include <gnunet/gnunet_curl_lib.h>
#include <jansson.h>
#include "anastasis_error_codes.h"
+#include <uuid/uuid.h>
GNUNET_NETWORK_STRUCT_BEGIN
@@ -58,6 +59,13 @@ struct ANASTASIS_PaymentSecretP
struct ANASTASIS_SaltOperation;
+/**
+ * Uuid used for truth upload/download
+ */
+struct ANASTASIS_UuidP
+{
+ uuid_t uuid;
+};
/**
* Data signed by the account public key of a sync client to
@@ -66,7 +74,7 @@ struct ANASTASIS_SaltOperation;
struct ANASTASIS_UploadSignaturePS
{
/**
- * Set to #TALER_SIGNATURE_ANASTASIS_BACKUP_UPLOAD.
+ * Set to #TALER_SIGNATURE_ANASTASIS_POLICY_UPLOAD.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@@ -254,6 +262,8 @@ void
ANASTASIS_salt_cancel (struct ANASTASIS_SaltOperation *so);
+/****** POLICY API ******/
+
/**
* Handle for a GET /policy operation.
*/
@@ -383,4 +393,29 @@ ANASTASIS_policy_store_cancel (struct
ANASTASIS_PolicyStoreOperation *pso);
+
+
+/****** TRUTH API ******/
+
+/**
+ * Handle for a POST /policy operation.
+ */
+struct ANASTASIS_TruthStoreOperation;
+
+
+/**
+ * Callback to process a POST /policy request
+ *
+ * @param cls closure
+ * @param http_status HTTP status code for this request
+ * @param ec anastasis-specific error code
+ * @param obj the response body
+ */
+typedef void
+(*ANASTASIS_TruthStoreCallback) (void *cls,
+ enum ANASTASIS_ErrorCode ec,
+ unsigned int http_status,
+ const struct ANASTASIS_UploadDetails *up);
+
+
#endif /* _ANASTASIS_SERVICE_H */
diff --git a/src/lib/anastasis_api_policy_store.c
b/src/lib/anastasis_api_truth_store.c
similarity index 71%
copy from src/lib/anastasis_api_policy_store.c
copy to src/lib/anastasis_api_truth_store.c
index 13172f3..f887377 100644
--- a/src/lib/anastasis_api_policy_store.c
+++ b/src/lib/anastasis_api_truth_store.c
@@ -18,8 +18,8 @@
*/
/**
- * @file lib/anastasis_api_policy_store.c
- * @brief Implementation of the /policy GET and POST
+ * @file lib/anastasis_api_truth_store.c
+ * @brief Implementation of the /truth GET and POST
* @author Christian Grothoff
* @author Dennis Neufeld
* @author Dominik Meister
@@ -38,10 +38,10 @@
#include "anastasis_api_curl_defaults.h"
-struct ANASTASIS_PolicyStoreOperation
+struct ANASTASIS_TruthStoreOperation
{
/**
- * Complete URL where the backend offers /policy
+ * Complete URL where the backend offers /truth
*/
char *url;
@@ -58,7 +58,7 @@ struct ANASTASIS_PolicyStoreOperation
/**
* The callback to pass the backend response to
*/
- ANASTASIS_PolicyStoreCallback cb;
+ ANASTASIS_TruthStoreCallback cb;
/**
* Closure for @e cb.
@@ -73,49 +73,49 @@ struct ANASTASIS_PolicyStoreOperation
/**
* Hash of the data we are uploading.
*/
- struct GNUNET_HashCode new_recovery_data_hash;
+ struct GNUNET_HashCode new_truth_data_hash;
};
/**
- * Cancel a POST /policy request.
+ * Cancel a POST /truth request.
*
- * @param pso the policy store operation to cancel
+ * @param tso the truth store operation to cancel
*/
void
-ANASTASIS_policy_store_cancel (struct
- ANASTASIS_PolicyStoreOperation *pso)
+ANASTASIS_truth_store_cancel (struct
+ ANASTASIS_TruthStoreOperation *tso)
{
- if (NULL != pso->job)
+ if (NULL != tso->job)
{
- GNUNET_CURL_job_cancel (pso->job);
- pso->job = NULL;
+ GNUNET_CURL_job_cancel (tso->job);
+ tso->job = NULL;
}
- GNUNET_free_non_null (pso->pay_uri);
- GNUNET_free (pso->url);
- GNUNET_free (pso);
+ GNUNET_free_non_null (tso->pay_uri);
+ GNUNET_free (tso->url);
+ GNUNET_free (tso);
}
/**
- * Callback to process POST /policy response
+ * Callback to process POST /truth response
*
- * @param cls the `struct ANASTASIS_PolicyStoreOperation`
+ * @param cls the `struct ANASTASIS_TruthStoreOperation`
* @param response_code HTTP response code, 0 on error
* @param data
* @param data_size
*/
static void
-handle_policy_store_finished (void *cls,
- long response_code,
- const void *data,
- size_t data_size)
+handle_truth_store_finished (void *cls,
+ long response_code,
+ const void *data,
+ size_t data_size)
{
- struct ANASTASIS_PolicyStoreOperation *pso = cls;
+ struct ANASTASIS_TruthStoreOperation *tso = cls;
enum TALER_ErrorCode ec = TALER_EC_INVALID;
struct ANASTASIS_UploadDetails ud;
struct ANASTASIS_UploadDetails *udp;
- pso->job = NULL;
+ tso->job = NULL;
udp = NULL;
memset (&ud, 0, sizeof (ud));
switch (response_code)
@@ -124,13 +124,13 @@ handle_policy_store_finished (void *cls,
break;
case MHD_HTTP_NO_CONTENT:
ud.us = ANASTASIS_US_SUCCESS;
- ud.details.curr_backup_hash = &pso->new_recovery_data_hash;
+ ud.details.curr_backup_hash = &tso->new_truth_data_hash;
udp = &ud;
ec = TALER_EC_NONE;
break;
case MHD_HTTP_NOT_MODIFIED:
ud.us = ANASTASIS_US_SUCCESS;
- ud.details.curr_backup_hash = &pso->new_recovery_data_hash;
+ ud.details.curr_backup_hash = &tso->new_truth_data_hash;
udp = &ud;
ec = TALER_EC_NONE;
break;
@@ -141,7 +141,7 @@ handle_policy_store_finished (void *cls,
break;
case MHD_HTTP_PAYMENT_REQUIRED:
ud.us = ANASTASIS_US_PAYMENT_REQUIRED;
- ud.details.payment_request = pso->pay_uri;
+ ud.details.payment_request = tso->pay_uri;
udp = &ud;
ec = TALER_EC_NONE;
break;
@@ -178,15 +178,15 @@ handle_policy_store_finished (void *cls,
data_size);
break;
}
- if (NULL != pso->cb)
+ if (NULL != tso->cb)
{
- pso->cb (pso->cb_cls,
+ tso->cb (tso->cb_cls,
ec,
response_code,
udp);
- pso->cb = NULL;
+ tso->cb = NULL;
}
- ANASTASIS_policy_store_cancel (pso);
+ ANASTASIS_truth_store_cancel (tso);
}
@@ -205,7 +205,7 @@ handle_header (char *buffer,
size_t nitems,
void *userdata)
{
- struct ANASTASIS_PolicyStoreOperation *pso = userdata;
+ struct ANASTASIS_TruthStoreOperation *tso = userdata;
size_t total = size * nitems;
char *ndup;
const char *hdr_type;
@@ -233,7 +233,7 @@ handle_header (char *buffer,
"Taler"))
{
/* found payment URI we care about! */
- pso->pay_uri = GNUNET_strdup (hdr_val);
+ tso->pay_uri = GNUNET_strdup (hdr_val);
}
GNUNET_free (ndup);
return total;
@@ -241,50 +241,50 @@ handle_header (char *buffer,
/**
- * Store policies, does a POST /policy/$AccountPub
+ * Store policies, does a POST /truth/$AccountPub
*
* @param ctx the CURL context used to connect to the backend
* @param backend_url backend's base URL, including final "/"
* @param anastasis_pub public key of the user's account
* @param anastasis_priv private key of the user's account
- * @param prev_recovery_data_hash hash of the previous uploaded recovery
document
- * @param recovery_data policy data to be stored
- * @param recovery_data_size number of bytes in @a recovery_data
+ * @param prev_truth_data_hash hash of the previous uploaded truth document
+ * @param truth_data truth data to be stored
+ * @param truth_data_size number of bytes in @a truth_data
* @param payment_requested #GNUNET_YES if the client wants to pay more for
the account now
* @param paymentSecretP payment identifier of last payment
- * @param cb callback processing the response from /policy
+ * @param cb callback processing the response from /truth
* @param cb_cls closure for cb
* @return handle for the operation
*/
-struct ANASTASIS_PolicyStoreOperation *
-ANASTASIS_policy_store (struct GNUNET_CURL_Context *ctx,
- const char *backend_url,
- const struct
- ANASTASIS_AccountPrivP *anastasis_priv,
- const struct
- GNUNET_HashCode *prev_recovery_data_hash,
- const void *recovery_data,
- size_t recovery_data_size,
- int payment_requested,
- const struct
- ANASTASIS_PaymentSecretP *paymentSecretP,
- ANASTASIS_PolicyStoreCallback cb,
- void *cb_cls)
+struct ANASTASIS_TruthStoreOperation *
+ANASTASIS_truth_store (struct GNUNET_CURL_Context *ctx,
+ const char *backend_url,
+ const struct
+ ANASTASIS_AccountPrivP *anastasis_priv,
+ const struct
+ GNUNET_HashCode *prev_truth_data_hash,
+ const void *truth_data,
+ size_t truth_data_size,
+ int payment_requested,
+ const struct
+ ANASTASIS_PaymentSecretP *paymentSecretP,
+ ANASTASIS_TruthStoreCallback cb,
+ void *cb_cls)
{
- struct ANASTASIS_PolicyStoreOperation *pso;
+ struct ANASTASIS_TruthStoreOperation *tso;
struct ANASTASIS_AccountSignatureP account_sig;
struct ANASTASIS_UploadSignaturePS usp;
CURL *eh;
struct curl_slist *job_headers;
memset (&usp, 0, sizeof (usp));
- usp.purpose.purpose = htonl (TALER_SIGNATURE_ANASTASIS_POLICY_UPLOAD);
+ usp.purpose.purpose = htonl (TALER_SIGNATURE_ANASTASIS_TRUTH_UPLOAD);
usp.purpose.size = htonl (sizeof (usp));
- if (NULL != prev_recovery_data_hash)
- usp.old_recovery_data_hash = *prev_recovery_data_hash;
- GNUNET_CRYPTO_hash (recovery_data,
- recovery_data_size,
- &usp.new_recovery_data_hash);
+ if (NULL != prev_truth_data_hash)
+ usp.old_truth_data_hash = *prev_truth_data_hash;
+ GNUNET_CRYPTO_hash (truth_data,
+ truth_data_size,
+ &usp.new_truth_data_hash);
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_sign (&anastasis_priv->priv,
&usp.purpose,
@@ -304,7 +304,7 @@ ANASTASIS_policy_store (struct GNUNET_CURL_Context *ctx,
val = GNUNET_STRINGS_data_to_string_alloc (&account_sig,
sizeof (account_sig));
GNUNET_asprintf (&hdr,
- "Anastasis-Policy-Signature: %s",
+ "Anastasis-Truth-Signature: %s",
val);
GNUNET_free (val);
ext = curl_slist_append (job_headers,
@@ -319,7 +319,7 @@ ANASTASIS_policy_store (struct GNUNET_CURL_Context *ctx,
job_headers = ext;
/* set Etag header */
- val = GNUNET_STRINGS_data_to_string_alloc (&usp.new_recovery_data_hash,
+ val = GNUNET_STRINGS_data_to_string_alloc (&usp.new_truth_data_hash,
sizeof (struct
GNUNET_HashCode));
GNUNET_asprintf (&hdr,
"Etag: %s",
@@ -337,9 +337,9 @@ ANASTASIS_policy_store (struct GNUNET_CURL_Context *ctx,
job_headers = ext;
/* Setup If-Match header */
- if (NULL != prev_recovery_data_hash)
+ if (NULL != prev_truth_data_hash)
{
- val = GNUNET_STRINGS_data_to_string_alloc (&usp.old_recovery_data_hash,
+ val = GNUNET_STRINGS_data_to_string_alloc (&usp.old_truth_data_hash,
sizeof (struct
GNUNET_HashCode));
GNUNET_asprintf (&hdr,
@@ -381,8 +381,8 @@ ANASTASIS_policy_store (struct GNUNET_CURL_Context *ctx,
}
/* Finished setting up headers */
- pso = GNUNET_new (struct ANASTASIS_PolicyStoreOperation);
- pso->new_recovery_data_hash = usp.new_recovery_data_hash;
+ tso = GNUNET_new (struct ANASTASIS_TruthStoreOperation);
+ tso->new_truth_data_hash = usp.new_truth_data_hash;
{
char *acc_pub_str;
char *path;
@@ -394,25 +394,25 @@ ANASTASIS_policy_store (struct GNUNET_CURL_Context *ctx,
acc_pub_str = GNUNET_STRINGS_data_to_string_alloc (&pub,
sizeof (pub));
GNUNET_asprintf (&path,
- "policy/%s",
+ "truth/%s",
acc_pub_str);
GNUNET_free (acc_pub_str);
- pso->url = TALER_url_join (backend_url,
+ tso->url = TALER_url_join (backend_url,
path);
GNUNET_free (path);
}
- pso->ctx = ctx;
- pso->cb = cb;
- pso->cb_cls = cb_cls;
- eh = ANASTASIS_curl_easy_get_ (pso->url);
+ tso->ctx = ctx;
+ tso->cb = cb;
+ tso->cb_cls = cb_cls;
+ eh = ANASTASIS_curl_easy_get_ (tso->url);
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_POSTFIELDS,
- recovery_data));
+ truth_data));
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_POSTFIELDSIZE,
- (long) recovery_data_size));
+ (long) truth_data_size));
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_HEADERFUNCTION,
@@ -420,12 +420,12 @@ ANASTASIS_policy_store (struct GNUNET_CURL_Context *ctx,
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_HEADERDATA,
- pso));
- pso->job = GNUNET_CURL_job_add_raw (ctx,
+ tso));
+ tso->job = GNUNET_CURL_job_add_raw (ctx,
eh,
job_headers,
- &handle_policy_store_finished,
- pso);
+ &handle_truth_store_finished,
+ tso);
curl_slist_free_all (job_headers);
- return pso;
+ return tso;
}
diff --git a/src/lib/test_anastasis_api.c b/src/lib/test_anastasis_api.c
index e9df51d..33348ec 100644
--- a/src/lib/test_anastasis_api.c
+++ b/src/lib/test_anastasis_api.c
@@ -279,7 +279,7 @@ run (void *cls,
ANASTASIS_TESTING_cmd_policy_store ("policy-store-1",
anastasis_url,
NULL,
- MHD_HTTP_OK,
+ MHD_HTTP_PAYMENT_REQUIRED,
ANASTASIS_TESTING_PSO_NONE,
"Test-1",
strlen ("Test-1")),
@@ -302,12 +302,17 @@ run (void *cls,
ANASTASIS_TESTING_cmd_policy_store ("policy-store-2",
anastasis_url,
- "backup-upload-1",
+ "policy-store-1",
MHD_HTTP_OK,
ANASTASIS_TESTING_PSO_NONE,
"Test-2",
strlen ("Test-2")),
+ ANASTASIS_TESTING_cmd_policy_lookup ("policy-lookup-1",
+ anastasis_url,
+ MHD_HTTP_OK,
+ "policy-store-2"),
+
TALER_TESTING_cmd_end ()
};
diff --git a/src/stasis/plugin_anastasis_postgres.c
b/src/stasis/plugin_anastasis_postgres.c
index 9d43764..65029d1 100644
--- a/src/stasis/plugin_anastasis_postgres.c
+++ b/src/stasis/plugin_anastasis_postgres.c
@@ -712,20 +712,31 @@ postgres_record_payment (void *cls,
*
* @param cls closure
* @param uuid the identifier for the Truth
- * @param truth_data contains the encrypted Truth which includes the ground
truth i.e. H(challange answer), phonenumber, SMS
- * @param truth_data_size the size of the Truth
+ * @param key_share_data contains information of an EncryptedKeyShare
+ * @param key_share_data_size size of key_share_data
+ * @param method name of method
+ * @param nonce nonce used to compute encryption key for encrypted_truth
+ * @param aes_gcm_tag authentication tag of encrypted_truth
+ * @param encrypted_truth contains the encrypted Truth which includes the
ground truth i.e. H(challange answer), phonenumber, SMS
+ * @param encrypted_truth_size the size of the Truth
* @param truth_expiration time till the according data will be stored
* @return transaction status
*/
static enum ANASTASIS_DB_QueryStatus
postgres_store_truth (void *cls,
const uuid_t *uuid,
- const void *truth_data,
- size_t truth_data_size,
+ const void *key_share_data,
+ size_t key_share_data_size,
const char *mime_type,
- const void *encrypted_key_share,
- size_t encrypted_key_share_size,
- struct GNUNET_TIME_Relative truth_expiration)
+ const void *encrypted_truth,
+ size_t encrypted_truth_size,
+ const struct
+ GNUNET_HashCode *truth_data_hash,
+ const unsigned char aes_gcm_tag[16],
+ const uint32_t *nonce,
+ const char *method,
+ struct
+ GNUNET_TIME_Relative truth_expiration)
{
struct PostgresClosure *pg = cls;
enum ANASTASIS_DB_QueryStatus qs;
@@ -746,10 +757,14 @@ postgres_store_truth (void *cls,
{
struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (uuid),
- GNUNET_PQ_query_param_fixed_size (truth_data, truth_data_size),
+ GNUNET_PQ_query_param_fixed_size (key_share_data, key_share_data_size),
+ GNUNET_PQ_query_param_string (method),
+ GNUNET_PQ_query_param_auto_from_type (nonce),
+ GNUNET_PQ_query_param_auto_from_type (aes_gcm_tag),
+ GNUNET_PQ_query_param_auto_from_type (truth_data_hash),
+ GNUNET_PQ_query_param_fixed_size (encrypted_truth,
+ encrypted_truth_size),
GNUNET_PQ_query_param_string (mime_type),
- GNUNET_PQ_query_param_fixed_size (encrypted_key_share,
- encrypted_key_share_size),
TALER_PQ_query_param_absolute_time (&expiration),
GNUNET_PQ_query_param_end
};
@@ -788,12 +803,12 @@ postgres_store_truth (void *cls,
/**
- * Get the challenge from the truth i.e. Security Question, SMS, E-Mail
+ * Get the encrypted truth to validate the challenge response
*
* @param cls closure
* @param uuid the identifier for the Truth
- * @param truth contains the truth (base32 encoded)
- * @param truth_size size of truth
+ * @param truth contains the encrypted truth
+ * @param truth_size size of encrypted truth
* @param truth_mime mime type of truth
* @return transaction status
*/
@@ -802,7 +817,10 @@ postgres_get_escrow_challenge (void *cls,
const uuid_t *uuid,
void **truth,
size_t *truth_size,
- char **truth_mime)
+ unsigned char **aes_gcm_tag,
+ uint32_t **nonce,
+ char **truth_mime,
+ char **method)
{
struct PostgresClosure *pg = cls;
struct GNUNET_PQ_QueryParam params[] = {
@@ -810,11 +828,17 @@ postgres_get_escrow_challenge (void *cls,
GNUNET_PQ_query_param_end
};
struct GNUNET_PQ_ResultSpec rs[] = {
- GNUNET_PQ_result_spec_variable_size ("truth",
+ GNUNET_PQ_result_spec_variable_size ("encrypted_truth",
truth,
truth_size),
- GNUNET_PQ_result_spec_string ("mime_type",
+ GNUNET_PQ_result_spec_string ("aes_gcm_tag",
+ aes_gcm_tag),
+ GNUNET_PQ_result_spec_uint32 ("nonce",
+ nonce),
+ GNUNET_PQ_result_spec_string ("truth_mime",
truth_mime),
+ GNUNET_PQ_result_spec_string ("method",
+ method),
GNUNET_PQ_result_spec_end
};
@@ -845,7 +869,7 @@ postgres_get_key_share (void *cls,
GNUNET_PQ_query_param_end
};
struct GNUNET_PQ_ResultSpec rs[] = {
- GNUNET_PQ_result_spec_variable_size ("key_share",
+ GNUNET_PQ_result_spec_variable_size ("key_share_data",
key_share,
key_share_size),
GNUNET_PQ_result_spec_end
@@ -1044,10 +1068,14 @@ libanastasis_plugin_db_postgres_init (void *cls)
contract terms table */
GNUNET_PQ_make_execute ("CREATE TABLE IF NOT EXISTS anastasis_truth"
"( truth_id UUID PRIMARY KEY NOT NULL,"
- "truth BYTEA NOT NULL,"
- "mime_type VARCHAR,"
- "key_share BYTEA NOT NULL,"
- "expiration TIMESTAMP NOT NULL"
+ " key_share_data BYTEA NOT NULL,"
+ " method VARCHAR,"
+ " nonce BYTEA NOT NULL,"
+ " aes_gcm_tag BYTEA NOT NULL,"
+ " encrypted_truth BYTEA NOT NULL,"
+ " truth_hash BYTEA NOT NULL
CHECK(length(truth_hash)=64),"
+ " truth_mime VARCHAR,"
+ " expiration TIMESTAMP NOT NULL"
");"),
GNUNET_PQ_make_execute ("CREATE TABLE IF NOT EXISTS anastasis_user"
"( user_id BYTEA PRIMARY KEY
CHECK(LENGTH(user_id)=32),"
@@ -1107,13 +1135,17 @@ libanastasis_plugin_db_postgres_init (void *cls)
GNUNET_PQ_make_prepare ("truth_insert",
"INSERT INTO anastasis_truth "
"(truth_id"
- ",truth"
- ",mime_type"
- ",key_share"
+ ",key_share_data"
+ ",method"
+ ",nonce"
+ ",aes_gcm_tag"
+ ",truth_hash"
+ ",encrypted_truth"
+ ",truth_mime"
",expiration"
") VALUES "
- "($1, $2, $3, $4, $5);",
- 5),
+ "($1, $2, $3, $4, $5, $6, $7, $8, $9);",
+ 7),
GNUNET_PQ_make_prepare ("recovery_document_insert",
"INSERT INTO anastasis_recoverydocument "
"(user_id"
@@ -1126,8 +1158,15 @@ libanastasis_plugin_db_postgres_init (void *cls)
5),
GNUNET_PQ_make_prepare ("truth_select",
"SELECT "
- "truth,"
- "mime_type"
+ "truth_id"
+ ",key_share_data"
+ ",method"
+ ",nonce"
+ ",aes_gcm_tag"
+ ",truth_hash"
+ ",encrypted_truth"
+ ",truth_mime"
+ ",expiration"
" FROM anastasis_truth"
" WHERE truth_id =$1;",
1),
@@ -1176,7 +1215,7 @@ libanastasis_plugin_db_postgres_init (void *cls)
3),
GNUNET_PQ_make_prepare ("key_share_select",
"SELECT "
- "key_share "
+ "key_share_data "
"FROM "
"anastasis_truth "
"WHERE truth_id =$1;",
diff --git a/src/stasis/test_anastasis_db.c b/src/stasis/test_anastasis_db.c
index c168f2c..a394c16 100644
--- a/src/stasis/test_anastasis_db.c
+++ b/src/stasis/test_anastasis_db.c
@@ -81,6 +81,11 @@ struct ANASTASIS_AccountSignatureP res_account_sig;
*/
struct GNUNET_HashCode recoveryDataHash;
+/**
+ * Hash of the truth to be uploaded
+ */
+struct GNUNET_HashCode truthDataHash;
+
/**
* Hash of the current recovery document
*/
@@ -136,6 +141,11 @@ static char *mime_type;
*/
static char *res_mime_type;
+/**
+ * Method
+ */
+static char *method;
+
/**
* Version of a Recoverydocument
*/
@@ -198,6 +208,10 @@ run (void *cls)
sizeof (recovery_data),
&recoveryDataHash);
+ GNUNET_CRYPTO_hash ("key_share_data",
+ sizeof ("key_share_data"),
+ &truthDataHash);
+
purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose));
purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
GNUNET_CRYPTO_eddsa_sign (&accountPrivP.priv,
@@ -213,11 +227,21 @@ run (void *cls)
key_share = &key_val;
RND_BLK (key_share);
+ unsigned char aes_gcm_tag[16];
+ RND_BLK (&aes_gcm_tag);
+
+ unsigned char *res_aes_gcm_tag;
+ uint32_t *res_nonce;
+
post_counter = 2;
mime_type = "Picture";
TALER_string_to_amount ("EUR:30",&amount);
uuid_t uuid;
uuid_generate (uuid);
+
+ uint32_t nonce;
+ RND_BLK (&nonce);
+
struct GNUNET_TIME_Relative rel_time;
rel_time = GNUNET_TIME_UNIT_MONTHS;
@@ -240,11 +264,15 @@ run (void *cls)
FAILIF (ANASTASIS_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->store_truth (plugin->cls,
&uuid,
- truth_data,
- sizeof (&truth_data),
+ "key_share_data",
+ sizeof ("key_share_data"),
mime_type,
- key_share,
- sizeof (&key_share),
+ "encrypted_truth",
+ sizeof ("encrypted_truth"),
+ &truthDataHash,
+ aes_gcm_tag,
+ &nonce,
+ "Methode",
rel_time));
FAILIF (ANASTASIS_DB_STATUS_SUCCESS_ONE_RESULT !=
@@ -262,7 +290,10 @@ run (void *cls)
&uuid,
&truth,
&truthsize,
- &res_mime_type));
+ &res_aes_gcm_tag,
+ &res_nonce,
+ &res_mime_type,
+ &method));
FAILIF (ANASTASIS_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->get_key_share (plugin->cls,
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [taler-anastasis] branch master updated (62e9415 -> 673a9dc),
gnunet <=
- [taler-anastasis] 01/10: Added testing command for policy lookup, gnunet, 2020/01/15
- [taler-anastasis] 08/10: Worked on uploading truth, gnunet, 2020/01/15
- [taler-anastasis] 10/10: Merged, gnunet, 2020/01/15
- [taler-anastasis] 03/10: Modified db table anastasis_truth, gnunet, 2020/01/15
- [taler-anastasis] 04/10: Worked on escrow challenge, gnunet, 2020/01/15
- [taler-anastasis] 09/10: Merged, gnunet, 2020/01/15
- [taler-anastasis] 05/10: Worked on escrow challenge, gnunet, 2020/01/15
- [taler-anastasis] 07/10: Worked on truth upload, gnunet, 2020/01/15
- [taler-anastasis] 06/10: Worked on escrow challenge, gnunet, 2020/01/15
- [taler-anastasis] 02/10: Worked on truth upload, gnunet, 2020/01/15