From b390d1a6e6afe5585b7aeaf0e169002cbf9cac4c Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Thu, 23 Jun 2022 23:09:45 +0200 Subject: [PATCH 1/9] -make econtract optional as per design --- .../taler-exchange-httpd_purses_create.c | 108 ++++++++++-------- 1 file changed, 58 insertions(+), 50 deletions(-) diff --git a/src/exchange/taler-exchange-httpd_purses_create.c b/src/exchange/taler-exchange-httpd_purses_create.c index cc5478d17..207be5d08 100644 --- a/src/exchange/taler-exchange-httpd_purses_create.c +++ b/src/exchange/taler-exchange-httpd_purses_create.c @@ -135,6 +135,12 @@ struct PurseCreateContext * Minimum age for deposits into this purse. */ uint32_t min_age; + + /** + * Do we have an @e econtract? + */ + bool no_econtract; + }; @@ -370,61 +376,64 @@ create_transaction (void *cls, } } /* 3) if present, persist contract */ - in_conflict = true; - qs = TEH_plugin->insert_contract (TEH_plugin->cls, - pcc->purse_pub, - &pcc->econtract, - &in_conflict); - if (qs < 0) + if (! pcc->no_econtract) { - if (GNUNET_DB_STATUS_SOFT_ERROR == qs) - return qs; - TALER_LOG_WARNING ("Failed to store purse information in database\n"); - *mhd_ret = TALER_MHD_reply_with_error (connection, - MHD_HTTP_INTERNAL_SERVER_ERROR, - TALER_EC_GENERIC_DB_STORE_FAILED, - "purse create contract"); - return GNUNET_DB_STATUS_HARD_ERROR; - } - if (in_conflict) - { - struct TALER_EncryptedContract econtract; - struct GNUNET_HashCode h_econtract; - - qs = TEH_plugin->select_contract_by_purse ( - TEH_plugin->cls, - pcc->purse_pub, - &econtract); - if (qs <= 0) + in_conflict = true; + qs = TEH_plugin->insert_contract (TEH_plugin->cls, + pcc->purse_pub, + &pcc->econtract, + &in_conflict); + if (qs < 0) { if (GNUNET_DB_STATUS_SOFT_ERROR == qs) return qs; - GNUNET_break (0 != qs); - TALER_LOG_WARNING ( - "Failed to store fetch contract information from database\n"); + TALER_LOG_WARNING ("Failed to store purse information in database\n"); *mhd_ret = TALER_MHD_reply_with_error (connection, MHD_HTTP_INTERNAL_SERVER_ERROR, - TALER_EC_GENERIC_DB_FETCH_FAILED, - "select contract"); + TALER_EC_GENERIC_DB_STORE_FAILED, + "purse create contract"); + return GNUNET_DB_STATUS_HARD_ERROR; + } + if (in_conflict) + { + struct TALER_EncryptedContract econtract; + struct GNUNET_HashCode h_econtract; + + qs = TEH_plugin->select_contract_by_purse ( + TEH_plugin->cls, + pcc->purse_pub, + &econtract); + if (qs <= 0) + { + if (GNUNET_DB_STATUS_SOFT_ERROR == qs) + return qs; + GNUNET_break (0 != qs); + TALER_LOG_WARNING ( + "Failed to store fetch contract information from database\n"); + *mhd_ret = TALER_MHD_reply_with_error (connection, + MHD_HTTP_INTERNAL_SERVER_ERROR, + TALER_EC_GENERIC_DB_FETCH_FAILED, + "select contract"); + return GNUNET_DB_STATUS_HARD_ERROR; + } + GNUNET_CRYPTO_hash (econtract.econtract, + econtract.econtract_size, + &h_econtract); + *mhd_ret + = TALER_MHD_REPLY_JSON_PACK ( + connection, + MHD_HTTP_CONFLICT, + TALER_JSON_pack_ec ( + TALER_EC_EXCHANGE_PURSE_ECONTRACT_CONFLICTING_META_DATA), + GNUNET_JSON_pack_data_auto ("h_econtract", + &h_econtract), + GNUNET_JSON_pack_data_auto ("econtract_sig", + &econtract.econtract_sig), + GNUNET_JSON_pack_data_auto ("contract_pub", + &econtract.contract_pub)); + GNUNET_free (econtract.econtract); return GNUNET_DB_STATUS_HARD_ERROR; } - GNUNET_CRYPTO_hash (econtract.econtract, - econtract.econtract_size, - &h_econtract); - *mhd_ret - = TALER_MHD_REPLY_JSON_PACK ( - connection, - MHD_HTTP_CONFLICT, - TALER_JSON_pack_ec ( - TALER_EC_EXCHANGE_PURSE_ECONTRACT_CONFLICTING_META_DATA), - GNUNET_JSON_pack_data_auto ("h_econtract", - &h_econtract), - GNUNET_JSON_pack_data_auto ("econtract_sig", - &econtract.econtract_sig), - GNUNET_JSON_pack_data_auto ("contract_pub", - &econtract.contract_pub)); - GNUNET_free (econtract.econtract); - return GNUNET_DB_STATUS_HARD_ERROR; } return qs; } @@ -664,7 +673,6 @@ TEH_handler_purses_create ( json_t *deposits; json_t *deposit; unsigned int idx; - bool no_econtract = true; struct GNUNET_JSON_Specification spec[] = { TALER_JSON_spec_amount ("amount", TEH_currency, @@ -674,7 +682,7 @@ TEH_handler_purses_create ( GNUNET_JSON_spec_mark_optional ( TALER_JSON_spec_econtract ("econtract", &pcc.econtract), - &no_econtract), + &pcc.no_econtract), GNUNET_JSON_spec_fixed_auto ("merge_pub", &pcc.merge_pub), GNUNET_JSON_spec_fixed_auto ("purse_sig", @@ -815,7 +823,7 @@ TEH_handler_purses_create ( TALER_EC_EXCHANGE_PURSE_CREATE_SIGNATURE_INVALID, NULL); } - if ( (! no_econtract) && + if ( (! pcc.no_econtract) && (GNUNET_OK != TALER_wallet_econtract_upload_verify (pcc.econtract.econtract, pcc.econtract.econtract_size, From 6dfa18c2c498b062fcdcfa1deafd2e118b1a0554 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Fri, 24 Jun 2022 13:08:27 +0200 Subject: [PATCH 2/9] -fix path --- src/auditor/batch.conf | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/auditor/batch.conf b/src/auditor/batch.conf index ad0912882..bdbef4b19 100644 --- a/src/auditor/batch.conf +++ b/src/auditor/batch.conf @@ -1,6 +1,3 @@ -[arm] -CONFIG = /research/taler/exchange/src/auditor/batch.conf - [benchmark] MERCHANT_DETAILS = merchant_details.json BANK_DETAILS = bank_details.json From 40856734e81bfd4536ca68838502573d0f15d31e Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Fri, 24 Jun 2022 13:08:57 +0200 Subject: [PATCH 3/9] -fix path --- src/auditor/auditor-basedb.conf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/auditor/auditor-basedb.conf b/src/auditor/auditor-basedb.conf index 7edd7376d..5f864849f 100644 --- a/src/auditor/auditor-basedb.conf +++ b/src/auditor/auditor-basedb.conf @@ -1,6 +1,3 @@ -[arm] -CONFIG = /research/taler/exchange/src/auditor/auditor-basedb.conf - [benchmark] MERCHANT_DETAILS = merchant_details.json BANK_DETAILS = bank_details.json @@ -184,4 +181,3 @@ TALER_CACHE_HOME = $TALER_HOME/.cache/taler/ TALER_CONFIG_HOME = $TALER_HOME/.config/taler/ TALER_DATA_HOME = $TALER_HOME/.local/share/taler/ TALER_HOME = ${PWD}/generate_auditordb_home/ - From 64ad01dba77b64e2a787992a095292c8f681dad4 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Fri, 24 Jun 2022 13:10:23 +0200 Subject: [PATCH 4/9] -add auditor_priv_file --- src/auditor/revoke-basedb.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/auditor/revoke-basedb.conf b/src/auditor/revoke-basedb.conf index da440c60a..e1c55523e 100644 --- a/src/auditor/revoke-basedb.conf +++ b/src/auditor/revoke-basedb.conf @@ -3,6 +3,9 @@ DB = postgres TINY_AMOUNT = TESTKUDOS:0.01 BASE_URL = http://localhost:8083/ +# Where do we store the auditor's private key? +AUDITOR_PRIV_FILE = ${TALER_DATA_HOME}/auditor/offline-keys/auditor.priv + [exchange-account-1] PAYTO_URI = payto://x-taler-bank/localhost/Exchange enable_debit = yes From 5b800f800a01842346f1a320545d45c062aabf03 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 25 Jun 2022 20:38:31 +0200 Subject: [PATCH 5/9] -fix misc doxygen warnings, code clean up --- contrib/microhttpd.tag | 6 + src/auditor/taler-helper-auditor-coins.c | 3 +- src/auditor/taler-helper-auditor-reserves.c | 15 +- src/auditordb/plugin_auditordb_postgres.c | 2 + src/exchange-tools/taler-exchange-offline.c | 2 +- src/exchange/taler-exchange-httpd.c | 2 +- src/exchange/taler-exchange-httpd_keys.h | 2 - .../taler-exchange-httpd_purses_create.c | 4 +- .../taler-exchange-httpd_purses_deposit.c | 4 +- .../taler-exchange-httpd_recoup-refresh.c | 1 + src/exchange/taler-exchange-httpd_recoup.c | 1 + .../taler-exchange-httpd_reserves_history.c | 2 +- .../taler-exchange-httpd_reserves_purse.h | 2 +- .../taler-exchange-httpd_reserves_status.c | 2 +- src/exchangedb/plugin_exchangedb_postgres.c | 17 +- src/include/taler_crypto_lib.h | 162 ++++++++++++++---- src/include/taler_exchange_service.h | 24 +-- src/include/taler_exchangedb_plugin.h | 25 ++- src/include/taler_testing_lib.h | 1 + src/lib/auditor_api_deposit_confirmation.c | 1 + src/lib/exchange_api_batch_withdraw.c | 3 +- src/lib/exchange_api_common.h | 2 +- src/lib/exchange_api_deposits_get.c | 1 - .../exchange_api_management_post_extensions.c | 6 +- src/lib/exchange_api_melt.c | 1 + src/testing/testing_api_cmd_refresh.c | 21 +-- src/testing/testing_api_cmd_reserve_history.c | 2 +- src/testing/testing_api_cmd_reserve_status.c | 2 +- src/util/merchant_signatures.c | 12 +- 29 files changed, 221 insertions(+), 107 deletions(-) diff --git a/contrib/microhttpd.tag b/contrib/microhttpd.tag index 018723697..4780028dd 100644 --- a/contrib/microhttpd.tag +++ b/contrib/microhttpd.tag @@ -22,6 +22,12 @@ microhttpd.h + + #define + MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS + microhttpd.h + + #define MHD_HTTP_BAD_REQUEST diff --git a/src/auditor/taler-helper-auditor-coins.c b/src/auditor/taler-helper-auditor-coins.c index 8021b3982..56afdeb90 100644 --- a/src/auditor/taler-helper-auditor-coins.c +++ b/src/auditor/taler-helper-auditor-coins.c @@ -1207,6 +1207,7 @@ check_known_coin ( * @param cls closure * @param rowid unique serial ID for the refresh session in our DB * @param denom_pub denomination public key of @a coin_pub + * @param h_age_commitment hash of the age commitment for the coin * @param coin_pub public key of the coin * @param coin_sig signature from the coin * @param amount_with_fee amount that was deposited including fee @@ -2281,7 +2282,7 @@ recoup_refresh_cb (void *cls, * * @param cls closure, NULL * @param denom_pub public key, sometimes NULL (!) - * @param validity issuing information with value, fees and other info about the denomination. + * @param issue issuing information with value, fees and other info about the denomination. */ static void check_denomination ( diff --git a/src/auditor/taler-helper-auditor-reserves.c b/src/auditor/taler-helper-auditor-reserves.c index a3976bc9a..f0c92c260 100644 --- a/src/auditor/taler-helper-auditor-reserves.c +++ b/src/auditor/taler-helper-auditor-reserves.c @@ -1262,7 +1262,6 @@ verify_reserve_balance (void *cls, * @param rowid unique serial ID for the deposit in our DB * @param deposit deposit details * @param reserve_pub which reserve is the purse merged into, NULL if unknown - * @param auditor_balance balance of the purse calculated by auditor * @param flags purse flags * @param auditor_balance purse balance (according to the * auditor during auditing) @@ -1530,6 +1529,16 @@ handle_purse_merged ( * * @param cls closure * @param rowid unique serial ID for the deposit in our DB + * @param reserve_pub reserve affected by the merge + * @param purse_pub purse being merged + * @param h_contract_terms hash over contract of the purse + * @param purse_expiration when would the purse expire + * @param amount total amount in the purse + * @param min_age minimum age of all coins deposited into the purse + * @param flags how was the purse created + * @param purse_fee if a purse fee was paid, how high is it + * @param merge_timestamp when was the merge approved + * @param reserve_sig signature by reserve approving the merge * @return #GNUNET_OK to continue to iterate, #GNUNET_SYSERR to stop */ static enum GNUNET_GenericReturnValue @@ -1604,6 +1613,10 @@ handle_account_merged ( * * @param cls closure * @param rowid unique serial ID for the deposit in our DB + * @param history_fee fee paid for the request + * @param ts timestamp of the request + * @param reserve_pub reserve history was requested for + * @param reserve_sig signature approving the @a history_fee * @return #GNUNET_OK to continue to iterate, #GNUNET_SYSERR to stop */ static enum GNUNET_GenericReturnValue diff --git a/src/auditordb/plugin_auditordb_postgres.c b/src/auditordb/plugin_auditordb_postgres.c index 3efc67220..971893204 100644 --- a/src/auditordb/plugin_auditordb_postgres.c +++ b/src/auditordb/plugin_auditordb_postgres.c @@ -2068,6 +2068,8 @@ postgres_insert_reserve_summary ( * @param reserve_balance amount stored in the reserve * @param withdraw_fee_balance amount the exchange gained in withdraw fees * due to withdrawals from this reserve + * @param purse_fee_balance amount the exchange gained in purse fees + * @param history_fee_balance amount the exchange gained in history fees * @return transaction status code */ static enum GNUNET_DB_QueryStatus diff --git a/src/exchange-tools/taler-exchange-offline.c b/src/exchange-tools/taler-exchange-offline.c index 8d8c4c62b..41cd2597e 100644 --- a/src/exchange-tools/taler-exchange-offline.c +++ b/src/exchange-tools/taler-exchange-offline.c @@ -729,7 +729,7 @@ do_shutdown (void *cls) GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Aborting incomplete extensions signature upload #%u\n", (unsigned int) uer->idx); - TALER_EXCHANGE_post_management_extensions_cancel (uer->h); + TALER_EXCHANGE_management_post_extensions_cancel (uer->h); GNUNET_CONTAINER_DLL_remove (uer_head, uer_tail, uer); diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 71edae65d..5f400bd80 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -426,7 +426,7 @@ handle_post_reserves (struct TEH_RequestContext *rc, /** * Signature of functions that handle operations on purses. * - * @param rc request context + * @param connection HTTP request handle * @param purse_pub the public key of the purse * @param root uploaded JSON data * @return MHD result code diff --git a/src/exchange/taler-exchange-httpd_keys.h b/src/exchange/taler-exchange-httpd_keys.h index d8fe81e5c..1edf9c46d 100644 --- a/src/exchange/taler-exchange-httpd_keys.h +++ b/src/exchange/taler-exchange-httpd_keys.h @@ -246,7 +246,6 @@ TEH_keys_denomination_by_hash2 ( * * @param h_denom_pub hash of the public key to use to sign * @param bp blinded planchet to sign - * @param is_melt should we use the KDF for melting? * @param[out] bs set to the blind signature on success * @return #TALER_EC_NONE on success */ @@ -263,7 +262,6 @@ TEH_keys_denomination_sign_withdraw ( * * @param h_denom_pub hash of the public key to use to sign * @param bp blinded planchet to sign - * @param is_melt should we use the KDF for melting? * @param[out] bs set to the blind signature on success * @return #TALER_EC_NONE on success */ diff --git a/src/exchange/taler-exchange-httpd_purses_create.c b/src/exchange/taler-exchange-httpd_purses_create.c index 207be5d08..a981ba582 100644 --- a/src/exchange/taler-exchange-httpd_purses_create.c +++ b/src/exchange/taler-exchange-httpd_purses_create.c @@ -443,8 +443,8 @@ create_transaction (void *cls, * Parse a coin and check signature of the coin and the denomination * signature over the coin. * - * @param[in,out] our HTTP connection - * @param[in,out] request context + * @param[in,out] connection our HTTP connection + * @param[in,out] pcc request context * @param[out] coin coin to initialize * @param jcoin coin to parse * @return #GNUNET_OK on success, #GNUNET_NO if an error was returned, diff --git a/src/exchange/taler-exchange-httpd_purses_deposit.c b/src/exchange/taler-exchange-httpd_purses_deposit.c index b7182e0cf..50ed582ad 100644 --- a/src/exchange/taler-exchange-httpd_purses_deposit.c +++ b/src/exchange/taler-exchange-httpd_purses_deposit.c @@ -287,8 +287,8 @@ deposit_transaction (void *cls, * Parse a coin and check signature of the coin and the denomination * signature over the coin. * - * @param[in,out] our HTTP connection - * @param[in,out] request context + * @param[in,out] connection our HTTP connection + * @param[in,out] pcc request context * @param[out] coin coin to initialize * @param jcoin coin to parse * @return #GNUNET_OK on success, #GNUNET_NO if an error was returned, diff --git a/src/exchange/taler-exchange-httpd_recoup-refresh.c b/src/exchange/taler-exchange-httpd_recoup-refresh.c index 79e99950d..d52dabda0 100644 --- a/src/exchange/taler-exchange-httpd_recoup-refresh.c +++ b/src/exchange/taler-exchange-httpd_recoup-refresh.c @@ -166,6 +166,7 @@ recoup_refresh_transaction (void *cls, * @param exchange_vals values contributed by the exchange * during refresh * @param coin_bks blinding data of the coin (to be checked) + * @param nonce withdraw nonce (if CS is used) * @param coin_sig signature of the coin * @return MHD result code */ diff --git a/src/exchange/taler-exchange-httpd_recoup.c b/src/exchange/taler-exchange-httpd_recoup.c index bf17d9c20..349c2b94a 100644 --- a/src/exchange/taler-exchange-httpd_recoup.c +++ b/src/exchange/taler-exchange-httpd_recoup.c @@ -169,6 +169,7 @@ recoup_transaction (void *cls, * @param exchange_vals values contributed by the exchange * during withdrawal * @param coin_bks blinding data of the coin (to be checked) + * @param nonce coin's nonce if CS is used * @param coin_sig signature of the coin * @return MHD result code */ diff --git a/src/exchange/taler-exchange-httpd_reserves_history.c b/src/exchange/taler-exchange-httpd_reserves_history.c index 1392dfc5a..2c9362447 100644 --- a/src/exchange/taler-exchange-httpd_reserves_history.c +++ b/src/exchange/taler-exchange-httpd_reserves_history.c @@ -80,7 +80,7 @@ struct ReserveHistoryContext * Send reserve history to client. * * @param connection connection to the client - * @param rh reserve history to return + * @param rhc reserve history to return * @return MHD result code */ static MHD_RESULT diff --git a/src/exchange/taler-exchange-httpd_reserves_purse.h b/src/exchange/taler-exchange-httpd_reserves_purse.h index 6d899a912..017e357d2 100644 --- a/src/exchange/taler-exchange-httpd_reserves_purse.h +++ b/src/exchange/taler-exchange-httpd_reserves_purse.h @@ -33,7 +33,7 @@ * will ultimately lead to the "purses create" being executed, or rejected. * * @param rc request context - * @param purse_pub public key of the purse + * @param reserve_pub public key of the reserve * @param root uploaded JSON data * @return MHD result code */ diff --git a/src/exchange/taler-exchange-httpd_reserves_status.c b/src/exchange/taler-exchange-httpd_reserves_status.c index 69931e242..5b7becb94 100644 --- a/src/exchange/taler-exchange-httpd_reserves_status.c +++ b/src/exchange/taler-exchange-httpd_reserves_status.c @@ -69,7 +69,7 @@ struct ReserveStatusContext * Send reserve status to client. * * @param connection connection to the client - * @param rh reserve history to return + * @param rhc reserve history to return * @return MHD result code */ static MHD_RESULT diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index d367a0c54..74424e63e 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -6188,6 +6188,7 @@ postgres_do_deposit ( * of the coin and possibly persisting the melt details. * * @param cls the `struct PostgresClosure` with the plugin-specific state + * @param rms client-contributed input for CS denominations that must be checked for idempotency, or NULL for non-CS withdrawals * @param[in,out] refresh refresh operation details; the noreveal_index * is set in case the coin was already melted before * @param known_coin_id row of the coin in the known_coins table @@ -9694,12 +9695,14 @@ postgres_insert_wire_fee (void *cls, * Insert global fee data into database. * * @param cls closure - * @param start_date when does the fee go into effect + * @param start_date when does the fees go into effect + * @param end_date when does the fees end being valid * @param fees how high is are the global fees * @param purse_timeout when do purses time out * @param kyc_timeout when do reserves without KYC time out * @param history_expiration how long are account histories preserved - * @param purse_account_limit how many purses are free per account * @param master_sig signature over the above by the exchange master key + * @param purse_account_limit how many purses are free per account + * @param master_sig signature over the above by the exchange master key * @return transaction status code */ static enum GNUNET_DB_QueryStatus @@ -15293,7 +15296,7 @@ postgres_select_purse_request ( * @param[out] in_conflict set to true if the meta data * conflicts with an existing purse; * in this case, the return value will be - * #GNUNET_DB_STATUS_SUCCESS_ONE despite the failure + * #GNUNET_DB_STATUS_SUCCESS_ONE_RESULT despite the failure * @return transaction status code */ static enum GNUNET_DB_QueryStatus @@ -15541,7 +15544,9 @@ postgres_select_purse_by_merge_pub ( * @param[out] balance_ok set to false if the coin's * remaining balance is below @a amount; * in this case, the return value will be - * #GNUNET_DB_STATUS_SUCCESS_ONE despite the failure + * #GNUNET_DB_STATUS_SUCCESS_ONE_RESULT despite the failure + * @param[out] conflict set to true if the deposit failed due to a conflict (coin already spent, + * or deposited into this purse with a different amount) * @return transaction status code */ static enum GNUNET_DB_QueryStatus @@ -15891,7 +15896,7 @@ postgres_insert_history_request ( const struct TALER_ReservePublicKeyP *reserve_pub, const struct TALER_ReserveSignatureP *reserve_sig, struct GNUNET_TIME_Timestamp request_timestamp, - const struct TALER_Amount *history, + const struct TALER_Amount *history_fee, bool *balance_ok, bool *idempotent) { @@ -15900,7 +15905,7 @@ postgres_insert_history_request ( GNUNET_PQ_query_param_auto_from_type (reserve_pub), GNUNET_PQ_query_param_auto_from_type (reserve_sig), GNUNET_PQ_query_param_timestamp (&request_timestamp), - TALER_PQ_query_param_amount (history), + TALER_PQ_query_param_amount (history_fee), GNUNET_PQ_query_param_end }; struct GNUNET_PQ_ResultSpec rs[] = { diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 63fb56cee..37ee1b9ad 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -2872,7 +2872,7 @@ TALER_wallet_purse_status_sign ( * Verify a purse status request signature. * * @param purse_pub purse’s public key - * @param purse_sig the signature made with purpose #TALER_SIGNATURE_WALLET_PURSE_STATUS_REQUEST + * @param purse_sig the signature made with purpose #TALER_SIGNATURE_WALLET_PURSE_STATUS * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue @@ -3155,7 +3155,7 @@ TALER_wallet_deposit_verify ( const struct TALER_Amount *deposit_fee, const struct TALER_MerchantWireHashP *h_wire, const struct TALER_PrivateContractHashP *h_contract_terms, - const struct TALER_AgeCommitmentHash *h_commitment_hash, + const struct TALER_AgeCommitmentHash *h_age_commitment, const struct TALER_ExtensionContractHashP *h_extensions, const struct TALER_DenominationHashP *h_denom_pub, struct GNUNET_TIME_Timestamp wallet_timestamp, @@ -3389,7 +3389,7 @@ TALER_wallet_reserve_history_verify ( * * @param ts timestamp used * @param history_fee how much do we expect to pay - * @param reserve_pub reserve the history request is for + * @param reserve_priv private key of the reserve the history request is for * @param[out] reserve_sig resulting signature */ void @@ -3419,7 +3419,7 @@ TALER_wallet_reserve_status_verify ( * Create reserve status request signature. * * @param ts timestamp used - * @param reserve_pub reserve the status request is for + * @param reserve_priv private key of the reserve the status request is for * @param[out] reserve_sig resulting signature */ void @@ -3481,7 +3481,6 @@ TALER_merchant_refund_verify ( * @param h_contract_terms hash of contract terms * @param h_wire hash of the merchant account details * @param coin_pub coin to be deposited - * @param merchant_pub merchant public key * @param merchant_priv private key to sign with * @param[out] merchant_sig where to write the signature */ @@ -3490,15 +3489,15 @@ TALER_merchant_deposit_sign ( const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_MerchantWireHashP *h_wire, const struct TALER_CoinSpendPublicKeyP *coin_pub, - const struct TALER_MerchantPublicKeyP *merchant_pub, const struct TALER_MerchantPrivateKeyP *merchant_priv, struct TALER_MerchantSignatureP *merchant_sig); + /** * Verify a deposit. * * @param merchant merchant public key - * @param public key of the deposited coin + * @param coin_pub public key of the deposited coin * @param h_contract_terms hash of contract terms * @param h_wire hash of the merchant account details * @param merchant_sig signature of the merchant @@ -3602,6 +3601,7 @@ TALER_exchange_online_deposit_confirmation_sign ( * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests) * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_deposit_confirmation_verify ( @@ -3622,9 +3622,13 @@ TALER_exchange_online_deposit_confirmation_verify ( * Create refund confirmation signature. * * @param scb function to call to create the signature - * @param XXX wire transfer subject used - * @param[out] pub where to write the public key - * @param[out] sig where to write the signature + * @param h_contract_terms hash of contract being refunded + * @param coin_pub public key of the coin receiving the refund + * @param merchant public key of the merchant that granted the refund + * @param rtransaction_id refund transaction ID used by the merchant + * @param refund_amount amount refunded + * @param[out] pub where to write the exchange public key + * @param[out] sig where to write the exchange signature */ enum TALER_ErrorCode TALER_exchange_online_refund_confirmation_sign ( @@ -3641,8 +3645,14 @@ TALER_exchange_online_refund_confirmation_sign ( /** * Verify refund confirmation signature. * + * @param h_contract_terms hash of contract being refunded + * @param coin_pub public key of the coin receiving the refund + * @param merchant public key of the merchant that granted the refund + * @param rtransaction_id refund transaction ID used by the merchant + * @param refund_amount amount refunded * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_refund_confirmation_verify ( @@ -3659,9 +3669,10 @@ TALER_exchange_online_refund_confirmation_verify ( * Create refresh melt confirmation signature. * * @param scb function to call to create the signature - * @param XXX - * @param[out] pub where to write the public key - * @param[out] sig where to write the signature + * @param rc refresh commitment that identifies the melt operation + * @param noreveal_index gamma cut-and-choose value chosen by the exchange + * @param[out] pub where to write the exchange public key + * @param[out] sig where to write the exchange signature */ enum TALER_ErrorCode TALER_exchange_online_melt_confirmation_sign ( @@ -3675,8 +3686,11 @@ TALER_exchange_online_melt_confirmation_sign ( /** * Verify refresh melt confirmation signature. * + * @param rc refresh commitment that identifies the melt operation + * @param noreveal_index gamma cut-and-choose value chosen by the exchange * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_melt_confirmation_verify ( @@ -3690,6 +3704,7 @@ TALER_exchange_online_melt_confirmation_verify ( * Create exchange key set signature. * * @param scb function to call to create the signature + * @param cls closure for @a scb * @param timestamp time when the key set was issued * @param hc hash over all the keys * @param[out] pub where to write the public key @@ -3712,6 +3727,7 @@ TALER_exchange_online_key_set_sign ( * @param hc hash over all the keys * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_key_set_verify ( @@ -3746,6 +3762,7 @@ TALER_exchange_online_account_setup_success_sign ( * @param timestamp time when the KYC was confirmed * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_account_setup_success_verify ( @@ -3755,6 +3772,7 @@ TALER_exchange_online_account_setup_success_verify ( const struct TALER_ExchangeSignatureP *sig); +// FIXME: document!?! void TALER_exchange_online_wire_deposit_append ( struct GNUNET_HashContext *hash_context, @@ -3769,7 +3787,11 @@ TALER_exchange_online_wire_deposit_append ( * Create wire deposit signature. * * @param scb function to call to create the signature - * @param XXX + * @param total amount the merchant was credited + * @param wire_fee fee charged by the exchange for the wire transfer + * @param merchant_pub which merchant was credited + * @param payto payto://-URI of the merchant account + * @param h_details hash over the aggregation details * @param[out] pub where to write the public key * @param[out] sig where to write the signature */ @@ -3788,8 +3810,14 @@ TALER_exchange_online_wire_deposit_sign ( /** * Verify wire deposit signature. * + * @param total amount the merchant was credited + * @param wire_fee fee charged by the exchange for the wire transfer + * @param merchant_pub which merchant was credited + * @param h_payto hash of the payto://-URI of the merchant account + * @param h_details hash over the aggregation details * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_wire_deposit_verify ( @@ -3806,7 +3834,12 @@ TALER_exchange_online_wire_deposit_verify ( * Create wire confirmation signature. * * @param scb function to call to create the signature - * @param XXX + * @param h_wire hash of the merchant's account + * @param h_contract_terms hash of the contract + * @param wtid wire transfer this deposit was aggregated into + * @param coin_pub public key of the deposited coin + * @param execution_time when was wire transfer initiated + * @param coin_contribution what was @a coin_pub's contribution to the wire transfer * @param[out] pub where to write the public key * @param[out] sig where to write the signature */ @@ -3826,8 +3859,15 @@ TALER_exchange_online_confirm_wire_sign ( /** * Verify confirm wire signature. * + * @param h_wire hash of the merchant's account + * @param h_contract_terms hash of the contract + * @param wtid wire transfer this deposit was aggregated into + * @param coin_pub public key of the deposited coin + * @param execution_time when was wire transfer initiated + * @param coin_contribution what was @a coin_pub's contribution to the wire transfer * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_confirm_wire_verify ( @@ -3845,7 +3885,10 @@ TALER_exchange_online_confirm_wire_verify ( * Create confirm recoup signature. * * @param scb function to call to create the signature - * @param XXX + * @param timestamp when was the recoup done + * @param recoup_amount how much was recouped + * @param coin_pub coin that was recouped + * @param reserve_pub reserve that was credited * @param[out] pub where to write the public key * @param[out] sig where to write the signature */ @@ -3863,8 +3906,13 @@ TALER_exchange_online_confirm_recoup_sign ( /** * Verify confirm recoup signature. * + * @param timestamp when was the recoup done + * @param recoup_amount how much was recouped + * @param coin_pub coin that was recouped + * @param reserve_pub reserve that was credited * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_confirm_recoup_verify ( @@ -3880,7 +3928,10 @@ TALER_exchange_online_confirm_recoup_verify ( * Create confirm recoup refresh signature. * * @param scb function to call to create the signature - * @param XXX + * @param timestamp when was the recoup done + * @param recoup_amount how much was recouped + * @param coin_pub coin that was recouped + * @param old_coin_pub old coin that was credited * @param[out] pub where to write the public key * @param[out] sig where to write the signature */ @@ -3898,8 +3949,13 @@ TALER_exchange_online_confirm_recoup_refresh_sign ( /** * Verify confirm recoup refresh signature. * + * @param timestamp when was the recoup done + * @param recoup_amount how much was recouped + * @param coin_pub coin that was recouped + * @param old_coin_pub old coin that was credited * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_confirm_recoup_refresh_verify ( @@ -3915,7 +3971,8 @@ TALER_exchange_online_confirm_recoup_refresh_verify ( * Create denomination unknown signature. * * @param scb function to call to create the signature - * @param XXX + * @param timestamp when was the error created + * @param h_denom_pub hash of denomination that is unknown * @param[out] pub where to write the public key * @param[out] sig where to write the signature */ @@ -3931,8 +3988,11 @@ TALER_exchange_online_denomination_unknown_sign ( /** * Verify denomination unknown signature. * + * @param timestamp when was the error created + * @param h_denom_pub hash of denomination that is unknown * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_denomination_unknown_verify ( @@ -3946,7 +4006,10 @@ TALER_exchange_online_denomination_unknown_verify ( * Create denomination expired signature. * * @param scb function to call to create the signature - * @param XXX + * @param timestamp when was the error created + * @param h_denom_pub hash of denomination that is expired + * @param op character string describing the operation for which + * the denomination is expired * @param[out] pub where to write the public key * @param[out] sig where to write the signature */ @@ -3963,8 +4026,13 @@ TALER_exchange_online_denomination_expired_sign ( /** * Verify denomination expired signature. * + * @param timestamp when was the error created + * @param h_denom_pub hash of denomination that is expired + * @param op character string describing the operation for which + * the denomination is expired * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_denomination_expired_verify ( @@ -4012,6 +4080,7 @@ TALER_exchange_online_reserve_closed_sign ( * @param reserve_pub public key of the closed reserve * @param pub where to write the public key * @param sig where to write the signature + * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue TALER_exchange_online_reserve_closed_verify ( @@ -4025,6 +4094,7 @@ TALER_exchange_online_reserve_closed_verify ( const struct TALER_ExchangeSignatureP *sig); +// FIXME: document! enum TALER_ErrorCode TALER_exchange_online_purse_created_sign ( TALER_ExchangeSignCallback scb, @@ -4038,6 +4108,7 @@ TALER_exchange_online_purse_created_sign ( struct TALER_ExchangeSignatureP *sig); +// FIXME: document! enum GNUNET_GenericReturnValue TALER_exchange_online_purse_created_verify ( struct GNUNET_TIME_Timestamp exchange_time, @@ -4049,7 +4120,7 @@ TALER_exchange_online_purse_created_verify ( const struct TALER_ExchangePublicKeyP *pub, const struct TALER_ExchangeSignatureP *sig); - +// FIXME: document! enum TALER_ErrorCode TALER_exchange_online_purse_merged_sign ( TALER_ExchangeSignCallback scb, @@ -4064,6 +4135,7 @@ TALER_exchange_online_purse_merged_sign ( struct TALER_ExchangeSignatureP *sig); +// FIXME: document! enum GNUNET_GenericReturnValue TALER_exchange_online_purse_merged_verify ( struct GNUNET_TIME_Timestamp exchange_time, @@ -4077,6 +4149,7 @@ TALER_exchange_online_purse_merged_verify ( const struct TALER_ExchangeSignatureP *sig); +// FIXME: document! enum TALER_ErrorCode TALER_exchange_online_purse_status_sign ( TALER_ExchangeSignCallback scb, @@ -4087,6 +4160,7 @@ TALER_exchange_online_purse_status_sign ( struct TALER_ExchangeSignatureP *sig); +// FIXME: document! enum GNUNET_GenericReturnValue TALER_exchange_online_purse_status_verify ( struct GNUNET_TIME_Timestamp merge_timestamp, @@ -4780,6 +4854,7 @@ TALER_merchant_pay_sign ( const struct TALER_MerchantPrivateKeyP *merch_priv, struct GNUNET_CRYPTO_EddsaSignature *merch_sig); + /** * Verify payment confirmation signature. * @@ -4841,7 +4916,8 @@ TALER_exchange_offline_extension_config_hash_verify ( const struct TALER_MasterSignatureP *master_sig ); -/* + +/** * @brief Representation of an age commitment: one public key per age group. * * The number of keys must be be the same as the number of bits set in the @@ -4850,30 +4926,37 @@ TALER_exchange_offline_extension_config_hash_verify ( struct TALER_AgeCommitment { - /* The age mask defines the age groups that were a parameter during the - * generation of this age commitment */ + /** + * The age mask defines the age groups that were a parameter during the + * generation of this age commitment + */ struct TALER_AgeMask mask; - /* The number of public keys, which must be the same as the number of + /** + * The number of public keys, which must be the same as the number of * groups in the mask. */ size_t num; - /* The list of #num_pub public keys. In must have same size as the number of + /** + * The list of @e num public keys. In must have same size as the number of * age groups defined in the mask. * * A hash of this list is the hashed commitment that goes into FDC * calculation during the withdraw and refresh operations for new coins. That * way, the particular age commitment becomes mandatory and bound to a coin. * - * The list has been allocated via GNUNET_malloc. + * The list has been allocated via GNUNET_malloc(). */ struct TALER_AgeCommitmentPublicKeyP *keys; }; + +// FIXME-oec: document! struct TALER_AgeProof { - /* The number of private keys, which must be at most num_pub_keys. One minus + /** + * The number of private keys, which must be at most num_pub_keys. One minus * this number corresponds to the largest age group that is supported with * this age commitment. * **Note**, that this and the next field are only relevant on the wallet @@ -4881,7 +4964,8 @@ struct TALER_AgeProof */ size_t num; - /* List of #num_priv private keys. + /** + * List of @e num private keys. * * Note that the list can be _smaller_ than the corresponding list of public * keys. In that case, the wallet can sign off only for a subset of the age @@ -4892,9 +4976,13 @@ struct TALER_AgeProof struct TALER_AgeCommitmentPrivateKeyP *keys; }; + +// FIXME-oec: document! struct TALER_AgeCommitmentProof { + // FIXME-oec: document! struct TALER_AgeCommitment commitment; + // FIXME-oec: document! struct TALER_AgeProof proof; }; @@ -4917,7 +5005,7 @@ TALER_age_commitment_hash ( * @param mask The age mask the defines the age groups * @param age The actual age for which an age commitment is generated * @param seed The seed that goes into the key generation. MUST be choosen uniformly random. - * @param comm_proof[out] The generated age commitment, ->priv and ->pub allocated via GNUNET_malloc on success + * @param[out] comm_proof The generated age commitment, ->priv and ->pub allocated via GNUNET_malloc() on success * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise */ enum GNUNET_GenericReturnValue @@ -4933,7 +5021,7 @@ TALER_age_restriction_commit ( * * @param orig Original age commitment * @param salt Salt to randomly move the points on the elliptic curve in order to generate another, equivalent commitment. - * @param[out] derived The resulting age commitment, ->priv and ->pub allocated via GNUNET_malloc on success. + * @param[out] derived The resulting age commitment, ->priv and ->pub allocated via GNUNET_malloc() on success. * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise */ enum GNUNET_GenericReturnValue @@ -4957,10 +5045,11 @@ TALER_age_commitment_attest ( uint8_t age, struct TALER_AgeAttestation *attest); -/* + +/** * @brief Verify the attestation for an given age and age commitment * - * @param commitent The age commitment that went into the attestation. Only the public keys are needed. + * @param commitment The age commitment that went into the attestation. Only the public keys are needed. * @param age Age (not age group) for which the an attestation should be done * @param attest Signature of the age with the appropriate key from the age commitment for the corresponding age group, if applicaple. * @return GNUNET_OK when the attestation was successfull, GNUNET_NO no attestation couldn't be verified, GNUNET_SYSERR otherwise @@ -4971,7 +5060,8 @@ TALER_age_commitment_verify ( uint8_t age, const struct TALER_AgeAttestation *attest); -/* + +/** * @brief helper function to free memory of a struct TALER_AgeCommitment * * @param p the commitment from which all memory should be freed. @@ -4980,7 +5070,8 @@ void TALER_age_commitment_free ( struct TALER_AgeCommitment *p); -/* + +/** * @brief helper function to free memory of a struct TALER_AgeProof * * @param p the proof of commitment from which all memory should be freed. @@ -4989,7 +5080,8 @@ void TALER_age_proof_free ( struct TALER_AgeProof *p); -/* + +/** * @brief helper function to free memory of a struct TALER_AgeCommitmentProof * * @param p the commitment and its proof from which all memory should be freed. diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index 2d801245b..ae48e0c54 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -1170,6 +1170,7 @@ struct TALER_EXCHANGE_NonceKey * Get a set of CS R values using a /csr-melt request. * * @param exchange the exchange handle; the exchange must be ready to operate + * @param rms master key used for the derivation of the CS values * @param nks_len length of the @a nks array * @param nks array of denominations and nonces * @param res_cb the callback to call when the final result for this request is available @@ -1263,7 +1264,7 @@ typedef void * Get a CS R using a /csr-withdraw request. * * @param exchange the exchange handle; the exchange must be ready to operate - * @param dk Which denomination key is the /csr request for + * @param pk Which denomination key is the /csr request for * @param nonce client nonce for the request * @param res_cb the callback to call when the final result for this request is available * @param res_cb_cls closure for the above callback @@ -2377,7 +2378,7 @@ struct TALER_EXCHANGE_MeltResponse union { /** - * Results for status #MHD_HTTP_SUCCESS. + * Results for status #MHD_HTTP_OK. */ struct { @@ -2512,7 +2513,7 @@ struct TALER_EXCHANGE_RevealResult union { /** - * Results for status #MHD_HTTP_SUCCESS. + * Results for status #MHD_HTTP_OK. */ struct { @@ -2660,7 +2661,7 @@ struct TALER_EXCHANGE_LinkResult union { /** - * Results for status #MHD_HTTP_SUCCESS. + * Results for status #MHD_HTTP_OK. */ struct { @@ -2704,7 +2705,7 @@ typedef void * * @param exchange the exchange handle; the exchange must be ready to operate * @param coin_priv private key to request link data for - * @param age_commitment age commitment to the corresponding coin, might be NULL + * @param age_commitment_proof age commitment to the corresponding coin, might be NULL * @param link_cb the callback to call with the useful result of the * refresh operation the @a coin_priv was involved in (if any) * @param link_cb_cls closure for @a link_cb @@ -3773,13 +3774,14 @@ TALER_EXCHANGE_management_post_extensions ( TALER_EXCHANGE_ManagementPostExtensionsCallback cb, void *cb_cls); + /** - * Cancel #TALER_EXCHANGE_post_management_extensions() operation. + * Cancel #TALER_EXCHANGE_management_post_extensions() operation. * * @param ph handle of the operation to cancel */ void -TALER_EXCHANGE_post_management_extensions_cancel ( +TALER_EXCHANGE_management_post_extensions_cancel ( struct TALER_EXCHANGE_ManagementPostExtensionsHandle *ph); @@ -4205,7 +4207,7 @@ TALER_EXCHANGE_management_set_global_fees ( /** * Cancel #TALER_EXCHANGE_management_enable_wire() operation. * - * @param swfh handle of the operation to cancel + * @param sgfh handle of the operation to cancel */ void TALER_EXCHANGE_management_set_global_fees_cancel ( @@ -4637,7 +4639,7 @@ struct TALER_EXCHANGE_AccountMergeResponse * operation. * * @param cls closure - * @param pcr HTTP response data + * @param amr HTTP response data */ typedef void (*TALER_EXCHANGE_AccountMergeCallback) ( @@ -4663,7 +4665,7 @@ struct TALER_EXCHANGE_AccountMergeHandle; * @param h_contract_terms hash of the purses' contract * @param min_age minimum age of deposits into the purse * @param purse_value_after_fees amount that should be in the purse - * @paran purse_expiration when will the purse expire + * @param purse_expiration when will the purse expire * @param merge_timestamp when is the merge happening (current time) * @param cb function to call with the exchange's result * @param cb_cls closure for @a cb @@ -4758,7 +4760,7 @@ struct TALER_EXCHANGE_PurseCreateMergeHandle; * @param contract_terms contract the purse is about * @param upload_contract true to upload the contract * @param pay_for_purse true to pay for purse creation - * @paran merge_timestamp when should the merge happen (use current time) + * @param merge_timestamp when should the merge happen (use current time) * @param cb function to call with the exchange's result * @param cb_cls closure for @a cb * @return the request handle; NULL upon error diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 2c59d6785..6cb9a3a40 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -2017,6 +2017,16 @@ typedef enum GNUNET_GenericReturnValue * * @param cls closure * @param rowid unique serial ID for the deposit in our DB + * @param reserve_pub reserve affected by the merge + * @param purse_pub purse being merged + * @param h_contract_terms hash over contract of the purse + * @param purse_expiration when would the purse expire + * @param amount total amount in the purse + * @param min_age minimum age of all coins deposited into the purse + * @param flags how was the purse created + * @param purse_fee if a purse fee was paid, how high is it + * @param merge_timestamp when was the merge approved + * @param reserve_sig signature by reserve approving the merge * @return #GNUNET_OK to continue to iterate, #GNUNET_SYSERR to stop */ typedef enum GNUNET_GenericReturnValue @@ -2075,6 +2085,10 @@ typedef enum GNUNET_GenericReturnValue * * @param cls closure * @param rowid unique serial ID for the deposit in our DB + * @param history_fee fee paid for the request + * @param ts timestamp of the request + * @param reserve_pub reserve history was requested for + * @param reserve_sig signature approving the @a history_fee * @return #GNUNET_OK to continue to iterate, #GNUNET_SYSERR to stop */ typedef enum GNUNET_GenericReturnValue @@ -2108,6 +2122,7 @@ typedef enum GNUNET_GenericReturnValue * the goal of auditing the purse refund's execution. * * @param cls closure + * @param rowid row of the refund event * @param amount_with_fee amount of the deposit into the purse * @param coin_pub coin that is to be refunded the @a given amount_with_fee * @param denom_pub denomination of @a coin_pub @@ -3935,8 +3950,8 @@ struct TALER_EXCHANGEDB_Plugin * Insert global fee set into database. * * @param cls closure - * @param start_date when does the fee go into effect - * @param end_date when does the fee end being valid + * @param start_date when does the fees go into effect + * @param end_date when does the fees end being valid * @param fees how high is are the global fees * @param purse_timeout when do purses time out * @param kyc_timeout when do reserves without KYC time out @@ -5101,7 +5116,7 @@ struct TALER_EXCHANGEDB_Plugin * @param[out] in_conflict set to true if @a econtract * conflicts with an existing contract; * in this case, the return value will be - * #GNUNET_DB_STATUS_SUCCESS_ONE despite the failure + * #GNUNET_DB_STATUS_SUCCESS_ONE_RESULT despite the failure * @return transaction status code */ enum GNUNET_DB_QueryStatus @@ -5163,7 +5178,7 @@ struct TALER_EXCHANGEDB_Plugin * @param[out] in_conflict set to true if the meta data * conflicts with an existing purse; * in this case, the return value will be - * #GNUNET_DB_STATUS_SUCCESS_ONE despite the failure + * #GNUNET_DB_STATUS_SUCCESS_ONE_RESULT despite the failure * @return transaction status code */ enum GNUNET_DB_QueryStatus @@ -5292,7 +5307,7 @@ struct TALER_EXCHANGEDB_Plugin * @param[out] balance_ok set to false if the coin's * remaining balance is below @a amount; * in this case, the return value will be - * #GNUNET_DB_STATUS_SUCCESS_ONE despite the failure + * #GNUNET_DB_STATUS_SUCCESS_ONE_RESULT despite the failure * @param[out] conflict the same coin was deposited into * this purse with a different amount already * @return transaction status code diff --git a/src/include/taler_testing_lib.h b/src/include/taler_testing_lib.h index 1781e0280..f18816d67 100644 --- a/src/include/taler_testing_lib.h +++ b/src/include/taler_testing_lib.h @@ -2229,6 +2229,7 @@ TALER_TESTING_cmd_auditor_add_denom_sig (const char *label, * @param wire_method wire method to set wire fees for * @param wire_fee the wire fee to affirm * @param closing_fee the closing fee to affirm + * @param wad_fee wad fee to charge * @param expected_http_status expected HTTP status from exchange * @param bad_sig should we use a bogus signature? * @return the command diff --git a/src/lib/auditor_api_deposit_confirmation.c b/src/lib/auditor_api_deposit_confirmation.c index be981eb90..c4542d0eb 100644 --- a/src/lib/auditor_api_deposit_confirmation.c +++ b/src/lib/auditor_api_deposit_confirmation.c @@ -156,6 +156,7 @@ handle_deposit_confirmation_finished (void *cls, * @param h_extensions hash over the extensions, if any * @param h_contract_terms hash of the contact of the merchant with the customer (further details are never disclosed to the auditor) * @param exchange_timestamp timestamp when the deposit was received by the wallet + * @param wire_deadline by what time must the amount be wired to the merchant * @param refund_deadline date until which the merchant can issue a refund to the customer via the auditor (can be zero if refunds are not allowed); must not be after the @a wire_deadline * @param amount_without_fee the amount confirmed to be wired by the exchange to the merchant * @param coin_pub coin’s public key diff --git a/src/lib/exchange_api_batch_withdraw.c b/src/lib/exchange_api_batch_withdraw.c index e5d3c7f9c..4e0d6abcf 100644 --- a/src/lib/exchange_api_batch_withdraw.c +++ b/src/lib/exchange_api_batch_withdraw.c @@ -145,7 +145,8 @@ struct TALER_EXCHANGE_BatchWithdrawHandle * * @param cls the `struct TALER_EXCHANGE_BatchWithdrawHandle` * @param hr HTTP response data - * @param blind_sig blind signature over the coin, NULL on error + * @param blind_sigs array of blind signatures over the coins, NULL on error + * @param blind_sigs_length length of the @a blind_sigs array */ static void handle_reserve_batch_withdraw_finished ( diff --git a/src/lib/exchange_api_common.h b/src/lib/exchange_api_common.h index 9cbdf547f..5721b376c 100644 --- a/src/lib/exchange_api_common.h +++ b/src/lib/exchange_api_common.h @@ -50,6 +50,7 @@ TALER_EXCHANGE_check_purse_create_conflict_ ( * not match the signature from the proof) * @param merge_pub the public key (must match * the signature from the proof) + * @param purse_pub the public key of the purse * @param exchange_url the base URL of this exchange * @param proof the proof to check * @return #GNUNET_OK if the @a proof is OK for @a purse_pub and @a merge_pub and conflicts with @a cmerge_sig @@ -93,7 +94,6 @@ TALER_EXCHANGE_check_purse_coin_conflict_ ( * @param ccontract_sig conflicting signature (must * not match the signature from the proof) * @param purse_pub public key of the purse - * @param exchange_url the base URL of this exchange * @param proof the proof to check * @return #GNUNET_OK if the @a proof is OK for @a purse_pub and conflicts with @a ccontract_sig */ diff --git a/src/lib/exchange_api_deposits_get.c b/src/lib/exchange_api_deposits_get.c index f7219f12e..660323bc4 100644 --- a/src/lib/exchange_api_deposits_get.c +++ b/src/lib/exchange_api_deposits_get.c @@ -323,7 +323,6 @@ TALER_EXCHANGE_deposits_get ( TALER_merchant_deposit_sign (h_contract_terms, h_wire, coin_pub, - &merchant, merchant_priv, &merchant_sig); { diff --git a/src/lib/exchange_api_management_post_extensions.c b/src/lib/exchange_api_management_post_extensions.c index 544f85efc..abec4ef09 100644 --- a/src/lib/exchange_api_management_post_extensions.c +++ b/src/lib/exchange_api_management_post_extensions.c @@ -118,7 +118,7 @@ handle_post_extensions_finished (void *cls, &hr); ph->cb = NULL; } - TALER_EXCHANGE_post_management_extensions_cancel (ph); + TALER_EXCHANGE_management_post_extensions_cancel (ph); } @@ -180,7 +180,7 @@ TALER_EXCHANGE_management_post_extensions ( ph); if (NULL == ph->job) { - TALER_EXCHANGE_post_management_extensions_cancel (ph); + TALER_EXCHANGE_management_post_extensions_cancel (ph); return NULL; } return ph; @@ -188,7 +188,7 @@ TALER_EXCHANGE_management_post_extensions ( void -TALER_EXCHANGE_post_management_extensions_cancel ( +TALER_EXCHANGE_management_post_extensions_cancel ( struct TALER_EXCHANGE_ManagementPostExtensionsHandle *ph) { if (NULL != ph->job) diff --git a/src/lib/exchange_api_melt.c b/src/lib/exchange_api_melt.c index ff720d2ff..feeef4001 100644 --- a/src/lib/exchange_api_melt.c +++ b/src/lib/exchange_api_melt.c @@ -417,6 +417,7 @@ start_melt (struct TALER_EXCHANGE_MeltHandle *mh) * the application and cancel the operation. * * @param[in] mh melt request that failed + * @param ec error code to fail with */ static void fail_mh (struct TALER_EXCHANGE_MeltHandle *mh, diff --git a/src/testing/testing_api_cmd_refresh.c b/src/testing/testing_api_cmd_refresh.c index 2b04156c5..bc0c4e090 100644 --- a/src/testing/testing_api_cmd_refresh.c +++ b/src/testing/testing_api_cmd_refresh.c @@ -348,15 +348,7 @@ do_reveal_retry (void *cls) * coming from the exchange, namely the fresh coins. * * @param cls closure, a `struct RefreshRevealState` - * @param hr HTTP response details - * @param num_coins number of fresh coins created, length of the - * @a sigs and @a coin_privs arrays, 0 if the operation - * failed. - * @param coin_privs array of @a num_coins private keys for the - * coins that were created, NULL on error. - * @param psa array of @a num_coins planchet secrets (derived from the transfer secret) for each of the coins - * @param sigs array of signature over @a num_coins coins, - * NULL on error. + * @param rr HTTP response details */ static void reveal_cb (void *cls, @@ -594,16 +586,7 @@ do_link_retry (void *cls) * withdrawn by the "refresh reveal" CMD. * * @param cls closure. - * @param hr HTTP response details - * @param num_coins number of fresh coins created, length of the - * @a sigs and @a coin_privs arrays, 0 if the operation - * failed. - * @param coin_privs array of @a num_coins private keys for the - * coins that were created, NULL on error. - * @param sigs array of signature over @a num_coins coins, NULL on - * error. - * @param pubs array of public keys for the @a sigs, - * NULL on error. + * @param lr HTTP response details */ static void link_cb (void *cls, diff --git a/src/testing/testing_api_cmd_reserve_history.c b/src/testing/testing_api_cmd_reserve_history.c index 96a0a1de3..beba23f11 100644 --- a/src/testing/testing_api_cmd_reserve_history.c +++ b/src/testing/testing_api_cmd_reserve_history.c @@ -17,7 +17,7 @@ */ /** - * @file testing/testing_api_cmd_history.c + * @file testing/testing_api_cmd_reserve_history.c * @brief Implement the /reserve/history test command. * @author Marcello Stanisci */ diff --git a/src/testing/testing_api_cmd_reserve_status.c b/src/testing/testing_api_cmd_reserve_status.c index 76639e49c..a1b7aaefd 100644 --- a/src/testing/testing_api_cmd_reserve_status.c +++ b/src/testing/testing_api_cmd_reserve_status.c @@ -17,7 +17,7 @@ */ /** - * @file testing/testing_api_cmd_status.c + * @file testing/testing_api_cmd_reserve_status.c * @brief Implement the /reserve/$RID/status test command. * @author Marcello Stanisci */ diff --git a/src/util/merchant_signatures.c b/src/util/merchant_signatures.c index 112f92253..36f96499c 100644 --- a/src/util/merchant_signatures.c +++ b/src/util/merchant_signatures.c @@ -46,12 +46,6 @@ struct TALER_DepositTrackPS */ struct TALER_MerchantWireHashP h_wire GNUNET_PACKED; - /** - * The Merchant's public key. The deposit inquiry request is to be - * signed by the corresponding private key (using EdDSA). - */ - struct TALER_MerchantPublicKeyP merchant; - /** * The coin's public key. This is the value that must have been * signed (blindly) by the Exchange. @@ -68,7 +62,6 @@ TALER_merchant_deposit_sign ( const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_MerchantWireHashP *h_wire, const struct TALER_CoinSpendPublicKeyP *coin_pub, - const struct TALER_MerchantPublicKeyP *merchant_pub, const struct TALER_MerchantPrivateKeyP *merchant_priv, struct TALER_MerchantSignatureP *merchant_sig) { @@ -77,9 +70,9 @@ TALER_merchant_deposit_sign ( .purpose.size = htonl (sizeof (dtp)), .h_contract_terms = *h_contract_terms, .h_wire = *h_wire, - .merchant = *merchant_pub, .coin_pub = *coin_pub }; + GNUNET_CRYPTO_eddsa_sign (&merchant_priv->eddsa_priv, &dtp, &merchant_sig->eddsa_sig); @@ -97,7 +90,6 @@ TALER_merchant_deposit_verify ( struct TALER_DepositTrackPS tps = { .purpose.size = htonl (sizeof (tps)), .purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION), - .merchant = *merchant, .coin_pub = *coin_pub, .h_contract_terms = *h_contract_terms, .h_wire = *h_wire @@ -107,7 +99,7 @@ TALER_merchant_deposit_verify ( GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION, &tps, &merchant_sig->eddsa_sig, - &tps.merchant.eddsa_pub); + &merchant->eddsa_pub); } From 76ad5baec7109416e292f3c49c3606abeb3815b6 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 25 Jun 2022 21:18:40 +0200 Subject: [PATCH 6/9] -add missing comments --- src/include/taler_crypto_lib.h | 140 ++++++++++++++++++++++++++++++--- 1 file changed, 128 insertions(+), 12 deletions(-) diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 37ee1b9ad..5b32dd5ca 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -3570,6 +3570,7 @@ typedef enum TALER_ErrorCode * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests) * @param[out] pub where to write the public key * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_deposit_confirmation_sign ( @@ -3629,6 +3630,7 @@ TALER_exchange_online_deposit_confirmation_verify ( * @param refund_amount amount refunded * @param[out] pub where to write the exchange public key * @param[out] sig where to write the exchange signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_refund_confirmation_sign ( @@ -3673,6 +3675,7 @@ TALER_exchange_online_refund_confirmation_verify ( * @param noreveal_index gamma cut-and-choose value chosen by the exchange * @param[out] pub where to write the exchange public key * @param[out] sig where to write the exchange signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_melt_confirmation_sign ( @@ -3709,6 +3712,7 @@ TALER_exchange_online_melt_confirmation_verify ( * @param hc hash over all the keys * @param[out] pub where to write the public key * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_key_set_sign ( @@ -3745,6 +3749,7 @@ TALER_exchange_online_key_set_verify ( * @param timestamp time when the KYC was confirmed * @param[out] pub where to write the public key * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_account_setup_success_sign ( @@ -3772,7 +3777,17 @@ TALER_exchange_online_account_setup_success_verify ( const struct TALER_ExchangeSignatureP *sig); -// FIXME: document!?! +/** + * Update the @a hash_context in the computation of the + * h_details for a wire status signature. + * + * @param[in,out] hash_context context to update + * @param h_contract_terms hash of the contract + * @param execution_time when was the wire transfer initiated + * @param coin_pub deposited coin + * @param deposit_value contribution of the coin + * @param deposit_fee how high was the deposit fee + */ void TALER_exchange_online_wire_deposit_append ( struct GNUNET_HashContext *hash_context, @@ -3794,6 +3809,7 @@ TALER_exchange_online_wire_deposit_append ( * @param h_details hash over the aggregation details * @param[out] pub where to write the public key * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_wire_deposit_sign ( @@ -3842,6 +3858,7 @@ TALER_exchange_online_wire_deposit_verify ( * @param coin_contribution what was @a coin_pub's contribution to the wire transfer * @param[out] pub where to write the public key * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_confirm_wire_sign ( @@ -3891,6 +3908,7 @@ TALER_exchange_online_confirm_wire_verify ( * @param reserve_pub reserve that was credited * @param[out] pub where to write the public key * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_confirm_recoup_sign ( @@ -3934,6 +3952,7 @@ TALER_exchange_online_confirm_recoup_verify ( * @param old_coin_pub old coin that was credited * @param[out] pub where to write the public key * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_confirm_recoup_refresh_sign ( @@ -3975,6 +3994,7 @@ TALER_exchange_online_confirm_recoup_refresh_verify ( * @param h_denom_pub hash of denomination that is unknown * @param[out] pub where to write the public key * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_denomination_unknown_sign ( @@ -4012,6 +4032,7 @@ TALER_exchange_online_denomination_unknown_verify ( * the denomination is expired * @param[out] pub where to write the public key * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_denomination_expired_sign ( @@ -4055,6 +4076,7 @@ TALER_exchange_online_denomination_expired_verify ( * @param reserve_pub public key of the closed reserve * @param[out] pub where to write the public key * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success */ enum TALER_ErrorCode TALER_exchange_online_reserve_closed_sign ( @@ -4078,8 +4100,8 @@ TALER_exchange_online_reserve_closed_sign ( * @param payto target of the wire transfer * @param wtid wire transfer subject used * @param reserve_pub public key of the closed reserve - * @param pub where to write the public key - * @param sig where to write the signature + * @param pub the public key of the exchange to check against + * @param sig the signature to check * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue @@ -4094,7 +4116,20 @@ TALER_exchange_online_reserve_closed_verify ( const struct TALER_ExchangeSignatureP *sig); -// FIXME: document! +/** + * Create signature by exchange affirming that a purse was created. + * + * @param scb function to call to create the signature + * @param exchange_time our time + * @param purse_expriration when will the purse expire + * @param amount_without_fee total amount to be put into the purse (without deposit fees) + * @param total_deposited total currently in the purse + * @param purse_pub public key of the purse + * @param h_contract_term hash of the contract for the purse + * @param[out] pub where to write the public key + * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success + */ enum TALER_ErrorCode TALER_exchange_online_purse_created_sign ( TALER_ExchangeSignCallback scb, @@ -4108,7 +4143,19 @@ TALER_exchange_online_purse_created_sign ( struct TALER_ExchangeSignatureP *sig); -// FIXME: document! +/** + * Verify exchange signature about a purse creation and balance. + * + * @param exchange_time our time + * @param purse_expriration when will the purse expire + * @param amount_without_fee total amount to be put into the purse (without deposit fees) + * @param total_deposited total currently in the purse + * @param purse_pub public key of the purse + * @param h_contract_term hash of the contract for the purse + * @param pub the public key of the exchange to check against + * @param sig the signature to check + * @return #GNUNET_OK if the signature is valid + */ enum GNUNET_GenericReturnValue TALER_exchange_online_purse_created_verify ( struct GNUNET_TIME_Timestamp exchange_time, @@ -4120,7 +4167,22 @@ TALER_exchange_online_purse_created_verify ( const struct TALER_ExchangePublicKeyP *pub, const struct TALER_ExchangeSignatureP *sig); -// FIXME: document! + +/** + * Sign affirmation that a purse was merged. + * + * @param scb function to call to create the signature + * @param exchange_time our time + * @param purse_expiration when does the purse expire + * @param amount_without_fee total amount that should be in the purse without deposit fees + * @param purse_pub public key of the purse + * @param h_contract_terms hash of the contract of the purse + * @param reserve_pub reserve the purse will be merged into + * @param exchange_url exchange at which the @a reserve_pub lives + * @param[out] pub where to write the public key + * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success + */ enum TALER_ErrorCode TALER_exchange_online_purse_merged_sign ( TALER_ExchangeSignCallback scb, @@ -4135,7 +4197,20 @@ TALER_exchange_online_purse_merged_sign ( struct TALER_ExchangeSignatureP *sig); -// FIXME: document! +/** + * Verify affirmation that a purse will be merged. + * + * @param exchange_time our time + * @param purse_expiration when does the purse expire + * @param amount_without_fee total amount that should be in the purse without deposit fees + * @param purse_pub public key of the purse + * @param h_contract_terms hash of the contract of the purse + * @param reserve_pub reserve the purse will be merged into + * @param exchange_url exchange at which the @a reserve_pub lives + * @param pub the public key of the exchange to check against + * @param sig the signature to check + * @return #GNUNET_OK if the signature is valid + */ enum GNUNET_GenericReturnValue TALER_exchange_online_purse_merged_verify ( struct GNUNET_TIME_Timestamp exchange_time, @@ -4149,7 +4224,17 @@ TALER_exchange_online_purse_merged_verify ( const struct TALER_ExchangeSignatureP *sig); -// FIXME: document! +/** + * Sign information about the status of a purse. + * + * @param scb function to call to create the signature + * @param merge_timestamp when was the purse merged (can be never) + * @param deposit_timestamp when was the purse fully paid up (can be never) + * @param balance current balance of the purse + * @param[out] pub where to write the public key + * @param[out] sig where to write the signature + * @return #TALER_EC_NONE on success + */ enum TALER_ErrorCode TALER_exchange_online_purse_status_sign ( TALER_ExchangeSignCallback scb, @@ -4160,7 +4245,16 @@ TALER_exchange_online_purse_status_sign ( struct TALER_ExchangeSignatureP *sig); -// FIXME: document! +/** + * Verify signature over information about the status of a purse. + * + * @param merge_timestamp when was the purse merged (can be never) + * @param deposit_timestamp when was the purse fully paid up (can be never) + * @param balance current balance of the purse + * @param pub the public key of the exchange to check against + * @param sig the signature to check + * @return #GNUNET_OK if the signature is valid + */ enum GNUNET_GenericReturnValue TALER_exchange_online_purse_status_verify ( struct GNUNET_TIME_Timestamp merge_timestamp, @@ -4395,7 +4489,18 @@ TALER_exchange_offline_denom_validity_verify ( const struct TALER_MasterSignatureP *master_sig); -// FIXME: document +/** + * Create offline signature about an exchange's partners. + * + * @param partner_pub master public key of the partner + * @param start_date validity period start + * @param end_date validity period end + * @param wad_frequency how often will we do wad transfers to this partner + * @param wad_fee what is the wad fee to this partner + * @param partner_base_url what is the base URL of the @a partner_pub exchange + * @param master_priv private key to sign with + * @param[out] master_sig where to write the signature + */ void TALER_exchange_offline_partner_details_sign ( const struct TALER_MasterPublicKeyP *partner_pub, @@ -4408,7 +4513,18 @@ TALER_exchange_offline_partner_details_sign ( struct TALER_MasterSignatureP *master_sig); -// FIXME: document +/** + * Verify signature about an exchange's partners. + * + * @param start_date validity period start + * @param end_date validity period end + * @param wad_frequency how often will we do wad transfers to this partner + * @param wad_fee what is the wad fee to this partner + * @param partner_base_url what is the base URL of the @a partner_pub exchange + * @param master_pub public key to verify against + * @param master_sig the signature the signature + * @return #GNUNET_OK if the signature is valid + */ enum GNUNET_GenericReturnValue TALER_exchange_offline_partner_details_verify ( const struct TALER_MasterPublicKeyP *partner_pub, @@ -5052,7 +5168,7 @@ TALER_age_commitment_attest ( * @param commitment The age commitment that went into the attestation. Only the public keys are needed. * @param age Age (not age group) for which the an attestation should be done * @param attest Signature of the age with the appropriate key from the age commitment for the corresponding age group, if applicaple. - * @return GNUNET_OK when the attestation was successfull, GNUNET_NO no attestation couldn't be verified, GNUNET_SYSERR otherwise + * @return #GNUNET_OK when the attestation was successfull, GNUNET_NO no attestation couldn't be verified, #GNUNET_SYSERR otherwise */ enum GNUNET_GenericReturnValue TALER_age_commitment_verify ( From 3b9e9eed11333fcd4f6a9299d06274cba77a5434 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 25 Jun 2022 21:50:32 +0200 Subject: [PATCH 7/9] -fix typos --- src/exchange-tools/taler-exchange-dbinit.c | 2 +- src/exchange/taler-exchange-httpd_keys.c | 2 +- src/exchange/taler-exchange-httpd_metrics.h | 6 +++--- src/exchange/taler-exchange-httpd_refreshes_reveal.c | 2 +- src/exchangedb/common-0001.sql | 4 ++-- src/exchangedb/plugin_exchangedb_postgres.c | 4 ++-- src/extensions/extension_age_restriction.c | 2 +- src/include/taler_crypto_lib.h | 6 +++--- src/include/taler_exchangedb_plugin.h | 4 ++-- src/include/taler_extensions.h | 6 +++--- src/include/taler_util.h | 4 ++-- src/testing/testing_api_cmd_purse_merge.c | 2 +- src/util/tv_age_restriction.c | 4 ++-- src/util/wallet_signatures.c | 4 ++-- 14 files changed, 26 insertions(+), 26 deletions(-) diff --git a/src/exchange-tools/taler-exchange-dbinit.c b/src/exchange-tools/taler-exchange-dbinit.c index 7c2c5b661..818373816 100644 --- a/src/exchange-tools/taler-exchange-dbinit.c +++ b/src/exchange-tools/taler-exchange-dbinit.c @@ -252,7 +252,7 @@ main (int argc, GNUNET_GETOPT_option_uint ('R', "reset-shard", "OLD_SHARD_IDX", - "reset a shard database, does not reinitialize i.e. call taler-exchange-dbinit -S afterwards (DANGEROUS: all existsing data is lost!)", + "reset a shard database, does not reinitialize i.e. call taler-exchange-dbinit -S afterwards (DANGEROUS: all existing data is lost!)", &reset_shard_db), GNUNET_GETOPT_option_flag ('f', "force", diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c index 45bed1a19..6eadb0d70 100644 --- a/src/exchange/taler-exchange-httpd_keys.c +++ b/src/exchange/taler-exchange-httpd_keys.c @@ -2261,7 +2261,7 @@ finish_keys_response (struct TEH_KeyStateHandle *ksh) /* * Build up the running hash of all denominations in this group - * TODO: FIXME-oec: this is cipher and age_restriction dependend?! + * TODO: FIXME-oec: this is cipher and age_restriction dependent?! */ GNUNET_CRYPTO_hash_context_read (group->hash_context, &dk->h_denom_pub, diff --git a/src/exchange/taler-exchange-httpd_metrics.h b/src/exchange/taler-exchange-httpd_metrics.h index ff4c3f6ca..5943ab86d 100644 --- a/src/exchange/taler-exchange-httpd_metrics.h +++ b/src/exchange/taler-exchange-httpd_metrics.h @@ -101,17 +101,17 @@ extern unsigned long long TEH_METRICS_batch_withdraw_num_coins; extern unsigned long long TEH_METRICS_num_conflict[TEH_MT_REQUEST_COUNT]; /** - * Number of signatures created by the respecitve cipher. + * Number of signatures created by the respective cipher. */ extern unsigned long long TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_COUNT]; /** - * Number of signatures verified by the respecitve cipher. + * Number of signatures verified by the respective cipher. */ extern unsigned long long TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_COUNT]; /** - * Number of key exchnages done with the respective cipher. + * Number of key exchanges done with the respective cipher. */ extern unsigned long long TEH_METRICS_num_keyexchanges[TEH_MT_KEYX_COUNT]; diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c index 9fd9eac46..3b75576ce 100644 --- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c +++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c @@ -111,7 +111,7 @@ struct RevealContext /** * Array of information about fresh coins being revealed. */ - /* FIXME: const would be nicer here, but we initalize + /* FIXME: const would be nicer here, but we initialize the 'alg_values' in the verification routine; suboptimal to be fixed... */ struct TALER_EXCHANGEDB_RefreshRevealedCoin *rrcs; diff --git a/src/exchangedb/common-0001.sql b/src/exchangedb/common-0001.sql index c493af9bd..5ae67edd1 100644 --- a/src/exchangedb/common-0001.sql +++ b/src/exchangedb/common-0001.sql @@ -70,7 +70,7 @@ BEGIN END $$; --- We need a seperate function for this, as we call create_table only once but need to add +-- We need a separate function for this, as we call create_table only once but need to add -- those constraints to each partition which gets created CREATE OR REPLACE FUNCTION add_constraints_to_wire_targets_partition( IN partition_suffix VARCHAR @@ -866,7 +866,7 @@ BEGIN PERFORM create_partitioned_table( 'CREATE TABLE IF NOT EXISTS %I' '(aggregation_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY' -- UNIQUE' - ',deposit_serial_id INT8 PRIMARY KEY' -- REFERENCES deposits (deposit_serial_id) ON DELETE CASCADE' -- FIXME chnage to coint_pub + deposit_serial_id for more efficient depost -- or something else ??? + ',deposit_serial_id INT8 PRIMARY KEY' -- REFERENCES deposits (deposit_serial_id) ON DELETE CASCADE' -- FIXME change to coin_pub + deposit_serial_id for more efficient depost -- or something else ??? ',wtid_raw BYTEA NOT NULL' -- CONSTRAINT wire_out_ref REFERENCES wire_out(wtid_raw) ON DELETE CASCADE DEFERRABLE' ') %s ;' ,table_name diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index 74424e63e..d3bbb4d6a 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -14970,7 +14970,7 @@ postgres_delete_shard_locks (void *cls) /** * Function called to save the configuration of an extension - * (age-restriction, peer2peer, ...). After succesfull storage of the + * (age-restriction, peer2peer, ...). After successful storage of the * configuration it triggers the corresponding event. * * @param cls the @e cls of this struct with the plugin-specific state @@ -15225,7 +15225,7 @@ postgres_insert_contract ( /** - * Function called to reutrn meta data about a purse by the + * Function called to return meta data about a purse by the * purse public key. * * @param cls the @e cls of this struct with the plugin-specific state diff --git a/src/extensions/extension_age_restriction.c b/src/extensions/extension_age_restriction.c index fb0146b88..e55c85202 100644 --- a/src/extensions/extension_age_restriction.c +++ b/src/extensions/extension_age_restriction.c @@ -136,7 +136,7 @@ TALER_age_mask_to_string ( /* ================================================== * - * Age Restriction TALER_Extension imlementation + * Age Restriction TALER_Extension implementation * * ================================================== */ diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 5b32dd5ca..3d6c20b6f 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -1762,7 +1762,7 @@ TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info, * @param blinded_planchet blinded planchet * @param denom_hash hash of the denomination publick key * @param[out] bch where to write the hash - * @return #GNUNET_OK when successful, #GNUNET_SYSERR if an internal error occured + * @return #GNUNET_OK when successful, #GNUNET_SYSERR if an internal error occurred */ enum GNUNET_GenericReturnValue TALER_coin_ev_hash (const struct TALER_BlindedPlanchet *blinded_planchet, @@ -5120,7 +5120,7 @@ TALER_age_commitment_hash ( * * @param mask The age mask the defines the age groups * @param age The actual age for which an age commitment is generated - * @param seed The seed that goes into the key generation. MUST be choosen uniformly random. + * @param seed The seed that goes into the key generation. MUST be chosen uniformly random. * @param[out] comm_proof The generated age commitment, ->priv and ->pub allocated via GNUNET_malloc() on success * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise */ @@ -5168,7 +5168,7 @@ TALER_age_commitment_attest ( * @param commitment The age commitment that went into the attestation. Only the public keys are needed. * @param age Age (not age group) for which the an attestation should be done * @param attest Signature of the age with the appropriate key from the age commitment for the corresponding age group, if applicaple. - * @return #GNUNET_OK when the attestation was successfull, GNUNET_NO no attestation couldn't be verified, #GNUNET_SYSERR otherwise + * @return #GNUNET_OK when the attestation was successful, #GNUNET_NO no attestation couldn't be verified, #GNUNET_SYSERR otherwise */ enum GNUNET_GenericReturnValue TALER_age_commitment_verify ( diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 6cb9a3a40..42a6795f9 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -1420,7 +1420,7 @@ struct TALER_EXCHANGEDB_DepositListEntry struct TALER_DenominationHashP h_denom_pub; /** - * Age commitment hash, if applicable ot the denomination. Should be all + * Age commitment hash, if applicable to the denomination. Should be all * zeroes if age commitment is not applicable to the denonimation. */ struct TALER_AgeCommitmentHash h_age_commitment; @@ -5235,7 +5235,7 @@ struct TALER_EXCHANGEDB_Plugin /** - * Function called to reutrn meta data about a purse by the + * Function called to return meta data about a purse by the * purse public key. * * @param cls the @e cls of this struct with the plugin-specific state diff --git a/src/include/taler_extensions.h b/src/include/taler_extensions.h index 32821e500..82392a3ea 100644 --- a/src/include/taler_extensions.h +++ b/src/include/taler_extensions.h @@ -99,8 +99,8 @@ TALER_extensions_is_json_config ( * he JSON object must be of type ExchangeKeysResponse as described in * https://docs.taler.net/design-documents/006-extensions.html#exchange * - * @param cfg JSON object containting the configuration for all extensions - * @return GNUNET_OK on success, GNUNET_SYSERR if unknown extensions were found + * @param cfg JSON object containing the configuration for all extensions + * @return #GNUNET_OK on success, #GNUNET_SYSERR if unknown extensions were found * or any particular configuration couldn't be parsed. */ enum GNUNET_GenericReturnValue @@ -267,7 +267,7 @@ TALER_extensions_age_restriction_num_groups (); * Parses a JSON object { "age_groups": "a:b:...y:z" }. * * @param root is the json object - * @param[out] mask on succes, will contain the age mask + * @param[out] mask on success, will contain the age mask * @return #GNUNET_OK on success and #GNUNET_SYSERR on failure. */ enum GNUNET_GenericReturnValue diff --git a/src/include/taler_util.h b/src/include/taler_util.h index e5c7b97b5..afc8ebada 100644 --- a/src/include/taler_util.h +++ b/src/include/taler_util.h @@ -494,12 +494,12 @@ TALER_yna_to_string (enum TALER_EXCHANGE_YesNoAll yna); #ifdef __APPLE__ /** - * Returns the first occurence of `c` in `s`, or returns the null-byte + * Returns the first occurrence of `c` in `s`, or returns the null-byte * terminating the string if it does not occur. * * @param s the string to search in * @param c the character to search for - * @return char* the first occurence of `c` in `s` + * @return char* the first occurrence of `c` in `s` */ char *strchrnul (const char *s, int c); diff --git a/src/testing/testing_api_cmd_purse_merge.c b/src/testing/testing_api_cmd_purse_merge.c index f2290523f..4d1e8bf4b 100644 --- a/src/testing/testing_api_cmd_purse_merge.c +++ b/src/testing/testing_api_cmd_purse_merge.c @@ -62,7 +62,7 @@ struct PurseMergeState const char *merge_ref; /** - * Refernece to the reserve, or NULL (!). + * Reference to the reserve, or NULL (!). */ const char *reserve_ref; diff --git a/src/util/tv_age_restriction.c b/src/util/tv_age_restriction.c index 0c9ef7739..a2b0a7451 100644 --- a/src/util/tv_age_restriction.c +++ b/src/util/tv_age_restriction.c @@ -162,7 +162,7 @@ generate ( sizeof(seed)); json_object_set (j_top, - "commited_age", + "committed_age", json_integer (age)); ret = TALER_age_restriction_commit (mask, @@ -214,7 +214,7 @@ generate ( "not required: age group is 0"); else if (min_group > age_group) j_reason = json_string ( - "not applicable: commited age too small"); + "not applicable: committed age too small"); else j_reason = GNUNET_JSON_PACK ( GNUNET_JSON_pack_data_auto (NULL, &at)); diff --git a/src/util/wallet_signatures.c b/src/util/wallet_signatures.c index 41e272eb0..df6d48b9b 100644 --- a/src/util/wallet_signatures.c +++ b/src/util/wallet_signatures.c @@ -640,7 +640,7 @@ struct TALER_ReserveHistoryRequestPS struct GNUNET_CRYPTO_EccSignaturePurpose purpose; /** - * When did the wallet make the requst. + * When did the wallet make the request. */ struct GNUNET_TIME_TimestampNBO request_timestamp; @@ -708,7 +708,7 @@ struct TALER_ReserveStatusRequestPS struct GNUNET_CRYPTO_EccSignaturePurpose purpose; /** - * When did the wallet make the requst. + * When did the wallet make the request. */ struct GNUNET_TIME_TimestampNBO request_timestamp; From 07be0fd21d841b1b9e937d4af73cca7a629d6e70 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sun, 26 Jun 2022 15:05:37 +0200 Subject: [PATCH 8/9] -more typos --- doc/cs/ads/glossary.tex | 28 ++++++++++----------- doc/cs/content/1_introduction.tex | 4 +-- doc/cs/content/3_preliminaries.tex | 22 ++++++++-------- doc/cs/content/4_2_specification.tex | 16 ++++++------ doc/cs/content/4_3_implementation.tex | 14 +++++------ doc/cs/content/5_discussion.tex | 12 ++++----- doc/cs/content/6_conclusion.tex | 10 ++++---- src/auditor/auditor-basedb.sql | 3 +-- src/auditor/revoke-basedb.sql | 3 +-- src/testing/testing_api_cmd_reserve_purse.c | 2 +- 10 files changed, 55 insertions(+), 59 deletions(-) diff --git a/doc/cs/ads/glossary.tex b/doc/cs/ads/glossary.tex index 67ff003bc..7132f89a5 100644 --- a/doc/cs/ads/glossary.tex +++ b/doc/cs/ads/glossary.tex @@ -1,12 +1,12 @@ %!TEX root = ../thesis.tex % -% vorher in Konsole folgendes aufrufen: +% vorher in Konsole folgendes aufrufen: % makeglossaries makeglossaries dokumentation.acn && makeglossaries dokumentation.glo % % -% Glossareintraege --> referenz, name, beschreibung +% Glossareintraege --> reference, name, beschreibung % Aufruf mit \gls{...} % % \newglossaryentry{non-repudiation}{name={non-repudiation},plural={non-repudiation},description={After a message is signed, one can not dispute that a message was signed}} @@ -18,36 +18,36 @@ } \newglossaryentry{25519}{ - name = {Curve25519}, - description = {A popular elliptic curve used in many cryptographic systems based on elliptic curve cryptography. See section \ref{par:curve25519}} + name = {Curve25519}, + description = {A popular elliptic curve used in many cryptographic systems based on elliptic curve cryptography. See section \ref{par:curve25519}} } \newglossaryentry{fdh}{ name = {FDH}, - description = {A Full-Domain Hash is a hash function with an image size equal to the original gorup. See section \ref{sec:rsa-fdh}}. -} + description = {A Full-Domain Hash is a hash function with an image size equal to the original gorup. See section \ref{sec:rsa-fdh}}. +} \newglossaryentry{idempotence}{ name = {idempotence}, - description = {Idempotence in the context of computer science is a property to ensure that the state of system will not change, no matter how many times the same request was made. See section \ref{abort-idempotency}} -} + description = {Idempotence in the context of computer science is a property to ensure that the state of system will not change, no matter how many times the same request was made. See section \ref{abort-idempotency}} +} \newglossaryentry{abort-idempotency}{ name = {abort-idempotency}, - description = {Abort-idempotency is a special case of \gls{idempotence}. On every step in a protocol it needs to be ensured that even on an abort, the same request always receives the same response. See section \ref{abort-idempotency}} -} + description = {Abort-idempotency is a special case of \gls{idempotence}. On every step in a protocol it needs to be ensured that even on an abort, the same request always receives the same response. See section \ref{abort-idempotency}} +} \newglossaryentry{RSABS}{ name = {RSA Blind Signatures}, - description = {Chaums Blind Signature Scheme based on RSA. See section \ref{sec:blind-rsa-sign}} + description = {Chaums Blind Signature Scheme based on RSA. See section \ref{sec:blind-rsa-sign}} } \newglossaryentry{CSBS}{ name = {Clause Blind Schnorr Signatures}, description = {A secure variant of Blind Schnorr Signature Schemes introduced in section \ref{sec:clause-blind-schnorr-sig}} -} +} % \newglossaryentry{25519}{ % name = {}, - % description = {} -% } \ No newline at end of file + % description = {} +% } diff --git a/doc/cs/content/1_introduction.tex b/doc/cs/content/1_introduction.tex index 1ed9e0589..e0fdaa018 100644 --- a/doc/cs/content/1_introduction.tex +++ b/doc/cs/content/1_introduction.tex @@ -51,7 +51,7 @@ In scope are all necessary changes on the protocol(s) and components for the fol \item design and implement a protocol where the user proves to the exchange the knowledge of the coin that is to be signed (optional) \end{itemize} -Out of scope is production readyness of the implementation. +Out of scope is production readiness of the implementation. This is because changes in the protocos and code need to be thoroughly vetted to ensure that no weaknesses or security vulnerabilities were introduced. Such an audit is out of scope for the thesis and is recommended to be performed in the future. The iOS wallet will not be considered in this work. @@ -69,4 +69,4 @@ Scope changes during the project: \item \textbf{Adjusted: } Focus is on the implementation of the exchange protocols (Withdraw, Spend, Refresh and cryptographic utilities) \item \textbf{Adjusted: } Implementation of the refresh protocol and wallet-core are nice-to-have goals \item \textbf{Removed: } The Merchant and the android wallet implementations are out of scope -\end{itemize} \ No newline at end of file +\end{itemize} diff --git a/doc/cs/content/3_preliminaries.tex b/doc/cs/content/3_preliminaries.tex index e63e65d33..7d7b7ca2f 100644 --- a/doc/cs/content/3_preliminaries.tex +++ b/doc/cs/content/3_preliminaries.tex @@ -141,7 +141,6 @@ This can be used to detect compromised signing keys or a malicious exchange. \subsection{Properties} \label{sec:taler-properties} -%Alle Taler Eigenschaften die wir angreifen wollen auflisten und bezug nehmen wie diese erreicht werden This section describes Taler's properties. \subsubsection{Free Software} @@ -299,7 +298,7 @@ If verification is successful, only Alice knows her private key and Bob uses Ali A digital signature scheme has a message space M, a signature space S and three algorithms: \begin{itemize} \item Key generation: $(pk,sk) \gets keyGen()$ - \item Signatue generation: $s \gets $sign$_sk(m)$ + \item Signature generation: $s \gets $sign$_sk(m)$ \item Verification: $ v \gets $verify$_pk(m,s)$ where $v \in {0,1}$ \end{itemize} If the result of the verification algorithm equals 1, a signature for m is called valid. @@ -783,7 +782,7 @@ A good introduction to cut and choose protocols gives the Paper from Claude Cré The expression cut-and-choose was later introduced by David Chaum in analogy to a popular cake sharing problem: Given a complete cake to be shared among two parties distrusting of each other (for reasons of serious appetite). A fair way for them to share the cake is to have one of them cut the cake in two equals hares, and let the other one choose his favourite share. - This solution guarantes that it is in the formers best interest to cut the shares as evenly as possible." + This solution guarantees that it is in the formers best interest to cut the shares as evenly as possible." } \end{center} @@ -870,10 +869,10 @@ Figure \ref{fig:withdraw-loophole-exploit} explains how such a payment would wor Note that we omitted the parts leading up to the coin creation (contract, agreement of price, number of coins and their denominations). This is how it works on a high level: \begin{enumerate} - \item The malicous merchant generates and blinds coins, which are then transmitted to the customer + \item The malicious merchant generates and blinds coins, which are then transmitted to the customer \item The customer authorizes the withdraw from his reserve by signing the blinded coins with the private key of his reserve, thus generating withdraw confirmations. - \item The withdraw confirmations are transmitted to the exchange, which generates the signatures and returns them to the malicous merchant. - \item The malicous merchant unblinds the signatures. + \item The withdraw confirmations are transmitted to the exchange, which generates the signatures and returns them to the malicious merchant. + \item The malicious merchant unblinds the signatures. He is now in possession of the coin, thus the payment is completed. \end{enumerate} @@ -882,7 +881,7 @@ This is how it works on a high level: \resizebox{1.0\textwidth}{!}{$\displaystyle \begin{array}{ l c l} % preliminaries - \textbf{Customer} & & \textbf{malicous Merchant} + \textbf{Customer} & & \textbf{malicious Merchant} \\ \text{knows:} & & \text{knows:} \\ \text{reserve keys } w_s, W_p \\ \text{denomination public key } D_p = \langle e, N \rangle & & \text{denomination public key } D_p = \langle e, N \rangle @@ -903,7 +902,7 @@ This is how it works on a high level: \\ \hline \\ - \textbf{malicous Merchant} & & \textbf{Exchange} + \textbf{malicious Merchant} & & \textbf{Exchange} \\\text{knows:} & & \text{knows:} \\& & \text{reserve public key } W_p \\ \text{denomination public key } D_p = \langle e, N \rangle & & \text{denomination keys } d_s, D_p @@ -949,7 +948,6 @@ Chapter 4.1.4 describes more general aspects as well as the contract header and \subsubsection{Spend Protocol} The payment process begins when a customer submits a shopping cart (one or more items to buy) and commits his intent to buy them. The merchant has a key pair skM, pkM of which the customer knows the public key. -% besseres Wort als commit? Note that certain details contained in contract header or deposit permission like merchant \ac{KYC} information, deposit and refund deadlines and fees are left out. The deposit state machine can be seen in figure \ref{fig:deposit:states}. \begin{figure}[htp] @@ -1033,7 +1031,7 @@ In cases where there are multiple deposit permissions (meaning that multiple coi \item Is the signature of the coin valid? \item Is $ f $ (the value to be spent) smaller or equal the residual value of the coin (check for overspending attempt)? \end{itemize} - If all checks are successful, the exchange saves the deposit record containing the deposit permission and its signature in a database, substracts the spent value from the residual value of the coin and schedules the money transfer to the merchant's account $ A_m $ (grouping payments is done to reduce payment fees). + If all checks are successful, the exchange saves the deposit record containing the deposit permission and its signature in a database, subtracts the spent value from the residual value of the coin and schedules the money transfer to the merchant's account $ A_m $ (grouping payments is done to reduce payment fees). \\The exchange calculates a deposit confirmation signature $ \sigma_{DC} $ for the deposit permission with the exchange signing private key and returns them to the merchant. \\This signature is also used to prove that a merchant was the first to receive payment from a certain coin. Without this, an evil exchange could later deny confirming a payment and claim double spending. @@ -1180,7 +1178,7 @@ The customer, which holds the old partially spend coin and knows \\$C_{old} = \t On the exchange's side various checks are done to validate the request. Detailed steps of the commit phase are shown in figure \ref{fig:refresh-part1}. - + \begin{figure} \begin{equation*} \resizebox{1.0\textwidth}{!}{$\displaystyle @@ -1464,4 +1462,4 @@ When the list of trusted auditor certs of a customer/merchant somehow can be man One attack scenario would be to attack customers/merchants with a supply-chain attack on the wallets or merchant backends' implementation. With software supply-chain attacks on the rise in 2020/21 (although the concept is not new) such an attack could have a big impact. \\ Since auditor certs are coupled with the wallet (or merchant) implementation, a bank, country, central bank or auditor will most likely publish a wallet and a merchant implementation for the corresponding Taler ecosystem. -%This would make it possible for the publisher to make changes on the Taler protocol for this specific implementation. \ No newline at end of file +%This would make it possible for the publisher to make changes on the Taler protocol for this specific implementation. diff --git a/doc/cs/content/4_2_specification.tex b/doc/cs/content/4_2_specification.tex index efe6a3c3d..fe745fc69 100644 --- a/doc/cs/content/4_2_specification.tex +++ b/doc/cs/content/4_2_specification.tex @@ -256,7 +256,7 @@ Further, the API ensures that a caller must generate two secret $r$ as in the Cl * To ensure unpredictability a new nonce should be used when a new r needs to be derived. * Uses HKDF internally. * Comment: Can be done in one HKDF shot and split output. - * + * * @param nonce is a random nonce * @param lts is a long-term-secret in form of a private key * @param[out] r array containing derived secrets r0 and r1 @@ -265,8 +265,8 @@ Further, the API ensures that a caller must generate two secret $r$ as in the Cl GNUNET_CRYPTO_cs_r_derive (const struct GNUNET_CRYPTO_CsNonce *nonce, const struct GNUNET_CRYPTO_CsPrivateKey *lts, struct GNUNET_CRYPTO_CsRSecret r[2]); - - + + /** * Extract the public R of the given secret r. * @@ -289,7 +289,7 @@ The blinding secrets are generated by a client who provides a secret as seed to * To provide abort-idempotency, blinding factors need to be derived but still need to be UNPREDICTABLE * To ensure unpredictability a new nonce has to be used. * Uses HKDF internally - * + * * @param secret is secret to derive blinding factors * @param secret_len secret length * @param[out] bs array containing the two derivedGNUNET_CRYPTO_CsBlindingSecret @@ -306,7 +306,7 @@ Further the Clause Blind Schnorr API provides an API to calculate the two blinde /** * Calculate two blinded c's * Comment: One would be insecure due to Wagner's algorithm solving ROS - * + * * @param bs array of the two blinding factor structs each containing alpha and beta * @param r_pub array of the two signer's nonce R * @param pub the public key of the signer @@ -336,7 +336,7 @@ See listing \ref{lst:crypto-sign-api}. * To ensure unpredictability a new nonce has to be used for every signature * HKDF is used internally for derivation * r0 and r1 can be derived prior by using GNUNET_CRYPTO_cs_r_derive - * + * * @param priv private key to use for the signing and as LTS in HKDF * @param r array of the two secret nonce from the signer * @param c array of the two blinded c to sign c_b @@ -370,7 +370,7 @@ GNUNET_CRYPTO_cs_unblind ( struct GNUNET_CRYPTO_CsS *signature_scalar); \end{lstlisting} -The verify API takes the message and its signature with the public key and returns GNUNET\_OK for a valid signature and GNUNET\_SYSERR otherwhise. +The verify API takes the message and its signature with the public key and returns GNUNET\_OK for a valid signature and GNUNET\_SYSERR otherwise. See listing \ref{lst:crypto-verify-api}. \begin{lstlisting}[style=bfh-c,language=C,, caption={GNUnet verify API}, label={lst:crypto-verify-api}] @@ -411,7 +411,7 @@ In crypto.c many utility functions are provided to create planchets (for planche One difference between \gls{RSABS} and \gls{CSBS} is, that the coin private key and RSA blinding secret can be created at the same point in time, since the RSA blinding secret is created randomly. However, for Clause Blind Schnorr secrets an additional step is needed, the public $R_0$ and $R_1$ are required to calculate the blinding seed to derive the secrets. -A planchet in the Clause Blind Schnorr Signature Scheme can be created as followed (implementation details ommited). +A planchet in the Clause Blind Schnorr Signature Scheme can be created as followed (implementation details omitted). \begin{enumerate} \item Create planchet with new \ac{EdDSA} private key diff --git a/doc/cs/content/4_3_implementation.tex b/doc/cs/content/4_3_implementation.tex index 07423e4e1..879e69e8f 100644 --- a/doc/cs/content/4_3_implementation.tex +++ b/doc/cs/content/4_3_implementation.tex @@ -94,8 +94,8 @@ The corresponding crypto helper, that talks with the security module, and its te \item \texttt{src/util/test\_helper\_cs.c}: Tests and benchmarks for the \gls{CSBS} crypto helper \end{itemize} % Crypto API offene Punkte: -%Input-Validierung von Punkten und Skalar -% Clamping beschreiben: https://neilmadden.blog/2020/05/28/whats-the-curve25519-clamping-all-about/ +%Input-validation of points and scalars: +% describe clamping: https://neilmadden.blog/2020/05/28/whats-the-curve25519-clamping-all-about/ % Testing: inverse operations, blinded signature test @@ -219,7 +219,7 @@ Tests for deposit are implemented here: \begin{itemize} \item \url{/src/testing/test_exchange_api.c}: Add tests (see "struct TALER\_TESTING\_Command\ spend\_cs[]") that spend \gls{CSBS} coins withdrawn in tests added for withdrawal \item \url{/src/json/json_pack.c}: Implement \gls{CSBS} case in function TALER\_JSON\_pack\_denom\_sig -\end{itemize} +\end{itemize} \section{Fixing a Minor Security Issue in Taler's RSA Blind Signature Protocols} \label{sec:taler-vuln} @@ -230,7 +230,7 @@ The issue was only in the implementation of the current RSA Blind Signature prot \label{sec:taler-vuln-desc} The redesigned \gls{CSBS} protocols already include the denomination key in the nonce check, which fixes this issue (see \ref{sec:withdraw-protocol-schnorr}). -In the case of \gls{RSABS}, the current protocol includes an \gls{idempotence} check by persisting the hash value of the blinded coin $m'$. +In the case of \gls{RSABS}, the current protocol includes an \gls{idempotence} check by persisting the hash value of the blinded coin $m'$. On a withdrawal/refresh the \gls{idempotence} check compares if the hash value of $m'$ was seen in the past and returns the 'old' signature on a match. This could lead to the following scenario: @@ -277,7 +277,7 @@ After discussing this issue with Christian Grothoff, the conclusion was to inclu return GNUNET_OK; case TALER_DENOMINATION_CS: ... - + \end{lstlisting} The issue is fixed by adding a hash of the current denomination key into the calculation of the hash used in the \gls{idempotence} check. @@ -295,7 +295,7 @@ The applied fix can be seen in listing \ref{lst:fixed-idempotence}. { struct GNUNET_HashContext *hash_context; hash_context = GNUNET_CRYPTO_hash_context_start (); - + GNUNET_CRYPTO_hash_context_read (hash_context, &denom_hash->hash, sizeof(denom_hash->hash)); @@ -312,7 +312,7 @@ The applied fix can be seen in listing \ref{lst:fixed-idempotence}. { struct GNUNET_HashContext *hash_context; hash_context = GNUNET_CRYPTO_hash_context_start (); - + GNUNET_CRYPTO_hash_context_read (hash_context, &denom_hash->hash, sizeof(denom_hash->hash)); diff --git a/doc/cs/content/5_discussion.tex b/doc/cs/content/5_discussion.tex index c68b4a79c..8381273c1 100644 --- a/doc/cs/content/5_discussion.tex +++ b/doc/cs/content/5_discussion.tex @@ -57,7 +57,7 @@ This section compares how the two schemes perform regarding CPU usage, latency, Clause Schnorr has fixed key sizes with 256 bits (32 bytes), which we compare against different RSA key sizes (1024, 2048, 3072 and 4096 bits). In terms of security, \gls{CSBS} 256 bit keys could be compared to 3072 bit RSA keys (see \url{https://www.keylength.com/} for more information). -\subsection{CPU Usage} +\subsection{CPU Usage} Various benchmarks were made on different CPU architectures. This section discusses the main results, detailed information about the performance comparison can be found in appendix \ref{chap:app-perf}. We thank the Taler team for providing measurements from additional systems and architectures. @@ -75,7 +75,7 @@ Signing and blinding operations are much faster in \gls{CSBS}, also \gls{CSBS} s \begin{bfhBox}[BFH-MediumBlue]{Setup} CPU: 8-core AMD Ryzen 7 PRO 5850U \\ OS: Ubuntu 21.10 Linux 5.13.0-25-generic \#26-Ubuntu SMP Fri Jan 7 15:48:31 UTC 2022 x86\_64 x86\_64 x86\_64 GNU/Linux \\ - libsodium version: 1.0.18-1build1 \\ + libsodium version: 1.0.18-1build1 \\ libgcrypt version: 1.8.7-5ubuntu2 \\\\ Benchmarks with other hardware setups can be found in appendix \ref{chap:app-perf}. \end{bfhBox} @@ -112,7 +112,7 @@ RSA 1024 is in some situations faster than the \gls{CSBS} implementation. Note that 1024 bit keys are not recommended for many use cases, but the highest currently known RSA factorization done is 829 bits \cite{enwiki:1055393696}. The following section \ref{sec:disc-risk} explains the risk running RSA 1024 or \gls{CSBS} denominations further.\\ The blind and unblind operations are running in a wallet implementation, therefore the comparison with RSA 1024 is very interesting for devices with less CPU power. -Comparison of such hardware can be found in appendix \ref{chap:app-perf}, these comparison results come to the same conlcusion.\\ +Comparison of such hardware can be found in appendix \ref{chap:app-perf}, these comparison results come to the same conclusion.\\ Although RSA 1024 bit is much faster in the blinding operation, \gls{CSBS} still perform better when calculating the blinding and unblinding operations together. \gls{CSBS} unblinding computes only an addition of two scalars $s + \alpha \mod p$, while RSA computes $s * r^{-1}$. To conclude, \gls{CSBS} are faster than RSA 1024 bit and provide a better level of security. @@ -205,7 +205,7 @@ The disk space comparison for a wallet can be found in \ref{tab:comp-wallet-spac These are theoretical calculations, implementations may choose to persist additional values. \end{bfhWarnBox} The reasons that \gls{CSBS} use less bandwidth is mostly because the signature/key sizes are much smaller. -The bandwith improvements for the \texttt{/keys} API is the same as specified in the table with disk space comparison \ref{tab:comp-sign-space}. +The bandwidth improvements for the \texttt{/keys} API is the same as specified in the table with disk space comparison \ref{tab:comp-sign-space}. For \gls{CSBS} many calculations are performed twice, therefore also two values are submitted. Table \ref{tab:comp-band-withd} compares the bandwidth used in a withdrawal. The 32 byte values $2 * n_w, 2 * D_p, R_0, R_1, s,W_p, c_0, c_1, \sigma_W$ as well as an integer $b$ are transmitted for \gls{CSBS}.\\ @@ -222,14 +222,14 @@ Depending on the hash size another 32 byte (or 64 byte) value is transmitted. \setupBfhTabular \begin{tabular}{lccr} \rowcolor{BFH-tablehead} - \textbf{Signature Scheme} & \textbf{Bandwith used} & \textbf{Factor} & \textbf{1M coins}\\\hline + \textbf{Signature Scheme} & \textbf{Bandwidth used} & \textbf{Factor} & \textbf{1M coins}\\\hline CS 256 bits & 356 bytes & 1x & 324 MB\\\hline RSA 1024 bit & 448 bytes & 1.3x & 448 MB \\\hline RSA 2048 bit & 832 bytes & 2.5x & 832 MB\\\hline RSA 3072 bit & 1216 bytes & 3.75x & 1216 MB\\\hline RSA 4096 bit & 1600 bytes & 4.9x & 1600 MB\\\hline \end{tabular} - \caption{Bandwith comparison withdrawal} + \caption{Bandwidth comparison withdrawal} \label{tab:comp-band-withd} \end{table} diff --git a/doc/cs/content/6_conclusion.tex b/doc/cs/content/6_conclusion.tex index c270e765a..8ee12fa5e 100644 --- a/doc/cs/content/6_conclusion.tex +++ b/doc/cs/content/6_conclusion.tex @@ -25,8 +25,8 @@ The thesis provides several results to add support for Schnorr's blind signature \end{itemize} \item Comparison and Analysis \begin{itemize} - \item Performance (speed, space, latency \& bandwith) - \item Security + \item Performance (speed, space, latency \& bandwidth) + \item Security \item Scheme Comparison \end{itemize} \item Fixing a minor security issue in Taler's current protocols @@ -47,7 +47,7 @@ This section provides an outlook on what can be done in future work. \item Evaluating \& implementing \gls{CSBS} on other curves \end{itemize} -There are some remaining protocols to implement, which were out of scope for this thesis. +There are some remaining protocols to implement, which were out of scope for this thesis. To run \gls{CSBS} in production, these protocols have to be implemented too. Further, the merchant needs to support \gls{CSBS} too. The merchant implementation can be done fast, as the merchant only verifies denomination signatures in most cases. \\ @@ -58,7 +58,7 @@ A security audit should always be made when implementing big changes like these. As mentioned in the scope section, the optional goal to find and implement a good solution for the withdraw loophole was dropped. This was due to the scope shift and because the analysis of the problem showed that finding a good solution needs more research and is a whole project in itself (see \ref{sec:scope} for more information).\\ Furthermore, \gls{CSBS} could be implemented on other curves. -For example Curve448 \cite{cryptoeprint:2015:625} could be used, as it provides 224 bits of security, wheras \gls{25519} \cite{bern:curve25519} provides about 128 bits of security. +For example Curve448 \cite{cryptoeprint:2015:625} could be used, as it provides 224 bits of security, whereas \gls{25519} \cite{bern:curve25519} provides about 128 bits of security. Curve secp256k1 could further improve \gls{CSBS} performance. While providing support for Curve448 should not be problematic, a potential implementation for secp256k1 needs further analysis (see \cite{bernlange:safecurves} and \cite{bip:schnorr-bitc} for more information). @@ -67,4 +67,4 @@ This thesis includes understanding, analyzing, integrating and implementing a re Furthermore, the implementation is done in Taler, an intuitive and modern solution for a social responsible payment system with high ethical standards. Although there was a lot of work, we enjoyed working on such a modern and very interesting topic. Especially the first successful signature verification and the signature scheme performance benchmarks motivated us to push the implementation and integration into Taler forward.\\ -We are happy to provide an implementation of a modern scheme and making it available as free software. \ No newline at end of file +We are happy to provide an implementation of a modern scheme and making it available as free software. diff --git a/src/auditor/auditor-basedb.sql b/src/auditor/auditor-basedb.sql index 8b74c6bd2..69950d5b5 100644 --- a/src/auditor/auditor-basedb.sql +++ b/src/auditor/auditor-basedb.sql @@ -1442,7 +1442,7 @@ BEGIN PERFORM create_partitioned_table( 'CREATE TABLE IF NOT EXISTS %I' '(aggregation_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY' -- UNIQUE' - ',deposit_serial_id INT8 PRIMARY KEY' -- REFERENCES deposits (deposit_serial_id) ON DELETE CASCADE' -- FIXME chnage to coint_pub + deposit_serial_id for more efficient depost -- or something else ??? + ',deposit_serial_id INT8 PRIMARY KEY' -- REFERENCES deposits (deposit_serial_id) ON DELETE CASCADE' -- FIXME change to coint_pub + deposit_serial_id for more efficient depost -- or something else ??? ',wtid_raw BYTEA NOT NULL' -- CONSTRAINT wire_out_ref REFERENCES wire_out(wtid_raw) ON DELETE CASCADE DEFERRABLE' ') %s ;' ,table_name @@ -16989,4 +16989,3 @@ ALTER TABLE ONLY public.signkey_revocations -- -- PostgreSQL database dump complete -- - diff --git a/src/auditor/revoke-basedb.sql b/src/auditor/revoke-basedb.sql index e39202c51..f0aff7650 100644 --- a/src/auditor/revoke-basedb.sql +++ b/src/auditor/revoke-basedb.sql @@ -1442,7 +1442,7 @@ BEGIN PERFORM create_partitioned_table( 'CREATE TABLE IF NOT EXISTS %I' '(aggregation_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY' -- UNIQUE' - ',deposit_serial_id INT8 PRIMARY KEY' -- REFERENCES deposits (deposit_serial_id) ON DELETE CASCADE' -- FIXME chnage to coint_pub + deposit_serial_id for more efficient depost -- or something else ??? + ',deposit_serial_id INT8 PRIMARY KEY' -- REFERENCES deposits (deposit_serial_id) ON DELETE CASCADE' -- FIXME change to coint_pub + deposit_serial_id for more efficient depost -- or something else ??? ',wtid_raw BYTEA NOT NULL' -- CONSTRAINT wire_out_ref REFERENCES wire_out(wtid_raw) ON DELETE CASCADE DEFERRABLE' ') %s ;' ,table_name @@ -17001,4 +17001,3 @@ ALTER TABLE ONLY public.signkey_revocations -- -- PostgreSQL database dump complete -- - diff --git a/src/testing/testing_api_cmd_reserve_purse.c b/src/testing/testing_api_cmd_reserve_purse.c index 4106600cb..488790888 100644 --- a/src/testing/testing_api_cmd_reserve_purse.c +++ b/src/testing/testing_api_cmd_reserve_purse.c @@ -103,7 +103,7 @@ struct ReservePurseState json_t *contract_terms; /** - * Refernece to the reserve, or NULL (!). + * Reference to the reserve, or NULL (!). */ const char *reserve_ref; From eb4c765e30b42099d0507d42270cddf26bfb5b69 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sun, 26 Jun 2022 15:37:38 +0200 Subject: [PATCH 9/9] -more doxygen --- src/include/taler_crypto_lib.h | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 3d6c20b6f..aee2be555 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -4121,11 +4121,11 @@ TALER_exchange_online_reserve_closed_verify ( * * @param scb function to call to create the signature * @param exchange_time our time - * @param purse_expriration when will the purse expire + * @param purse_expiration when will the purse expire * @param amount_without_fee total amount to be put into the purse (without deposit fees) * @param total_deposited total currently in the purse * @param purse_pub public key of the purse - * @param h_contract_term hash of the contract for the purse + * @param h_contract_terms hash of the contract for the purse * @param[out] pub where to write the public key * @param[out] sig where to write the signature * @return #TALER_EC_NONE on success @@ -4147,11 +4147,11 @@ TALER_exchange_online_purse_created_sign ( * Verify exchange signature about a purse creation and balance. * * @param exchange_time our time - * @param purse_expriration when will the purse expire + * @param purse_expiration when will the purse expire * @param amount_without_fee total amount to be put into the purse (without deposit fees) * @param total_deposited total currently in the purse * @param purse_pub public key of the purse - * @param h_contract_term hash of the contract for the purse + * @param h_contract_terms hash of the contract for the purse * @param pub the public key of the exchange to check against * @param sig the signature to check * @return #GNUNET_OK if the signature is valid @@ -4251,8 +4251,8 @@ TALER_exchange_online_purse_status_sign ( * @param merge_timestamp when was the purse merged (can be never) * @param deposit_timestamp when was the purse fully paid up (can be never) * @param balance current balance of the purse - * @param pub the public key of the exchange to check against - * @param sig the signature to check + * @param exchange_pub the public key of the exchange to check against + * @param exchange_sig the signature to check * @return #GNUNET_OK if the signature is valid */ enum GNUNET_GenericReturnValue @@ -4516,6 +4516,7 @@ TALER_exchange_offline_partner_details_sign ( /** * Verify signature about an exchange's partners. * + * @param partner_pub master public key of the partner * @param start_date validity period start * @param end_date validity period end * @param wad_frequency how often will we do wad transfers to this partner