taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

-fix more FTBFS issues

Browse Source
This commit is contained in:
Christian Grothoff 2022-02-06 19:44:05 +01:00
parent e735475623
commit 66abbcac3f
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
9 changed files with 160 additions and 137 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/exchange/taler-exchange-httpd_refreshes_reveal.c
View File

@ -179,14 +179,20 @@ check_commitment (struct RevealContext *rctx,
struct TALER_ExchangeWithdrawValues alg_values;
struct TALER_PlanchetDetail pd;
struct TALER_CoinPubHash c_hash;
struct TALER_PlanchetSecretsP ps;
rcd->dk = &rctx->dks[j]->denom_pub;
TALER_planchet_setup_refresh (&ts,
j,
&coin_priv,
&bks);
&ps);
// TODO: implement cipher handling
alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_coin_priv (&ps,
&alg_values,
&coin_priv);
TALER_planchet_blinding_secret_create (&ps,
&alg_values,
&bks);
GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (rcd->dk,
&alg_values,

43
src/include/taler_crypto_lib.h
View File

@ -1032,14 +1032,6 @@ TALER_cs_withdraw_nonce_derive (
struct TALER_CsNonce *nonce);
/**
* @brief Method to generate a random withdraw nonce used in refresh protocol
*
* @param nonce withdraw nonce included in the request to generate R_0 and R_1
*/
void
TALER_cs_withdraw_nonce_generate (struct TALER_CsNonce *nonce);
/**
* Initialize denomination public-private key pair.
*
@ -1086,12 +1078,11 @@ TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig);
* @param r_pub the resulting R_0 and R_1
* @return enum GNUNET_GenericReturnValue
*/
enum GNUNET_GenericReturnValue
TALER_denom_cs_derive_r_public (const struct TALER_CsNonce *nonce,
const struct
TALER_DenominationPrivateKey *denom_priv,
struct TALER_DenominationCsPublicR *r_pub);
TALER_denom_cs_derive_r_public (
const struct TALER_CsNonce *nonce,
const struct TALER_DenominationPrivateKey *denom_priv,
struct TALER_DenominationCsPublicR *r_pub);
/**
@ -1457,9 +1448,10 @@ GNUNET_NETWORK_STRUCT_END
/**
* Setup information for a fresh coin, deriving the coin private key
* and the blinding factor from the @a secret_seed with a KDF salted
* by the @a coin_num_salt.
* Setup information for a fresh coin, deriving the coin planchet secrets from
* which we will later derive the private key and the blinding factor. The
* planchet secrets derivation is based on the @a secret_seed with a KDF
* salted by the @a coin_num_salt.
*
* @param secret_seed seed to use for KDF to derive coin keys
* @param coin_num_salt number of the coin to include in KDF
@ -1468,8 +1460,7 @@ GNUNET_NETWORK_STRUCT_END
void
TALER_planchet_setup_refresh (const struct TALER_TransferSecretP *secret_seed,
uint32_t coin_num_salt,
struct TALER_CoinSpendPrivateKeyP *coin_priv,
union TALER_DenominationBlindingKeyP *bks);
struct TALER_PlanchetSecretsP *ps);
/**
@ -1543,14 +1534,14 @@ TALER_blinded_planchet_free (struct TALER_BlindedPlanchet *blinded_planchet);
* @return #GNUNET_OK on success
*/
enum GNUNET_GenericReturnValue
TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
const struct
TALER_BlindedDenominationSignature *blind_sig,
const union TALER_DenominationBlindingKeyP *bks,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
const struct TALER_CoinPubHash *c_hash,
const struct TALER_ExchangeWithdrawValues *alg_values,
struct TALER_FreshCoin *coin);
TALER_planchet_to_coin (
const struct TALER_DenominationPublicKey *dk,
const struct TALER_BlindedDenominationSignature *blind_sig,
const union TALER_DenominationBlindingKeyP *bks,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
const struct TALER_CoinPubHash *c_hash,
const struct TALER_ExchangeWithdrawValues *alg_values,
struct TALER_FreshCoin *coin);
/* ****************** Refresh crypto primitives ************* */

2
src/include/taler_exchange_service.h
View File

@ -1065,7 +1065,7 @@ struct TALER_EXCHANGE_CsRResponse
/**
* Length of the @e alg_values array.
*/
unsigned int arg_values_len;
unsigned int alg_values_len;
/**
* Values contributed by the exchange for the

2
src/lib/exchange_api_csr.c
View File

@ -94,7 +94,7 @@ csr_ok (struct TALER_EXCHANGE_CsRHandle *csrh,
struct TALER_ExchangeWithdrawValues alg_values[GNUNET_NZL (alen)];
struct TALER_EXCHANGE_CsRResponse csrr = {
.hr = *hr,
.details.success.arg_values_len = alen,
.details.success.alg_values_len = alen,
.details.success.alg_values = alg_values
};

13
src/lib/exchange_api_link.c
View File

@ -105,6 +105,8 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh,
GNUNET_JSON_spec_end ()
};
struct TALER_TransferSecretP secret;
struct TALER_PlanchetSecretsP ps;
struct TALER_ExchangeWithdrawValues alg_values;
/* parse reply */
if (GNUNET_OK !=
@ -120,9 +122,16 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh,
&secret);
TALER_planchet_setup_refresh (&secret,
coin_num,
coin_priv,
&bks);
&ps);
// TODO: implement cipher handling
alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_coin_priv (&ps,
&alg_values,
coin_priv);
TALER_planchet_blinding_secret_create (&ps,
&alg_values,
&bks);
/* extract coin and signature */
if (GNUNET_OK !=
TALER_denom_sig_unblind (sig,

16
src/lib/exchange_api_refresh_common.c
View File

@ -131,19 +131,25 @@ TALER_EXCHANGE_get_melt_data_ (
{
struct TALER_PlanchetSecretsP *fc = &md->fresh_coins[i][j];
struct TALER_RefreshCoinData *rcd = &rce[i].new_coins[j];
struct TALER_ExchangeWithdrawValues alg_values;
struct TALER_PlanchetDetail pd;
struct TALER_CoinPubHash c_hash;
struct TALER_CoinSpendPrivateKeyP coin_priv;
union TALER_DenominationBlindingKeyP bks;
TALER_planchet_setup_refresh (&trans_sec[i],
j,
fc);
// TODO: implement cipher handling
alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_coin_priv (fc,
&alg_values[j],
&coin_priv);
TALER_planchet_blinding_secret_create (fc,
&alg_values[j],
&bks);
if (GNUNET_OK !=
TALER_planchet_prepare (&md->fresh_pks[j],
&alg_values,
fc,
&alg_values[j],
&bks,
&coin_priv,
&c_hash,
&pd))
{

59
src/lib/exchange_api_refreshes_reveal.c
View File

@ -1,6 +1,6 @@
/*
This file is part of TALER
Copyright (C) 2015-2021 Taler Systems SA
Copyright (C) 2015-2022 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
@ -127,14 +127,14 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshesRevealHandle *rrh,
GNUNET_JSON_parse_free (outer_spec);
return GNUNET_SYSERR;
}
if (rrh->md->num_fresh_coins != json_array_size (jsona))
if (rrh->md.num_fresh_coins != json_array_size (jsona))
{
/* Number of coins generated does not match our expectation */
GNUNET_break_op (0);
GNUNET_JSON_parse_free (outer_spec);
return GNUNET_SYSERR;
}
for (unsigned int i = 0; i<rrh->md->num_fresh_coins; i++)
for (unsigned int i = 0; i<rrh->md.num_fresh_coins; i++)
{
const struct TALER_PlanchetSecretsP *fc;
struct TALER_DenominationPublicKey *pk;
@ -149,9 +149,10 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshesRevealHandle *rrh,
GNUNET_JSON_spec_end ()
};
struct TALER_FreshCoin coin;
union TALER_DenominationBlindingKeyP bks;
fc = &rrh->md->fresh_coins[rrh->noreveal_index][i];
pk = &rrh->md->fresh_pks[i];
fc = &rrh->md.fresh_coins[rrh->noreveal_index][i];
pk = &rrh->md.fresh_pks[i];
jsonai = json_array_get (jsona, i);
GNUNET_assert (NULL != jsonai);
@ -165,21 +166,27 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshesRevealHandle *rrh,
return GNUNET_SYSERR;
}
// TODO: implement cipher handling
alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_coin_priv (fc,
&alg_values,
&coin_privs[i]);
TALER_planchet_blinding_secret_create (fc,
&alg_values,
&bks);
/* needed to verify the signature, and we didn't store it earlier,
hence recomputing it here... */
coin_privs[i] = fc->coin_priv;
GNUNET_CRYPTO_eddsa_key_get_public (&fc->coin_priv.eddsa_priv,
GNUNET_CRYPTO_eddsa_key_get_public (&coin_privs[i].eddsa_priv,
&coin_pub.eddsa_pub);
/* FIXME-Oec: Age commitment hash. */
TALER_coin_pub_hash (&coin_pub,
NULL, /* FIXME-Oec */
&coin_hash);
// TODO: implement cipher handling
alg_values.cipher = TALER_DENOMINATION_RSA;
if (GNUNET_OK !=
TALER_planchet_to_coin (pk,
&blind_sig,
fc,
&bks,
&coin_privs[i],
&coin_hash,
&alg_values,
&coin))
@ -225,8 +232,8 @@ handle_refresh_reveal_finished (void *cls,
break;
case MHD_HTTP_OK:
{
struct TALER_DenominationSignature sigs[rrh->md->num_fresh_coins];
struct TALER_CoinSpendPrivateKeyP coin_privs[rrh->md->num_fresh_coins];
struct TALER_DenominationSignature sigs[rrh->md.num_fresh_coins];
struct TALER_CoinSpendPrivateKeyP coin_privs[rrh->md.num_fresh_coins];
enum GNUNET_GenericReturnValue ret;
memset (sigs,
@ -245,12 +252,12 @@ handle_refresh_reveal_finished (void *cls,
{
rrh->reveal_cb (rrh->reveal_cb_cls,
&hr,
rrh->md->num_fresh_coins,
rrh->md.num_fresh_coins,
coin_privs,
sigs);
rrh->reveal_cb = NULL;
}
for (unsigned int i = 0; i<rrh->md->num_fresh_coins; i++)
for (unsigned int i = 0; i<rrh->md.num_fresh_coins; i++)
TALER_denom_sig_free (&sigs[i]);
TALER_EXCHANGE_refreshes_reveal_cancel (rrh);
return;
@ -322,6 +329,7 @@ TALER_EXCHANGE_refreshes_reveal (
struct MeltData md;
struct TALER_TransferPublicKeyP transfer_pub;
char arg_str[sizeof (struct TALER_RefreshCommitmentP) * 2 + 32];
struct TALER_TransferSecretP ts;
GNUNET_assert (num_coins == rd->fresh_pks_len);
if (noreveal_index >= TALER_CNC_KAPPA)
@ -353,6 +361,9 @@ TALER_EXCHANGE_refreshes_reveal (
GNUNET_CRYPTO_ecdhe_key_get_public (
&md.melted_coin.transfer_priv[noreveal_index].ecdhe_priv,
&transfer_pub.ecdhe_pub);
TALER_link_recover_transfer_secret (&transfer_pub,
&rd->melt_priv,
&ts);
/* now new_denoms */
GNUNET_assert (NULL != (new_denoms_h = json_array ()));
@ -361,9 +372,11 @@ TALER_EXCHANGE_refreshes_reveal (
for (unsigned int i = 0; i<md.num_fresh_coins; i++)
{
struct TALER_DenominationHash denom_hash;
struct TALER_ExchangeWithdrawValues alg_values;
struct TALER_PlanchetDetail pd;
struct TALER_CoinPubHash c_hash;
struct TALER_PlanchetSecretsP ps;
union TALER_DenominationBlindingKeyP bks;
struct TALER_CoinSpendPrivateKeyP coin_priv;
TALER_denom_pub_hash (&md.fresh_pks[i],
&denom_hash);
@ -371,11 +384,20 @@ TALER_EXCHANGE_refreshes_reveal (
json_array_append_new (new_denoms_h,
GNUNET_JSON_from_data_auto (
&denom_hash)));
TALER_planchet_setup_refresh (&ts,
i,
&ps);
TALER_planchet_setup_coin_priv (&ps,
&alg_values[i],
&coin_priv);
TALER_planchet_blinding_secret_create (&ps,
&alg_values[i],
&bks);
if (GNUNET_OK !=
TALER_planchet_prepare (&md.fresh_pks[i],
&rrh->exchange_vals[i],
&md.fresh_coins[noreveal_index][i],
&alg_values[i],
&bks,
&coin_priv,
&c_hash,
&pd))
{
@ -511,7 +533,6 @@ TALER_EXCHANGE_refreshes_reveal_cancel (
GNUNET_free (rrh->url);
TALER_curl_easy_post_finished (&rrh->ctx);
TALER_EXCHANGE_free_melt_data_ (&rrh->md);
GNUNET_free (rrh->exchange_vals);
GNUNET_free (rrh);
}

128
src/lib/exchange_api_withdraw.c
View File

@ -71,10 +71,10 @@ struct TALER_EXCHANGE_WithdrawHandle
/**
* blinding secret
*/
union DenominationBlindingKeyP bks;
union TALER_DenominationBlindingKeyP bks;
/**
*
* Private key of the coin we are withdrawing.
*/
struct TALER_CoinSpendPrivateKeyP priv;
@ -135,8 +135,9 @@ handle_reserve_withdraw_finished (
if (GNUNET_OK !=
TALER_planchet_to_coin (&wh->pk.key,
blind_sig,
&wh->
& wh->c_hash,
&wh->bks,
&wh->priv,
&wh->c_hash,
&wh->alg_values,
&fc))
{
@ -188,21 +189,33 @@ withdraw_cs_stage_two_callback (void *cls,
const struct TALER_EXCHANGE_CsRResponse *csrr)
{
struct TALER_EXCHANGE_WithdrawHandle *wh = cls;
struct TALER_EXCHANGE_WithdrawResponse wr = {
.hr = csrr->hr
};
wh->csrh = NULL;
GNUNET_assert (TALER_DENOMINATION_CS == wh->pk.key.cipher);
switch (csrr->hr.http_status)
{
case MHD_HTTP_OK:
wh->alg_values.details.cs_values.r_pub = csrr->details.success.r_pubs;
if (1 != csrr->details.success.alg_values_len)
{
GNUNET_break (0);
wr.hr.http_status = 0;
break;
}
wh->alg_values = csrr->details.success.alg_values[0];
TALER_planchet_setup_coin_priv (&wh->ps,
&wh->alg_values,
&wh->priv);
TALER_planchet_blinding_secret_create (&wh->ps,
&wh->alg_values);
&wh->alg_values,
&wh->bks);
if (GNUNET_OK !=
TALER_planchet_prepare (&wh->pk.key,
&wh->alg_values,
&wh->ps,
&wh->bks,
&wh->priv,
&wh->c_hash,
&wh->pd))
{
@ -214,19 +227,13 @@ withdraw_cs_stage_two_callback (void *cls,
wh->reserve_priv,
&handle_reserve_withdraw_finished,
wh);
break;
return;
default:
{
// the CSR request went wrong -> serve response to the callback
struct TALER_EXCHANGE_WithdrawResponse wr = {
.hr = csrr->hr
};
wh->cb (wh->cb_cls,
&wr);
TALER_EXCHANGE_withdraw_cancel (wh);
break;
}
break;
}
wh->cb (wh->cb_cls,
&wr);
TALER_EXCHANGE_withdraw_cancel (wh);
}
@ -235,7 +242,7 @@ TALER_EXCHANGE_withdraw (
struct TALER_EXCHANGE_Handle *exchange,
const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_ReservePrivateKeyP *reserve_priv,
struct TALER_PlanchetSecretsP *ps,
const struct TALER_PlanchetSecretsP *ps,
TALER_EXCHANGE_WithdrawCallback res_cb,
void *res_cb_cls)
{
@ -248,56 +255,55 @@ TALER_EXCHANGE_withdraw (
wh->reserve_priv = reserve_priv;
wh->ps = *ps;
wh->pk = *pk;
wh->csrh = NULL;
TALER_denom_pub_deep_copy (&wh->pk.key,
&pk->key);
switch (pk->key.cipher)
{
case TALER_DENOMINATION_RSA:
wh->alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_coin_priv (ps, &wh->alg_values, &wh->priv);
TALER_planchet_blinding_secret_create (ps, &wh->alg_values, &wh->bks);
if (GNUNET_OK !=
TALER_planchet_prepare (&pk->key,
&wh->alg_values,
&bks,
&priv,
&wh->c_hash,
&wh->pd))
{
GNUNET_break (0);
GNUNET_free (wh);
return NULL;
wh->alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_coin_priv (ps,
&wh->alg_values,
&wh->priv);
TALER_planchet_blinding_secret_create (ps,
&wh->alg_values,
&wh->bks);
if (GNUNET_OK !=
TALER_planchet_prepare (&pk->key,
&wh->alg_values,
&wh->bks,
&wh->priv,
&wh->c_hash,
&wh->pd))
{
GNUNET_break (0);
GNUNET_free (wh);
return NULL;
}
wh->wh2 = TALER_EXCHANGE_withdraw2 (exchange,
&wh->pd,
wh->reserve_priv,
&handle_reserve_withdraw_finished,
wh);
break;
}
wh->wh2 = TALER_EXCHANGE_withdraw2 (exchange,
&wh->pd,
wh->reserve_priv,
&handle_reserve_withdraw_finished,
wh);
break;
case TALER_DENOMINATION_CS:
wh->pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
{
struct TALER_EXCHANGE_NonceKey nk = {
.pk = pk,
};
/**
* This part is a bit hacky..
* due to the reason that Withdraw tests use the same private key coin to sign,
* the same Withdraw nonce will be derived.
* In a normal withdrawal TALER_cs_withdraw_nonce_derive is used.
* As a hacky solution, we generate the nonce here randomly.
*/
TALER_cs_withdraw_nonce_generate (&wh->pd.blinded_planchet.details.
cs_blinded_planchet.nonce);
wh->csrh = TALER_EXCHANGE_csr (exchange,
pk,
&wh->pd.blinded_planchet.details.
cs_blinded_planchet.nonce,
&withdraw_cs_stage_two_callback,
wh);
break;
wh->pd.blinded_planchet.cipher = TALER_DENOMINATION_CS;
TALER_cs_withdraw_nonce_derive (ps,
&nk.nonce);
wh->csrh = TALER_EXCHANGE_csr (exchange,
1, /* "array" length */
&nk,
&withdraw_cs_stage_two_callback,
wh);
break;
}
default:
GNUNET_break (0);
GNUNET_free (wh);

24
src/util/crypto.c
View File

@ -149,19 +149,14 @@ TALER_link_recover_transfer_secret (
void
TALER_planchet_setup_refresh (const struct TALER_TransferSecretP *secret_seed,
uint32_t coin_num_salt,
struct TALER_CoinSpendPrivateKeyP *coin_priv,
union TALER_DenominationBlindingKeyP *bks)
struct TALER_PlanchetSecretsP *ps)
{
uint32_t be_salt = htonl (coin_num_salt);
struct
{
struct TALER_CoinSpendPrivateKeyP coin_priv;
union TALER_DenominationBlindingKeyP bks;
} out;
GNUNET_assert (GNUNET_OK ==
GNUNET_CRYPTO_kdf (&out,
sizeof (out),
GNUNET_CRYPTO_kdf (ps,
sizeof (*ps),
&be_salt,
sizeof (be_salt),
secret_seed,
@ -169,8 +164,6 @@ TALER_planchet_setup_refresh (const struct TALER_TransferSecretP *secret_seed,
"taler-coin-derivation",
strlen ("taler-coin-derivation"),
NULL, 0));
*coin_priv = out.coin_priv;
*bks = out.bks;
}
@ -215,15 +208,6 @@ TALER_cs_withdraw_nonce_derive (const struct
}
void
TALER_cs_withdraw_nonce_generate (struct TALER_CsNonce *nonce)
{
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
nonce,
sizeof (*nonce));
}
void
TALER_planchet_blinding_secret_create (const struct TALER_PlanchetSecretsP *ps,