taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

misc doxygen fixes

Browse Source
This commit is contained in:
Christian Grothoff 2020-12-20 17:10:09 +01:00
parent 6a73629aee
commit 699916056b
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
24 changed files with 92 additions and 303 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/auditor/report-lib.c
View File

@ -161,7 +161,7 @@ TALER_ARL_report (json_t *array,
*
* @param cls closure, NULL
* @param denom_pub public key, sometimes NULL (!)
* @param issue issuing information with value, fees and other info about the denomination.
* @param validity issuing information with value, fees and other info about the denomination.
*/
static void
add_denomination (void *cls,

2
src/exchange-tools/taler-auditor-offline.c
View File

@ -461,7 +461,7 @@ upload_denomination_add (const char *exchange_url,
/**
* Perform uploads based on the JSON in #io.
* Perform uploads based on the JSON in #out.
*
* @param exchange_url base URL of the exchange to use
*/

2
src/exchange-tools/taler-exchange-offline.c
View File

@ -1624,7 +1624,7 @@ upload_keys (const char *exchange_url,
/**
* Perform uploads based on the JSON in #io.
* Perform uploads based on the JSON in #out.
*
* @param exchange_url base URL of the exchange to use
*/

14
src/exchange/exchange.conf
View File

@ -63,20 +63,8 @@ AGGREGATOR_IDLE_SLEEP_INTERVAL = 60 s
# super fast.)
WIREWATCH_IDLE_SLEEP_INTERVAL = 1 s
# how long is one signkey valid?
SIGNKEY_DURATION = 4 weeks
# how long are the signatures with the signkey valid?
LEGAL_DURATION = 2 years
# how long do we generate denomination and signing keys
# ahead of time?
LOOKAHEAD_SIGN = 32 weeks 1 day
# how long do we provide to clients denomination and signing keys
# ahead of time?
LOOKAHEAD_PROVIDE = 4 weeks 1 day
SIGNKEY_LEGAL_DURATION = 2 years
# Directory with our terms of service.
# TERMS_DIR =

24
src/exchange/taler-exchange-httpd_keys.c
View File

@ -147,7 +147,7 @@ struct HelperSignkey
* State associated with the crypto helpers / security modules.
* Created per-thread, but NOT updated when the #key_generation
* is updated (instead constantly kept in sync whenever
* #TEH_get_key_state() is called).
* #TEH_keys_get_state() is called).
*/
struct HelperState
{
@ -335,8 +335,8 @@ static pthread_key_t key_state;
* Counter incremented whenever we have a reason to re-build the keys because
* something external changed (in another thread). The counter is manipulated
* using an atomic update, and thus to ensure that threads notice when it
* changes, the variable MUST be volatile. See #TEH_get_key_state() and
* #TEH_update_key_state() for uses of this variable.
* changes, the variable MUST be volatile. See #TEH_keys_get_state() and
* #TEH_keys_update_states() for uses of this variable.
*/
static volatile uint64_t key_generation;
@ -816,7 +816,7 @@ clear_denomination_cb (void *cls,
* Free denomination key data.
*
* @param cls a `struct TEH_KeyStateHandle`, unused
* @param h_denom_pub hash of the denomination public key, unused
* @param pid the online signing key (type-disguised), unused
* @param value a `struct SigningKey` to free
* @return #GNUNET_OK (continue to iterate)
*/
@ -1729,7 +1729,7 @@ TEH_keys_update_states ()
/**
* Obtain the key state for the current thread. Should ONLY be used
* directly if @a management_only is true. Otherwise use #TEH_get_key_state().
* directly if @a management_only is true. Otherwise use #TEH_keys_get_state().
*
* @param management_only if we should NOT run 'finish_keys_response()'
* because we only need the state for the /management/keys API
@ -1787,7 +1787,7 @@ get_key_state (bool management_only)
struct TEH_KeyStateHandle *
TEH_get_key_state (void)
TEH_keys_get_state (void)
{
struct TEH_KeyStateHandle *ksh;
@ -1811,7 +1811,7 @@ TEH_keys_denomination_by_hash (const struct GNUNET_HashCode *h_denom_pub,
{
struct TEH_KeyStateHandle *ksh;
ksh = TEH_get_key_state ();
ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
*hc = MHD_HTTP_INTERNAL_SERVER_ERROR;
@ -1854,7 +1854,7 @@ TEH_keys_denomination_sign (const struct GNUNET_HashCode *h_denom_pub,
struct TEH_KeyStateHandle *ksh;
struct TALER_DenominationSignature none = { NULL };
ksh = TEH_get_key_state ();
ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
*ec = TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING;
@ -1873,7 +1873,7 @@ TEH_keys_denomination_revoke (const struct GNUNET_HashCode *h_denom_pub)
{
struct TEH_KeyStateHandle *ksh;
ksh = TEH_get_key_state ();
ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
GNUNET_break (0);
@ -1893,7 +1893,7 @@ TEH_keys_exchange_sign_ (
{
struct TEH_KeyStateHandle *ksh;
ksh = TEH_get_key_state ();
ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
/* This *can* happen if the exchange's crypto helper is not running
@ -1956,7 +1956,7 @@ TEH_keys_exchange_revoke (const struct TALER_ExchangePublicKeyP *exchange_pub)
{
struct TEH_KeyStateHandle *ksh;
ksh = TEH_get_key_state ();
ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
GNUNET_break (0);
@ -2037,7 +2037,7 @@ TEH_keys_get_handler (const struct TEH_RequestHandler *rh,
struct TEH_KeyStateHandle *ksh;
const struct KeysResponseData *krd;
ksh = TEH_get_key_state ();
ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
return suspend_request (connection);

14
src/exchange/taler-exchange-httpd_keys.h
View File

@ -101,13 +101,13 @@ struct TEH_KeyStateHandle;
* state if we have reason to believe that something changed.
*
* The result is ONLY valid until the next call to
* #TEH_keys_denomination_by_hash() or #TEH_get_key_state()
* #TEH_keys_denomination_by_hash() or #TEH_keys_get_state()
* or #TEH_keys_exchange_sign().
*
* @return NULL on error
*/
struct TEH_KeyStateHandle *
TEH_get_key_state (void);
TEH_keys_get_state (void);
/**
@ -117,7 +117,7 @@ TEH_get_key_state (void);
*
* (We do not do so immediately, but merely signal to all threads that they
* need to rebuild their key state upon the next call to
* #TEH_get_key_state()).
* #TEH_keys_get_state()).
*/
void
TEH_keys_update_states (void);
@ -128,7 +128,6 @@ TEH_keys_update_states (void);
* must only be used in this thread and only until another key or
* key state is resolved.
*
* @param key_state state to look in
* @param h_denom_pub hash of denomination public key
* @param[out] ec set to the error code, in case the operation failed
* @param[out] hc set to the HTTP status code to use
@ -145,9 +144,9 @@ TEH_keys_denomination_by_hash (const struct GNUNET_HashCode *h_denom_pub,
* Look up the issue for a denom public key using a given @a ksh. This allows
* requesting multiple denominations with the same @a ksh which thus will
* remain valid until the next call to #TEH_keys_denomination_by_hash() or
* #TEH_get_key_state() or #TEH_keys_exchange_sign().
* #TEH_keys_get_state() or #TEH_keys_exchange_sign().
*
* @param key_state state to look in
* @param ksh key state state to look in
* @param h_denom_pub hash of denomination public key
* @param[out] ec set to the error code, in case the operation failed
* @param[out] hc set to the HTTP status code to use
@ -231,6 +230,7 @@ TEH_keys_exchange_sign_ (
* number of bytes of the data structure, including its header. Use
* #TEH_keys_exchange_sign() instead of calling this function directly!
*
* @param ksh key state state to look in
* @param purpose the message to sign
* @param[out] pub set to the current public signing key of the exchange
* @param[out] sig signature over purpose using current signing key
@ -281,7 +281,7 @@ TEH_keys_exchange_sign2_ (
*
* This allows requesting multiple denominations with the same @a ksh which
* thus will remain valid until the next call to
* #TEH_keys_denomination_by_hash() or #TEH_get_key_state() or
* #TEH_keys_denomination_by_hash() or #TEH_keys_get_state() or
* #TEH_keys_exchange_sign().
*
* @param ksh key state to use

2
src/exchange/taler-exchange-httpd_refreshes_reveal.c
View File

@ -548,7 +548,7 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection,
struct TEH_KeyStateHandle *ksh;
struct GNUNET_TIME_Absolute now;
ksh = TEH_get_key_state ();
ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
return TALER_MHD_reply_with_error (connection,

2
src/exchange/taler-exchange-httpd_wire.h
View File

@ -49,7 +49,7 @@ TEH_WIRE_done (void);
*
* (We do not do so immediately, but merely signal to all threads that they
* need to rebuild their wire state upon the next call to
* #wire_get_state()).
* #TEH_handler_wire()).
*/
void
TEH_wire_update_state (void);

8
src/exchangedb/exchangedb.conf
View File

@ -26,11 +26,3 @@ IDLE_RESERVE_EXPIRATION_TIME = 4 weeks
# After how long do we forget about reserves? Should be above
# the legal expiration timeframe of withdrawn coins.
LEGAL_RESERVE_EXPIRATION_TIME = 7 years
# How long should generated coins overlap in their validity
# periods. Should be long enough to avoid problems with
# wallets picking one key and then due to network latency
# another key being valid. The DURATION_WITHDRAW period
# must be longer than this value.
DURATION_OVERLAP = 5 minutes

13
src/exchangedb/plugin_exchangedb_postgres.c
View File

@ -2186,7 +2186,7 @@ struct SignkeysIteratorContext
/**
* Helper function for #postgres_active_signkeys().
* Helper function for #postgres_iterate_active_signkeys().
* Calls the callback with each signkey.
*
* @param cls a `struct SignkeysIteratorContext`
@ -2294,7 +2294,7 @@ struct AuditorsIteratorContext
/**
* Helper function for #postgres_active_auditors().
* Helper function for #postgres_iterate_active_auditors().
* Calls the callback with each auditor.
*
* @param cls a `struct SignkeysIteratorContext`
@ -5226,7 +5226,6 @@ postgres_get_coin_transactions (
*tlp = chc.head;
if (NULL == chc.head)
return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;
GNUNET_break (chc.have_deposit_or_melt);
return GNUNET_DB_STATUS_SUCCESS_ONE_RESULT;
}
@ -8519,15 +8518,13 @@ postgres_lookup_denomination_key (
/**
* Activate future denomination key, turning it into a "current" or "valid"
* denomination key by adding the master signature. Deletes the
* denomination key from the 'future' table an inserts the data into the
* main denominations table. Because this function will trigger multiple SQL
* statements, it must be run within a transaction.
* Activate denomination key, turning it into a "current" or "valid"
* denomination key by adding the master signature.
*
* @param cls closure
* @param session a session
* @param h_denom_pub hash of the denomination public key
* @param denom_pub the actual denomination key
* @param meta meta data about the denomination
* @param master_pub master public key
* @param master_sig master signature to add

44
src/include/taler_crypto_lib.h
View File

@ -463,7 +463,7 @@ struct TALER_TrackTransferDetails
* #GNUNET_NO if it is invalid
* #GNUNET_SYSERR if an internal error occurred
*/
int
enum GNUNET_GenericReturnValue
TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info,
const struct TALER_DenominationPublicKey *denom_pub);
@ -650,7 +650,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps);
* other withdraw operations
* @return #GNUNET_OK on success
*/
int
enum GNUNET_GenericReturnValue
TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
const struct TALER_PlanchetSecretsP *ps,
struct GNUNET_HashCode *c_hash,
@ -668,7 +668,7 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
* @param[out] coin set to the details of the fresh coin
* @return #GNUNET_OK on success
*/
int
enum GNUNET_GenericReturnValue
TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
const struct GNUNET_CRYPTO_RsaSignature *blind_sig,
const struct TALER_PlanchetSecretsP *ps,
@ -1081,7 +1081,7 @@ TALER_exchange_offline_auditor_add_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_auditor_add_verify (
const struct TALER_AuditorPublicKeyP *auditor_pub,
const char *auditor_url,
@ -1115,7 +1115,7 @@ TALER_exchange_offline_auditor_del_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_auditor_del_verify (
const struct TALER_AuditorPublicKeyP *auditor_pub,
struct GNUNET_TIME_Absolute end_date,
@ -1145,7 +1145,7 @@ TALER_exchange_offline_denomination_revoke_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_denomination_revoke_verify (
const struct GNUNET_HashCode *h_denom_pub,
const struct TALER_MasterPublicKeyP *master_pub,
@ -1174,7 +1174,7 @@ TALER_exchange_offline_signkey_revoke_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_signkey_revoke_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
const struct TALER_MasterPublicKeyP *master_pub,
@ -1212,7 +1212,7 @@ TALER_exchange_offline_signkey_validity_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_signkey_validity_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
struct GNUNET_TIME_Absolute start_sign,
@ -1271,7 +1271,7 @@ TALER_exchange_offline_denom_validity_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_denom_validity_verify (
const struct GNUNET_HashCode *h_denom_pub,
struct GNUNET_TIME_Absolute stamp_start,
@ -1315,7 +1315,7 @@ TALER_exchange_secmod_eddsa_sign (
* @param secm_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_secmod_eddsa_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
struct GNUNET_TIME_Absolute start_sign,
@ -1347,7 +1347,7 @@ TALER_exchange_secmod_rsa_sign (
/**
* Verify security module RSA signature.
*
* @param h_ednom_pub hash of the public key to validate
* @param h_denom_pub hash of the public key to validate
* @param section_name name of the section in the configuration
* @param start_sign starting point of validity for signing
* @param duration how long will the key be in use
@ -1355,7 +1355,7 @@ TALER_exchange_secmod_rsa_sign (
* @param secm_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_secmod_rsa_verify (
const struct GNUNET_HashCode *h_denom_pub,
const char *section_name,
@ -1420,7 +1420,7 @@ TALER_auditor_denom_validity_sign (
* @param auditor_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_auditor_denom_validity_verify (
const char *auditor_url,
const struct GNUNET_HashCode *h_denom_pub,
@ -1475,7 +1475,7 @@ TALER_exchange_offline_wire_fee_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_fee_verify (
const char *payment_method,
struct GNUNET_TIME_Absolute start_time,
@ -1511,7 +1511,7 @@ TALER_exchange_offline_wire_add_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_add_verify (
const char *payto_uri,
struct GNUNET_TIME_Absolute sign_time,
@ -1544,7 +1544,7 @@ TALER_exchange_offline_wire_del_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_del_verify (
const char *payto_uri,
struct GNUNET_TIME_Absolute sign_time,
@ -1572,7 +1572,7 @@ TALER_exchange_wire_signature_hash (const char *payto_uri,
* @param master_sig signature of the exchange
* @return #GNUNET_OK if signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_wire_signature_check (
const char *payto_uri,
const struct TALER_MasterPublicKeyP *master_pub,
@ -1617,7 +1617,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri,
* @param merch_sig signature of the merchant
* @return #GNUNET_OK if signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_merchant_wire_signature_check (
const char *payto_uri,
const char *salt,
@ -1645,13 +1645,13 @@ TALER_merchant_wire_signature_make (
* Blinds the given message with the given blinding key
*
* @param hash hash of the message to sign
* @param bkey the blinding key
* @param bks the blinding key
* @param pkey the public key of the signer
* @param[out] buf set to a buffer with the blinded message to be signed
* @param[out] buf_size number of bytes stored in @a buf
* @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious
*/
int
enum GNUNET_GenericReturnValue
TALER_rsa_blind (const struct GNUNET_HashCode *hash,
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
struct GNUNET_CRYPTO_RsaPublicKey *pkey,
@ -1661,8 +1661,8 @@ TALER_rsa_blind (const struct GNUNET_HashCode *hash,
/**
* Unblind a blind-signed signature. The signature should have been generated
* with #GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with
* #GNUNET_CRYPTO_rsa_blind().
* with GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with
* GNUNET_CRYPTO_rsa_blind().
*
* @param sig the signature made on the blinded signature purpose
* @param bks the blinding key secret used to blind the signature purpose

20
src/include/taler_exchange_service.h
View File

@ -472,26 +472,6 @@ const struct TALER_EXCHANGE_Keys *
TALER_EXCHANGE_get_keys (struct TALER_EXCHANGE_Handle *exchange);
/**
* Set the fake now to be used when requesting "/keys".
*
* @param exchange exchange handle.
* @param now fake now to use. Note: this value will be
* used _until_ its use will be unset via @a TALER_EXCHANGE_unset_now()
*/
void
TALER_EXCHANGE_set_now (struct TALER_EXCHANGE_Handle *exchange,
struct GNUNET_TIME_Absolute now);
/**
* Unset the fake now to be used when requesting "/keys".
*
* @param exchange exchange handle.
*/
void
TALER_EXCHANGE_unset_now (struct TALER_EXCHANGE_Handle *exchange);
/**
* Let the user set the last valid denomination time manually.
*

8
src/include/taler_testing_lib.h
View File

@ -1808,15 +1808,17 @@ TALER_TESTING_cmd_check_keys_pull_all_keys (const char *label,
* of downloads is less than @a generation, the logic will
* first make sure that @a generation downloads are done,
* and _then_ execute the rest of the command.
* @param last_denom_date date to be set in the "last_denom_issue"
* URL parameter of /keys.
* @param last_denom_date_ref previous /keys command to use to
* obtain the "last_denom_date" value from; "zero" can be used
* as a special value to force an absolute time of zero to be
* given to as an argument
* @return the command.
*/
struct TALER_TESTING_Command
TALER_TESTING_cmd_check_keys_with_last_denom (
const char *label,
unsigned int generation,
struct GNUNET_TIME_Absolute last_denom_date);
const char *last_denom_date_ref);
/**

58
src/lib/exchange_api_handle.c
View File

@ -215,17 +215,6 @@ struct TALER_EXCHANGE_Handle
*/
enum ExchangeHandleState state;
/**
* If #GNUNET_YES, use fake now given by the user, in
* request of "/keys".
*/
int with_now;
/**
* Fake now given by the user.
*/
struct GNUNET_TIME_Absolute now;
};
@ -1044,12 +1033,12 @@ decode_keys_json (const json_t *resp_obj,
if (check_sig)
{
struct TALER_ExchangeKeySetPS ks;
struct TALER_ExchangeKeySetPS ks = {
.purpose.size = htonl (sizeof (ks)),
.purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_KEY_SET),
.list_issue_date = GNUNET_TIME_absolute_hton (key_data->list_issue_date)
};
/* Validate signature... */
ks.purpose.size = htonl (sizeof (ks));
ks.purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_KEY_SET);
ks.list_issue_date = GNUNET_TIME_absolute_hton (key_data->list_issue_date);
GNUNET_CRYPTO_hash_context_finish (hash_context,
&ks.hc);
hash_context = NULL;
@ -1114,34 +1103,6 @@ static void
request_keys (void *cls);
/**
* Set the fake now to be used when requesting "/keys".
*
* @param exchange exchange handle.
* @param now fake now to use. Note: this value will be
* used _until_ its use will be unset via @a TALER_EXCHANGE_unset_now()
*/
void
TALER_EXCHANGE_set_now (struct TALER_EXCHANGE_Handle *exchange,
struct GNUNET_TIME_Absolute now)
{
exchange->with_now = GNUNET_YES;
exchange->now = now;
}
/**
* Unset the fake now to be used when requesting "/keys".
*
* @param exchange exchange handle.
*/
void
TALER_EXCHANGE_unset_now (struct TALER_EXCHANGE_Handle *exchange)
{
exchange->with_now = GNUNET_NO;
}
/**
* Let the user set the last valid denomination time manually.
*
@ -1940,15 +1901,6 @@ request_keys (void *cls)
/ 1000000LLU);
}
if (GNUNET_YES == exchange->with_now)
{
TALER_LOG_DEBUG ("Faking now to GET /keys: %s\n",
GNUNET_STRINGS_absolute_time_to_string (exchange->now));
sprintf (&url[strlen (url)],
"now=%llu&",
(unsigned long long) exchange->now.abs_value_us / 1000000LLU);
}
/* Clean the last '&'/'?' sign that we optimistically put. */
url[strlen (url) - 1] = '\0';
kr->url = TEAH_path_to_url (exchange,

1
src/lib/exchange_api_wire.c
View File

@ -129,7 +129,6 @@ parse_fees (json_t *fees)
if (0 == (len = json_array_size (fee_array)))
{
GNUNET_break_op (0);
GNUNET_free (fe);
continue; /* skip */
}

2
src/util/auditor_signatures.c
View File

@ -70,7 +70,7 @@ TALER_auditor_denom_validity_sign (
}
int
enum GNUNET_GenericReturnValue
TALER_auditor_denom_validity_verify (
const char *auditor_url,
const struct GNUNET_HashCode *h_denom_pub,

121
src/util/crypto.c
View File

@ -26,9 +26,8 @@
#include <gcrypt.h>
/**
* Should we use the RSA blind signing implementation
* from libgnunetutil? The blinding only works
* correctly with a current version of libgnunetutil.
* Should we use the RSA blind signing implementation from libgnunetutil? The
* blinding only works correctly with a current version of libgnunetutil.
*
* Only applies to blinding and unblinding, but
* not to blind signing.
@ -82,17 +81,7 @@ TALER_gcrypt_init ()
}
/**
* Check if a coin is valid; that is, whether the denomination key exists,
* is not expired, and the signature is correct.
*
* @param coin_public_info the coin public info to check for validity
* @param denom_pub denomination key, must match @a coin_public_info's `denom_pub_hash`
* @return #GNUNET_YES if the coin is valid,
* #GNUNET_NO if it is invalid
* #GNUNET_SYSERR if an internal error occurred
*/
int
enum GNUNET_GenericReturnValue
TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info,
const struct TALER_DenominationPublicKey *denom_pub)
{
@ -122,17 +111,6 @@ TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info,
}
/**
* Given the coin and the transfer private keys, compute the
* transfer secret. (Technically, we only need one of the two
* private keys, but the caller currently trivially only has
* the two private keys, so we derive one of the public keys
* internally to this function.)
*
* @param coin_priv coin key
* @param trans_priv transfer private key
* @param[out] ts computed transfer secret
*/
void
TALER_link_derive_transfer_secret (
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
@ -151,14 +129,6 @@ TALER_link_derive_transfer_secret (
}
/**
* Decrypt the shared @a secret from the information in the
* @a trans_priv and @a coin_pub.
*
* @param trans_priv transfer private key
* @param coin_pub coin public key
* @param[out] transfer_secret set to the shared secret
*/
void
TALER_link_reveal_transfer_secret (
const struct TALER_TransferPrivateKeyP *trans_priv,
@ -172,14 +142,6 @@ TALER_link_reveal_transfer_secret (
}
/**
* Decrypt the shared @a secret from the information in the
* @a trans_priv and @a coin_pub.
*
* @param trans_pub transfer private key
* @param coin_priv coin public key
* @param[out] transfer_secret set to the shared secret
*/
void
TALER_link_recover_transfer_secret (
const struct TALER_TransferPublicKeyP *trans_pub,
@ -193,13 +155,6 @@ TALER_link_recover_transfer_secret (
}
/**
* Setup information for a fresh coin.
*
* @param secret_seed seed to use for KDF to derive coin keys
* @param coin_num_salt number of the coin to include in KDF
* @param[out] ps value to initialize
*/
void
TALER_planchet_setup_refresh (const struct TALER_TransferSecretP *secret_seed,
uint32_t coin_num_salt,
@ -220,11 +175,6 @@ TALER_planchet_setup_refresh (const struct TALER_TransferSecretP *secret_seed,
}
/**
* Setup information for a fresh coin.
*
* @param[out] ps value to initialize
*/
void
TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps)
{
@ -234,17 +184,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps)
}
/**
* Prepare a planchet for tipping. Creates and blinds a coin.
*
* @param dk denomination key for the coin to be created
* @param ps secret planchet internals (for #TALER_planchet_to_coin)
* @param[out] c_hash set to the hash of the public key of the coin (needed later)
* @param[out] pd set to the planchet detail for TALER_MERCHANT_tip_pickup() and
* other withdraw operations
* @return #GNUNET_OK on success
*/
int
enum GNUNET_GenericReturnValue
TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
const struct TALER_PlanchetSecretsP *ps,
struct GNUNET_HashCode *c_hash,
@ -273,18 +213,7 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
}
/**
* Obtain a coin from the planchet's secrets and the blind signature
* of the exchange.
*
* @param dk denomination key, must match what was given to #TALER_planchet_prepare()
* @param blind_sig blind signature from the exchange
* @param ps secrets from #TALER_planchet_prepare()
* @param c_hash hash of the coin's public key for verification of the signature
* @param[out] coin set to the details of the fresh coin
* @return #GNUNET_OK on success
*/
int
enum GNUNET_GenericReturnValue
TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
const struct GNUNET_CRYPTO_RsaSignature *blind_sig,
const struct TALER_PlanchetSecretsP *ps,
@ -311,17 +240,6 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
}
/**
* Compute the commitment for a /refresh/melt operation from
* the respective public inputs.
*
* @param[out] rc set to the value the wallet must commit to
* @param kappa number of transfer public keys involved (must be #TALER_CNC_KAPPA)
* @param num_new_coins number of new coins to be created
* @param rcs commitments array of @a kappa commitments
* @param coin_pub public key of the coin to be melted
* @param amount_with_fee amount to be melted, including fee
*/
void
TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc,
uint32_t kappa,
@ -556,7 +474,6 @@ rsa_gcd_validate (gcry_mpi_t r, gcry_mpi_t n)
*
* @param hash initial hash of the message to sign
* @param pkey the public key of the signer
* @param rsize If not NULL, the number of bytes actually stored in buffer
* @return MPI value set to the FDH, NULL if RSA key is malicious
*/
static gcry_mpi_t
@ -598,7 +515,7 @@ rsa_full_domain_hash (const struct GNUNET_CRYPTO_RsaPublicKey *pkey,
/**
* Create a blinding key
*
* @param len length of the key in bits (i.e. 2048)
* @param pkey the public key to blind for
* @param bks pre-secret to use to derive the blinding key
* @return the newly created blinding key, NULL if RSA key is malicious
*/
@ -638,7 +555,7 @@ rsa_blinding_key_derive (const struct GNUNET_CRYPTO_RsaPublicKey *pkey,
* Print an MPI to a newly created buffer
*
* @param v MPI to print.
* @param[out] newly allocated buffer containing the result
* @param[out] buffer newly allocated buffer containing the result
* @return number of bytes stored in @a buffer
*/
static size_t
@ -669,17 +586,7 @@ numeric_mpi_alloc_n_print (gcry_mpi_t v,
#endif /* ! USE_GNUNET_RSA_BLINDING */
/**
* Blinds the given message with the given blinding key
*
* @param hash hash of the message to sign
* @param bkey the blinding key
* @param pkey the public key of the signer
* @param[out] buf set to a buffer with the blinded message to be signed
* @param[out] buf_size number of bytes stored in @a buf
* @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious
*/
int
enum GNUNET_GenericReturnValue
TALER_rsa_blind (const struct GNUNET_HashCode *hash,
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
struct GNUNET_CRYPTO_RsaPublicKey *pkey,
@ -710,7 +617,7 @@ TALER_rsa_blind (const struct GNUNET_HashCode *hash,
GNUNET_break (0);
*buf = NULL;
*buf_size = 0;
return 0;
return GNUNET_NO;
}
data = rsa_full_domain_hash (pkey, hash);
@ -758,16 +665,6 @@ rsa_gcd_validate_failure:
}
/**
* Unblind a blind-signed signature. The signature should have been generated
* with #GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with
* #GNUNET_CRYPTO_rsa_blind().
*
* @param sig the signature made on the blinded signature purpose
* @param bks the blinding key secret used to blind the signature purpose
* @param pkey the public key of the signer
* @return unblinded signature on success, NULL if RSA key is bad or malicious.
*/
struct GNUNET_CRYPTO_RsaSignature *
TALER_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,

3
src/util/crypto_helper_denom.c
View File

@ -663,7 +663,8 @@ void
TALER_CRYPTO_helper_denom_disconnect (
struct TALER_CRYPTO_DenominationHelper *dh)
{
do_disconnect (dh);
if (-1 != dh->sock)
do_disconnect (dh);
GNUNET_free (dh->template);
GNUNET_free (dh);
}

5
src/util/crypto_helper_esign.c
View File

@ -317,7 +317,7 @@ handle_mt_purge (struct TALER_CRYPTO_ExchangeSignHelper *esh,
/**
* Wait until the socket is ready to read.
*
* @param dh helper to wait for
* @param esh helper to wait for
* @return false on timeout (after 5s)
*/
static bool
@ -591,7 +591,8 @@ void
TALER_CRYPTO_helper_esign_disconnect (
struct TALER_CRYPTO_ExchangeSignHelper *esh)
{
do_disconnect (esh);
if (-1 != esh->sock)
do_disconnect (esh);
GNUNET_free (esh->template);
GNUNET_free (esh);
}

4
src/util/crypto_wire.c
View File

@ -53,7 +53,7 @@ TALER_exchange_wire_signature_hash (const char *payto_uri,
* @param master_sig signature of the exchange
* @return #GNUNET_OK if signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_wire_signature_check (
const char *payto_uri,
const struct TALER_MasterPublicKeyP *master_pub,
@ -143,7 +143,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri,
* @param merch_sig signature of the merchant
* @return #GNUNET_OK if signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_merchant_wire_signature_check (
const char *payto_uri,
const char *salt,

28
src/util/offline_signatures.c
View File

@ -47,17 +47,7 @@ TALER_exchange_offline_auditor_add_sign (
}
/**
* Verify auditor add signature.
*
* @param auditor_pub public key of the auditor
* @param auditor_url URL of the auditor
* @param start_date when to enable the auditor (for replay detection)
* @param master_pub public key to verify against
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_auditor_add_verify (
const struct TALER_AuditorPublicKeyP *auditor_pub,
const char *auditor_url,
@ -103,7 +93,7 @@ TALER_exchange_offline_auditor_del_sign (
}
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_auditor_del_verify (
const struct TALER_AuditorPublicKeyP *auditor_pub,
struct GNUNET_TIME_Absolute end_date,
@ -143,7 +133,7 @@ TALER_exchange_offline_denomination_revoke_sign (
}
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_denomination_revoke_verify (
const struct GNUNET_HashCode *h_denom_pub,
const struct TALER_MasterPublicKeyP *master_pub,
@ -183,7 +173,7 @@ TALER_exchange_offline_signkey_revoke_sign (
}
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_signkey_revoke_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
const struct TALER_MasterPublicKeyP *master_pub,
@ -231,7 +221,7 @@ TALER_exchange_offline_signkey_validity_sign (
}
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_signkey_validity_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
struct GNUNET_TIME_Absolute start_sign,
@ -305,7 +295,7 @@ TALER_exchange_offline_denom_validity_sign (
}
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_denom_validity_verify (
const struct GNUNET_HashCode *h_denom_pub,
struct GNUNET_TIME_Absolute stamp_start,
@ -374,7 +364,7 @@ TALER_exchange_offline_wire_add_sign (
}
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_add_verify (
const char *payto_uri,
struct GNUNET_TIME_Absolute sign_time,
@ -421,7 +411,7 @@ TALER_exchange_offline_wire_del_sign (
}
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_del_verify (
const char *payto_uri,
struct GNUNET_TIME_Absolute sign_time,
@ -475,7 +465,7 @@ TALER_exchange_offline_wire_fee_sign (
}
int
enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_fee_verify (
const char *payment_method,
struct GNUNET_TIME_Absolute start_time,

4
src/util/secmod_signatures.c
View File

@ -45,7 +45,7 @@ TALER_exchange_secmod_eddsa_sign (
}
int
enum GNUNET_GenericReturnValue
TALER_exchange_secmod_eddsa_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
struct GNUNET_TIME_Absolute start_sign,
@ -96,7 +96,7 @@ TALER_exchange_secmod_rsa_sign (
}
int
enum GNUNET_GenericReturnValue
TALER_exchange_secmod_rsa_verify (
const struct GNUNET_HashCode *h_denom_pub,
const char *section_name,

7
src/util/taler-helper-crypto-eddsa.c
View File

@ -18,11 +18,6 @@
* @brief Standalone process to perform private key EDDSA operations
* @author Christian Grothoff
*
* INTEGRATION NOTES:
* - Option 'DURATION_OVERLAP' renamed to 'OVERLAP_DURATION' for consistency;
* => need to update in deployment scripts and default configuration!
* - option 'KEY_DIR' moved from section 'exchange' to 'taler-helper-crypto-eddsa'!
*
* Key design points:
* - EVERY thread of the exchange will have its own pair of connections to the
* crypto helpers. This way, every threat will also have its own /keys state
@ -236,7 +231,7 @@ static char *keydir;
/**
* How much should coin creation duration overlap
* with the next key? Basically, the starting time of two
* keys is always #duration - #duration_overlap apart.
* keys is always #duration - #overlap_duration apart.
*/
static struct GNUNET_TIME_Relative overlap_duration;

7
src/util/taler-helper-crypto-rsa.c
View File

@ -18,11 +18,6 @@
* @brief Standalone process to perform private key RSA operations
* @author Christian Grothoff
*
* INTEGRATION NOTES:
* - Option 'DURATION_OVERLAP' renamed to 'OVERLAP_DURATION' for consistency;
* => need to update in deployment scripts and default configuration!
* - option 'KEY_DIR' moved from section 'exchange' to 'taler-helper-crypto-rsa'!
*
* Key design points:
* - EVERY thread of the exchange will have its own pair of connections to the
* crypto helpers. This way, every threat will also have its own /keys state
@ -288,7 +283,7 @@ static char *keydir;
/**
* How much should coin creation (@e duration_withdraw) duration overlap
* with the next denomination? Basically, the starting time of two
* denominations is always @e duration_withdraw - #duration_overlap apart.
* denominations is always @e duration_withdraw - #overlap_duration apart.
*/
static struct GNUNET_TIME_Relative overlap_duration;