From 7d9a40327587ed99fb20f4c4a5669069c7a51e48 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Fri, 20 Mar 2015 23:51:28 +0100 Subject: first stab at establishing proper plugin API, main HTTP code compiles, other binaries FTBFS right now --- src/mint/taler_mintdb_plugin.h | 1002 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1002 insertions(+) create mode 100644 src/mint/taler_mintdb_plugin.h (limited to 'src/mint/taler_mintdb_plugin.h') diff --git a/src/mint/taler_mintdb_plugin.h b/src/mint/taler_mintdb_plugin.h new file mode 100644 index 00000000..d330b817 --- /dev/null +++ b/src/mint/taler_mintdb_plugin.h @@ -0,0 +1,1002 @@ +/* + This file is part of TALER + Copyright (C) 2014, 2015 Christian Grothoff (and other contributing authors) + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, If not, see +*/ +/** + * @file mint/mint_db.h + * @brief Low-level (statement-level) database access for the mint + * @author Florian Dold + * @author Christian Grothoff + */ +#ifndef MINT_DB_H +#define MINT_DB_H + +#include +#include "taler_util.h" + + +/** + * Information we keep on bank transfer(s) that established a reserve. + */ +struct BankTransfer +{ + + /** + * Public key of the reserve that was filled. + */ + struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub; + + /** + * Amount that was transferred to the mint. + */ + struct TALER_Amount amount; + + /** + * Detailed wire information about the transaction. + */ + const json_t *wire; + +}; + + +/** + * A summary of a Reserve + */ +struct Reserve +{ + /** + * The reserve's public key. This uniquely identifies the reserve + */ + struct GNUNET_CRYPTO_EddsaPublicKey *pub; + + /** + * The balance amount existing in the reserve + */ + struct TALER_Amount balance; + + /** + * The expiration date of this reserve + */ + struct GNUNET_TIME_Absolute expiry; +}; + + +/** + * Information we keep for a withdrawn coin to reproduce + * the /withdraw operation if needed, and to have proof + * that a reserve was drained by this amount. + */ +struct CollectableBlindcoin +{ + + /** + * Our signature over the (blinded) coin. + */ + struct GNUNET_CRYPTO_rsa_Signature *sig; + + /** + * Denomination key (which coin was generated). + */ + struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub; + + /** + * Public key of the reserve that was drained. + */ + struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub; + + /** + * Hash over the blinded message, needed to verify + * the @e reserve_sig. + */ + struct GNUNET_HashCode h_coin_envelope; + + /** + * Signature confirming the withdrawl, matching @e reserve_pub, + * @e denom_pub and @e h_coin_envelope. + */ + struct GNUNET_CRYPTO_EddsaSignature reserve_sig; +}; + + + +/** + * Types of operations on a reserved. + */ +enum TALER_MINT_DB_ReserveOperation +{ + /** + * Money was deposited into the reserve via a bank transfer. + */ + TALER_MINT_DB_RO_BANK_TO_MINT = 0, + + /** + * A Coin was withdrawn from the reserve using /withdraw. + */ + TALER_MINT_DB_RO_WITHDRAW_COIN = 1 +}; + + +/** + * Reserve history as a linked list. Lists all of the transactions + * associated with this reserve (such as the bank transfers that + * established the reserve and all /withdraw operations we have done + * since). + */ +struct ReserveHistory +{ + + /** + * Next entry in the reserve history. + */ + struct ReserveHistory *next; + + /** + * Type of the event, determins @e details. + */ + enum TALER_MINT_DB_ReserveOperation type; + + /** + * Details of the operation, depending on @e type. + */ + union + { + + /** + * Details about a bank transfer to the mint. + */ + struct BankTransfer *bank; + + /** + * Details about a /withdraw operation. + */ + struct CollectableBlindcoin *withdraw; + + } details; + +}; + + +/** + * Specification for a /deposit operation. + */ +struct Deposit +{ + /** + * Information about the coin that is being deposited. + */ + struct TALER_CoinPublicInfo coin; + + /** + * ECDSA signature affirming that the customer intends + * this coin to be deposited at the merchant identified + * by @e h_wire in relation to the contract identified + * by @e h_contract. + */ + struct GNUNET_CRYPTO_EcdsaSignature csig; + + /** + * Public key of the merchant. Enables later identification + * of the merchant in case of a need to rollback transactions. + */ + struct GNUNET_CRYPTO_EddsaPublicKey merchant_pub; + + /** + * Hash over the contract between merchant and customer + * (remains unknown to the Mint). + */ + struct GNUNET_HashCode h_contract; + + /** + * Hash of the (canonical) representation of @e wire, used + * to check the signature on the request. Generated by + * the mint from the detailed wire data provided by the + * merchant. + */ + struct GNUNET_HashCode h_wire; + + /** + * Detailed wire information for executing the transaction. + */ + const json_t *wire; + + /** + * Merchant-generated transaction ID to detect duplicate + * transactions. + */ + uint64_t transaction_id; + + /** + * Fraction of the coin's remaining value to be deposited. + * The coin is identified by @e coin_pub. + */ + struct TALER_Amount amount; + +}; + + +/** + * Global information for a refreshing session. Includes + * dimensions of the operation, security parameters and + * client signatures from "/refresh/melt" and "/refresh/commit". + */ +struct RefreshSession +{ + /** + * Signature over the commitments by the client, + * only valid if @e has_commit_sig is set. + */ + struct GNUNET_CRYPTO_EddsaSignature commit_sig; + + /** + * Hash over coins to melt and coins to create of the + * refresh session. + */ + struct GNUNET_HashCode session_hash; + + /** + * Signature over the melt by the client. + */ + struct GNUNET_CRYPTO_EddsaSignature melt_sig; + + /** + * Number of coins we are melting. + */ + uint16_t num_oldcoins; + + /** + * Number of new coins we are creating. + */ + uint16_t num_newcoins; + + /** + * Number of parallel operations we perform for the cut and choose. + * (must be greater or equal to three for security). 0 if not yet + * known. + */ + uint16_t kappa; + + /** + * Index (smaller @e kappa) which the mint has chosen to not + * have revealed during cut and choose. + */ + uint16_t noreveal_index; + +}; + + +/** + * Specification for coin in a /refresh/melt operation. + */ +struct RefreshMelt +{ + /** + * Information about the coin that is being melted. + */ + struct TALER_CoinPublicInfo coin; + + /** + * Signature over the melting operation. + */ + struct GNUNET_CRYPTO_EcdsaSignature coin_sig; + + /** + * Which melting operation should the coin become a part of. + */ + struct GNUNET_HashCode melt_hash; + + /** + * How much value is being melted? + * This amount includes the fees, so the final amount contributed + * to the melt is this value minus the fee for melting the coin. + */ + struct TALER_Amount amount; + +}; + + +/** + * We have as many `struct RefreshCommitCoin` as there are new + * coins being created by the refresh (for each of the kappa + * sets). These are the coins we ask the mint to sign if the + * respective set is selected. + */ +struct RefreshCommitCoin +{ + + /** + * Encrypted data allowing those able to decrypt it to derive + * the private keys of the new coins created by the refresh. + */ + struct TALER_RefreshLinkEncrypted *refresh_link; + + /** + * Blinded message to be signed (in envelope), with @e coin_env_size bytes. + */ + char *coin_ev; + + /** + * Number of bytes in @e coin_ev. + */ + size_t coin_ev_size; + +}; + + +/** + * For each (old) coin being melted, we have a `struct + * RefreshCommitLink` that allows the user to find the shared secret + * to decrypt the respective refresh links for the new coins in the + * `struct RefreshCommitCoin`. + */ +struct RefreshCommitLink +{ + /** + * Transfer public key (FIXME: explain!) + */ + struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub; + + /** + * Encrypted shared secret to decrypt the link. + */ + struct TALER_EncryptedLinkSecret shared_secret_enc; +}; + + +/** + * Linked list of refresh information linked to a coin. + */ +struct LinkDataList +{ + /** + * Information is stored in a NULL-terminated linked list. + */ + struct LinkDataList *next; + + /** + * Link data, used to recover the private key of the coin + * by the owner of the old coin. + */ + struct TALER_RefreshLinkEncrypted *link_data_enc; + + /** + * Denomination public key, determines the value of the coin. + */ + struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub; + + /** + * Signature over the blinded envelope. + */ + struct GNUNET_CRYPTO_rsa_Signature *ev_sig; +}; + + +/** + * Specification for a /lock operation. + */ +struct Lock +{ + /** + * Information about the coin that is being melted. + */ + struct TALER_CoinPublicInfo coin; + + /** + * Signature over the melting operation. + */ + const struct GNUNET_CRYPTO_EcdsaSignature coin_sig; + + /** + * How much value is being melted? + */ + struct TALER_Amount amount; + + // FIXME: more needed... +}; + + +/** + * Enumeration to classify the different types of transactions + * that can be done with a coin. + */ +enum TALER_MINT_DB_TransactionType +{ + /** + * /deposit operation. + */ + TALER_MINT_DB_TT_DEPOSIT = 0, + + /** + * /refresh/melt operation. + */ + TALER_MINT_DB_TT_REFRESH_MELT = 1, + + /** + * /lock operation. + */ + TALER_MINT_DB_TT_LOCK = 2 +}; + + +/** + * List of transactions we performed for a particular coin. + */ +struct TALER_MINT_DB_TransactionList +{ + + /** + * Next pointer in the NULL-terminated linked list. + */ + struct TALER_MINT_DB_TransactionList *next; + + /** + * Type of the transaction, determines what is stored in @e details. + */ + enum TALER_MINT_DB_TransactionType type; + + /** + * Details about the transaction, depending on @e type. + */ + union + { + + /** + * Details if transaction was a /deposit operation. + */ + struct Deposit *deposit; + + /** + * Details if transaction was a /refresh/melt operation. + */ + struct RefreshMelt *melt; + + /** + * Details if transaction was a /lock operation. + */ + struct Lock *lock; + + } details; + +}; + + +/** + * Handle for a database session (per-thread, for transactions). + */ +struct TALER_MINTDB_Session; + + +/** + * The plugin API, returned from the plugin's "init" function. + * The argument given to "init" is simply a configuration handle. + */ +struct TALER_MINTDB_Plugin +{ + + /** + * Closure for all callbacks. + */ + void *cls; + + /** + * Get the thread-local database-handle. + * Connect to the db if the connection does not exist yet. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param temporary #GNUNET_YES to use a temporary schema; #GNUNET_NO to use the + * database default one + * @param the database connection, or NULL on error + */ + struct TALER_MINTDB_Session * + (*get_session) (void *cls, + int temporary); + + + /** + * Drop the temporary taler schema. This is only useful for testcases. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure + */ + int + (*drop_temporary) (void *cls, + struct TALER_MINTDB_Session *db); + + + /** + * Create the necessary tables if they are not present + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param temporary should we use a temporary schema + * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure + */ + int + (*create_tables) (void *cls, + int temporary); + + + /** + * Start a transaction. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn connection to use + * @return #GNUNET_OK on success + */ + int + (*start) (void *cls, + struct TALER_MINTDB_Session *db_conn); + + + /** + * Commit a transaction. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn connection to use + * @return #GNUNET_OK on success + */ + int + (*commit) (void *cls, + struct TALER_MINTDB_Session *db_conn); + + + /** + * Abort/rollback a transaction. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn connection to use + */ + void + (*rollback) (void *cls, + struct TALER_MINTDB_Session *db_conn); + + + /** + * Get the summary of a reserve. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db the database connection handle + * @param reserve the reserve data. The public key of the reserve should be set + * in this structure; it is used to query the database. The balance + * and expiration are then filled accordingly. + * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure + */ + int + (*reserve_get) (void *cls, + struct TALER_MINTDB_Session *db, + struct Reserve *reserve); + + /* FIXME: add functions to add bank transfers to our DB + (and to test if we already did add one) (#3633/#3717) */ + + + /** + * Insert a incoming transaction into reserves. New reserves are also created + * through this function. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db the database connection handle + * @param reserve the reserve structure. The public key of the reserve should + * be set here. Upon successful execution of this function, the + * balance and expiration of the reserve will be updated. + * @param balance the amount that has to be added to the reserve + * @param expiry the new expiration time for the reserve + * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failures + */ + int + (*reserves_in_insert) (void *cls, + struct TALER_MINTDB_Session *db, + struct Reserve *reserve, + const struct TALER_Amount *balance, + const struct GNUNET_TIME_Absolute expiry); + + + /** + * Locate the response for a /withdraw request under the + * key of the hash of the blinded message. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection to use + * @param h_blind hash of the blinded message + * @param collectable corresponding collectable coin (blind signature) + * if a coin is found + * @return #GNUNET_SYSERR on internal error + * #GNUNET_NO if the collectable was not found + * #GNUNET_YES on success + */ + int + (*get_collectable_blindcoin) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_HashCode *h_blind, + struct CollectableBlindcoin *collectable); + + + /** + * Store collectable bit coin under the corresponding + * hash of the blinded message. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection to use + * @param h_blind hash of the blinded message + * @param withdraw amount by which the reserve will be withdrawn with this + * transaction + * @param collectable corresponding collectable coin (blind signature) + * if a coin is found + * @return #GNUNET_SYSERR on internal error + * #GNUNET_NO if the collectable was not found + * #GNUNET_YES on success + */ + int + (*insert_collectable_blindcoin) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_HashCode *h_blind, + struct TALER_Amount withdraw, + const struct CollectableBlindcoin *collectable); + + + /** + * Get all of the transaction history associated with the specified + * reserve. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn connection to use + * @param reserve_pub public key of the reserve + * @return known transaction history (NULL if reserve is unknown) + */ + struct ReserveHistory * + (*get_reserve_history) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *reserve_pub); + + + /** + * Check if we have the specified deposit already in the database. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection + * @param deposit deposit to search for + * @return #GNUNET_YES if we know this operation, + * #GNUNET_NO if this deposit is unknown to us, + * #GNUNET_SYSERR on internal error + */ + int + (*have_deposit) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct Deposit *deposit); + + + /** + * Insert information about deposited coin into the + * database. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn connection to the database + * @param deposit deposit information to store + * @return #GNUNET_OK on success, #GNUNET_SYSERR on error + */ + int + (*insert_deposit) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct Deposit *deposit); + + + /** + * Lookup refresh session data under the given public key. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database handle to use + * @param refresh_session_pub public key to use for the lookup + * @param refresh_session[OUT] where to store the result + * @return #GNUNET_YES on success, + * #GNUNET_NO if not found, + * #GNUNET_SYSERR on DB failure + */ + int + (*get_refresh_session) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + struct RefreshSession *refresh_session); + + + /** + * Store new refresh session data under the given public key. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database handle to use + * @param refresh_session_pub public key to use to locate the session + * @param refresh_session session data to store + * @return #GNUNET_YES on success, + * #GNUNET_SYSERR on DB failure + */ + int + (*create_refresh_session) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + const struct RefreshSession *refresh_session); + + + + /** + * Store the given /refresh/melt request in the database. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection + * @param refresh_session session key of the melt operation + * @param oldcoin_index index of the coin to store + * @param melt coin melt operation details to store + * @return #GNUNET_OK on success + * #GNUNET_SYSERR on internal error + */ + int + (*insert_refresh_melt) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session, + uint16_t oldcoin_index, + const struct RefreshMelt *melt); + + + /** + * Get information about melted coin details from the database. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection + * @param refresh_session session key of the melt operation + * @param oldcoin_index index of the coin to retrieve + * @param melt melt data to fill in + * @return #GNUNET_OK on success + * #GNUNET_SYSERR on internal error + */ + int + (*get_refresh_melt) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session, + uint16_t oldcoin_index, + struct RefreshMelt *melt); + + + /** + * Store in the database which coin(s) we want to create + * in a given refresh operation. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection + * @param session_pub refresh session key + * @param newcoin_index index of the coin to generate + * @param denom_pub denomination of the coin to create + * @return #GNUNET_OK on success + * #GNUNET_SYSERR on internal error + */ + int + (*insert_refresh_order) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + uint16_t newcoin_index, + const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub); + + + /** + * Lookup in the database the @a newcoin_index coin that we want to + * create in the given refresh operation. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection + * @param session_pub refresh session key + * @param newcoin_index index of the coin to generate + * @param denom_pub denomination of the coin to create + * @return NULL on error (not found or internal error) + */ + struct GNUNET_CRYPTO_rsa_PublicKey * + (*get_refresh_order) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + uint16_t newcoin_index); + + + /** + * Store information about the commitment of the + * given coin for the given refresh session in the database. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection to use + * @param refresh_session_pub refresh session this commitment belongs to + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to refreshed (new) coins + * @param commit_coin coin commitment to store + * @return #GNUNET_OK on success + * #GNUNET_SYSERR on error + */ + int + (*insert_refresh_commit_coin) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + const struct RefreshCommitCoin *commit_coin); + + + /** + * Obtain information about the commitment of the + * given coin of the given refresh session from the database. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection to use + * @param refresh_session_pub refresh session the commitment belongs to + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to refreshed (new) coins + * @param commit_coin[OUT] coin commitment to return + * @return #GNUNET_OK on success + * #GNUNET_NO if not found + * #GNUNET_SYSERR on error + */ + int + (*get_refresh_commit_coin) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + struct RefreshCommitCoin *commit_coin); + + + /** + * Store the commitment to the given (encrypted) refresh link data + * for the given refresh session. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection to use + * @param refresh_session_pub public key of the refresh session this + * commitment belongs with + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to melted (old) coins + * @param commit_link link information to store + * @return #GNUNET_SYSERR on internal error, #GNUNET_OK on success + */ + int + (*insert_refresh_commit_link) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + const struct RefreshCommitLink *commit_link); + + /** + * Obtain the commited (encrypted) refresh link data + * for the given refresh session. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection to use + * @param refresh_session_pub public key of the refresh session this + * commitment belongs with + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to melted (old) coins + * @param cc[OUT] link information to return + * @return #GNUNET_SYSERR on internal error, + * #GNUNET_NO if commitment was not found + * #GNUNET_OK on success + */ + int + (*get_refresh_commit_link) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + struct RefreshCommitLink *cc); + + + /** + * Insert signature of a new coin generated during refresh into + * the database indexed by the refresh session and the index + * of the coin. This data is later used should an old coin + * be used to try to obtain the private keys during "/refresh/link". + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection + * @param session_pub refresh session + * @param newcoin_index coin index + * @param ev_sig coin signature + * @return #GNUNET_OK on success + */ + int + (*insert_refresh_collectable) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + uint16_t newcoin_index, + const struct GNUNET_CRYPTO_rsa_Signature *ev_sig); + + + /** + * Obtain the link data of a coin, that is the encrypted link + * information, the denomination keys and the signatures. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection + * @param coin_pub public key to use to retrieve linkage data + * @return all known link data for the coin + */ + struct LinkDataList * + (*get_link) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub); + + + /** + * Obtain shared secret and transfer public key from the public key of + * the coin. This information and the link information returned by + * #TALER_db_get_link() enable the owner of an old coin to determine + * the private keys of the new coins after the melt. + * + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection + * @param coin_pub public key of the coin + * @param transfer_pub[OUT] public transfer key + * @param shared_secret_enc[OUT] set to shared secret + * @return #GNUNET_OK on success, + * #GNUNET_NO on failure (not found) + * #GNUNET_SYSERR on internal failure (database issue) + */ + int + (*get_transfer) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub, + struct GNUNET_CRYPTO_EcdsaPublicKey *transfer_pub, + struct TALER_EncryptedLinkSecret *shared_secret_enc); + + + /** + * Test if the given /lock request is known to us. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection + * @param lock lock operation + * @return #GNUNET_YES if known, + * #GNUENT_NO if not, + * #GNUNET_SYSERR on internal error + */ + int + (*have_lock) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct Lock *lock); + + + /** + * Store the given /lock request in the database. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection + * @param lock lock operation + * @return #GNUNET_OK on success + * #GNUNET_SYSERR on internal error + */ + int + (*insert_lock) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct Lock *lock); + + + /** + * Compile a list of all (historic) transactions performed + * with the given coin (/refresh/melt and /deposit operations). + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param db_conn database connection + * @param coin_pub coin to investigate + * @return list of transactions, NULL if coin is fresh + */ + struct TALER_MINT_DB_TransactionList * + (*get_coin_transactions) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub); + +}; + + +#endif /* _NEURO_MINT_DB_H */ -- cgit v1.2.3 From 0d3ec509d7192e973123de1ab390826fff4df230 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sun, 22 Mar 2015 13:02:11 +0100 Subject: move free functions into plugin --- src/mint/Makefile.am | 2 ++ src/mint/plugin.c | 65 --------------------------------------- src/mint/plugin.h | 27 ---------------- src/mint/plugin_mintdb_postgres.c | 28 +++++++++++------ src/mint/taler-mint-httpd_db.c | 39 ++++++++++++++--------- src/mint/taler_mintdb_plugin.h | 40 ++++++++++++++++++++++-- 6 files changed, 82 insertions(+), 119 deletions(-) (limited to 'src/mint/taler_mintdb_plugin.h') diff --git a/src/mint/Makefile.am b/src/mint/Makefile.am index c4f99af6..1eba7d61 100644 --- a/src/mint/Makefile.am +++ b/src/mint/Makefile.am @@ -6,6 +6,8 @@ plugindir = $(libdir)/taler plugin_LTLIBRARIES = \ libtaler_plugin_mintdb_postgres.la +EXTRA_DIST = plugin_mintdb_common.c + libtaler_plugin_mintdb_postgres_la_SOURCES = \ plugin_mintdb_postgres.c libtaler_plugin_mintdb_postgres_la_LIBADD = \ diff --git a/src/mint/plugin.c b/src/mint/plugin.c index 67cabd81..4fb75f87 100644 --- a/src/mint/plugin.c +++ b/src/mint/plugin.c @@ -115,69 +115,4 @@ plugin_fini () } -// FIXME: decide if we should keep these in each plugin, here -// or yet again somewhere else entirely (plugin_common.c?) - -/** - * Free memory associated with the given reserve history. - * - * @param rh history to free. - */ -void -TALER_MINT_DB_free_reserve_history (struct ReserveHistory *rh) -{ - struct BankTransfer *bt; - struct CollectableBlindcoin *cbc; - struct ReserveHistory *backref; - - while (NULL != rh) - { - switch(rh->type) - { - case TALER_MINT_DB_RO_BANK_TO_MINT: - bt = rh->details.bank; - if (NULL != bt->wire) - json_decref ((json_t *) bt->wire); /* FIXME: avoid cast? */ - GNUNET_free (bt); - break; - case TALER_MINT_DB_RO_WITHDRAW_COIN: - cbc = rh->details.withdraw; - GNUNET_CRYPTO_rsa_signature_free (cbc->sig); - GNUNET_CRYPTO_rsa_public_key_free (cbc->denom_pub); - GNUNET_free (cbc); - break; - } - backref = rh; - rh = rh->next; - GNUNET_free (backref); - } -} - - -/** - * Free memory of the link data list. - * - * @param ldl link data list to release - */ -void -TALER_db_link_data_list_free (struct LinkDataList *ldl) -{ - GNUNET_break (0); // FIXME -} - - -/** - * Free linked list of transactions. - * - * @param list list to free - */ -void -TALER_MINT_DB_free_coin_transaction_list (struct TALER_MINT_DB_TransactionList *list) -{ - // FIXME: check logic! - GNUNET_break (0); -} - - - /* end of plugin.c */ diff --git a/src/mint/plugin.h b/src/mint/plugin.h index bb1f0ecb..0dfb866d 100644 --- a/src/mint/plugin.h +++ b/src/mint/plugin.h @@ -47,31 +47,4 @@ void TALER_MINT_plugin_unload (void); -/** - * Free memory associated with the given reserve history. - * - * @param rh history to free. - */ -void -TALER_MINT_DB_free_reserve_history (struct ReserveHistory *rh); - - -/** - * Free memory of the link data list. - * - * @param ldl link data list to release - */ -void -TALER_db_link_data_list_free (struct LinkDataList *ldl); - - -/** - * Free linked list of transactions. - * - * @param list list to free - */ -void -TALER_MINT_DB_free_coin_transaction_list (struct TALER_MINT_DB_TransactionList *list); - - #endif diff --git a/src/mint/plugin_mintdb_postgres.c b/src/mint/plugin_mintdb_postgres.c index c49ea139..adc85251 100644 --- a/src/mint/plugin_mintdb_postgres.c +++ b/src/mint/plugin_mintdb_postgres.c @@ -28,6 +28,7 @@ #include #include +#include "plugin_mintdb_common.c" #define TALER_TEMP_SCHEMA_NAME "taler_temporary" @@ -1313,7 +1314,8 @@ postgres_get_reserve_history (void *cls, PQclear (result); if (GNUNET_SYSERR == ret) { - TALER_MINT_DB_free_reserve_history (rh); + common_free_reserve_history (cls, + rh); rh = NULL; } return rh; @@ -2064,9 +2066,9 @@ postgres_insert_refresh_collectable (void *cls, * @return all known link data for the coin */ static struct LinkDataList * -postgres_get_link (void *cls, - struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub) +postgres_get_link_data_list (void *cls, + struct TALER_MINTDB_Session *session, + const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub) { // FIXME: check logic! struct LinkDataList *ldl; @@ -2116,7 +2118,8 @@ postgres_get_link (void *cls, { PQclear (result); GNUNET_break (0); - TALER_db_link_data_list_free (ldl); + common_free_link_data_list (cls, + ldl); return NULL; } if (ld_buf_size < sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)) @@ -2125,7 +2128,8 @@ postgres_get_link (void *cls, GNUNET_free (pk_buf); GNUNET_free (sig_buf); GNUNET_free (ld_buf); - TALER_db_link_data_list_free (ldl); + common_free_link_data_list (cls, + ldl); return NULL; } // FIXME: use util API for this! @@ -2154,7 +2158,8 @@ postgres_get_link (void *cls, GNUNET_free (link_enc); GNUNET_break (0); PQclear (result); - TALER_db_link_data_list_free (ldl); + common_free_link_data_list (cls, + ldl); return NULL; } pos = GNUNET_new (struct LinkDataList); @@ -2171,8 +2176,8 @@ postgres_get_link (void *cls, /** * Obtain shared secret and transfer public key from the public key of * the coin. This information and the link information returned by - * #TALER_db_get_link() enable the owner of an old coin to determine - * the private keys of the new coins after the melt. + * #postgres_get_link_data_list() enable the owner of an old coin to + * determine the private keys of the new coins after the melt. * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection @@ -2304,6 +2309,7 @@ libtaler_plugin_mintdb_postgres_init (void *cls) plugin->get_collectable_blindcoin = &postgres_get_collectable_blindcoin; plugin->insert_collectable_blindcoin = &postgres_insert_collectable_blindcoin; plugin->get_reserve_history = &postgres_get_reserve_history; + plugin->free_reserve_history = &common_free_reserve_history; plugin->have_deposit = &postgres_have_deposit; plugin->insert_deposit = &postgres_insert_deposit; plugin->get_refresh_session = &postgres_get_refresh_session; @@ -2317,11 +2323,13 @@ libtaler_plugin_mintdb_postgres_init (void *cls) plugin->insert_refresh_commit_link = &postgres_insert_refresh_commit_link; plugin->get_refresh_commit_link = &postgres_get_refresh_commit_link; plugin->insert_refresh_collectable = &postgres_insert_refresh_collectable; - plugin->get_link = &postgres_get_link; + plugin->get_link_data_list = &postgres_get_link_data_list; + plugin->free_link_data_list = &common_free_link_data_list; plugin->get_transfer = &postgres_get_transfer; // plugin->have_lock = &postgres_have_lock; // plugin->insert_lock = &postgres_insert_lock; plugin->get_coin_transactions = &postgres_get_coin_transactions; + plugin->free_coin_transaction_list = &common_free_coin_transaction_list; return plugin; } diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 292ef68f..35c6dfb9 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -106,7 +106,8 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection, &deposit->amount)) { GNUNET_break (0); - TALER_MINT_DB_free_coin_transaction_list (tl); + plugin->free_coin_transaction_list (plugin->cls, + tl); return TALER_MINT_reply_internal_db_error (connection); } @@ -125,7 +126,8 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection, &fee_deposit)) ) { GNUNET_break (0); - TALER_MINT_DB_free_coin_transaction_list (tl); + plugin->free_coin_transaction_list (plugin->cls, + tl); return TALER_MINT_reply_internal_db_error (connection); } break; @@ -140,7 +142,8 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection, &fee_refresh)) ) { GNUNET_break (0); - TALER_MINT_DB_free_coin_transaction_list (tl); + plugin->free_coin_transaction_list (plugin->cls, + tl); return TALER_MINT_reply_internal_db_error (connection); } break; @@ -163,10 +166,12 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection, session); ret = TALER_MINT_reply_deposit_insufficient_funds (connection, tl); - TALER_MINT_DB_free_coin_transaction_list (tl); + plugin->free_coin_transaction_list (plugin->cls, + tl); return ret; } - TALER_MINT_DB_free_coin_transaction_list (tl); + plugin->free_coin_transaction_list (plugin->cls, + tl); if (GNUNET_OK != plugin->insert_deposit (plugin->cls, @@ -228,7 +233,8 @@ TALER_MINT_db_execute_withdraw_status (struct MHD_Connection *connection, "error", "Reserve not found"); res = TALER_MINT_reply_withdraw_status_success (connection, rh); - TALER_MINT_DB_free_reserve_history (rh); + plugin->free_reserve_history (plugin->cls, + rh); return res; } @@ -414,10 +420,12 @@ TALER_MINT_db_execute_withdraw_sign (struct MHD_Connection *connection, session); res = TALER_MINT_reply_withdraw_sign_insufficient_funds (connection, rh); - TALER_MINT_DB_free_reserve_history (rh); + plugin->free_reserve_history (plugin->cls, + rh); return res; } - TALER_MINT_DB_free_reserve_history (rh); + plugin->free_reserve_history (plugin->cls, + rh); /* Balance is good, sign the coin! */ sig = GNUNET_CRYPTO_rsa_sign (dki->denom_priv, @@ -532,10 +540,12 @@ refresh_accept_melts (struct MHD_Connection *connection, coin_details->melt_amount, coin_residual)) ? GNUNET_NO : GNUNET_SYSERR; - TALER_MINT_DB_free_coin_transaction_list (tl); + plugin->free_coin_transaction_list (plugin->cls, + tl); return res; } - TALER_MINT_DB_free_coin_transaction_list (tl); + plugin->free_coin_transaction_list (plugin->cls, + tl); melt.coin = *coin_public_info; melt.coin_sig = coin_details->melt_sig; @@ -1242,9 +1252,9 @@ TALER_MINT_db_execute_refresh_link (struct MHD_Connection *connection, } GNUNET_assert (GNUNET_OK == res); - ldl = plugin->get_link (plugin->cls, - session, - coin_pub); + ldl = plugin->get_link_data_list (plugin->cls, + session, + coin_pub); if (NULL == ldl) { return TALER_MINT_reply_json_pack (connection, @@ -1257,7 +1267,8 @@ TALER_MINT_db_execute_refresh_link (struct MHD_Connection *connection, &transfer_pub, &shared_secret_enc, ldl); - TALER_db_link_data_list_free (ldl); + plugin->free_link_data_list (plugin->cls, + ldl); return res; } diff --git a/src/mint/taler_mintdb_plugin.h b/src/mint/taler_mintdb_plugin.h index d330b817..eabb00d9 100644 --- a/src/mint/taler_mintdb_plugin.h +++ b/src/mint/taler_mintdb_plugin.h @@ -658,6 +658,17 @@ struct TALER_MINTDB_Plugin const struct GNUNET_CRYPTO_EddsaPublicKey *reserve_pub); + /** + * Free memory associated with the given reserve history. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param rh history to free. + */ + void + (*free_reserve_history) (void *cls, + struct ReserveHistory *rh); + + /** * Check if we have the specified deposit already in the database. * @@ -922,9 +933,20 @@ struct TALER_MINTDB_Plugin * @return all known link data for the coin */ struct LinkDataList * - (*get_link) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub); + (*get_link_data_list) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub); + + + /** + * Free memory of the link data list. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param ldl link data list to release + */ + void + (*free_link_data_list) (void *cls, + struct LinkDataList *ldl); /** @@ -996,6 +1018,18 @@ struct TALER_MINTDB_Plugin struct TALER_MINTDB_Session *db_conn, const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub); + + /** + * Free linked list of transactions. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param list list to free + */ + void + (*free_coin_transaction_list) (void *cls, + struct TALER_MINT_DB_TransactionList *list); + + }; -- cgit v1.2.3 From 81e234e7239f37bface096b8ecd36bce346210c1 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sun, 22 Mar 2015 14:21:16 +0100 Subject: store and retrieve arrays from database where arrays are the unit of transaction, to reduce number of DB interactions --- src/mint/plugin_mintdb_postgres.c | 139 +++++++++++------------ src/mint/taler-mint-httpd_db.c | 224 +++++++++++++++++++------------------- src/mint/taler-mint-httpd_db.h | 1 - src/mint/taler_mintdb_plugin.h | 90 +++++++-------- 4 files changed, 233 insertions(+), 221 deletions(-) (limited to 'src/mint/taler_mintdb_plugin.h') diff --git a/src/mint/plugin_mintdb_postgres.c b/src/mint/plugin_mintdb_postgres.c index adc85251..16b13435 100644 --- a/src/mint/plugin_mintdb_postgres.c +++ b/src/mint/plugin_mintdb_postgres.c @@ -1637,8 +1637,8 @@ postgres_get_refresh_melt (void *cls, * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection * @param session_pub refresh session key - * @param newcoin_index index of the coin to generate - * @param denom_pub denomination of the coin to create + * @param num_newcoins number of coins to generate, size of the @a denom_pubs array + * @param denom_pubs array denominations of the coins to create * @return #GNUNET_OK on success * #GNUNET_SYSERR on internal error */ @@ -1646,16 +1646,16 @@ static int postgres_insert_refresh_order (void *cls, struct TALER_MINTDB_Session *session, const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, - uint16_t newcoin_index, - const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub) + uint16_t num_newcoins, + struct GNUNET_CRYPTO_rsa_PublicKey *const*denom_pubs) { - // FIXME: check logic - uint16_t newcoin_index_nbo = htons (newcoin_index); + // FIXME: check logic: was written for just one COIN! + uint16_t newcoin_index_nbo = htons (num_newcoins); char *buf; size_t buf_size; PGresult *result; - buf_size = GNUNET_CRYPTO_rsa_public_key_encode (denom_pub, + buf_size = GNUNET_CRYPTO_rsa_public_key_encode (*denom_pubs, &buf); { @@ -1687,27 +1687,28 @@ postgres_insert_refresh_order (void *cls, /** - * Lookup in the database the @a newcoin_index coin that we want to + * Lookup in the database the coins that we want to * create in the given refresh operation. * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection * @param session_pub refresh session key - * @param newcoin_index index of the coin to generate - * @param denom_pub denomination of the coin to create - * @return NULL on error (not found or internal error) + * @param newcoin_index array of the @a denom_pubs array + * @param denom_pubs where to store the deomination keys + * @return #GNUNET_OK on success + * #GNUNET_SYSERR on internal error */ -static struct GNUNET_CRYPTO_rsa_PublicKey * +static int postgres_get_refresh_order (void *cls, struct TALER_MINTDB_Session *session, const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, - uint16_t newcoin_index) + uint16_t num_newcoins, + struct GNUNET_CRYPTO_rsa_PublicKey **denom_pubs) { - // FIXME: check logic + // FIXME: check logic -- was written for just one coin! char *buf; size_t buf_size; - struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub; - uint16_t newcoin_index_nbo = htons (newcoin_index); + uint16_t newcoin_index_nbo = htons (num_newcoins); struct TALER_DB_QueryParam params[] = { TALER_DB_QUERY_PARAM_PTR(session_pub), @@ -1715,20 +1716,21 @@ postgres_get_refresh_order (void *cls, TALER_DB_QUERY_PARAM_END }; - PGresult *result = TALER_DB_exec_prepared (session->conn, "get_refresh_order", params); + PGresult *result = TALER_DB_exec_prepared (session->conn, + "get_refresh_order", params); if (PGRES_TUPLES_OK != PQresultStatus (result)) { BREAK_DB_ERR (result); PQclear (result); - return NULL; + return GNUNET_SYSERR; } if (0 == PQntuples (result)) { PQclear (result); /* FIXME: may want to distinguish between different error cases! */ - return NULL; + return GNUNET_SYSERR; } GNUNET_assert (1 == PQntuples (result)); struct TALER_DB_ResultSpec rs[] = { @@ -1739,12 +1741,12 @@ postgres_get_refresh_order (void *cls, { PQclear (result); GNUNET_break (0); - return NULL; + return GNUNET_SYSERR; } PQclear (result); - denom_pub = GNUNET_CRYPTO_rsa_public_key_decode (buf, buf_size); + denom_pubs[0] = GNUNET_CRYPTO_rsa_public_key_decode (buf, buf_size); GNUNET_free (buf); - return denom_pub; + return GNUNET_OK; } @@ -1757,34 +1759,36 @@ postgres_get_refresh_order (void *cls, * @param session database connection to use * @param refresh_session_pub refresh session this commitment belongs to * @param i set index (1st dimension) - * @param j coin index (2nd dimension), corresponds to refreshed (new) coins - * @param commit_coin coin commitment to store + * @param num_newcoins coin index size of the @a commit_coins array + * @param commit_coins array of coin commitments to store * @return #GNUNET_OK on success * #GNUNET_SYSERR on error */ static int -postgres_insert_refresh_commit_coin (void *cls, - struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - unsigned int i, - unsigned int j, - const struct RefreshCommitCoin *commit_coin) +postgres_insert_refresh_commit_coins (void *cls, + struct TALER_MINTDB_Session *session, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int num_newcoins, + const struct RefreshCommitCoin *commit_coins) { - // FIXME: check logic! + // FIXME: check logic! -- was written for single commit_coin! uint16_t cnc_index_nbo = htons (i); - uint16_t newcoin_index_nbo = htons (j); + uint16_t newcoin_index_nbo = htons (num_newcoins); struct TALER_DB_QueryParam params[] = { TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), - TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coin->coin_ev, commit_coin->coin_ev_size), + TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coins->coin_ev, commit_coins->coin_ev_size), TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo), - TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coin->refresh_link->coin_priv_enc, - commit_coin->refresh_link->blinding_key_enc_size + + TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coins->refresh_link->coin_priv_enc, + commit_coins->refresh_link->blinding_key_enc_size + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)), TALER_DB_QUERY_PARAM_END }; - PGresult *result = TALER_DB_exec_prepared (session->conn, "insert_refresh_commit_coin", params); + PGresult *result = TALER_DB_exec_prepared (session->conn, + "insert_refresh_commit_coin", + params); if (PGRES_COMMAND_OK != PQresultStatus (result)) { @@ -1819,12 +1823,12 @@ postgres_insert_refresh_commit_coin (void *cls, * #GNUNET_SYSERR on error */ static int -postgres_get_refresh_commit_coin (void *cls, - struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - unsigned int cnc_index, - unsigned int newcoin_index, - struct RefreshCommitCoin *cc) +postgres_get_refresh_commit_coins (void *cls, + struct TALER_MINTDB_Session *session, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int cnc_index, + unsigned int newcoin_index, + struct RefreshCommitCoin *cc) { // FIXME: check logic! uint16_t cnc_index_nbo = htons (cnc_index); @@ -1841,7 +1845,9 @@ postgres_get_refresh_commit_coin (void *cls, size_t rl_buf_size; struct TALER_RefreshLinkEncrypted *rl; - PGresult *result = TALER_DB_exec_prepared (session->conn, "get_refresh_commit_coin", params); + PGresult *result = TALER_DB_exec_prepared (session->conn, + "get_refresh_commit_coin", + params); if (PGRES_TUPLES_OK != PQresultStatus (result)) { @@ -1897,12 +1903,12 @@ postgres_get_refresh_commit_coin (void *cls, * @return #GNUNET_SYSERR on internal error, #GNUNET_OK on success */ static int -postgres_insert_refresh_commit_link (void *cls, - struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - unsigned int i, - unsigned int j, - const struct RefreshCommitLink *commit_link) +postgres_insert_refresh_commit_links (void *cls, + struct TALER_MINTDB_Session *session, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + const struct RefreshCommitLink *commit_link) { // FIXME: check logic! uint16_t cnc_index_nbo = htons (i); @@ -1946,23 +1952,23 @@ postgres_insert_refresh_commit_link (void *cls, * @param refresh_session_pub public key of the refresh session this * commitment belongs with * @param i set index (1st dimension) - * @param j coin index (2nd dimension), corresponds to melted (old) coins - * @param cc[OUT] link information to return + * @param num_links size of the @a commit_link array + * @param links[OUT] array of link information to return * @return #GNUNET_SYSERR on internal error, * #GNUNET_NO if commitment was not found * #GNUNET_OK on success */ static int -postgres_get_refresh_commit_link (void *cls, - struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - unsigned int cnc_index, - unsigned int oldcoin_index, - struct RefreshCommitLink *cc) +postgres_get_refresh_commit_links (void *cls, + struct TALER_MINTDB_Session *session, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int num_links, + struct RefreshCommitLink *links) { - // FIXME: check logic! - uint16_t cnc_index_nbo = htons (cnc_index); - uint16_t oldcoin_index_nbo = htons (oldcoin_index); + // FIXME: check logic: was written for a single link! + uint16_t cnc_index_nbo = htons (i); + uint16_t oldcoin_index_nbo = htons (num_links); struct TALER_DB_QueryParam params[] = { TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), @@ -1988,15 +1994,14 @@ postgres_get_refresh_commit_link (void *cls, } struct TALER_DB_ResultSpec rs[] = { - TALER_DB_RESULT_SPEC("transfer_pub", &cc->transfer_pub), - TALER_DB_RESULT_SPEC("link_secret_enc", &cc->shared_secret_enc), + TALER_DB_RESULT_SPEC("transfer_pub", &links->transfer_pub), + TALER_DB_RESULT_SPEC("link_secret_enc", &links->shared_secret_enc), TALER_DB_RESULT_SPEC_END }; if (GNUNET_YES != TALER_DB_extract_result (result, rs, 0)) { PQclear (result); - GNUNET_free (cc); return GNUNET_SYSERR; } @@ -2318,10 +2323,10 @@ libtaler_plugin_mintdb_postgres_init (void *cls) plugin->get_refresh_melt = &postgres_get_refresh_melt; plugin->insert_refresh_order = &postgres_insert_refresh_order; plugin->get_refresh_order = &postgres_get_refresh_order; - plugin->insert_refresh_commit_coin = &postgres_insert_refresh_commit_coin; - plugin->get_refresh_commit_coin = &postgres_get_refresh_commit_coin; - plugin->insert_refresh_commit_link = &postgres_insert_refresh_commit_link; - plugin->get_refresh_commit_link = &postgres_get_refresh_commit_link; + plugin->insert_refresh_commit_coins = &postgres_insert_refresh_commit_coins; + plugin->get_refresh_commit_coins = &postgres_get_refresh_commit_coins; + plugin->insert_refresh_commit_links = &postgres_insert_refresh_commit_links; + plugin->get_refresh_commit_links = &postgres_get_refresh_commit_links; plugin->insert_refresh_collectable = &postgres_insert_refresh_collectable; plugin->get_link_data_list = &postgres_get_link_data_list; plugin->free_link_data_list = &common_free_link_data_list; diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 35c6dfb9..a7a60328 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -609,7 +609,6 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, struct TALER_MINTDB_Session *session; int res; unsigned int i; - unsigned int j; if (NULL == (session = plugin->get_session (plugin->cls, GNUNET_NO))) @@ -667,55 +666,46 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, TALER_MINT_key_state_release (key_state); /* store requested new denominations */ - for (i=0;iinsert_refresh_order (plugin->cls, + session, + refresh_session_pub, + num_new_denoms, + denom_pubs)) { - if (GNUNET_OK != - plugin->insert_refresh_order (plugin->cls, - session, - refresh_session_pub, - i, - denom_pubs[i])) - { - plugin->rollback (plugin->cls, - session); - return TALER_MINT_reply_internal_db_error (connection); - } + plugin->rollback (plugin->cls, + session); + return TALER_MINT_reply_internal_db_error (connection); } for (i = 0; i < kappa; i++) { - for (j = 0; j < num_new_denoms; j++) + if (GNUNET_OK != + plugin->insert_refresh_commit_coins (plugin->cls, + session, + refresh_session_pub, + i, + num_new_denoms, + commit_coin[i])) { - if (GNUNET_OK != - plugin->insert_refresh_commit_coin (plugin->cls, - session, - refresh_session_pub, - i, - j, - &commit_coin[i][j])) - { - plugin->rollback (plugin->cls, - session); - return TALER_MINT_reply_internal_db_error (connection); - } + plugin->rollback (plugin->cls, + session); + return TALER_MINT_reply_internal_db_error (connection); } } for (i = 0; i < kappa; i++) { - for (j = 0; j < coin_count; j++) + if (GNUNET_OK != + plugin->insert_refresh_commit_links (plugin->cls, + session, + refresh_session_pub, + i, + coin_count, + commit_link[i])) { - if (GNUNET_OK != - plugin->insert_refresh_commit_link (plugin->cls, - session, - refresh_session_pub, - i, - j, - &commit_link[i][j])) - { - plugin->rollback (plugin->cls, - session); - return TALER_MINT_reply_internal_db_error (connection); - } + plugin->rollback (plugin->cls, + session); + return TALER_MINT_reply_internal_db_error (connection); } } @@ -783,44 +773,48 @@ check_commitment (struct MHD_Connection *connection, const struct GNUNET_CRYPTO_EcdsaPrivateKey *transfer_privs, const struct RefreshMelt *melts, unsigned int num_newcoins, - struct GNUNET_CRYPTO_rsa_PublicKey *const*denom_pubs) + struct GNUNET_CRYPTO_rsa_PublicKey **denom_pubs) { unsigned int j; - int res; struct TALER_LinkSecret last_shared_secret; int secret_initialized = GNUNET_NO; struct GNUNET_CRYPTO_EcdhePublicKey coin_ecdhe; struct GNUNET_CRYPTO_EcdhePrivateKey transfer_ecdhe; + struct RefreshCommitLink *commit_links; + struct RefreshCommitCoin *commit_coins; + + commit_links = GNUNET_malloc (num_oldcoins * + sizeof (struct RefreshCommitLink)); + if (GNUNET_OK != + plugin->get_refresh_commit_links (plugin->cls, + session, + refresh_session, + off, + num_oldcoins, + commit_links)) + { + GNUNET_break (0); + GNUNET_free (commit_links); + return (MHD_YES == TALER_MINT_reply_internal_db_error (connection)) + ? GNUNET_NO : GNUNET_SYSERR; + } for (j = 0; j < num_oldcoins; j++) { - struct RefreshCommitLink commit_link; struct TALER_TransferSecret transfer_secret; struct TALER_LinkSecret shared_secret; struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub_check; - res = plugin->get_refresh_commit_link (plugin->cls, - session, - refresh_session, - off, - j, - &commit_link); - if (GNUNET_OK != res) - { - GNUNET_break (0); - return (MHD_YES == TALER_MINT_reply_internal_db_error (connection)) - ? GNUNET_NO : GNUNET_SYSERR; - } - GNUNET_CRYPTO_ecdsa_key_get_public (&transfer_privs[j], &transfer_pub_check); if (0 != memcmp (&transfer_pub_check, - &commit_link.transfer_pub, + &commit_links[j].transfer_pub, sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "transfer keys do not match\n"); + GNUNET_free (commit_links); /* FIXME: return more specific error with original signature (#3712) */ return (MHD_YES == TALER_MINT_reply_refresh_reveal_missmatch (connection, @@ -843,17 +837,19 @@ check_commitment (struct MHD_Connection *connection, { GNUNET_break (0); GNUNET_CRYPTO_ecdhe_key_clear (&transfer_ecdhe); + GNUNET_free (commit_links); return (MHD_YES == TALER_MINT_reply_internal_error (connection, "ECDH error")) ? GNUNET_NO : GNUNET_SYSERR; } GNUNET_CRYPTO_ecdhe_key_clear (&transfer_ecdhe); if (GNUNET_OK != - TALER_transfer_decrypt (&commit_link.shared_secret_enc, + TALER_transfer_decrypt (&commit_links[j].shared_secret_enc, &transfer_secret, &shared_secret)) { GNUNET_break (0); + GNUNET_free (commit_links); return (MHD_YES == TALER_MINT_reply_internal_error (connection, "Decryption error")) @@ -871,6 +867,7 @@ check_commitment (struct MHD_Connection *connection, { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "shared secrets do not match\n"); + GNUNET_free (commit_links); /* FIXME: return more specific error with original signature (#3712) */ return (MHD_YES == TALER_MINT_reply_refresh_reveal_missmatch (connection, @@ -881,36 +878,40 @@ check_commitment (struct MHD_Connection *connection, } } GNUNET_break (GNUNET_YES == secret_initialized); - + GNUNET_free (commit_links); /* Check that the commitments for all new coins were correct */ + commit_coins = GNUNET_malloc (num_newcoins * + sizeof (struct RefreshCommitCoin)); + + if (GNUNET_OK != + plugin->get_refresh_commit_coins (plugin->cls, + session, + refresh_session, + off, + num_newcoins, + commit_coins)) + { + GNUNET_break (0); + GNUNET_free (commit_coins); + return (MHD_YES == TALER_MINT_reply_internal_db_error (connection)) + ? GNUNET_NO : GNUNET_SYSERR; + } + for (j = 0; j < num_newcoins; j++) { - struct RefreshCommitCoin commit_coin; struct TALER_RefreshLinkDecrypted *link_data; struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub; struct GNUNET_HashCode h_msg; char *buf; size_t buf_len; - res = plugin->get_refresh_commit_coin (plugin->cls, - session, - refresh_session, - off, - j, - &commit_coin); - if (GNUNET_OK != res) - { - GNUNET_break (0); - return (MHD_YES == TALER_MINT_reply_internal_db_error (connection)) - ? GNUNET_NO : GNUNET_SYSERR; - } - - link_data = TALER_refresh_decrypt (commit_coin.refresh_link, + link_data = TALER_refresh_decrypt (commit_coins[j].refresh_link, &last_shared_secret); if (NULL == link_data) { GNUNET_break (0); + GNUNET_free (commit_coins); return (MHD_YES == TALER_MINT_reply_internal_error (connection, "Decryption error")) ? GNUNET_NO : GNUNET_SYSERR; @@ -932,14 +933,15 @@ check_commitment (struct MHD_Connection *connection, { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "blind failed\n"); + GNUNET_free (commit_coins); return (MHD_YES == TALER_MINT_reply_internal_error (connection, "Blinding error")) ? GNUNET_NO : GNUNET_SYSERR; } - if ( (buf_len != commit_coin.coin_ev_size) || + if ( (buf_len != commit_coins[j].coin_ev_size) || (0 != memcmp (buf, - commit_coin.coin_ev, + commit_coins[j].coin_ev, buf_len)) ) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, @@ -947,6 +949,7 @@ check_commitment (struct MHD_Connection *connection, off, (int) j); /* FIXME: return more specific error with original signature (#3712) */ + GNUNET_free (commit_coins); return (MHD_YES == TALER_MINT_reply_refresh_reveal_missmatch (connection, off, @@ -956,6 +959,7 @@ check_commitment (struct MHD_Connection *connection, } GNUNET_free (buf); } + GNUNET_free (commit_coins); return GNUNET_OK; } @@ -970,8 +974,7 @@ check_commitment (struct MHD_Connection *connection, * @param refresh_session session to query * @param key_state key state to lookup denomination pubs * @param denom_pub denomination key for the coin to create - * @param noreveal_index which index should we use to obtain the - * envelope for the coin, based on cut-and-choose + * @param commit_coin the coin that was committed * @param coin_off number of the coin * @return NULL on error, otherwise signature over the coin */ @@ -981,25 +984,12 @@ refresh_mint_coin (struct MHD_Connection *connection, const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session, struct MintKeyState *key_state, const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub, - unsigned int noreveal_index, + const struct RefreshCommitCoin *commit_coin, unsigned int coin_off) { - struct RefreshCommitCoin commit_coin; struct TALER_MINT_DenomKeyIssuePriv *dki; struct GNUNET_CRYPTO_rsa_Signature *ev_sig; - int res; - res = plugin->get_refresh_commit_coin (plugin->cls, - session, - refresh_session, - noreveal_index, - coin_off, - &commit_coin); - if (GNUNET_OK != res) - { - GNUNET_break (0); - return NULL; - } dki = TALER_MINT_get_denom_key (key_state, denom_pub); if (NULL == dki) { @@ -1007,8 +997,8 @@ refresh_mint_coin (struct MHD_Connection *connection, return NULL; } ev_sig = GNUNET_CRYPTO_rsa_sign (dki->denom_priv, - commit_coin.coin_ev, - commit_coin.coin_ev_size); + commit_coin->coin_ev, + commit_coin->coin_ev_size); if (NULL == ev_sig) { GNUNET_break (0); @@ -1057,6 +1047,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, struct RefreshMelt *melts; struct GNUNET_CRYPTO_rsa_PublicKey **denom_pubs; struct GNUNET_CRYPTO_rsa_Signature **ev_sigs; + struct RefreshCommitCoin *commit_coins; unsigned int i; unsigned int j; unsigned int off; @@ -1101,22 +1092,18 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, } denom_pubs = GNUNET_malloc (refresh_session.num_newcoins * sizeof (struct GNUNET_CRYPTO_rsa_PublicKey *)); - for (j=0;jget_refresh_order (plugin->cls, + session, + refresh_session_pub, + refresh_session.num_newcoins, + denom_pubs)) { - denom_pubs[j] = plugin->get_refresh_order (plugin->cls, - session, - refresh_session_pub, - j); - if (NULL == denom_pubs[j]) - { - GNUNET_break (0); - for (i=0;iget_refresh_commit_coins (plugin->cls, + session, + refresh_session_pub, + refresh_session.noreveal_index, + refresh_session.num_newcoins, + commit_coins)) + { + GNUNET_break (0); + GNUNET_free (commit_coins); + for (j=0;jcommit (plugin->cls, diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h index dbfecccd..aefbfc42 100644 --- a/src/mint/taler-mint-httpd_db.h +++ b/src/mint/taler-mint-httpd_db.h @@ -126,7 +126,6 @@ struct MeltDetails * future) * @return MHD result code */ -// FIXME: see #3635. int TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, const struct GNUNET_HashCode *melt_hash, diff --git a/src/mint/taler_mintdb_plugin.h b/src/mint/taler_mintdb_plugin.h index eabb00d9..bc5cd69a 100644 --- a/src/mint/taler_mintdb_plugin.h +++ b/src/mint/taler_mintdb_plugin.h @@ -781,8 +781,8 @@ struct TALER_MINTDB_Plugin * @param cls the @e cls of this struct with the plugin-specific state * @param db_conn database connection * @param session_pub refresh session key - * @param newcoin_index index of the coin to generate - * @param denom_pub denomination of the coin to create + * @param num_newcoins number of coins to generate, size of the @a denom_pubs array + * @param denom_pubs array denominations of the coins to create * @return #GNUNET_OK on success * #GNUNET_SYSERR on internal error */ @@ -790,48 +790,50 @@ struct TALER_MINTDB_Plugin (*insert_refresh_order) (void *cls, struct TALER_MINTDB_Session *db_conn, const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, - uint16_t newcoin_index, - const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub); + uint16_t num_newcoins, + struct GNUNET_CRYPTO_rsa_PublicKey *const*denom_pubs); /** - * Lookup in the database the @a newcoin_index coin that we want to + * Lookup in the database for the @a num_newcoins coins that we want to * create in the given refresh operation. * * @param cls the @e cls of this struct with the plugin-specific state * @param db_conn database connection * @param session_pub refresh session key - * @param newcoin_index index of the coin to generate - * @param denom_pub denomination of the coin to create - * @return NULL on error (not found or internal error) + * @param num_newcoins size of the @a denom_pubs array + * @param denom_pubs[OUT] where to write @a num_newcoins denomination keys + * @return #GNUNET_OK on success + * #GNUNET_SYSERR on internal error */ - struct GNUNET_CRYPTO_rsa_PublicKey * + int (*get_refresh_order) (void *cls, struct TALER_MINTDB_Session *db_conn, const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, - uint16_t newcoin_index); + uint16_t num_newcoins, + struct GNUNET_CRYPTO_rsa_PublicKey **denom_pubs); /** - * Store information about the commitment of the - * given coin for the given refresh session in the database. + * Store information about the commitments of the given index @a i + * for the given refresh session in the database. * * @param cls the @e cls of this struct with the plugin-specific state * @param db_conn database connection to use * @param refresh_session_pub refresh session this commitment belongs to - * @param i set index (1st dimension) - * @param j coin index (2nd dimension), corresponds to refreshed (new) coins - * @param commit_coin coin commitment to store + * @param i set index (1st dimension), relating to kappa + * @param num_newcoins coin index size of the @a commit_coins array + * @param commit_coin array of coin commitments to store * @return #GNUNET_OK on success * #GNUNET_SYSERR on error */ int - (*insert_refresh_commit_coin) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - unsigned int i, - unsigned int j, - const struct RefreshCommitCoin *commit_coin); + (*insert_refresh_commit_coins) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int num_newcoins, + const struct RefreshCommitCoin *commit_coins); /** @@ -849,12 +851,12 @@ struct TALER_MINTDB_Plugin * #GNUNET_SYSERR on error */ int - (*get_refresh_commit_coin) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - unsigned int i, - unsigned int j, - struct RefreshCommitCoin *commit_coin); + (*get_refresh_commit_coins) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + struct RefreshCommitCoin *commit_coin); /** @@ -865,18 +867,18 @@ struct TALER_MINTDB_Plugin * @param db_conn database connection to use * @param refresh_session_pub public key of the refresh session this * commitment belongs with - * @param i set index (1st dimension) - * @param j coin index (2nd dimension), corresponds to melted (old) coins - * @param commit_link link information to store + * @param i set index (1st dimension), relating to kappa + * @param num_links size of the @a commit_link array + * @param commit_links array of link information to store * @return #GNUNET_SYSERR on internal error, #GNUNET_OK on success */ int - (*insert_refresh_commit_link) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - unsigned int i, - unsigned int j, - const struct RefreshCommitLink *commit_link); + (*insert_refresh_commit_links) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int num_links, + const struct RefreshCommitLink *commit_links); /** * Obtain the commited (encrypted) refresh link data @@ -887,19 +889,19 @@ struct TALER_MINTDB_Plugin * @param refresh_session_pub public key of the refresh session this * commitment belongs with * @param i set index (1st dimension) - * @param j coin index (2nd dimension), corresponds to melted (old) coins - * @param cc[OUT] link information to return + * @param num_links size of the @links array to return + * @param links[OUT] array link information to return * @return #GNUNET_SYSERR on internal error, * #GNUNET_NO if commitment was not found * #GNUNET_OK on success */ int - (*get_refresh_commit_link) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - unsigned int i, - unsigned int j, - struct RefreshCommitLink *cc); + (*get_refresh_commit_links) (void *cls, + struct TALER_MINTDB_Session *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + struct RefreshCommitLink *links); /** -- cgit v1.2.3 From 1277f8445d0497107c5bd41b35007480d6a4472a Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sun, 22 Mar 2015 16:09:01 +0100 Subject: include fees in amounts being signed, check available balance on refresh --- src/include/taler_signatures.h | 44 +++++++-- src/mint/plugin_mintdb_postgres.c | 2 +- src/mint/taler-mint-httpd_db.c | 178 +++++++++++++++++++++------------- src/mint/taler-mint-httpd_db.h | 2 +- src/mint/taler-mint-httpd_deposit.c | 6 +- src/mint/taler-mint-httpd_refresh.c | 10 +- src/mint/taler-mint-httpd_responses.c | 14 +-- src/mint/taler_mintdb_plugin.h | 28 +++--- src/mint/test_mint_db.c | 2 +- src/mint/test_mint_deposits.c | 8 +- 10 files changed, 183 insertions(+), 111 deletions(-) (limited to 'src/mint/taler_mintdb_plugin.h') diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index b9163932..4566764d 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -131,6 +131,15 @@ struct TALER_WithdrawRequest */ struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub; + /** + * Value of the coin being minted (matching the denomination key) + * plus the transaction fee. We include this in what is being + * signed so that we can verify a reserve's remaining total balance + * without needing to access the respective denomination key + * information each time. + */ + struct TALER_AmountNBO amount_with_fee; + /** * Hash of the denomination public key for the coin that is withdrawn. */ @@ -171,9 +180,11 @@ struct TALER_DepositRequest uint64_t transaction_id GNUNET_PACKED; /** - * Amount to be deposited. + * Amount to be deposited, including fee. */ - struct TALER_AmountNBO amount; + struct TALER_AmountNBO amount_with_fee; + /* FIXME: we should probably also include the value of + the depositing fee here as well! */ /** * The coin's public key. @@ -211,9 +222,12 @@ struct TALER_DepositConfirmation uint64_t transaction_id GNUNET_PACKED; /** - * Amount to be deposited. + * Amount to be deposited, including fee. */ - struct TALER_AmountNBO amount; + struct TALER_AmountNBO amount_with_fee; + + /* FIXME: we should probably also include the value of + the depositing fee here as well! */ /** * The coin's public key. @@ -245,11 +259,17 @@ struct RefreshMeltCoinSignature struct GNUNET_HashCode melt_hash; /** - * How much of the value of the coin should be melted? - * This amount includes the fees, so the final amount contributed - * to the melt is this value minus the fee for melting the coin. + * How much of the value of the coin should be melted? This amount + * includes the fees, so the final amount contributed to the melt is + * this value minus the fee for melting the coin. We include the + * fee in what is being signed so that we can verify a reserve's + * remaining total balance without needing to access the respective + * denomination key information each time. */ - struct TALER_AmountNBO amount; + struct TALER_AmountNBO amount_with_fee; + + /* FIXME: we should probably also include the value of + the melting fee here as well! */ /** * The coin's public key. @@ -282,9 +302,13 @@ struct RefreshMeltSessionSignature /** * What is the total value of the coins created during the - * refresh, excluding fees? + * refresh, including melting fee! */ - struct TALER_AmountNBO amount; + struct TALER_AmountNBO amount_with_fee; + + /* FIXME: we should probably also include the value of + the melting fee here as well! */ + }; diff --git a/src/mint/plugin_mintdb_postgres.c b/src/mint/plugin_mintdb_postgres.c index 16b13435..1d7a965c 100644 --- a/src/mint/plugin_mintdb_postgres.c +++ b/src/mint/plugin_mintdb_postgres.c @@ -1401,7 +1401,7 @@ postgres_insert_deposit (void *cls, &denom_sig_enc); json_wire_enc = json_dumps (deposit->wire, JSON_COMPACT); TALER_amount_hton (&amount_nbo, - &deposit->amount); + &deposit->amount_with_fee); struct TALER_DB_QueryParam params[]= { TALER_DB_QUERY_PARAM_PTR (&deposit->coin.coin_pub), TALER_DB_QUERY_PARAM_PTR_SIZED (denom_pub_enc, denom_pub_enc_size), diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index d347126d..b3e239c8 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -34,6 +34,64 @@ #include "plugin.h" +/** + * Calculate the total value of all transactions performed. + * Stores @a off plus the cost of all transactions in @a tl + * in @a ret. + * + * @param pos transaction list to process + * @param off offset to use as the starting value + * @param ret where the resulting total is to be stored + * @return #GNUNET_OK on success, #GNUNET_SYSERR on errors + */ +static int +calculate_transaction_list_totals (struct TALER_MINT_DB_TransactionList *tl, + const struct TALER_Amount *off, + struct TALER_Amount *ret) +{ + struct TALER_Amount spent = *off; + struct TALER_MINT_DB_TransactionList *pos; + + for (pos = tl; NULL != pos; pos = pos->next) + { + switch (pos->type) + { + case TALER_MINT_DB_TT_DEPOSIT: + if (GNUNET_OK != + TALER_amount_add (&spent, + &spent, + &pos->details.deposit->amount_with_fee)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + break; + case TALER_MINT_DB_TT_REFRESH_MELT: + if (GNUNET_OK != + TALER_amount_add (&spent, + &spent, + &pos->details.melt->amount_with_fee)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + break; + case TALER_MINT_DB_TT_LOCK: + /* should check if lock is still active, + and if it is for THIS operation; if + lock is inactive, delete it; if lock + is for THIS operation, ignore it; + if lock is for another operation, + count it! */ + GNUNET_assert (0); // FIXME: not implemented! (#3625) + return GNUNET_SYSERR; + } + } + *ret = spent; + return GNUNET_OK; +} + + /** * Execute a deposit. The validity of the coin and signature * have already been checked. The database must now check that @@ -50,11 +108,9 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection, { struct TALER_MINTDB_Session *session; struct TALER_MINT_DB_TransactionList *tl; - struct TALER_MINT_DB_TransactionList *pos; struct TALER_Amount spent; struct TALER_Amount value; struct TALER_Amount fee_deposit; - struct TALER_Amount fee_refresh; struct MintKeyState *mks; struct TALER_MINT_DenomKeyIssuePriv *dki; int ret; @@ -76,7 +132,7 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection, &deposit->h_contract, deposit->transaction_id, &deposit->merchant_pub, - &deposit->amount); + &deposit->amount_with_fee); } mks = TALER_MINT_key_state_acquire (); dki = TALER_MINT_get_denom_key (mks, @@ -85,8 +141,6 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection, &dki->issue.value); TALER_amount_ntoh (&fee_deposit, &dki->issue.fee_deposit); - TALER_amount_ntoh (&fee_refresh, - &dki->issue.fee_refresh); TALER_MINT_key_state_release (mks); if (GNUNET_OK != @@ -96,69 +150,29 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection, GNUNET_break (0); return TALER_MINT_reply_internal_db_error (connection); } + /* fee for THIS transaction */ + spent = deposit->amount_with_fee; + if (TALER_amount_cmp (&fee_deposit, + &spent) < 0) + { + return (MHD_YES == + TALER_MINT_reply_external_error (connection, + "deposited amount smaller than depositing fee")) + ? GNUNET_NO : GNUNET_SYSERR; + } + /* add cost of all previous transactions */ tl = plugin->get_coin_transactions (plugin->cls, session, &deposit->coin.coin_pub); - spent = fee_deposit; /* fee for THIS transaction */ if (GNUNET_OK != - TALER_amount_add (&spent, - &spent, - &deposit->amount)) + calculate_transaction_list_totals (tl, + &spent, + &spent)) { - GNUNET_break (0); plugin->free_coin_transaction_list (plugin->cls, tl); return TALER_MINT_reply_internal_db_error (connection); } - - for (pos = tl; NULL != pos; pos = pos->next) - { - switch (pos->type) - { - case TALER_MINT_DB_TT_DEPOSIT: - if ( (GNUNET_OK != - TALER_amount_add (&spent, - &spent, - &pos->details.deposit->amount)) || - (GNUNET_OK != - TALER_amount_add (&spent, - &spent, - &fee_deposit)) ) - { - GNUNET_break (0); - plugin->free_coin_transaction_list (plugin->cls, - tl); - return TALER_MINT_reply_internal_db_error (connection); - } - break; - case TALER_MINT_DB_TT_REFRESH_MELT: - if ( (GNUNET_OK != - TALER_amount_add (&spent, - &spent, - &pos->details.melt->amount)) || - (GNUNET_OK != - TALER_amount_add (&spent, - &spent, - &fee_refresh)) ) - { - GNUNET_break (0); - plugin->free_coin_transaction_list (plugin->cls, - tl); - return TALER_MINT_reply_internal_db_error (connection); - } - break; - case TALER_MINT_DB_TT_LOCK: - /* should check if lock is still active, - and if it is for THIS operation; if - lock is inactive, delete it; if lock - is for THIS operation, ignore it; - if lock is for another operation, - count it! */ - GNUNET_assert (0); // FIXME: not implemented! (#3625) - break; - } - } - if (0 < TALER_amount_cmp (&spent, &value)) { @@ -197,7 +211,7 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection, &deposit->h_contract, deposit->transaction_id, &deposit->merchant_pub, - &deposit->amount); + &deposit->amount_with_fee); } @@ -501,8 +515,11 @@ refresh_accept_melts (struct MHD_Connection *connection, { struct TALER_MINT_DenomKeyIssue *dki; struct TALER_MINT_DB_TransactionList *tl; + struct TALER_Amount fee_deposit; + struct TALER_Amount fee_refresh; struct TALER_Amount coin_value; struct TALER_Amount coin_residual; + struct TALER_Amount spent; struct RefreshMelt melt; int res; @@ -518,26 +535,51 @@ refresh_accept_melts (struct MHD_Connection *connection, "denom not found")) ? GNUNET_NO : GNUNET_SYSERR; + TALER_amount_ntoh (&fee_deposit, + &dki->fee_deposit); + TALER_amount_ntoh (&fee_refresh, + &dki->fee_refresh); TALER_amount_ntoh (&coin_value, &dki->value); + /* fee for THIS transaction; the melt amount includes the fee! */ + spent = coin_details->melt_amount_with_fee; + if (TALER_amount_cmp (&fee_refresh, + &spent) < 0) + { + return (MHD_YES == + TALER_MINT_reply_external_error (connection, + "melt amount smaller than melting fee")) + ? GNUNET_NO : GNUNET_SYSERR; + } + /* add historic transaction costs of this coin */ tl = plugin->get_coin_transactions (plugin->cls, session, &coin_public_info->coin_pub); - /* FIXME: #3636: compute how much value is left with this coin and - compare to `expected_value`! (subtract from "coin_value") */ - coin_residual = coin_value; + if (GNUNET_OK != + calculate_transaction_list_totals (tl, + &spent, + &spent)) + { + GNUNET_break (0); + plugin->free_coin_transaction_list (plugin->cls, + tl); + return TALER_MINT_reply_internal_db_error (connection); + } /* Refuse to refresh when the coin does not have enough money left to * pay the refreshing fees of the coin. */ - - if (TALER_amount_cmp (&coin_residual, - &coin_details->melt_amount) < 0) + if (TALER_amount_cmp (&coin_value, + &spent) < 0) { + GNUNET_assert (GNUNET_OK == + TALER_amount_subtract (&coin_residual, + &spent, + &coin_details->melt_amount_with_fee)); res = (MHD_YES == TALER_MINT_reply_refresh_melt_insufficient_funds (connection, &coin_public_info->coin_pub, coin_value, tl, - coin_details->melt_amount, + coin_details->melt_amount_with_fee, coin_residual)) ? GNUNET_NO : GNUNET_SYSERR; plugin->free_coin_transaction_list (plugin->cls, @@ -550,7 +592,7 @@ refresh_accept_melts (struct MHD_Connection *connection, melt.coin = *coin_public_info; melt.coin_sig = coin_details->melt_sig; melt.melt_hash = *melt_hash; - melt.amount = coin_details->melt_amount; + melt.amount_with_fee = coin_details->melt_amount_with_fee; if (GNUNET_OK != plugin->insert_refresh_melt (plugin->cls, session, diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h index aefbfc42..52e86f89 100644 --- a/src/mint/taler-mint-httpd_db.h +++ b/src/mint/taler-mint-httpd_db.h @@ -95,7 +95,7 @@ struct MeltDetails * This amount includes the fees, so the final amount contributed * to the melt is this value minus the fee for melting the coin. */ - struct TALER_Amount melt_amount; + struct TALER_Amount melt_amount_with_fee; }; diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c index e411e0d8..647cd824 100644 --- a/src/mint/taler-mint-httpd_deposit.c +++ b/src/mint/taler-mint-httpd_deposit.c @@ -65,8 +65,8 @@ verify_and_execute_deposit (struct MHD_Connection *connection, dr.h_contract = deposit->h_contract; dr.h_wire = deposit->h_wire; dr.transaction_id = GNUNET_htonll (deposit->transaction_id); - TALER_amount_hton (&dr.amount, - &deposit->amount); + TALER_amount_hton (&dr.amount_with_fee, + &deposit->amount_with_fee); dr.coin_pub = deposit->coin.coin_pub; if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_DEPOSIT, @@ -167,7 +167,7 @@ parse_and_handle_deposit_request (struct MHD_Connection *connection, GNUNET_free (wire_enc); deposit.wire = wire; - deposit.amount = *amount; + deposit.amount_with_fee = *amount; res = verify_and_execute_deposit (connection, &deposit); TALER_MINT_release_parsed_data (spec); diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c index d4979288..602fc67f 100644 --- a/src/mint/taler-mint-httpd_refresh.c +++ b/src/mint/taler-mint-httpd_refresh.c @@ -109,8 +109,8 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, body.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_MELT_SESSION); body.purpose.size = htonl (sizeof (struct RefreshMeltSessionSignature)); body.melt_hash = melt_hash; - TALER_amount_hton (&body.amount, - &coin_melt_details->melt_amount); + TALER_amount_hton (&body.amount_with_fee, + &coin_melt_details->melt_amount_with_fee); if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_REFRESH_MELT_SESSION, &body.purpose, @@ -252,7 +252,7 @@ get_coin_public_info (struct MHD_Connection *connection, ? GNUNET_NO : GNUNET_SYSERR; } r_melt_detail->melt_sig = melt_sig; - r_melt_detail->melt_amount = amount; + r_melt_detail->melt_amount_with_fee = amount; TALER_MINT_release_parsed_data (spec); return GNUNET_OK; } @@ -288,8 +288,8 @@ verify_coin_public_info (struct MHD_Connection *connection, body.purpose.size = htonl (sizeof (struct RefreshMeltCoinSignature)); body.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_MELT_COIN); body.melt_hash = *melt_hash; - TALER_amount_hton (&body.amount, - &r_melt_detail->melt_amount); + TALER_amount_hton (&body.amount_with_fee, + &r_melt_detail->melt_amount_with_fee); body.coin_pub = r_public_info->coin_pub; if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_REFRESH_MELT_COIN, diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c index a4b44215..681b2b92 100644 --- a/src/mint/taler-mint-httpd_responses.c +++ b/src/mint/taler-mint-httpd_responses.c @@ -299,7 +299,7 @@ TALER_MINT_reply_deposit_success (struct MHD_Connection *connection, dc.h_contract = *h_contract; dc.h_wire = *h_wire; dc.transaction_id = GNUNET_htonll (transaction_id); - TALER_amount_hton (&dc.amount, + TALER_amount_hton (&dc.amount_with_fee, amount); dc.coin_pub = *coin_pub; dc.merchant = *merchant; @@ -341,14 +341,14 @@ compile_transaction_history (const struct TALER_MINT_DB_TransactionList *tl) const struct Deposit *deposit = pos->details.deposit; type = "deposit"; - value = deposit->amount; + value = deposit->amount_with_fee; dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_DEPOSIT); dr.purpose.size = htonl (sizeof (struct TALER_DepositRequest)); dr.h_contract = deposit->h_contract; dr.h_wire = deposit->h_wire; dr.transaction_id = GNUNET_htonll (deposit->transaction_id); - TALER_amount_hton (&dr.amount, - &deposit->amount); + TALER_amount_hton (&dr.amount_with_fee, + &deposit->amount_with_fee); dr.coin_pub = deposit->coin.coin_pub; transaction = TALER_JSON_from_ecdsa_sig (&dr.purpose, &deposit->csig); @@ -360,12 +360,12 @@ compile_transaction_history (const struct TALER_MINT_DB_TransactionList *tl) const struct RefreshMelt *melt = pos->details.melt; type = "melt"; - value = melt->amount; + value = melt->amount_with_fee; ms.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_MELT_COIN); ms.purpose.size = htonl (sizeof (struct RefreshMeltCoinSignature)); ms.melt_hash = melt->melt_hash; - TALER_amount_hton (&ms.amount, - &melt->amount); + TALER_amount_hton (&ms.amount_with_fee, + &melt->amount_with_fee); ms.coin_pub = melt->coin.coin_pub; transaction = TALER_JSON_from_ecdsa_sig (&ms.purpose, &melt->coin_sig); diff --git a/src/mint/taler_mintdb_plugin.h b/src/mint/taler_mintdb_plugin.h index bc5cd69a..83e37334 100644 --- a/src/mint/taler_mintdb_plugin.h +++ b/src/mint/taler_mintdb_plugin.h @@ -14,13 +14,13 @@ TALER; see the file COPYING. If not, If not, see */ /** - * @file mint/mint_db.h + * @file mint/taler_mintdb_plugin.h * @brief Low-level (statement-level) database access for the mint * @author Florian Dold * @author Christian Grothoff */ -#ifndef MINT_DB_H -#define MINT_DB_H +#ifndef TALER_MINTDB_PLUGIN_H +#define TALER_MINTDB_PLUGIN_H #include #include "taler_util.h" @@ -87,6 +87,9 @@ struct CollectableBlindcoin /** * Denomination key (which coin was generated). + * FIXME: we should probably instead have the + * AMOUNT *including* fee in what is being signed + * as well! */ struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub; @@ -217,10 +220,10 @@ struct Deposit uint64_t transaction_id; /** - * Fraction of the coin's remaining value to be deposited. - * The coin is identified by @e coin_pub. + * Fraction of the coin's remaining value to be deposited, including + * depositing fee (if any). The coin is identified by @e coin_pub. */ - struct TALER_Amount amount; + struct TALER_Amount amount_with_fee; }; @@ -296,11 +299,14 @@ struct RefreshMelt struct GNUNET_HashCode melt_hash; /** - * How much value is being melted? - * This amount includes the fees, so the final amount contributed - * to the melt is this value minus the fee for melting the coin. + * How much value is being melted? This amount includes the fees, + * so the final amount contributed to the melt is this value minus + * the fee for melting the coin. We include the fee in what is + * being signed so that we can verify a reserve's remaining total + * balance without needing to access the respective denomination key + * information each time. */ - struct TALER_Amount amount; + struct TALER_Amount amount_with_fee; }; @@ -397,7 +403,7 @@ struct Lock const struct GNUNET_CRYPTO_EcdsaSignature coin_sig; /** - * How much value is being melted? + * How much value is being locked? */ struct TALER_Amount amount; diff --git a/src/mint/test_mint_db.c b/src/mint/test_mint_db.c index e4d31292..c80be70c 100644 --- a/src/mint/test_mint_db.c +++ b/src/mint/test_mint_db.c @@ -286,7 +286,7 @@ run (void *cls, deposit.wire = wire; deposit.transaction_id = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, UINT64_MAX); - deposit.amount = amount; + deposit.amount_with_fee = amount; FAILIF (GNUNET_OK != plugin->insert_deposit (plugin->cls, session, &deposit)); diff --git a/src/mint/test_mint_deposits.c b/src/mint/test_mint_deposits.c index c829e6e1..4107c1ae 100644 --- a/src/mint/test_mint_deposits.c +++ b/src/mint/test_mint_deposits.c @@ -94,12 +94,12 @@ run (void *cls, UINT64_MAX); deposit->transaction_id = GNUNET_htonll (transaction_id); /* Random amount */ - deposit->amount.value = + deposit->amount_with_fee.value = htonl (GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX)); - deposit->amount.fraction = + deposit->amount_with_fee.fraction = htonl (GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX)); - GNUNET_assert (strlen (MINT_CURRENCY) < sizeof (deposit->amount.currency)); - strcpy (deposit->amount.currency, MINT_CURRENCY); + GNUNET_assert (strlen (MINT_CURRENCY) < sizeof (deposit->amount_with_fee.currency)); + strcpy (deposit->amount_with_fee.currency, MINT_CURRENCY); /* Copy wireformat */ deposit->wire = json_loads (wire, 0, NULL); EXITIF (GNUNET_OK != -- cgit v1.2.3 From f73071bc6219788fb11b534cfd4fa88b96681306 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sun, 22 Mar 2015 22:14:30 +0100 Subject: fix #3638 --- src/include/taler_crypto_lib.h | 304 +++++++++++++++++++++++++++++++++- src/include/taler_mint_service.h | 22 +-- src/include/taler_signatures.h | 31 ++-- src/lib/mint_api.c | 64 ++++--- src/mint/key_io.c | 10 +- src/mint/key_io.h | 6 +- src/mint/plugin_mintdb_common.c | 4 +- src/mint/plugin_mintdb_postgres.c | 129 ++++++++------- src/mint/taler-mint-httpd_db.c | 132 ++++++++------- src/mint/taler-mint-httpd_db.h | 22 +-- src/mint/taler-mint-httpd_deposit.c | 6 +- src/mint/taler-mint-httpd_keystate.c | 18 +- src/mint/taler-mint-httpd_keystate.h | 4 +- src/mint/taler-mint-httpd_refresh.c | 101 +++++------ src/mint/taler-mint-httpd_responses.c | 43 ++--- src/mint/taler-mint-httpd_responses.h | 10 +- src/mint/taler-mint-httpd_withdraw.c | 27 +-- src/mint/taler-mint-keycheck.c | 10 +- src/mint/taler-mint-keyup.c | 51 +++--- src/mint/taler_mintdb_plugin.h | 180 ++++++++++---------- src/mint/test_mint_common.c | 25 +-- src/mint/test_mint_db.c | 47 +++--- src/util/crypto.c | 15 +- 23 files changed, 794 insertions(+), 467 deletions(-) (limited to 'src/mint/taler_mintdb_plugin.h') diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index db663612..0c0ad886 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -27,6 +27,296 @@ /* ****************** Coin crypto primitives ************* */ +/** + * Type of public keys for Taler reserves. + */ +struct TALER_ReservePublicKey +{ + /** + * Taler uses EdDSA for reserves. + */ + struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub; +}; + + +/** + * Type of private keys for Taler reserves. + */ +struct TALER_ReservePrivateKey +{ + /** + * Taler uses EdDSA for reserves. + */ + struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv; +}; + + +/** + * Type of signatures used with Taler reserves. + */ +struct TALER_ReserveSignature +{ + /** + * Taler uses EdDSA for reserves. + */ + struct GNUNET_CRYPTO_EddsaSignature eddsa_signature; +}; + + +/** + * Type of public keys to for merchant authorizations. + * Merchants can issue refunds using the corresponding + * private key. + */ +struct TALER_MerchantPublicKey +{ + /** + * Taler uses EdDSA for merchants. + */ + struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub; +}; + + +/** + * Type of private keys for merchant authorizations. + * Merchants can issue refunds using the corresponding + * private key. + */ +struct TALER_MerchantPrivateKey +{ + /** + * Taler uses EdDSA for merchants. + */ + struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv; +}; + + +/** + * Type of public keys used by clients to sign + * messages during a melting session. + */ +struct TALER_SessionPublicKey +{ + /** + * Taler uses EdDSA for melting session keys. + */ + struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub; +}; + + +/** + * Type of public keys used by clients to sign + * messages during a melting session. + */ +struct TALER_SessionPrivateKey +{ + /** + * Taler uses EdDSA for melting session keys. + */ + struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv; +}; + + +/** + * Type of transfer public keys used during refresh + * operations. + */ +struct TALER_TransferPublicKey +{ + /** + * Taler uses ECDSA for transfer keys. + * FIXME: should this not be ECDHE? + */ + struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_pub; +}; + + +/** + * Type of transfer public keys used during refresh + * operations. + */ +struct TALER_TransferPrivateKey +{ + /** + * Taler uses ECDSA for melting session keys. + * FIXME: should this not be ECDHE? + */ + struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_priv; +}; + + +/** + * Type of signatures used by clients to sign + * messages during a melting session. + */ +struct TALER_SessionSignature +{ + /** + * Taler uses EdDSA for melting session keys. + */ + struct GNUNET_CRYPTO_EddsaSignature eddsa_signature; +}; + + +/** + * Type of online public keys used by the mint to sign + * messages. + */ +struct TALER_MintPublicKey +{ + /** + * Taler uses EdDSA for online mint message signing. + */ + struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub; +}; + + +/** + * Type of online public keys used by the mint to + * sign messages. + */ +struct TALER_MintPrivateKey +{ + /** + * Taler uses EdDSA for online signatures sessions. + */ + struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv; +}; + + +/** + * Type of signatures used by the mint to sign messages online. + */ +struct TALER_MintSignature +{ + /** + * Taler uses EdDSA for online signatures sessions. + */ + struct GNUNET_CRYPTO_EddsaSignature eddsa_signature; +}; + + +/** + * Type of the offline master public key used by the mint. + */ +struct TALER_MasterPublicKey +{ + /** + * Taler uses EdDSA for the long-term offline master key. + */ + struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub; +}; + + +/** + * Type of the offline master public keys used by the mint. + */ +struct TALER_MasterPrivateKey +{ + /** + * Taler uses EdDSA for the long-term offline master key. + */ + struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv; +}; + + +/** + * Type of signatures by the offline master public key used by the mint. + */ +struct TALER_MasterSignature +{ + /** + * Taler uses EdDSA for the long-term offline master key. + */ + struct GNUNET_CRYPTO_EddsaSignature eddsa_signature; +}; + + + +/** + * Type of public keys for Taler coins. + */ +struct TALER_CoinSpendPublicKey +{ + /** + * Taler uses ECDSA for coins. + */ + struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_pub; +}; + + +/** + * Type of private keys for Taler coins. + */ +struct TALER_CoinSpendPrivateKey +{ + /** + * Taler uses ECDSA for coins. + */ + struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_priv; +}; + + +/** + * Type of signatures made with Taler coins. + */ +struct TALER_CoinSpendSignature +{ + /** + * Taler uses ECDSA for coins. + */ + struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature; +}; + + +/** + * Type of blinding keys for Taler. + */ +struct TALER_DenominationBlindingKey +{ + /** + * Taler uses RSA for blinding. + */ + struct GNUNET_CRYPTO_rsa_BlindingKey *rsa_blinding_key; +}; + + +/** + * Type of (unblinded) coin signatures for Taler. + */ +struct TALER_DenominationSignature +{ + /** + * Taler uses RSA for blinding. + */ + struct GNUNET_CRYPTO_rsa_Signature *rsa_signature; +}; + + +/** + * Type of public signing keys for verifying blindly signed coins. + */ +struct TALER_DenominationPublicKey +{ + /** + * Taler uses RSA for signing coins. + */ + struct GNUNET_CRYPTO_rsa_PublicKey *rsa_public_key; +}; + + +/** + * Type of private signing keys for blind signing of coins. + */ +struct TALER_DenominationPrivateKey +{ + /** + * Taler uses RSA for signing coins. + */ + struct GNUNET_CRYPTO_rsa_PrivateKey *rsa_private_key; +}; + + /** * Public information about a coin (including the public key * of the coin, the denomination key and the signature with @@ -37,19 +327,19 @@ struct TALER_CoinPublicInfo /** * The coin's public key. */ - struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub; + struct TALER_CoinSpendPublicKey coin_pub; /** * Public key representing the denomination of the coin * that is being deposited. */ - struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub; + struct TALER_DenominationPublicKey denom_pub; /** * (Unblinded) signature over @e coin_pub with @e denom_pub, * which demonstrates that the coin is valid. */ - struct GNUNET_CRYPTO_rsa_Signature *denom_sig; + struct TALER_DenominationSignature denom_sig; }; @@ -126,7 +416,7 @@ struct TALER_RefreshLinkEncrypted /** * Encrypted private key of the coin. */ - char coin_priv_enc[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)]; + char coin_priv_enc[sizeof (struct TALER_CoinSpendPrivateKey)]; }; @@ -140,12 +430,12 @@ struct TALER_RefreshLinkDecrypted /** * Private key of the coin. */ - struct GNUNET_CRYPTO_EcdsaPrivateKey coin_priv; + struct TALER_CoinSpendPrivateKey coin_priv; /** - * Blinding key with @e blinding_key_enc_size bytes. + * Blinding key. */ - struct GNUNET_CRYPTO_rsa_BlindingKey *blinding_key; + struct TALER_DenominationBlindingKey blinding_key; }; diff --git a/src/include/taler_mint_service.h b/src/include/taler_mint_service.h index f300a5cf..30aaad38 100644 --- a/src/include/taler_mint_service.h +++ b/src/include/taler_mint_service.h @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2014 Christian Grothoff (and other contributing authors) + Copyright (C) 2014, 2015 Christian Grothoff (and other contributing authors) TALER is free software; you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software @@ -42,7 +42,7 @@ struct TALER_MINT_SigningPublicKey /** * The signing public key */ - struct GNUNET_CRYPTO_EddsaPublicKey key; + struct TALER_MintPublicKey key; /** * Validity start time @@ -64,7 +64,7 @@ struct TALER_MINT_DenomPublicKey /** * The public key */ - struct GNUNET_CRYPTO_rsa_PublicKey *key; + struct TALER_DenominationPublicKey key; /** * Timestamp indicating when the denomination key becomes valid @@ -132,7 +132,7 @@ TALER_MINT_cleanup (struct TALER_MINT_Context *ctx); * @param hostname the hostname of the mint * @param port the point where the mint's HTTP service is running. If port is * given as 0, ports 80 or 443 are chosen depending on @a url. - * @param mint_key the public key of the mint. This is used to verify the + * @param master_key the public master key of the mint. This is used to verify the * responses of the mint. * @return the mint handle; NULL upon error */ @@ -140,7 +140,7 @@ struct TALER_MINT_Handle * TALER_MINT_connect (struct TALER_MINT_Context *ctx, const char *hostname, uint16_t port, - struct GNUNET_CRYPTO_EddsaPublicKey *mint_key); + const struct TALER_MasterPublicKey *master_key); /** * Disconnect from the mint @@ -282,15 +282,15 @@ struct TALER_MINT_DepositHandle * TALER_MINT_deposit_submit_json_ (struct TALER_MINT_Handle *mint, TALER_MINT_DepositResultCallback *cb, void *cls, - struct GNUNET_CRYPTO_EddsaPublicKey *coin_pub, - struct TALER_BLIND_SigningPublicKey *denom_pub, + const struct TALER_CoinPublicKey *coin_pub, + const struct TALER_BLIND_SigningPublicKey *denom_pub, struct TALER_BLIND_Signature *ubsig, uint64_t transaction_id, struct TALER_Amount *amount, - struct GNUNET_CRYPTO_EddsaPublicKey *merchant_pub, - struct GNUNET_HashCode *h_contract, - struct GNUNET_HashCode *h_wire, - struct GNUNET_CRYPTO_EddsaSignature *csig, + const struct TALER_MerchantPublicKey *merchant_pub, + const struct GNUNET_HashCode *h_contract, + const struct GNUNET_HashCode *h_wire, + const struct TALER_CoinSignature *csig, json_t *wire_obj); #endif diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 4566764d..51134bf2 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2014 Christian Grothoff (and other contributing authors) + Copyright (C) 2014, 2015 Christian Grothoff (and other contributing authors) TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software @@ -28,7 +28,6 @@ #ifndef TALER_SIGNATURES_H #define TALER_SIGNATURES_H -#include #include "taler_util.h" /** @@ -129,7 +128,7 @@ struct TALER_WithdrawRequest * Reserve public key (which reserve to withdraw from). This is * the public key which must match the signature. */ - struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub; + struct TALER_ReservePublicKey reserve_pub; /** * Value of the coin being minted (matching the denomination key) @@ -189,7 +188,7 @@ struct TALER_DepositRequest /** * The coin's public key. */ - struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub; + struct TALER_CoinSpendPublicKey coin_pub; }; @@ -232,12 +231,12 @@ struct TALER_DepositConfirmation /** * The coin's public key. */ - struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub; + struct TALER_CoinSpendPublicKey coin_pub; /** * The Merchant's public key. */ - struct GNUNET_CRYPTO_EddsaPublicKey merchant; + struct TALER_MerchantPublicKey merchant; }; @@ -274,7 +273,7 @@ struct RefreshMeltCoinSignature /** * The coin's public key. */ - struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub; + struct TALER_CoinSpendPublicKey coin_pub; }; @@ -298,7 +297,7 @@ struct RefreshMeltSessionSignature * Public key of the refresh session for which * @e melt_client_signature must be a valid signature. */ - struct GNUNET_CRYPTO_EddsaPublicKey session_key; + struct TALER_SessionPublicKey session_key; /** * What is the total value of the coins created during the @@ -348,10 +347,12 @@ struct RefreshMeltConfirmSignRequestBody */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + // FIXME: We probably need more info in here... + /** - * FIXME. + * Public key the client uses for this session. */ - struct GNUNET_CRYPTO_EddsaPublicKey session_pub; + struct TALER_SessionPublicKey session_pub; }; @@ -365,7 +366,7 @@ struct TALER_MINT_SignKeyIssue /** * Signature over the signing key (by the master key of the mint). */ - struct GNUNET_CRYPTO_EddsaSignature signature; + struct TALER_MasterSignature signature; /** * Purpose is #TALER_SIGNATURE_MASTER_SIGNKEY. @@ -376,7 +377,7 @@ struct TALER_MINT_SignKeyIssue * Master public key of the mint corresponding to @e signature. * This is the long-term offline master key of the mint. */ - struct GNUNET_CRYPTO_EddsaPublicKey master_pub; + struct TALER_MasterPublicKey master_pub; /** * When does this signing key begin to be valid? @@ -395,7 +396,7 @@ struct TALER_MINT_SignKeyIssue * The public online signing key that the mint will use * between @e start and @e expire. */ - struct GNUNET_CRYPTO_EddsaPublicKey signkey_pub; + struct TALER_MintPublicKey signkey_pub; }; @@ -409,7 +410,7 @@ struct TALER_MINT_DenomKeyIssue * Signature over this struct to affirm the validity * of the key. */ - struct GNUNET_CRYPTO_EddsaSignature signature; + struct TALER_MasterSignature signature; /** * Purpose ist #TALER_SIGNATURE_MASTER_DENOM. @@ -420,7 +421,7 @@ struct TALER_MINT_DenomKeyIssue * The long-term offline master key of the mint that was * used to create @e signature. */ - struct GNUNET_CRYPTO_EddsaPublicKey master; + struct TALER_MasterPublicKey master; /** * Start time of the validity period for this key. diff --git a/src/lib/mint_api.c b/src/lib/mint_api.c index eb2697a2..305fc95d 100644 --- a/src/lib/mint_api.c +++ b/src/lib/mint_api.c @@ -179,9 +179,11 @@ struct TALER_MINT_KeysGetHandle char *url; TALER_MINT_KeysGetCallback cb; - void *cls; + + void *cb_cls; TALER_MINT_ContinuationCallback cont_cb; + void *cont_cls; }; @@ -202,7 +204,8 @@ struct TALER_MINT_DepositHandle char *url; TALER_MINT_DepositResultCallback cb; - void *cls; + + void *cb_cls; char *json_enc; @@ -219,7 +222,8 @@ struct TALER_MINT_DepositHandle * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure */ static int -parse_timestamp (struct GNUNET_TIME_Absolute *abs, const char *tstamp_enc) +parse_timestamp (struct GNUNET_TIME_Absolute *abs, + const char *tstamp_enc) { unsigned long tstamp; @@ -242,7 +246,7 @@ parse_timestamp (struct GNUNET_TIME_Absolute *abs, const char *tstamp_enc) static int parse_json_signkey (struct TALER_MINT_SigningPublicKey **_sign_key, json_t *sign_key_obj, - struct GNUNET_CRYPTO_EddsaPublicKey *master_key) + struct TALER_MasterPublicKey *master_key) { json_t *valid_from_obj; json_t *valid_until_obj; @@ -281,7 +285,7 @@ parse_json_signkey (struct TALER_MINT_SigningPublicKey **_sign_key, EXITIF (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_public_key_from_string (key_enc, 52, - &sign_key_issue.signkey_pub)); + &sign_key_issue.signkey_pub.eddsa_pub)); sign_key_issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNKEY); sign_key_issue.purpose.size = htonl (sizeof (sign_key_issue) @@ -293,7 +297,7 @@ parse_json_signkey (struct TALER_MINT_SigningPublicKey **_sign_key, GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNKEY, &sign_key_issue.purpose, &sig, - master_key)); + &master_key->eddsa_pub)); sign_key = GNUNET_new (struct TALER_MINT_SigningPublicKey); sign_key->valid_from = valid_from; sign_key->valid_until = valid_until; @@ -337,7 +341,7 @@ parse_json_amount (json_t *amount_obj, struct TALER_Amount *amt) static int parse_json_denomkey (struct TALER_MINT_DenomPublicKey **_denom_key, json_t *denom_key_obj, - struct GNUNET_CRYPTO_EddsaPublicKey *master_key) + struct TALER_MasterPublicKey *master_key) { json_t *obj; const char *sig_enc; @@ -424,9 +428,9 @@ parse_json_denomkey (struct TALER_MINT_DenomPublicKey **_denom_key, GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DENOM, &denom_key_issue.purpose, &sig, - master_key)); + &master_key->eddsa_pub)); denom_key = GNUNET_new (struct TALER_MINT_DenomPublicKey); - denom_key->key = pk; + denom_key->key.rsa_public_key = pk; denom_key->valid_from = valid_from; denom_key->withdraw_valid_until = withdraw_valid_until; denom_key->deposit_valid_until = deposit_valid_until; @@ -451,7 +455,7 @@ parse_response_keys_get (const char *in, size_t size, { json_t *resp_obj; struct TALER_MINT_DenomPublicKey **denom_keys; - struct GNUNET_CRYPTO_EddsaPublicKey master_key; + struct TALER_MasterPublicKey master_key; struct GNUNET_TIME_Absolute list_issue_date; struct TALER_MINT_SigningPublicKey **sign_keys; unsigned int n_denom_keys; @@ -487,7 +491,7 @@ parse_response_keys_get (const char *in, size_t size, EXITIF (GNUNET_OK != GNUNET_CRYPTO_eddsa_public_key_from_string (master_key_enc, 52, - &master_key)); + &master_key.eddsa_pub)); } { /* parse the issue date of the response */ @@ -664,7 +668,8 @@ request_failed (struct TALER_MINT_Handle *mint, long resp_code) { struct TALER_MINT_DepositHandle *dh = mint->req.deposit; TALER_MINT_DepositResultCallback cb = dh->cb; - void *cls = dh->cls; + void *cls = dh->cb_cls; + GNUNET_assert (NULL != dh); cleanup_deposit (dh); mint_disconnect (mint); @@ -705,7 +710,7 @@ request_succeeded (struct TALER_MINT_Handle *mint, long resp_code) parse_response_keys_get (mint->buf, mint->buf_size, &sign_keys, &n_sign_keys, &denom_keys, &n_denom_keys)) - gh->cb (gh->cls, sign_keys, denom_keys); + gh->cb (gh->cb_cls, sign_keys, denom_keys); else emsg = GNUNET_strdup ("Error parsing response"); } @@ -727,7 +732,7 @@ request_succeeded (struct TALER_MINT_Handle *mint, long resp_code) GNUNET_assert (NULL != dh); obj = NULL; cb = dh->cb; - cls = dh->cls; + cls = dh->cb_cls; status = 0; if (200 == resp_code) { @@ -903,15 +908,15 @@ download (char *bufptr, size_t size, size_t nitems, void *cls) * @param ctx the context * @param hostname the hostname of the mint * @param port the point where the mint's HTTP service is running. - * @param mint_key the public key of the mint. This is used to verify the - * responses of the mint. + * @param mint_key the offline master public key of the mint. + * This is used to verify the responses of the mint. * @return the mint handle; NULL upon error */ struct TALER_MINT_Handle * TALER_MINT_connect (struct TALER_MINT_Context *ctx, const char *hostname, uint16_t port, - struct GNUNET_CRYPTO_EddsaPublicKey *mint_key) + const struct TALER_MasterPublicKey *mint_key) { struct TALER_MINT_Handle *mint; @@ -952,15 +957,17 @@ TALER_MINT_disconnect (struct TALER_MINT_Handle *mint) * * @param mint handle to the mint * @param cb the callback to call with each retrieved denomination key - * @param cls closure for the above callback + * @param cb_cls closure for the above callback * @param cont_cb the callback to call after completing this asynchronous call * @param cont_cls the closure for the continuation callback * @return a handle to this asynchronous call; NULL upon eror */ struct TALER_MINT_KeysGetHandle * TALER_MINT_keys_get (struct TALER_MINT_Handle *mint, - TALER_MINT_KeysGetCallback cb, void *cls, - TALER_MINT_ContinuationCallback cont_cb, void *cont_cls) + TALER_MINT_KeysGetCallback cb, + void *cb_cls, + TALER_MINT_ContinuationCallback cont_cb, + void *cont_cls) { struct TALER_MINT_KeysGetHandle *gh; @@ -970,12 +977,17 @@ TALER_MINT_keys_get (struct TALER_MINT_Handle *mint, mint->req_type = REQUEST_TYPE_KEYSGET; mint->req.keys_get = gh; gh->cb = cb; - gh->cls = cls; + gh->cb_cls = cb_cls; gh->cont_cb = cont_cb; gh->cont_cls = cont_cls; - GNUNET_asprintf (&gh->url, "http://%s:%hu/keys", mint->hostname, mint->port); + GNUNET_asprintf (&gh->url, + "http://%s:%hu/keys", + mint->hostname, + mint->port); GNUNET_assert (CURLE_OK == - curl_easy_setopt (mint->curl, CURLOPT_URL, gh->url)); + curl_easy_setopt (mint->curl, + CURLOPT_URL, + gh->url)); if (GNUNET_NO == mint->connected) mint_connect (mint); perform_now (mint->ctx); @@ -1005,7 +1017,7 @@ TALER_MINT_keys_get_cancel (struct TALER_MINT_KeysGetHandle *get) * * @param mint the mint handle * @param cb the callback to call when a reply for this request is available - * @param cls closure for the above callback + * @param cb_cls closure for the above callback * @param deposit_obj the deposit permission received from the customer along * with the wireformat JSON object * @return a handle for this request; NULL if the JSON object could not be @@ -1015,7 +1027,7 @@ TALER_MINT_keys_get_cancel (struct TALER_MINT_KeysGetHandle *get) struct TALER_MINT_DepositHandle * TALER_MINT_deposit_submit_json (struct TALER_MINT_Handle *mint, TALER_MINT_DepositResultCallback cb, - void *cls, + void *cb_cls, json_t *deposit_obj) { struct TALER_MINT_DepositHandle *dh; @@ -1026,7 +1038,7 @@ TALER_MINT_deposit_submit_json (struct TALER_MINT_Handle *mint, mint->req_type = REQUEST_TYPE_DEPOSIT; mint->req.deposit = dh; dh->cb = cb; - dh->cls = cls; + dh->cb_cls = cb_cls; GNUNET_asprintf (&dh->url, "http://%s:%hu/deposit", mint->hostname, mint->port); GNUNET_assert (NULL != (dh->json_enc = json_dumps (deposit_obj, JSON_COMPACT))); GNUNET_assert (CURLE_OK == diff --git a/src/mint/key_io.c b/src/mint/key_io.c index d267ce2a..182d6f3d 100644 --- a/src/mint/key_io.c +++ b/src/mint/key_io.c @@ -164,8 +164,9 @@ TALER_MINT_read_denom_key (const char *filename, GNUNET_free (data); return GNUNET_SYSERR; } - dki->denom_priv = priv; - dki->denom_pub = GNUNET_CRYPTO_rsa_private_key_get_public (priv); + dki->denom_priv.rsa_private_key = priv; + dki->denom_pub.rsa_public_key + = GNUNET_CRYPTO_rsa_private_key_get_public (priv); memcpy (&dki->issue, data, offset); @@ -193,8 +194,9 @@ TALER_MINT_write_denom_key (const char *filename, int ret; fh = NULL; - priv_enc_size = GNUNET_CRYPTO_rsa_private_key_encode (dki->denom_priv, - &priv_enc); + priv_enc_size + = GNUNET_CRYPTO_rsa_private_key_encode (dki->denom_priv.rsa_private_key, + &priv_enc); ret = GNUNET_SYSERR; if (NULL == (fh = GNUNET_DISK_file_open (filename, diff --git a/src/mint/key_io.h b/src/mint/key_io.h index b204629a..6c6722a8 100644 --- a/src/mint/key_io.h +++ b/src/mint/key_io.h @@ -52,7 +52,7 @@ struct TALER_MINT_SignKeyIssuePriv /** * Private key part of the mint's signing key. */ - struct GNUNET_CRYPTO_EddsaPrivateKey signkey_priv; + struct TALER_MintPrivateKey signkey_priv; /** * Public information about a mint signing key. @@ -75,13 +75,13 @@ struct TALER_MINT_DenomKeyIssuePriv * key is not available (this is the case after the key has expired * for signing coins, but is still valid for depositing coins). */ - struct GNUNET_CRYPTO_rsa_PrivateKey *denom_priv; + struct TALER_DenominationPrivateKey denom_priv; /** * Decoded denomination public key (the hash of it is in * @e issue, but we sometimes need the full public key as well). */ - struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub; + struct TALER_DenominationPublicKey denom_pub; /** * Signed public information about a denomination key. diff --git a/src/mint/plugin_mintdb_common.c b/src/mint/plugin_mintdb_common.c index 34aefb87..6e52a3bc 100644 --- a/src/mint/plugin_mintdb_common.c +++ b/src/mint/plugin_mintdb_common.c @@ -46,8 +46,8 @@ common_free_reserve_history (void *cls, break; case TALER_MINT_DB_RO_WITHDRAW_COIN: cbc = rh->details.withdraw; - GNUNET_CRYPTO_rsa_signature_free (cbc->sig); - GNUNET_CRYPTO_rsa_public_key_free (cbc->denom_pub); + GNUNET_CRYPTO_rsa_signature_free (cbc->sig.rsa_signature); + GNUNET_CRYPTO_rsa_public_key_free (cbc->denom_pub.rsa_public_key); GNUNET_free (cbc); break; } diff --git a/src/mint/plugin_mintdb_postgres.c b/src/mint/plugin_mintdb_postgres.c index 1d7a965c..1c038842 100644 --- a/src/mint/plugin_mintdb_postgres.c +++ b/src/mint/plugin_mintdb_postgres.c @@ -758,15 +758,10 @@ postgres_reserve_get (void *cls, PGresult *result; uint64_t expiration_date_nbo; struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(reserve->pub), + TALER_DB_QUERY_PARAM_PTR(&reserve->pub), TALER_DB_QUERY_PARAM_END }; - if (NULL == reserve->pub) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } result = TALER_DB_exec_prepared (session->conn, "get_reserve", params); @@ -821,11 +816,11 @@ postgres_reserves_update (void *cls, struct GNUNET_TIME_AbsoluteNBO expiry_nbo; int ret; - if ((NULL == reserve) || (NULL == reserve->pub)) + if (NULL == reserve) return GNUNET_SYSERR; ret = GNUNET_OK; struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR (reserve->pub), + TALER_DB_QUERY_PARAM_PTR (&reserve->pub), TALER_DB_QUERY_PARAM_PTR (&balance_nbo.value), TALER_DB_QUERY_PARAM_PTR (&balance_nbo.fraction), TALER_DB_QUERY_PARAM_PTR (&expiry_nbo), @@ -901,7 +896,7 @@ postgres_reserves_in_insert (void *cls, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Reserve does not exist; creating a new one\n"); struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR (reserve->pub), + TALER_DB_QUERY_PARAM_PTR (&reserve->pub), TALER_DB_QUERY_PARAM_PTR (&balance_nbo.value), TALER_DB_QUERY_PARAM_PTR (&balance_nbo.fraction), TALER_DB_QUERY_PARAM_PTR_SIZED (balance_nbo.currency, @@ -923,7 +918,7 @@ postgres_reserves_in_insert (void *cls, result = NULL; /* create new incoming transaction */ struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR (reserve->pub), + TALER_DB_QUERY_PARAM_PTR (&reserve->pub), TALER_DB_QUERY_PARAM_PTR (&balance_nbo.value), TALER_DB_QUERY_PARAM_PTR (&balance_nbo.fraction), TALER_DB_QUERY_PARAM_PTR_SIZED (&balance_nbo.currency, @@ -1053,8 +1048,8 @@ postgres_get_collectable_blindcoin (void *cls, GNUNET_break (0); goto cleanup; } - collectable->denom_pub = denom_pub; - collectable->sig = denom_sig; + collectable->denom_pub.rsa_public_key = denom_pub; + collectable->sig.rsa_signature = denom_sig; ret = GNUNET_YES; cleanup: @@ -1103,10 +1098,10 @@ postgres_insert_collectable_blindcoin (void *cls, ret = GNUNET_SYSERR; denom_pub_enc_size = - GNUNET_CRYPTO_rsa_public_key_encode (collectable->denom_pub, + GNUNET_CRYPTO_rsa_public_key_encode (collectable->denom_pub.rsa_public_key, &denom_pub_enc); denom_sig_enc_size = - GNUNET_CRYPTO_rsa_signature_encode (collectable->sig, + GNUNET_CRYPTO_rsa_signature_encode (collectable->sig.rsa_signature, &denom_sig_enc); struct TALER_DB_QueryParam params[] = { TALER_DB_QUERY_PARAM_PTR (h_blind), @@ -1127,8 +1122,7 @@ postgres_insert_collectable_blindcoin (void *cls, QUERY_ERR (result); goto rollback; } - reserve.pub = (struct GNUNET_CRYPTO_EddsaPublicKey *) - &collectable->reserve_pub; + reserve.pub = collectable->reserve_pub; if (GNUNET_OK != postgres_reserve_get (cls, session, &reserve)) @@ -1172,7 +1166,7 @@ postgres_insert_collectable_blindcoin (void *cls, static struct ReserveHistory * postgres_get_reserve_history (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *reserve_pub) + const struct TALER_ReservePublicKey *reserve_pub) { PGresult *result; struct ReserveHistory *rh; @@ -1219,7 +1213,7 @@ postgres_get_reserve_history (void *cls, GNUNET_break (0); goto cleanup; } - (void) memcpy (&bt->reserve_pub, reserve_pub, sizeof (bt->reserve_pub)); + bt->reserve_pub = *reserve_pub; if (NULL != rh_head) { rh_head->next = GNUNET_new (struct ReserveHistory); @@ -1238,7 +1232,7 @@ postgres_get_reserve_history (void *cls, result = NULL; { struct GNUNET_HashCode blind_ev; - struct GNUNET_CRYPTO_EddsaSignature reserve_sig; + struct TALER_ReserveSignature reserve_sig; struct CollectableBlindcoin *cbc; char *denom_pub_enc; char *denom_sig_enc; @@ -1280,20 +1274,23 @@ postgres_get_reserve_history (void *cls, goto cleanup; } cbc = GNUNET_new (struct CollectableBlindcoin); - cbc->sig = GNUNET_CRYPTO_rsa_signature_decode (denom_sig_enc, - denom_sig_enc_size); + cbc->sig.rsa_signature + = GNUNET_CRYPTO_rsa_signature_decode (denom_sig_enc, + denom_sig_enc_size); GNUNET_free (denom_sig_enc); denom_sig_enc = NULL; - cbc->denom_pub = GNUNET_CRYPTO_rsa_public_key_decode (denom_pub_enc, - denom_pub_enc_size); + cbc->denom_pub.rsa_public_key + = GNUNET_CRYPTO_rsa_public_key_decode (denom_pub_enc, + denom_pub_enc_size); GNUNET_free (denom_pub_enc); denom_pub_enc = NULL; - if ((NULL == cbc->sig) || (NULL == cbc->denom_pub)) + if ( (NULL == cbc->sig.rsa_signature) || + (NULL == cbc->denom_pub.rsa_public_key) ) { - if (NULL != cbc->sig) - GNUNET_CRYPTO_rsa_signature_free (cbc->sig); - if (NULL != cbc->denom_pub) - GNUNET_CRYPTO_rsa_public_key_free (cbc->denom_pub); + if (NULL != cbc->sig.rsa_signature) + GNUNET_CRYPTO_rsa_signature_free (cbc->sig.rsa_signature); + if (NULL != cbc->denom_pub.rsa_public_key) + GNUNET_CRYPTO_rsa_public_key_free (cbc->denom_pub.rsa_public_key); GNUNET_free (cbc); GNUNET_break (0); goto cleanup; @@ -1394,10 +1391,10 @@ postgres_insert_deposit (void *cls, ret = GNUNET_SYSERR; denom_pub_enc_size = - GNUNET_CRYPTO_rsa_public_key_encode (deposit->coin.denom_pub, + GNUNET_CRYPTO_rsa_public_key_encode (deposit->coin.denom_pub.rsa_public_key, &denom_pub_enc); denom_sig_enc_size = - GNUNET_CRYPTO_rsa_signature_encode (deposit->coin.denom_sig, + GNUNET_CRYPTO_rsa_signature_encode (deposit->coin.denom_sig.rsa_signature, &denom_sig_enc); json_wire_enc = json_dumps (deposit->wire, JSON_COMPACT); TALER_amount_hton (&amount_nbo, @@ -1450,7 +1447,7 @@ postgres_insert_deposit (void *cls, static int postgres_get_refresh_session (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + const struct TALER_SessionPublicKey *refresh_session_pub, struct RefreshSession *refresh_session) { // FIXME: check logic! @@ -1526,7 +1523,7 @@ postgres_get_refresh_session (void *cls, static int postgres_create_refresh_session (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + const struct TALER_SessionPublicKey *session_pub, const struct RefreshSession *refresh_session) { // FIXME: actually store session data! @@ -1570,7 +1567,7 @@ postgres_create_refresh_session (void *cls, static int postgres_insert_refresh_melt (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session, + const struct TALER_SessionPublicKey *refresh_session, uint16_t oldcoin_index, const struct RefreshMelt *melt) { @@ -1580,7 +1577,7 @@ postgres_insert_refresh_melt (void *cls, size_t buf_size; PGresult *result; - buf_size = GNUNET_CRYPTO_rsa_public_key_encode (melt->coin.denom_pub, + buf_size = GNUNET_CRYPTO_rsa_public_key_encode (melt->coin.denom_pub.rsa_public_key, &buf); { struct TALER_DB_QueryParam params[] = { @@ -1620,7 +1617,7 @@ postgres_insert_refresh_melt (void *cls, static int postgres_get_refresh_melt (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session, + const struct TALER_SessionPublicKey *refresh_session, uint16_t oldcoin_index, struct RefreshMelt *melt) { @@ -1645,9 +1642,9 @@ postgres_get_refresh_melt (void *cls, static int postgres_insert_refresh_order (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + const struct TALER_SessionPublicKey *session_pub, uint16_t num_newcoins, - struct GNUNET_CRYPTO_rsa_PublicKey *const*denom_pubs) + const struct TALER_DenominationPublicKey *denom_pubs) { // FIXME: check logic: was written for just one COIN! uint16_t newcoin_index_nbo = htons (num_newcoins); @@ -1655,7 +1652,7 @@ postgres_insert_refresh_order (void *cls, size_t buf_size; PGresult *result; - buf_size = GNUNET_CRYPTO_rsa_public_key_encode (*denom_pubs, + buf_size = GNUNET_CRYPTO_rsa_public_key_encode (denom_pubs->rsa_public_key, &buf); { @@ -1701,9 +1698,9 @@ postgres_insert_refresh_order (void *cls, static int postgres_get_refresh_order (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + const struct TALER_SessionPublicKey *session_pub, uint16_t num_newcoins, - struct GNUNET_CRYPTO_rsa_PublicKey **denom_pubs) + struct TALER_DenominationPublicKey *denom_pubs) { // FIXME: check logic -- was written for just one coin! char *buf; @@ -1744,7 +1741,9 @@ postgres_get_refresh_order (void *cls, return GNUNET_SYSERR; } PQclear (result); - denom_pubs[0] = GNUNET_CRYPTO_rsa_public_key_decode (buf, buf_size); + denom_pubs->rsa_public_key + = GNUNET_CRYPTO_rsa_public_key_decode (buf, + buf_size); GNUNET_free (buf); return GNUNET_OK; } @@ -1767,7 +1766,7 @@ postgres_get_refresh_order (void *cls, static int postgres_insert_refresh_commit_coins (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + const struct TALER_SessionPublicKey *refresh_session_pub, unsigned int i, unsigned int num_newcoins, const struct RefreshCommitCoin *commit_coins) @@ -1780,9 +1779,9 @@ postgres_insert_refresh_commit_coins (void *cls, TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coins->coin_ev, commit_coins->coin_ev_size), TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo), - TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coins->refresh_link->coin_priv_enc, - commit_coins->refresh_link->blinding_key_enc_size + - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)), + TALER_DB_QUERY_PARAM_PTR_SIZED (commit_coins->refresh_link->coin_priv_enc, + commit_coins->refresh_link->blinding_key_enc_size + + sizeof (struct TALER_CoinSpendPrivateKey)), TALER_DB_QUERY_PARAM_END }; @@ -1825,7 +1824,7 @@ postgres_insert_refresh_commit_coins (void *cls, static int postgres_get_refresh_commit_coins (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + const struct TALER_SessionPublicKey *refresh_session_pub, unsigned int cnc_index, unsigned int newcoin_index, struct RefreshCommitCoin *cc) @@ -1873,7 +1872,7 @@ postgres_get_refresh_commit_coins (void *cls, return GNUNET_SYSERR; } PQclear (result); - if (rl_buf_size < sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)) + if (rl_buf_size < sizeof (struct TALER_CoinSpendPrivateKey)) { GNUNET_free (c_buf); GNUNET_free (rl_buf); @@ -1896,7 +1895,7 @@ postgres_get_refresh_commit_coins (void *cls, * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection to use * @param refresh_session_pub public key of the refresh session this - * commitment belongs with + * commitment belongs with -- FIXME: should not be needed! * @param i set index (1st dimension) * @param j coin index (2nd dimension), corresponds to melted (old) coins * @param commit_link link information to store @@ -1905,7 +1904,7 @@ postgres_get_refresh_commit_coins (void *cls, static int postgres_insert_refresh_commit_links (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + const struct TALER_SessionPublicKey *refresh_session_pub, unsigned int i, unsigned int j, const struct RefreshCommitLink *commit_link) @@ -1950,7 +1949,7 @@ postgres_insert_refresh_commit_links (void *cls, * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection to use * @param refresh_session_pub public key of the refresh session this - * commitment belongs with + * commitment belongs with -- FIXME: should not be needed! * @param i set index (1st dimension) * @param num_links size of the @a commit_link array * @param links[OUT] array of link information to return @@ -1961,7 +1960,7 @@ postgres_insert_refresh_commit_links (void *cls, static int postgres_get_refresh_commit_links (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + const struct TALER_SessionPublicKey *refresh_session_pub, unsigned int i, unsigned int num_links, struct RefreshCommitLink *links) @@ -2026,9 +2025,9 @@ postgres_get_refresh_commit_links (void *cls, static int postgres_insert_refresh_collectable (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + const struct TALER_SessionPublicKey *session_pub, uint16_t newcoin_index, - const struct GNUNET_CRYPTO_rsa_Signature *ev_sig) + const struct TALER_DenominationSignature *ev_sig) { // FIXME: check logic! uint16_t newcoin_index_nbo = htons (newcoin_index); @@ -2036,7 +2035,7 @@ postgres_insert_refresh_collectable (void *cls, size_t buf_size; PGresult *result; - buf_size = GNUNET_CRYPTO_rsa_signature_encode (ev_sig, + buf_size = GNUNET_CRYPTO_rsa_signature_encode (ev_sig->rsa_signature, &buf); { struct TALER_DB_QueryParam params[] = { @@ -2073,7 +2072,7 @@ postgres_insert_refresh_collectable (void *cls, static struct LinkDataList * postgres_get_link_data_list (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub) + const struct TALER_CoinSpendPublicKey *coin_pub) { // FIXME: check logic! struct LinkDataList *ldl; @@ -2146,10 +2145,12 @@ postgres_get_link_data_list (void *cls, ld_buf, ld_buf_size); - sig = GNUNET_CRYPTO_rsa_signature_decode (sig_buf, - sig_buf_size); - denom_pub = GNUNET_CRYPTO_rsa_public_key_decode (pk_buf, - pk_buf_size); + sig + = GNUNET_CRYPTO_rsa_signature_decode (sig_buf, + sig_buf_size); + denom_pub + = GNUNET_CRYPTO_rsa_public_key_decode (pk_buf, + pk_buf_size); GNUNET_free (pk_buf); GNUNET_free (sig_buf); GNUNET_free (ld_buf); @@ -2170,8 +2171,8 @@ postgres_get_link_data_list (void *cls, pos = GNUNET_new (struct LinkDataList); pos->next = ldl; pos->link_data_enc = link_enc; - pos->denom_pub = denom_pub; - pos->ev_sig = sig; + pos->denom_pub.rsa_public_key = denom_pub; + pos->ev_sig.rsa_signature = sig; ldl = pos; } return ldl; @@ -2196,8 +2197,8 @@ postgres_get_link_data_list (void *cls, static int postgres_get_transfer (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub, - struct GNUNET_CRYPTO_EcdsaPublicKey *transfer_pub, + const struct TALER_CoinSpendPublicKey *coin_pub, + struct TALER_TransferPublicKey *transfer_pub, struct TALER_EncryptedLinkSecret *shared_secret_enc) { // FIXME: check logic! @@ -2260,7 +2261,7 @@ postgres_get_transfer (void *cls, static struct TALER_MINT_DB_TransactionList * postgres_get_coin_transactions (void *cls, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub) + const struct TALER_CoinSpendPublicKey *coin_pub) { // FIXME: check logic! GNUNET_break (0); // FIXME: implement! diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 43b226e6..039e74ff 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -130,7 +130,7 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection, } mks = TALER_MINT_key_state_acquire (); dki = TALER_MINT_get_denom_key (mks, - deposit->coin.denom_pub); + &deposit->coin.denom_pub); TALER_amount_ntoh (&value, &dki->issue.value); TALER_MINT_key_state_release (mks); @@ -211,7 +211,7 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection, */ int TALER_MINT_db_execute_withdraw_status (struct MHD_Connection *connection, - const struct GNUNET_CRYPTO_EddsaPublicKey *reserve_pub) + const struct TALER_ReservePublicKey *reserve_pub) { struct TALER_MINTDB_Session *session; struct ReserveHistory *rh; @@ -255,11 +255,11 @@ TALER_MINT_db_execute_withdraw_status (struct MHD_Connection *connection, */ int TALER_MINT_db_execute_withdraw_sign (struct MHD_Connection *connection, - const struct GNUNET_CRYPTO_EddsaPublicKey *reserve, - const struct GNUNET_CRYPTO_rsa_PublicKey *denomination_pub, + const struct TALER_ReservePublicKey *reserve, + const struct TALER_DenominationPublicKey *denomination_pub, const char *blinded_msg, size_t blinded_msg_len, - const struct GNUNET_CRYPTO_EddsaSignature *signature) + const struct TALER_ReserveSignature *signature) { struct TALER_MINTDB_Session *session; struct ReserveHistory *rh; @@ -303,8 +303,8 @@ TALER_MINT_db_execute_withdraw_sign (struct MHD_Connection *connection, { res = TALER_MINT_reply_withdraw_sign_success (connection, &collectable); - GNUNET_CRYPTO_rsa_signature_free (collectable.sig); - GNUNET_CRYPTO_rsa_public_key_free (collectable.denom_pub); + GNUNET_CRYPTO_rsa_signature_free (collectable.sig.rsa_signature); + GNUNET_CRYPTO_rsa_public_key_free (collectable.denom_pub.rsa_public_key); return res; } GNUNET_assert (GNUNET_NO == res); @@ -387,7 +387,7 @@ TALER_MINT_db_execute_withdraw_sign (struct MHD_Connection *connection, break; case TALER_MINT_DB_RO_WITHDRAW_COIN: tdki = TALER_MINT_get_denom_key (key_state, - pos->details.withdraw->denom_pub); + &pos->details.withdraw->denom_pub); TALER_amount_ntoh (&value, &tdki->issue.value); if (0 == (res & 2)) @@ -428,7 +428,7 @@ TALER_MINT_db_execute_withdraw_sign (struct MHD_Connection *connection, rh); /* Balance is good, sign the coin! */ - sig = GNUNET_CRYPTO_rsa_sign (dki->denom_priv, + sig = GNUNET_CRYPTO_rsa_sign (dki->denom_priv.rsa_private_key, blinded_msg, blinded_msg_len); TALER_MINT_key_state_release (key_state); @@ -440,8 +440,9 @@ TALER_MINT_db_execute_withdraw_sign (struct MHD_Connection *connection, return TALER_MINT_reply_internal_error (connection, "Internal error"); } - collectable.sig = sig; - collectable.denom_pub = (struct GNUNET_CRYPTO_rsa_PublicKey *) denomination_pub; + /* FIXME: this signature is still blinded, bad name... */ + collectable.sig.rsa_signature = sig; + collectable.denom_pub = *denomination_pub; collectable.reserve_pub = *reserve; GNUNET_CRYPTO_hash (blinded_msg, blinded_msg_len, @@ -494,7 +495,7 @@ refresh_accept_melts (struct MHD_Connection *connection, struct TALER_MINTDB_Session *session, const struct MintKeyState *key_state, const struct GNUNET_HashCode *melt_hash, - const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + const struct TALER_SessionPublicKey *session_pub, const struct TALER_CoinPublicInfo *coin_public_info, const struct MeltDetails *coin_details, uint16_t oldcoin_index) @@ -508,7 +509,7 @@ refresh_accept_melts (struct MHD_Connection *connection, int res; dki = &TALER_MINT_get_denom_key (key_state, - coin_public_info->denom_pub)->issue; + &coin_public_info->denom_pub)->issue; if (NULL == dki) return (MHD_YES == @@ -607,10 +608,10 @@ refresh_accept_melts (struct MHD_Connection *connection, int TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, const struct GNUNET_HashCode *melt_hash, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - const struct GNUNET_CRYPTO_EddsaSignature *client_signature, + const struct TALER_SessionPublicKey *refresh_session_pub, + const struct TALER_SessionSignature *client_signature, unsigned int num_new_denoms, - struct GNUNET_CRYPTO_rsa_PublicKey *const*denom_pubs, + const struct TALER_DenominationPublicKey *denom_pubs, unsigned int coin_count, const struct TALER_CoinPublicInfo *coin_public_infos, const struct MeltDetails *coin_melt_details, @@ -773,7 +774,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, * @param transfer_privs private transfer keys * @param melts array of melted coins * @param num_newcoins number of newcoins being generated - * @param denom_pub array of @a num_newcoins keys for the new coins + * @param denom_pubs array of @a num_newcoins keys for the new coins * @return #GNUNET_OK if the committment was honest, * #GNUNET_NO if there was a problem and we generated an error message * #GNUNET_SYSERR if we could not even generate an error message @@ -781,13 +782,13 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, static int check_commitment (struct MHD_Connection *connection, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session, + const struct TALER_SessionPublicKey *refresh_session, unsigned int off, unsigned int num_oldcoins, - const struct GNUNET_CRYPTO_EcdsaPrivateKey *transfer_privs, + const struct TALER_TransferPrivateKey *transfer_privs, const struct RefreshMelt *melts, unsigned int num_newcoins, - struct GNUNET_CRYPTO_rsa_PublicKey **denom_pubs) + const struct TALER_DenominationPublicKey *denom_pubs) { unsigned int j; struct TALER_LinkSecret last_shared_secret; @@ -817,14 +818,14 @@ check_commitment (struct MHD_Connection *connection, { struct TALER_TransferSecret transfer_secret; struct TALER_LinkSecret shared_secret; - struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub_check; + struct TALER_TransferPublicKey transfer_pub_check; - GNUNET_CRYPTO_ecdsa_key_get_public (&transfer_privs[j], - &transfer_pub_check); + GNUNET_CRYPTO_ecdsa_key_get_public (&transfer_privs[j].ecdsa_priv, + &transfer_pub_check.ecdsa_pub); if (0 != memcmp (&transfer_pub_check, &commit_links[j].transfer_pub, - sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) + sizeof (struct TALER_TransferPublicKey))) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "transfer keys do not match\n"); @@ -840,9 +841,9 @@ check_commitment (struct MHD_Connection *connection, /* We're converting key types here, which is not very nice * but necessary and harmless (keys will be thrown away later). */ - GNUNET_CRYPTO_ecdsa_public_to_ecdhe (&melts[j].coin.coin_pub, + GNUNET_CRYPTO_ecdsa_public_to_ecdhe (&melts[j].coin.coin_pub.ecdsa_pub, &coin_ecdhe); - GNUNET_CRYPTO_ecdsa_private_to_ecdhe (&transfer_privs[j], + GNUNET_CRYPTO_ecdsa_private_to_ecdhe (&transfer_privs[j].ecdsa_priv, &transfer_ecdhe); if (GNUNET_OK != GNUNET_CRYPTO_ecc_ecdh (&transfer_ecdhe, @@ -915,7 +916,7 @@ check_commitment (struct MHD_Connection *connection, for (j = 0; j < num_newcoins; j++) { struct TALER_RefreshLinkDecrypted *link_data; - struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub; + struct TALER_CoinSpendPublicKey coin_pub; struct GNUNET_HashCode h_msg; char *buf; size_t buf_len; @@ -931,15 +932,15 @@ check_commitment (struct MHD_Connection *connection, ? GNUNET_NO : GNUNET_SYSERR; } - GNUNET_CRYPTO_ecdsa_key_get_public (&link_data->coin_priv, - &coin_pub); + GNUNET_CRYPTO_ecdsa_key_get_public (&link_data->coin_priv.ecdsa_priv, + &coin_pub.ecdsa_pub); GNUNET_CRYPTO_hash (&coin_pub, - sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey), + sizeof (struct TALER_CoinSpendPublicKey), &h_msg); if (0 == (buf_len = GNUNET_CRYPTO_rsa_blind (&h_msg, - link_data->blinding_key, - denom_pubs[j], + link_data->blinding_key.rsa_blinding_key, + denom_pubs[j].rsa_public_key, &buf))) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, @@ -989,42 +990,45 @@ check_commitment (struct MHD_Connection *connection, * @param coin_off number of the coin * @return NULL on error, otherwise signature over the coin */ -static struct GNUNET_CRYPTO_rsa_Signature * +static struct TALER_DenominationSignature refresh_mint_coin (struct MHD_Connection *connection, struct TALER_MINTDB_Session *session, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session, + const struct TALER_SessionPublicKey *refresh_session, struct MintKeyState *key_state, - const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub, + const struct TALER_DenominationPublicKey *denom_pub, const struct RefreshCommitCoin *commit_coin, unsigned int coin_off) { struct TALER_MINT_DenomKeyIssuePriv *dki; - struct GNUNET_CRYPTO_rsa_Signature *ev_sig; + struct TALER_DenominationSignature ev_sig; - dki = TALER_MINT_get_denom_key (key_state, denom_pub); + dki = TALER_MINT_get_denom_key (key_state, + denom_pub); if (NULL == dki) { GNUNET_break (0); - return NULL; + ev_sig.rsa_signature = NULL; + return ev_sig; } - ev_sig = GNUNET_CRYPTO_rsa_sign (dki->denom_priv, - commit_coin->coin_ev, - commit_coin->coin_ev_size); - if (NULL == ev_sig) + ev_sig.rsa_signature + = GNUNET_CRYPTO_rsa_sign (dki->denom_priv.rsa_private_key, + commit_coin->coin_ev, + commit_coin->coin_ev_size); + if (NULL == ev_sig.rsa_signature) { GNUNET_break (0); - return NULL; + return ev_sig; } if (GNUNET_OK != plugin->insert_refresh_collectable (plugin->cls, session, refresh_session, coin_off, - ev_sig)) + &ev_sig)) { GNUNET_break (0); - GNUNET_CRYPTO_rsa_signature_free (ev_sig); - return NULL; + GNUNET_CRYPTO_rsa_signature_free (ev_sig.rsa_signature); + ev_sig.rsa_signature = NULL; } return ev_sig; } @@ -1046,18 +1050,18 @@ refresh_mint_coin (struct MHD_Connection *connection, */ int TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + const struct TALER_SessionPublicKey *refresh_session_pub, unsigned int kappa, unsigned int num_oldcoins, - struct GNUNET_CRYPTO_EcdsaPrivateKey *const*transfer_privs) + struct TALER_TransferPrivateKey **transfer_privs) { int res; struct TALER_MINTDB_Session *session; struct RefreshSession refresh_session; struct MintKeyState *key_state; struct RefreshMelt *melts; - struct GNUNET_CRYPTO_rsa_PublicKey **denom_pubs; - struct GNUNET_CRYPTO_rsa_Signature **ev_sigs; + struct TALER_DenominationPublicKey *denom_pubs; + struct TALER_DenominationSignature *ev_sigs; struct RefreshCommitCoin *commit_coins; unsigned int i; unsigned int j; @@ -1102,7 +1106,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, } } denom_pubs = GNUNET_malloc (refresh_session.num_newcoins * - sizeof (struct GNUNET_CRYPTO_rsa_PublicKey *)); + sizeof (struct TALER_DenominationPublicKey)); if (GNUNET_OK != plugin->get_refresh_order (plugin->cls, session, @@ -1135,7 +1139,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, denom_pubs))) { for (j=0;jcsig, - &deposit->coin.coin_pub)) + &deposit->csig.ecdsa_signature, + &deposit->coin.coin_pub.ecdsa_pub)) { LOG_WARNING ("Invalid signature on /deposit request\n"); return TALER_MINT_reply_arg_invalid (connection, @@ -82,7 +82,7 @@ verify_and_execute_deposit (struct MHD_Connection *connection, /* check denomination exists and is valid */ key_state = TALER_MINT_key_state_acquire (); dki = TALER_MINT_get_denom_key (key_state, - deposit->coin.denom_pub); + &deposit->coin.denom_pub); if (NULL == dki) { TALER_MINT_key_state_release (key_state); diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c index ca802e2d..b795323e 100644 --- a/src/mint/taler-mint-httpd_keystate.c +++ b/src/mint/taler-mint-httpd_keystate.c @@ -111,7 +111,7 @@ static int reload_pipe[2]; * @return a JSON object describing the denomination key isue (public part) */ static json_t * -denom_key_issue_to_json (struct GNUNET_CRYPTO_rsa_PublicKey *pk, +denom_key_issue_to_json (const struct TALER_DenominationPublicKey *pk, const struct TALER_MINT_DenomKeyIssue *dki) { struct TALER_Amount value; @@ -139,7 +139,7 @@ denom_key_issue_to_json (struct GNUNET_CRYPTO_rsa_PublicKey *pk, "stamp_expire_deposit", TALER_JSON_from_abs (GNUNET_TIME_absolute_ntoh (dki->expire_spend)), "denom_pub", - TALER_JSON_from_rsa_public_key (pk), + TALER_JSON_from_rsa_public_key (pk->rsa_public_key), "value", TALER_JSON_from_amount (&value), "fee_withdraw", @@ -217,7 +217,7 @@ reload_keys_denom_iter (void *cls, return GNUNET_OK; } - GNUNET_CRYPTO_rsa_public_key_hash (dki->denom_pub, + GNUNET_CRYPTO_rsa_public_key_hash (dki->denom_pub.rsa_public_key, &denom_key_hash); d2 = GNUNET_memdup (dki, sizeof (struct TALER_MINT_DenomKeyIssuePriv)); @@ -234,7 +234,7 @@ reload_keys_denom_iter (void *cls, return GNUNET_OK; } json_array_append_new (ctx->denom_keys_array, - denom_key_issue_to_json (dki->denom_pub, + denom_key_issue_to_json (&dki->denom_pub, &dki->issue)); return GNUNET_OK; } @@ -435,11 +435,11 @@ TALER_MINT_key_state_acquire (void) */ struct TALER_MINT_DenomKeyIssuePriv * TALER_MINT_get_denom_key (const struct MintKeyState *key_state, - const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub) + const struct TALER_DenominationPublicKey *denom_pub) { struct GNUNET_HashCode hc; - GNUNET_CRYPTO_rsa_public_key_hash (denom_pub, + GNUNET_CRYPTO_rsa_public_key_hash (denom_pub->rsa_public_key, &hc); return GNUNET_CONTAINER_multihashmap_get (key_state->denomkey_map, &hc); @@ -564,16 +564,16 @@ read_again: */ void TALER_MINT_keys_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, - struct GNUNET_CRYPTO_EddsaSignature *sig) + struct TALER_MintSignature *sig) { struct MintKeyState *key_state; key_state = TALER_MINT_key_state_acquire (); GNUNET_assert (GNUNET_OK == - GNUNET_CRYPTO_eddsa_sign (&key_state->current_sign_key_issue.signkey_priv, + GNUNET_CRYPTO_eddsa_sign (&key_state->current_sign_key_issue.signkey_priv.eddsa_priv, purpose, - sig)); + &sig->eddsa_signature)); TALER_MINT_key_state_release (key_state); } diff --git a/src/mint/taler-mint-httpd_keystate.h b/src/mint/taler-mint-httpd_keystate.h index 4bb468ea..faccc8f0 100644 --- a/src/mint/taler-mint-httpd_keystate.h +++ b/src/mint/taler-mint-httpd_keystate.h @@ -67,7 +67,7 @@ TALER_MINT_key_state_release (struct MintKeyState *key_state); */ struct TALER_MINT_DenomKeyIssuePriv * TALER_MINT_get_denom_key (const struct MintKeyState *key_state, - const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub); + const struct TALER_DenominationPublicKey *denom_pub); /** @@ -90,7 +90,7 @@ TALER_MINT_key_reload_loop (void); */ void TALER_MINT_keys_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, - struct GNUNET_CRYPTO_EddsaSignature *sig); + struct TALER_MintSignature *sig); /** diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c index d6bf3c42..8a024dff 100644 --- a/src/mint/taler-mint-httpd_refresh.c +++ b/src/mint/taler-mint-httpd_refresh.c @@ -58,14 +58,14 @@ */ static int handle_refresh_melt_binary (struct MHD_Connection *connection, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + const struct TALER_SessionPublicKey *refresh_session_pub, unsigned int num_new_denoms, - struct GNUNET_CRYPTO_rsa_PublicKey *const*denom_pubs, + const struct TALER_DenominationPublicKey *denom_pubs, unsigned int coin_count, struct TALER_CoinPublicInfo *coin_public_infos, const struct MeltDetails *coin_melt_details, const struct GNUNET_HashCode *commit_hash, - const struct GNUNET_CRYPTO_EddsaSignature *commit_client_sig, + const struct TALER_SessionSignature *commit_client_sig, unsigned int kappa, struct RefreshCommitCoin *const* commit_coin, struct RefreshCommitLink *const* commit_link) @@ -92,7 +92,7 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, /* FIXME: also hash session public key here!? #3708 */ for (i = 0; i < num_new_denoms; i++) { - buf_size = GNUNET_CRYPTO_rsa_public_key_encode (denom_pubs[i], + buf_size = GNUNET_CRYPTO_rsa_public_key_encode (denom_pubs[i].rsa_public_key, &buf); GNUNET_CRYPTO_hash_context_read (hash_context, buf, @@ -113,10 +113,11 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, TALER_amount_hton (&body.amount_with_fee, &coin_melt_details->melt_amount_with_fee); - if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_REFRESH_MELT_SESSION, - &body.purpose, - commit_client_sig, - refresh_session_pub)) + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_REFRESH_MELT_SESSION, + &body.purpose, + &commit_client_sig->eddsa_signature, + &refresh_session_pub->eddsa_pub)) { GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "signature invalid (did not verify)\n"); @@ -133,7 +134,7 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, for (i=0;iissue; + &denom_pubs[i])->issue; TALER_amount_ntoh (&value, &dki->value); TALER_amount_ntoh (&fee_withdraw, @@ -161,7 +162,7 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, /* calculate contribution of the i-th melt by subtracting the fee; add the rest to the total_melt value */ dki = &TALER_MINT_get_denom_key (key_state, - coin_public_infos[i].denom_pub)->issue; + &coin_public_infos[i].denom_pub)->issue; TALER_amount_ntoh (&fee_melt, &dki->fee_refresh); if (GNUNET_OK != @@ -228,14 +229,14 @@ get_coin_public_info (struct MHD_Connection *connection, struct MeltDetails *r_melt_detail) { int ret; - struct GNUNET_CRYPTO_EcdsaSignature melt_sig; - struct GNUNET_CRYPTO_rsa_Signature *sig; - struct GNUNET_CRYPTO_rsa_PublicKey *pk; + struct TALER_CoinSpendSignature melt_sig; + struct TALER_DenominationSignature sig; + struct TALER_DenominationPublicKey pk; struct TALER_Amount amount; struct GNUNET_MINT_ParseFieldSpec spec[] = { TALER_MINT_PARSE_FIXED ("coin_pub", &r_public_info->coin_pub), - TALER_MINT_PARSE_RSA_SIGNATURE ("denom_sig", &sig), - TALER_MINT_PARSE_RSA_PUBLIC_KEY ("denom_pub", &pk), + TALER_MINT_PARSE_RSA_SIGNATURE ("denom_sig", &sig.rsa_signature), + TALER_MINT_PARSE_RSA_PUBLIC_KEY ("denom_pub", &pk.rsa_public_key), TALER_MINT_PARSE_FIXED ("confirm_sig", &melt_sig), TALER_MINT_PARSE_AMOUNT ("value_with_fee", &amount), TALER_MINT_PARSE_END @@ -253,8 +254,8 @@ get_coin_public_info (struct MHD_Connection *connection, TALER_test_coin_valid (r_public_info)) { TALER_MINT_release_parsed_data (spec); - r_public_info->denom_sig = NULL; - r_public_info->denom_pub = NULL; + r_public_info->denom_sig.rsa_signature = NULL; + r_public_info->denom_pub.rsa_public_key = NULL; return (MHD_YES == TALER_MINT_reply_json_pack (connection, MHD_HTTP_NOT_FOUND, @@ -304,8 +305,8 @@ verify_coin_public_info (struct MHD_Connection *connection, if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_REFRESH_MELT_COIN, &body.purpose, - &r_melt_detail->melt_sig, - &r_public_info->coin_pub)) + &r_melt_detail->melt_sig.ecdsa_signature, + &r_public_info->coin_pub.ecdsa_pub)) { if (MHD_YES != TALER_MINT_reply_json_pack (connection, @@ -317,7 +318,7 @@ verify_coin_public_info (struct MHD_Connection *connection, } key_state = TALER_MINT_key_state_acquire (); dki = TALER_MINT_get_denom_key (key_state, - r_public_info->denom_pub); + &r_public_info->denom_pub); if (NULL == dki) { TALER_MINT_key_state_release (key_state); @@ -420,7 +421,7 @@ free_commit_links (struct RefreshCommitLink **commit_link, */ static int handle_refresh_melt_json (struct MHD_Connection *connection, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + const struct TALER_SessionPublicKey *refresh_session_pub, const json_t *new_denoms, const json_t *melt_coins, const json_t *melt_sig_json, @@ -437,7 +438,7 @@ handle_refresh_melt_json (struct MHD_Connection *connection, int res; unsigned int i; unsigned int j; - struct GNUNET_CRYPTO_rsa_PublicKey **denom_pubs; + struct TALER_DenominationPublicKey *denom_pubs; unsigned int num_new_denoms; struct TALER_CoinPublicInfo *coin_public_infos; struct MeltDetails *coin_melt_details; @@ -446,20 +447,22 @@ handle_refresh_melt_json (struct MHD_Connection *connection, struct GNUNET_HashContext *hash_context; struct RefreshCommitCoin *commit_coin[kappa]; struct RefreshCommitLink *commit_link[kappa]; - const struct GNUNET_CRYPTO_EddsaSignature commit_client_sig; + const struct TALER_SessionSignature commit_client_sig; num_new_denoms = json_array_size (new_denoms); denom_pubs = GNUNET_malloc (num_new_denoms * - sizeof (struct GNUNET_CRYPTO_rsa_PublicKey *)); + sizeof (struct TALER_DenominationPublicKey)); for (i=0;iamount_with_fee); dr.coin_pub = deposit->coin.coin_pub; transaction = TALER_JSON_from_ecdsa_sig (&dr.purpose, - &deposit->csig); + &deposit->csig.ecdsa_signature); break; } case TALER_MINT_DB_TT_REFRESH_MELT: @@ -368,7 +369,7 @@ compile_transaction_history (const struct TALER_MINT_DB_TransactionList *tl) &melt->amount_with_fee); ms.coin_pub = melt->coin.coin_pub; transaction = TALER_JSON_from_ecdsa_sig (&ms.purpose, - &melt->coin_sig); + &melt->coin_sig.ecdsa_signature); } break; case TALER_MINT_DB_TT_LOCK: @@ -480,7 +481,7 @@ compile_reserve_history (const struct ReserveHistory *rh, case TALER_MINT_DB_RO_WITHDRAW_COIN: dki = TALER_MINT_get_denom_key (key_state, - pos->details.withdraw->denom_pub); + &pos->details.withdraw->denom_pub); TALER_amount_ntoh (&value, &dki->issue.value); if (0 == ret) @@ -499,12 +500,12 @@ compile_reserve_history (const struct ReserveHistory *rh, wr.purpose.purpose = htonl (TALER_SIGNATURE_WITHDRAW); wr.purpose.size = htonl (sizeof (struct TALER_WithdrawRequest)); wr.reserve_pub = pos->details.withdraw->reserve_pub; - GNUNET_CRYPTO_rsa_public_key_hash (pos->details.withdraw->denom_pub, + GNUNET_CRYPTO_rsa_public_key_hash (pos->details.withdraw->denom_pub.rsa_public_key, &wr.h_denomination_pub); wr.h_coin_envelope = pos->details.withdraw->h_coin_envelope; transaction = TALER_JSON_from_eddsa_sig (&wr.purpose, - &pos->details.withdraw->reserve_sig); + &pos->details.withdraw->reserve_sig.eddsa_signature); json_array_append_new (json_history, json_pack ("{s:s, s:o, s:o}", @@ -613,7 +614,7 @@ TALER_MINT_reply_withdraw_sign_success (struct MHD_Connection *connection, json_t *sig_json; int ret; - sig_json = TALER_JSON_from_rsa_signature (collectable->sig); + sig_json = TALER_JSON_from_rsa_signature (collectable->sig.rsa_signature); ret = TALER_MINT_reply_json_pack (connection, MHD_HTTP_OK, "{s:o}", @@ -640,7 +641,7 @@ TALER_MINT_reply_withdraw_sign_success (struct MHD_Connection *connection, */ int TALER_MINT_reply_refresh_melt_insufficient_funds (struct MHD_Connection *connection, - const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub, + const struct TALER_CoinSpendPublicKey *coin_pub, struct TALER_Amount coin_value, struct TALER_MINT_DB_TransactionList *tl, struct TALER_Amount requested, @@ -654,7 +655,7 @@ TALER_MINT_reply_refresh_melt_insufficient_funds (struct MHD_Connection *connect "{s:s, s:o, s:o, s:o, s:o, s:o}", "error", "insufficient funds", "coin-pub", TALER_JSON_from_data (coin_pub, - sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)), + sizeof (struct TALER_CoinSpendPublicKey)), "original-value", TALER_JSON_from_amount (&coin_value), "residual-value", TALER_JSON_from_amount (&residual), "requested-value", TALER_JSON_from_amount (&requested), @@ -676,7 +677,7 @@ TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection, uint16_t noreveal_index) { struct RefreshMeltResponseSignatureBody body; - struct GNUNET_CRYPTO_EddsaSignature sig; + struct TALER_MintSignature sig; json_t *sig_json; int ret; @@ -687,7 +688,7 @@ TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection, TALER_MINT_keys_sign (&body.purpose, &sig); sig_json = TALER_JSON_from_eddsa_sig (&body.purpose, - &sig); + &sig.eddsa_signature); GNUNET_assert (NULL != sig_json); ret = TALER_MINT_reply_json_pack (connection, MHD_HTTP_OK, @@ -710,7 +711,7 @@ TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection, int TALER_MINT_reply_refresh_reveal_success (struct MHD_Connection *connection, unsigned int num_newcoins, - struct GNUNET_CRYPTO_rsa_Signature **sigs) + const struct TALER_DenominationSignature *sigs) { int newcoin_index; json_t *root; @@ -724,7 +725,7 @@ TALER_MINT_reply_refresh_reveal_success (struct MHD_Connection *connection, list); for (newcoin_index = 0; newcoin_index < num_newcoins; newcoin_index++) json_array_append_new (list, - TALER_JSON_from_rsa_signature (sigs[newcoin_index])); + TALER_JSON_from_rsa_signature (sigs[newcoin_index].rsa_signature)); ret = TALER_MINT_reply_json (connection, root, MHD_HTTP_OK); @@ -777,7 +778,7 @@ TALER_MINT_reply_refresh_reveal_missmatch (struct MHD_Connection *connection, */ int TALER_MINT_reply_refresh_link_success (struct MHD_Connection *connection, - const struct GNUNET_CRYPTO_EcdsaPublicKey *transfer_pub, + const struct TALER_TransferPublicKey *transfer_pub, const struct TALER_EncryptedLinkSecret *shared_secret_enc, const struct LinkDataList *ldl) { @@ -794,14 +795,14 @@ TALER_MINT_reply_refresh_link_success (struct MHD_Connection *connection, obj = json_object (); json_object_set_new (obj, "link_enc", TALER_JSON_from_data (ldl->link_data_enc->coin_priv_enc, - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey) + + sizeof (struct TALER_CoinSpendPrivateKey) + ldl->link_data_enc->blinding_key_enc_size)); json_object_set_new (obj, "denom_pub", - TALER_JSON_from_rsa_public_key (ldl->denom_pub)); + TALER_JSON_from_rsa_public_key (ldl->denom_pub.rsa_public_key)); json_object_set_new (obj, "ev_sig", - TALER_JSON_from_rsa_signature (ldl->ev_sig)); + TALER_JSON_from_rsa_signature (ldl->ev_sig.rsa_signature)); json_array_append_new (list, obj); } @@ -812,7 +813,7 @@ TALER_MINT_reply_refresh_link_success (struct MHD_Connection *connection, json_object_set_new (root, "transfer_pub", TALER_JSON_from_data (transfer_pub, - sizeof (struct GNUNET_CRYPTO_EddsaPublicKey))); + sizeof (struct TALER_TransferPublicKey))); json_object_set_new (root, "secret_enc", TALER_JSON_from_data (shared_secret_enc, diff --git a/src/mint/taler-mint-httpd_responses.h b/src/mint/taler-mint-httpd_responses.h index d42aa29b..d7e56350 100644 --- a/src/mint/taler-mint-httpd_responses.h +++ b/src/mint/taler-mint-httpd_responses.h @@ -185,11 +185,11 @@ TALER_MINT_reply_invalid_json (struct MHD_Connection *connection); */ int TALER_MINT_reply_deposit_success (struct MHD_Connection *connection, - const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub, + const struct TALER_CoinSpendPublicKey *coin_pub, const struct GNUNET_HashCode *h_wire, const struct GNUNET_HashCode *h_contract, uint64_t transaction_id, - const struct GNUNET_CRYPTO_EddsaPublicKey *merchant, + const struct TALER_MerchantPublicKey *merchant, const struct TALER_Amount *amount); @@ -276,7 +276,7 @@ TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection, */ int TALER_MINT_reply_refresh_melt_insufficient_funds (struct MHD_Connection *connection, - const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub, + const struct TALER_CoinSpendPublicKey *coin_pub, struct TALER_Amount coin_value, struct TALER_MINT_DB_TransactionList *tl, struct TALER_Amount requested, @@ -294,7 +294,7 @@ TALER_MINT_reply_refresh_melt_insufficient_funds (struct MHD_Connection *connect int TALER_MINT_reply_refresh_reveal_success (struct MHD_Connection *connection, unsigned int num_newcoins, - struct GNUNET_CRYPTO_rsa_Signature **sigs); + const struct TALER_DenominationSignature *sigs); /** @@ -332,7 +332,7 @@ TALER_MINT_reply_refresh_reveal_missmatch (struct MHD_Connection *connection, */ int TALER_MINT_reply_refresh_link_success (struct MHD_Connection *connection, - const struct GNUNET_CRYPTO_EcdsaPublicKey *transfer_pub, + const struct TALER_TransferPublicKey *transfer_pub, const struct TALER_EncryptedLinkSecret *shared_secret_enc, const struct LinkDataList *ldl); diff --git a/src/mint/taler-mint-httpd_withdraw.c b/src/mint/taler-mint-httpd_withdraw.c index b796af94..7d7ca806 100644 --- a/src/mint/taler-mint-httpd_withdraw.c +++ b/src/mint/taler-mint-httpd_withdraw.c @@ -49,13 +49,13 @@ TALER_MINT_handler_withdraw_status (struct RequestHandler *rh, const char *upload_data, size_t *upload_data_size) { - struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub; + struct TALER_ReservePublicKey reserve_pub; int res; res = TALER_MINT_mhd_request_arg_data (connection, "reserve_pub", &reserve_pub, - sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)); + sizeof (struct TALER_ReservePublicKey)); if (GNUNET_SYSERR == res) return MHD_NO; /* internal error */ if (GNUNET_NO == res) @@ -90,17 +90,17 @@ TALER_MINT_handler_withdraw_sign (struct RequestHandler *rh, { struct TALER_WithdrawRequest wsrd; int res; - struct GNUNET_CRYPTO_rsa_PublicKey *denomination_pub; + struct TALER_DenominationPublicKey denomination_pub; char *denomination_pub_data; size_t denomination_pub_data_size; char *blinded_msg; size_t blinded_msg_len; - struct GNUNET_CRYPTO_EddsaSignature signature; + struct TALER_ReserveSignature signature; res = TALER_MINT_mhd_request_arg_data (connection, "reserve_pub", &wsrd.reserve_pub, - sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)); + sizeof (struct TALER_ReservePublicKey)); if (GNUNET_SYSERR == res) return MHD_NO; /* internal error */ if (GNUNET_NO == res) @@ -108,7 +108,7 @@ TALER_MINT_handler_withdraw_sign (struct RequestHandler *rh, res = TALER_MINT_mhd_request_arg_data (connection, "reserve_sig", &signature, - sizeof (struct GNUNET_CRYPTO_EddsaSignature)); + sizeof (struct TALER_ReserveSignature)); if (GNUNET_SYSERR == res) return MHD_NO; /* internal error */ if (GNUNET_NO == res) @@ -148,8 +148,8 @@ TALER_MINT_handler_withdraw_sign (struct RequestHandler *rh, if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WITHDRAW, &wsrd.purpose, - &signature, - &wsrd.reserve_pub)) + &signature.eddsa_signature, + &wsrd.reserve_pub.eddsa_pub)) { LOG_WARNING ("Client supplied invalid signature for /withdraw/sign request\n"); GNUNET_free (denomination_pub_data); @@ -157,10 +157,11 @@ TALER_MINT_handler_withdraw_sign (struct RequestHandler *rh, return TALER_MINT_reply_arg_invalid (connection, "reserve_sig"); } - denomination_pub = GNUNET_CRYPTO_rsa_public_key_decode (denomination_pub_data, - denomination_pub_data_size); + denomination_pub.rsa_public_key + = GNUNET_CRYPTO_rsa_public_key_decode (denomination_pub_data, + denomination_pub_data_size); GNUNET_free (denomination_pub_data); - if (NULL == denomination_pub) + if (NULL == denomination_pub.rsa_public_key) { LOG_WARNING ("Client supplied ill-formed denomination public key for /withdraw/sign request\n"); GNUNET_free (blinded_msg); @@ -169,12 +170,12 @@ TALER_MINT_handler_withdraw_sign (struct RequestHandler *rh, } res = TALER_MINT_db_execute_withdraw_sign (connection, &wsrd.reserve_pub, - denomination_pub, + &denomination_pub, blinded_msg, blinded_msg_len, &signature); GNUNET_free (blinded_msg); - GNUNET_CRYPTO_rsa_public_key_free (denomination_pub); + GNUNET_CRYPTO_rsa_public_key_free (denomination_pub.rsa_public_key); return res; } diff --git a/src/mint/taler-mint-keycheck.c b/src/mint/taler-mint-keycheck.c index cb46c14e..370b1c51 100644 --- a/src/mint/taler-mint-keycheck.c +++ b/src/mint/taler-mint-keycheck.c @@ -70,8 +70,8 @@ signkeys_iter (void *cls, if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_SIGNKEY, &ski->issue.purpose, - &ski->issue.signature, - &ski->issue.master_pub)) + &ski->issue.signature.eddsa_signature, + &ski->issue.master_pub.eddsa_pub)) { fprintf (stderr, "Signing key `%s' has invalid signature\n", @@ -130,15 +130,15 @@ denomkeys_iter (void *cls, if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DENOM, &dki->issue.purpose, - &dki->issue.signature, - &dki->issue.master)) + &dki->issue.signature.eddsa_signature, + &dki->issue.master.eddsa_pub)) { fprintf (stderr, "Denomination key for `%s' has invalid signature\n", alias); return GNUNET_SYSERR; } - GNUNET_CRYPTO_rsa_public_key_hash (dki->denom_pub, + GNUNET_CRYPTO_rsa_public_key_hash (dki->denom_pub.rsa_public_key, &hc); if (0 != memcmp (&hc, &dki->issue.denom_hash, diff --git a/src/mint/taler-mint-keyup.c b/src/mint/taler-mint-keyup.c index 759e7c1b..019ae5b3 100644 --- a/src/mint/taler-mint-keyup.c +++ b/src/mint/taler-mint-keyup.c @@ -179,12 +179,12 @@ static struct GNUNET_TIME_Absolute now; /** * Master private key of the mint. */ -static struct GNUNET_CRYPTO_EddsaPrivateKey *master_priv; +static struct TALER_MasterPrivateKey master_priv; /** * Master public key of the mint. */ -static struct GNUNET_CRYPTO_EddsaPublicKey *master_pub; +static struct TALER_MasterPublicKey master_pub; /** * Until what time do we provide keys? @@ -440,23 +440,23 @@ create_signkey_issue_priv (struct GNUNET_TIME_Absolute start, struct TALER_MINT_SignKeyIssue *issue = &pi->issue; priv = GNUNET_CRYPTO_eddsa_key_create (); - pi->signkey_priv = *priv; + pi->signkey_priv.eddsa_priv = *priv; GNUNET_free (priv); - issue->master_pub = *master_pub; + issue->master_pub = master_pub; issue->start = GNUNET_TIME_absolute_hton (start); issue->expire = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_add (start, duration)); - GNUNET_CRYPTO_eddsa_key_get_public (&pi->signkey_priv, - &issue->signkey_pub); + GNUNET_CRYPTO_eddsa_key_get_public (&pi->signkey_priv.eddsa_priv, + &issue->signkey_pub.eddsa_pub); issue->purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNKEY); issue->purpose.size = htonl (sizeof (struct TALER_MINT_SignKeyIssue) - offsetof (struct TALER_MINT_SignKeyIssue, purpose)); GNUNET_assert (GNUNET_OK == - GNUNET_CRYPTO_eddsa_sign (master_priv, + GNUNET_CRYPTO_eddsa_sign (&master_priv.eddsa_priv, &issue->purpose, - &issue->signature)); + &issue->signature.eddsa_signature)); } @@ -678,12 +678,14 @@ static void create_denomkey_issue (const struct CoinTypeParams *params, struct TALER_MINT_DenomKeyIssuePriv *dki) { - GNUNET_assert (NULL != - (dki->denom_priv = GNUNET_CRYPTO_rsa_private_key_create (params->rsa_keysize))); - dki->denom_pub = GNUNET_CRYPTO_rsa_private_key_get_public (dki->denom_priv); - GNUNET_CRYPTO_rsa_public_key_hash (dki->denom_pub, + dki->denom_priv.rsa_private_key + = GNUNET_CRYPTO_rsa_private_key_create (params->rsa_keysize); + GNUNET_assert (NULL != dki->denom_priv.rsa_private_key); + dki->denom_pub.rsa_public_key + = GNUNET_CRYPTO_rsa_private_key_get_public (dki->denom_priv.rsa_private_key); + GNUNET_CRYPTO_rsa_public_key_hash (dki->denom_pub.rsa_public_key, &dki->issue.denom_hash); - dki->issue.master = *master_pub; + dki->issue.master = master_pub; dki->issue.start = GNUNET_TIME_absolute_hton (params->anchor); dki->issue.expire_withdraw = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_add (params->anchor, @@ -704,9 +706,9 @@ create_denomkey_issue (const struct CoinTypeParams *params, offsetof (struct TALER_MINT_DenomKeyIssuePriv, issue.purpose)); GNUNET_assert (GNUNET_OK == - GNUNET_CRYPTO_eddsa_sign (master_priv, + GNUNET_CRYPTO_eddsa_sign (&master_priv.eddsa_priv, &dki->issue.purpose, - &dki->issue.signature)); + &dki->issue.signature.eddsa_signature)); } @@ -764,10 +766,10 @@ mint_keys_update_cointype (void *cls, "Failed to write denomination key information to file `%s'.\n", dkf); *ret = GNUNET_SYSERR; - GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv); + GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv.rsa_private_key); return; } - GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv); + GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv.rsa_private_key); p.anchor = GNUNET_TIME_absolute_add (p.anchor, p.duration_spend); p.anchor = GNUNET_TIME_absolute_subtract (p.anchor, @@ -825,6 +827,7 @@ main (int argc, GNUNET_GETOPT_OPTION_END }; struct GNUNET_TIME_Relative lookahead_sign; + struct GNUNET_CRYPTO_EddsaPrivateKey *eddsa_priv; GNUNET_assert (GNUNET_OK == GNUNET_log_setup ("taler-mint-keyup", @@ -872,18 +875,18 @@ main (int argc, "Master key file not given\n"); return 1; } - master_priv = GNUNET_CRYPTO_eddsa_key_create_from_file (masterkeyfile); - if (NULL == master_priv) + eddsa_priv = GNUNET_CRYPTO_eddsa_key_create_from_file (masterkeyfile); + if (NULL == eddsa_priv) { fprintf (stderr, "Failed to initialize master key from file `%s'\n", masterkeyfile); return 1; } - - master_pub = GNUNET_new (struct GNUNET_CRYPTO_EddsaPublicKey); - GNUNET_CRYPTO_eddsa_key_get_public (master_priv, - master_pub); + master_priv.eddsa_priv = *eddsa_priv; + GNUNET_free (eddsa_priv); + GNUNET_CRYPTO_eddsa_key_get_public (&master_priv.eddsa_priv, + &master_pub.eddsa_pub); /* check if key from file matches the one from the configuration */ { @@ -902,7 +905,7 @@ main (int argc, return 1; } if (0 != - memcmp (master_pub, + memcmp (&master_pub, &master_pub_from_cfg, sizeof (struct GNUNET_CRYPTO_EddsaPublicKey))) { diff --git a/src/mint/taler_mintdb_plugin.h b/src/mint/taler_mintdb_plugin.h index 83e37334..22522881 100644 --- a/src/mint/taler_mintdb_plugin.h +++ b/src/mint/taler_mintdb_plugin.h @@ -35,7 +35,7 @@ struct BankTransfer /** * Public key of the reserve that was filled. */ - struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub; + struct TALER_ReservePublicKey reserve_pub; /** * Amount that was transferred to the mint. @@ -58,7 +58,7 @@ struct Reserve /** * The reserve's public key. This uniquely identifies the reserve */ - struct GNUNET_CRYPTO_EddsaPublicKey *pub; + struct TALER_ReservePublicKey pub; /** * The balance amount existing in the reserve @@ -83,7 +83,7 @@ struct CollectableBlindcoin /** * Our signature over the (blinded) coin. */ - struct GNUNET_CRYPTO_rsa_Signature *sig; + struct TALER_DenominationSignature sig; /** * Denomination key (which coin was generated). @@ -91,12 +91,12 @@ struct CollectableBlindcoin * AMOUNT *including* fee in what is being signed * as well! */ - struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub; + struct TALER_DenominationPublicKey denom_pub; /** * Public key of the reserve that was drained. */ - struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub; + struct TALER_ReservePublicKey reserve_pub; /** * Hash over the blinded message, needed to verify @@ -108,7 +108,7 @@ struct CollectableBlindcoin * Signature confirming the withdrawl, matching @e reserve_pub, * @e denom_pub and @e h_coin_envelope. */ - struct GNUNET_CRYPTO_EddsaSignature reserve_sig; + struct TALER_ReserveSignature reserve_sig; }; @@ -186,13 +186,13 @@ struct Deposit * by @e h_wire in relation to the contract identified * by @e h_contract. */ - struct GNUNET_CRYPTO_EcdsaSignature csig; + struct TALER_CoinSpendSignature csig; /** * Public key of the merchant. Enables later identification * of the merchant in case of a need to rollback transactions. */ - struct GNUNET_CRYPTO_EddsaPublicKey merchant_pub; + struct TALER_MerchantPublicKey merchant_pub; /** * Hash over the contract between merchant and customer @@ -238,8 +238,10 @@ struct RefreshSession /** * Signature over the commitments by the client, * only valid if @e has_commit_sig is set. + * + * FIXME: The above comment is clearly confused. */ - struct GNUNET_CRYPTO_EddsaSignature commit_sig; + struct TALER_SessionSignature commit_sig; /** * Hash over coins to melt and coins to create of the @@ -250,7 +252,7 @@ struct RefreshSession /** * Signature over the melt by the client. */ - struct GNUNET_CRYPTO_EddsaSignature melt_sig; + struct TALER_SessionSignature melt_sig; /** * Number of coins we are melting. @@ -291,7 +293,7 @@ struct RefreshMelt /** * Signature over the melting operation. */ - struct GNUNET_CRYPTO_EcdsaSignature coin_sig; + struct TALER_CoinSpendSignature coin_sig; /** * Which melting operation should the coin become a part of. @@ -350,7 +352,7 @@ struct RefreshCommitLink /** * Transfer public key (FIXME: explain!) */ - struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub; + struct TALER_TransferPublicKey transfer_pub; /** * Encrypted shared secret to decrypt the link. @@ -378,12 +380,12 @@ struct LinkDataList /** * Denomination public key, determines the value of the coin. */ - struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub; + struct TALER_DenominationPublicKey denom_pub; /** * Signature over the blinded envelope. */ - struct GNUNET_CRYPTO_rsa_Signature *ev_sig; + struct TALER_DenominationSignature ev_sig; }; @@ -393,14 +395,14 @@ struct LinkDataList struct Lock { /** - * Information about the coin that is being melted. + * Information about the coin that is being locked. */ struct TALER_CoinPublicInfo coin; /** - * Signature over the melting operation. + * Signature over the locking operation. */ - const struct GNUNET_CRYPTO_EcdsaSignature coin_sig; + struct TALER_CoinSpendSignature coin_sig; /** * How much value is being locked? @@ -535,35 +537,35 @@ struct TALER_MINTDB_Plugin * Start a transaction. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn connection to use + * @param sesssion connection to use * @return #GNUNET_OK on success */ int (*start) (void *cls, - struct TALER_MINTDB_Session *db_conn); + struct TALER_MINTDB_Session *sesssion); /** * Commit a transaction. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn connection to use + * @param sesssion connection to use * @return #GNUNET_OK on success */ int (*commit) (void *cls, - struct TALER_MINTDB_Session *db_conn); + struct TALER_MINTDB_Session *sesssion); /** * Abort/rollback a transaction. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn connection to use + * @param sesssion connection to use */ void (*rollback) (void *cls, - struct TALER_MINTDB_Session *db_conn); + struct TALER_MINTDB_Session *sesssion); /** @@ -611,7 +613,7 @@ struct TALER_MINTDB_Plugin * key of the hash of the blinded message. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection to use + * @param sesssion database connection to use * @param h_blind hash of the blinded message * @param collectable corresponding collectable coin (blind signature) * if a coin is found @@ -621,7 +623,7 @@ struct TALER_MINTDB_Plugin */ int (*get_collectable_blindcoin) (void *cls, - struct TALER_MINTDB_Session *db_conn, + struct TALER_MINTDB_Session *sesssion, const struct GNUNET_HashCode *h_blind, struct CollectableBlindcoin *collectable); @@ -631,7 +633,7 @@ struct TALER_MINTDB_Plugin * hash of the blinded message. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection to use + * @param sesssion database connection to use * @param h_blind hash of the blinded message * @param withdraw amount by which the reserve will be withdrawn with this * transaction @@ -643,7 +645,7 @@ struct TALER_MINTDB_Plugin */ int (*insert_collectable_blindcoin) (void *cls, - struct TALER_MINTDB_Session *db_conn, + struct TALER_MINTDB_Session *sesssion, const struct GNUNET_HashCode *h_blind, struct TALER_Amount withdraw, const struct CollectableBlindcoin *collectable); @@ -654,14 +656,14 @@ struct TALER_MINTDB_Plugin * reserve. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn connection to use + * @param sesssion connection to use * @param reserve_pub public key of the reserve * @return known transaction history (NULL if reserve is unknown) */ struct ReserveHistory * (*get_reserve_history) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *reserve_pub); + struct TALER_MINTDB_Session *sesssion, + const struct TALER_ReservePublicKey *reserve_pub); /** @@ -679,7 +681,7 @@ struct TALER_MINTDB_Plugin * Check if we have the specified deposit already in the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection + * @param sesssion database connection * @param deposit deposit to search for * @return #GNUNET_YES if we know this operation, * #GNUNET_NO if this deposit is unknown to us, @@ -687,7 +689,7 @@ struct TALER_MINTDB_Plugin */ int (*have_deposit) (void *cls, - struct TALER_MINTDB_Session *db_conn, + struct TALER_MINTDB_Session *sesssion, const struct Deposit *deposit); @@ -696,13 +698,13 @@ struct TALER_MINTDB_Plugin * database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn connection to the database + * @param sesssion connection to the database * @param deposit deposit information to store * @return #GNUNET_OK on success, #GNUNET_SYSERR on error */ int (*insert_deposit) (void *cls, - struct TALER_MINTDB_Session *db_conn, + struct TALER_MINTDB_Session *sesssion, const struct Deposit *deposit); @@ -710,7 +712,7 @@ struct TALER_MINTDB_Plugin * Lookup refresh session data under the given public key. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database handle to use + * @param sesssion database handle to use * @param refresh_session_pub public key to use for the lookup * @param refresh_session[OUT] where to store the result * @return #GNUNET_YES on success, @@ -719,8 +721,8 @@ struct TALER_MINTDB_Plugin */ int (*get_refresh_session) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_SessionPublicKey *refresh_session_pub, struct RefreshSession *refresh_session); @@ -728,7 +730,7 @@ struct TALER_MINTDB_Plugin * Store new refresh session data under the given public key. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database handle to use + * @param sesssion database handle to use * @param refresh_session_pub public key to use to locate the session * @param refresh_session session data to store * @return #GNUNET_YES on success, @@ -736,8 +738,8 @@ struct TALER_MINTDB_Plugin */ int (*create_refresh_session) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_SessionPublicKey *session_pub, const struct RefreshSession *refresh_session); @@ -746,7 +748,7 @@ struct TALER_MINTDB_Plugin * Store the given /refresh/melt request in the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection + * @param sesssion database connection * @param refresh_session session key of the melt operation * @param oldcoin_index index of the coin to store * @param melt coin melt operation details to store @@ -755,8 +757,8 @@ struct TALER_MINTDB_Plugin */ int (*insert_refresh_melt) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_SessionPublicKey *refresh_session, uint16_t oldcoin_index, const struct RefreshMelt *melt); @@ -765,7 +767,7 @@ struct TALER_MINTDB_Plugin * Get information about melted coin details from the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection + * @param sesssion database connection * @param refresh_session session key of the melt operation * @param oldcoin_index index of the coin to retrieve * @param melt melt data to fill in @@ -774,8 +776,8 @@ struct TALER_MINTDB_Plugin */ int (*get_refresh_melt) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_SessionPublicKey *refresh_session, uint16_t oldcoin_index, struct RefreshMelt *melt); @@ -785,7 +787,7 @@ struct TALER_MINTDB_Plugin * in a given refresh operation. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection + * @param sesssion database connection * @param session_pub refresh session key * @param num_newcoins number of coins to generate, size of the @a denom_pubs array * @param denom_pubs array denominations of the coins to create @@ -794,10 +796,10 @@ struct TALER_MINTDB_Plugin */ int (*insert_refresh_order) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_SessionPublicKey *session_pub, uint16_t num_newcoins, - struct GNUNET_CRYPTO_rsa_PublicKey *const*denom_pubs); + const struct TALER_DenominationPublicKey *denom_pubs); /** @@ -805,7 +807,7 @@ struct TALER_MINTDB_Plugin * create in the given refresh operation. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection + * @param sesssion database connection * @param session_pub refresh session key * @param num_newcoins size of the @a denom_pubs array * @param denom_pubs[OUT] where to write @a num_newcoins denomination keys @@ -814,10 +816,10 @@ struct TALER_MINTDB_Plugin */ int (*get_refresh_order) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_SessionPublicKey *session_pub, uint16_t num_newcoins, - struct GNUNET_CRYPTO_rsa_PublicKey **denom_pubs); + struct TALER_DenominationPublicKey *denom_pubs); /** @@ -825,7 +827,7 @@ struct TALER_MINTDB_Plugin * for the given refresh session in the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection to use + * @param sesssion database connection to use * @param refresh_session_pub refresh session this commitment belongs to * @param i set index (1st dimension), relating to kappa * @param num_newcoins coin index size of the @a commit_coins array @@ -835,8 +837,8 @@ struct TALER_MINTDB_Plugin */ int (*insert_refresh_commit_coins) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_SessionPublicKey *refresh_session_pub, unsigned int i, unsigned int num_newcoins, const struct RefreshCommitCoin *commit_coins); @@ -847,22 +849,22 @@ struct TALER_MINTDB_Plugin * given coin of the given refresh session from the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection to use + * @param sesssion database connection to use * @param refresh_session_pub refresh session the commitment belongs to * @param i set index (1st dimension) - * @param j coin index (2nd dimension), corresponds to refreshed (new) coins - * @param commit_coin[OUT] coin commitment to return + * @param num_coins size of the @a commit_coins array + * @param commit_coin[OUT] array of coin commitments to return * @return #GNUNET_OK on success * #GNUNET_NO if not found * #GNUNET_SYSERR on error */ int (*get_refresh_commit_coins) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_SessionPublicKey *refresh_session_pub, unsigned int i, - unsigned int j, - struct RefreshCommitCoin *commit_coin); + unsigned int num_coins, + struct RefreshCommitCoin *commit_coins); /** @@ -870,7 +872,7 @@ struct TALER_MINTDB_Plugin * for the given refresh session. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection to use + * @param sesssion database connection to use * @param refresh_session_pub public key of the refresh session this * commitment belongs with * @param i set index (1st dimension), relating to kappa @@ -880,8 +882,8 @@ struct TALER_MINTDB_Plugin */ int (*insert_refresh_commit_links) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_SessionPublicKey *refresh_session_pub, unsigned int i, unsigned int num_links, const struct RefreshCommitLink *commit_links); @@ -891,7 +893,7 @@ struct TALER_MINTDB_Plugin * for the given refresh session. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection to use + * @param sesssion database connection to use * @param refresh_session_pub public key of the refresh session this * commitment belongs with * @param i set index (1st dimension) @@ -903,10 +905,10 @@ struct TALER_MINTDB_Plugin */ int (*get_refresh_commit_links) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_SessionPublicKey *refresh_session_pub, unsigned int i, - unsigned int j, + unsigned int num_links, struct RefreshCommitLink *links); @@ -917,7 +919,7 @@ struct TALER_MINTDB_Plugin * be used to try to obtain the private keys during "/refresh/link". * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection + * @param sesssion database connection * @param session_pub refresh session * @param newcoin_index coin index * @param ev_sig coin signature @@ -925,10 +927,10 @@ struct TALER_MINTDB_Plugin */ int (*insert_refresh_collectable) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_SessionPublicKey *session_pub, uint16_t newcoin_index, - const struct GNUNET_CRYPTO_rsa_Signature *ev_sig); + const struct TALER_DenominationSignature *ev_sig); /** @@ -936,14 +938,14 @@ struct TALER_MINTDB_Plugin * information, the denomination keys and the signatures. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection + * @param sesssion database connection * @param coin_pub public key to use to retrieve linkage data * @return all known link data for the coin */ struct LinkDataList * (*get_link_data_list) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub); + struct TALER_MINTDB_Session *sesssion, + const struct TALER_CoinSpendPublicKey *coin_pub); /** @@ -965,7 +967,7 @@ struct TALER_MINTDB_Plugin * * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection + * @param sesssion database connection * @param coin_pub public key of the coin * @param transfer_pub[OUT] public transfer key * @param shared_secret_enc[OUT] set to shared secret @@ -975,9 +977,9 @@ struct TALER_MINTDB_Plugin */ int (*get_transfer) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub, - struct GNUNET_CRYPTO_EcdsaPublicKey *transfer_pub, + struct TALER_MINTDB_Session *sesssion, + const struct TALER_CoinSpendPublicKey *coin_pub, + struct TALER_TransferPublicKey *transfer_pub, struct TALER_EncryptedLinkSecret *shared_secret_enc); @@ -985,7 +987,7 @@ struct TALER_MINTDB_Plugin * Test if the given /lock request is known to us. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection + * @param sesssion database connection * @param lock lock operation * @return #GNUNET_YES if known, * #GNUENT_NO if not, @@ -993,7 +995,7 @@ struct TALER_MINTDB_Plugin */ int (*have_lock) (void *cls, - struct TALER_MINTDB_Session *db_conn, + struct TALER_MINTDB_Session *sesssion, const struct Lock *lock); @@ -1001,14 +1003,14 @@ struct TALER_MINTDB_Plugin * Store the given /lock request in the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection + * @param sesssion database connection * @param lock lock operation * @return #GNUNET_OK on success * #GNUNET_SYSERR on internal error */ int (*insert_lock) (void *cls, - struct TALER_MINTDB_Session *db_conn, + struct TALER_MINTDB_Session *sesssion, const struct Lock *lock); @@ -1017,14 +1019,14 @@ struct TALER_MINTDB_Plugin * with the given coin (/refresh/melt and /deposit operations). * * @param cls the @e cls of this struct with the plugin-specific state - * @param db_conn database connection + * @param sesssion database connection * @param coin_pub coin to investigate * @return list of transactions, NULL if coin is fresh */ struct TALER_MINT_DB_TransactionList * (*get_coin_transactions) (void *cls, - struct TALER_MINTDB_Session *db_conn, - const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub); + struct TALER_MINTDB_Session *sesssion, + const struct TALER_CoinSpendPublicKey *coin_pub); /** diff --git a/src/mint/test_mint_common.c b/src/mint/test_mint_common.c index aa72dfdc..f6771474 100644 --- a/src/mint/test_mint_common.c +++ b/src/mint/test_mint_common.c @@ -31,8 +31,10 @@ if (cond) { GNUNET_break (0); goto EXITIF_exit; } \ } while (0) + int -main (int argc, const char *const argv[]) +main (int argc, + const char *const argv[]) { struct TALER_MINT_DenomKeyIssuePriv dki; char *enc; @@ -41,25 +43,26 @@ main (int argc, const char *const argv[]) char *enc_read; size_t enc_read_size; char *tmpfile; - int ret; ret = 1; enc = NULL; enc_read = NULL; tmpfile = NULL; - dki.denom_priv = NULL; - dki_read.denom_priv = NULL; + dki.denom_priv.rsa_private_key = NULL; + dki_read.denom_priv.rsa_private_key = NULL; GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &dki.issue.signature, sizeof (dki) - offsetof (struct TALER_MINT_DenomKeyIssue, signature)); - dki.denom_priv = GNUNET_CRYPTO_rsa_private_key_create (RSA_KEY_SIZE); - enc_size = GNUNET_CRYPTO_rsa_private_key_encode (dki.denom_priv, &enc); + dki.denom_priv.rsa_private_key + = GNUNET_CRYPTO_rsa_private_key_create (RSA_KEY_SIZE); + enc_size = GNUNET_CRYPTO_rsa_private_key_encode (dki.denom_priv.rsa_private_key, + &enc); EXITIF (NULL == (tmpfile = GNUNET_DISK_mktemp ("test_mint_common"))); EXITIF (GNUNET_OK != TALER_MINT_write_denom_key (tmpfile, &dki)); EXITIF (GNUNET_OK != TALER_MINT_read_denom_key (tmpfile, &dki_read)); - enc_read_size = GNUNET_CRYPTO_rsa_private_key_encode (dki_read.denom_priv, + enc_read_size = GNUNET_CRYPTO_rsa_private_key_encode (dki_read.denom_priv.rsa_private_key, &enc_read); EXITIF (enc_size != enc_read_size); EXITIF (0 != memcmp (enc, @@ -75,9 +78,9 @@ main (int argc, const char *const argv[]) GNUNET_free (tmpfile); } GNUNET_free_non_null (enc_read); - if (NULL != dki.denom_priv) - GNUNET_CRYPTO_rsa_private_key_free (dki.denom_priv); - if (NULL != dki_read.denom_priv) - GNUNET_CRYPTO_rsa_private_key_free (dki_read.denom_priv); + if (NULL != dki.denom_priv.rsa_private_key) + GNUNET_CRYPTO_rsa_private_key_free (dki.denom_priv.rsa_private_key); + if (NULL != dki_read.denom_priv.rsa_private_key) + GNUNET_CRYPTO_rsa_private_key_free (dki_read.denom_priv.rsa_private_key); return ret; } diff --git a/src/mint/test_mint_db.c b/src/mint/test_mint_db.c index c80be70c..0b61818f 100644 --- a/src/mint/test_mint_db.c +++ b/src/mint/test_mint_db.c @@ -54,14 +54,15 @@ static int result; */ static int check_reserve (struct TALER_MINTDB_Session *session, - struct GNUNET_CRYPTO_EddsaPublicKey *pub, + const struct TALER_ReservePublicKey *pub, uint32_t value, uint32_t fraction, const char *currency, uint64_t expiry) { struct Reserve reserve; - reserve.pub = pub; + + reserve.pub = *pub; FAILIF (GNUNET_OK != plugin->reserve_get (plugin->cls, @@ -80,8 +81,8 @@ check_reserve (struct TALER_MINTDB_Session *session, struct DenomKeyPair { - struct GNUNET_CRYPTO_rsa_PrivateKey *priv; - struct GNUNET_CRYPTO_rsa_PublicKey *pub; + struct TALER_DenominationPrivateKey priv; + struct TALER_DenominationPublicKey pub; }; @@ -91,9 +92,10 @@ create_denom_key_pair (unsigned int size) struct DenomKeyPair *dkp; dkp = GNUNET_new (struct DenomKeyPair); - dkp->priv = GNUNET_CRYPTO_rsa_private_key_create (size); - GNUNET_assert (NULL != dkp->priv); - dkp->pub = GNUNET_CRYPTO_rsa_private_key_get_public (dkp->priv); + dkp->priv.rsa_private_key = GNUNET_CRYPTO_rsa_private_key_create (size); + GNUNET_assert (NULL != dkp->priv.rsa_private_key); + dkp->pub.rsa_public_key + = GNUNET_CRYPTO_rsa_private_key_get_public (dkp->priv.rsa_private_key); return dkp; } @@ -101,8 +103,8 @@ create_denom_key_pair (unsigned int size) static void destroy_denon_key_pair (struct DenomKeyPair *dkp) { - GNUNET_CRYPTO_rsa_public_key_free (dkp->pub); - GNUNET_CRYPTO_rsa_private_key_free (dkp->priv); + GNUNET_CRYPTO_rsa_public_key_free (dkp->pub.rsa_public_key); + GNUNET_CRYPTO_rsa_private_key_free (dkp->priv.rsa_private_key); GNUNET_free (dkp); } @@ -121,7 +123,7 @@ run (void *cls, const struct GNUNET_CONFIGURATION_Handle *cfg) { struct TALER_MINTDB_Session *session; - struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub; + struct TALER_ReservePublicKey reserve_pub; struct Reserve reserve; struct GNUNET_TIME_Absolute expiry; struct TALER_Amount amount; @@ -172,7 +174,7 @@ run (void *cls, goto drop; } RND_BLK (&reserve_pub); - reserve.pub = &reserve_pub; + reserve.pub = reserve_pub; amount.value = 1; amount.fraction = 1; strcpy (amount.currency, CURRENCY); @@ -209,7 +211,10 @@ run (void *cls, RND_BLK(&h_blind); RND_BLK(&cbc.reserve_sig); cbc.denom_pub = dkp->pub; - cbc.sig = GNUNET_CRYPTO_rsa_sign (dkp->priv, &h_blind, sizeof (h_blind)); + cbc.sig.rsa_signature + = GNUNET_CRYPTO_rsa_sign (dkp->priv.rsa_private_key, + &h_blind, + sizeof (h_blind)); (void) memcpy (&cbc.reserve_pub, &reserve_pub, sizeof (reserve_pub)); @@ -233,7 +238,7 @@ run (void *cls, session, &h_blind, &cbc2)); - FAILIF (NULL == cbc2.denom_pub); + FAILIF (NULL == cbc2.denom_pub.rsa_public_key); FAILIF (0 != memcmp (&cbc2.reserve_sig, &cbc.reserve_sig, sizeof (cbc2.reserve_sig))); @@ -242,8 +247,8 @@ run (void *cls, sizeof (cbc2.reserve_pub))); FAILIF (GNUNET_OK != GNUNET_CRYPTO_rsa_verify (&h_blind, - cbc2.sig, - dkp->pub)); + cbc2.sig.rsa_signature, + dkp->pub.rsa_public_key)); rh = plugin->get_reserve_history (plugin->cls, session, &reserve_pub); @@ -331,12 +336,12 @@ run (void *cls, session)); if (NULL != dkp) destroy_denon_key_pair (dkp); - if (NULL != cbc.sig) - GNUNET_CRYPTO_rsa_signature_free (cbc.sig); - if (NULL != cbc2.denom_pub) - GNUNET_CRYPTO_rsa_public_key_free (cbc2.denom_pub); - if (NULL != cbc2.sig) - GNUNET_CRYPTO_rsa_signature_free (cbc2.sig); + if (NULL != cbc.sig.rsa_signature) + GNUNET_CRYPTO_rsa_signature_free (cbc.sig.rsa_signature); + if (NULL != cbc2.denom_pub.rsa_public_key) + GNUNET_CRYPTO_rsa_public_key_free (cbc2.denom_pub.rsa_public_key); + if (NULL != cbc2.sig.rsa_signature) + GNUNET_CRYPTO_rsa_signature_free (cbc2.sig.rsa_signature); dkp = NULL; } diff --git a/src/util/crypto.c b/src/util/crypto.c index c7a00b9a..ffc12fed 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -52,7 +52,8 @@ fatal_error_handler (void *cls, void TALER_gcrypt_init () { - gcry_set_fatalerror_handler (&fatal_error_handler, NULL); + gcry_set_fatalerror_handler (&fatal_error_handler, + NULL); TALER_assert_as (gcry_check_version (NEED_LIBGCRYPT_VERSION), "libgcrypt version mismatch"); /* Disable secure memory. */ @@ -205,11 +206,11 @@ TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input, ret = GNUNET_new (struct TALER_RefreshLinkDecrypted); memcpy (&ret->coin_priv, buf, - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); - ret->blinding_key + sizeof (struct TALER_CoinSpendPrivateKey)); + ret->blinding_key.rsa_blinding_key = GNUNET_CRYPTO_rsa_blinding_key_decode (&buf[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)], input->blinding_key_enc_size); - if (NULL == ret->blinding_key) + if (NULL == ret->blinding_key.rsa_blinding_key) { GNUNET_free (ret); return NULL; @@ -236,7 +237,7 @@ TALER_refresh_encrypt (const struct TALER_RefreshLinkDecrypted *input, struct TALER_RefreshLinkEncrypted *ret; derive_refresh_key (secret, &iv, &skey); - b_buf_size = GNUNET_CRYPTO_rsa_blinding_key_encode (input->blinding_key, + b_buf_size = GNUNET_CRYPTO_rsa_blinding_key_encode (input->blinding_key.rsa_blinding_key, &b_buf); ret = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) + b_buf_size); @@ -313,8 +314,8 @@ TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info) &c_hash); if (GNUNET_OK != GNUNET_CRYPTO_rsa_verify (&c_hash, - coin_public_info->denom_sig, - coin_public_info->denom_pub)) + coin_public_info->denom_sig.rsa_signature, + coin_public_info->denom_pub.rsa_public_key)) { GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "coin signature is invalid\n"); -- cgit v1.2.3 From abc63eda98bd64a29413b6daf60c0d2ea47a7132 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 24 Mar 2015 00:01:33 +0100 Subject: avoid cast --- src/mint/plugin_mintdb_common.c | 2 +- src/mint/taler_mintdb_plugin.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'src/mint/taler_mintdb_plugin.h') diff --git a/src/mint/plugin_mintdb_common.c b/src/mint/plugin_mintdb_common.c index 6e52a3bc..34c95bae 100644 --- a/src/mint/plugin_mintdb_common.c +++ b/src/mint/plugin_mintdb_common.c @@ -41,7 +41,7 @@ common_free_reserve_history (void *cls, case TALER_MINT_DB_RO_BANK_TO_MINT: bt = rh->details.bank; if (NULL != bt->wire) - json_decref ((json_t *) bt->wire); /* FIXME: avoid cast? */ + json_decref (bt->wire); GNUNET_free (bt); break; case TALER_MINT_DB_RO_WITHDRAW_COIN: diff --git a/src/mint/taler_mintdb_plugin.h b/src/mint/taler_mintdb_plugin.h index 22522881..b9c6bdfa 100644 --- a/src/mint/taler_mintdb_plugin.h +++ b/src/mint/taler_mintdb_plugin.h @@ -45,7 +45,7 @@ struct BankTransfer /** * Detailed wire information about the transaction. */ - const json_t *wire; + json_t *wire; }; -- cgit v1.2.3 From 7f79310aa153ae18f431d2b125dd91928c9ef03c Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 24 Mar 2015 12:00:40 +0100 Subject: fix #3728 --- src/mint/plugin_mintdb_common.c | 35 ++++++++++++++++++++++++++++++++--- src/mint/taler_mintdb_plugin.h | 2 +- 2 files changed, 33 insertions(+), 4 deletions(-) (limited to 'src/mint/taler_mintdb_plugin.h') diff --git a/src/mint/plugin_mintdb_common.c b/src/mint/plugin_mintdb_common.c index e326c0f4..a95cf4be 100644 --- a/src/mint/plugin_mintdb_common.c +++ b/src/mint/plugin_mintdb_common.c @@ -68,7 +68,15 @@ static void common_free_link_data_list (void *cls, struct LinkDataList *ldl) { - GNUNET_break (0); // FIXME (#3728) + struct LinkDataList *next; + + while (NULL != ldl) + { + next = ldl->next; + GNUNET_free (ldl->link_data_enc); + GNUNET_free (ldl); + ldl = next; + } } @@ -82,8 +90,29 @@ static void common_free_coin_transaction_list (void *cls, struct TALER_MINT_DB_TransactionList *list) { - // FIXME: implement! // FIXME (#3728) - GNUNET_break (0); + struct TALER_MINT_DB_TransactionList *next; + + while (NULL != list) + { + next = list->next; + + switch (list->type) + { + case TALER_MINT_DB_TT_DEPOSIT: + json_decref (list->details.deposit->wire); + GNUNET_free (list->details.deposit); + break; + case TALER_MINT_DB_TT_REFRESH_MELT: + GNUNET_free (list->details.melt); + break; + case TALER_MINT_DB_TT_LOCK: + GNUNET_free (list->details.lock); + /* FIXME: look at this again once locking is implemented (#3625) */ + break; + } + GNUNET_free (list); + list = next; + } } /* end of plugin_mintdb_common.c */ diff --git a/src/mint/taler_mintdb_plugin.h b/src/mint/taler_mintdb_plugin.h index b9c6bdfa..07823851 100644 --- a/src/mint/taler_mintdb_plugin.h +++ b/src/mint/taler_mintdb_plugin.h @@ -211,7 +211,7 @@ struct Deposit /** * Detailed wire information for executing the transaction. */ - const json_t *wire; + json_t *wire; /** * Merchant-generated transaction ID to detect duplicate -- cgit v1.2.3 From 55959bd01d636d324077d4201df0beca676e8d58 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 24 Mar 2015 16:56:06 +0100 Subject: address #3708: melt_hash => session_hash, use session_hash for DB access, not session_pub --- doc/coding-style.txt | 7 ++ src/include/taler_crypto_lib.h | 48 +++++++----- src/include/taler_signatures.h | 4 +- src/mint/plugin_mintdb_postgres.c | 139 +++++++++++++++++----------------- src/mint/taler-mint-httpd_db.c | 61 ++++++++------- src/mint/taler-mint-httpd_db.h | 11 +-- src/mint/taler-mint-httpd_deposit.c | 2 +- src/mint/taler-mint-httpd_refresh.c | 113 +++++++++++++-------------- src/mint/taler-mint-httpd_responses.c | 2 +- src/mint/taler_mintdb_plugin.h | 76 +++++++++---------- 10 files changed, 238 insertions(+), 225 deletions(-) (limited to 'src/mint/taler_mintdb_plugin.h') diff --git a/doc/coding-style.txt b/doc/coding-style.txt index 2215ab0a..e9c3a313 100644 --- a/doc/coding-style.txt +++ b/doc/coding-style.txt @@ -44,6 +44,13 @@ Naming conventions: MUST match the subdirectory of src/ in which the symbol is defined + from libtalerutil start just with TALER_, without subsystemname +* structs: + + structs that are 'packed' and do not contain pointers and are + thus suitable for hashing or similar operations are distinguished + by adding a "P" at the end of the name. (NEW) Note that this + convention does not hold for the GNUnet-structs (yet). + + * private (library-internal) symbols (including structs and macros) + must not start with TALER_ or any other prefix diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 0c0ad886..a7e90277 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -27,6 +27,8 @@ /* ****************** Coin crypto primitives ************* */ +GNUNET_NETWORK_STRUCT_BEGIN + /** * Type of public keys for Taler reserves. */ @@ -269,6 +271,10 @@ struct TALER_CoinSpendSignature }; +GNUNET_NETWORK_STRUCT_END + + + /** * Type of blinding keys for Taler. */ @@ -358,6 +364,9 @@ TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info); /* ****************** Refresh crypto primitives ************* */ + +GNUNET_NETWORK_STRUCT_BEGIN + /** * Secret used to decrypt the key to decrypt link secrets. */ @@ -397,45 +406,48 @@ struct TALER_EncryptedLinkSecret /** - * Representation of an encrypted refresh link. + * Representation of an refresh link in cleartext. */ -struct TALER_RefreshLinkEncrypted +struct TALER_RefreshLinkDecrypted { /** - * Encrypted blinding key with @e blinding_key_enc_size bytes, - * must be allocated at the end of this struct. - */ - const char *blinding_key_enc; - - /** - * Number of bytes in @e blinding_key_enc. + * Private key of the coin. */ - size_t blinding_key_enc_size; + struct TALER_CoinSpendPrivateKey coin_priv; /** - * Encrypted private key of the coin. + * Blinding key. */ - char coin_priv_enc[sizeof (struct TALER_CoinSpendPrivateKey)]; + struct TALER_DenominationBlindingKey blinding_key; }; +GNUNET_NETWORK_STRUCT_END + + /** - * Representation of an refresh link in cleartext. + * Representation of an encrypted refresh link. */ -struct TALER_RefreshLinkDecrypted +struct TALER_RefreshLinkEncrypted { /** - * Private key of the coin. + * Encrypted blinding key with @e blinding_key_enc_size bytes, + * must be allocated at the end of this struct. */ - struct TALER_CoinSpendPrivateKey coin_priv; + const char *blinding_key_enc; /** - * Blinding key. + * Number of bytes in @e blinding_key_enc. */ - struct TALER_DenominationBlindingKey blinding_key; + size_t blinding_key_enc_size; + + /** + * Encrypted private key of the coin. + */ + char coin_priv_enc[sizeof (struct TALER_CoinSpendPrivateKey)]; }; diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 51134bf2..fa713dc4 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -253,9 +253,9 @@ struct RefreshMeltCoinSignature struct GNUNET_CRYPTO_EccSignaturePurpose purpose; /** - * Which melting operation should the coin become a part of. + * Which melting session should the coin become a part of. */ - struct GNUNET_HashCode melt_hash; + struct GNUNET_HashCode session_hash; /** * How much of the value of the coin should be melted? This amount diff --git a/src/mint/plugin_mintdb_postgres.c b/src/mint/plugin_mintdb_postgres.c index 1c038842..1c6851d8 100644 --- a/src/mint/plugin_mintdb_postgres.c +++ b/src/mint/plugin_mintdb_postgres.c @@ -220,11 +220,11 @@ postgres_create_tables (void *cls, ",expended_value INT4 NOT NULL" ",expended_fraction INT4 NOT NULL" ",expended_currency VARCHAR(4) NOT NULL" - ",refresh_session_pub BYTEA" + ",refresh_session_hash BYTEA" ")"); SQLEXEC("CREATE TABLE IF NOT EXISTS refresh_sessions " "(" - " session_pub BYTEA PRIMARY KEY CHECK (length(session_pub) = 32)" + " session_hash BYTEA PRIMARY KEY CHECK (length(session_hash) = 32)" ",session_melt_sig BYTEA" ",session_commit_sig BYTEA" ",noreveal_index INT2 NOT NULL" @@ -234,14 +234,14 @@ postgres_create_tables (void *cls, ") "); SQLEXEC("CREATE TABLE IF NOT EXISTS refresh_order " "( " - " session_pub BYTEA NOT NULL REFERENCES refresh_sessions (session_pub)" + " session_hash BYTEA NOT NULL REFERENCES refresh_sessions (session_hash)" ",newcoin_index INT2 NOT NULL " ",denom_pub BYTEA NOT NULL " - ",PRIMARY KEY (session_pub, newcoin_index)" + ",PRIMARY KEY (session_hash, newcoin_index)" ") "); SQLEXEC("CREATE TABLE IF NOT EXISTS refresh_commit_link" "(" - " session_pub BYTEA NOT NULL REFERENCES refresh_sessions (session_pub)" + " session_hash BYTEA NOT NULL REFERENCES refresh_sessions (session_hash)" ",transfer_pub BYTEA NOT NULL" ",link_secret_enc BYTEA NOT NULL" // index of the old coin in the customer's request @@ -252,7 +252,7 @@ postgres_create_tables (void *cls, ")"); SQLEXEC("CREATE TABLE IF NOT EXISTS refresh_commit_coin" "(" - " session_pub BYTEA NOT NULL REFERENCES refresh_sessions (session_pub) " + " session_hash BYTEA NOT NULL REFERENCES refresh_sessions (session_hash) " ",link_vector_enc BYTEA NOT NULL" // index of the new coin in the customer's request ",newcoin_index INT2 NOT NULL" @@ -262,14 +262,14 @@ postgres_create_tables (void *cls, ")"); SQLEXEC("CREATE TABLE IF NOT EXISTS refresh_melt" "(" - " session_pub BYTEA NOT NULL REFERENCES refresh_sessions (session_pub) " + " session_hash BYTEA NOT NULL REFERENCES refresh_sessions (session_hash) " ",coin_pub BYTEA NOT NULL REFERENCES known_coins (coin_pub) " ",denom_pub BYTEA NOT NULL " ",oldcoin_index INT2 NOT NULL" ")"); SQLEXEC("CREATE TABLE IF NOT EXISTS refresh_collectable" "(" - " session_pub BYTEA NOT NULL REFERENCES refresh_sessions (session_pub) " + " session_hash BYTEA NOT NULL REFERENCES refresh_sessions (session_hash) " ",ev_sig BYTEA NOT NULL" ",newcoin_index INT2 NOT NULL" ")"); @@ -393,16 +393,16 @@ postgres_prepare (PGconn *db_conn) #if 0 PREPARE ("get_refresh_session", "SELECT " - " (SELECT count(*) FROM refresh_melt WHERE session_pub = $1)::INT2 as num_oldcoins " + " (SELECT count(*) FROM refresh_melt WHERE session_hash = $1)::INT2 as num_oldcoins " ",(SELECT count(*) FROM refresh_blind_session_keys " - " WHERE session_pub = $1 and cnc_index = 0)::INT2 as num_newcoins " + " WHERE session_hash = $1 and cnc_index = 0)::INT2 as num_newcoins " ",(SELECT count(*) FROM refresh_blind_session_keys " - " WHERE session_pub = $1 and newcoin_index = 0)::INT2 as kappa " + " WHERE session_hash = $1 and newcoin_index = 0)::INT2 as kappa " ",noreveal_index" ",session_commit_sig " ",reveal_ok " "FROM refresh_sessions " - "WHERE session_pub = $1", + "WHERE session_hash = $1", 1, NULL); #endif @@ -410,7 +410,7 @@ postgres_prepare (PGconn *db_conn) "SELECT " " coin_pub, denom_pub, denom_sig " ",expended_value, expended_fraction, expended_currency " - ",refresh_session_pub " + ",refresh_session_hash " "FROM known_coins " "WHERE coin_pub = $1", 1, NULL); @@ -422,7 +422,7 @@ postgres_prepare (PGconn *db_conn) ",expended_value = $4 " ",expended_fraction = $5 " ",expended_currency = $6 " - ",refresh_session_pub = $7 " + ",refresh_session_hash = $7 " "WHERE " " coin_pub = $1 ", 7, NULL); @@ -434,7 +434,7 @@ postgres_prepare (PGconn *db_conn) ",expended_value" ",expended_fraction" ",expended_currency" - ",refresh_session_pub" + ",refresh_session_hash" ")" "VALUES ($1,$2,$3,$4,$5,$6,$7)", 7, NULL); @@ -443,26 +443,26 @@ postgres_prepare (PGconn *db_conn) " transfer_pub " ",link_secret_enc " "FROM refresh_commit_link " - "WHERE session_pub = $1 AND cnc_index = $2 AND oldcoin_index = $3", + "WHERE session_hash = $1 AND cnc_index = $2 AND oldcoin_index = $3", 3, NULL); PREPARE ("get_refresh_commit_coin", "SELECT " " link_vector_enc " ",coin_ev " "FROM refresh_commit_coin " - "WHERE session_pub = $1 AND cnc_index = $2 AND newcoin_index = $3", + "WHERE session_hash = $1 AND cnc_index = $2 AND newcoin_index = $3", 3, NULL); PREPARE ("insert_refresh_order", "INSERT INTO refresh_order ( " " newcoin_index " - ",session_pub " + ",session_hash " ",denom_pub " ") " "VALUES ($1, $2, $3) ", 3, NULL); PREPARE ("insert_refresh_melt", "INSERT INTO refresh_melt ( " - " session_pub " + " session_hash " ",oldcoin_index " ",coin_pub " ",denom_pub " @@ -472,28 +472,28 @@ postgres_prepare (PGconn *db_conn) PREPARE ("get_refresh_order", "SELECT denom_pub " "FROM refresh_order " - "WHERE session_pub = $1 AND newcoin_index = $2", + "WHERE session_hash = $1 AND newcoin_index = $2", 2, NULL); PREPARE ("get_refresh_collectable", "SELECT ev_sig " "FROM refresh_collectable " - "WHERE session_pub = $1 AND newcoin_index = $2", + "WHERE session_hash = $1 AND newcoin_index = $2", 2, NULL); PREPARE ("get_refresh_melt", "SELECT coin_pub " "FROM refresh_melt " - "WHERE session_pub = $1 AND oldcoin_index = $2", + "WHERE session_hash = $1 AND oldcoin_index = $2", 2, NULL); PREPARE ("insert_refresh_session", "INSERT INTO refresh_sessions ( " - " session_pub " + " session_hash " ",noreveal_index " ") " "VALUES ($1, $2) ", 2, NULL); PREPARE ("insert_refresh_commit_link", "INSERT INTO refresh_commit_link ( " - " session_pub " + " session_hash " ",transfer_pub " ",cnc_index " ",oldcoin_index " @@ -503,7 +503,7 @@ postgres_prepare (PGconn *db_conn) 5, NULL); PREPARE ("insert_refresh_commit_coin", "INSERT INTO refresh_commit_coin ( " - " session_pub " + " session_hash " ",coin_ev " ",cnc_index " ",newcoin_index " @@ -513,7 +513,7 @@ postgres_prepare (PGconn *db_conn) 5, NULL); PREPARE ("insert_refresh_collectable", "INSERT INTO refresh_collectable ( " - " session_pub " + " session_hash " ",newcoin_index " ",ev_sig " ") " @@ -522,33 +522,33 @@ postgres_prepare (PGconn *db_conn) PREPARE ("set_reveal_ok", "UPDATE refresh_sessions " "SET reveal_ok = TRUE " - "WHERE session_pub = $1 ", + "WHERE session_hash = $1 ", 1, NULL); PREPARE ("get_link", "SELECT link_vector_enc, ro.denom_pub, ev_sig " "FROM refresh_melt rm " - " JOIN refresh_order ro USING (session_pub) " - " JOIN refresh_commit_coin rcc USING (session_pub) " - " JOIN refresh_sessions rs USING (session_pub) " - " JOIN refresh_collectable rc USING (session_pub) " + " JOIN refresh_order ro USING (session_hash) " + " JOIN refresh_commit_coin rcc USING (session_hash) " + " JOIN refresh_sessions rs USING (session_hash) " + " JOIN refresh_collectable rc USING (session_hash) " "WHERE rm.coin_pub = $1 " "AND ro.newcoin_index = rcc.newcoin_index " "AND ro.newcoin_index = rc.newcoin_index " "AND rcc.cnc_index = rs.noreveal_index % ( " " SELECT count(*) FROM refresh_commit_coin rcc2 " - " WHERE rcc2.newcoin_index = 0 AND rcc2.session_pub = rs.session_pub " + " WHERE rcc2.newcoin_index = 0 AND rcc2.session_hash = rs.session_hash " " ) ", 1, NULL); PREPARE ("get_transfer", "SELECT transfer_pub, link_secret_enc " "FROM refresh_melt rm " - " JOIN refresh_commit_link rcl USING (session_pub) " - " JOIN refresh_sessions rs USING (session_pub) " + " JOIN refresh_commit_link rcl USING (session_hash) " + " JOIN refresh_sessions rs USING (session_hash) " "WHERE rm.coin_pub = $1 " "AND rm.oldcoin_index = rcl.oldcoin_index " "AND rcl.cnc_index = rs.noreveal_index % ( " " SELECT count(*) FROM refresh_commit_coin rcc2 " - " WHERE newcoin_index = 0 AND rcc2.session_pub = rm.session_pub " + " WHERE newcoin_index = 0 AND rcc2.session_hash = rm.session_hash " " ) ", 1, NULL); PREPARE ("insert_deposit", @@ -1434,11 +1434,11 @@ postgres_insert_deposit (void *cls, /** - * Lookup refresh session data under the given public key. + * Lookup refresh session data under the given @a session_hash. * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database handle to use - * @param refresh_session_pub public key to use for the lookup + * @param session_hash hash over the melt to use to locate the session * @param refresh_session[OUT] where to store the result * @return #GNUNET_YES on success, * #GNUNET_NO if not found, @@ -1447,13 +1447,13 @@ postgres_insert_deposit (void *cls, static int postgres_get_refresh_session (void *cls, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, struct RefreshSession *refresh_session) { // FIXME: check logic! int res; struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), + TALER_DB_QUERY_PARAM_PTR(session_hash), TALER_DB_QUERY_PARAM_END }; @@ -1511,11 +1511,11 @@ postgres_get_refresh_session (void *cls, /** - * Store new refresh session data under the given public key. + * Store new refresh session data under the given @a session_hash. * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database handle to use - * @param refresh_session_pub public key to use to locate the session + * @param session_hash hash over the melt to use to locate the session * @param refresh_session session data to store * @return #GNUNET_YES on success, * #GNUNET_SYSERR on DB failure @@ -1523,13 +1523,13 @@ postgres_get_refresh_session (void *cls, static int postgres_create_refresh_session (void *cls, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *session_pub, + const struct GNUNET_HashCode *session_hash, const struct RefreshSession *refresh_session) { // FIXME: actually store session data! uint16_t noreveal_index; struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(session_pub), + TALER_DB_QUERY_PARAM_PTR(session_hash), TALER_DB_QUERY_PARAM_PTR(&noreveal_index), TALER_DB_QUERY_PARAM_END }; @@ -1558,16 +1558,15 @@ postgres_create_refresh_session (void *cls, * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection - * @param refresh_session session key of the melt operation * @param oldcoin_index index of the coin to store - * @param melt melt operation + * @param melt melt operation details to store; includes + * the session hash of the melt * @return #GNUNET_OK on success * #GNUNET_SYSERR on internal error */ static int postgres_insert_refresh_melt (void *cls, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *refresh_session, uint16_t oldcoin_index, const struct RefreshMelt *melt) { @@ -1581,7 +1580,7 @@ postgres_insert_refresh_melt (void *cls, &buf); { struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(refresh_session), + TALER_DB_QUERY_PARAM_PTR(&melt->session_hash), TALER_DB_QUERY_PARAM_PTR(&oldcoin_index_nbo), TALER_DB_QUERY_PARAM_PTR(&melt->coin.coin_pub), TALER_DB_QUERY_PARAM_PTR_SIZED(buf, buf_size), @@ -1617,7 +1616,7 @@ postgres_insert_refresh_melt (void *cls, static int postgres_get_refresh_melt (void *cls, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *refresh_session, + const struct GNUNET_HashCode *session_hash, uint16_t oldcoin_index, struct RefreshMelt *melt) { @@ -1633,7 +1632,7 @@ postgres_get_refresh_melt (void *cls, * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection - * @param session_pub refresh session key + * @param session_hash hash to identify refresh session * @param num_newcoins number of coins to generate, size of the @a denom_pubs array * @param denom_pubs array denominations of the coins to create * @return #GNUNET_OK on success @@ -1642,7 +1641,7 @@ postgres_get_refresh_melt (void *cls, static int postgres_insert_refresh_order (void *cls, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *session_pub, + const struct GNUNET_HashCode *session_hash, uint16_t num_newcoins, const struct TALER_DenominationPublicKey *denom_pubs) { @@ -1658,7 +1657,7 @@ postgres_insert_refresh_order (void *cls, { struct TALER_DB_QueryParam params[] = { TALER_DB_QUERY_PARAM_PTR (&newcoin_index_nbo), - TALER_DB_QUERY_PARAM_PTR (session_pub), + TALER_DB_QUERY_PARAM_PTR (session_hash), TALER_DB_QUERY_PARAM_PTR_SIZED (buf, buf_size), TALER_DB_QUERY_PARAM_END }; @@ -1689,7 +1688,7 @@ postgres_insert_refresh_order (void *cls, * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection - * @param session_pub refresh session key + * @param session_hash hash to identify refresh session * @param newcoin_index array of the @a denom_pubs array * @param denom_pubs where to store the deomination keys * @return #GNUNET_OK on success @@ -1698,7 +1697,7 @@ postgres_insert_refresh_order (void *cls, static int postgres_get_refresh_order (void *cls, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *session_pub, + const struct GNUNET_HashCode *session_hash, uint16_t num_newcoins, struct TALER_DenominationPublicKey *denom_pubs) { @@ -1708,7 +1707,7 @@ postgres_get_refresh_order (void *cls, uint16_t newcoin_index_nbo = htons (num_newcoins); struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(session_pub), + TALER_DB_QUERY_PARAM_PTR(session_hash), TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo), TALER_DB_QUERY_PARAM_END }; @@ -1756,7 +1755,7 @@ postgres_get_refresh_order (void *cls, * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection to use - * @param refresh_session_pub refresh session this commitment belongs to + * @param session_hash hash to identify refresh session * @param i set index (1st dimension) * @param num_newcoins coin index size of the @a commit_coins array * @param commit_coins array of coin commitments to store @@ -1766,7 +1765,7 @@ postgres_get_refresh_order (void *cls, static int postgres_insert_refresh_commit_coins (void *cls, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, unsigned int i, unsigned int num_newcoins, const struct RefreshCommitCoin *commit_coins) @@ -1775,7 +1774,7 @@ postgres_insert_refresh_commit_coins (void *cls, uint16_t cnc_index_nbo = htons (i); uint16_t newcoin_index_nbo = htons (num_newcoins); struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), + TALER_DB_QUERY_PARAM_PTR(session_hash), TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coins->coin_ev, commit_coins->coin_ev_size), TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo), @@ -1813,7 +1812,7 @@ postgres_insert_refresh_commit_coins (void *cls, * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection to use - * @param refresh_session_pub refresh session the commitment belongs to + * @param session_hash hash to identify refresh session * @param i set index (1st dimension) * @param j coin index (2nd dimension), corresponds to refreshed (new) coins * @param commit_coin[OUT] coin commitment to return @@ -1824,7 +1823,7 @@ postgres_insert_refresh_commit_coins (void *cls, static int postgres_get_refresh_commit_coins (void *cls, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, unsigned int cnc_index, unsigned int newcoin_index, struct RefreshCommitCoin *cc) @@ -1833,7 +1832,7 @@ postgres_get_refresh_commit_coins (void *cls, uint16_t cnc_index_nbo = htons (cnc_index); uint16_t newcoin_index_nbo = htons (newcoin_index); struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), + TALER_DB_QUERY_PARAM_PTR(session_hash), TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo), TALER_DB_QUERY_PARAM_END @@ -1894,8 +1893,7 @@ postgres_get_refresh_commit_coins (void *cls, * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection to use - * @param refresh_session_pub public key of the refresh session this - * commitment belongs with -- FIXME: should not be needed! + * @param session_hash hash to identify refresh session * @param i set index (1st dimension) * @param j coin index (2nd dimension), corresponds to melted (old) coins * @param commit_link link information to store @@ -1904,7 +1902,7 @@ postgres_get_refresh_commit_coins (void *cls, static int postgres_insert_refresh_commit_links (void *cls, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, unsigned int i, unsigned int j, const struct RefreshCommitLink *commit_link) @@ -1913,7 +1911,7 @@ postgres_insert_refresh_commit_links (void *cls, uint16_t cnc_index_nbo = htons (i); uint16_t oldcoin_index_nbo = htons (j); struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), + TALER_DB_QUERY_PARAM_PTR(session_hash), TALER_DB_QUERY_PARAM_PTR(&commit_link->transfer_pub), TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), TALER_DB_QUERY_PARAM_PTR(&oldcoin_index_nbo), @@ -1948,8 +1946,7 @@ postgres_insert_refresh_commit_links (void *cls, * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection to use - * @param refresh_session_pub public key of the refresh session this - * commitment belongs with -- FIXME: should not be needed! + * @param session_hash hash to identify refresh session * @param i set index (1st dimension) * @param num_links size of the @a commit_link array * @param links[OUT] array of link information to return @@ -1960,7 +1957,7 @@ postgres_insert_refresh_commit_links (void *cls, static int postgres_get_refresh_commit_links (void *cls, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, unsigned int i, unsigned int num_links, struct RefreshCommitLink *links) @@ -1970,7 +1967,7 @@ postgres_get_refresh_commit_links (void *cls, uint16_t oldcoin_index_nbo = htons (num_links); struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), + TALER_DB_QUERY_PARAM_PTR(session_hash), TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), TALER_DB_QUERY_PARAM_PTR(&oldcoin_index_nbo), TALER_DB_QUERY_PARAM_END @@ -2017,7 +2014,7 @@ postgres_get_refresh_commit_links (void *cls, * * @param cls the `struct PostgresClosure` with the plugin-specific state * @param session database connection - * @param session_pub refresh session + * @param session_hash hash to identify refresh session * @param newcoin_index coin index * @param ev_sig coin signature * @return #GNUNET_OK on success @@ -2025,7 +2022,7 @@ postgres_get_refresh_commit_links (void *cls, static int postgres_insert_refresh_collectable (void *cls, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *session_pub, + const struct GNUNET_HashCode *session_hash, uint16_t newcoin_index, const struct TALER_DenominationSignature *ev_sig) { @@ -2039,7 +2036,7 @@ postgres_insert_refresh_collectable (void *cls, &buf); { struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(session_pub), + TALER_DB_QUERY_PARAM_PTR(session_hash), TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo), TALER_DB_QUERY_PARAM_PTR_SIZED(buf, buf_size), TALER_DB_QUERY_PARAM_END diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 30585730..7592403d 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -481,7 +481,7 @@ TALER_MINT_db_execute_withdraw_sign (struct MHD_Connection *connection, * @param connection the connection to send errors to * @param session the database connection * @param key_state the mint's key state - * @param session_pub the refresh session's public key + * @param session_hash hash identifying the refresh session * @param coin_public_info the coin to melt * @param coin_details details about the coin being melted * @param oldcoin_index what is the number assigned to this coin @@ -493,7 +493,7 @@ static int refresh_accept_melts (struct MHD_Connection *connection, struct TALER_MINTDB_Session *session, const struct MintKeyState *key_state, - const struct GNUNET_HashCode *melt_hash, + const struct GNUNET_HashCode *session_hash, const struct TALER_SessionPublicKey *session_pub, const struct TALER_CoinPublicInfo *coin_public_info, const struct MeltDetails *coin_details, @@ -563,12 +563,11 @@ refresh_accept_melts (struct MHD_Connection *connection, melt.coin = *coin_public_info; melt.coin_sig = coin_details->melt_sig; - melt.melt_hash = *melt_hash; + melt.session_hash = *session_hash; melt.amount_with_fee = coin_details->melt_amount_with_fee; if (GNUNET_OK != plugin->insert_refresh_melt (plugin->cls, session, - session_pub, oldcoin_index, &melt)) { @@ -587,7 +586,7 @@ refresh_accept_melts (struct MHD_Connection *connection, * melted and confirm the melting operation to the client. * * @param connection the MHD connection to handle - * @param melt_hash hash code of the session the coins are melted into + * @param session_hash hash code of the session the coins are melted into * @param refresh_session_pub public key of the refresh session * @param client_signature signature of the client (matching @a refresh_session_pub) * over the melting request @@ -606,7 +605,7 @@ refresh_accept_melts (struct MHD_Connection *connection, */ int TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, - const struct GNUNET_HashCode *melt_hash, + const struct GNUNET_HashCode *session_hash, const struct TALER_SessionPublicKey *refresh_session_pub, const struct TALER_SessionSignature *client_signature, unsigned int num_new_denoms, @@ -639,14 +638,14 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, } res = plugin->get_refresh_session (plugin->cls, session, - refresh_session_pub, + session_hash, &refresh_session); if (GNUNET_YES == res) { plugin->rollback (plugin->cls, session); res = TALER_MINT_reply_refresh_melt_success (connection, - &refresh_session.session_hash, + session_hash, refresh_session.noreveal_index); return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; } @@ -665,7 +664,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, (res = refresh_accept_melts (connection, session, key_state, - melt_hash, + session_hash, refresh_session_pub, &coin_public_infos[i], &coin_melt_details[i], @@ -683,7 +682,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, if (GNUNET_OK != plugin->insert_refresh_order (plugin->cls, session, - refresh_session_pub, + session_hash, num_new_denoms, denom_pubs)) { @@ -697,7 +696,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, if (GNUNET_OK != plugin->insert_refresh_commit_coins (plugin->cls, session, - refresh_session_pub, + session_hash, i, num_new_denoms, commit_coin[i])) @@ -712,7 +711,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, if (GNUNET_OK != plugin->insert_refresh_commit_links (plugin->cls, session, - refresh_session_pub, + session_hash, i, coin_count, commit_link[i])) @@ -726,7 +725,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, /* store 'global' session data */ refresh_session.melt_sig = *client_signature; - refresh_session.session_hash = *melt_hash; + refresh_session.refresh_session_pub = *refresh_session_pub; refresh_session.num_oldcoins = coin_count; refresh_session.num_newcoins = num_new_denoms; refresh_session.kappa = KAPPA; // FIXME... (#3711) @@ -736,7 +735,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, if (GNUNET_OK != (res = plugin->create_refresh_session (plugin->cls, session, - refresh_session_pub, + session_hash, &refresh_session))) { plugin->rollback (plugin->cls, @@ -754,7 +753,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, return TALER_MINT_reply_commit_error (connection); } return TALER_MINT_reply_refresh_melt_success (connection, - &refresh_session.session_hash, + session_hash, refresh_session.noreveal_index); } @@ -767,7 +766,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, * * @param connection the MHD connection to handle * @param session database connection to use - * @param refresh_session session to query + * @param session_hash hash of session to query * @param off commitment offset to check * @param num_oldcoins size of the @a transfer_privs and @a melts arrays * @param transfer_privs private transfer keys @@ -781,7 +780,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, static int check_commitment (struct MHD_Connection *connection, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *refresh_session, + const struct GNUNET_HashCode *session_hash, unsigned int off, unsigned int num_oldcoins, const struct TALER_TransferPrivateKey *transfer_privs, @@ -802,7 +801,7 @@ check_commitment (struct MHD_Connection *connection, if (GNUNET_OK != plugin->get_refresh_commit_links (plugin->cls, session, - refresh_session, + session_hash, off, num_oldcoins, commit_links)) @@ -901,7 +900,7 @@ check_commitment (struct MHD_Connection *connection, if (GNUNET_OK != plugin->get_refresh_commit_coins (plugin->cls, session, - refresh_session, + session_hash, off, num_newcoins, commit_coins)) @@ -982,7 +981,7 @@ check_commitment (struct MHD_Connection *connection, * * @param connection the MHD connection to handle * @param session database connection to use - * @param refresh_session session to query + * @param session_hash hash of session to query * @param key_state key state to lookup denomination pubs * @param denom_pub denomination key for the coin to create * @param commit_coin the coin that was committed @@ -992,7 +991,7 @@ check_commitment (struct MHD_Connection *connection, static struct TALER_DenominationSignature refresh_mint_coin (struct MHD_Connection *connection, struct TALER_MINTDB_Session *session, - const struct TALER_SessionPublicKey *refresh_session, + const struct GNUNET_HashCode *session_hash, struct MintKeyState *key_state, const struct TALER_DenominationPublicKey *denom_pub, const struct RefreshCommitCoin *commit_coin, @@ -1021,7 +1020,7 @@ refresh_mint_coin (struct MHD_Connection *connection, if (GNUNET_OK != plugin->insert_refresh_collectable (plugin->cls, session, - refresh_session, + session_hash, coin_off, &ev_sig)) { @@ -1041,7 +1040,7 @@ refresh_mint_coin (struct MHD_Connection *connection, * coins that was not chosen. * * @param connection the MHD connection to handle - * @param refresh_session_pub public key of the refresh session + * @param session_hash hash identifying the refresh session * @param kappa size of x-dimension of @transfer_privs array plus one (!) * @param num_oldcoins size of y-dimension of @transfer_privs array * @param transfer_pubs array with the revealed transfer keys @@ -1049,7 +1048,7 @@ refresh_mint_coin (struct MHD_Connection *connection, */ int TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, unsigned int kappa, unsigned int num_oldcoins, struct TALER_TransferPrivateKey **transfer_privs) @@ -1075,11 +1074,11 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, res = plugin->get_refresh_session (plugin->cls, session, - refresh_session_pub, + session_hash, &refresh_session); if (GNUNET_NO == res) return TALER_MINT_reply_arg_invalid (connection, - "session_pub"); + "session_hash"); if (GNUNET_SYSERR == res) return TALER_MINT_reply_internal_db_error (connection); if (0 == refresh_session.num_oldcoins) @@ -1095,7 +1094,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, if (GNUNET_OK != plugin->get_refresh_melt (plugin->cls, session, - refresh_session_pub, + session_hash, j, &melts[j])) { @@ -1109,7 +1108,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, if (GNUNET_OK != plugin->get_refresh_order (plugin->cls, session, - refresh_session_pub, + session_hash, refresh_session.num_newcoins, denom_pubs)) { @@ -1129,7 +1128,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, if (GNUNET_OK != (res = check_commitment (connection, session, - refresh_session_pub, + session_hash, i + off, refresh_session.num_oldcoins, transfer_privs[i + off], @@ -1163,7 +1162,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, if (GNUNET_OK != plugin->get_refresh_commit_coins (plugin->cls, session, - refresh_session_pub, + session_hash, refresh_session.noreveal_index, refresh_session.num_newcoins, commit_coins)) @@ -1182,7 +1181,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, { ev_sigs[j] = refresh_mint_coin (connection, session, - refresh_session_pub, + session_hash, key_state, &denom_pubs[j], &commit_coins[j], diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h index fd420bd9..edf8248c 100644 --- a/src/mint/taler-mint-httpd_db.h +++ b/src/mint/taler-mint-httpd_db.h @@ -106,11 +106,8 @@ struct MeltDetails * required value left and if so, store that they have been * melted and confirm the melting operation to the client. * - * FIXME: some arguments are redundant here... - * * @param connection the MHD connection to handle - * @param melt_hash hash code of the session the coins are melted into - * @param refresh_session_pub public key of the refresh session + * @param session_hash hash code of the session the coins are melted into * @param client_signature signature of the client (matching @a refresh_session_pub) * over the melting request * @param num_new_denoms number of entries in @a denom_pubs, size of y-dimension of @commit_coin array @@ -128,7 +125,7 @@ struct MeltDetails */ int TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, - const struct GNUNET_HashCode *melt_hash, + const struct GNUNET_HashCode *session_hash, const struct TALER_SessionPublicKey *refresh_session_pub, const struct TALER_SessionSignature *client_signature, unsigned int num_new_denoms, @@ -149,7 +146,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, * coins that was not chosen. * * @param connection the MHD connection to handle - * @param refresh_session_pub public key of the refresh session + * @param session_hash hash over the refresh session * @param kappa size of x-dimension of @transfer_privs array plus one (!) * @param num_oldcoins size of y-dimension of @transfer_privs array * @param transfer_pubs array with the revealed transfer keys @@ -157,7 +154,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, */ int TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, unsigned int kappa, unsigned int num_oldcoins, struct TALER_TransferPrivateKey **transfer_privs); diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c index bf812103..7ecf8bfe 100644 --- a/src/mint/taler-mint-httpd_deposit.c +++ b/src/mint/taler-mint-httpd_deposit.c @@ -131,7 +131,7 @@ static int parse_and_handle_deposit_request (struct MHD_Connection *connection, const json_t *root, const struct TALER_Amount *amount, - const json_t *wire) + json_t *wire) { int res; struct Deposit deposit; diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c index e72a7795..775ffd4c 100644 --- a/src/mint/taler-mint-httpd_refresh.c +++ b/src/mint/taler-mint-httpd_refresh.c @@ -72,11 +72,7 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, { unsigned int i; - struct GNUNET_HashContext *hash_context; - struct GNUNET_HashCode melt_hash; struct RefreshMeltSessionSignature body; - char *buf; - size_t buf_size; struct MintKeyState *key_state; struct TALER_MINT_DenomKeyIssue *dki; struct TALER_Amount cost; @@ -88,28 +84,9 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, struct TALER_Amount total_melt; /* check that signature from the session public key is ok */ - hash_context = GNUNET_CRYPTO_hash_context_start (); - /* FIXME: also hash session public key here!? #3708 */ - for (i = 0; i < num_new_denoms; i++) - { - buf_size = GNUNET_CRYPTO_rsa_public_key_encode (denom_pubs[i].rsa_public_key, - &buf); - GNUNET_CRYPTO_hash_context_read (hash_context, - buf, - buf_size); - GNUNET_free (buf); - } - for (i = 0; i < coin_count; i++) - GNUNET_CRYPTO_hash_context_read (hash_context, - &coin_public_infos[i].coin_pub, - sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)); - GNUNET_CRYPTO_hash_context_finish (hash_context, - &melt_hash); - /* FIXME: what about the `commit_hash`? #3708 */ - body.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_MELT_SESSION); body.purpose.size = htonl (sizeof (struct RefreshMeltSessionSignature)); - body.melt_hash = melt_hash; + body.melt_hash = *commit_hash; TALER_amount_hton (&body.amount_with_fee, &coin_melt_details->melt_amount_with_fee); @@ -197,7 +174,7 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, "error", "value mismatch"); } return TALER_MINT_db_execute_refresh_melt (connection, - &melt_hash, + commit_hash, refresh_session_pub, commit_client_sig, num_new_denoms, @@ -278,7 +255,7 @@ get_coin_public_info (struct MHD_Connection *connection, * be done before the transaction starts. * * @param connection the connection to send error responses to - * @param melt_hash hash over refresh session the coin is melted into + * @param session_hash hash over refresh session the coin is melted into * @param r_public_info the coin's public information * @param r_melt_detail details about the coin's melting permission (if valid) * @return #GNUNET_YES if coin public info in JSON was valid @@ -287,7 +264,7 @@ get_coin_public_info (struct MHD_Connection *connection, */ static int verify_coin_public_info (struct MHD_Connection *connection, - const struct GNUNET_HashCode *melt_hash, + const struct GNUNET_HashCode *session_hash, const struct TALER_CoinPublicInfo *r_public_info, const struct MeltDetails *r_melt_detail) { @@ -298,7 +275,7 @@ verify_coin_public_info (struct MHD_Connection *connection, body.purpose.size = htonl (sizeof (struct RefreshMeltCoinSignature)); body.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_MELT_COIN); - body.melt_hash = *melt_hash; + body.session_hash = *session_hash; TALER_amount_hton (&body.amount_with_fee, &r_melt_detail->melt_amount_with_fee); body.coin_pub = r_public_info->coin_pub; @@ -449,11 +426,21 @@ handle_refresh_melt_json (struct MHD_Connection *connection, struct RefreshCommitLink *commit_link[kappa]; const struct TALER_SessionSignature commit_client_sig; + /* For the signature check, we hash most of the inputs together + (except for the signatures on the coins). */ + hash_context = GNUNET_CRYPTO_hash_context_start (); + GNUNET_CRYPTO_hash_context_read (hash_context, + refresh_session_pub, + sizeof (struct TALER_SessionPublicKey)); + num_new_denoms = json_array_size (new_denoms); denom_pubs = GNUNET_malloc (num_new_denoms * sizeof (struct TALER_DenominationPublicKey)); for (i=0;icoin_ev, + &rcc->coin_ev_size); if (GNUNET_OK != res) { @@ -550,8 +553,8 @@ handle_refresh_melt_json (struct MHD_Connection *connection, return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; } GNUNET_CRYPTO_hash_context_read (hash_context, - commit_coin[i][j].coin_ev, - commit_coin[i][j].coin_ev_size); + rcc->coin_ev, + rcc->coin_ev_size); res = GNUNET_MINT_parse_navigate_json (connection, link_encs, JNAV_INDEX, (int) i, @@ -565,9 +568,9 @@ handle_refresh_melt_json (struct MHD_Connection *connection, free_commit_coins (commit_coin, kappa, num_newcoins); return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; } - commit_coin[i][j].refresh_link = TALER_refresh_link_encrypted_decode (link_enc, - link_enc_size); - + rcc->refresh_link + = TALER_refresh_link_encrypted_decode (link_enc, + link_enc_size); GNUNET_CRYPTO_hash_context_read (hash_context, link_enc, link_enc_size); @@ -580,12 +583,14 @@ handle_refresh_melt_json (struct MHD_Connection *connection, sizeof (struct RefreshCommitLink)); for (j = 0; j < num_oldcoins; j++) { + struct RefreshCommitLink *rcl = &commit_link[i][j]; + res = GNUNET_MINT_parse_navigate_json (connection, transfer_pubs, JNAV_INDEX, (int) i, JNAV_INDEX, (int) j, JNAV_RET_DATA, - &commit_link[i][j].transfer_pub, + &rcl->transfer_pub, sizeof (struct TALER_TransferPublicKey)); if (GNUNET_OK != res) @@ -596,17 +601,12 @@ handle_refresh_melt_json (struct MHD_Connection *connection, free_commit_links (commit_link, kappa, num_oldcoins); return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; } - - GNUNET_CRYPTO_hash_context_read (hash_context, - &commit_link[i][j].transfer_pub, - sizeof (struct TALER_TransferPublicKey)); - res = GNUNET_MINT_parse_navigate_json (connection, secret_encs, JNAV_INDEX, (int) i, JNAV_INDEX, (int) j, JNAV_RET_DATA, - &commit_link[i][j].shared_secret_enc, + &rcl->shared_secret_enc, sizeof (struct GNUNET_HashCode)); if (GNUNET_OK != res) @@ -619,12 +619,13 @@ handle_refresh_melt_json (struct MHD_Connection *connection, } GNUNET_CRYPTO_hash_context_read (hash_context, - &commit_link[i][j].shared_secret_enc, - sizeof (struct GNUNET_HashCode)); + rcl, + sizeof (struct RefreshCommitLink)); } - } - GNUNET_CRYPTO_hash_context_finish (hash_context, &commit_hash); + } + GNUNET_CRYPTO_hash_context_finish (hash_context, + &commit_hash); res = GNUNET_MINT_parse_navigate_json (connection, commit_signature, @@ -640,7 +641,7 @@ handle_refresh_melt_json (struct MHD_Connection *connection, for (i=0;iamount_with_fee; ms.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_MELT_COIN); ms.purpose.size = htonl (sizeof (struct RefreshMeltCoinSignature)); - ms.melt_hash = melt->melt_hash; + ms.session_hash = melt->session_hash; TALER_amount_hton (&ms.amount_with_fee, &melt->amount_with_fee); ms.coin_pub = melt->coin.coin_pub; diff --git a/src/mint/taler_mintdb_plugin.h b/src/mint/taler_mintdb_plugin.h index 07823851..326737e6 100644 --- a/src/mint/taler_mintdb_plugin.h +++ b/src/mint/taler_mintdb_plugin.h @@ -236,18 +236,15 @@ struct Deposit struct RefreshSession { /** - * Signature over the commitments by the client, - * only valid if @e has_commit_sig is set. - * - * FIXME: The above comment is clearly confused. + * Signature over the commitments by the client. */ struct TALER_SessionSignature commit_sig; /** - * Hash over coins to melt and coins to create of the - * refresh session. + * Public key the client uses to sign messages in + * this exchange. */ - struct GNUNET_HashCode session_hash; + struct TALER_SessionPublicKey refresh_session_pub; /** * Signature over the melt by the client. @@ -296,9 +293,9 @@ struct RefreshMelt struct TALER_CoinSpendSignature coin_sig; /** - * Which melting operation should the coin become a part of. + * Hash of the refresh session this coin is melted into. */ - struct GNUNET_HashCode melt_hash; + struct GNUNET_HashCode session_hash; /** * How much value is being melted? This amount includes the fees, @@ -341,6 +338,8 @@ struct RefreshCommitCoin }; +GNUNET_NETWORK_STRUCT_BEGIN + /** * For each (old) coin being melted, we have a `struct * RefreshCommitLink` that allows the user to find the shared secret @@ -350,7 +349,9 @@ struct RefreshCommitCoin struct RefreshCommitLink { /** - * Transfer public key (FIXME: explain!) + * Transfer public key, used to decrypt the @e shared_secret_enc + * in combintation with the corresponding private key of the + * coin. */ struct TALER_TransferPublicKey transfer_pub; @@ -360,6 +361,9 @@ struct RefreshCommitLink struct TALER_EncryptedLinkSecret shared_secret_enc; }; +GNUNET_NETWORK_STRUCT_END + + /** * Linked list of refresh information linked to a coin. @@ -709,11 +713,11 @@ struct TALER_MINTDB_Plugin /** - * Lookup refresh session data under the given public key. + * Lookup refresh session data under the given @a session_hash. * * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database handle to use - * @param refresh_session_pub public key to use for the lookup + * @param session_hash hash over the melt to use for the lookup * @param refresh_session[OUT] where to store the result * @return #GNUNET_YES on success, * #GNUNET_NO if not found, @@ -722,16 +726,16 @@ struct TALER_MINTDB_Plugin int (*get_refresh_session) (void *cls, struct TALER_MINTDB_Session *sesssion, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, struct RefreshSession *refresh_session); /** - * Store new refresh session data under the given public key. + * Store new refresh session data under the given @a session_hash. * * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database handle to use - * @param refresh_session_pub public key to use to locate the session + * @param session_hash hash over the melt to use to locate the session * @param refresh_session session data to store * @return #GNUNET_YES on success, * #GNUNET_SYSERR on DB failure @@ -739,26 +743,24 @@ struct TALER_MINTDB_Plugin int (*create_refresh_session) (void *cls, struct TALER_MINTDB_Session *sesssion, - const struct TALER_SessionPublicKey *session_pub, + const struct GNUNET_HashCode *session_hash, const struct RefreshSession *refresh_session); - /** * Store the given /refresh/melt request in the database. * * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database connection - * @param refresh_session session key of the melt operation * @param oldcoin_index index of the coin to store - * @param melt coin melt operation details to store + * @param melt coin melt operation details to store; includes + * the session hash of the melt * @return #GNUNET_OK on success * #GNUNET_SYSERR on internal error */ int (*insert_refresh_melt) (void *cls, struct TALER_MINTDB_Session *sesssion, - const struct TALER_SessionPublicKey *refresh_session, uint16_t oldcoin_index, const struct RefreshMelt *melt); @@ -768,7 +770,7 @@ struct TALER_MINTDB_Plugin * * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database connection - * @param refresh_session session key of the melt operation + * @param session_hash hash to identify refresh session * @param oldcoin_index index of the coin to retrieve * @param melt melt data to fill in * @return #GNUNET_OK on success @@ -777,7 +779,7 @@ struct TALER_MINTDB_Plugin int (*get_refresh_melt) (void *cls, struct TALER_MINTDB_Session *sesssion, - const struct TALER_SessionPublicKey *refresh_session, + const struct GNUNET_HashCode *session_hash, uint16_t oldcoin_index, struct RefreshMelt *melt); @@ -788,7 +790,7 @@ struct TALER_MINTDB_Plugin * * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database connection - * @param session_pub refresh session key + * @param session_hash hash to identify refresh session * @param num_newcoins number of coins to generate, size of the @a denom_pubs array * @param denom_pubs array denominations of the coins to create * @return #GNUNET_OK on success @@ -797,7 +799,7 @@ struct TALER_MINTDB_Plugin int (*insert_refresh_order) (void *cls, struct TALER_MINTDB_Session *sesssion, - const struct TALER_SessionPublicKey *session_pub, + const struct GNUNET_HashCode *session_hash, uint16_t num_newcoins, const struct TALER_DenominationPublicKey *denom_pubs); @@ -808,7 +810,7 @@ struct TALER_MINTDB_Plugin * * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database connection - * @param session_pub refresh session key + * @param session_hash hash to identify refresh session * @param num_newcoins size of the @a denom_pubs array * @param denom_pubs[OUT] where to write @a num_newcoins denomination keys * @return #GNUNET_OK on success @@ -817,7 +819,7 @@ struct TALER_MINTDB_Plugin int (*get_refresh_order) (void *cls, struct TALER_MINTDB_Session *sesssion, - const struct TALER_SessionPublicKey *session_pub, + const struct GNUNET_HashCode *session_hash, uint16_t num_newcoins, struct TALER_DenominationPublicKey *denom_pubs); @@ -828,7 +830,7 @@ struct TALER_MINTDB_Plugin * * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database connection to use - * @param refresh_session_pub refresh session this commitment belongs to + * @param session_hash hash to identify refresh session * @param i set index (1st dimension), relating to kappa * @param num_newcoins coin index size of the @a commit_coins array * @param commit_coin array of coin commitments to store @@ -838,7 +840,7 @@ struct TALER_MINTDB_Plugin int (*insert_refresh_commit_coins) (void *cls, struct TALER_MINTDB_Session *sesssion, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, unsigned int i, unsigned int num_newcoins, const struct RefreshCommitCoin *commit_coins); @@ -850,7 +852,7 @@ struct TALER_MINTDB_Plugin * * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database connection to use - * @param refresh_session_pub refresh session the commitment belongs to + * @param session_hash hash to identify refresh session * @param i set index (1st dimension) * @param num_coins size of the @a commit_coins array * @param commit_coin[OUT] array of coin commitments to return @@ -861,7 +863,7 @@ struct TALER_MINTDB_Plugin int (*get_refresh_commit_coins) (void *cls, struct TALER_MINTDB_Session *sesssion, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, unsigned int i, unsigned int num_coins, struct RefreshCommitCoin *commit_coins); @@ -873,8 +875,7 @@ struct TALER_MINTDB_Plugin * * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database connection to use - * @param refresh_session_pub public key of the refresh session this - * commitment belongs with + * @param session_hash hash to identify refresh session * @param i set index (1st dimension), relating to kappa * @param num_links size of the @a commit_link array * @param commit_links array of link information to store @@ -883,7 +884,7 @@ struct TALER_MINTDB_Plugin int (*insert_refresh_commit_links) (void *cls, struct TALER_MINTDB_Session *sesssion, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, unsigned int i, unsigned int num_links, const struct RefreshCommitLink *commit_links); @@ -894,8 +895,7 @@ struct TALER_MINTDB_Plugin * * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database connection to use - * @param refresh_session_pub public key of the refresh session this - * commitment belongs with + * @param session_hash hash to identify refresh session * @param i set index (1st dimension) * @param num_links size of the @links array to return * @param links[OUT] array link information to return @@ -906,7 +906,7 @@ struct TALER_MINTDB_Plugin int (*get_refresh_commit_links) (void *cls, struct TALER_MINTDB_Session *sesssion, - const struct TALER_SessionPublicKey *refresh_session_pub, + const struct GNUNET_HashCode *session_hash, unsigned int i, unsigned int num_links, struct RefreshCommitLink *links); @@ -920,7 +920,7 @@ struct TALER_MINTDB_Plugin * * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database connection - * @param session_pub refresh session + * @param session_hash hash to identify refresh session * @param newcoin_index coin index * @param ev_sig coin signature * @return #GNUNET_OK on success @@ -928,7 +928,7 @@ struct TALER_MINTDB_Plugin int (*insert_refresh_collectable) (void *cls, struct TALER_MINTDB_Session *sesssion, - const struct TALER_SessionPublicKey *session_pub, + const struct GNUNET_HashCode *session_hash, uint16_t newcoin_index, const struct TALER_DenominationSignature *ev_sig); -- cgit v1.2.3 From f052af1e6bc9532c7a924ca3e8edba2e990b3b83 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 24 Mar 2015 17:13:17 +0100 Subject: address #3731: no need for session public key or signature --- src/include/taler_crypto_lib.h | 39 --------------------- src/include/taler_signatures.h | 70 ++----------------------------------- src/mint/taler-mint-httpd_db.c | 9 ----- src/mint/taler-mint-httpd_db.h | 4 --- src/mint/taler-mint-httpd_refresh.c | 65 ++++------------------------------ src/mint/taler_mintdb_plugin.h | 15 -------- 6 files changed, 9 insertions(+), 193 deletions(-) (limited to 'src/mint/taler_mintdb_plugin.h') diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index a7e90277..3156e63e 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -93,32 +93,6 @@ struct TALER_MerchantPrivateKey }; -/** - * Type of public keys used by clients to sign - * messages during a melting session. - */ -struct TALER_SessionPublicKey -{ - /** - * Taler uses EdDSA for melting session keys. - */ - struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub; -}; - - -/** - * Type of public keys used by clients to sign - * messages during a melting session. - */ -struct TALER_SessionPrivateKey -{ - /** - * Taler uses EdDSA for melting session keys. - */ - struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv; -}; - - /** * Type of transfer public keys used during refresh * operations. @@ -147,19 +121,6 @@ struct TALER_TransferPrivateKey }; -/** - * Type of signatures used by clients to sign - * messages during a melting session. - */ -struct TALER_SessionSignature -{ - /** - * Taler uses EdDSA for melting session keys. - */ - struct GNUNET_CRYPTO_EddsaSignature eddsa_signature; -}; - - /** * Type of online public keys used by the mint to sign * messages. diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index fa713dc4..b8fe8a7b 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -60,29 +60,17 @@ */ #define TALER_SIGNATURE_REFRESH_MELT_COIN 5 -/** - * Signature where the refresh session confirms - * the commits. - */ -#define TALER_SIGNATURE_REFRESH_MELT_SESSION 6 - /** * Signature where the mint (current signing key) * confirms the no-reveal index for cut-and-choose and * the validity of the melted coins. */ -#define TALER_SIGNATURE_REFRESH_MELT_RESPONSE 7 - -/** - * Signature where coins confirm that they want - * to be melted into a certain session. - */ -#define TALER_SIGNATURE_REFRESH_MELT_CONFIRM 9 +#define TALER_SIGNATURE_REFRESH_MELT_RESPONSE 6 /** * Signature where the Mint confirms a deposit request. */ -#define TALER_SIGNATURE_MINT_DEPOSIT 10 +#define TALER_SIGNATURE_MINT_DEPOSIT 7 /***********************/ @@ -277,40 +265,6 @@ struct RefreshMeltCoinSignature }; -/** - * Message signed by a coin to indicate that the coin should - * be melted. - */ -struct RefreshMeltSessionSignature -{ - /** - * Purpose is #TALER_SIGNATURE_REFRESH_MELT_SESSION - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Which melting operation should the coin become a part of. - */ - struct GNUNET_HashCode melt_hash; - - /** - * Public key of the refresh session for which - * @e melt_client_signature must be a valid signature. - */ - struct TALER_SessionPublicKey session_key; - - /** - * What is the total value of the coins created during the - * refresh, including melting fee! - */ - struct TALER_AmountNBO amount_with_fee; - - /* FIXME: we should probably also include the value of - the melting fee here as well! */ - -}; - - /** * Format of the block signed by the Mint in response to a successful * "/refresh/melt" request. Hereby the mint affirms that all of the @@ -336,26 +290,6 @@ struct RefreshMeltResponseSignatureBody }; -/** - * Message signed by the client requesting the final - * result of the melting operation. - */ -struct RefreshMeltConfirmSignRequestBody -{ - /** - * Purpose is #TALER_SIGNATURE_REFRESH_MELT_CONFIRM. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - // FIXME: We probably need more info in here... - - /** - * Public key the client uses for this session. - */ - struct TALER_SessionPublicKey session_pub; -}; - - /** * Information about a signing key of the mint. Signing keys are used * to sign mint messages other than coins, i.e. to confirm that a diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 7592403d..c18936e1 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -494,7 +494,6 @@ refresh_accept_melts (struct MHD_Connection *connection, struct TALER_MINTDB_Session *session, const struct MintKeyState *key_state, const struct GNUNET_HashCode *session_hash, - const struct TALER_SessionPublicKey *session_pub, const struct TALER_CoinPublicInfo *coin_public_info, const struct MeltDetails *coin_details, uint16_t oldcoin_index) @@ -587,9 +586,6 @@ refresh_accept_melts (struct MHD_Connection *connection, * * @param connection the MHD connection to handle * @param session_hash hash code of the session the coins are melted into - * @param refresh_session_pub public key of the refresh session - * @param client_signature signature of the client (matching @a refresh_session_pub) - * over the melting request * @param num_new_denoms number of entries in @a denom_pubs, size of y-dimension of @commit_coin array * @param denum_pubs public keys of the coins we want to withdraw in the end * @param coin_count number of entries in @a coin_public_infos and @a coin_melt_details, size of y-dimension of @commit_link array @@ -606,8 +602,6 @@ refresh_accept_melts (struct MHD_Connection *connection, int TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, const struct GNUNET_HashCode *session_hash, - const struct TALER_SessionPublicKey *refresh_session_pub, - const struct TALER_SessionSignature *client_signature, unsigned int num_new_denoms, const struct TALER_DenominationPublicKey *denom_pubs, unsigned int coin_count, @@ -665,7 +659,6 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, session, key_state, session_hash, - refresh_session_pub, &coin_public_infos[i], &coin_melt_details[i], i))) @@ -724,8 +717,6 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, /* store 'global' session data */ - refresh_session.melt_sig = *client_signature; - refresh_session.refresh_session_pub = *refresh_session_pub; refresh_session.num_oldcoins = coin_count; refresh_session.num_newcoins = num_new_denoms; refresh_session.kappa = KAPPA; // FIXME... (#3711) diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h index edf8248c..ed96bbd4 100644 --- a/src/mint/taler-mint-httpd_db.h +++ b/src/mint/taler-mint-httpd_db.h @@ -108,8 +108,6 @@ struct MeltDetails * * @param connection the MHD connection to handle * @param session_hash hash code of the session the coins are melted into - * @param client_signature signature of the client (matching @a refresh_session_pub) - * over the melting request * @param num_new_denoms number of entries in @a denom_pubs, size of y-dimension of @commit_coin array * @param denum_pubs array of public denomination keys for the refresh (?) * @param coin_count number of entries in @a coin_public_infos and @ a coin_melt_details, size of y-dimension of @commit_link array @@ -126,8 +124,6 @@ struct MeltDetails int TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, const struct GNUNET_HashCode *session_hash, - const struct TALER_SessionPublicKey *refresh_session_pub, - const struct TALER_SessionSignature *client_signature, unsigned int num_new_denoms, const struct TALER_DenominationPublicKey *denom_pubs, unsigned int coin_count, diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c index 775ffd4c..6575f02c 100644 --- a/src/mint/taler-mint-httpd_refresh.c +++ b/src/mint/taler-mint-httpd_refresh.c @@ -40,13 +40,12 @@ * and then hand things of to execute the melt operation. * * @param connection the MHD connection to handle - * @param refresh_session_pub public key of the melt operation * @param num_new_denoms number of coins to be created, size of y-dimension of @commit_link array * @param denom_pubs array of @a num_new_denoms keys * @param coin_count number of coins to be melted, size of y-dimension of @commit_coin array * @param coin_public_infos array with @a coin_count entries about the coins * @param coin_melt_details array with @a coin_count entries with melting details - * @param commit_hash hash over the data that the client commits to + * @param session_hash hash over the data that the client commits to * @param commit_client_sig signature of the client over this commitment * @param kappa size of x-dimension of @commit_coin and @commit_link arrays * @param commit_coin 2d array of coin commitments (what the mint is to sign @@ -58,21 +57,18 @@ */ static int handle_refresh_melt_binary (struct MHD_Connection *connection, - const struct TALER_SessionPublicKey *refresh_session_pub, unsigned int num_new_denoms, const struct TALER_DenominationPublicKey *denom_pubs, unsigned int coin_count, struct TALER_CoinPublicInfo *coin_public_infos, const struct MeltDetails *coin_melt_details, - const struct GNUNET_HashCode *commit_hash, - const struct TALER_SessionSignature *commit_client_sig, + const struct GNUNET_HashCode *session_hash, unsigned int kappa, struct RefreshCommitCoin *const* commit_coin, struct RefreshCommitLink *const* commit_link) { unsigned int i; - struct RefreshMeltSessionSignature body; struct MintKeyState *key_state; struct TALER_MINT_DenomKeyIssue *dki; struct TALER_Amount cost; @@ -83,27 +79,6 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, struct TALER_Amount fee_melt; struct TALER_Amount total_melt; - /* check that signature from the session public key is ok */ - body.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_MELT_SESSION); - body.purpose.size = htonl (sizeof (struct RefreshMeltSessionSignature)); - body.melt_hash = *commit_hash; - TALER_amount_hton (&body.amount_with_fee, - &coin_melt_details->melt_amount_with_fee); - - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_REFRESH_MELT_SESSION, - &body.purpose, - &commit_client_sig->eddsa_signature, - &refresh_session_pub->eddsa_pub)) - { - GNUNET_log (GNUNET_ERROR_TYPE_WARNING, - "signature invalid (did not verify)\n"); - return TALER_MINT_reply_json_pack (connection, - MHD_HTTP_UNAUTHORIZED, - "{s:s}", - "error", - "invalid signature (verification)"); - } GNUNET_assert (GNUNET_OK == TALER_amount_get_zero (MINT_CURRENCY, &total_cost)); @@ -174,9 +149,7 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, "error", "value mismatch"); } return TALER_MINT_db_execute_refresh_melt (connection, - commit_hash, - refresh_session_pub, - commit_client_sig, + session_hash, num_new_denoms, denom_pubs, coin_count, @@ -382,7 +355,6 @@ free_commit_links (struct RefreshCommitLink **commit_link, * #handle_refresh_melt_binary(). * * @param connection the MHD connection to handle - * @param refresh_session_pub public key of the melt operation * @param new_denoms array of denomination keys * @param melt_coins array of coins to melt * @param melt_sig_json signature affirming the melt operation @@ -398,7 +370,6 @@ free_commit_links (struct RefreshCommitLink **commit_link, */ static int handle_refresh_melt_json (struct MHD_Connection *connection, - const struct TALER_SessionPublicKey *refresh_session_pub, const json_t *new_denoms, const json_t *melt_coins, const json_t *melt_sig_json, @@ -420,19 +391,14 @@ handle_refresh_melt_json (struct MHD_Connection *connection, struct TALER_CoinPublicInfo *coin_public_infos; struct MeltDetails *coin_melt_details; unsigned int coin_count; - struct GNUNET_HashCode commit_hash; + struct GNUNET_HashCode session_hash; struct GNUNET_HashContext *hash_context; struct RefreshCommitCoin *commit_coin[kappa]; struct RefreshCommitLink *commit_link[kappa]; - const struct TALER_SessionSignature commit_client_sig; /* For the signature check, we hash most of the inputs together (except for the signatures on the coins). */ hash_context = GNUNET_CRYPTO_hash_context_start (); - GNUNET_CRYPTO_hash_context_read (hash_context, - refresh_session_pub, - sizeof (struct TALER_SessionPublicKey)); - num_new_denoms = json_array_size (new_denoms); denom_pubs = GNUNET_malloc (num_new_denoms * sizeof (struct TALER_DenominationPublicKey)); @@ -625,25 +591,13 @@ handle_refresh_melt_json (struct MHD_Connection *connection, } GNUNET_CRYPTO_hash_context_finish (hash_context, - &commit_hash); - - res = GNUNET_MINT_parse_navigate_json (connection, - commit_signature, - JNAV_FIELD, - "sig", - JNAV_RET_DATA, - &commit_client_sig, - sizeof (struct TALER_SessionSignature)); - - if (GNUNET_OK != res) - return (GNUNET_NO == res) ? MHD_YES : MHD_NO; - + &session_hash); for (i=0;i Date: Tue, 24 Mar 2015 17:25:00 +0100 Subject: make kappa global fixed constant, not something to be negotiated, KISS --- src/include/taler_signatures.h | 11 ++++++ src/mint/plugin_mintdb_postgres.c | 4 +- src/mint/taler-mint-httpd.h | 6 --- src/mint/taler-mint-httpd_db.c | 26 ++++++------- src/mint/taler-mint-httpd_db.h | 8 +--- src/mint/taler-mint-httpd_refresh.c | 78 ++++++++++++++++++------------------- src/mint/taler_mintdb_plugin.h | 15 ++----- 7 files changed, 69 insertions(+), 79 deletions(-) (limited to 'src/mint/taler_mintdb_plugin.h') diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index b8fe8a7b..3ad97a57 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -30,6 +30,17 @@ #include "taler_util.h" +/** + * Cut-and-choose size for refreshing. Client looses the gamble (of + * unaccountable transfers) with probability 1/KAPPA. Refresh cost + * increases linearly with KAPPA, and 3 is sufficient up to a + * income/sales tax of 66% of total transaction value. As there is + * no good reason to change this security parameter, we declare it + * fixed and part of the protocol. + */ +#define KAPPA 3 + + /** * Purpose for signing public keys signed * by the mint master key. diff --git a/src/mint/plugin_mintdb_postgres.c b/src/mint/plugin_mintdb_postgres.c index 1c6851d8..5a1ff8c0 100644 --- a/src/mint/plugin_mintdb_postgres.c +++ b/src/mint/plugin_mintdb_postgres.c @@ -247,7 +247,7 @@ postgres_create_tables (void *cls, // index of the old coin in the customer's request ",oldcoin_index INT2 NOT NULL" // index for cut and choose, - // ranges from 0 to kappa-1 + // ranges from 0 to #KAPPA-1 ",cnc_index INT2 NOT NULL" ")"); SQLEXEC("CREATE TABLE IF NOT EXISTS refresh_commit_coin" @@ -1486,7 +1486,6 @@ postgres_get_refresh_session (void *cls, struct TALER_DB_ResultSpec rs[] = { TALER_DB_RESULT_SPEC("num_oldcoins", &refresh_session->num_oldcoins), TALER_DB_RESULT_SPEC("num_newcoins", &refresh_session->num_newcoins), - TALER_DB_RESULT_SPEC("kappa", &refresh_session->kappa), TALER_DB_RESULT_SPEC("noreveal_index", &refresh_session->noreveal_index), TALER_DB_RESULT_SPEC_END }; @@ -1502,7 +1501,6 @@ postgres_get_refresh_session (void *cls, refresh_session->num_oldcoins = ntohs (refresh_session->num_oldcoins); refresh_session->num_newcoins = ntohs (refresh_session->num_newcoins); - refresh_session->kappa = ntohs (refresh_session->kappa); refresh_session->noreveal_index = ntohs (refresh_session->noreveal_index); PQclear (result); diff --git a/src/mint/taler-mint-httpd.h b/src/mint/taler-mint-httpd.h index 36d150bb..50b74570 100644 --- a/src/mint/taler-mint-httpd.h +++ b/src/mint/taler-mint-httpd.h @@ -25,12 +25,6 @@ #include -/** - * Cut-and-choose size for refreshing. - * FIXME: maybe make it a config option? - */ -#define KAPPA 3 - /** * For now, we just do EUR. Should become configurable * in the future! diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index c18936e1..17f44c9c 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -591,12 +591,13 @@ refresh_accept_melts (struct MHD_Connection *connection, * @param coin_count number of entries in @a coin_public_infos and @a coin_melt_details, size of y-dimension of @commit_link array * @param coin_public_infos information about the coins to melt * @param coin_melt_details signatures and (residual) value of the respective coin should be melted - * @param kappa size of x-dimension of @commit_coin and @commit_link arrays * @param commit_coin 2d array of coin commitments (what the mint is to sign - * once the "/refres/reveal" of cut and choose is done) + * once the "/refres/reveal" of cut and choose is done), + * x-dimension must be #KAPPA * @param commit_link 2d array of coin link commitments (what the mint is * to return via "/refresh/link" to enable linkage in the * future) + * x-dimension must be #KAPPA * @return MHD result code */ int @@ -607,7 +608,6 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, unsigned int coin_count, const struct TALER_CoinPublicInfo *coin_public_infos, const struct MeltDetails *coin_melt_details, - unsigned int kappa, struct RefreshCommitCoin *const* commit_coin, struct RefreshCommitLink *const* commit_link) { @@ -684,7 +684,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, return TALER_MINT_reply_internal_db_error (connection); } - for (i = 0; i < kappa; i++) + for (i = 0; i < KAPPA; i++) { if (GNUNET_OK != plugin->insert_refresh_commit_coins (plugin->cls, @@ -699,7 +699,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, return TALER_MINT_reply_internal_db_error (connection); } } - for (i = 0; i < kappa; i++) + for (i = 0; i < KAPPA; i++) { if (GNUNET_OK != plugin->insert_refresh_commit_links (plugin->cls, @@ -719,10 +719,9 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, /* store 'global' session data */ refresh_session.num_oldcoins = coin_count; refresh_session.num_newcoins = num_new_denoms; - refresh_session.kappa = KAPPA; // FIXME... (#3711) refresh_session.noreveal_index = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_STRONG, - refresh_session.kappa); + KAPPA); if (GNUNET_OK != (res = plugin->create_refresh_session (plugin->cls, session, @@ -753,7 +752,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, * Check if the given @a transfer_privs correspond to an honest * commitment for the given session. * Checks that the transfer private keys match their commitments. - * Then derives the shared secret for each kappa, and check that they match. + * Then derives the shared secret for each #KAPPA, and check that they match. * * @param connection the MHD connection to handle * @param session database connection to use @@ -946,7 +945,7 @@ check_commitment (struct MHD_Connection *connection, buf_len)) ) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "blind envelope does not match for kappa=%u, old=%d\n", + "blind envelope does not match for k=%u, old=%d\n", off, (int) j); /* FIXME: return more specific error with original signature (#3712) */ @@ -1025,22 +1024,21 @@ refresh_mint_coin (struct MHD_Connection *connection, /** * Execute a "/refresh/reveal". The client is revealing to us the - * transfer keys for @a kappa-1 sets of coins. Verify that the + * transfer keys for @a #KAPPA-1 sets of coins. Verify that the * revealed transfer keys would allow linkage to the blinded coins, * and if so, return the signed coins for corresponding to the set of * coins that was not chosen. * * @param connection the MHD connection to handle * @param session_hash hash identifying the refresh session - * @param kappa size of x-dimension of @transfer_privs array plus one (!) * @param num_oldcoins size of y-dimension of @transfer_privs array - * @param transfer_pubs array with the revealed transfer keys + * @param transfer_pubs array with the revealed transfer keys, + * x-dimension must be #KAPPA - 1 * @return MHD result code */ int TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, const struct GNUNET_HashCode *session_hash, - unsigned int kappa, unsigned int num_oldcoins, struct TALER_TransferPrivateKey **transfer_privs) { @@ -1112,7 +1110,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection, off = 0; - for (i=0;irefresh_link @@ -543,7 +542,7 @@ handle_refresh_melt_json (struct MHD_Connection *connection, } } - for (i = 0; i < kappa; i++) + for (i = 0; i < KAPPA; i++) { commit_link[i] = GNUNET_malloc (num_oldcoins * sizeof (struct RefreshCommitLink)); @@ -563,8 +562,12 @@ handle_refresh_melt_json (struct MHD_Connection *connection, { GNUNET_break (GNUNET_SYSERR != res); GNUNET_CRYPTO_hash_context_abort (hash_context); - free_commit_coins (commit_coin, kappa, num_newcoins); - free_commit_links (commit_link, kappa, num_oldcoins); + free_commit_coins (commit_coin, + KAPPA, + num_newcoins); + free_commit_links (commit_link, + KAPPA, + num_oldcoins); return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; } res = GNUNET_MINT_parse_navigate_json (connection, @@ -579,8 +582,12 @@ handle_refresh_melt_json (struct MHD_Connection *connection, { GNUNET_break (GNUNET_SYSERR != res); GNUNET_CRYPTO_hash_context_abort (hash_context); - free_commit_coins (commit_coin, kappa, num_newcoins); - free_commit_links (commit_link, kappa, num_oldcoins); + free_commit_coins (commit_coin, + KAPPA, + num_newcoins); + free_commit_links (commit_link, + KAPPA, + num_oldcoins); return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; } @@ -615,12 +622,15 @@ handle_refresh_melt_json (struct MHD_Connection *connection, coin_public_infos, coin_melt_details, &session_hash, - kappa, commit_coin, commit_link); cleanup: - free_commit_coins (commit_coin, kappa, num_newcoins); - free_commit_links (commit_link, kappa, num_oldcoins); + free_commit_coins (commit_coin, + KAPPA, + num_newcoins); + free_commit_links (commit_link, + KAPPA, + num_oldcoins); for (j=0;j kappa) || (kappa > 32) ) + if (KAPPA != json_array_size (coin_evs)) { GNUNET_break_op (0); TALER_MINT_release_parsed_data (spec); return TALER_MINT_reply_arg_invalid (connection, "coin_evs"); } - if (json_array_size (transfer_pubs) != kappa) + if (KAPPA != json_array_size (transfer_pubs)) { GNUNET_break_op (0); TALER_MINT_release_parsed_data (spec); @@ -741,7 +749,6 @@ TALER_MINT_handler_refresh_melt (struct RequestHandler *rh, melt_coins, melt_sig_json, commit_sig_json, - kappa, num_oldcoins, transfer_pubs, secret_encs, @@ -763,7 +770,6 @@ TALER_MINT_handler_refresh_melt (struct RequestHandler *rh, * * @param connection the MHD connection to handle * @param session_hash hash identifying the melting session - * @param kappa length of the 1st dimension of @a transfer_privs array PLUS ONE * @param num_oldcoins length of the 2nd dimension of @a transfer_privs array * @param tp_json private transfer keys in JSON format * @return MHD result code @@ -771,20 +777,19 @@ TALER_MINT_handler_refresh_melt (struct RequestHandler *rh, static int handle_refresh_reveal_json (struct MHD_Connection *connection, const struct GNUNET_HashCode *session_hash, - unsigned int kappa, unsigned int num_oldcoins, const json_t *tp_json) { - struct TALER_TransferPrivateKey *transfer_privs[kappa - 1]; + struct TALER_TransferPrivateKey *transfer_privs[KAPPA - 1]; unsigned int i; unsigned int j; int res; - for (i = 0; i < kappa - 1; i++) + for (i = 0; i < KAPPA - 1; i++) transfer_privs[i] = GNUNET_malloc (num_oldcoins * sizeof (struct TALER_TransferPrivateKey)); res = GNUNET_OK; - for (i = 0; i < kappa - 1; i++) + for (i = 0; i < KAPPA - 1; i++) { if (GNUNET_OK != res) break; @@ -806,10 +811,9 @@ handle_refresh_reveal_json (struct MHD_Connection *connection, else res = TALER_MINT_db_execute_refresh_reveal (connection, session_hash, - kappa, num_oldcoins, transfer_privs); - for (i = 0; i < kappa - 1; i++) + for (i = 0; i < KAPPA - 1; i++) GNUNET_free (transfer_privs[i]); return res; } @@ -840,7 +844,6 @@ TALER_MINT_handler_refresh_reveal (struct RequestHandler *rh, { struct GNUNET_HashCode session_hash; int res; - unsigned int kappa; unsigned int num_oldcoins; json_t *reveal_detail; json_t *root; @@ -869,15 +872,13 @@ TALER_MINT_handler_refresh_reveal (struct RequestHandler *rh, return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; /* Determine dimensionality of the request (kappa and #old coins) */ - kappa = json_array_size (transfer_privs) + 1; - if ( (2 > kappa) || (kappa > 31) ) + if (KAPPA != json_array_size (transfer_privs) + 1) { TALER_MINT_release_parsed_data (spec); return TALER_MINT_reply_arg_invalid (connection, "transfer_privs"); } /* Note we do +1 as 1 row (cut-and-choose!) is missing! */ - kappa++; res = GNUNET_MINT_parse_navigate_json (connection, transfer_privs, JNAV_INDEX, 0, @@ -892,7 +893,6 @@ TALER_MINT_handler_refresh_reveal (struct RequestHandler *rh, num_oldcoins = json_array_size (reveal_detail); res = handle_refresh_reveal_json (connection, &session_hash, - kappa, num_oldcoins, transfer_privs); TALER_MINT_release_parsed_data (spec); diff --git a/src/mint/taler_mintdb_plugin.h b/src/mint/taler_mintdb_plugin.h index d461413f..08a73479 100644 --- a/src/mint/taler_mintdb_plugin.h +++ b/src/mint/taler_mintdb_plugin.h @@ -247,14 +247,7 @@ struct RefreshSession uint16_t num_newcoins; /** - * Number of parallel operations we perform for the cut and choose. - * (must be greater or equal to three for security). 0 if not yet - * known. - */ - uint16_t kappa; - - /** - * Index (smaller @e kappa) which the mint has chosen to not + * Index (smaller #KAPPA) which the mint has chosen to not * have revealed during cut and choose. */ uint16_t noreveal_index; @@ -297,7 +290,7 @@ struct RefreshMelt /** * We have as many `struct RefreshCommitCoin` as there are new - * coins being created by the refresh (for each of the kappa + * coins being created by the refresh (for each of the #KAPPA * sets). These are the coins we ask the mint to sign if the * respective set is selected. */ @@ -816,7 +809,7 @@ struct TALER_MINTDB_Plugin * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database connection to use * @param session_hash hash to identify refresh session - * @param i set index (1st dimension), relating to kappa + * @param i set index (1st dimension), relating to #KAPPA * @param num_newcoins coin index size of the @a commit_coins array * @param commit_coin array of coin commitments to store * @return #GNUNET_OK on success @@ -861,7 +854,7 @@ struct TALER_MINTDB_Plugin * @param cls the @e cls of this struct with the plugin-specific state * @param sesssion database connection to use * @param session_hash hash to identify refresh session - * @param i set index (1st dimension), relating to kappa + * @param i set index (1st dimension), relating to #KAPPA * @param num_links size of the @a commit_link array * @param commit_links array of link information to store * @return #GNUNET_SYSERR on internal error, #GNUNET_OK on success -- cgit v1.2.3