Merge branch 'master' of ssh://git.taler.net/exchange
This commit is contained in:
commit
9fc3b7a278
@ -37,16 +37,13 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
|
|||||||
const json_t *root,
|
const json_t *root,
|
||||||
const char *const args[])
|
const char *const args[])
|
||||||
{
|
{
|
||||||
struct TALER_CsNonce nonce;
|
unsigned int csr_requests_num;
|
||||||
struct TALER_DenominationHash denom_pub_hash;
|
json_t *csr_requests;
|
||||||
struct TALER_DenominationCsPublicR r_pub;
|
json_t *csr_response;
|
||||||
|
|
||||||
struct GNUNET_JSON_Specification spec[] = {
|
struct GNUNET_JSON_Specification spec[] = {
|
||||||
GNUNET_JSON_spec_fixed ("nonce",
|
GNUNET_JSON_spec_json ("nks",
|
||||||
&nonce,
|
&csr_requests),
|
||||||
sizeof (struct TALER_CsNonce)),
|
|
||||||
GNUNET_JSON_spec_fixed ("denom_pub_hash",
|
|
||||||
&denom_pub_hash,
|
|
||||||
sizeof (struct TALER_DenominationHash)),
|
|
||||||
GNUNET_JSON_spec_end ()
|
GNUNET_JSON_spec_end ()
|
||||||
};
|
};
|
||||||
enum TALER_ErrorCode ec;
|
enum TALER_ErrorCode ec;
|
||||||
@ -65,6 +62,48 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
|
|||||||
if (GNUNET_OK != res)
|
if (GNUNET_OK != res)
|
||||||
return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
|
return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
|
||||||
}
|
}
|
||||||
|
csr_requests_num = json_array_size (csr_requests);
|
||||||
|
if (TALER_MAX_FRESH_COINS <= csr_requests_num)
|
||||||
|
{
|
||||||
|
return TALER_MHD_reply_with_error (
|
||||||
|
rc->connection,
|
||||||
|
MHD_HTTP_BAD_REQUEST,
|
||||||
|
// FIXME: generalize error message
|
||||||
|
TALER_EC_EXCHANGE_REFRESHES_REVEAL_NEW_DENOMS_ARRAY_SIZE_EXCESSIVE,
|
||||||
|
NULL);
|
||||||
|
}
|
||||||
|
struct TALER_CsNonce nonces[GNUNET_NZL (csr_requests_num)];
|
||||||
|
struct TALER_DenominationHash denom_pub_hashes[GNUNET_NZL (csr_requests_num)];
|
||||||
|
for (unsigned int i = 0; i < csr_requests_num; i++)
|
||||||
|
{
|
||||||
|
struct TALER_CsNonce *nonce = &nonces[i];
|
||||||
|
struct TALER_DenominationHash *denom_pub_hash = &denom_pub_hashes[i];
|
||||||
|
struct GNUNET_JSON_Specification csr_spec[] = {
|
||||||
|
GNUNET_JSON_spec_fixed ("nonce",
|
||||||
|
nonce,
|
||||||
|
sizeof (struct TALER_CsNonce)),
|
||||||
|
GNUNET_JSON_spec_fixed ("denom_pub_hash",
|
||||||
|
denom_pub_hash,
|
||||||
|
sizeof (struct TALER_DenominationHash)),
|
||||||
|
GNUNET_JSON_spec_end ()
|
||||||
|
};
|
||||||
|
enum GNUNET_GenericReturnValue res;
|
||||||
|
|
||||||
|
res = TALER_MHD_parse_json_array (rc->connection,
|
||||||
|
root,
|
||||||
|
csr_spec,
|
||||||
|
i,
|
||||||
|
-1);
|
||||||
|
if (GNUNET_OK != res)
|
||||||
|
return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
|
||||||
|
}
|
||||||
|
|
||||||
|
struct TALER_DenominationCsPublicR r_pubs[GNUNET_NZL (csr_requests_num)];
|
||||||
|
for (unsigned int i = 0; i < csr_requests_num; i++)
|
||||||
|
{
|
||||||
|
const struct TALER_CsNonce *nonce = &nonces[i];
|
||||||
|
const struct TALER_DenominationHash *denom_pub_hash = &denom_pub_hashes[i];
|
||||||
|
struct TALER_DenominationCsPublicR *r_pub = &r_pubs[i];
|
||||||
|
|
||||||
// check denomination referenced by denom_pub_hash
|
// check denomination referenced by denom_pub_hash
|
||||||
{
|
{
|
||||||
@ -79,21 +118,21 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
|
|||||||
NULL);
|
NULL);
|
||||||
}
|
}
|
||||||
dk = TEH_keys_denomination_by_hash2 (ksh,
|
dk = TEH_keys_denomination_by_hash2 (ksh,
|
||||||
&denom_pub_hash,
|
denom_pub_hash,
|
||||||
NULL,
|
NULL,
|
||||||
NULL);
|
NULL);
|
||||||
if (NULL == dk)
|
if (NULL == dk)
|
||||||
{
|
{
|
||||||
return TEH_RESPONSE_reply_unknown_denom_pub_hash (
|
return TEH_RESPONSE_reply_unknown_denom_pub_hash (
|
||||||
rc->connection,
|
rc->connection,
|
||||||
&denom_pub_hash);
|
&denom_pub_hash[i]);
|
||||||
}
|
}
|
||||||
if (GNUNET_TIME_absolute_is_past (dk->meta.expire_withdraw.abs_time))
|
if (GNUNET_TIME_absolute_is_past (dk->meta.expire_withdraw.abs_time))
|
||||||
{
|
{
|
||||||
/* This denomination is past the expiration time for withdraws/refreshes*/
|
/* This denomination is past the expiration time for withdraws/refreshes*/
|
||||||
return TEH_RESPONSE_reply_expired_denom_pub_hash (
|
return TEH_RESPONSE_reply_expired_denom_pub_hash (
|
||||||
rc->connection,
|
rc->connection,
|
||||||
&denom_pub_hash,
|
denom_pub_hash,
|
||||||
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED,
|
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED,
|
||||||
"CSR");
|
"CSR");
|
||||||
}
|
}
|
||||||
@ -103,7 +142,7 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
|
|||||||
for idempotency! */
|
for idempotency! */
|
||||||
return TEH_RESPONSE_reply_expired_denom_pub_hash (
|
return TEH_RESPONSE_reply_expired_denom_pub_hash (
|
||||||
rc->connection,
|
rc->connection,
|
||||||
&denom_pub_hash,
|
denom_pub_hash,
|
||||||
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_VALIDITY_IN_FUTURE,
|
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_VALIDITY_IN_FUTURE,
|
||||||
"CSR");
|
"CSR");
|
||||||
}
|
}
|
||||||
@ -112,7 +151,7 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
|
|||||||
/* This denomination has been revoked */
|
/* This denomination has been revoked */
|
||||||
return TEH_RESPONSE_reply_expired_denom_pub_hash (
|
return TEH_RESPONSE_reply_expired_denom_pub_hash (
|
||||||
rc->connection,
|
rc->connection,
|
||||||
&denom_pub_hash,
|
denom_pub_hash,
|
||||||
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED,
|
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED,
|
||||||
"CSR");
|
"CSR");
|
||||||
}
|
}
|
||||||
@ -121,14 +160,15 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
|
|||||||
// denomination is valid but not CS
|
// denomination is valid but not CS
|
||||||
return TEH_RESPONSE_reply_invalid_denom_cipher_for_operation (
|
return TEH_RESPONSE_reply_invalid_denom_cipher_for_operation (
|
||||||
rc->connection,
|
rc->connection,
|
||||||
&denom_pub_hash);
|
denom_pub_hash);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// derive r_pub
|
// derive r_pub
|
||||||
ec = TEH_keys_denomination_cs_r_pub (&denom_pub_hash,
|
// FIXME: bundle all requests into one derivation request (TEH_keys_..., crypto helper, security module)
|
||||||
&nonce,
|
ec = TEH_keys_denomination_cs_r_pub (denom_pub_hash,
|
||||||
&r_pub);
|
nonce,
|
||||||
|
r_pub);
|
||||||
if (TALER_EC_NONE != ec)
|
if (TALER_EC_NONE != ec)
|
||||||
{
|
{
|
||||||
GNUNET_break (0);
|
GNUNET_break (0);
|
||||||
@ -136,17 +176,30 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
|
|||||||
ec,
|
ec,
|
||||||
NULL);
|
NULL);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// send response
|
// send response
|
||||||
return TALER_MHD_REPLY_JSON_PACK (
|
csr_response = json_array ();
|
||||||
rc->connection,
|
for (unsigned int i = 0; i < csr_requests_num; i++)
|
||||||
MHD_HTTP_OK,
|
{
|
||||||
|
const struct TALER_DenominationCsPublicR *r_pub = &r_pubs[i];
|
||||||
|
json_t *csr_obj;
|
||||||
|
|
||||||
|
csr_obj = GNUNET_JSON_PACK (
|
||||||
GNUNET_JSON_pack_data_varsize ("r_pub_0",
|
GNUNET_JSON_pack_data_varsize ("r_pub_0",
|
||||||
&r_pub.r_pub[0],
|
&r_pub->r_pub[0],
|
||||||
sizeof(struct GNUNET_CRYPTO_CsRPublic)),
|
sizeof(struct GNUNET_CRYPTO_CsRPublic)),
|
||||||
GNUNET_JSON_pack_data_varsize ("r_pub_1",
|
GNUNET_JSON_pack_data_varsize ("r_pub_1",
|
||||||
&r_pub.r_pub[1],
|
&r_pub->r_pub[1],
|
||||||
sizeof(struct GNUNET_CRYPTO_CsRPublic)));
|
sizeof(struct GNUNET_CRYPTO_CsRPublic)));
|
||||||
|
GNUNET_assert (NULL != csr_obj);
|
||||||
|
GNUNET_assert (0 ==
|
||||||
|
json_array_append_new (csr_response,
|
||||||
|
csr_obj));
|
||||||
|
}
|
||||||
|
return TALER_MHD_reply_json (rc->connection,
|
||||||
|
csr_response,
|
||||||
|
MHD_HTTP_OK);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -31,12 +31,6 @@
|
|||||||
#include "taler-exchange-httpd_keys.h"
|
#include "taler-exchange-httpd_keys.h"
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Maximum number of fresh coins we allow per refresh operation.
|
|
||||||
*/
|
|
||||||
#define MAX_FRESH_COINS 256
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Send a response for "/refreshes/$RCH/reveal".
|
* Send a response for "/refreshes/$RCH/reveal".
|
||||||
*
|
*
|
||||||
@ -305,7 +299,7 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection,
|
|||||||
const json_t *coin_evs)
|
const json_t *coin_evs)
|
||||||
{
|
{
|
||||||
unsigned int num_fresh_coins = json_array_size (new_denoms_h_json);
|
unsigned int num_fresh_coins = json_array_size (new_denoms_h_json);
|
||||||
/* We know num_fresh_coins is bounded by #MAX_FRESH_COINS, so this is safe */
|
/* We know num_fresh_coins is bounded by #TALER_MAX_FRESH_COINS, so this is safe */
|
||||||
const struct TEH_DenominationKey *dks[num_fresh_coins];
|
const struct TEH_DenominationKey *dks[num_fresh_coins];
|
||||||
struct TALER_RefreshCoinData rcds[num_fresh_coins];
|
struct TALER_RefreshCoinData rcds[num_fresh_coins];
|
||||||
struct TALER_EXCHANGEDB_RefreshRevealedCoin rrcs[num_fresh_coins];
|
struct TALER_EXCHANGEDB_RefreshRevealedCoin rrcs[num_fresh_coins];
|
||||||
@ -610,7 +604,7 @@ handle_refreshes_reveal_json (struct MHD_Connection *connection,
|
|||||||
unsigned int num_tprivs = json_array_size (tp_json);
|
unsigned int num_tprivs = json_array_size (tp_json);
|
||||||
|
|
||||||
GNUNET_assert (num_tprivs == TALER_CNC_KAPPA - 1); /* checked just earlier */
|
GNUNET_assert (num_tprivs == TALER_CNC_KAPPA - 1); /* checked just earlier */
|
||||||
if ( (num_fresh_coins >= MAX_FRESH_COINS) ||
|
if ( (num_fresh_coins >= TALER_MAX_FRESH_COINS) ||
|
||||||
(0 == num_fresh_coins) )
|
(0 == num_fresh_coins) )
|
||||||
{
|
{
|
||||||
GNUNET_break_op (0);
|
GNUNET_break_op (0);
|
||||||
|
@ -1557,6 +1557,12 @@ TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
|
|||||||
/* ****************** Refresh crypto primitives ************* */
|
/* ****************** Refresh crypto primitives ************* */
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Maximum number of fresh coins we allow per refresh operation.
|
||||||
|
*/
|
||||||
|
#define TALER_MAX_FRESH_COINS 256
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Given the coin and the transfer private keys, compute the
|
* Given the coin and the transfer private keys, compute the
|
||||||
* transfer secret. (Technically, we only need one of the two
|
* transfer secret. (Technically, we only need one of the two
|
||||||
|
Loading…
Reference in New Issue
Block a user