taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

messing with CS/RSA fixes

Browse Source
This commit is contained in:
Christian Grothoff 2022-02-04 19:29:52 +01:00
parent 7d2a1a596a
commit 03fd154a69
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
9 changed files with 34 additions and 342 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/include/taler_crypto_lib.h
View File

@ -987,6 +987,17 @@ struct TALER_ExchangeWithdrawValues
void void
TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub); TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub);
/**
* Create private key for a Taler coin.
*
* @param[out] coin_priv private key to initialize
*/
void
TALER_planchet_setup_coin_priv (
struct TALER_CoinSpendPrivateKeyP *coin_priv);
/** /**
* @brief Method to derive withdraw nonce * @brief Method to derive withdraw nonce
* *
@ -1472,9 +1483,9 @@ TALER_planchet_setup_refresh (const struct TALER_TransferSecretP *secret_seed,
* @oaram alg_values WitdrawValues containing cipher * @oaram alg_values WitdrawValues containing cipher
*/ */
void void
TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps, TALER_planchet_setup_random (
const struct struct TALER_PlanchetSecretsP *ps,
TALER_ExchangeWithdrawValues *alg_values); const struct TALER_ExchangeWithdrawValues *alg_values);
/** /**
* Create a blinding secret @a bs for @a cipher. * Create a blinding secret @a bs for @a cipher.

1
src/include/taler_exchange_service.h
View File

@ -1461,7 +1461,6 @@ TALER_EXCHANGE_withdraw (
const struct TALER_EXCHANGE_DenomPublicKey *pk, const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_ReservePrivateKeyP *reserve_priv, const struct TALER_ReservePrivateKeyP *reserve_priv,
struct TALER_PlanchetSecretsP *ps, struct TALER_PlanchetSecretsP *ps,
struct TALER_ExchangeWithdrawValues *alg_values,
TALER_EXCHANGE_WithdrawCallback res_cb, TALER_EXCHANGE_WithdrawCallback res_cb,
void *res_cb_cls); void *res_cb_cls);

46
src/include/taler_testing_lib.h
View File

@ -66,13 +66,11 @@ TALER_TESTING_make_wire_details (const char *payto);
* *
* @param keys array of keys to search * @param keys array of keys to search
* @param amount coin value to look for * @param amount coin value to look for
* @param cipher denomination cipher
* @return NULL if no matching key was found * @return NULL if no matching key was found
*/ */
const struct TALER_EXCHANGE_DenomPublicKey * const struct TALER_EXCHANGE_DenomPublicKey *
TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys, TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys,
const struct TALER_Amount *amount, const struct TALER_Amount *amount);
const enum TALER_DenominationCipher cipher);
/** /**
@ -1290,24 +1288,6 @@ TALER_TESTING_cmd_withdraw_amount (const char *label,
unsigned int expected_response_code); unsigned int expected_response_code);
/**
* Create a withdraw command using a CS denomination, letting the caller specify
* the desired amount as string.
*
* @param label command label.
* @param reserve_reference command providing us with a reserve to withdraw from
* @param amount how much we withdraw.
* @param expected_response_code which HTTP response code
* we expect from the exchange.
* @return the withdraw command to be executed by the interpreter.
*/
struct TALER_TESTING_Command
TALER_TESTING_cmd_withdraw_cs_amount (const char *label,
const char *reserve_reference,
const char *amount,
unsigned int expected_response_code);
/** /**
* Create a withdraw command, letting the caller specify * Create a withdraw command, letting the caller specify
* the desired amount as string and also re-using an existing * the desired amount as string and also re-using an existing
@ -1332,30 +1312,6 @@ TALER_TESTING_cmd_withdraw_amount_reuse_key (
unsigned int expected_response_code); unsigned int expected_response_code);
/**
* Create a CS withdraw command, letting the caller specify
* the desired amount as string and also re-using an existing
* coin private key in the process (violating the specification,
* which will result in an error when spending the coin!).
*
* @param label command label.
* @param reserve_reference command providing us with a reserve to withdraw from
* @param amount how much we withdraw.
* @param coin_ref reference to (withdraw/reveal) command of a coin
* from which we should re-use the private key
* @param expected_response_code which HTTP response code
* we expect from the exchange.
* @return the withdraw command to be executed by the interpreter.
*/
struct TALER_TESTING_Command
TALER_TESTING_cmd_withdraw_cs_amount_reuse_key (
const char *label,
const char *reserve_reference,
const char *amount,
const char *coin_ref,
unsigned int expected_response_code);
/** /**
* Create withdraw command, letting the caller specify the * Create withdraw command, letting the caller specify the
* amount by a denomination key. * amount by a denomination key.

20
src/lib/exchange_api_withdraw.c
View File

@ -220,31 +220,12 @@ withdraw_cs_stage_two_callback (void *cls,
} }
/**
* Withdraw a coin from the exchange using a /reserve/withdraw request. Note
* that to ensure that no money is lost in case of hardware failures,
* the caller must have committed (most of) the arguments to disk
* before calling, and be ready to repeat the request with the same
* arguments in case of failures.
*
* @param exchange the exchange handle; the exchange must be ready to operate
* @param pk kind of coin to create
* @param reserve_priv private key of the reserve to withdraw from
* @param ps secrets of the planchet
* caller must have committed this value to disk before the call (with @a pk)
* @param res_cb the callback to call when the final result for this request is available
* @param res_cb_cls closure for the above callback
* @return handle for the operation on success, NULL on error, i.e.
* if the inputs are invalid (i.e. denomination key not with this exchange).
* In this case, the callback is not called.
*/
struct TALER_EXCHANGE_WithdrawHandle * struct TALER_EXCHANGE_WithdrawHandle *
TALER_EXCHANGE_withdraw ( TALER_EXCHANGE_withdraw (
struct TALER_EXCHANGE_Handle *exchange, struct TALER_EXCHANGE_Handle *exchange,
const struct TALER_EXCHANGE_DenomPublicKey *pk, const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_ReservePrivateKeyP *reserve_priv, const struct TALER_ReservePrivateKeyP *reserve_priv,
struct TALER_PlanchetSecretsP *ps, struct TALER_PlanchetSecretsP *ps,
struct TALER_ExchangeWithdrawValues *alg_values,
TALER_EXCHANGE_WithdrawCallback res_cb, TALER_EXCHANGE_WithdrawCallback res_cb,
void *res_cb_cls) void *res_cb_cls)
{ {
@ -256,7 +237,6 @@ TALER_EXCHANGE_withdraw (
wh->cb_cls = res_cb_cls; wh->cb_cls = res_cb_cls;
wh->reserve_priv = reserve_priv; wh->reserve_priv = reserve_priv;
wh->ps = *ps; wh->ps = *ps;
wh->alg_values = *alg_values,
wh->pk = *pk; wh->pk = *pk;
wh->csrh = NULL; wh->csrh = NULL;

146
src/testing/test_exchange_api.c
View File

@ -890,145 +890,6 @@ run (void *cls,
TALER_TESTING_cmd_end () TALER_TESTING_cmd_end ()
}; };
/**
* Test CS withdrawal plus spending.
*/
struct TALER_TESTING_Command withdraw_cs[] = {
/**
* Move money to the exchange's bank account.
*/
CMD_TRANSFER_TO_EXCHANGE ("create-reserve-cs-1",
"EUR:6.02"),
TALER_TESTING_cmd_check_bank_admin_transfer ("check-create-reserve-cs-1",
"EUR:6.02",
bc.user42_payto,
bc.exchange_payto,
"create-reserve-cs-1"),
/**
* Make a reserve exist, according to the previous
* transfer.
*/
CMD_EXEC_WIREWATCH ("wirewatch-cs-1"),
/**
* Withdraw EUR:5.
*/
TALER_TESTING_cmd_withdraw_cs_amount ("withdraw-cs-coin-1",
"create-reserve-cs-1",
"EUR:5",
MHD_HTTP_OK),
/**
* Withdraw EUR:1 using the SAME private coin key as for the previous coin
* (in violation of the specification, to be detected on spending!).
*/
TALER_TESTING_cmd_withdraw_cs_amount_reuse_key ("withdraw-cs-coin-1x",
"create-reserve-cs-1",
"EUR:1",
"withdraw-cs-coin-1",
MHD_HTTP_OK),
/**
* Check the reserve is depleted.
*/
TALER_TESTING_cmd_status ("status-cs-1",
"create-reserve-cs-1",
"EUR:0",
MHD_HTTP_OK),
/*
* Try to overdraw.
*/
TALER_TESTING_cmd_withdraw_cs_amount ("withdraw-cs-coin-2",
"create-reserve-cs-1",
"EUR:5",
MHD_HTTP_CONFLICT),
// TODO: add test for nonce reuse
TALER_TESTING_cmd_end ()
};
struct TALER_TESTING_Command spend_cs[] = {
/**
* Spend the coin.
*/
TALER_TESTING_cmd_deposit ("deposit-cs-simple",
"withdraw-cs-coin-1",
0,
bc.user42_payto,
"{\"items\":[{\"name\":\"ice cream\",\"value\":1}]}",
GNUNET_TIME_UNIT_ZERO,
"EUR:5",
MHD_HTTP_OK),
TALER_TESTING_cmd_deposit_replay ("deposit-cs-simple-replay",
"deposit-cs-simple",
MHD_HTTP_OK),
TALER_TESTING_cmd_deposit ("deposit-cs-reused-coin-key-failure",
"withdraw-cs-coin-1x",
0,
bc.user42_payto,
"{\"items\":[{\"name\":\"ice cream\",\"value\":1}]}",
GNUNET_TIME_UNIT_ZERO,
"EUR:1",
MHD_HTTP_CONFLICT),
/**
* Try to double spend using different wire details.
*/
TALER_TESTING_cmd_deposit ("deposit-cs-double-1",
"withdraw-cs-coin-1",
0,
bc.user43_payto,
"{\"items\":[{\"name\":\"ice cream\",\"value\":1}]}",
GNUNET_TIME_UNIT_ZERO,
"EUR:5",
MHD_HTTP_CONFLICT),
/* Try to double spend using a different transaction id.
* The test needs the contract terms to differ. This
* is currently the case because of the "timestamp" field,
* which is set automatically by #TALER_TESTING_cmd_deposit().
* This could theoretically fail if at some point a deposit
* command executes in less than 1 ms. *///
TALER_TESTING_cmd_deposit ("deposit-cs-double-1",
"withdraw-cs-coin-1",
0,
bc.user43_payto,
"{\"items\":[{\"name\":\"ice cream\",\"value\":1}]}",
GNUNET_TIME_UNIT_ZERO,
"EUR:5",
MHD_HTTP_CONFLICT),
/**
* Try to double spend with different proposal.
*/
TALER_TESTING_cmd_deposit ("deposit-cs-double-2",
"withdraw-cs-coin-1",
0,
bc.user43_payto,
"{\"items\":[{\"name\":\"ice cream\",\"value\":2}]}",
GNUNET_TIME_UNIT_ZERO,
"EUR:5",
MHD_HTTP_CONFLICT),
TALER_TESTING_cmd_end ()
};
// TODO: CS refresh
struct TALER_TESTING_Command track_cs[] = {
/* Try resolving a deposit's WTID, as we never triggered
* execution of transactions, the answer should be that
* the exchange knows about the deposit, but has no WTID yet.
*///
TALER_TESTING_cmd_track_transaction ("deposit-cs-wtid-found",
"deposit-cs-simple",
0,
MHD_HTTP_ACCEPTED,
NULL),
/* Try resolving a deposit's WTID for a failed deposit.
* As the deposit failed, the answer should be that the
* exchange does NOT know about the deposit.
*/
TALER_TESTING_cmd_track_transaction ("deposit-cs-wtid-failing",
"deposit-cs-double-2",
0,
MHD_HTTP_NOT_FOUND,
NULL),
TALER_TESTING_cmd_end ()
};
#define RESERVE_OPEN_CLOSE_CHUNK 4 #define RESERVE_OPEN_CLOSE_CHUNK 4
#define RESERVE_OPEN_CLOSE_ITERATIONS 3 #define RESERVE_OPEN_CLOSE_ITERATIONS 3
@ -1098,13 +959,6 @@ run (void *cls,
refund), refund),
TALER_TESTING_cmd_batch ("recoup", TALER_TESTING_cmd_batch ("recoup",
recoup), recoup),
TALER_TESTING_cmd_batch ("withdraw-cs",
withdraw_cs),
TALER_TESTING_cmd_batch ("spend-cs",
spend_cs),
// TODO: Clause Schnorr refresh
TALER_TESTING_cmd_batch ("track-cs",
track_cs),
TALER_TESTING_cmd_batch ("reserve-open-close", TALER_TESTING_cmd_batch ("reserve-open-close",
reserve_open_close), reserve_open_close),
/* End the suite. */ /* End the suite. */

4
src/testing/testing_api_cmd_refresh.c
View File

@ -1049,9 +1049,7 @@ melt_run (void *cls,
return; return;
} }
fresh_pk = TALER_TESTING_find_pk (TALER_EXCHANGE_get_keys (is->exchange), fresh_pk = TALER_TESTING_find_pk (TALER_EXCHANGE_get_keys (is->exchange),
&fresh_amount, &fresh_amount);
// FIXME: replace hardcoded value
TALER_DENOMINATION_RSA);
if (NULL == fresh_pk) if (NULL == fresh_pk)
{ {
GNUNET_break (0); GNUNET_break (0);

84
src/testing/testing_api_cmd_withdraw.c
View File

@ -72,11 +72,6 @@ struct WithdrawState
*/ */
struct TALER_Amount amount; struct TALER_Amount amount;
/**
* Type of denomination that we should withdraw
*/
enum TALER_DenominationCipher cipher;
/** /**
* If @e amount is NULL, this specifies the denomination key to * If @e amount is NULL, this specifies the denomination key to
* use. Otherwise, this will be set (by the interpreter) to the * use. Otherwise, this will be set (by the interpreter) to the
@ -120,11 +115,6 @@ struct WithdrawState
*/ */
struct TALER_PlanchetSecretsP ps; struct TALER_PlanchetSecretsP ps;
/**
* Withdraw Values used for planchet creation
*/
struct TALER_ExchangeWithdrawValues alg_values;
/** /**
* Reserve history entry that corresponds to this operation. * Reserve history entry that corresponds to this operation.
* Will be of type #TALER_EXCHANGE_RTT_WITHDRAWAL. * Will be of type #TALER_EXCHANGE_RTT_WITHDRAWAL.
@ -396,10 +386,9 @@ withdraw_run (void *cls,
ws->reserve_payto_uri ws->reserve_payto_uri
= TALER_payto_from_reserve (ws->exchange_url, = TALER_payto_from_reserve (ws->exchange_url,
&ws->reserve_pub); &ws->reserve_pub);
ws->alg_values.cipher = ws->cipher;
if (NULL == ws->reuse_coin_key_ref) if (NULL == ws->reuse_coin_key_ref)
{ {
TALER_planchet_setup_random (&ws->ps, &ws->alg_values); TALER_planchet_setup_coin_priv (&ws->ps.coin_priv);
} }
else else
{ {
@ -420,14 +409,13 @@ withdraw_run (void *cls,
TALER_TESTING_get_trait_coin_priv (cref, TALER_TESTING_get_trait_coin_priv (cref,
index, index,
&coin_priv)); &coin_priv));
TALER_planchet_setup_random (&ws->ps, &ws->alg_values); TALER_planchet_setup_coin_priv (&ws->ps.coin_priv);
ws->ps.coin_priv = *coin_priv; ws->ps.coin_priv = *coin_priv;
} }
if (NULL == ws->pk) if (NULL == ws->pk)
{ {
dpk = TALER_TESTING_find_pk (TALER_EXCHANGE_get_keys (is->exchange), dpk = TALER_TESTING_find_pk (TALER_EXCHANGE_get_keys (is->exchange),
&ws->amount, &ws->amount);
ws->cipher);
if (NULL == dpk) if (NULL == dpk)
{ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@ -455,7 +443,6 @@ withdraw_run (void *cls,
ws->pk, ws->pk,
rp, rp,
&ws->ps, &ws->ps,
&ws->alg_values,
&reserve_withdraw_cb, &reserve_withdraw_cb,
ws); ws);
if (NULL == ws->wsh) if (NULL == ws->wsh)
@ -570,8 +557,6 @@ TALER_TESTING_cmd_withdraw_amount (const char *label,
const char *amount, const char *amount,
unsigned int expected_response_code) unsigned int expected_response_code)
{ {
// TODO: ATM this is hardcoded to RSA denominations
// (use TALER_TESTING_cmd_withdraw_cs_amount for Clause Schnorr)
struct WithdrawState *ws; struct WithdrawState *ws;
ws = GNUNET_new (struct WithdrawState); ws = GNUNET_new (struct WithdrawState);
@ -587,43 +572,6 @@ TALER_TESTING_cmd_withdraw_amount (const char *label,
GNUNET_assert (0); GNUNET_assert (0);
} }
ws->expected_response_code = expected_response_code; ws->expected_response_code = expected_response_code;
ws->cipher = TALER_DENOMINATION_RSA;
{
struct TALER_TESTING_Command cmd = {
.cls = ws,
.label = label,
.run = &withdraw_run,
.cleanup = &withdraw_cleanup,
.traits = &withdraw_traits
};
return cmd;
}
}
struct TALER_TESTING_Command
TALER_TESTING_cmd_withdraw_cs_amount (const char *label,
const char *reserve_reference,
const char *amount,
unsigned int expected_response_code)
{
struct WithdrawState *ws;
ws = GNUNET_new (struct WithdrawState);
ws->reserve_reference = reserve_reference;
if (GNUNET_OK !=
TALER_string_to_amount (amount,
&ws->amount))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Failed to parse amount `%s' at %s\n",
amount,
label);
GNUNET_assert (0);
}
ws->expected_response_code = expected_response_code;
ws->cipher = TALER_DENOMINATION_CS;
{ {
struct TALER_TESTING_Command cmd = { struct TALER_TESTING_Command cmd = {
.cls = ws, .cls = ws,
@ -661,8 +609,6 @@ TALER_TESTING_cmd_withdraw_amount_reuse_key (
const char *coin_ref, const char *coin_ref,
unsigned int expected_response_code) unsigned int expected_response_code)
{ {
// TODO: ATM this is hardcoded to RSA denominations
// (use TALER_TESTING_cmd_withdraw_cs_amount for Clause Schnorr)
struct TALER_TESTING_Command cmd; struct TALER_TESTING_Command cmd;
cmd = TALER_TESTING_cmd_withdraw_amount (label, cmd = TALER_TESTING_cmd_withdraw_amount (label,
@ -678,29 +624,6 @@ TALER_TESTING_cmd_withdraw_amount_reuse_key (
} }
struct TALER_TESTING_Command
TALER_TESTING_cmd_withdraw_cs_amount_reuse_key (
const char *label,
const char *reserve_reference,
const char *amount,
const char *coin_ref,
unsigned int expected_response_code)
{
struct TALER_TESTING_Command cmd;
cmd = TALER_TESTING_cmd_withdraw_cs_amount (label,
reserve_reference,
amount,
expected_response_code);
{
struct WithdrawState *ws = cmd.cls;
ws->reuse_coin_key_ref = coin_ref;
}
return cmd;
}
/** /**
* Create withdraw command, letting the caller specify the * Create withdraw command, letting the caller specify the
* amount by a denomination key. * amount by a denomination key.
@ -733,7 +656,6 @@ TALER_TESTING_cmd_withdraw_denomination (
ws->reserve_reference = reserve_reference; ws->reserve_reference = reserve_reference;
ws->pk = TALER_EXCHANGE_copy_denomination_key (dk); ws->pk = TALER_EXCHANGE_copy_denomination_key (dk);
ws->expected_response_code = expected_response_code; ws->expected_response_code = expected_response_code;
ws->cipher = dk->key.cipher;
{ {
struct TALER_TESTING_Command cmd = { struct TALER_TESTING_Command cmd = {
.cls = ws, .cls = ws,

34
src/testing/testing_api_helpers_exchange.c
View File

@ -411,18 +411,9 @@ TALER_TESTING_prepare_exchange (const char *config_filename,
} }
/**
* Find denomination key matching the given amount.
*
* @param keys array of keys to search
* @param amount coin value to look for
* @param cipher denomination cipher
* @return NULL if no matching key was found
*/
const struct TALER_EXCHANGE_DenomPublicKey * const struct TALER_EXCHANGE_DenomPublicKey *
TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys, TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys,
const struct TALER_Amount *amount, const struct TALER_Amount *amount)
const enum TALER_DenominationCipher cipher)
{ {
struct GNUNET_TIME_Timestamp now; struct GNUNET_TIME_Timestamp now;
struct TALER_EXCHANGE_DenomPublicKey *pk; struct TALER_EXCHANGE_DenomPublicKey *pk;
@ -432,8 +423,6 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys,
for (unsigned int i = 0; i<keys->num_denom_keys; i++) for (unsigned int i = 0; i<keys->num_denom_keys; i++)
{ {
pk = &keys->denom_keys[i]; pk = &keys->denom_keys[i];
if (cipher != pk->key.cipher)
continue;
if ( (0 == TALER_amount_cmp (amount, if ( (0 == TALER_amount_cmp (amount,
&pk->value)) && &pk->value)) &&
(GNUNET_TIME_timestamp_cmp (now, (GNUNET_TIME_timestamp_cmp (now,
@ -450,8 +439,6 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys,
for (unsigned int i = 0; i<keys->num_denom_keys; i++) for (unsigned int i = 0; i<keys->num_denom_keys; i++)
{ {
pk = &keys->denom_keys[i]; pk = &keys->denom_keys[i];
if (cipher != pk->key.cipher)
continue;
if ( (0 == TALER_amount_cmp (amount, if ( (0 == TALER_amount_cmp (amount,
&pk->value)) && &pk->value)) &&
(GNUNET_TIME_timestamp_cmp (now, (GNUNET_TIME_timestamp_cmp (now,
@ -473,25 +460,6 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys,
return NULL; return NULL;
} }
} }
// do 3rd pass to check if cipher type is to blame for failure
for (unsigned int i = 0; i<keys->num_denom_keys; i++)
{
pk = &keys->denom_keys[i];
if ( (0 == TALER_amount_cmp (amount,
&pk->value)) &&
(cipher != pk->key.cipher) )
{
GNUNET_log
(GNUNET_ERROR_TYPE_WARNING,
"Have denomination key for `%s', but with wrong"
" cipher type %d vs %d\n",
str,
cipher,
pk->key.cipher);
GNUNET_free (str);
return NULL;
}
}
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"No denomination key for amount %s found\n", "No denomination key for amount %s found\n",
str); str);

24
src/util/crypto.c
View File

@ -245,19 +245,23 @@ TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps,
} }
/**
* @brief setup a random planchet
* In Case of RSA planchet, the bks gets set
* In Case of Clause Schnorr this will be set in future
*/
void void
TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps, TALER_planchet_setup_coin_priv (
const struct struct TALER_CoinSpendPrivateKeyP *coin_priv)
TALER_ExchangeWithdrawValues *alg_values)
{ {
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG, GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
&ps->coin_priv, coin_priv,
sizeof (struct TALER_CoinSpendPrivateKeyP)); sizeof (*coin_priv));
// FIXME-jeff/dold: Clamping?
}
void
TALER_planchet_setup_random (
struct TALER_PlanchetSecretsP *ps,
const struct TALER_ExchangeWithdrawValues *alg_values)
{
TALER_planchet_setup_coin_priv (&ps->coin_priv);
switch (alg_values->cipher) switch (alg_values->cipher)
{ {
case TALER_DENOMINATION_INVALID: case TALER_DENOMINATION_INVALID: