diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 0518af3f0..42b538364 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -257,6 +257,12 @@ struct RefreshMeltResponseSignatureBody * @e melt_client_signature must be a valid signature. */ struct GNUNET_CRYPTO_EddsaPublicKey session_key; + + /** + * Security parameter requested for the commitments. + */ + uint32_t kappa GNUNET_PACKED; + }; diff --git a/src/mint/key_io.c b/src/mint/key_io.c index f401a1268..ea49c88b6 100644 --- a/src/mint/key_io.c +++ b/src/mint/key_io.c @@ -23,7 +23,6 @@ * @author Christian Grothoff */ #include "platform.h" -#include "mint.h" #include "key_io.h" diff --git a/src/mint/mint.h b/src/mint/mint.h index fb4889dbb..03595f64f 100644 --- a/src/mint/mint.h +++ b/src/mint/mint.h @@ -26,11 +26,5 @@ #include #include "taler_util.h" -/** - * For now, we just do EUR. Should become configurable - * in the future! - */ -#define MINT_CURRENCY "EUR" - #endif /* _MINT_H */ diff --git a/src/mint/mint_db.c b/src/mint/mint_db.c index 0e908425d..a9595f2eb 100644 --- a/src/mint/mint_db.c +++ b/src/mint/mint_db.c @@ -30,7 +30,6 @@ #include "taler_signatures.h" #include "taler-mint-httpd_responses.h" #include "mint_db.h" -#include "mint.h" #include /** diff --git a/src/mint/taler-mint-dbinit.c b/src/mint/taler-mint-dbinit.c index 3d080b523..acc8277c4 100644 --- a/src/mint/taler-mint-dbinit.c +++ b/src/mint/taler-mint-dbinit.c @@ -13,18 +13,15 @@ You should have received a copy of the GNU General Public License along with TALER; see the file COPYING. If not, If not, see */ - /** * @file taler-mint-dbinit.c * @brief Create tables for the mint database. * @author Florian Dold */ - #include "platform.h" #include #include -#include "mint.h" - +#include "taler_util.h" #define break_db_err(result) do { \ GNUNET_break(0); \ @@ -39,7 +36,7 @@ static PGconn *db_conn; static char *TALER_MINT_db_connection_cfg_str; -int +static int TALER_MINT_init_withdraw_tables (PGconn *conn) { PGresult *result; diff --git a/src/mint/taler-mint-httpd.c b/src/mint/taler-mint-httpd.c index a8201c5e8..0ee87b393 100644 --- a/src/mint/taler-mint-httpd.c +++ b/src/mint/taler-mint-httpd.c @@ -27,7 +27,6 @@ #include #include #include -#include "mint.h" #include "taler_signatures.h" #include "taler_util.h" #include "taler-mint-httpd_parsing.h" diff --git a/src/mint/taler-mint-httpd.h b/src/mint/taler-mint-httpd.h index ed56b048d..c1305b1ce 100644 --- a/src/mint/taler-mint-httpd.h +++ b/src/mint/taler-mint-httpd.h @@ -30,6 +30,12 @@ */ #define KAPPA 3 +/** + * For now, we just do EUR. Should become configurable + * in the future! + */ +#define MINT_CURRENCY "EUR" + /** * The mint's configuration. diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 39017409c..8ddb17ab7 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -22,22 +22,17 @@ * - actually abstract DB implementation (i.e. via plugin logic) * (this file should remain largely unchanged with the exception * of the PQ-specific DB handle types) - * - /refresh/melt: all + * - /refresh/melt: * + properly check all conditions and handle errors * + properly check transaction logic * + check for leaks * + check low-level API - * - /refresh/commit: all + * - /refresh/reveal: * + properly check all conditions and handle errors * + properly check transaction logic * + check for leaks * + check low-level API - * - /refresh/reveal: all - * + properly check all conditions and handle errors - * + properly check transaction logic - * + check for leaks - * + check low-level API - * - /refresh/link: all + * - /refresh/link: * + properly check all conditions and handle errors * + properly check transaction logic * + check for leaks @@ -51,7 +46,6 @@ #include "taler-mint-httpd_keys.h" #include "taler-mint-httpd_responses.h" #include "mint_db.h" -#include "mint.h" #include "taler_util.h" #include "taler-mint-httpd_keystate.h" @@ -644,7 +638,8 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, TALER_MINT_DB_rollback (db_conn); return TALER_MINT_reply_refresh_melt_success (connection, &session.melt_sig, - refresh_session_pub); + refresh_session_pub, + session.kappa); } if (GNUNET_SYSERR == res) { @@ -657,7 +652,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, session.melt_sig = *client_signature; session.num_oldcoins = coin_count; session.num_newcoins = num_new_denoms; - session.kappa = 0; /* FIXME: should be chosen by mint per config! */ + session.kappa = KAPPA; session.noreveal_index = UINT16_MAX; session.has_commit_sig = GNUNET_NO; if (GNUNET_OK != @@ -720,7 +715,8 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, } return TALER_MINT_reply_refresh_melt_success (connection, client_signature, - refresh_session_pub); + refresh_session_pub, + session.kappa); } diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h index 4b9aa1fe0..d2566cf7c 100644 --- a/src/mint/taler-mint-httpd_db.h +++ b/src/mint/taler-mint-httpd_db.h @@ -26,7 +26,6 @@ #include #include "taler_util.h" #include "taler-mint-httpd_keys.h" -#include "mint.h" #include "mint_db.h" diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c index 78d424b80..5caac5826 100644 --- a/src/mint/taler-mint-httpd_deposit.c +++ b/src/mint/taler-mint-httpd_deposit.c @@ -32,7 +32,6 @@ #include #include #include -#include "mint.h" #include "mint_db.h" #include "taler_signatures.h" #include "taler_util.h" diff --git a/src/mint/taler-mint-httpd_keys.c b/src/mint/taler-mint-httpd_keys.c index a03f5d23c..7a804938a 100644 --- a/src/mint/taler-mint-httpd_keys.c +++ b/src/mint/taler-mint-httpd_keys.c @@ -24,7 +24,6 @@ #include #include #include -#include "mint.h" #include "taler-mint-httpd_keys.h" #include "taler-mint-httpd_keystate.h" diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c index bbec042e3..210262e6c 100644 --- a/src/mint/taler-mint-httpd_keystate.c +++ b/src/mint/taler-mint-httpd_keystate.c @@ -23,7 +23,6 @@ #include "platform.h" #include #include -#include "mint.h" #include "taler_signatures.h" #include "taler-mint-httpd_keystate.h" #include "taler_util.h" diff --git a/src/mint/taler-mint-httpd_keystate.h b/src/mint/taler-mint-httpd_keystate.h index b71fedd27..90220a0e9 100644 --- a/src/mint/taler-mint-httpd_keystate.h +++ b/src/mint/taler-mint-httpd_keystate.h @@ -28,7 +28,6 @@ #include #include #include "taler-mint-httpd.h" -#include "mint.h" #include "key_io.h" diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c index 1267ca48b..e9222be27 100644 --- a/src/mint/taler-mint-httpd_refresh.c +++ b/src/mint/taler-mint-httpd_refresh.c @@ -24,7 +24,6 @@ #include #include #include -#include "mint.h" #include "mint_db.h" #include "taler_signatures.h" #include "taler_util.h" diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c index de0736bdc..2c46a3246 100644 --- a/src/mint/taler-mint-httpd_responses.c +++ b/src/mint/taler-mint-httpd_responses.c @@ -525,12 +525,14 @@ TALER_MINT_reply_withdraw_sign_success (struct MHD_Connection *connection, * @param connection the connection to send the response to * @param signature the client's signature over the melt request * @param session_pub the refresh session public key. + * @param kappa security parameter to use for cut and choose * @return a MHD result code */ int TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection, const struct GNUNET_CRYPTO_EddsaSignature *signature, - const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub) + const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + unsigned int kappa) { int ret; struct RefreshMeltResponseSignatureBody body; @@ -541,13 +543,15 @@ TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection, body.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_MELT_RESPONSE); body.melt_client_signature = *signature; body.session_key = *session_pub; + body.kappa = htonl (kappa); TALER_MINT_keys_sign (&body.purpose, &sig); sig_json = TALER_JSON_from_sig (&body.purpose, &sig); ret = TALER_MINT_reply_json_pack (connection, MHD_HTTP_OK, - "{s:o}", - "signature", sig_json); + "{s:o, s:i}", + "signature", sig_json, + "kappa", (int) kappa); json_decref (sig_json); return ret; } diff --git a/src/mint/taler-mint-httpd_responses.h b/src/mint/taler-mint-httpd_responses.h index 6cf934094..3e8f3f3ff 100644 --- a/src/mint/taler-mint-httpd_responses.h +++ b/src/mint/taler-mint-httpd_responses.h @@ -256,12 +256,14 @@ TALER_MINT_reply_refresh_commit_success (struct MHD_Connection *connection, * @param connection the connection to send the response to * @param signature the client's signature over the melt request * @param session_pub the refresh session public key. + * @param kappa security parameter to use for cut and choose * @return a MHD result code */ int TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection, const struct GNUNET_CRYPTO_EddsaSignature *signature, - const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub); + const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, + unsigned int kappa); /** diff --git a/src/mint/taler-mint-keycheck.c b/src/mint/taler-mint-keycheck.c index c2deec0c2..03be23a1a 100644 --- a/src/mint/taler-mint-keycheck.c +++ b/src/mint/taler-mint-keycheck.c @@ -23,7 +23,6 @@ #include #include -#include "mint.h" #include "taler_signatures.h" #include "key_io.h" diff --git a/src/mint/taler-mint-keyup.c b/src/mint/taler-mint-keyup.c index 35a4c0410..17a1e9d8e 100644 --- a/src/mint/taler-mint-keyup.c +++ b/src/mint/taler-mint-keyup.c @@ -26,7 +26,6 @@ #include #include "taler_util.h" #include "taler_signatures.h" -#include "mint.h" #include "key_io.h" /** diff --git a/src/mint/taler-mint-reservemod.c b/src/mint/taler-mint-reservemod.c index b2129d261..f531dbf4b 100644 --- a/src/mint/taler-mint-reservemod.c +++ b/src/mint/taler-mint-reservemod.c @@ -26,7 +26,6 @@ #include #include "taler_util.h" #include "taler_signatures.h" -#include "mint.h" #include "mint_db.h" char *mintdir; diff --git a/src/mint/test_mint_common.c b/src/mint/test_mint_common.c index 99526b9da..ee1768d37 100644 --- a/src/mint/test_mint_common.c +++ b/src/mint/test_mint_common.c @@ -20,7 +20,7 @@ */ #include "platform.h" #include "gnunet/gnunet_util_lib.h" -#include "mint.h" + #define RSA_KEY_SIZE 1024