diff options
| author | Özgür Kesim <oec-taler@kesim.org> | 2023-07-18 13:34:27 +0200 | 
|---|---|---|
| committer | Özgür Kesim <oec-taler@kesim.org> | 2023-07-18 13:34:27 +0200 | 
| commit | 2eb3ff1f64f4eecb6f70c57c37469547757bc84b (patch) | |
| tree | b52024edbf08d230bbb71803a258a729447adbd8 /src | |
| parent | 2ca7ce1b89b54fc318ceb241cad0533a1e751043 (diff) | |
[age-withdraw] simplify lib-API
Diffstat (limited to 'src')
| -rw-r--r-- | src/include/taler_exchange_service.h | 94 | ||||
| -rw-r--r-- | src/lib/exchange_api_age_withdraw.c | 86 | ||||
| -rw-r--r-- | src/lib/exchange_api_age_withdraw_reveal.c | 109 | ||||
| -rw-r--r-- | src/lib/notizen.md | 236 | 
4 files changed, 337 insertions, 188 deletions
| diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index 1902eb29..32c5cc41 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -2670,7 +2670,7 @@ struct TALER_EXCHANGE_AgeWithdrawCoinInput     * The master secret from which we derive all other relevant values for     * the coin: private key, nonces (if applicable) and age restriction     */ -  const struct TALER_PlanchetMasterSecretP secrets[TALER_CNC_KAPPA]; +  struct TALER_PlanchetMasterSecretP secrets[TALER_CNC_KAPPA];    /**     * The denomination of the coin.  Must support age restriction, i.e @@ -2679,6 +2679,42 @@ struct TALER_EXCHANGE_AgeWithdrawCoinInput    const struct TALER_EXCHANGE_DenomPublicKey *denom_pub;  }; + +/** + * All the details about a coin that are generated during age-withdrawal and + * that may be needed for future operations on the coin. + */ +struct TALER_EXCHANGE_AgeWithdrawCoinPrivateDetails +{ +  /** +   * Private key of the coin. +   */ +  struct TALER_CoinSpendPrivateKeyP coin_priv; + +  /** +   * Value used to blind the key for the signature. +   * Needed for recoup operations. +   */ +  union TALER_DenominationBlindingKeyP blinding_key; + +  /** +   * The age commitment, proof for the coin, derived from the +   * Master secret and maximum age in the originating request +   */ +  struct TALER_AgeCommitmentProof age_commitment_proof; + +  /** +   * The hash of the age commitment +   */ +  struct TALER_AgeCommitmentHash h_age_commitment; + +  /** +   * Values contributed from the exchange during the +   * withdraw protocol. +   */ +  struct TALER_ExchangeWithdrawValues alg_values; +}; +  /**   * @brief A handle to a /reserves/$RESERVE_PUB/age-withdraw request   */ @@ -2705,39 +2741,38 @@ struct TALER_EXCHANGE_AgeWithdrawResponse      struct      {        /** -       * Index that should not be revealed during the age-withdraw reveal phase. -       * The struct TALER_PlanchetMasterSecretP * from the request -       * with this index are the ones to keep. +       * Index that should not be revealed during the age-withdraw reveal +       * phase.         */        uint8_t noreveal_index;        /** -       * The commitment of the call to /age-withdraw +       * The commitment of the age-withdraw request, needed for the +       * subsequent call to /age-withdraw/$ACH/reveal         */        struct TALER_AgeWithdrawCommitmentHashP h_commitment;        /** -       * The algorithm specific values (for CS) need for the coins that were -       * retrieved from /csr-withdraw. +       * The number of elements in @e coins, each referring to +       * TALER_CNC_KAPPA elements         */ -      struct TALER_ExchangeWithdrawValues *alg_values; +      size_t num_coins;        /** -       * Number of elements in @e alg_values, same as number coin candidates.from -       * the request. +       * The computed details of the non-revealed @e num_coins coins to keep.         */ -      size_t num_alg_values; +      const struct TALER_EXCHANGE_AgeWithdrawCoinPrivateDetails *coins;        /** -       * Signature of the exchange over the origina TALER_AgeWithdrawRequestPS +       * The array of blinded hashes of the non-revealed +       * (kappa - 1)*@e num_coins coins, needed for the reveal step;         */ -      struct TALER_ExchangeSignatureP exchange_sig; +      const struct TALER_BlindedCoinHashP *blinded_coin_hs;        /** -       * Key used by the exchange for @e exchange_sig +       * Key used by the exchange to sign the response.         */        struct TALER_ExchangePublicKeyP exchange_pub; -      } ok;    } details;  }; @@ -2809,7 +2844,6 @@ struct TALER_EXCHANGE_AgeWithdrawBlindedInput     * Blinded Planchets     */    struct TALER_PlanchetDetail planchet_details[TALER_CNC_KAPPA]; -  };  /** @@ -2840,19 +2874,16 @@ struct TALER_EXCHANGE_AgeWithdrawBlindedResponse        uint8_t noreveal_index;        /** -       * The commitment of the call to /age-withdraw +       * The commitment of the call to age-withdraw, needed for the subsequent +       * call to /age-withdraw/$ACH/reveal.         */        struct TALER_AgeWithdrawCommitmentHashP h_commitment;        /** -       * Signature of the exchange over the origina TALER_AgeWithdrawRequestPS -       */ -      struct TALER_ExchangeSignatureP exchange_sig; - -      /** -       * Key used by the exchange for @e exchange_sig +       * Key used by the exchange to sign the response.         */        struct TALER_ExchangePublicKeyP exchange_pub; +      } ok;    } details; @@ -2964,12 +2995,12 @@ struct TALER_EXCHANGE_AgeWithdrawRevealResponse        unsigned int num_coins;        /** -       * Array of @e num_coins values about the coins obtained via the reveal -       * operation.  The array give these coins in the same order (and should -       * have the same length) in which the original age-withdraw request -       * specified the respective denomination keys. +       * Array of @e num_coins blinded denomination signatures, giving each +       * coin its value and validity. The array give these coins in the same +       * order (and should have the same length) in which the original +       * age-withdraw request specified the respective denomination keys.         */ -      const struct TALER_EXCHANGE_RevealedCoinInfo *revealed_coins; +      const struct TALER_BlindedDenominationSignature *denom_sigs;      } ok;    } details; @@ -2994,10 +3025,8 @@ typedef void   * @param exchange_url The base url of the exchange   * @param num_coins The number of elements in @e coin_inputs and @e alg_values   * @param coin_inputs The input for the coins to withdraw, same as in the previous call to /age-withdraw - * @param alg_values The algorithm specific parameters per coin, from the result to the previous call to /age-withdraw   * @param noreveal_index The index into each of the kappa coin candidates, that should not be revealed to the exchange   * @param h_commitment The commmitment from the previous call to /age-withdraw - * @param max_age maximum age, as used in the to /age-withdraw   * @param res_cb A callback for the result, maybe NULL   * @param res_cb_cls A closure for @e res_cb, maybe NULL   * @return a handle for this request; NULL if the argument was invalid. @@ -3010,10 +3039,8 @@ TALER_EXCHANGE_age_withdraw_reveal (    size_t num_coins,    const struct TALER_EXCHANGE_AgeWithdrawCoinInput coin_inputs[static                                                                 num_coins], -  const struct TALER_ExchangeWithdrawValues alg_values[static num_coins],    uint8_t noreveal_index,    const struct TALER_AgeWithdrawCommitmentHashP *h_commitment, -  uint8_t max_age,    TALER_EXCHANGE_AgeWithdrawRevealCallback res_cb,    void *res_cb_cls); @@ -3034,7 +3061,8 @@ TALER_EXCHANGE_age_withdraw_reveal_cancel (  /**   * Information needed to melt (partially spent) coins to obtain fresh coins   * that are unlinkable to the original coin(s).  Note that melting more than - * one coin in a single request will make those coins linkable, so we only melt one coin at a time. + * one coin in a single request will make those coins linkable, so we only melt + * one coin at a time.   */  struct TALER_EXCHANGE_RefreshData  { diff --git a/src/lib/exchange_api_age_withdraw.c b/src/lib/exchange_api_age_withdraw.c index b5da232e..4bbbe5a4 100644 --- a/src/lib/exchange_api_age_withdraw.c +++ b/src/lib/exchange_api_age_withdraw.c @@ -47,30 +47,9 @@ struct CoinCandidate    struct TALER_PlanchetMasterSecretP secret;    /** -   * Age commitment for the coin candidates, calculated from the @e ps and a -   * given maximum age +   * The details derived form the master secrets     */ -  struct TALER_AgeCommitmentProof age_commitment_proof; - -  /** -   * Age commitment for the coin. -   */ -  struct TALER_AgeCommitmentHash h_age_commitment; - -  /** -   *  blinding secret -   */ -  union TALER_DenominationBlindingKeyP blinding_key; - -  /** -   * Private key of the coin we are withdrawing. -   */ -  struct TALER_CoinSpendPrivateKeyP coin_priv; - -  /** -   * Values of the @cipher selected -   */ -  struct TALER_ExchangeWithdrawValues alg_values; +  struct TALER_EXCHANGE_AgeWithdrawCoinPrivateDetails details;    /**     * Hash of the public key of the coin we are signing. @@ -340,11 +319,12 @@ reserve_age_withdraw_ok (      .hr.http_status = MHD_HTTP_OK,      .details.ok.h_commitment = awbh->h_commitment    }; +  struct TALER_ExchangeSignatureP exchange_sig;    struct GNUNET_JSON_Specification spec[] = {      GNUNET_JSON_spec_uint8 ("noreaveal_index",                              &response.details.ok.noreveal_index),      GNUNET_JSON_spec_fixed_auto ("exchange_sig", -                                 &response.details.ok.exchange_sig), +                                 &exchange_sig),      GNUNET_JSON_spec_fixed_auto ("exchange_pub",                                   &response.details.ok.exchange_pub)    }; @@ -363,7 +343,7 @@ reserve_age_withdraw_ok (          &awbh->h_commitment,          response.details.ok.noreveal_index,          &response.details.ok.exchange_pub, -        &response.details.ok.exchange_sig)) +        &exchange_sig))    {      GNUNET_break_op (0);      return GNUNET_SYSERR; @@ -785,21 +765,25 @@ copy_results (  {    struct TALER_EXCHANGE_AgeWithdrawHandle *awh = cls;    uint8_t idx =  awbr->details.ok.noreveal_index; -  struct TALER_ExchangeWithdrawValues alg_values[awh->num_coins]; +  struct TALER_EXCHANGE_AgeWithdrawCoinPrivateDetails coins[awh->num_coins]; +  struct TALER_BlindedCoinHashP blinded_coin_hs[awh->num_coins];    struct TALER_EXCHANGE_AgeWithdrawResponse resp = {      .hr = awbr->hr,      .details = {        .ok = { .noreveal_index = awbr->details.ok.noreveal_index,                .h_commitment = awbr->details.ok.h_commitment,                .exchange_pub = awbr->details.ok.exchange_pub, -              .exchange_sig = awbr->details.ok.exchange_sig, -              .num_alg_values = awh->num_coins, -              .alg_values = alg_values}, +              .num_coins = awh->num_coins, +              .coins = coins, +              .blinded_coin_hs = blinded_coin_hs},      },    };    for (size_t n = 0; n< awh->num_coins; n++) -    alg_values[n] = awh->coin_data[n].coin_candidates[idx].alg_values; +  { +    coins[n] = awh->coin_data[n].coin_candidates[idx].details; +    blinded_coin_hs[n] = awh->coin_data[n].coin_candidates[idx].blinded_coin_h; +  }    awh->callback (awh->callback_cls,                   &resp); @@ -915,22 +899,22 @@ csr_withdraw_done (      {        bool success = false;        /* Complete the initialization of the coin with CS denomination */ -      can->alg_values = csrr->details.ok.alg_values; +      can->details.alg_values = csrr->details.ok.alg_values;        TALER_planchet_setup_coin_priv (&can->secret, -                                      &can->alg_values, -                                      &can->coin_priv); +                                      &can->details.alg_values, +                                      &can->details.coin_priv);        TALER_planchet_blinding_secret_create (&can->secret, -                                             &can->alg_values, -                                             &can->blinding_key); +                                             &can->details.alg_values, +                                             &can->details.blinding_key);        /* This initializes the 2nd half of the           can->planchet_detail.blinded_planchet! */        do {          if (GNUNET_OK !=              TALER_planchet_prepare (&csr->denom_pub->key, -                                    &can->alg_values, -                                    &can->blinding_key, -                                    &can->coin_priv, -                                    &can->h_age_commitment, +                                    &can->details.alg_values, +                                    &can->details.blinding_key, +                                    &can->details.coin_priv, +                                    &can->details.h_age_commitment,                                      &can->h_coin_pub,                                      planchet))          { @@ -1029,28 +1013,28 @@ prepare_coins (                   &can->secret,                   &input->denom_pub->key.age_mask,                   awh->max_age, -                 &can->age_commitment_proof)); +                 &can->details.age_commitment_proof)); -      TALER_age_commitment_hash (&can->age_commitment_proof.commitment, -                                 &can->h_age_commitment); +      TALER_age_commitment_hash (&can->details.age_commitment_proof.commitment, +                                 &can->details.h_age_commitment);        switch (input->denom_pub->key.cipher)        {        case TALER_DENOMINATION_RSA:          { -          can->alg_values.cipher = TALER_DENOMINATION_RSA; +          can->details.alg_values.cipher = TALER_DENOMINATION_RSA;            TALER_planchet_setup_coin_priv (&can->secret, -                                          &can->alg_values, -                                          &can->coin_priv); +                                          &can->details.alg_values, +                                          &can->details.coin_priv);            TALER_planchet_blinding_secret_create (&can->secret, -                                                 &can->alg_values, -                                                 &can->blinding_key); +                                                 &can->details.alg_values, +                                                 &can->details.blinding_key);            FAIL_IF (GNUNET_OK !=                     TALER_planchet_prepare (&cd->denom_pub.key, -                                           &can->alg_values, -                                           &can->blinding_key, -                                           &can->coin_priv, -                                           &can->h_age_commitment, +                                           &can->details.alg_values, +                                           &can->details.blinding_key, +                                           &can->details.coin_priv, +                                           &can->details.h_age_commitment,                                             &can->h_coin_pub,                                             planchet));            FAIL_IF (GNUNET_OK != diff --git a/src/lib/exchange_api_age_withdraw_reveal.c b/src/lib/exchange_api_age_withdraw_reveal.c index fcb551a9..df6f9198 100644 --- a/src/lib/exchange_api_age_withdraw_reveal.c +++ b/src/lib/exchange_api_age_withdraw_reveal.c @@ -47,19 +47,12 @@ struct TALER_EXCHANGE_AgeWithdrawRevealHandle    /* The age-withdraw commitment */    struct TALER_AgeWithdrawCommitmentHashP h_commitment; -  /* The maximum age */ -  uint8_t max_age; -    /* Number of coins */    size_t num_coins;    /* The @e num_coins * kappa coin secrets from the age-withdraw commitment */    const struct TALER_EXCHANGE_AgeWithdrawCoinInput *coins_input; -  /* The @e num_coins algorithm- and coin-specific parameters from the -   * previous call to /age-withdraw. */ -  const struct TALER_ExchangeWithdrawValues *alg_values; -    /* The url for the reveal request */    const char *request_url; @@ -81,82 +74,6 @@ struct TALER_EXCHANGE_AgeWithdrawRevealHandle  }; -static enum GNUNET_GenericReturnValue -reveal_coin ( -  const struct TALER_PlanchetMasterSecretP *secret, -  const struct TALER_DenominationPublicKey *denom_pub, -  const struct TALER_ExchangeWithdrawValues *alg_values, -  const struct TALER_BlindedDenominationSignature *blind_sig, -  uint8_t max_age, -  struct TALER_EXCHANGE_RevealedCoinInfo *revealed_coin) -{ -  enum GNUNET_GenericReturnValue ret = GNUNET_SYSERR; - -#define BREAK_ON_FAILURE(call) \ -  do { \ -    if (GNUNET_OK != (call)) { GNUNET_break (0); break; } \ -  } while(0) - -  do { -    struct TALER_CoinPubHashP h_coin_pub; -    struct TALER_PlanchetDetail planchet_detail; -    const struct TALER_AgeCommitmentHash *hac = NULL; -    struct TALER_FreshCoin fresh_coin; - -    TALER_planchet_setup_coin_priv (secret, -                                    alg_values, -                                    &revealed_coin->coin_priv); - -    TALER_planchet_blinding_secret_create (secret, -                                           alg_values, -                                           &revealed_coin->bks); - -    revealed_coin->age_commitment_proof = NULL; -    if (0 < max_age) -    { -      BREAK_ON_FAILURE ( -        TALER_age_restriction_from_secret ( -          secret, -          &denom_pub->age_mask, -          max_age, -          revealed_coin->age_commitment_proof)); - -      TALER_age_commitment_hash ( -        &revealed_coin->age_commitment_proof->commitment, -        &revealed_coin->h_age_commitment); - -      hac = &revealed_coin->h_age_commitment; -    } - -    BREAK_ON_FAILURE ( -      TALER_planchet_prepare (denom_pub, -                              alg_values, -                              &revealed_coin->bks, -                              &revealed_coin->coin_priv, -                              hac, -                              &h_coin_pub, -                              &planchet_detail)); - -    BREAK_ON_FAILURE ( -      TALER_planchet_to_coin (denom_pub, -                              blind_sig, -                              &revealed_coin->bks, -                              &revealed_coin->coin_priv, -                              &revealed_coin->h_age_commitment, -                              &h_coin_pub, -                              alg_values, -                              &fresh_coin)); - -    /* success */ -    revealed_coin->sig = fresh_coin.sig; -    ret = GNUNET_OK; -  } while(0); - -  return ret; -#undef BREAK_ON_FAILURE -} - -  /**   * We got a 200 OK response for the /age-withdraw/$ACH/reveal operation.   * Extract the signed blindedcoins and return it to the caller. @@ -197,16 +114,14 @@ age_withdraw_reveal_ok (    }    { -    struct TALER_EXCHANGE_RevealedCoinInfo revealed_coins[awrh->num_coins]; +    struct TALER_BlindedDenominationSignature denom_sigs[awrh->num_coins];      /* Reconstruct the coins and unblind the signatures */      for (size_t n = 0; n < awrh->num_coins; n++)      { -      enum GNUNET_GenericReturnValue ret; -      struct TALER_BlindedDenominationSignature blinded_sig;        json_t *j_sig = json_array_get (j_sigs, n);        struct GNUNET_JSON_Specification spec[] = { -        GNUNET_JSON_spec_fixed_auto ("", &blinded_sig), +        GNUNET_JSON_spec_fixed_auto ("", &denom_sigs[n]),          GNUNET_JSON_spec_end ()        }; @@ -218,19 +133,10 @@ age_withdraw_reveal_ok (          GNUNET_break_op (0);          return GNUNET_SYSERR;        } -      ret = reveal_coin (&awrh->coins_input[n].secrets[awrh->noreveal_index], -                         &awrh->coins_input[n].denom_pub->key, -                         &awrh->alg_values[n], -                         &blinded_sig, -                         awrh->max_age, -                         &revealed_coins[n]); - -      if (GNUNET_OK != ret) -        return ret;      }      response.details.ok.num_coins = awrh->num_coins; -    response.details.ok.revealed_coins = revealed_coins; +    response.details.ok.denom_sigs = denom_sigs;      awrh->callback (awrh->callback_cls,                      &response);      /* Make sure the callback isn't called again */ @@ -510,24 +416,19 @@ TALER_EXCHANGE_age_withdraw_reveal (    size_t num_coins,    const struct TALER_EXCHANGE_AgeWithdrawCoinInput coins_input[static                                                                 num_coins], -  const struct TALER_ExchangeWithdrawValues alg_values[static num_coins],    uint8_t noreveal_index,    const struct TALER_AgeWithdrawCommitmentHashP *h_commitment, -  uint8_t max_age,    TALER_EXCHANGE_AgeWithdrawRevealCallback reveal_cb,    void *reveal_cb_cls)  {    struct TALER_EXCHANGE_AgeWithdrawRevealHandle *awrh =      GNUNET_new (struct TALER_EXCHANGE_AgeWithdrawRevealHandle);    awrh->noreveal_index = noreveal_index; -  awrh->callback = reveal_cb; -  awrh->callback_cls = reveal_cb_cls;    awrh->h_commitment = *h_commitment;    awrh->num_coins = num_coins;    awrh->coins_input = coins_input; -  awrh->alg_values = alg_values; -  awrh->max_age = max_age; - +  awrh->callback = reveal_cb; +  awrh->callback_cls = reveal_cb_cls;    if (GNUNET_OK !=        prepare_url (exchange_url, diff --git a/src/lib/notizen.md b/src/lib/notizen.md new file mode 100644 index 00000000..835fad9e --- /dev/null +++ b/src/lib/notizen.md @@ -0,0 +1,236 @@ +# Notes re: planchets and blinding + +## `TALER_denom_blind()` + +``` +Blind coin for blind signing with @a dk using blinding secret @a coin_bks. +``` + +- `@param[out] c_hash resulting hashed coin` +- `@param[out] blinded_planchet planchet data to initialize` + +## `TALER_planchet_prepare()` + +Prepare a planchet for withdrawal.  Creates and blinds a coin. + +- calls `TALER_denom_blind()!` +- `@param[out] c_hash set to the hash of the public key of the coin (needed later)` +- `@param[out] pd set to the planchet detail for TALER_MERCHANT_tip_pickup() and other withdraw operations, pd->blinded_planchet.cipher will be set to cipher from @a dk` + + +## `TALER_coin_ev_hash` + +Compute the hash of a blinded coin. + +- `@param blinded_planchet blinded planchet` +- `@param denom_hash hash of the denomination publick key` +- `@param[out] bch where to write the hash, type struct TALER_BlindedCoinHashP` + +**Where is this called!?** + +``` +taler-exchange-httpd_refreshes_reveal.c +605:    TALER_coin_ev_hash (&rrc->blinded_planchet, + +taler-exchange-httpd_recoup.c +290:        TALER_coin_ev_hash (&blinded_planchet, + +taler-exchange-httpd_withdraw.c +581:      TALER_coin_ev_hash (&wc.blinded_planchet, + +taler-exchange-httpd_age-withdraw_reveal.c +350:    ret = TALER_coin_ev_hash (&detail.blinded_planchet, + +taler-exchange-httpd_recoup-refresh.c +284:    TALER_coin_ev_hash (&blinded_planchet, + +taler-exchange-httpd_age-withdraw.c +279:      ret = TALER_coin_ev_hash (&awc->coin_evs[c], +884:    TALER_coin_ev_hash (&awc->coin_evs[i], + +taler-exchange-httpd_batch-withdraw.c +832:        TALER_coin_ev_hash (&pc->blinded_planchet, +``` + + +## `TALER_coin_pub_hash` + +Compute the hash of a coin. + +- `@param coin_pub public key of the coin` +- `@param age_commitment_hash hash of the age commitment vector. NULL, if no age commitment was set` +- `@param[out] coin_h where to write the hash` + +**Where is this called!?** + +### In `lib/crypto.c`, function `TALER_test_coin_valid`. + +``` +Check if a coin is valid; that is, whether the denomination key +exists, is not expired, and the signature is correct. + +@param coin_public_info the coin public info to check for validity +@param denom_pub denomination key, must match @a coin_public_info's `denom_pub_hash` +@return #GNUNET_YES if the coin is valid, +        #GNUNET_NO if it is invalid +        #GNUNET_SYSERR if an internal error occurred +``` + +It then calls `TALER_denom_pub_verify` on the result of `TALER_coin_pub_hash` and the signature + + +### In `util/denom.c`, function `TALER_denom_blind` + +## `TALER_EXCHANGE_batch_withdraw` vs `TALER_EXCHANGE_batch_withdraw2` + +### `TALER_EXCHANGE_batch_withdraw` + +``` +/** + * Withdraw multiple coins from the exchange using a /reserves/$RESERVE_PUB/batch-withdraw + * request.  This API is typically used by a wallet to withdraw many coins from a + * reserve. + * + * Note that to ensure that no money is lost in case of hardware + * failures, the caller must have committed (most of) the arguments to + * disk before calling, and be ready to repeat the request with the + * same arguments in case of failures. + * + * @param curl_ctx The curl context to use + * @param exchange_url The base-URL of the exchange + * @param keys The /keys material from the exchange + * @param reserve_priv private key of the reserve to withdraw from + * @param wci_length number of entries in @a wcis + * @param wcis inputs that determine the planchets + * @param res_cb the callback to call when the final result for this request is available + * @param res_cb_cls closure for @a res_cb + * @return NULL + *         if the inputs are invalid (i.e. denomination key not with this exchange). + *         In this case, the callback is not called. + */ +struct TALER_EXCHANGE_BatchWithdrawHandle * +TALER_EXCHANGE_batch_withdraw ( +  struct GNUNET_CURL_Context *curl_ctx, +  const char *exchange_url, +  const struct TALER_EXCHANGE_Keys *keys, +  const struct TALER_ReservePrivateKeyP *reserve_priv, +  unsigned int wci_length, +  const struct TALER_EXCHANGE_WithdrawCoinInput wcis[static wci_length], +  TALER_EXCHANGE_BatchWithdrawCallback res_cb, +  void *res_cb_cls); +``` + +### `TALER_EXCHANGE_batch_withdraw2` + +``` +/** + * Withdraw a coin from the exchange using a /reserves/$RESERVE_PUB/batch-withdraw + * request.  This API is typically used by a merchant to withdraw a tip + * where the blinding factor is unknown to the merchant. + * + * Note that to ensure that no money is lost in case of hardware + * failures, the caller must have committed (most of) the arguments to + * disk before calling, and be ready to repeat the request with the + * same arguments in case of failures. + * + * @param curl_ctx The curl context to use + * @param exchange_url The base-URL of the exchange + * @param keys The /keys material from the exchange + * @param pds array of planchet details of the planchet to withdraw + * @param pds_length number of entries in the @a pds array + * @param reserve_priv private key of the reserve to withdraw from + * @param res_cb the callback to call when the final result for this request is available + * @param res_cb_cls closure for @a res_cb + * @return NULL + *         if the inputs are invalid (i.e. denomination key not with this exchange). + *         In this case, the callback is not called. + */ +struct TALER_EXCHANGE_BatchWithdraw2Handle * +TALER_EXCHANGE_batch_withdraw2 ( +  struct GNUNET_CURL_Context *curl_ctx, +  const char *exchange_url, +  const struct TALER_EXCHANGE_Keys *keys, +  const struct TALER_ReservePrivateKeyP *reserve_priv, +  unsigned int pds_length, +  const struct TALER_PlanchetDetail pds[static pds_length], +  TALER_EXCHANGE_BatchWithdraw2Callback res_cb, +  void *res_cb_cls); +``` + +### Differences + +| batch_withdraw                     | batch_withdraw2        | +|------------------------------------|------------------------| +| `TALER_EXCHANGE_WithdrawCoinInput` | `TALER_PlanchetDetail` | + + +``` +struct TALER_EXCHANGE_WithdrawCoinInput +{ +  /** +   * Denomination of the coin. +   */ +  const struct TALER_EXCHANGE_DenomPublicKey *pk; + +  /** +   * Master key material for the coin. +   */ +  const struct TALER_PlanchetMasterSecretP *ps; + +  /** +   * Age commitment for the coin. +   */ +  const struct TALER_AgeCommitmentHash *ach; + +}; +``` + + +``` +struct TALER_PlanchetDetail +{ +  /** +   * Hash of the denomination public key. +   */ +  struct TALER_DenominationHashP denom_pub_hash; + +  /** +   * The blinded planchet +   */ +  struct TALER_BlindedPlanchet { +      /** +       * Type of the sign blinded message +       */ +      enum TALER_DenominationCipher cipher; + +      /** +       * Details, depending on @e cipher. +       */ +      union +      { +        /** +         * If we use #TALER_DENOMINATION_CS in @a cipher. +         */ +        struct TALER_BlindedCsPlanchet cs_blinded_planchet; + +        /** +         * If we use #TALER_DENOMINATION_RSA in @a cipher. +         */ +        struct TALER_BlindedRsaPlanchet rsa_blinded_planchet; + +      } details; +  } blinded_planchet; +}; + +``` + + + +## TODOs + +### Update documentation + +- [x] batch-withdraw needs error code for AgeRestrictionRequired +- [x] withdraw needs error code for AgeRestrictionRequired + + | 
