diff options
24 files changed, 92 insertions, 303 deletions
diff --git a/src/auditor/report-lib.c b/src/auditor/report-lib.c index 481ee357..19a8ed7d 100644 --- a/src/auditor/report-lib.c +++ b/src/auditor/report-lib.c @@ -161,7 +161,7 @@ TALER_ARL_report (json_t *array, * * @param cls closure, NULL * @param denom_pub public key, sometimes NULL (!) - * @param issue issuing information with value, fees and other info about the denomination. + * @param validity issuing information with value, fees and other info about the denomination. */ static void add_denomination (void *cls, diff --git a/src/exchange-tools/taler-auditor-offline.c b/src/exchange-tools/taler-auditor-offline.c index 507dd744..7a354edf 100644 --- a/src/exchange-tools/taler-auditor-offline.c +++ b/src/exchange-tools/taler-auditor-offline.c @@ -461,7 +461,7 @@ upload_denomination_add (const char *exchange_url, /** - * Perform uploads based on the JSON in #io. + * Perform uploads based on the JSON in #out. * * @param exchange_url base URL of the exchange to use */ diff --git a/src/exchange-tools/taler-exchange-offline.c b/src/exchange-tools/taler-exchange-offline.c index 22153e66..abcd52f2 100644 --- a/src/exchange-tools/taler-exchange-offline.c +++ b/src/exchange-tools/taler-exchange-offline.c @@ -1624,7 +1624,7 @@ upload_keys (const char *exchange_url, /** - * Perform uploads based on the JSON in #io. + * Perform uploads based on the JSON in #out. * * @param exchange_url base URL of the exchange to use */ diff --git a/src/exchange/exchange.conf b/src/exchange/exchange.conf index 3abd8efd..f4bdc4ed 100644 --- a/src/exchange/exchange.conf +++ b/src/exchange/exchange.conf @@ -63,20 +63,8 @@ AGGREGATOR_IDLE_SLEEP_INTERVAL = 60 s # super fast.) WIREWATCH_IDLE_SLEEP_INTERVAL = 1 s -# how long is one signkey valid? -SIGNKEY_DURATION = 4 weeks - # how long are the signatures with the signkey valid? -LEGAL_DURATION = 2 years - -# how long do we generate denomination and signing keys -# ahead of time? -LOOKAHEAD_SIGN = 32 weeks 1 day - -# how long do we provide to clients denomination and signing keys -# ahead of time? -LOOKAHEAD_PROVIDE = 4 weeks 1 day - +SIGNKEY_LEGAL_DURATION = 2 years # Directory with our terms of service. # TERMS_DIR = diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c index e955cd95..87dd5467 100644 --- a/src/exchange/taler-exchange-httpd_keys.c +++ b/src/exchange/taler-exchange-httpd_keys.c @@ -147,7 +147,7 @@ struct HelperSignkey * State associated with the crypto helpers / security modules. * Created per-thread, but NOT updated when the #key_generation * is updated (instead constantly kept in sync whenever - * #TEH_get_key_state() is called). + * #TEH_keys_get_state() is called). */ struct HelperState { @@ -335,8 +335,8 @@ static pthread_key_t key_state; * Counter incremented whenever we have a reason to re-build the keys because * something external changed (in another thread). The counter is manipulated * using an atomic update, and thus to ensure that threads notice when it - * changes, the variable MUST be volatile. See #TEH_get_key_state() and - * #TEH_update_key_state() for uses of this variable. + * changes, the variable MUST be volatile. See #TEH_keys_get_state() and + * #TEH_keys_update_states() for uses of this variable. */ static volatile uint64_t key_generation; @@ -816,7 +816,7 @@ clear_denomination_cb (void *cls, * Free denomination key data. * * @param cls a `struct TEH_KeyStateHandle`, unused - * @param h_denom_pub hash of the denomination public key, unused + * @param pid the online signing key (type-disguised), unused * @param value a `struct SigningKey` to free * @return #GNUNET_OK (continue to iterate) */ @@ -1729,7 +1729,7 @@ TEH_keys_update_states () /** * Obtain the key state for the current thread. Should ONLY be used - * directly if @a management_only is true. Otherwise use #TEH_get_key_state(). + * directly if @a management_only is true. Otherwise use #TEH_keys_get_state(). * * @param management_only if we should NOT run 'finish_keys_response()' * because we only need the state for the /management/keys API @@ -1787,7 +1787,7 @@ get_key_state (bool management_only) struct TEH_KeyStateHandle * -TEH_get_key_state (void) +TEH_keys_get_state (void) { struct TEH_KeyStateHandle *ksh; @@ -1811,7 +1811,7 @@ TEH_keys_denomination_by_hash (const struct GNUNET_HashCode *h_denom_pub, { struct TEH_KeyStateHandle *ksh; - ksh = TEH_get_key_state (); + ksh = TEH_keys_get_state (); if (NULL == ksh) { *hc = MHD_HTTP_INTERNAL_SERVER_ERROR; @@ -1854,7 +1854,7 @@ TEH_keys_denomination_sign (const struct GNUNET_HashCode *h_denom_pub, struct TEH_KeyStateHandle *ksh; struct TALER_DenominationSignature none = { NULL }; - ksh = TEH_get_key_state (); + ksh = TEH_keys_get_state (); if (NULL == ksh) { *ec = TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING; @@ -1873,7 +1873,7 @@ TEH_keys_denomination_revoke (const struct GNUNET_HashCode *h_denom_pub) { struct TEH_KeyStateHandle *ksh; - ksh = TEH_get_key_state (); + ksh = TEH_keys_get_state (); if (NULL == ksh) { GNUNET_break (0); @@ -1893,7 +1893,7 @@ TEH_keys_exchange_sign_ ( { struct TEH_KeyStateHandle *ksh; - ksh = TEH_get_key_state (); + ksh = TEH_keys_get_state (); if (NULL == ksh) { /* This *can* happen if the exchange's crypto helper is not running @@ -1956,7 +1956,7 @@ TEH_keys_exchange_revoke (const struct TALER_ExchangePublicKeyP *exchange_pub) { struct TEH_KeyStateHandle *ksh; - ksh = TEH_get_key_state (); + ksh = TEH_keys_get_state (); if (NULL == ksh) { GNUNET_break (0); @@ -2037,7 +2037,7 @@ TEH_keys_get_handler (const struct TEH_RequestHandler *rh, struct TEH_KeyStateHandle *ksh; const struct KeysResponseData *krd; - ksh = TEH_get_key_state (); + ksh = TEH_keys_get_state (); if (NULL == ksh) { return suspend_request (connection); diff --git a/src/exchange/taler-exchange-httpd_keys.h b/src/exchange/taler-exchange-httpd_keys.h index 54dc8c73..3a72c1c2 100644 --- a/src/exchange/taler-exchange-httpd_keys.h +++ b/src/exchange/taler-exchange-httpd_keys.h @@ -101,13 +101,13 @@ struct TEH_KeyStateHandle; * state if we have reason to believe that something changed. * * The result is ONLY valid until the next call to - * #TEH_keys_denomination_by_hash() or #TEH_get_key_state() + * #TEH_keys_denomination_by_hash() or #TEH_keys_get_state() * or #TEH_keys_exchange_sign(). * * @return NULL on error */ struct TEH_KeyStateHandle * -TEH_get_key_state (void); +TEH_keys_get_state (void); /** @@ -117,7 +117,7 @@ TEH_get_key_state (void); * * (We do not do so immediately, but merely signal to all threads that they * need to rebuild their key state upon the next call to - * #TEH_get_key_state()). + * #TEH_keys_get_state()). */ void TEH_keys_update_states (void); @@ -128,7 +128,6 @@ TEH_keys_update_states (void); * must only be used in this thread and only until another key or * key state is resolved. * - * @param key_state state to look in * @param h_denom_pub hash of denomination public key * @param[out] ec set to the error code, in case the operation failed * @param[out] hc set to the HTTP status code to use @@ -145,9 +144,9 @@ TEH_keys_denomination_by_hash (const struct GNUNET_HashCode *h_denom_pub, * Look up the issue for a denom public key using a given @a ksh. This allows * requesting multiple denominations with the same @a ksh which thus will * remain valid until the next call to #TEH_keys_denomination_by_hash() or - * #TEH_get_key_state() or #TEH_keys_exchange_sign(). + * #TEH_keys_get_state() or #TEH_keys_exchange_sign(). * - * @param key_state state to look in + * @param ksh key state state to look in * @param h_denom_pub hash of denomination public key * @param[out] ec set to the error code, in case the operation failed * @param[out] hc set to the HTTP status code to use @@ -231,6 +230,7 @@ TEH_keys_exchange_sign_ ( * number of bytes of the data structure, including its header. Use * #TEH_keys_exchange_sign() instead of calling this function directly! * + * @param ksh key state state to look in * @param purpose the message to sign * @param[out] pub set to the current public signing key of the exchange * @param[out] sig signature over purpose using current signing key @@ -281,7 +281,7 @@ TEH_keys_exchange_sign2_ ( * * This allows requesting multiple denominations with the same @a ksh which * thus will remain valid until the next call to - * #TEH_keys_denomination_by_hash() or #TEH_get_key_state() or + * #TEH_keys_denomination_by_hash() or #TEH_keys_get_state() or * #TEH_keys_exchange_sign(). * * @param ksh key state to use diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c index 9533ad53..930de082 100644 --- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c +++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c @@ -548,7 +548,7 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection, struct TEH_KeyStateHandle *ksh; struct GNUNET_TIME_Absolute now; - ksh = TEH_get_key_state (); + ksh = TEH_keys_get_state (); if (NULL == ksh) { return TALER_MHD_reply_with_error (connection, diff --git a/src/exchange/taler-exchange-httpd_wire.h b/src/exchange/taler-exchange-httpd_wire.h index b07bfcfb..75094f5a 100644 --- a/src/exchange/taler-exchange-httpd_wire.h +++ b/src/exchange/taler-exchange-httpd_wire.h @@ -49,7 +49,7 @@ TEH_WIRE_done (void); * * (We do not do so immediately, but merely signal to all threads that they * need to rebuild their wire state upon the next call to - * #wire_get_state()). + * #TEH_handler_wire()). */ void TEH_wire_update_state (void); diff --git a/src/exchangedb/exchangedb.conf b/src/exchangedb/exchangedb.conf index 6853b8d1..77748bf5 100644 --- a/src/exchangedb/exchangedb.conf +++ b/src/exchangedb/exchangedb.conf @@ -26,11 +26,3 @@ IDLE_RESERVE_EXPIRATION_TIME = 4 weeks # After how long do we forget about reserves? Should be above # the legal expiration timeframe of withdrawn coins. LEGAL_RESERVE_EXPIRATION_TIME = 7 years - - -# How long should generated coins overlap in their validity -# periods. Should be long enough to avoid problems with -# wallets picking one key and then due to network latency -# another key being valid. The DURATION_WITHDRAW period -# must be longer than this value. -DURATION_OVERLAP = 5 minutes
\ No newline at end of file diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index f71a6773..0e5ded47 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -2186,7 +2186,7 @@ struct SignkeysIteratorContext /** - * Helper function for #postgres_active_signkeys(). + * Helper function for #postgres_iterate_active_signkeys(). * Calls the callback with each signkey. * * @param cls a `struct SignkeysIteratorContext` @@ -2294,7 +2294,7 @@ struct AuditorsIteratorContext /** - * Helper function for #postgres_active_auditors(). + * Helper function for #postgres_iterate_active_auditors(). * Calls the callback with each auditor. * * @param cls a `struct SignkeysIteratorContext` @@ -5226,7 +5226,6 @@ postgres_get_coin_transactions ( *tlp = chc.head; if (NULL == chc.head) return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS; - GNUNET_break (chc.have_deposit_or_melt); return GNUNET_DB_STATUS_SUCCESS_ONE_RESULT; } @@ -8519,15 +8518,13 @@ postgres_lookup_denomination_key ( /** - * Activate future denomination key, turning it into a "current" or "valid" - * denomination key by adding the master signature. Deletes the - * denomination key from the 'future' table an inserts the data into the - * main denominations table. Because this function will trigger multiple SQL - * statements, it must be run within a transaction. + * Activate denomination key, turning it into a "current" or "valid" + * denomination key by adding the master signature. * * @param cls closure * @param session a session * @param h_denom_pub hash of the denomination public key + * @param denom_pub the actual denomination key * @param meta meta data about the denomination * @param master_pub master public key * @param master_sig master signature to add diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 2154479a..70e49697 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -463,7 +463,7 @@ struct TALER_TrackTransferDetails * #GNUNET_NO if it is invalid * #GNUNET_SYSERR if an internal error occurred */ -int +enum GNUNET_GenericReturnValue TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info, const struct TALER_DenominationPublicKey *denom_pub); @@ -650,7 +650,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps); * other withdraw operations * @return #GNUNET_OK on success */ -int +enum GNUNET_GenericReturnValue TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, const struct TALER_PlanchetSecretsP *ps, struct GNUNET_HashCode *c_hash, @@ -668,7 +668,7 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, * @param[out] coin set to the details of the fresh coin * @return #GNUNET_OK on success */ -int +enum GNUNET_GenericReturnValue TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk, const struct GNUNET_CRYPTO_RsaSignature *blind_sig, const struct TALER_PlanchetSecretsP *ps, @@ -1081,7 +1081,7 @@ TALER_exchange_offline_auditor_add_sign ( * @param master_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_auditor_add_verify ( const struct TALER_AuditorPublicKeyP *auditor_pub, const char *auditor_url, @@ -1115,7 +1115,7 @@ TALER_exchange_offline_auditor_del_sign ( * @param master_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_auditor_del_verify ( const struct TALER_AuditorPublicKeyP *auditor_pub, struct GNUNET_TIME_Absolute end_date, @@ -1145,7 +1145,7 @@ TALER_exchange_offline_denomination_revoke_sign ( * @param master_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_denomination_revoke_verify ( const struct GNUNET_HashCode *h_denom_pub, const struct TALER_MasterPublicKeyP *master_pub, @@ -1174,7 +1174,7 @@ TALER_exchange_offline_signkey_revoke_sign ( * @param master_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_signkey_revoke_verify ( const struct TALER_ExchangePublicKeyP *exchange_pub, const struct TALER_MasterPublicKeyP *master_pub, @@ -1212,7 +1212,7 @@ TALER_exchange_offline_signkey_validity_sign ( * @param master_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_signkey_validity_verify ( const struct TALER_ExchangePublicKeyP *exchange_pub, struct GNUNET_TIME_Absolute start_sign, @@ -1271,7 +1271,7 @@ TALER_exchange_offline_denom_validity_sign ( * @param master_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_denom_validity_verify ( const struct GNUNET_HashCode *h_denom_pub, struct GNUNET_TIME_Absolute stamp_start, @@ -1315,7 +1315,7 @@ TALER_exchange_secmod_eddsa_sign ( * @param secm_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_secmod_eddsa_verify ( const struct TALER_ExchangePublicKeyP *exchange_pub, struct GNUNET_TIME_Absolute start_sign, @@ -1347,7 +1347,7 @@ TALER_exchange_secmod_rsa_sign ( /** * Verify security module RSA signature. * - * @param h_ednom_pub hash of the public key to validate + * @param h_denom_pub hash of the public key to validate * @param section_name name of the section in the configuration * @param start_sign starting point of validity for signing * @param duration how long will the key be in use @@ -1355,7 +1355,7 @@ TALER_exchange_secmod_rsa_sign ( * @param secm_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_secmod_rsa_verify ( const struct GNUNET_HashCode *h_denom_pub, const char *section_name, @@ -1420,7 +1420,7 @@ TALER_auditor_denom_validity_sign ( * @param auditor_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_auditor_denom_validity_verify ( const char *auditor_url, const struct GNUNET_HashCode *h_denom_pub, @@ -1475,7 +1475,7 @@ TALER_exchange_offline_wire_fee_sign ( * @param master_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_wire_fee_verify ( const char *payment_method, struct GNUNET_TIME_Absolute start_time, @@ -1511,7 +1511,7 @@ TALER_exchange_offline_wire_add_sign ( * @param master_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_wire_add_verify ( const char *payto_uri, struct GNUNET_TIME_Absolute sign_time, @@ -1544,7 +1544,7 @@ TALER_exchange_offline_wire_del_sign ( * @param master_sig the signature the signature * @return #GNUNET_OK if the signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_wire_del_verify ( const char *payto_uri, struct GNUNET_TIME_Absolute sign_time, @@ -1572,7 +1572,7 @@ TALER_exchange_wire_signature_hash (const char *payto_uri, * @param master_sig signature of the exchange * @return #GNUNET_OK if signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_wire_signature_check ( const char *payto_uri, const struct TALER_MasterPublicKeyP *master_pub, @@ -1617,7 +1617,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri, * @param merch_sig signature of the merchant * @return #GNUNET_OK if signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_merchant_wire_signature_check ( const char *payto_uri, const char *salt, @@ -1645,13 +1645,13 @@ TALER_merchant_wire_signature_make ( * Blinds the given message with the given blinding key * * @param hash hash of the message to sign - * @param bkey the blinding key + * @param bks the blinding key * @param pkey the public key of the signer * @param[out] buf set to a buffer with the blinded message to be signed * @param[out] buf_size number of bytes stored in @a buf * @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious */ -int +enum GNUNET_GenericReturnValue TALER_rsa_blind (const struct GNUNET_HashCode *hash, const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, struct GNUNET_CRYPTO_RsaPublicKey *pkey, @@ -1661,8 +1661,8 @@ TALER_rsa_blind (const struct GNUNET_HashCode *hash, /** * Unblind a blind-signed signature. The signature should have been generated - * with #GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with - * #GNUNET_CRYPTO_rsa_blind(). + * with GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with + * GNUNET_CRYPTO_rsa_blind(). * * @param sig the signature made on the blinded signature purpose * @param bks the blinding key secret used to blind the signature purpose diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index 5691e58d..557348dd 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -473,26 +473,6 @@ TALER_EXCHANGE_get_keys (struct TALER_EXCHANGE_Handle *exchange); /** - * Set the fake now to be used when requesting "/keys". - * - * @param exchange exchange handle. - * @param now fake now to use. Note: this value will be - * used _until_ its use will be unset via @a TALER_EXCHANGE_unset_now() - */ -void -TALER_EXCHANGE_set_now (struct TALER_EXCHANGE_Handle *exchange, - struct GNUNET_TIME_Absolute now); - -/** - * Unset the fake now to be used when requesting "/keys". - * - * @param exchange exchange handle. - */ -void -TALER_EXCHANGE_unset_now (struct TALER_EXCHANGE_Handle *exchange); - - -/** * Let the user set the last valid denomination time manually. * * @param exchange the exchange handle. diff --git a/src/include/taler_testing_lib.h b/src/include/taler_testing_lib.h index 0900fac9..fdc1e9bc 100644 --- a/src/include/taler_testing_lib.h +++ b/src/include/taler_testing_lib.h @@ -1808,15 +1808,17 @@ TALER_TESTING_cmd_check_keys_pull_all_keys (const char *label, * of downloads is less than @a generation, the logic will * first make sure that @a generation downloads are done, * and _then_ execute the rest of the command. - * @param last_denom_date date to be set in the "last_denom_issue" - * URL parameter of /keys. + * @param last_denom_date_ref previous /keys command to use to + * obtain the "last_denom_date" value from; "zero" can be used + * as a special value to force an absolute time of zero to be + * given to as an argument * @return the command. */ struct TALER_TESTING_Command TALER_TESTING_cmd_check_keys_with_last_denom ( const char *label, unsigned int generation, - struct GNUNET_TIME_Absolute last_denom_date); + const char *last_denom_date_ref); /** diff --git a/src/lib/exchange_api_handle.c b/src/lib/exchange_api_handle.c index 3d386e09..49af08b1 100644 --- a/src/lib/exchange_api_handle.c +++ b/src/lib/exchange_api_handle.c @@ -215,17 +215,6 @@ struct TALER_EXCHANGE_Handle */ enum ExchangeHandleState state; - /** - * If #GNUNET_YES, use fake now given by the user, in - * request of "/keys". - */ - int with_now; - - /** - * Fake now given by the user. - */ - struct GNUNET_TIME_Absolute now; - }; @@ -1044,12 +1033,12 @@ decode_keys_json (const json_t *resp_obj, if (check_sig) { - struct TALER_ExchangeKeySetPS ks; + struct TALER_ExchangeKeySetPS ks = { + .purpose.size = htonl (sizeof (ks)), + .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_KEY_SET), + .list_issue_date = GNUNET_TIME_absolute_hton (key_data->list_issue_date) + }; - /* Validate signature... */ - ks.purpose.size = htonl (sizeof (ks)); - ks.purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_KEY_SET); - ks.list_issue_date = GNUNET_TIME_absolute_hton (key_data->list_issue_date); GNUNET_CRYPTO_hash_context_finish (hash_context, &ks.hc); hash_context = NULL; @@ -1115,34 +1104,6 @@ request_keys (void *cls); /** - * Set the fake now to be used when requesting "/keys". - * - * @param exchange exchange handle. - * @param now fake now to use. Note: this value will be - * used _until_ its use will be unset via @a TALER_EXCHANGE_unset_now() - */ -void -TALER_EXCHANGE_set_now (struct TALER_EXCHANGE_Handle *exchange, - struct GNUNET_TIME_Absolute now) -{ - exchange->with_now = GNUNET_YES; - exchange->now = now; -} - - -/** - * Unset the fake now to be used when requesting "/keys". - * - * @param exchange exchange handle. - */ -void -TALER_EXCHANGE_unset_now (struct TALER_EXCHANGE_Handle *exchange) -{ - exchange->with_now = GNUNET_NO; -} - - -/** * Let the user set the last valid denomination time manually. * * @param exchange the exchange handle. @@ -1940,15 +1901,6 @@ request_keys (void *cls) / 1000000LLU); } - if (GNUNET_YES == exchange->with_now) - { - TALER_LOG_DEBUG ("Faking now to GET /keys: %s\n", - GNUNET_STRINGS_absolute_time_to_string (exchange->now)); - sprintf (&url[strlen (url)], - "now=%llu&", - (unsigned long long) exchange->now.abs_value_us / 1000000LLU); - } - /* Clean the last '&'/'?' sign that we optimistically put. */ url[strlen (url) - 1] = '\0'; kr->url = TEAH_path_to_url (exchange, diff --git a/src/lib/exchange_api_wire.c b/src/lib/exchange_api_wire.c index f70c0086..8534d54c 100644 --- a/src/lib/exchange_api_wire.c +++ b/src/lib/exchange_api_wire.c @@ -129,7 +129,6 @@ parse_fees (json_t *fees) if (0 == (len = json_array_size (fee_array))) { - GNUNET_break_op (0); GNUNET_free (fe); continue; /* skip */ } diff --git a/src/util/auditor_signatures.c b/src/util/auditor_signatures.c index 837b31c6..b41ce66a 100644 --- a/src/util/auditor_signatures.c +++ b/src/util/auditor_signatures.c @@ -70,7 +70,7 @@ TALER_auditor_denom_validity_sign ( } -int +enum GNUNET_GenericReturnValue TALER_auditor_denom_validity_verify ( const char *auditor_url, const struct GNUNET_HashCode *h_denom_pub, diff --git a/src/util/crypto.c b/src/util/crypto.c index dcff5fd2..4f084b19 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -26,9 +26,8 @@ #include <gcrypt.h> /** - * Should we use the RSA blind signing implementation - * from libgnunetutil? The blinding only works - * correctly with a current version of libgnunetutil. + * Should we use the RSA blind signing implementation from libgnunetutil? The + * blinding only works correctly with a current version of libgnunetutil. * * Only applies to blinding and unblinding, but * not to blind signing. @@ -82,17 +81,7 @@ TALER_gcrypt_init () } -/** - * Check if a coin is valid; that is, whether the denomination key exists, - * is not expired, and the signature is correct. - * - * @param coin_public_info the coin public info to check for validity - * @param denom_pub denomination key, must match @a coin_public_info's `denom_pub_hash` - * @return #GNUNET_YES if the coin is valid, - * #GNUNET_NO if it is invalid - * #GNUNET_SYSERR if an internal error occurred - */ -int +enum GNUNET_GenericReturnValue TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info, const struct TALER_DenominationPublicKey *denom_pub) { @@ -122,17 +111,6 @@ TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info, } -/** - * Given the coin and the transfer private keys, compute the - * transfer secret. (Technically, we only need one of the two - * private keys, but the caller currently trivially only has - * the two private keys, so we derive one of the public keys - * internally to this function.) - * - * @param coin_priv coin key - * @param trans_priv transfer private key - * @param[out] ts computed transfer secret - */ void TALER_link_derive_transfer_secret ( const struct TALER_CoinSpendPrivateKeyP *coin_priv, @@ -151,14 +129,6 @@ TALER_link_derive_transfer_secret ( } -/** - * Decrypt the shared @a secret from the information in the - * @a trans_priv and @a coin_pub. - * - * @param trans_priv transfer private key - * @param coin_pub coin public key - * @param[out] transfer_secret set to the shared secret - */ void TALER_link_reveal_transfer_secret ( const struct TALER_TransferPrivateKeyP *trans_priv, @@ -172,14 +142,6 @@ TALER_link_reveal_transfer_secret ( } -/** - * Decrypt the shared @a secret from the information in the - * @a trans_priv and @a coin_pub. - * - * @param trans_pub transfer private key - * @param coin_priv coin public key - * @param[out] transfer_secret set to the shared secret - */ void TALER_link_recover_transfer_secret ( const struct TALER_TransferPublicKeyP *trans_pub, @@ -193,13 +155,6 @@ TALER_link_recover_transfer_secret ( } -/** - * Setup information for a fresh coin. - * - * @param secret_seed seed to use for KDF to derive coin keys - * @param coin_num_salt number of the coin to include in KDF - * @param[out] ps value to initialize - */ void TALER_planchet_setup_refresh (const struct TALER_TransferSecretP *secret_seed, uint32_t coin_num_salt, @@ -220,11 +175,6 @@ TALER_planchet_setup_refresh (const struct TALER_TransferSecretP *secret_seed, } -/** - * Setup information for a fresh coin. - * - * @param[out] ps value to initialize - */ void TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps) { @@ -234,17 +184,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps) } -/** - * Prepare a planchet for tipping. Creates and blinds a coin. - * - * @param dk denomination key for the coin to be created - * @param ps secret planchet internals (for #TALER_planchet_to_coin) - * @param[out] c_hash set to the hash of the public key of the coin (needed later) - * @param[out] pd set to the planchet detail for TALER_MERCHANT_tip_pickup() and - * other withdraw operations - * @return #GNUNET_OK on success - */ -int +enum GNUNET_GenericReturnValue TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, const struct TALER_PlanchetSecretsP *ps, struct GNUNET_HashCode *c_hash, @@ -273,18 +213,7 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, } -/** - * Obtain a coin from the planchet's secrets and the blind signature - * of the exchange. - * - * @param dk denomination key, must match what was given to #TALER_planchet_prepare() - * @param blind_sig blind signature from the exchange - * @param ps secrets from #TALER_planchet_prepare() - * @param c_hash hash of the coin's public key for verification of the signature - * @param[out] coin set to the details of the fresh coin - * @return #GNUNET_OK on success - */ -int +enum GNUNET_GenericReturnValue TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk, const struct GNUNET_CRYPTO_RsaSignature *blind_sig, const struct TALER_PlanchetSecretsP *ps, @@ -311,17 +240,6 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk, } -/** - * Compute the commitment for a /refresh/melt operation from - * the respective public inputs. - * - * @param[out] rc set to the value the wallet must commit to - * @param kappa number of transfer public keys involved (must be #TALER_CNC_KAPPA) - * @param num_new_coins number of new coins to be created - * @param rcs commitments array of @a kappa commitments - * @param coin_pub public key of the coin to be melted - * @param amount_with_fee amount to be melted, including fee - */ void TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc, uint32_t kappa, @@ -556,7 +474,6 @@ rsa_gcd_validate (gcry_mpi_t r, gcry_mpi_t n) * * @param hash initial hash of the message to sign * @param pkey the public key of the signer - * @param rsize If not NULL, the number of bytes actually stored in buffer * @return MPI value set to the FDH, NULL if RSA key is malicious */ static gcry_mpi_t @@ -598,7 +515,7 @@ rsa_full_domain_hash (const struct GNUNET_CRYPTO_RsaPublicKey *pkey, /** * Create a blinding key * - * @param len length of the key in bits (i.e. 2048) + * @param pkey the public key to blind for * @param bks pre-secret to use to derive the blinding key * @return the newly created blinding key, NULL if RSA key is malicious */ @@ -638,7 +555,7 @@ rsa_blinding_key_derive (const struct GNUNET_CRYPTO_RsaPublicKey *pkey, * Print an MPI to a newly created buffer * * @param v MPI to print. - * @param[out] newly allocated buffer containing the result + * @param[out] buffer newly allocated buffer containing the result * @return number of bytes stored in @a buffer */ static size_t @@ -669,17 +586,7 @@ numeric_mpi_alloc_n_print (gcry_mpi_t v, #endif /* ! USE_GNUNET_RSA_BLINDING */ -/** - * Blinds the given message with the given blinding key - * - * @param hash hash of the message to sign - * @param bkey the blinding key - * @param pkey the public key of the signer - * @param[out] buf set to a buffer with the blinded message to be signed - * @param[out] buf_size number of bytes stored in @a buf - * @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious - */ -int +enum GNUNET_GenericReturnValue TALER_rsa_blind (const struct GNUNET_HashCode *hash, const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, struct GNUNET_CRYPTO_RsaPublicKey *pkey, @@ -710,7 +617,7 @@ TALER_rsa_blind (const struct GNUNET_HashCode *hash, GNUNET_break (0); *buf = NULL; *buf_size = 0; - return 0; + return GNUNET_NO; } data = rsa_full_domain_hash (pkey, hash); @@ -758,16 +665,6 @@ rsa_gcd_validate_failure: } -/** - * Unblind a blind-signed signature. The signature should have been generated - * with #GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with - * #GNUNET_CRYPTO_rsa_blind(). - * - * @param sig the signature made on the blinded signature purpose - * @param bks the blinding key secret used to blind the signature purpose - * @param pkey the public key of the signer - * @return unblinded signature on success, NULL if RSA key is bad or malicious. - */ struct GNUNET_CRYPTO_RsaSignature * TALER_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig, const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, diff --git a/src/util/crypto_helper_denom.c b/src/util/crypto_helper_denom.c index c61a46f1..4618383a 100644 --- a/src/util/crypto_helper_denom.c +++ b/src/util/crypto_helper_denom.c @@ -663,7 +663,8 @@ void TALER_CRYPTO_helper_denom_disconnect ( struct TALER_CRYPTO_DenominationHelper *dh) { - do_disconnect (dh); + if (-1 != dh->sock) + do_disconnect (dh); GNUNET_free (dh->template); GNUNET_free (dh); } diff --git a/src/util/crypto_helper_esign.c b/src/util/crypto_helper_esign.c index 1cf20e91..688afc7d 100644 --- a/src/util/crypto_helper_esign.c +++ b/src/util/crypto_helper_esign.c @@ -317,7 +317,7 @@ handle_mt_purge (struct TALER_CRYPTO_ExchangeSignHelper *esh, /** * Wait until the socket is ready to read. * - * @param dh helper to wait for + * @param esh helper to wait for * @return false on timeout (after 5s) */ static bool @@ -591,7 +591,8 @@ void TALER_CRYPTO_helper_esign_disconnect ( struct TALER_CRYPTO_ExchangeSignHelper *esh) { - do_disconnect (esh); + if (-1 != esh->sock) + do_disconnect (esh); GNUNET_free (esh->template); GNUNET_free (esh); } diff --git a/src/util/crypto_wire.c b/src/util/crypto_wire.c index 7aaf7d15..0d31720a 100644 --- a/src/util/crypto_wire.c +++ b/src/util/crypto_wire.c @@ -53,7 +53,7 @@ TALER_exchange_wire_signature_hash (const char *payto_uri, * @param master_sig signature of the exchange * @return #GNUNET_OK if signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_exchange_wire_signature_check ( const char *payto_uri, const struct TALER_MasterPublicKeyP *master_pub, @@ -143,7 +143,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri, * @param merch_sig signature of the merchant * @return #GNUNET_OK if signature is valid */ -int +enum GNUNET_GenericReturnValue TALER_merchant_wire_signature_check ( const char *payto_uri, const char *salt, diff --git a/src/util/offline_signatures.c b/src/util/offline_signatures.c index 5899c134..aab46fc7 100644 --- a/src/util/offline_signatures.c +++ b/src/util/offline_signatures.c @@ -47,17 +47,7 @@ TALER_exchange_offline_auditor_add_sign ( } -/** - * Verify auditor add signature. - * - * @param auditor_pub public key of the auditor - * @param auditor_url URL of the auditor - * @param start_date when to enable the auditor (for replay detection) - * @param master_pub public key to verify against - * @param master_sig the signature the signature - * @return #GNUNET_OK if the signature is valid - */ -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_auditor_add_verify ( const struct TALER_AuditorPublicKeyP *auditor_pub, const char *auditor_url, @@ -103,7 +93,7 @@ TALER_exchange_offline_auditor_del_sign ( } -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_auditor_del_verify ( const struct TALER_AuditorPublicKeyP *auditor_pub, struct GNUNET_TIME_Absolute end_date, @@ -143,7 +133,7 @@ TALER_exchange_offline_denomination_revoke_sign ( } -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_denomination_revoke_verify ( const struct GNUNET_HashCode *h_denom_pub, const struct TALER_MasterPublicKeyP *master_pub, @@ -183,7 +173,7 @@ TALER_exchange_offline_signkey_revoke_sign ( } -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_signkey_revoke_verify ( const struct TALER_ExchangePublicKeyP *exchange_pub, const struct TALER_MasterPublicKeyP *master_pub, @@ -231,7 +221,7 @@ TALER_exchange_offline_signkey_validity_sign ( } -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_signkey_validity_verify ( const struct TALER_ExchangePublicKeyP *exchange_pub, struct GNUNET_TIME_Absolute start_sign, @@ -305,7 +295,7 @@ TALER_exchange_offline_denom_validity_sign ( } -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_denom_validity_verify ( const struct GNUNET_HashCode *h_denom_pub, struct GNUNET_TIME_Absolute stamp_start, @@ -374,7 +364,7 @@ TALER_exchange_offline_wire_add_sign ( } -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_wire_add_verify ( const char *payto_uri, struct GNUNET_TIME_Absolute sign_time, @@ -421,7 +411,7 @@ TALER_exchange_offline_wire_del_sign ( } -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_wire_del_verify ( const char *payto_uri, struct GNUNET_TIME_Absolute sign_time, @@ -475,7 +465,7 @@ TALER_exchange_offline_wire_fee_sign ( } -int +enum GNUNET_GenericReturnValue TALER_exchange_offline_wire_fee_verify ( const char *payment_method, struct GNUNET_TIME_Absolute start_time, diff --git a/src/util/secmod_signatures.c b/src/util/secmod_signatures.c index e7542c1e..3df68861 100644 --- a/src/util/secmod_signatures.c +++ b/src/util/secmod_signatures.c @@ -45,7 +45,7 @@ TALER_exchange_secmod_eddsa_sign ( } -int +enum GNUNET_GenericReturnValue TALER_exchange_secmod_eddsa_verify ( const struct TALER_ExchangePublicKeyP *exchange_pub, struct GNUNET_TIME_Absolute start_sign, @@ -96,7 +96,7 @@ TALER_exchange_secmod_rsa_sign ( } -int +enum GNUNET_GenericReturnValue TALER_exchange_secmod_rsa_verify ( const struct GNUNET_HashCode *h_denom_pub, const char *section_name, diff --git a/src/util/taler-helper-crypto-eddsa.c b/src/util/taler-helper-crypto-eddsa.c index ad1a783e..c229a8c1 100644 --- a/src/util/taler-helper-crypto-eddsa.c +++ b/src/util/taler-helper-crypto-eddsa.c @@ -18,11 +18,6 @@ * @brief Standalone process to perform private key EDDSA operations * @author Christian Grothoff * - * INTEGRATION NOTES: - * - Option 'DURATION_OVERLAP' renamed to 'OVERLAP_DURATION' for consistency; - * => need to update in deployment scripts and default configuration! - * - option 'KEY_DIR' moved from section 'exchange' to 'taler-helper-crypto-eddsa'! - * * Key design points: * - EVERY thread of the exchange will have its own pair of connections to the * crypto helpers. This way, every threat will also have its own /keys state @@ -236,7 +231,7 @@ static char *keydir; /** * How much should coin creation duration overlap * with the next key? Basically, the starting time of two - * keys is always #duration - #duration_overlap apart. + * keys is always #duration - #overlap_duration apart. */ static struct GNUNET_TIME_Relative overlap_duration; diff --git a/src/util/taler-helper-crypto-rsa.c b/src/util/taler-helper-crypto-rsa.c index 53d5c2c7..345a826a 100644 --- a/src/util/taler-helper-crypto-rsa.c +++ b/src/util/taler-helper-crypto-rsa.c @@ -18,11 +18,6 @@ * @brief Standalone process to perform private key RSA operations * @author Christian Grothoff * - * INTEGRATION NOTES: - * - Option 'DURATION_OVERLAP' renamed to 'OVERLAP_DURATION' for consistency; - * => need to update in deployment scripts and default configuration! - * - option 'KEY_DIR' moved from section 'exchange' to 'taler-helper-crypto-rsa'! - * * Key design points: * - EVERY thread of the exchange will have its own pair of connections to the * crypto helpers. This way, every threat will also have its own /keys state @@ -288,7 +283,7 @@ static char *keydir; /** * How much should coin creation (@e duration_withdraw) duration overlap * with the next denomination? Basically, the starting time of two - * denominations is always @e duration_withdraw - #duration_overlap apart. + * denominations is always @e duration_withdraw - #overlap_duration apart. */ static struct GNUNET_TIME_Relative overlap_duration; |