taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

implement POST /managment/keys

Browse Source
This commit is contained in:
Christian Grothoff 2020-12-10 11:49:20 +01:00
parent 5a24334e83
commit 35bec60894
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
7 changed files with 218 additions and 263 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/exchange/Makefile.am
View File

@ -89,6 +89,7 @@ taler_exchange_httpd_SOURCES = \
taler-exchange-httpd_management_auditors.c \ taler-exchange-httpd_management_auditors.c \
taler-exchange-httpd_management_auditors_AP_disable.c \ taler-exchange-httpd_management_auditors_AP_disable.c \
taler-exchange-httpd_management_denominations_HDP_revoke.c \ taler-exchange-httpd_management_denominations_HDP_revoke.c \
taler-exchange-httpd_management_post_keys.c \
taler-exchange-httpd_management_signkey_EP_revoke.c \ taler-exchange-httpd_management_signkey_EP_revoke.c \
taler-exchange-httpd_management_wire.c \ taler-exchange-httpd_management_wire.c \
taler-exchange-httpd_management_wire_disable.c \ taler-exchange-httpd_management_wire_disable.c \

21
src/exchange/taler-exchange-httpd_keys.c
View File

@ -1924,10 +1924,12 @@ load_fees (const char *section_name,
int int
TEH_keys_load_fees (const struct GNUNET_HashCode *h_denom_pub, TEH_keys_load_fees (const struct GNUNET_HashCode *h_denom_pub,
struct TALER_DenominationPublicKey *denom_pub,
struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta) struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta)
{ {
struct KeyStateHandle *ksh; struct KeyStateHandle *ksh;
struct HelperDenomination *hd; struct HelperDenomination *hd;
int ok;
ksh = get_key_state (); ksh = get_key_state ();
if (NULL == ksh) if (NULL == ksh)
@ -1941,16 +1943,21 @@ TEH_keys_load_fees (const struct GNUNET_HashCode *h_denom_pub,
meta->start = hd->start_time; meta->start = hd->start_time;
meta->expire_withdraw = GNUNET_TIME_absolute_add (meta->start, meta->expire_withdraw = GNUNET_TIME_absolute_add (meta->start,
hd->validity_duration); hd->validity_duration);
return load_fees (hd->section_name, ok = load_fees (hd->section_name,
meta); meta);
if (GNUNET_OK == ok)
denom_pub->rsa_public_key
= GNUNET_CRYPTO_rsa_public_key_dup (hd->denom_pub.rsa_public_key);
else
denom_pub->rsa_public_key
= NULL;
return ok;
} }
int int
TEH_keys_get_timing (const struct TALER_ExchangePublicKeyP *exchange_pub, TEH_keys_get_timing (const struct TALER_ExchangePublicKeyP *exchange_pub,
struct GNUNET_TIME_Absolute *start_sign, struct TALER_EXCHANGEDB_SignkeyMetaData *meta)
struct GNUNET_TIME_Absolute *end_sign,
struct GNUNET_TIME_Absolute *end_legal)
{ {
struct KeyStateHandle *ksh; struct KeyStateHandle *ksh;
struct HelperSignkey *hsk; struct HelperSignkey *hsk;
@ -1966,10 +1973,10 @@ TEH_keys_get_timing (const struct TALER_ExchangePublicKeyP *exchange_pub,
pid.public_key = exchange_pub->eddsa_pub; pid.public_key = exchange_pub->eddsa_pub;
hsk = GNUNET_CONTAINER_multipeermap_get (ksh->helpers.esign_keys, hsk = GNUNET_CONTAINER_multipeermap_get (ksh->helpers.esign_keys,
&pid); &pid);
*start_sign = hsk->start_time; meta->start = hsk->start_time;
*end_sign = GNUNET_TIME_absolute_add (*start_sign, meta->expire_sign = GNUNET_TIME_absolute_add (meta->start,
hsk->validity_duration); hsk->validity_duration);
*end_legal = GNUNET_TIME_absolute_add (*end_sign, meta->expire_legal = GNUNET_TIME_absolute_add (meta->expire_sign,
signkey_legal_duration); signkey_legal_duration);
return GNUNET_OK; return GNUNET_OK;
} }

10
src/exchange/taler-exchange-httpd_keys.h
View File

@ -248,11 +248,13 @@ TEH_keys_management_get_handler (const struct TEH_RequestHandler *rh,
* *
* @param h_denom_pub hash of the denomination public key * @param h_denom_pub hash of the denomination public key
* to use to derive the section name of the configuration to use * to use to derive the section name of the configuration to use
* @param[out] denom_pub set to the denomination public key (to be freed by caller!)
* @param[out] meta denomination type data to complete * @param[out] meta denomination type data to complete
* @return #GNUNET_OK on success * @return #GNUNET_OK on success
*/ */
int int
TEH_keys_load_fees (const struct GNUNET_HashCode *h_denom_pub, TEH_keys_load_fees (const struct GNUNET_HashCode *h_denom_pub,
struct TALER_DenominationPublicKey *denom_pub,
struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta); struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta);
@ -260,16 +262,12 @@ TEH_keys_load_fees (const struct GNUNET_HashCode *h_denom_pub,
* Load expiration times for the given onling signing key. * Load expiration times for the given onling signing key.
* *
* @param exchange_pub the online signing key * @param exchange_pub the online signing key
* @param[out] start_sign starting signing time * @param[out] meta set to meta data about the key
* @param[out] end_sign send signing time
* @param[out] end_legal legal expiration time
* @return #GNUNET_OK on success * @return #GNUNET_OK on success
*/ */
int int
TEH_keys_get_timing (const struct TALER_ExchangePublicKeyP *exchange_pub, TEH_keys_get_timing (const struct TALER_ExchangePublicKeyP *exchange_pub,
struct GNUNET_TIME_Absolute *start_sign, struct TALER_EXCHANGEDB_SignkeyMetaData *meta);
struct GNUNET_TIME_Absolute *end_sign,
struct GNUNET_TIME_Absolute *end_legal);
/** /**

33
src/exchange/taler-exchange-httpd_management_post_keys.c
View File

@ -27,6 +27,7 @@
#include "taler_json_lib.h" #include "taler_json_lib.h"
#include "taler_mhd_lib.h" #include "taler_mhd_lib.h"
#include "taler_signatures.h" #include "taler_signatures.h"
#include "taler-exchange-httpd_keys.h"
#include "taler-exchange-httpd_management.h" #include "taler-exchange-httpd_management.h"
#include "taler-exchange-httpd_responses.h" #include "taler-exchange-httpd_responses.h"
@ -125,6 +126,7 @@ add_keys (void *cls,
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
bool is_active = false; bool is_active = false;
struct TALER_EXCHANGEDB_DenominationKeyMetaData meta; struct TALER_EXCHANGEDB_DenominationKeyMetaData meta;
struct TALER_DenominationPublicKey denom_pub;
/* For idempotency, check if the key is already active */ /* For idempotency, check if the key is already active */
qs = TEH_plugin->lookup_denomination_key ( qs = TEH_plugin->lookup_denomination_key (
@ -147,6 +149,7 @@ add_keys (void *cls,
{ {
if (GNUNET_OK != if (GNUNET_OK !=
TEH_keys_load_fees (&akc->d_sigs[i].h_denom_pub, TEH_keys_load_fees (&akc->d_sigs[i].h_denom_pub,
&denom_pub,
&meta)) &meta))
{ {
*mhd_ret = TALER_MHD_reply_with_error ( *mhd_ret = TALER_MHD_reply_with_error (
@ -159,13 +162,13 @@ add_keys (void *cls,
} }
else else
{ {
active = true; is_active = true;
} }
/* check signature is valid */ /* check signature is valid */
{ {
if (GNUNET_OK != if (GNUNET_OK !=
TALER_exchange_offline_denomkey_validity_verify ( TALER_exchange_offline_denom_validity_verify (
&akc->d_sigs[i].h_denom_pub, &akc->d_sigs[i].h_denom_pub,
meta.start, meta.start,
meta.expire_withdraw, meta.expire_withdraw,
@ -189,12 +192,15 @@ add_keys (void *cls,
} }
if (is_active) if (is_active)
continue; /* skip, already known */ continue; /* skip, already known */
qs = TEH_plugin->activate_denomination_key ( qs = TEH_plugin->add_denomination_key (
TEH_plugin->cls, TEH_plugin->cls,
session, session,
&akc->d_sigs[i].h_denom_pub, &akc->d_sigs[i].h_denom_pub,
&denom_pub,
&meta,
&TEH_master_public_key, &TEH_master_public_key,
&akc->d_sigs[i].master_sig); &akc->d_sigs[i].master_sig);
GNUNET_CRYPTO_rsa_public_key_free (denom_pub.rsa_public_key);
if (qs < 0) if (qs < 0)
{ {
if (GNUNET_DB_STATUS_SOFT_ERROR == qs) if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
@ -214,17 +220,13 @@ add_keys (void *cls,
{ {
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
bool is_active = false; bool is_active = false;
struct GNUNET_TIME_Absolute start_sign; struct TALER_EXCHANGEDB_SignkeyMetaData meta;
struct GNUNET_TIME_Absolute end_sign;
struct GNUNET_TIME_Absolute end_legal;
qs = TEH_plugin->lookup_signing_key ( qs = TEH_plugin->lookup_signing_key (
TEH_plugin->cls, TEH_plugin->cls,
session, session,
&akc->s_sigs[i].exchange_pub, &akc->s_sigs[i].exchange_pub,
&start_sign, &meta);
&end_sign,
&end_legal);
if (qs < 0) if (qs < 0)
{ {
if (GNUNET_DB_STATUS_SOFT_ERROR == qs) if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
@ -240,9 +242,7 @@ add_keys (void *cls,
{ {
if (GNUNET_OK != if (GNUNET_OK !=
TEH_keys_get_timing (&akc->s_sigs[i].exchange_pub, TEH_keys_get_timing (&akc->s_sigs[i].exchange_pub,
&start_sign, &meta))
&end_sign,
&end_legal))
{ {
/* For idempotency, check if the key is already active */ /* For idempotency, check if the key is already active */
*mhd_ret = TALER_MHD_reply_with_error ( *mhd_ret = TALER_MHD_reply_with_error (
@ -263,9 +263,9 @@ add_keys (void *cls,
if (GNUNET_OK != if (GNUNET_OK !=
TALER_exchange_offline_signkey_validity_verify ( TALER_exchange_offline_signkey_validity_verify (
&akc->s_sigs[i].exchange_pub, &akc->s_sigs[i].exchange_pub,
start_sign, meta.start,
end_sign, meta.expire_sign,
end_legal, meta.expire_legal,
&TEH_master_public_key, &TEH_master_public_key,
&akc->s_sigs[i].master_sig)) &akc->s_sigs[i].master_sig))
{ {
@ -282,7 +282,8 @@ add_keys (void *cls,
qs = TEH_plugin->activate_signing_key ( qs = TEH_plugin->activate_signing_key (
TEH_plugin->cls, TEH_plugin->cls,
session, session,
&akc->s_sigs[i].exchange_pub, // FIXME: provision meta data!? &akc->s_sigs[i].exchange_pub,
&meta,
&akc->s_sigs[i].master_sig); &akc->s_sigs[i].master_sig);
if (qs < 0) if (qs < 0)
{ {

36
src/exchangedb/exchange-0002.sql
View File

@ -42,42 +42,6 @@ COMMENT ON INDEX prepare_get_index
IS 'for wire_prepare_data_get'; IS 'for wire_prepare_data_get';
-- NOTE: current thinking is that we will NOT need this table!
-- => Instead, 'future' keys are only with the secmod until
-- the offline key is provided!
CREATE TABLE IF NOT EXISTS future_denominations
(denom_pub_hash BYTEA PRIMARY KEY CHECK (LENGTH(denom_pub_hash)=64)
,denom_pub BYTEA NOT NULL
,valid_from INT8 NOT NULL
,expire_withdraw INT8 NOT NULL
,expire_deposit INT8 NOT NULL
,expire_legal INT8 NOT NULL
,coin_val INT8 NOT NULL
,coin_frac INT4 NOT NULL
,fee_withdraw_val INT8 NOT NULL
,fee_withdraw_frac INT4 NOT NULL
,fee_deposit_val INT8 NOT NULL
,fee_deposit_frac INT4 NOT NULL
,fee_refresh_val INT8 NOT NULL
,fee_refresh_frac INT4 NOT NULL
,fee_refund_val INT8 NOT NULL
,fee_refund_frac INT4 NOT NULL
);
COMMENT ON TABLE future_denominations
IS 'Future denominations. Moved to denomiations once the master signature is provided. Kept separate (instead of using NULL-able master_sig column) to ensure denomination keys without master signature cannot satisfy foreign key constraints of other tables.';
COMMENT ON COLUMN future_denominations.valid_from
IS 'Earliest time when the private key can be used to withdraw.';
COMMENT ON COLUMN future_denominations.expire_withdraw
IS 'Latest time when the private key can be used to withdraw.';
CREATE INDEX IF NOT EXISTS future_denominations_expire_withdraw_index
ON future_denominations
(expire_withdraw);
COMMENT ON INDEX future_denominations_expire_withdraw_index
IS 'Future denominations that cannot be withdrawn anymore can be deleted.';
CREATE TABLE IF NOT EXISTS auditors CREATE TABLE IF NOT EXISTS auditors
(auditor_pub BYTEA PRIMARY KEY CHECK (LENGTH(auditor_pub)=32) (auditor_pub BYTEA PRIMARY KEY CHECK (LENGTH(auditor_pub)=32)
,auditor_name VARCHAR NOT NULL ,auditor_name VARCHAR NOT NULL

302
src/exchangedb/plugin_exchangedb_postgres.c
View File

@ -267,7 +267,7 @@ postgres_get_session (void *cls)
#endif #endif
struct GNUNET_PQ_PreparedStatement ps[] = { struct GNUNET_PQ_PreparedStatement ps[] = {
/* Used in #postgres_insert_denomination_info() [FIXME: soon obsolete!] and /* Used in #postgres_insert_denomination_info() [FIXME: soon obsolete!] and
#postgres_activate_denomination_key() */ #postgres_add_denomination_key() */
GNUNET_PQ_make_prepare ("denomination_insert", GNUNET_PQ_make_prepare ("denomination_insert",
"INSERT INTO denominations " "INSERT INTO denominations "
"(denom_pub_hash" "(denom_pub_hash"
@ -1548,25 +1548,25 @@ postgres_get_session (void *cls)
") VALUES " ") VALUES "
"($1, $2);", "($1, $2);",
2), 2),
/* used in #postgres_lookup_future_denomination_key() */ /* used in #postgres_insert_signkey() */
GNUNET_PQ_make_prepare ("lookup_future_denomination_key", GNUNET_PQ_make_prepare ("insert_signkey",
"INSERT INTO exchange_sign_keys "
"(exchange_pub"
",valid_from"
",expire_sign"
",expire_legal"
",master_sig"
") VALUES "
"($1, $2, $3, $4, $5);",
5),
/* used in #postgres_lookup_signing_key() */
GNUNET_PQ_make_prepare ("lookup_signing_key",
"SELECT" "SELECT"
" valid_from" " valid_from"
",expire_withdraw" ",expire_sign"
",expire_deposit"
",expire_legal" ",expire_legal"
",coin_val" " FROM exchange_sign_keys"
",coin_frac" " WHERE exchange_pub=$1",
",fee_withdraw_val"
",fee_withdraw_frac"
",fee_deposit_val"
",fee_deposit_frac"
",fee_refresh_val"
",fee_refresh_frac"
",fee_refund_val"
",fee_refund_frac"
" FROM future_denominations"
" WHERE denom_pub_hash=$1;",
1), 1),
/* used in #postgres_lookup_denomination_key() */ /* used in #postgres_lookup_denomination_key() */
GNUNET_PQ_make_prepare ("lookup_denomination_key", GNUNET_PQ_make_prepare ("lookup_denomination_key",
@ -1609,33 +1609,6 @@ postgres_get_session (void *cls)
" AND end_date > $2" " AND end_date > $2"
" AND start_date < $3;", " AND start_date < $3;",
1), 1),
/* used in #postgres_activate_denomination_key() */
GNUNET_PQ_make_prepare ("lookup_future_denomination_key_full",
"SELECT"
" denom_pub"
",valid_from"
",expire_withdraw"
",expire_deposit"
",expire_legal"
",coin_val"
",coin_frac"
",fee_withdraw_val"
",fee_withdraw_frac"
",fee_deposit_val"
",fee_deposit_frac"
",fee_refresh_val"
",fee_refresh_frac"
",fee_refund_val"
",fee_refund_frac"
" FROM future_denominations"
" WHERE denom_pub_hash=$1;",
1),
/* used in #postgres_activate_denomination_key() */
GNUNET_PQ_make_prepare ("delete_future_denomination",
"DELETE"
" FROM future_denominations"
" WHERE denom_pub_hash=$1;",
1),
/* used in #postgres_commit */ /* used in #postgres_commit */
GNUNET_PQ_make_prepare ("do_commit", GNUNET_PQ_make_prepare ("do_commit",
"COMMIT", "COMMIT",
@ -8495,56 +8468,6 @@ postgres_insert_signkey_revocation (
} }
/**
* Lookup information about a future denomination key.
*
* @param cls closure
* @param session a session
* @param h_denom_pub hash of the denomination public key
* @param[out] meta set to various meta data about the key
* @return transaction status code
*/
static enum GNUNET_DB_QueryStatus
postgres_lookup_future_denomination_key (
void *cls,
struct TALER_EXCHANGEDB_Session *session,
const struct GNUNET_HashCode *h_denom_pub,
struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta)
{
struct PostgresClosure *pg = cls;
struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (h_denom_pub),
GNUNET_PQ_query_param_end
};
struct GNUNET_PQ_ResultSpec rs[] = {
TALER_PQ_result_spec_absolute_time ("valid_from",
&meta->start),
TALER_PQ_result_spec_absolute_time ("expire_withdraw",
&meta->expire_withdraw),
TALER_PQ_result_spec_absolute_time ("expire_deposit",
&meta->expire_deposit),
TALER_PQ_result_spec_absolute_time ("expire_legal",
&meta->expire_legal),
TALER_PQ_RESULT_SPEC_AMOUNT ("coin",
&meta->value),
TALER_PQ_RESULT_SPEC_AMOUNT ("fee_withdraw",
&meta->fee_withdraw),
TALER_PQ_RESULT_SPEC_AMOUNT ("fee_deposit",
&meta->fee_deposit),
TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refresh",
&meta->fee_refresh),
TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refund",
&meta->fee_refund),
GNUNET_PQ_result_spec_end
};
return GNUNET_PQ_eval_prepared_singleton_select (session->conn,
"lookup_future_denomination_key",
params,
rs);
}
/** /**
* Lookup information about current denomination key. * Lookup information about current denomination key.
* *
@ -8605,100 +8528,139 @@ postgres_lookup_denomination_key (
* @param cls closure * @param cls closure
* @param session a session * @param session a session
* @param h_denom_pub hash of the denomination public key * @param h_denom_pub hash of the denomination public key
* @param meta meta data about the denomination
* @param master_pub master public key * @param master_pub master public key
* @param master_sig master signature to add * @param master_sig master signature to add
* @return transaction status code * @return transaction status code
*/ */
static enum GNUNET_DB_QueryStatus static enum GNUNET_DB_QueryStatus
postgres_activate_denomination_key ( postgres_add_denomination_key (
void *cls, void *cls,
struct TALER_EXCHANGEDB_Session *session, struct TALER_EXCHANGEDB_Session *session,
const struct GNUNET_HashCode *h_denom_pub, const struct GNUNET_HashCode *h_denom_pub,
const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta,
const struct TALER_MasterPublicKeyP *master_pub, const struct TALER_MasterPublicKeyP *master_pub,
const struct TALER_MasterSignatureP *master_sig) const struct TALER_MasterSignatureP *master_sig)
{ {
struct PostgresClosure *pg = cls; struct PostgresClosure *pg = cls;
struct TALER_EXCHANGEDB_DenominationKeyMetaData meta; struct GNUNET_PQ_QueryParam iparams[] = {
enum GNUNET_DB_QueryStatus qs;
struct TALER_DenominationPublicKey denom_pub;
struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (&h_denom_pub), GNUNET_PQ_query_param_auto_from_type (&h_denom_pub),
GNUNET_PQ_query_param_rsa_public_key (denom_pub->rsa_public_key),
GNUNET_PQ_query_param_auto_from_type (master_pub),
GNUNET_PQ_query_param_auto_from_type (master_sig),
TALER_PQ_query_param_absolute_time (&meta->start),
TALER_PQ_query_param_absolute_time (&meta->expire_withdraw),
TALER_PQ_query_param_absolute_time (&meta->expire_deposit),
TALER_PQ_query_param_absolute_time (&meta->expire_legal),
TALER_PQ_query_param_amount (&meta->value),
TALER_PQ_query_param_amount (&meta->fee_withdraw),
TALER_PQ_query_param_amount (&meta->fee_deposit),
TALER_PQ_query_param_amount (&meta->fee_refresh),
TALER_PQ_query_param_amount (&meta->fee_refund),
GNUNET_PQ_query_param_end
};
if (NULL == session)
session = postgres_get_session (pg);
if (NULL == session)
return GNUNET_DB_STATUS_HARD_ERROR;
/* Sanity check: ensure fees match coin currency */
GNUNET_assert (GNUNET_YES ==
TALER_amount_cmp_currency (&meta->value,
&meta->fee_withdraw));
GNUNET_assert (GNUNET_YES ==
TALER_amount_cmp_currency (&meta->value,
&meta->fee_deposit));
GNUNET_assert (GNUNET_YES ==
TALER_amount_cmp_currency (&meta->value,
&meta->fee_refresh));
GNUNET_assert (GNUNET_YES ==
TALER_amount_cmp_currency (&meta->value,
&meta->fee_refund));
return GNUNET_PQ_eval_prepared_non_select (session->conn,
"denomination_insert",
iparams);
}
/**
* Add signing key.
*
* @param cls closure
* @param session a session
* @param exchange_pub the exchange online signing public key
* @param meta meta data about @a exchange_pub
* @param master_sig master signature to add
* @return transaction status code
*/
static enum GNUNET_DB_QueryStatus
postgres_activate_signing_key (
void *cls,
struct TALER_EXCHANGEDB_Session *session,
const struct TALER_ExchangePublicKeyP *exchange_pub,
const struct TALER_EXCHANGEDB_SignkeyMetaData *meta,
const struct TALER_MasterSignatureP *master_sig)
{
struct PostgresClosure *pg = cls;
struct GNUNET_PQ_QueryParam iparams[] = {
GNUNET_PQ_query_param_auto_from_type (&exchange_pub),
TALER_PQ_query_param_absolute_time (&meta->start),
TALER_PQ_query_param_absolute_time (&meta->expire_sign),
TALER_PQ_query_param_absolute_time (&meta->expire_legal),
GNUNET_PQ_query_param_auto_from_type (master_sig),
GNUNET_PQ_query_param_end
};
if (NULL == session)
session = postgres_get_session (pg);
if (NULL == session)
return GNUNET_DB_STATUS_HARD_ERROR;
return GNUNET_PQ_eval_prepared_non_select (session->conn,
"insert_signkey",
iparams);
}
/**
* Lookup signing key meta data.
*
* @param cls closure
* @param session a session
* @param exchange_pub the exchange online signing public key
* @param[out] meta meta data about @a exchange_pub
* @return transaction status code
*/
static enum GNUNET_DB_QueryStatus
postgres_lookup_signing_key (
void *cls,
struct TALER_EXCHANGEDB_Session *session,
const struct TALER_ExchangePublicKeyP *exchange_pub,
struct TALER_EXCHANGEDB_SignkeyMetaData *meta)
{
struct PostgresClosure *pg = cls;
struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (exchange_pub),
GNUNET_PQ_query_param_end GNUNET_PQ_query_param_end
}; };
struct GNUNET_PQ_ResultSpec rs[] = { struct GNUNET_PQ_ResultSpec rs[] = {
GNUNET_PQ_result_spec_rsa_public_key ("denom_pub",
&denom_pub.rsa_public_key),
TALER_PQ_result_spec_absolute_time ("valid_from", TALER_PQ_result_spec_absolute_time ("valid_from",
&meta.start), &meta->start),
TALER_PQ_result_spec_absolute_time ("expire_withdraw", TALER_PQ_result_spec_absolute_time ("expire_sign",
&meta.expire_withdraw), &meta->expire_sign),
TALER_PQ_result_spec_absolute_time ("expire_deposit",
&meta.expire_deposit),
TALER_PQ_result_spec_absolute_time ("expire_legal", TALER_PQ_result_spec_absolute_time ("expire_legal",
&meta.expire_legal), &meta->expire_legal),
TALER_PQ_RESULT_SPEC_AMOUNT ("coin",
&meta.value),
TALER_PQ_RESULT_SPEC_AMOUNT ("fee_withdraw",
&meta.fee_withdraw),
TALER_PQ_RESULT_SPEC_AMOUNT ("fee_deposit",
&meta.fee_deposit),
TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refresh",
&meta.fee_refresh),
TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refund",
&meta.fee_refund),
GNUNET_PQ_result_spec_end GNUNET_PQ_result_spec_end
}; };
qs = GNUNET_PQ_eval_prepared_singleton_select (session->conn, if (NULL == session)
"lookup_future_denomination_key_full", session = postgres_get_session (pg);
if (NULL == session)
return GNUNET_DB_STATUS_HARD_ERROR;
return GNUNET_PQ_eval_prepared_singleton_select (session->conn,
"lookup_signing_key",
params, params,
rs); rs);
if (0 >= qs)
return qs;
/* Sanity check: ensure fees match coin currency */
GNUNET_assert (GNUNET_YES ==
TALER_amount_cmp_currency (&meta.value,
&meta.fee_withdraw));
GNUNET_assert (GNUNET_YES ==
TALER_amount_cmp_currency (&meta.value,
&meta.fee_deposit));
GNUNET_assert (GNUNET_YES ==
TALER_amount_cmp_currency (&meta.value,
&meta.fee_refresh));
GNUNET_assert (GNUNET_YES ==
TALER_amount_cmp_currency (&meta.value,
&meta.fee_refund));
/* insert logic */
{
struct GNUNET_PQ_QueryParam iparams[] = {
GNUNET_PQ_query_param_auto_from_type (&h_denom_pub),
GNUNET_PQ_query_param_rsa_public_key (denom_pub.rsa_public_key),
GNUNET_PQ_query_param_auto_from_type (master_pub),
GNUNET_PQ_query_param_auto_from_type (master_sig),
TALER_PQ_query_param_absolute_time (&meta.start),
TALER_PQ_query_param_absolute_time (&meta.expire_withdraw),
TALER_PQ_query_param_absolute_time (&meta.expire_deposit),
TALER_PQ_query_param_absolute_time (&meta.expire_legal),
TALER_PQ_query_param_amount (&meta.value),
TALER_PQ_query_param_amount (&meta.fee_withdraw),
TALER_PQ_query_param_amount (&meta.fee_deposit),
TALER_PQ_query_param_amount (&meta.fee_refresh),
TALER_PQ_query_param_amount (&meta.fee_refund),
GNUNET_PQ_query_param_end
};
qs = GNUNET_PQ_eval_prepared_non_select (session->conn,
"denomination_insert",
iparams);
}
GNUNET_CRYPTO_rsa_public_key_free (denom_pub.rsa_public_key);
if (qs < 0)
return qs;
/* Finally, run delete logic */
return GNUNET_PQ_eval_prepared_non_select (session->conn,
"delete_future_denomination",
params);
} }
@ -9071,16 +9033,18 @@ libtaler_plugin_exchangedb_postgres_init (void *cls)
= &postgres_get_wire_fees; = &postgres_get_wire_fees;
plugin->insert_signkey_revocation plugin->insert_signkey_revocation
= &postgres_insert_signkey_revocation; = &postgres_insert_signkey_revocation;
plugin->lookup_future_denomination_key
= &postgres_lookup_future_denomination_key;
plugin->lookup_denomination_key plugin->lookup_denomination_key
= &postgres_lookup_denomination_key; = &postgres_lookup_denomination_key;
plugin->insert_auditor_denom_sig plugin->insert_auditor_denom_sig
= &postgres_insert_auditor_denom_sig; = &postgres_insert_auditor_denom_sig;
plugin->lookup_wire_fee_by_time plugin->lookup_wire_fee_by_time
= &postgres_lookup_wire_fee_by_time; = &postgres_lookup_wire_fee_by_time;
plugin->activate_denomination_key plugin->add_denomination_key
= &postgres_activate_denomination_key; = &postgres_add_denomination_key;
plugin->activate_signing_key
= &postgres_activate_signing_key;
plugin->lookup_signing_key
= &postgres_lookup_signing_key;
return plugin; return plugin;
} }

68
src/include/taler_exchangedb_plugin.h
View File

@ -3338,23 +3338,6 @@ struct TALER_EXCHANGEDB_Plugin
const struct TALER_MasterSignatureP *master_sig); const struct TALER_MasterSignatureP *master_sig);
/**
* Lookup information about a future denomination key.
*
* @param cls closure
* @param session a session
* @param h_denom_pub hash of the denomination public key
* @param[out] meta set to various meta data about the key
* @return transaction status code
*/
enum GNUNET_DB_QueryStatus
(*lookup_future_denomination_key)(
void *cls,
struct TALER_EXCHANGEDB_Session *session,
const struct GNUNET_HashCode *h_denom_pub,
struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta);
/** /**
* Lookup information about current denomination key. * Lookup information about current denomination key.
* *
@ -3373,28 +3356,65 @@ struct TALER_EXCHANGEDB_Plugin
/** /**
* Activate future denomination key, turning it into a "current" or "valid" * Add denomination key.
* denomination key by adding the master signature. Deletes the
* denomination key from the 'future' table an inserts the data into the
* main denominations table. Because this function will trigger multiple SQL
* statements, it must be run within a transaction.
* *
* @param cls closure * @param cls closure
* @param session a session * @param session a session
* @param h_denom_pub hash of the denomination public key * @param h_denom_pub hash of the denomination public key
* @param master_pub master public key used for @a master_sig * @param denom_pub the denomination public key
* @param meta meta data about the denomination
* @param master_pub master public key (consider removing this in the future!)
* @param master_sig master signature to add * @param master_sig master signature to add
* @return transaction status code * @return transaction status code
*/ */
enum GNUNET_DB_QueryStatus enum GNUNET_DB_QueryStatus
(*activate_denomination_key)( (*add_denomination_key)(
void *cls, void *cls,
struct TALER_EXCHANGEDB_Session *session, struct TALER_EXCHANGEDB_Session *session,
const struct GNUNET_HashCode *h_denom_pub, const struct GNUNET_HashCode *h_denom_pub,
const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta,
const struct TALER_MasterPublicKeyP *master_pub, const struct TALER_MasterPublicKeyP *master_pub,
const struct TALER_MasterSignatureP *master_sig); const struct TALER_MasterSignatureP *master_sig);
/**
* Activate future signing key, turning it into a "current" or "valid"
* denomination key by adding the master signature.
*
* @param cls closure
* @param session a session
* @param exchange_pub the exchange online signing public key
* @param meta meta data about @a exchange_pub
* @param master_sig master signature to add
* @return transaction status code
*/
enum GNUNET_DB_QueryStatus
(*activate_signing_key)(
void *cls,
struct TALER_EXCHANGEDB_Session *session,
const struct TALER_ExchangePublicKeyP *exchange_pub,
const struct TALER_EXCHANGEDB_SignkeyMetaData *meta,
const struct TALER_MasterSignatureP *master_sig);
/**
* Lookup signing key meta data.
*
* @param cls closure
* @param session a session
* @param exchange_pub the exchange online signing public key
* @param[out] meta meta data about @a exchange_pub
* @return transaction status code
*/
enum GNUNET_DB_QueryStatus
(*lookup_signing_key)(
void *cls,
struct TALER_EXCHANGEDB_Session *session,
const struct TALER_ExchangePublicKeyP *exchange_pub,
struct TALER_EXCHANGEDB_SignkeyMetaData *meta);
/** /**
* Insert information about an auditor auditing a denomination key. * Insert information about an auditor auditing a denomination key.
* *