4 files changed, 63 insertions, 50 deletions

diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 4126894a..0f25ea3c 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -469,6 +469,23 @@ TALER_link_decrypt_secret2 (const struct TALER_EncryptedLinkSecretP *secret_enc,
 
 
 /**
+ * Given the coin and the transfer private keys, compute the
+ * transfer secret.  (Technically, we only need one of the two
+ * private keys, but the caller currently trivially only has
+ * the two private keys, so we derive one of the public keys
+ * internally to this function.)
+ *
+ * @param coin_priv coin key
+ * @param trans_priv transfer private key
+ * @param[out] ts computed transfer secret
+ */
+void
+TALER_link_derive_transfer_secret (const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+                                   const struct TALER_TransferPrivateKeyP *trans_priv,
+                                   struct TALER_TransferSecretP *ts);
+
+
+/**
  * Encrypt the shared @a secret to generate the encrypted link secret.
  * Also creates the transfer key.
  *
diff --git a/src/include/taler_mint_service.h b/src/include/taler_mint_service.h
index b228acc5..02407a3a 100644
--- a/src/include/taler_mint_service.h
+++ b/src/include/taler_mint_service.h
@@ -181,14 +181,14 @@ struct TALER_MINT_DenomPublicKey
   struct TALER_Amount fee_deposit;
 
   /**
-   *The applicable fee to refresh a coin of this denomination
+   *The applicable fee to melt/refresh a coin of this denomination
    */
   struct TALER_Amount fee_refresh;
 };
 
 
 /**
- * Information we get from the mint about auditors.
+ * @brief Information we get from the mint about auditors.
  */
 struct TALER_MINT_AuditorInformation
 {
@@ -222,9 +222,8 @@ struct TALER_MINT_AuditorInformation
 };
 
 
-
 /**
- * Information about keys from the mint.
+ * @brief Information about keys from the mint.
  */
 struct TALER_MINT_Keys
 {
@@ -396,11 +395,11 @@ typedef void
  *
  * @param mint the mint handle; the mint must be ready to operate
  * @param amount the amount to be deposited
- * @param wire the merchant’s account details, in a format supported by the mint
+ * @param wire_details the merchant’s account details, in a format supported by the mint
  * @param h_contract hash of the contact of the merchant with the customer (further details are never disclosed to the mint)
  * @param coin_pub coin’s public key
  * @param denom_pub denomination key with which the coin is signed
- * @param ub_sig mint’s unblinded signature of the coin
+ * @param denom_sig mint’s unblinded signature of the coin
  * @param timestamp timestamp when the contract was finalized, must match approximately the current time of the mint
  * @param transaction_id transaction id for the transaction between merchant and customer
  * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests)
@@ -466,7 +465,7 @@ enum TALER_MINT_ReserveTransactionType {
 
 
 /**
- * Entry in the reserve's transaction history.
+ * @brief Entry in the reserve's transaction history.
  */
 struct TALER_MINT_ReserveHistory
 {
@@ -635,7 +634,7 @@ TALER_MINT_withdraw_sign_cancel (struct TALER_MINT_WithdrawSignHandle *sign);
  * no money is lost in case of hardware failures, is operation does
  * not actually initiate the request. Instead, it generates a buffer
  * which the caller must store before proceeding with the actual call
- * to #TALER_MINT_refresh_execute() that will generate the request.
+ * to #TALER_MINT_refresh_melt() that will generate the request.
  *
  * This function does verify that the given request data is internally
  * consistent.  However, the @a melts_sigs are only verified if @a
@@ -660,11 +659,11 @@ TALER_MINT_withdraw_sign_cancel (struct TALER_MINT_WithdrawSignHandle *sign);
  * @param check_sigs verify the validity of the signatures of @a melt_sigs
  * @param fresh_pks_len length of the @a pks array
  * @param fresh_pks array of @a pks_len denominations of fresh coins to create
- * @param[OUT] res_size set to the size of the return value, or 0 on error
+ * @param[out] res_size set to the size of the return value, or 0 on error
  * @return NULL
  *         if the inputs are invalid (i.e. denomination key not with this mint).
  *         Otherwise, pointer to a buffer of @a res_size to store persistently
- *         before proceeding to #TALER_MINT_refresh_execute().
+ *         before proceeding to #TALER_MINT_refresh_melt().
  *         Non-null results should be freed using #GNUNET_free().
  */
 char *
@@ -727,11 +726,11 @@ typedef void
  *         In this case, neither callback will be called.
  */
 struct TALER_MINT_RefreshMeltHandle *
-TALER_MINT_refresh_melt_execute (struct TALER_MINT_Handle *mint,
-                                 size_t refresh_data_length,
-                                 const char *refresh_data,
-                                 TALER_MINT_RefreshMeltCallback melt_cb,
-                                 void *melt_cb_cls);
+TALER_MINT_refresh_melt (struct TALER_MINT_Handle *mint,
+                         size_t refresh_data_length,
+                         const char *refresh_data,
+                         TALER_MINT_RefreshMeltCallback melt_cb,
+                         void *melt_cb_cls);
 
 
 /**
@@ -841,6 +840,7 @@ struct TALER_MINT_RefreshLinkHandle;
  * @param num_coins number of fresh coins created, length of the @a sigs and @a coin_privs arrays, 0 if the operation failed
  * @param coin_privs array of @a num_coins private keys for the coins that were created, NULL on error
  * @param sigs array of signature over @a num_coins coins, NULL on error
+ * @param pubs array of public keys for the @a sigs, NULL on error
  * @param full_response full response from the mint (for logging, in case of errors)
  */
 typedef void
@@ -849,6 +849,7 @@ typedef void
                                    unsigned int num_coins,
                                    const struct TALER_CoinSpendPrivateKeyP *coin_privs,
                                    const struct TALER_DenominationSignature *sigs,
+                                   const struct TALER_DenominationPublicKey *pubs,
                                    json_t *full_response);
 
 
diff --git a/src/include/taler_mintdb_plugin.h b/src/include/taler_mintdb_plugin.h
index 21d83d9d..c5b9828d 100644
--- a/src/include/taler_mintdb_plugin.h
+++ b/src/include/taler_mintdb_plugin.h
@@ -388,33 +388,6 @@ struct TALER_MINTDB_RefreshCommitCoin
 };
 
 
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief For each (old) coin being melted, we have a `struct
- * RefreshCommitLinkP` that allows the user to find the shared secret
- * to decrypt the respective refresh links for the new coins in the
- * `struct TALER_MINTDB_RefreshCommitCoin`.
- */
-struct TALER_MINTDB_RefreshCommitLinkP
-{
-  /**
-   * Transfer public key, used to decrypt the @e shared_secret_enc
-   * in combintation with the corresponding private key of the
-   * coin.
-   */
-  struct TALER_TransferPublicKeyP transfer_pub;
-
-  /**
-   * Encrypted shared secret to decrypt the link.
-   */
-  struct TALER_EncryptedLinkSecretP shared_secret_enc;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-
 /**
  * @brief Linked list of refresh information linked to a coin.
  */
@@ -566,7 +539,7 @@ struct TALER_MINTDB_MeltCommitment
   /**
    * 2D-Array of #TALER_CNC_KAPPA and @e new_oldcoins links.
    */
-  struct TALER_MINTDB_RefreshCommitLinkP *commit_links[TALER_CNC_KAPPA];
+  struct TALER_RefreshCommitLinkP *commit_links[TALER_CNC_KAPPA];
 };
 
 
@@ -830,11 +803,8 @@ struct TALER_MINTDB_Plugin
    * @param sesssion database connection
    * @param deposit deposit to search for
    * @return #GNUNET_YES if we know this operation,
-   *         #GNUNET_NO if this deposit is unknown to us,
-   *         #GNUNET_SYSERR on DB error or if same coin(pub), merchant(pub) and
-   *                        transaction ID are already in DB, but for different
-   *                        other transaction details (contract, wiring details,
-   *                        amount, etc.)
+   *         #GNUNET_NO if this exact deposit is unknown to us,
+   *         #GNUNET_SYSERR on DB error
    */
   int
   (*have_deposit) (void *cls,
@@ -1032,7 +1002,7 @@ struct TALER_MINTDB_Plugin
                                   const struct GNUNET_HashCode *session_hash,
                                   uint16_t cnc_index,
                                   uint16_t num_links,
-                                  const struct TALER_MINTDB_RefreshCommitLinkP *commit_links);
+                                  const struct TALER_RefreshCommitLinkP *commit_links);
 
   /**
    * Obtain the commited (encrypted) refresh link data
@@ -1054,7 +1024,7 @@ struct TALER_MINTDB_Plugin
                                const struct GNUNET_HashCode *session_hash,
                                uint16_t cnc_index,
                                uint16_t num_links,
-                               struct TALER_MINTDB_RefreshCommitLinkP *links);
+                               struct TALER_RefreshCommitLinkP *links);
 
 
   /**
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index 402e67fe..c5348eb5 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -648,6 +648,31 @@ struct TALER_MintKeyValidityPS
 };
 
 
+/**
+ * @brief For each (old) coin being melted, we have a `struct
+ * RefreshCommitLinkP` that allows the user to find the shared secret
+ * to decrypt the respective refresh links for the new coins in the
+ * `struct TALER_MINTDB_RefreshCommitCoin`.
+ *
+ * Part of the construction of the refresh session's hash and
+ * thus of what is signed there.
+ */
+struct TALER_RefreshCommitLinkP
+{
+  /**
+   * Transfer public key, used to decrypt the @e shared_secret_enc
+   * in combintation with the corresponding private key of the
+   * coin.
+   */
+  struct TALER_TransferPublicKeyP transfer_pub;
+
+  /**
+   * Encrypted shared secret to decrypt the link.
+   */
+  struct TALER_EncryptedLinkSecretP shared_secret_enc;
+};
+
+
 GNUNET_NETWORK_STRUCT_END
 
 #endif