From 493f541c201addad50a1e35a44d3548f0731189a Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Sat, 8 Aug 2015 21:19:54 +0200
Subject: use _ instead of - for consistency

---
 src/mint/taler-mint-httpd_responses.c | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

(limited to 'src/mint/taler-mint-httpd_responses.c')

diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c
index 57b233e7..48c0a748 100644
--- a/src/mint/taler-mint-httpd_responses.c
+++ b/src/mint/taler-mint-httpd_responses.c
@@ -713,13 +713,19 @@ TMH_RESPONSE_reply_refresh_melt_insufficient_funds (struct MHD_Connection *conne
   return TMH_RESPONSE_reply_json_pack (connection,
                                        MHD_HTTP_NOT_FOUND,
                                        "{s:s, s:o, s:o, s:o, s:o, s:o}",
-                                       "error", "insufficient funds",
-                                       "coin-pub", TALER_json_from_data (coin_pub,
-                                                                         sizeof (struct TALER_CoinSpendPublicKeyP)),
-                                       "original-value", TALER_json_from_amount (&coin_value),
-                                       "residual-value", TALER_json_from_amount (&residual),
-                                       "requested-value", TALER_json_from_amount (&requested),
-                                       "history", history);
+                                       "error",
+                                       "insufficient funds",
+                                       "coin_pub",
+                                       TALER_json_from_data (coin_pub,
+                                                             sizeof (struct TALER_CoinSpendPublicKeyP)),
+                                       "original_value",
+                                       TALER_json_from_amount (&coin_value),
+                                       "residual_value",
+                                       TALER_json_from_amount (&residual),
+                                       "requested_value",
+                                       TALER_json_from_amount (&requested),
+                                       "history",
+                                       history);
 }
 
 
-- 
cgit v1.2.3


From 6ea5858d3276378dd3636ecc36ed312a0ccaee61 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Sat, 8 Aug 2015 21:32:09 +0200
Subject: implementing verify_refresh_melt_signature_forbidden

---
 src/mint-lib/mint_api_refresh.c       | 141 +++++++++++++++++++++++++++++++++-
 src/mint/taler-mint-httpd_responses.c |   2 +-
 2 files changed, 140 insertions(+), 3 deletions(-)

(limited to 'src/mint/taler-mint-httpd_responses.c')

diff --git a/src/mint-lib/mint_api_refresh.c b/src/mint-lib/mint_api_refresh.c
index dad0ec16..ede95af5 100644
--- a/src/mint-lib/mint_api_refresh.c
+++ b/src/mint-lib/mint_api_refresh.c
@@ -25,6 +25,7 @@
 #include <microhttpd.h> /* just for HTTP status codes */
 #include <gnunet/gnunet_util_lib.h>
 #include "taler_mint_service.h"
+#include "mint_api_common.h"
 #include "mint_api_json.h"
 #include "mint_api_context.h"
 #include "mint_api_handle.h"
@@ -58,6 +59,11 @@ struct MeltedCoinP
    */
   struct TALER_AmountNBO fee_melt;
 
+  /**
+   * The original value of the coin.
+   */
+  struct TALER_AmountNBO original_value;
+
   /**
    * Transfer private keys for each cut-and-choose dimension.
    */
@@ -169,6 +175,11 @@ struct MeltedCoin
    */
   struct TALER_Amount fee_melt;
 
+  /**
+   * The original value of the coin.
+   */
+  struct TALER_Amount original_value;
+
   /**
    * Transfer private keys for each cut-and-choose dimension.
    */
@@ -381,9 +392,10 @@ serialize_melted_coin (const struct MeltedCoin *mc,
   mcp.coin_priv = mc->coin_priv;
   TALER_amount_hton (&mcp.melt_amount_with_fee,
                      &mc->melt_amount_with_fee);
-
   TALER_amount_hton (&mcp.fee_melt,
                      &mc->fee_melt);
+  TALER_amount_hton (&mcp.original_value,
+                     &mc->original_value);
   for (i=0;i<TALER_CNC_KAPPA;i++)
     mcp.transfer_priv[i] = mc->transfer_priv[i];
   mcp.deposit_valid_until = GNUNET_TIME_absolute_hton (mc->deposit_valid_until);
@@ -464,6 +476,8 @@ deserialize_melted_coin (struct MeltedCoin *mc,
                      &mcp.melt_amount_with_fee);
   TALER_amount_ntoh (&mc->fee_melt,
                      &mcp.fee_melt);
+  TALER_amount_ntoh (&mc->original_value,
+                     &mcp.original_value);
   for (i=0;i<TALER_CNC_KAPPA;i++)
     mc->transfer_priv[i] = mcp.transfer_priv[i];
   mc->deposit_valid_until = GNUNET_TIME_absolute_ntoh (mcp.deposit_valid_until);
@@ -868,6 +882,7 @@ TALER_MINT_refresh_prepare (unsigned int num_melts,
     md.melted_coins[i].coin_priv = melt_privs[i];
     md.melted_coins[i].melt_amount_with_fee = melt_amounts[i];
     md.melted_coins[i].fee_melt = melt_pks[i].fee_refresh;
+    md.melted_coins[i].original_value = melt_pks[i].value;
     for (j=0;j<TALER_CNC_KAPPA;j++)
     {
       struct GNUNET_CRYPTO_EcdhePrivateKey *tpk;
@@ -1090,6 +1105,122 @@ verify_refresh_melt_signature_ok (struct TALER_MINT_RefreshMeltHandle *rmh,
 }
 
 
+/**
+ * Verify that the signatures on the "403 FORBIDDEN" response from the
+ * mint demonstrating customer double-spending are valid.
+ *
+ * @param rmh melt handle
+ * @param json json reply with the signature(s) and transaction history
+ * @return #GNUNET_OK if the signature(s) is valid, #GNUNET_SYSERR if not
+ */
+static int
+verify_refresh_melt_signature_forbidden (struct TALER_MINT_RefreshMeltHandle *rmh,
+                                         json_t *json)
+{
+  json_t *history;
+  struct TALER_Amount original_value;
+  struct TALER_Amount melt_value_with_fee;
+  struct TALER_Amount total;
+  struct TALER_CoinSpendPublicKeyP coin_pub;
+  unsigned int i;
+  struct MAJ_Specification spec[] = {
+    // MAJ_spec_json ("history", &history), // FIXME!
+    MAJ_spec_fixed_auto ("coin_pub", &coin_pub),
+    MAJ_spec_amount ("original_value", &original_value),
+    MAJ_spec_amount ("requested_value", &melt_value_with_fee),
+    MAJ_spec_end
+  };
+  const struct MeltedCoin *mc;
+
+  /* parse JSON reply */
+  if (GNUNET_OK !=
+      MAJ_parse_json (json,
+                      spec))
+  {
+    GNUNET_break_op (0);
+    return GNUNET_SYSERR;
+  }
+
+  /* Find out which coin was deemed problematic by the mint */
+  mc = NULL;
+  for (i=0;i<rmh->md->num_melted_coins;i++)
+  {
+    if (0 == TALER_amount_cmp (&melt_value_with_fee,
+                               &rmh->md->melted_coins[i].melt_amount_with_fee))
+    {
+      struct TALER_CoinSpendPublicKeyP mc_pub;
+
+      GNUNET_CRYPTO_eddsa_key_get_public (&rmh->md->melted_coins[i].coin_priv.eddsa_priv,
+                                          &mc_pub.eddsa_pub);
+      if (0 == memcmp (&mc_pub,
+                       &coin_pub,
+                       sizeof (struct TALER_CoinSpendPublicKeyP)))
+      {
+        mc = &rmh->md->melted_coins[i];
+        break;
+      }
+    }
+  }
+  if (NULL == mc)
+  {
+    /* coin not found in our original request */
+    GNUNET_break_op (0);
+    return GNUNET_SYSERR;
+  }
+
+  /* check basic coin properties */
+  if (0 != TALER_amount_cmp (&original_value,
+                             &mc->original_value))
+  {
+    /* We disagree on the value of the coin */
+    GNUNET_break_op (0);
+    return GNUNET_SYSERR;
+  }
+  if (0 != TALER_amount_cmp (&melt_value_with_fee,
+                             &mc->melt_amount_with_fee))
+  {
+    /* We disagree on the value of the coin */
+    GNUNET_break_op (0);
+    return GNUNET_SYSERR;
+  }
+
+  /* verify coin history */
+  history = json_object_get (json,
+                             "history");
+  if (GNUNET_OK !=
+      TALER_MINT_verify_coin_history_ (original_value.currency,
+                                       &coin_pub,
+                                       history,
+                                       &total))
+  {
+    GNUNET_break_op (0);
+    return GNUNET_SYSERR;
+  }
+
+  /* check if melt operation was really too expensive given history */
+  if (GNUNET_OK !=
+      TALER_amount_add (&total,
+                        &total,
+                        &melt_value_with_fee))
+  {
+    /* clearly not OK if our transaction would have caused
+       the overflow... */
+    return GNUNET_OK;
+  }
+
+  if (0 >= TALER_amount_cmp (&total,
+                             &original_value))
+  {
+    /* transaction should have still fit */
+    GNUNET_break (0);
+    return GNUNET_SYSERR;
+  }
+
+  /* everything OK, valid proof of double-spending was provided */
+  return GNUNET_OK;
+}
+
+
 /**
  * Function called when we're done processing the
  * HTTP /refresh/melt request.
@@ -1138,7 +1269,13 @@ handle_refresh_melt_finished (void *cls,
     break;
   case MHD_HTTP_FORBIDDEN:
     /* Double spending; check signatures on transaction history */
-    GNUNET_break (0); // FIXME: NOT implemented!
+    if (GNUNET_OK !=
+        verify_refresh_melt_signature_forbidden (rmh,
+                                                 json))
+    {
+      GNUNET_break_op (0);
+      response_code = 0;
+    }
     break;
   case MHD_HTTP_UNAUTHORIZED:
     /* Nothing really to verify, mint says one of the signatures is
diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c
index 48c0a748..0e2f9070 100644
--- a/src/mint/taler-mint-httpd_responses.c
+++ b/src/mint/taler-mint-httpd_responses.c
@@ -695,7 +695,7 @@ TMH_RESPONSE_reply_withdraw_sign_success (struct MHD_Connection *connection,
  * @param coin_pub public key of the coin
  * @param coin_value original value of the coin
  * @param tl transaction history for the coin
- * @param requested how much this coin was supposed to contribute
+ * @param requested how much this coin was supposed to contribute, including fee
  * @param residual remaining value of the coin (after subtracting @a tl)
  * @return a MHD result code
  */
-- 
cgit v1.2.3


From 6237981d9652889bbcc042e8b374c0addc65932f Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Sun, 9 Aug 2015 21:25:49 +0200
Subject: rename struct TALER_MINTDB_RefreshCommitLinkP to struct
 TALER_RefreshCommitLinkP

---
 src/include/taler_mintdb_plugin.h     |  6 +++---
 src/include/taler_signatures.h        |  2 +-
 src/mint-lib/mint_api_refresh.c       |  4 ++--
 src/mint/taler-mint-httpd_db.c        |  6 +++---
 src/mint/taler-mint-httpd_db.h        |  2 +-
 src/mint/taler-mint-httpd_refresh.c   | 12 ++++++------
 src/mint/taler-mint-httpd_responses.c |  2 +-
 src/mintdb/plugin_mintdb_postgres.c   |  6 +++---
 8 files changed, 20 insertions(+), 20 deletions(-)

(limited to 'src/mint/taler-mint-httpd_responses.c')

diff --git a/src/include/taler_mintdb_plugin.h b/src/include/taler_mintdb_plugin.h
index ba83c814..c5b9828d 100644
--- a/src/include/taler_mintdb_plugin.h
+++ b/src/include/taler_mintdb_plugin.h
@@ -539,7 +539,7 @@ struct TALER_MINTDB_MeltCommitment
   /**
    * 2D-Array of #TALER_CNC_KAPPA and @e new_oldcoins links.
    */
-  struct TALER_MINTDB_RefreshCommitLinkP *commit_links[TALER_CNC_KAPPA];
+  struct TALER_RefreshCommitLinkP *commit_links[TALER_CNC_KAPPA];
 };
 
 
@@ -1002,7 +1002,7 @@ struct TALER_MINTDB_Plugin
                                   const struct GNUNET_HashCode *session_hash,
                                   uint16_t cnc_index,
                                   uint16_t num_links,
-                                  const struct TALER_MINTDB_RefreshCommitLinkP *commit_links);
+                                  const struct TALER_RefreshCommitLinkP *commit_links);
 
   /**
    * Obtain the commited (encrypted) refresh link data
@@ -1024,7 +1024,7 @@ struct TALER_MINTDB_Plugin
                                const struct GNUNET_HashCode *session_hash,
                                uint16_t cnc_index,
                                uint16_t num_links,
-                               struct TALER_MINTDB_RefreshCommitLinkP *links);
+                               struct TALER_RefreshCommitLinkP *links);
 
 
   /**
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index 0b05bace..c5348eb5 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -657,7 +657,7 @@ struct TALER_MintKeyValidityPS
  * Part of the construction of the refresh session's hash and
  * thus of what is signed there.
  */
-struct TALER_MINTDB_RefreshCommitLinkP
+struct TALER_RefreshCommitLinkP
 {
   /**
    * Transfer public key, used to decrypt the @e shared_secret_enc
diff --git a/src/mint-lib/mint_api_refresh.c b/src/mint-lib/mint_api_refresh.c
index 796eb23f..66e8ea83 100644
--- a/src/mint-lib/mint_api_refresh.c
+++ b/src/mint-lib/mint_api_refresh.c
@@ -990,7 +990,7 @@ TALER_MINT_refresh_prepare (unsigned int num_melts,
   {
     for (j = 0; j < num_melts; j++)
     {
-      struct TALER_MINTDB_RefreshCommitLinkP rcl;
+      struct TALER_RefreshCommitLinkP rcl;
       struct TALER_TransferSecretP trans_sec;
 
       GNUNET_CRYPTO_ecdhe_key_get_public (&md.melted_coins[j].transfer_priv[i].ecdhe_priv,
@@ -1003,7 +1003,7 @@ TALER_MINT_refresh_prepare (unsigned int num_melts,
                               &rcl.shared_secret_enc);
       GNUNET_CRYPTO_hash_context_read (hash_context,
                                        &rcl,
-                                       sizeof (struct TALER_MINTDB_RefreshCommitLinkP));
+                                       sizeof (struct TALER_RefreshCommitLinkP));
     }
   }
 
diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c
index 4e91e7e7..e24102ea 100644
--- a/src/mint/taler-mint-httpd_db.c
+++ b/src/mint/taler-mint-httpd_db.c
@@ -623,7 +623,7 @@ TMH_DB_execute_refresh_melt (struct MHD_Connection *connection,
                              unsigned int coin_count,
                              const struct TMH_DB_MeltDetails *coin_melt_details,
                              struct TALER_MINTDB_RefreshCommitCoin *const* commit_coin,
-                             struct TALER_MINTDB_RefreshCommitLinkP *const* commit_link)
+                             struct TALER_RefreshCommitLinkP *const* commit_link)
 {
   struct TMH_KS_StateHandle *key_state;
   struct TALER_MINTDB_RefreshSession refresh_session;
@@ -839,11 +839,11 @@ check_commitment (struct MHD_Connection *connection,
   unsigned int j;
   struct TALER_LinkSecretP last_shared_secret;
   int secret_initialized = GNUNET_NO;
-  struct TALER_MINTDB_RefreshCommitLinkP *commit_links;
+  struct TALER_RefreshCommitLinkP *commit_links;
   struct TALER_MINTDB_RefreshCommitCoin *commit_coins;
 
   commit_links = GNUNET_malloc (num_oldcoins *
-                                sizeof (struct TALER_MINTDB_RefreshCommitLinkP));
+                                sizeof (struct TALER_RefreshCommitLinkP));
   if (GNUNET_OK !=
       TMH_plugin->get_refresh_commit_links (TMH_plugin->cls,
                                             session,
diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h
index 8a171153..c2f9a310 100644
--- a/src/mint/taler-mint-httpd_db.h
+++ b/src/mint/taler-mint-httpd_db.h
@@ -130,7 +130,7 @@ TMH_DB_execute_refresh_melt (struct MHD_Connection *connection,
                              unsigned int coin_count,
                              const struct TMH_DB_MeltDetails *coin_melt_details,
                              struct TALER_MINTDB_RefreshCommitCoin *const* commit_coin,
-                             struct TALER_MINTDB_RefreshCommitLinkP *const* commit_link);
+                             struct TALER_RefreshCommitLinkP *const* commit_link);
 
 
 /**
diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c
index 7bcaa799..954d8daf 100644
--- a/src/mint/taler-mint-httpd_refresh.c
+++ b/src/mint/taler-mint-httpd_refresh.c
@@ -57,7 +57,7 @@ handle_refresh_melt_binary (struct MHD_Connection *connection,
                             const struct TMH_DB_MeltDetails *coin_melt_details,
                             const struct GNUNET_HashCode *session_hash,
                             struct TALER_MINTDB_RefreshCommitCoin *const* commit_coin,
-                            struct TALER_MINTDB_RefreshCommitLinkP *const* commit_link)
+                            struct TALER_RefreshCommitLinkP *const* commit_link)
 {
   unsigned int i;
   struct TMH_KS_StateHandle *key_state;
@@ -324,7 +324,7 @@ free_commit_coins (struct TALER_MINTDB_RefreshCommitCoin **commit_coin,
  * @param num_old_coins size of 2nd dimension
  */
 static void
-free_commit_links (struct TALER_MINTDB_RefreshCommitLinkP **commit_link,
+free_commit_links (struct TALER_RefreshCommitLinkP **commit_link,
                    unsigned int kappa,
                    unsigned int num_old_coins)
 {
@@ -378,7 +378,7 @@ handle_refresh_melt_json (struct MHD_Connection *connection,
   struct GNUNET_HashCode session_hash;
   struct GNUNET_HashContext *hash_context;
   struct TALER_MINTDB_RefreshCommitCoin *commit_coin[TALER_CNC_KAPPA];
-  struct TALER_MINTDB_RefreshCommitLinkP *commit_link[TALER_CNC_KAPPA];
+  struct TALER_RefreshCommitLinkP *commit_link[TALER_CNC_KAPPA];
 
   /* For the signature check, we hash most of the inputs together
      (except for the signatures on the coins). */
@@ -532,10 +532,10 @@ handle_refresh_melt_json (struct MHD_Connection *connection,
   for (i = 0; i < TALER_CNC_KAPPA; i++)
   {
     commit_link[i] = GNUNET_malloc (num_oldcoins *
-                                    sizeof (struct TALER_MINTDB_RefreshCommitLinkP));
+                                    sizeof (struct TALER_RefreshCommitLinkP));
     for (j = 0; j < num_oldcoins; j++)
     {
-      struct TALER_MINTDB_RefreshCommitLinkP *rcl = &commit_link[i][j];
+      struct TALER_RefreshCommitLinkP *rcl = &commit_link[i][j];
 
       res = TMH_PARSE_navigate_json (connection,
                                      transfer_pubs,
@@ -582,7 +582,7 @@ handle_refresh_melt_json (struct MHD_Connection *connection,
 
       GNUNET_CRYPTO_hash_context_read (hash_context,
                                        rcl,
-                                       sizeof (struct TALER_MINTDB_RefreshCommitLinkP));
+                                       sizeof (struct TALER_RefreshCommitLinkP));
     }
 
   }
diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c
index 0e2f9070..9a6813f1 100644
--- a/src/mint/taler-mint-httpd_responses.c
+++ b/src/mint/taler-mint-httpd_responses.c
@@ -900,7 +900,7 @@ TMH_RESPONSE_reply_refresh_reveal_missmatch (struct MHD_Connection *connection,
     info_link_k = json_array ();
     for (i=0;i<mc->num_newcoins;i++)
     {
-      const struct TALER_MINTDB_RefreshCommitLinkP *cl;
+      const struct TALER_RefreshCommitLinkP *cl;
       json_t *cl_json;
 
       cl = &mc->commit_links[k][i];
diff --git a/src/mintdb/plugin_mintdb_postgres.c b/src/mintdb/plugin_mintdb_postgres.c
index 57455fcc..658d8dd9 100644
--- a/src/mintdb/plugin_mintdb_postgres.c
+++ b/src/mintdb/plugin_mintdb_postgres.c
@@ -2640,7 +2640,7 @@ postgres_insert_refresh_commit_links (void *cls,
                                       const struct GNUNET_HashCode *session_hash,
                                       uint16_t cnc_index,
                                       uint16_t num_links,
-                                      const struct TALER_MINTDB_RefreshCommitLinkP *links)
+                                      const struct TALER_RefreshCommitLinkP *links)
 {
   // FIXME: check logic! links is array!
   struct TALER_PQ_QueryParam params[] = {
@@ -2693,7 +2693,7 @@ postgres_get_refresh_commit_links (void *cls,
                                    const struct GNUNET_HashCode *session_hash,
                                    uint16_t cnc_index,
                                    uint16_t num_links,
-                                   struct TALER_MINTDB_RefreshCommitLinkP *links)
+                                   struct TALER_RefreshCommitLinkP *links)
 {
   // FIXME: check logic: was written for a single link!
   struct TALER_PQ_QueryParam params[] = {
@@ -2801,7 +2801,7 @@ postgres_get_melt_commitment (void *cls,
       goto cleanup;
     mc->commit_links[cnc_index]
       = GNUNET_malloc (mc->num_oldcoins *
-                       sizeof (struct TALER_MINTDB_RefreshCommitLinkP));
+                       sizeof (struct TALER_RefreshCommitLinkP));
     if (GNUNET_OK !=
         postgres_get_refresh_commit_links (cls,
                                            session,
-- 
cgit v1.2.3