diff --git a/src/benchmark/taler-aggregator-benchmark.c b/src/benchmark/taler-aggregator-benchmark.c index 47314abe9..3584c811b 100644 --- a/src/benchmark/taler-aggregator-benchmark.c +++ b/src/benchmark/taler-aggregator-benchmark.c @@ -490,7 +490,7 @@ run (void *cls, struct TALER_CoinPubHash c_hash; struct TALER_PlanchetDetail pd; struct TALER_BlindedDenominationSignature bds; - union TALER_DenominationBlindingKeyP bks; + struct TALER_PlanchetSecretsP ps; struct TALER_CoinSpendPublicKeyP coin_pub; RANDOMIZE (&coin_pub); @@ -518,10 +518,11 @@ run (void *cls, return; } - TALER_blinding_secret_create (&bks, TALER_DENOMINATION_RSA); + + TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); GNUNET_assert (GNUNET_OK == TALER_denom_blind (&denom_pub, - &bks, + &ps.blinding_key, NULL, /* FIXME-oec */ &coin_pub, &c_hash, @@ -534,7 +535,7 @@ run (void *cls, GNUNET_assert (GNUNET_OK == TALER_denom_sig_unblind (&denom_sig, &bds, - &bks, + &ps.blinding_key, &denom_pub)); TALER_blinded_denom_sig_free (&bds); TALER_denom_pub_free (&denom_pub); diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c index 3306837d7..ab47afe8c 100644 --- a/src/exchangedb/test_exchangedb.c +++ b/src/exchangedb/test_exchangedb.c @@ -533,6 +533,224 @@ handle_link_data_cb (void *cls, } //FIXME: GNUNET_assert (GNUNET_NO != found); + } +} + + +/** + * Function to test melting of coins as part of a refresh session + * + * @return #GNUNET_OK if everything went well; #GNUNET_SYSERR if not + */ +static enum GNUNET_GenericReturnValue +test_melting (void) +{ + struct TALER_EXCHANGEDB_Refresh refresh_session; + struct TALER_EXCHANGEDB_Melt ret_refresh_session; + struct DenomKeyPair *dkp; + struct TALER_DenominationPublicKey *new_denom_pubs; + enum GNUNET_GenericReturnValue ret; + enum GNUNET_DB_QueryStatus qs; + struct GNUNET_TIME_Timestamp now; + + ret = GNUNET_SYSERR; + RND_BLK (&refresh_session); + dkp = NULL; + new_dkp = NULL; + new_denom_pubs = NULL; + /* create and test a refresh session */ + refresh_session.noreveal_index = MELT_NOREVEAL_INDEX; + /* create a denomination (value: 1; fraction: 100) */ + now = GNUNET_TIME_timestamp_get (); + dkp = create_denom_key_pair (512, + now, + &value, + &fee_withdraw, + &fee_deposit, + &fee_refresh, + &fee_refund); + GNUNET_assert (NULL != dkp); + /* initialize refresh session melt data */ + { + struct TALER_CoinPubHash c_hash; + struct TALER_PlanchetDetail pd; + struct TALER_BlindedDenominationSignature bds; + struct TALER_PlanchetSecretsP ps; + + RND_BLK (&refresh_session.coin.coin_pub); + TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); + GNUNET_assert (GNUNET_OK == + TALER_denom_blind (&dkp->pub, + &ps.blinding_key, + NULL, /* FIXME-Oec */ + &refresh_session.coin.coin_pub, + &c_hash, + &pd.blinded_planchet)); + GNUNET_assert (GNUNET_OK == + TALER_denom_sign_blinded (&bds, + &dkp->priv, + &pd.blinded_planchet)); + GNUNET_free (pd.blinded_planchet.details.rsa_blinded_planchet.blinded_msg); + GNUNET_assert (GNUNET_OK == + TALER_denom_sig_unblind (&refresh_session.coin.denom_sig, + &bds, + &ps.blinding_key, + &dkp->pub)); + TALER_blinded_denom_sig_free (&bds); + TALER_denom_pub_hash (&dkp->pub, + &refresh_session.coin.denom_pub_hash); + refresh_session.amount_with_fee = amount_with_fee; + } + + /* test insert_melt & get_melt */ + FAILIF (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS != + plugin->get_melt (plugin->cls, + &refresh_session.rc, + &ret_refresh_session)); + FAILIF (TALER_EXCHANGEDB_CKS_ADDED != + plugin->ensure_coin_known (plugin->cls, + &refresh_session.coin)); + FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != + plugin->insert_melt (plugin->cls, + &refresh_session)); + FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != + plugin->get_melt (plugin->cls, + &refresh_session.rc, + &ret_refresh_session)); + FAILIF (refresh_session.noreveal_index != + ret_refresh_session.session.noreveal_index); + FAILIF (0 != + TALER_amount_cmp (&refresh_session.amount_with_fee, + &ret_refresh_session.session.amount_with_fee)); + FAILIF (0 != + TALER_amount_cmp (&fee_refresh, + &ret_refresh_session.melt_fee)); + FAILIF (0 != + GNUNET_memcmp (&refresh_session.rc, + &ret_refresh_session.session.rc)); + FAILIF (0 != GNUNET_memcmp (&refresh_session.coin_sig, + &ret_refresh_session.session.coin_sig)); + FAILIF (0 != memcmp (&refresh_session.coin.coin_pub, + &ret_refresh_session.session.coin.coin_pub, + sizeof (refresh_session.coin.coin_pub))); + FAILIF (0 != + GNUNET_memcmp (&refresh_session.coin.denom_pub_hash, + &ret_refresh_session.session.coin.denom_pub_hash)); + + /* test 'select_refreshes_above_serial_id' */ + auditor_row_cnt = 0; + FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != + plugin->select_refreshes_above_serial_id (plugin->cls, + 0, + &audit_refresh_session_cb, + NULL)); + FAILIF (1 != auditor_row_cnt); + + new_dkp = GNUNET_new_array (MELT_NEW_COINS, + struct DenomKeyPair *); + new_denom_pubs = GNUNET_new_array (MELT_NEW_COINS, + struct TALER_DenominationPublicKey); + revealed_coins + = GNUNET_new_array (MELT_NEW_COINS, + struct TALER_EXCHANGEDB_RefreshRevealedCoin); + for (unsigned int cnt = 0; cnt < MELT_NEW_COINS; cnt++) + { + struct TALER_EXCHANGEDB_RefreshRevealedCoin *ccoin; + struct GNUNET_TIME_Timestamp now; + struct TALER_BlindedPlanchet blinded_planchet; + blinded_planchet.cipher = TALER_DENOMINATION_RSA; + + now = GNUNET_TIME_timestamp_get (); + new_dkp[cnt] = create_denom_key_pair (RSA_KEY_SIZE, + now, + &value, + &fee_withdraw, + &fee_deposit, + &fee_refresh, + &fee_refund); + GNUNET_assert (NULL != new_dkp[cnt]); + new_denom_pubs[cnt] = new_dkp[cnt]->pub; + ccoin = &revealed_coins[cnt]; + ccoin->coin_ev_size = (size_t) GNUNET_CRYPTO_random_u64 ( + GNUNET_CRYPTO_QUALITY_WEAK, + (RSA_KEY_SIZE / 8) - 1); + ccoin->coin_ev = GNUNET_malloc (ccoin->coin_ev_size); + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, + ccoin->coin_ev, + ccoin->coin_ev_size); + ccoin->denom_pub = new_dkp[cnt]->pub; + + blinded_planchet.details.rsa_blinded_planchet.blinded_msg = ccoin->coin_ev; + blinded_planchet.details.rsa_blinded_planchet.blinded_msg_size = + ccoin->coin_ev_size; + GNUNET_assert (GNUNET_OK == + TALER_denom_sign_blinded (&ccoin->coin_sig, + &new_dkp[cnt]->priv, + &blinded_planchet)); + } + RND_BLK (&tprivs); + RND_BLK (&tpub); + FAILIF (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS != + plugin->get_refresh_reveal (plugin->cls, + &refresh_session.rc, + &never_called_cb, + NULL)); + FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != + plugin->insert_refresh_reveal (plugin->cls, + &refresh_session.rc, + MELT_NEW_COINS, + revealed_coins, + TALER_CNC_KAPPA - 1, + tprivs, + &tpub)); + FAILIF (0 >= + plugin->get_refresh_reveal (plugin->cls, + &refresh_session.rc, + &check_refresh_reveal_cb, + NULL)); + qs = plugin->get_link_data (plugin->cls, + &refresh_session.coin.coin_pub, + &handle_link_data_cb, + NULL); + FAILIF (0 >= qs); + { + /* Just to test fetching a coin with melt history */ + struct TALER_EXCHANGEDB_TransactionList *tl; + enum GNUNET_DB_QueryStatus qs; + + qs = plugin->get_coin_transactions (plugin->cls, + &refresh_session.coin.coin_pub, + GNUNET_YES, + &tl); + FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs); + plugin->free_coin_transaction_list (plugin->cls, + tl); + } + + + ret = GNUNET_OK; +drop: + if (NULL != revealed_coins) + { + for (unsigned int cnt = 0; cnt < MELT_NEW_COINS; cnt++) + { + TALER_blinded_denom_sig_free (&revealed_coins[cnt].coin_sig); + GNUNET_free (revealed_coins[cnt].coin_ev); + } + GNUNET_free (revealed_coins); + revealed_coins = NULL; + } + destroy_denom_key_pair (dkp); + TALER_denom_sig_free (&refresh_session.coin.denom_sig); + GNUNET_free (new_denom_pubs); + for (unsigned int cnt = 0; + (NULL != new_dkp) && (cnt < MELT_NEW_COINS) && (NULL != new_dkp[cnt]); + cnt++) + destroy_denom_key_pair (new_dkp[cnt]); + GNUNET_free (new_dkp); + return ret; +} + /** * Callback that should never be called. @@ -1344,7 +1562,6 @@ run (void *cls) enum GNUNET_DB_QueryStatus qs; struct GNUNET_TIME_Timestamp now; struct TALER_WireSalt salt; - union TALER_DenominationBlindingKeyP bks; struct TALER_CoinPubHash c_hash; uint64_t known_coin_id; uint64_t rrc_serial; @@ -1352,6 +1569,8 @@ run (void *cls) struct TALER_DenominationPublicKey *new_denom_pubs = NULL; uint64_t reserve_out_serial_id; uint64_t melt_serial_id; + struct TALER_PlanchetSecretsP ps; + memset (&deposit, 0, @@ -1494,10 +1713,11 @@ run (void *cls) GNUNET_free (pd.coin_ev); } RND_BLK (&coin_pub); - TALER_blinding_secret_create (&bks, TALER_DENOMINATION_RSA); + TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); + GNUNET_assert (GNUNET_OK == TALER_denom_blind (&dkp->pub, - &bks, + &ps.blinding_key, NULL, /* FIXME-Oec */ &coin_pub, &c_hash, @@ -1571,7 +1791,7 @@ run (void *cls) GNUNET_assert (GNUNET_OK == TALER_denom_sig_unblind (&ds, &cbc2.sig, - &bks, + &ps.blinding_key, &dkp->pub)); FAILIF (GNUNET_OK != TALER_denom_pub_verify (&dkp->pub, @@ -1588,7 +1808,7 @@ run (void *cls) GNUNET_assert (GNUNET_OK == TALER_denom_sig_unblind (&deposit.coin.denom_sig, &cbc.sig, - &bks, + &ps.blinding_key, &dkp->pub)); deadline = GNUNET_TIME_timestamp_get (); { @@ -2167,7 +2387,7 @@ run (void *cls) GNUNET_assert (GNUNET_OK == TALER_denom_sig_unblind (&deposit.coin.denom_sig, &cbc.sig, - &bks, + &ps.blinding_key, &dkp->pub)); RND_BLK (&deposit.csig); RND_BLK (&deposit.merchant_pub); diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index c0e96427e..133fc1868 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -941,19 +941,6 @@ TALER_cs_withdraw_nonce_derive (const struct TALER_CoinSpendPrivateKeyP *coin_priv, struct TALER_WithdrawNonce *nonce); -/** - * Create a blinding secret @a bs for @a cipher. - * - * @param[out] bs blinding secret to initialize - * @param cipher algorithm to use (CS or RSA) - * @param ... If CS signature, R_0 and R_1 (TALER_DenominationCsPublicR) - * and the coins private key (TALER_CoinSpendPrivateKeyP) is needed - */ -void -TALER_blinding_secret_create (union TALER_DenominationBlindingKeyP *bs, - enum TALER_DenominationCipher cipher, - ...); - /** * Initialize denomination public-private key pair. @@ -1436,6 +1423,14 @@ void TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps, enum TALER_DenominationCipher cipher); +/** + * Create a blinding secret @a bs for @a cipher. + * + * @param[out] ps planchet with blinding secret to initialize + */ +void +TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps, + enum TALER_DenominationCipher cipher); /** * Prepare a planchet for tipping. Creates and blinds a coin. diff --git a/src/lib/exchange_api_withdraw.c b/src/lib/exchange_api_withdraw.c index 2c57797fd..e42107ab9 100644 --- a/src/lib/exchange_api_withdraw.c +++ b/src/lib/exchange_api_withdraw.c @@ -181,10 +181,8 @@ withdraw_cs_stage_two_callback (void *cls, { case MHD_HTTP_OK: wh->ps.cs_r_pub = csrr->details.success.r_pubs; - TALER_blinding_secret_create (&wh->ps.blinding_key, - wh->pk.key.cipher, - &wh->ps.coin_priv, - &wh->ps.cs_r_pub); + TALER_planchet_blinding_secret_create (&wh->ps, + wh->pk.key.cipher); if (GNUNET_OK != TALER_planchet_prepare (&wh->pk.key, &wh->ps, diff --git a/src/testing/testing_api_cmd_insert_deposit.c b/src/testing/testing_api_cmd_insert_deposit.c index 738c4b67d..026090bc2 100644 --- a/src/testing/testing_api_cmd_insert_deposit.c +++ b/src/testing/testing_api_cmd_insert_deposit.c @@ -201,12 +201,12 @@ insert_deposit_run (void *cls, struct TALER_CoinPubHash c_hash; struct TALER_PlanchetDetail pd; struct TALER_BlindedDenominationSignature bds; - union TALER_DenominationBlindingKeyP bks; + struct TALER_PlanchetSecretsP ps; - TALER_blinding_secret_create (&bks, TALER_DENOMINATION_RSA); + TALER_planchet_blinding_secret_create (&ps, TALER_DENOMINATION_RSA); GNUNET_assert (GNUNET_OK == TALER_denom_blind (&dpk, - &bks, + &ps.blinding_key, NULL, /* FIXME-Oec */ &deposit.coin.coin_pub, &c_hash, @@ -219,7 +219,7 @@ insert_deposit_run (void *cls, GNUNET_assert (GNUNET_OK == TALER_denom_sig_unblind (&deposit.coin.denom_sig, &bds, - &bks, + &ps.blinding_key, &dpk)); TALER_blinded_denom_sig_free (&bds); } diff --git a/src/util/crypto.c b/src/util/crypto.c index 445b820aa..664d75aa6 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -208,9 +208,8 @@ TALER_cs_withdraw_nonce_derive (const struct void -TALER_blinding_secret_create (union TALER_DenominationBlindingKeyP *bs, - enum TALER_DenominationCipher cipher, - ...) +TALER_planchet_blinding_secret_create (struct TALER_PlanchetSecretsP *ps, + enum TALER_DenominationCipher cipher) { switch (cipher) { @@ -219,23 +218,15 @@ TALER_blinding_secret_create (union TALER_DenominationBlindingKeyP *bs, return; case TALER_DENOMINATION_RSA: GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG, - &bs->rsa_bks, + &ps->blinding_key.rsa_bks, sizeof (struct GNUNET_CRYPTO_RsaBlindingKeySecret)); return; case TALER_DENOMINATION_CS: { - va_list ap; - va_start (ap, cipher); - struct TALER_CoinSpendPrivateKeyP *coin_priv; - struct TALER_DenominationCsPublicR *r_pub; - coin_priv = va_arg (ap, struct TALER_CoinSpendPrivateKeyP *); - r_pub = va_arg (ap, struct TALER_DenominationCsPublicR *); - - cs_blinding_seed_derive (coin_priv, - r_pub->r_pub, - &bs->nonce); - va_end (ap); + cs_blinding_seed_derive (&ps->coin_priv, + ps->cs_r_pub.r_pub, + &ps->blinding_key.nonce); return; } default: @@ -262,7 +253,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps, GNUNET_break (0); return; case TALER_DENOMINATION_RSA: - TALER_blinding_secret_create (&ps->blinding_key, cipher); + TALER_planchet_blinding_secret_create (ps, TALER_DENOMINATION_RSA); return; case TALER_DENOMINATION_CS: // Will be set in a later stage for Clause Blind Schnorr Scheme diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c index 513fbbad8..9ddd6cfd4 100644 --- a/src/util/test_crypto.c +++ b/src/util/test_crypto.c @@ -164,10 +164,8 @@ test_planchets_cs (void) &dk_priv, &ps.cs_r_pub)); // TODO: eliminate r_pubs parameter - TALER_blinding_secret_create (&ps.blinding_key, - TALER_DENOMINATION_CS, - &ps.coin_priv, - &ps.cs_r_pub); + TALER_planchet_blinding_secret_create (&ps, + TALER_DENOMINATION_CS); GNUNET_assert (GNUNET_OK == TALER_planchet_prepare (&dk_pub, diff --git a/src/util/test_helper_cs.c b/src/util/test_helper_cs.c index 501a398fa..8ce380d46 100644 --- a/src/util/test_helper_cs.c +++ b/src/util/test_helper_cs.c @@ -319,10 +319,8 @@ test_r_derive (struct TALER_CRYPTO_CsDenominationHelper *dh) "Received valid R for key %s\n", GNUNET_h2s (&keys[i].h_cs.hash)); - TALER_blinding_secret_create (&ps.blinding_key, - TALER_DENOMINATION_CS, - &ps.coin_priv, - &ps.cs_r_pub); + TALER_planchet_blinding_secret_create (&ps, + TALER_DENOMINATION_CS); GNUNET_assert (GNUNET_OK == TALER_planchet_prepare (&keys[i].denom_pub, &ps, @@ -426,10 +424,8 @@ test_signing (struct TALER_CRYPTO_CsDenominationHelper *dh) details. cs_blinded_planchet.nonce, &ec); - TALER_blinding_secret_create (&ps.blinding_key, - TALER_DENOMINATION_CS, - &ps.coin_priv, - &ps.cs_r_pub); + TALER_planchet_blinding_secret_create (&ps, + TALER_DENOMINATION_CS); GNUNET_assert (GNUNET_YES == TALER_planchet_prepare (&keys[i].denom_pub, @@ -614,10 +610,8 @@ perf_signing (struct TALER_CRYPTO_CsDenominationHelper *dh, details. cs_blinded_planchet.nonce, &ec); - TALER_blinding_secret_create (&ps.blinding_key, - TALER_DENOMINATION_CS, - &ps.coin_priv, - &ps.cs_r_pub); + TALER_planchet_blinding_secret_create (&ps, + TALER_DENOMINATION_CS); GNUNET_assert (GNUNET_YES == TALER_planchet_prepare (&keys[i].denom_pub,