diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 8984165e6..bf39c0aba 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -320,6 +320,11 @@ struct RefreshCommitResponseSignatureBody */ struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + /** + * Hash of the refresh session. + */ + struct GNUNET_HashCode session_hash; + /** * Index that the client will not have to reveal. */ diff --git a/src/mint/mint_db.h b/src/mint/mint_db.h index 48fb5ea39..403e1f394 100644 --- a/src/mint/mint_db.h +++ b/src/mint/mint_db.h @@ -444,7 +444,13 @@ struct RefreshSession */ struct GNUNET_CRYPTO_EddsaSignature commit_sig; - /** + /** + * Hash over coins to melt and coins to create of the + * refresh session. + */ + struct GNUNET_HashCode session_hash; + + /** * Signature over the melt by the client. */ struct GNUNET_CRYPTO_EddsaSignature melt_sig; diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index b20e88494..d9a172a40 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -588,6 +588,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, /* store 'global' session data */ session.melt_sig = *client_signature; + session.session_hash = *melt_hash; session.num_oldcoins = coin_count; session.num_newcoins = num_new_denoms; session.kappa = KAPPA; @@ -691,7 +692,8 @@ TALER_MINT_db_execute_refresh_commit (struct MHD_Connection *connection, { TALER_MINT_DB_rollback (db_conn); res = TALER_MINT_reply_refresh_commit_success (connection, - &refresh_session); + &refresh_session.session_hash, + refresh_session.noreveal_index); return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; } for (i = 0; i < kappa; i++) @@ -749,7 +751,9 @@ TALER_MINT_db_execute_refresh_commit (struct MHD_Connection *connection, return TALER_MINT_reply_commit_error (connection); } - return TALER_MINT_reply_refresh_commit_success (connection, &refresh_session); + return TALER_MINT_reply_refresh_commit_success (connection, + &refresh_session.session_hash, + refresh_session.noreveal_index); } diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c index 5625dc8c7..cfb3ba0f5 100644 --- a/src/mint/taler-mint-httpd_refresh.c +++ b/src/mint/taler-mint-httpd_refresh.c @@ -179,6 +179,7 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, /* check that signature from the session public key is ok */ hash_context = GNUNET_CRYPTO_hash_context_start (); + /* FIXME: also hash session public key here!? */ for (i = 0; i < num_new_denoms; i++) { buf_size = GNUNET_CRYPTO_rsa_public_key_encode (denom_pubs[i], diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c index 995f46bb8..21e208115 100644 --- a/src/mint/taler-mint-httpd_responses.c +++ b/src/mint/taler-mint-httpd_responses.c @@ -631,15 +631,15 @@ TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection, /** * Send a response to a "/refresh/commit" request. * - * FIXME: maybe not the ideal argument type for @a refresh_session here. - * * @param connection the connection to send the response to - * @param refresh_session the refresh session + * @param session_hash hash of the refresh session + * @param noreveal_index which index will the client not have to reveal * @return a MHD status code */ int TALER_MINT_reply_refresh_commit_success (struct MHD_Connection *connection, - const struct RefreshSession *refresh_session) + const struct GNUNET_HashCode *session_hash, + uint16_t noreveal_index) { struct RefreshCommitResponseSignatureBody body; struct GNUNET_CRYPTO_EddsaSignature sig; @@ -648,15 +648,17 @@ TALER_MINT_reply_refresh_commit_success (struct MHD_Connection *connection, body.purpose.size = htonl (sizeof (struct RefreshCommitResponseSignatureBody)); body.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_COMMIT_RESPONSE); - body.noreveal_index = htons (refresh_session->noreveal_index); + body.session_hash = *session_hash; + body.noreveal_index = htons (noreveal_index); TALER_MINT_keys_sign (&body.purpose, &sig); - sig_json = TALER_JSON_from_eddsa_sig (&body.purpose, &sig); + sig_json = TALER_JSON_from_eddsa_sig (&body.purpose, + &sig); GNUNET_assert (NULL != sig_json); ret = TALER_MINT_reply_json_pack (connection, MHD_HTTP_OK, "{s:i, s:o}", - "noreveal_index", (int) refresh_session->noreveal_index, + "noreveal_index", (int) noreveal_index, "signature", sig_json); json_decref (sig_json); return ret; diff --git a/src/mint/taler-mint-httpd_responses.h b/src/mint/taler-mint-httpd_responses.h index 08b88ea29..abfb4318c 100644 --- a/src/mint/taler-mint-httpd_responses.h +++ b/src/mint/taler-mint-httpd_responses.h @@ -249,15 +249,15 @@ TALER_MINT_reply_withdraw_sign_success (struct MHD_Connection *connection, /** * Send a response to a "/refresh/commit" request. * - * FIXME: maybe not the ideal argument type for @a refresh_session here. - * * @param connection the connection to send the response to - * @param refresh_session the refresh session + * @param session_hash hash of the refresh session + * @param noreveal_index which index will the client not have to reveal * @return a MHD status code */ int TALER_MINT_reply_refresh_commit_success (struct MHD_Connection *connection, - const struct RefreshSession *refresh_session); + const struct GNUNET_HashCode *session_hash, + uint16_t noreveal_index); /**