gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-exchange] 54/124: move ID computation into libtalerutil

From: gnunet
Subject: [taler-exchange] 54/124: move ID computation into libtalerutil
Date: Tue, 17 Sep 2024 21:27:46 +0200 
This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to tag cg-aml-branch-compiles
in repository exchange.

commit bd1ed526b310d1d8355ebc6edd4d224a004812b6
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Jun 4 14:59:22 2024 +0200

    move ID computation into libtalerutil
---
 src/include/taler_crypto_lib.h | 32 ++++++++++++++++++++++++++++++++
 src/kyclogic/kyclogic_api.c    | 28 ++++++++--------------------
 src/util/crypto.c              | 25 +++++++++++++++++++++++++
 3 files changed, 65 insertions(+), 20 deletions(-)

diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index f410605a5..4238479a4 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -1272,6 +1272,20 @@ struct TALER_AgeCommitmentHash
   struct GNUNET_ShortHashCode shash;
 };
 
+/**
+ * @brief KYC measure authorization hash.
+ * Hashes over the AccountAccessToken, the
+ * row ID and the offset. Used in the
+ * ID of /kyc-upload/ and /kyc-start/.
+ */
+struct TALER_KycMeasureAuthorizationHash
+{
+  /**
+   * The hash is a SHA-256 hash code.
+   */
+  struct GNUNET_ShortHashCode shash;
+};
+
 /**
  * @brief Signature of an age with the private key for the corresponding age 
group of an age commitment.
  */
@@ -1795,6 +1809,24 @@ TALER_coin_pub_hash (const struct 
TALER_CoinSpendPublicKeyP *coin_pub,
                      struct TALER_CoinPubHashP *coin_h);
 
 
+/**
+ * Hashes the @a access_token, @a row and @a offset
+ * to compute an authorization hash used in the
+ * /kyc-upload/ and /kyc-start/ endpoints.
+ *
+ * @param access_token the access token
+ * @param row the database row
+ * @param offset the offset of the measure in the array
+ * @param[out] mah set to the hash
+ */
+void
+TALER_kyc_measure_authorization_hash (
+  const struct TALER_AccountAccessTokenP *access_token,
+  uint64_t row,
+  uint32_t offset,
+  struct TALER_KycMeasureAuthorizationHash *mah);
+
+
 /**
  * Compute the hash of a payto URI.
  *
diff --git a/src/kyclogic/kyclogic_api.c b/src/kyclogic/kyclogic_api.c
index c4faead6c..19b02c899 100644
--- a/src/kyclogic/kyclogic_api.c
+++ b/src/kyclogic/kyclogic_api.c
@@ -2117,35 +2117,21 @@ TALER_KYCLOGIC_measure_to_requirement (
 {
   struct TALER_KYCLOGIC_KycCheck *kc;
   json_t *kri;
-  struct GNUNET_ShortHashCode shv;
-  uint64_t be = GNUNET_htonll (row_id);
-  uint32_t be32 = htonl ((uint32_t) offset);
+  struct TALER_KycMeasureAuthorizationHash shv;
   char *ids;
   char *xids;
 
-  GNUNET_assert (offset <= UINT_MAX);
-  GNUNET_assert (offset <= UINT32_MAX);
   kc = find_check (check_name);
   if (NULL == kc)
   {
     GNUNET_break (0);
     return NULL;
   }
-  /* FIXME: should be moved to someplace
-     in util/crypto as the $ID-handlers
-     need exactly the same computation! */
-  GNUNET_assert (
-    GNUNET_YES ==
-    GNUNET_CRYPTO_kdf (&shv,
-                       sizeof (shv),
-                       &be,
-                       sizeof (be),
-                       access_token,
-                       sizeof (*access_token),
-                       &be32,
-                       sizeof (be32),
-                       NULL,
-                       0));
+  GNUNET_assert (offset <= UINT32_MAX);
+  TALER_kyc_measure_authorization_hash (access_token,
+                                        row_id,
+                                        (uint32_t) offset,
+                                        &shv);
   switch (kc->type)
   {
   case TALER_KYCLOGIC_CT_INFO:
@@ -2157,6 +2143,7 @@ TALER_KYCLOGIC_measure_to_requirement (
       GNUNET_JSON_pack_object_incref ("description_i18n",
                                       (json_t *) kc->description_i18n));
   case TALER_KYCLOGIC_CT_FORM:
+    GNUNET_assert (offset <= UINT_MAX);
     ids = GNUNET_STRINGS_data_to_string_alloc (&shv,
                                                sizeof (shv));
     GNUNET_asprintf (&xids,
@@ -2177,6 +2164,7 @@ TALER_KYCLOGIC_measure_to_requirement (
     GNUNET_free (xids);
     return kri;
   case TALER_KYCLOGIC_CT_LINK:
+    GNUNET_assert (offset <= UINT_MAX);
     ids = GNUNET_STRINGS_data_to_string_alloc (&shv,
                                                sizeof (shv));
     GNUNET_asprintf (&xids,
diff --git a/src/util/crypto.c b/src/util/crypto.c
index 4735af3b0..be361ea31 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -541,4 +541,29 @@ TALER_denomination_group_get_key (
 }
 
 
+void
+TALER_kyc_measure_authorization_hash (
+  const struct TALER_AccountAccessTokenP *access_token,
+  uint64_t row,
+  uint32_t offset,
+  struct TALER_KycMeasureAuthorizationHash *mah)
+{
+  uint64_t be64 = GNUNET_htonll (row);
+  uint32_t be32 = htonl ((uint32_t) offset);
+
+  GNUNET_assert (
+    GNUNET_YES ==
+    GNUNET_CRYPTO_kdf (mah,
+                       sizeof (*mah),
+                       &be64,
+                       sizeof (be64),
+                       access_token,
+                       sizeof (*access_token),
+                       &be32,
+                       sizeof (be32),
+                       NULL,
+                       0));
+}
+
+
 /* end of crypto.c */

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]