mint-httpd_db.c now compiles again
This commit is contained in:
parent
c3731d0df7
commit
019af0919e
@ -284,6 +284,22 @@ struct TALER_RefreshLinkDecrypted
|
|||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Use the @a trans_sec (from ECDHE) to decrypt the @a secret_enc
|
||||||
|
* to obtain the @a secret to decrypt the linkage data.
|
||||||
|
*
|
||||||
|
* @param secret_enc encrypted secret (FIXME: use different type!)
|
||||||
|
* @param trans_sec transfer secret (FIXME: use different type?)
|
||||||
|
* @param secret shared secret for refresh link decryption
|
||||||
|
* (FIXME: use different type?)
|
||||||
|
* @return #GNUNET_OK on success
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
TALER_transfer_decrypt (const struct GNUNET_HashCode *secret_enc,
|
||||||
|
const struct GNUNET_HashCode *trans_sec,
|
||||||
|
struct GNUNET_HashCode *secret);
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Decrypt refresh link information.
|
* Decrypt refresh link information.
|
||||||
*
|
*
|
||||||
|
@ -179,10 +179,10 @@ struct RefreshCommitLink
|
|||||||
struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub;
|
struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* FIXME: this can't be exactly the shared secret, must
|
* FIXME: this is the encrypted shared secret, should use
|
||||||
* be a commitment to it or something.
|
* a different type...
|
||||||
*/
|
*/
|
||||||
struct GNUNET_HashCode shared_secret;
|
struct GNUNET_HashCode shared_secret_enc;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
@ -1172,7 +1172,7 @@ TALER_MINT_DB_insert_refresh_commit_link (PGconn *db_conn,
|
|||||||
TALER_DB_QUERY_PARAM_PTR(&commit_link->transfer_pub),
|
TALER_DB_QUERY_PARAM_PTR(&commit_link->transfer_pub),
|
||||||
TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo),
|
TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo),
|
||||||
TALER_DB_QUERY_PARAM_PTR(&oldcoin_index_nbo),
|
TALER_DB_QUERY_PARAM_PTR(&oldcoin_index_nbo),
|
||||||
TALER_DB_QUERY_PARAM_PTR(&commit_link->shared_secret),
|
TALER_DB_QUERY_PARAM_PTR(&commit_link->shared_secret_enc),
|
||||||
TALER_DB_QUERY_PARAM_END
|
TALER_DB_QUERY_PARAM_END
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -1232,7 +1232,7 @@ TALER_MINT_DB_get_refresh_commit_link (PGconn *db_conn,
|
|||||||
|
|
||||||
struct TALER_DB_ResultSpec rs[] = {
|
struct TALER_DB_ResultSpec rs[] = {
|
||||||
TALER_DB_RESULT_SPEC("transfer_pub", &cc->transfer_pub),
|
TALER_DB_RESULT_SPEC("transfer_pub", &cc->transfer_pub),
|
||||||
TALER_DB_RESULT_SPEC("link_secret_enc", &cc->shared_secret),
|
TALER_DB_RESULT_SPEC("link_secret_enc", &cc->shared_secret_enc),
|
||||||
TALER_DB_RESULT_SPEC_END
|
TALER_DB_RESULT_SPEC_END
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -953,10 +953,10 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
|
|||||||
return MHD_NO;
|
return MHD_NO;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (0 >= TALER_refresh_decrypt (commit_link.shared_secret_enc,
|
if (GNUNET_OK !=
|
||||||
TALER_REFRESH_SHARED_SECRET_LENGTH,
|
TALER_transfer_decrypt (&commit_link.shared_secret_enc,
|
||||||
&transfer_secret,
|
&transfer_secret,
|
||||||
&shared_secret))
|
&shared_secret))
|
||||||
{
|
{
|
||||||
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
||||||
"decryption failed\n");
|
"decryption failed\n");
|
||||||
@ -1001,16 +1001,14 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
|
|||||||
for (j = 0; j < refresh_session.num_newcoins; j++)
|
for (j = 0; j < refresh_session.num_newcoins; j++)
|
||||||
{
|
{
|
||||||
struct RefreshCommitCoin commit_coin;
|
struct RefreshCommitCoin commit_coin;
|
||||||
struct LinkData link_data;
|
struct TALER_RefreshLinkDecrypted *link_data;
|
||||||
// struct BlindedSignaturePurpose *coin_ev_check;
|
// struct BlindedSignaturePurpose *coin_ev_check;
|
||||||
struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub;
|
struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub;
|
||||||
struct GNUNET_CRYPTO_rsa_BlindingKey *bkey;
|
|
||||||
struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub;
|
struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub;
|
||||||
struct GNUNET_HashCode h_msg;
|
struct GNUNET_HashCode h_msg;
|
||||||
char *buf;
|
char *buf;
|
||||||
size_t buf_len;
|
size_t buf_len;
|
||||||
|
|
||||||
bkey = NULL;
|
|
||||||
res = TALER_MINT_DB_get_refresh_commit_coin (db_conn,
|
res = TALER_MINT_DB_get_refresh_commit_coin (db_conn,
|
||||||
refresh_session_pub,
|
refresh_session_pub,
|
||||||
i+off, j,
|
i+off, j,
|
||||||
@ -1022,11 +1020,9 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
|
|||||||
return MHD_NO;
|
return MHD_NO;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
link_data = TALER_refresh_decrypt (commit_coin.refresh_link,
|
||||||
if (0 >= TALER_refresh_decrypt (commit_coin.link_enc,
|
&last_shared_secret);
|
||||||
sizeof (struct LinkData),
|
if (NULL == link_data)
|
||||||
&last_shared_secret,
|
|
||||||
&link_data))
|
|
||||||
{
|
{
|
||||||
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
||||||
"decryption failed\n");
|
"decryption failed\n");
|
||||||
@ -1034,16 +1030,8 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
|
|||||||
return MHD_NO;
|
return MHD_NO;
|
||||||
}
|
}
|
||||||
|
|
||||||
GNUNET_CRYPTO_ecdsa_key_get_public (&link_data.coin_priv,
|
GNUNET_CRYPTO_ecdsa_key_get_public (&link_data->coin_priv,
|
||||||
&coin_pub);
|
&coin_pub);
|
||||||
if (NULL == (bkey = GNUNET_CRYPTO_rsa_blinding_key_decode (link_data.bkey_enc,
|
|
||||||
link_data.bkey_enc_size)))
|
|
||||||
{
|
|
||||||
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
|
||||||
"Invalid blinding key\n");
|
|
||||||
// FIXME: return error code!
|
|
||||||
return MHD_NO;
|
|
||||||
}
|
|
||||||
denom_pub = TALER_MINT_DB_get_refresh_order (db_conn,
|
denom_pub = TALER_MINT_DB_get_refresh_order (db_conn,
|
||||||
j,
|
j,
|
||||||
refresh_session_pub);
|
refresh_session_pub);
|
||||||
@ -1060,7 +1048,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
|
|||||||
&h_msg);
|
&h_msg);
|
||||||
if (0 == (buf_len =
|
if (0 == (buf_len =
|
||||||
GNUNET_CRYPTO_rsa_blind (&h_msg,
|
GNUNET_CRYPTO_rsa_blind (&h_msg,
|
||||||
bkey,
|
link_data->blinding_key,
|
||||||
denom_pub,
|
denom_pub,
|
||||||
&buf)))
|
&buf)))
|
||||||
{
|
{
|
||||||
@ -1133,7 +1121,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
|
|||||||
}
|
}
|
||||||
ev_sig = GNUNET_CRYPTO_rsa_sign (dki->denom_priv,
|
ev_sig = GNUNET_CRYPTO_rsa_sign (dki->denom_priv,
|
||||||
commit_coin.coin_ev,
|
commit_coin.coin_ev,
|
||||||
commit_coin.coin_ev_len);
|
commit_coin.coin_ev_size);
|
||||||
if (NULL == ev_sig)
|
if (NULL == ev_sig)
|
||||||
{
|
{
|
||||||
GNUNET_break (0);
|
GNUNET_break (0);
|
||||||
@ -1182,7 +1170,7 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
|
|||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
link_iter (void *cls,
|
link_iter (void *cls,
|
||||||
const struct LinkDataEnc *link_data_enc,
|
const struct TALER_RefreshLinkEncrypted *link_data_enc,
|
||||||
const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub,
|
const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub,
|
||||||
const struct GNUNET_CRYPTO_rsa_Signature *ev_sig)
|
const struct GNUNET_CRYPTO_rsa_Signature *ev_sig)
|
||||||
{
|
{
|
||||||
@ -1195,8 +1183,9 @@ link_iter (void *cls,
|
|||||||
json_array_append_new (list, obj);
|
json_array_append_new (list, obj);
|
||||||
|
|
||||||
json_object_set_new (obj, "link_enc",
|
json_object_set_new (obj, "link_enc",
|
||||||
TALER_JSON_from_data (link_data_enc,
|
TALER_JSON_from_data (link_data_enc->coin_priv_enc,
|
||||||
sizeof (struct LinkDataEnc)));
|
sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey) +
|
||||||
|
link_data_enc->blinding_key_enc_size));
|
||||||
|
|
||||||
buf_len = GNUNET_CRYPTO_rsa_public_key_encode (denom_pub,
|
buf_len = GNUNET_CRYPTO_rsa_public_key_encode (denom_pub,
|
||||||
&buf);
|
&buf);
|
||||||
@ -1231,7 +1220,7 @@ TALER_MINT_db_execute_refresh_link (struct MHD_Connection *connection,
|
|||||||
json_t *list;
|
json_t *list;
|
||||||
PGconn *db_conn;
|
PGconn *db_conn;
|
||||||
struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub;
|
struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub;
|
||||||
struct SharedSecretEnc shared_secret_enc;
|
struct GNUNET_HashCode shared_secret_enc;
|
||||||
|
|
||||||
if (NULL == (db_conn = TALER_MINT_DB_get_connection ()))
|
if (NULL == (db_conn = TALER_MINT_DB_get_connection ()))
|
||||||
{
|
{
|
||||||
@ -1287,7 +1276,7 @@ TALER_MINT_db_execute_refresh_link (struct MHD_Connection *connection,
|
|||||||
sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)));
|
sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)));
|
||||||
json_object_set_new (root, "secret_enc",
|
json_object_set_new (root, "secret_enc",
|
||||||
TALER_JSON_from_data (&shared_secret_enc,
|
TALER_JSON_from_data (&shared_secret_enc,
|
||||||
sizeof (struct SharedSecretEnc)));
|
sizeof (struct GNUNET_HashCode)));
|
||||||
return TALER_MINT_reply_json (connection,
|
return TALER_MINT_reply_json (connection,
|
||||||
root,
|
root,
|
||||||
MHD_HTTP_OK);
|
MHD_HTTP_OK);
|
||||||
|
@ -83,6 +83,33 @@ derive_refresh_key (const struct GNUNET_HashCode *secret,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Use the @a trans_sec (from ECDHE) to decrypt the @a secret_enc
|
||||||
|
* to obtain the @a secret to decrypt the linkage data.
|
||||||
|
*
|
||||||
|
* @param secret_enc encrypted secret (FIXME: use different type!)
|
||||||
|
* @param trans_sec transfer secret (FIXME: use different type?)
|
||||||
|
* @param secret shared secret for refresh link decryption
|
||||||
|
* (FIXME: use different type?)
|
||||||
|
* @return #GNUNET_OK on success
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
TALER_transfer_decrypt (const struct GNUNET_HashCode *secret_enc,
|
||||||
|
const struct GNUNET_HashCode *trans_sec,
|
||||||
|
struct GNUNET_HashCode *secret)
|
||||||
|
{
|
||||||
|
struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
|
||||||
|
struct GNUNET_CRYPTO_SymmetricSessionKey skey;
|
||||||
|
|
||||||
|
derive_refresh_key (trans_sec, &iv, &skey);
|
||||||
|
return GNUNET_CRYPTO_symmetric_decrypt (secret_enc,
|
||||||
|
sizeof (struct GNUNET_HashCode),
|
||||||
|
&skey,
|
||||||
|
&iv,
|
||||||
|
secret);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Decrypt refresh link information.
|
* Decrypt refresh link information.
|
||||||
*
|
*
|
||||||
|
Loading…
Reference in New Issue
Block a user