taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

replace denom_pub with denom_pub_hash in exchange API to reduce bandwidth

Browse Source
This commit is contained in:
Christian Grothoff 2019-05-02 21:16:51 +02:00
parent d821ecc3bb
commit de9fdf860a
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
25 changed files with 219 additions and 195 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,3 +1,8 @@
Thu 02 May 2019 09:15:37 PM CEST
Pass hash of denomination public key in operations from
clients to exchange instead of the (larger) full public key.
Breaks protocol compatibility, bumping protocol to v3. -CG
Mon Mar 11 03:24:07 CET 2019 Mon Mar 11 03:24:07 CET 2019
Completed implementation of #5536 (delete private keys once we Completed implementation of #5536 (delete private keys once we
no longer need them). -CG no longer need them). -CG

53
src/auditor/taler-auditor.c
View File

@ -562,25 +562,18 @@ static struct GNUNET_CONTAINER_MultiHashMap *denominations;
/** /**
* Obtain information about a @a denom_pub. * Obtain information about a @a denom_pub.
* *
* @param denom_pub key to look up * @param dh hash of the denomination public key to look up
* @param[out] dki set to detailed information about @a denom_pub, NULL if not found, must * @param[out] dki set to detailed information about @a denom_pub, NULL if not found, must
* NOT be freed by caller * NOT be freed by caller
* @param[out] dh set to the hash of @a denom_pub, may be NULL
* @return transaction status code * @return transaction status code
*/ */
static enum GNUNET_DB_QueryStatus static enum GNUNET_DB_QueryStatus
get_denomination_info (const struct TALER_DenominationPublicKey *denom_pub, get_denomination_info_by_hash (const struct GNUNET_HashCode *dh,
const struct TALER_EXCHANGEDB_DenominationKeyInformationP **dki, const struct TALER_EXCHANGEDB_DenominationKeyInformationP **dki)
struct GNUNET_HashCode *dh)
{ {
struct GNUNET_HashCode hc;
struct TALER_EXCHANGEDB_DenominationKeyInformationP *dkip; struct TALER_EXCHANGEDB_DenominationKeyInformationP *dkip;
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
if (NULL == dh)
dh = &hc;
GNUNET_CRYPTO_rsa_public_key_hash (denom_pub->rsa_public_key,
dh);
if (NULL == denominations) if (NULL == denominations)
denominations = GNUNET_CONTAINER_multihashmap_create (256, denominations = GNUNET_CONTAINER_multihashmap_create (256,
GNUNET_NO); GNUNET_NO);
@ -595,7 +588,7 @@ get_denomination_info (const struct TALER_DenominationPublicKey *denom_pub,
dkip = GNUNET_new (struct TALER_EXCHANGEDB_DenominationKeyInformationP); dkip = GNUNET_new (struct TALER_EXCHANGEDB_DenominationKeyInformationP);
qs = edb->get_denomination_info (edb->cls, qs = edb->get_denomination_info (edb->cls,
esession, esession,
denom_pub, dh,
dkip); dkip);
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs) if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs)
{ {
@ -623,6 +616,31 @@ get_denomination_info (const struct TALER_DenominationPublicKey *denom_pub,
} }
/**
* Obtain information about a @a denom_pub.
*
* @param denom_pub key to look up
* @param[out] dki set to detailed information about @a denom_pub, NULL if not found, must
* NOT be freed by caller
* @param[out] dh set to the hash of @a denom_pub, may be NULL
* @return transaction status code
*/
static enum GNUNET_DB_QueryStatus
get_denomination_info (const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_EXCHANGEDB_DenominationKeyInformationP **dki,
struct GNUNET_HashCode *dh)
{
struct GNUNET_HashCode hc;
if (NULL == dh)
dh = &hc;
GNUNET_CRYPTO_rsa_public_key_hash (denom_pub->rsa_public_key,
dh);
return get_denomination_info_by_hash (dh,
dki);
}
/** /**
* Free denomination key information. * Free denomination key information.
* *
@ -1065,6 +1083,7 @@ handle_payback_by_reserve (void *cls,
const struct TALER_Amount *amount, const struct TALER_Amount *amount,
const struct TALER_ReservePublicKeyP *reserve_pub, const struct TALER_ReservePublicKeyP *reserve_pub,
const struct TALER_CoinPublicInfo *coin, const struct TALER_CoinPublicInfo *coin,
const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_CoinSpendSignatureP *coin_sig, const struct TALER_CoinSpendSignatureP *coin_sig,
const struct TALER_DenominationBlindingKeyP *coin_blind) const struct TALER_DenominationBlindingKeyP *coin_blind)
{ {
@ -1081,11 +1100,12 @@ handle_payback_by_reserve (void *cls,
/* should be monotonically increasing */ /* should be monotonically increasing */
GNUNET_assert (rowid >= ppr.last_reserve_payback_serial_id); GNUNET_assert (rowid >= ppr.last_reserve_payback_serial_id);
ppr.last_reserve_payback_serial_id = rowid + 1; ppr.last_reserve_payback_serial_id = rowid + 1;
GNUNET_CRYPTO_rsa_public_key_hash (coin->denom_pub.rsa_public_key, // FIXME: should probably check that denom_pub hashes to this hash code!
&pr.h_denom_pub); pr.h_denom_pub = coin->denom_pub_hash;
if (GNUNET_OK != if (GNUNET_OK !=
TALER_test_coin_valid (coin)) TALER_test_coin_valid (coin,
denom_pub))
{ {
report (report_bad_sig_losses, report (report_bad_sig_losses,
json_pack ("{s:s, s:I, s:o, s:o}", json_pack ("{s:s, s:I, s:o, s:o}",
@ -2263,9 +2283,8 @@ wire_transfer_information_cb (void *cls,
break; break;
} }
GNUNET_assert (NULL != coin); /* hard check that switch worked */ GNUNET_assert (NULL != coin); /* hard check that switch worked */
qs = get_denomination_info (&coin->denom_pub, qs = get_denomination_info_by_hash (&coin->denom_pub_hash,
&dki, &dki);
NULL);
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs) if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs)
{ {
GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs); GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs);

15
src/exchange/taler-exchange-httpd_deposit.c
View File

@ -246,7 +246,7 @@ verify_and_execute_deposit (struct MHD_Connection *connection,
struct TALER_Amount amount_without_fee; struct TALER_Amount amount_without_fee;
struct DepositContext dc; struct DepositContext dc;
struct TEH_KS_StateHandle *mks; struct TEH_KS_StateHandle *mks;
struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki; const struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki;
/* check signature */ /* check signature */
dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT); dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT);
@ -282,8 +282,8 @@ verify_and_execute_deposit (struct MHD_Connection *connection,
TALER_EC_EXCHANGE_BAD_CONFIGURATION, TALER_EC_EXCHANGE_BAD_CONFIGURATION,
"no keys"); "no keys");
} }
dki = TEH_KS_denomination_key_lookup (mks, dki = TEH_KS_denomination_key_lookup_by_hash (mks,
&deposit->coin.denom_pub, &deposit->coin.denom_pub_hash,
TEH_KS_DKU_DEPOSIT); TEH_KS_DKU_DEPOSIT);
if (NULL == dki) if (NULL == dki)
{ {
@ -392,7 +392,7 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh,
struct GNUNET_JSON_Specification spec[] = { struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_json ("wire", &wire), GNUNET_JSON_spec_json ("wire", &wire),
TALER_JSON_spec_amount ("contribution", &deposit.amount_with_fee), TALER_JSON_spec_amount ("contribution", &deposit.amount_with_fee),
TALER_JSON_spec_denomination_public_key ("denom_pub", &deposit.coin.denom_pub), GNUNET_JSON_spec_fixed_auto ("denom_pub_hash", &deposit.coin.denom_pub_hash),
TALER_JSON_spec_denomination_signature ("ub_sig", &deposit.coin.denom_sig), TALER_JSON_spec_denomination_signature ("ub_sig", &deposit.coin.denom_sig),
GNUNET_JSON_spec_fixed_auto ("coin_pub", &deposit.coin.coin_pub), GNUNET_JSON_spec_fixed_auto ("coin_pub", &deposit.coin.coin_pub),
GNUNET_JSON_spec_fixed_auto ("merchant_pub", &deposit.merchant_pub), GNUNET_JSON_spec_fixed_auto ("merchant_pub", &deposit.merchant_pub),
@ -487,8 +487,8 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh,
TALER_EC_EXCHANGE_BAD_CONFIGURATION, TALER_EC_EXCHANGE_BAD_CONFIGURATION,
"no keys"); "no keys");
} }
dki = TEH_KS_denomination_key_lookup (key_state, dki = TEH_KS_denomination_key_lookup_by_hash (key_state,
&deposit.coin.denom_pub, &deposit.coin.denom_pub_hash,
TEH_KS_DKU_DEPOSIT); TEH_KS_DKU_DEPOSIT);
if (NULL == dki) if (NULL == dki)
{ {
@ -504,7 +504,8 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh,
&dki->issue.properties.fee_deposit); &dki->issue.properties.fee_deposit);
/* check coin signature */ /* check coin signature */
if (GNUNET_YES != if (GNUNET_YES !=
TALER_test_coin_valid (&deposit.coin)) TALER_test_coin_valid (&deposit.coin,
&dki->denom_pub))
{ {
TALER_LOG_WARNING ("Invalid coin passed for /deposit\n"); TALER_LOG_WARNING ("Invalid coin passed for /deposit\n");
TEH_KS_release (key_state); TEH_KS_release (key_state);

4
src/exchange/taler-exchange-httpd_keystate.c
View File

@ -39,7 +39,7 @@
* release version, and the format is NOT the same that semantic * release version, and the format is NOT the same that semantic
* versioning uses either. * versioning uses either.
*/ */
#define TALER_PROTOCOL_VERSION "2:0:0" #define TALER_PROTOCOL_VERSION "3:0:0"
/** /**
@ -674,7 +674,7 @@ add_denomination_transaction (void *cls,
qs = TEH_plugin->get_denomination_info (TEH_plugin->cls, qs = TEH_plugin->get_denomination_info (TEH_plugin->cls,
session, session,
&dki->denom_pub, &dki->issue.properties.denom_hash,
&issue_exists); &issue_exists);
if (0 > qs) if (0 > qs)
return qs; return qs;

19
src/exchange/taler-exchange-httpd_payback.c
View File

@ -326,8 +326,8 @@ verify_and_execute_payback (struct MHD_Connection *connection,
TALER_EC_EXCHANGE_BAD_CONFIGURATION, TALER_EC_EXCHANGE_BAD_CONFIGURATION,
"no keys"); "no keys");
} }
dki = TEH_KS_denomination_key_lookup (key_state, dki = TEH_KS_denomination_key_lookup_by_hash (key_state,
&coin->denom_pub, &coin->denom_pub_hash,
TEH_KS_DKU_PAYBACK); TEH_KS_DKU_PAYBACK);
if (NULL == dki) if (NULL == dki)
{ {
@ -342,7 +342,8 @@ verify_and_execute_payback (struct MHD_Connection *connection,
/* check denomination signature */ /* check denomination signature */
if (GNUNET_YES != if (GNUNET_YES !=
TALER_test_coin_valid (coin)) TALER_test_coin_valid (coin,
&dki->denom_pub))
{ {
TALER_LOG_WARNING ("Invalid coin passed for /payback\n"); TALER_LOG_WARNING ("Invalid coin passed for /payback\n");
TEH_KS_release (key_state); TEH_KS_release (key_state);
@ -358,8 +359,6 @@ verify_and_execute_payback (struct MHD_Connection *connection,
pr.h_denom_pub = dki->issue.properties.denom_hash; pr.h_denom_pub = dki->issue.properties.denom_hash;
pr.coin_blind = *coin_bks; pr.coin_blind = *coin_bks;
TEH_KS_release (key_state);
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_PAYBACK, GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_PAYBACK,
&pr.purpose, &pr.purpose,
@ -367,6 +366,7 @@ verify_and_execute_payback (struct MHD_Connection *connection,
&coin->coin_pub.eddsa_pub)) &coin->coin_pub.eddsa_pub))
{ {
TALER_LOG_WARNING ("Invalid signature on /payback request\n"); TALER_LOG_WARNING ("Invalid signature on /payback request\n");
TEH_KS_release (key_state);
return TEH_RESPONSE_reply_signature_invalid (connection, return TEH_RESPONSE_reply_signature_invalid (connection,
TALER_EC_PAYBACK_SIGNATURE_INVALID, TALER_EC_PAYBACK_SIGNATURE_INVALID,
"coin_sig"); "coin_sig");
@ -378,15 +378,18 @@ verify_and_execute_payback (struct MHD_Connection *connection,
if (GNUNET_YES != if (GNUNET_YES !=
GNUNET_CRYPTO_rsa_blind (&c_hash, GNUNET_CRYPTO_rsa_blind (&c_hash,
&coin_bks->bks, &coin_bks->bks,
coin->denom_pub.rsa_public_key, dki->denom_pub.rsa_public_key,
&coin_ev, &coin_ev,
&coin_ev_size)) &coin_ev_size))
{ {
GNUNET_break (0); GNUNET_break (0);
TEH_KS_release (key_state);
return TEH_RESPONSE_reply_internal_error (connection, return TEH_RESPONSE_reply_internal_error (connection,
TALER_EC_PAYBACK_BLINDING_FAILED, TALER_EC_PAYBACK_BLINDING_FAILED,
"coin_bks"); "coin_bks");
} }
TEH_KS_release (key_state);
GNUNET_CRYPTO_hash (coin_ev, GNUNET_CRYPTO_hash (coin_ev,
coin_ev_size, coin_ev_size,
&pc.h_blind); &pc.h_blind);
@ -454,8 +457,8 @@ TEH_PAYBACK_handler_payback (struct TEH_RequestHandler *rh,
struct TALER_DenominationBlindingKeyP coin_bks; struct TALER_DenominationBlindingKeyP coin_bks;
struct TALER_CoinSpendSignatureP coin_sig; struct TALER_CoinSpendSignatureP coin_sig;
struct GNUNET_JSON_Specification spec[] = { struct GNUNET_JSON_Specification spec[] = {
TALER_JSON_spec_denomination_public_key ("denom_pub", GNUNET_JSON_spec_fixed_auto ("denom_pub_hash",
&coin.denom_pub), &coin.denom_pub_hash),
TALER_JSON_spec_denomination_signature ("denom_sig", TALER_JSON_spec_denomination_signature ("denom_sig",
&coin.denom_sig), &coin.denom_sig),
GNUNET_JSON_spec_fixed_auto ("coin_pub", GNUNET_JSON_spec_fixed_auto ("coin_pub",

38
src/exchange/taler-exchange-httpd_refresh_melt.c
View File

@ -412,8 +412,8 @@ TEH_REFRESH_handler_refresh_melt (struct TEH_RequestHandler *rh,
&rmc.refresh_session.coin.coin_pub), &rmc.refresh_session.coin.coin_pub),
TALER_JSON_spec_denomination_signature ("denom_sig", TALER_JSON_spec_denomination_signature ("denom_sig",
&rmc.refresh_session.coin.denom_sig), &rmc.refresh_session.coin.denom_sig),
TALER_JSON_spec_denomination_public_key ("denom_pub", GNUNET_JSON_spec_fixed_auto ("denom_pub_hash",
&rmc.refresh_session.coin.denom_pub), &rmc.refresh_session.coin.denom_pub_hash),
GNUNET_JSON_spec_fixed_auto ("confirm_sig", GNUNET_JSON_spec_fixed_auto ("confirm_sig",
&rmc.refresh_session.coin_sig), &rmc.refresh_session.coin_sig),
TALER_JSON_spec_amount ("value_with_fee", TALER_JSON_spec_amount ("value_with_fee",
@ -444,17 +444,6 @@ TEH_REFRESH_handler_refresh_melt (struct TEH_RequestHandler *rh,
if (GNUNET_OK != res) if (GNUNET_OK != res)
return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
if (GNUNET_OK !=
TALER_test_coin_valid (&rmc.refresh_session.coin))
{
GNUNET_break_op (0);
GNUNET_JSON_parse_free (spec);
return TEH_RESPONSE_reply_signature_invalid (connection,
TALER_EC_REFRESH_MELT_DENOMINATION_SIGNATURE_INVALID,
"denom_sig");
}
/* run actual logic, now that the request was parsed */
key_state = TEH_KS_acquire (GNUNET_TIME_absolute_get ()); key_state = TEH_KS_acquire (GNUNET_TIME_absolute_get ());
if (NULL == key_state) if (NULL == key_state)
{ {
@ -464,8 +453,8 @@ TEH_REFRESH_handler_refresh_melt (struct TEH_RequestHandler *rh,
"no keys"); "no keys");
goto cleanup; goto cleanup;
} }
rmc.dki = TEH_KS_denomination_key_lookup (key_state, rmc.dki = TEH_KS_denomination_key_lookup_by_hash (key_state,
&rmc.refresh_session.coin.denom_pub, &rmc.refresh_session.coin.denom_pub_hash,
TEH_KS_DKU_DEPOSIT); TEH_KS_DKU_DEPOSIT);
if (NULL == rmc.dki) if (NULL == rmc.dki)
{ {
@ -476,6 +465,20 @@ TEH_REFRESH_handler_refresh_melt (struct TEH_RequestHandler *rh,
goto cleanup; goto cleanup;
} }
if (GNUNET_OK !=
TALER_test_coin_valid (&rmc.refresh_session.coin,
&rmc.dki->denom_pub))
{
GNUNET_break_op (0);
GNUNET_JSON_parse_free (spec);
TEH_KS_release (key_state);
return TEH_RESPONSE_reply_signature_invalid (connection,
TALER_EC_REFRESH_MELT_DENOMINATION_SIGNATURE_INVALID,
"denom_sig");
}
/* run actual logic, now that the request was parsed */
/* make sure coin is 'known' in database */ /* make sure coin is 'known' in database */
{ {
struct TEH_DB_KnowCoinContext kcc; struct TEH_DB_KnowCoinContext kcc;
@ -502,11 +505,6 @@ TEH_REFRESH_handler_refresh_melt (struct TEH_RequestHandler *rh,
TEH_KS_release (key_state); TEH_KS_release (key_state);
key_state = NULL; key_state = NULL;
} }
if (NULL != rmc.refresh_session.coin.denom_pub.rsa_public_key)
{
GNUNET_CRYPTO_rsa_public_key_free (rmc.refresh_session.coin.denom_pub.rsa_public_key);
rmc.refresh_session.coin.denom_pub.rsa_public_key = NULL;
}
if (NULL != rmc.refresh_session.coin.denom_sig.rsa_signature) if (NULL != rmc.refresh_session.coin.denom_sig.rsa_signature)
{ {
GNUNET_CRYPTO_rsa_signature_free (rmc.refresh_session.coin.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (rmc.refresh_session.coin.denom_sig.rsa_signature);

1
src/exchange/taler-exchange-httpd_refresh_reveal.c
View File

@ -265,7 +265,6 @@ static void
free_refresh_melt (struct TALER_EXCHANGEDB_RefreshMelt *refresh_melt) free_refresh_melt (struct TALER_EXCHANGEDB_RefreshMelt *refresh_melt)
{ {
GNUNET_CRYPTO_rsa_signature_free (refresh_melt->session.coin.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (refresh_melt->session.coin.denom_sig.rsa_signature);
GNUNET_CRYPTO_rsa_public_key_free (refresh_melt->session.coin.denom_pub.rsa_public_key);
} }

4
src/exchange/taler-exchange-httpd_refund.c
View File

@ -342,8 +342,8 @@ refund_transaction (void *cls,
"no keys"); "no keys");
return GNUNET_DB_STATUS_HARD_ERROR; return GNUNET_DB_STATUS_HARD_ERROR;
} }
dki = TEH_KS_denomination_key_lookup (mks, dki = TEH_KS_denomination_key_lookup_by_hash (mks,
&dep->coin.denom_pub, &dep->coin.denom_pub_hash,
TEH_KS_DKU_DEPOSIT); TEH_KS_DKU_DEPOSIT);
if (NULL == dki) if (NULL == dki)
{ {

18
src/exchange/taler-exchange-httpd_reserve_withdraw.c
View File

@ -116,9 +116,9 @@ struct WithdrawContext
struct TALER_Amount amount_required; struct TALER_Amount amount_required;
/** /**
* Denomination public key. * Hash of the denomination public key.
*/ */
struct TALER_DenominationPublicKey denomination_pub; struct GNUNET_HashCode denom_pub_hash;
/** /**
* Signature over the request. * Signature over the request.
@ -312,7 +312,7 @@ withdraw_transaction (void *cls,
#endif #endif
TALER_amount_ntoh (&fee_withdraw, TALER_amount_ntoh (&fee_withdraw,
&wc->dki->issue.properties.fee_withdraw); &wc->dki->issue.properties.fee_withdraw);
wc->collectable.denom_pub = wc->denomination_pub; wc->collectable.denom_pub_hash = wc->denom_pub_hash;
wc->collectable.amount_with_fee = wc->amount_required; wc->collectable.amount_with_fee = wc->amount_required;
wc->collectable.withdraw_fee = fee_withdraw; wc->collectable.withdraw_fee = fee_withdraw;
wc->collectable.reserve_pub = wc->wsrd.reserve_pub; wc->collectable.reserve_pub = wc->wsrd.reserve_pub;
@ -370,8 +370,8 @@ TEH_RESERVE_handler_reserve_withdraw (struct TEH_RequestHandler *rh,
&wc.wsrd.reserve_pub), &wc.wsrd.reserve_pub),
GNUNET_JSON_spec_fixed_auto ("reserve_sig", GNUNET_JSON_spec_fixed_auto ("reserve_sig",
&wc.signature), &wc.signature),
TALER_JSON_spec_denomination_public_key ("denom_pub", GNUNET_JSON_spec_fixed_auto ("denom_pub_hash",
&wc.denomination_pub), &wc.denom_pub_hash),
GNUNET_JSON_spec_end () GNUNET_JSON_spec_end ()
}; };
@ -399,8 +399,8 @@ TEH_RESERVE_handler_reserve_withdraw (struct TEH_RequestHandler *rh,
TALER_EC_EXCHANGE_BAD_CONFIGURATION, TALER_EC_EXCHANGE_BAD_CONFIGURATION,
"no keys"); "no keys");
} }
wc.dki = TEH_KS_denomination_key_lookup (wc.key_state, wc.dki = TEH_KS_denomination_key_lookup_by_hash (wc.key_state,
&wc.denomination_pub, &wc.denom_pub_hash,
TEH_KS_DKU_WITHDRAW); TEH_KS_DKU_WITHDRAW);
if (NULL == wc.dki) if (NULL == wc.dki)
{ {
@ -435,8 +435,8 @@ TEH_RESERVE_handler_reserve_withdraw (struct TEH_RequestHandler *rh,
= htonl (sizeof (struct TALER_WithdrawRequestPS)); = htonl (sizeof (struct TALER_WithdrawRequestPS));
wc.wsrd.purpose.purpose wc.wsrd.purpose.purpose
= htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW); = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW);
GNUNET_CRYPTO_rsa_public_key_hash (wc.denomination_pub.rsa_public_key, wc.wsrd.h_denomination_pub
&wc.wsrd.h_denomination_pub); = wc.denom_pub_hash;
GNUNET_CRYPTO_hash (wc.blinded_msg, GNUNET_CRYPTO_hash (wc.blinded_msg,
wc.blinded_msg_len, wc.blinded_msg_len,
&wc.wsrd.h_coin_envelope); &wc.wsrd.h_coin_envelope);

5
src/exchange/taler-exchange-httpd_responses.c
View File

@ -750,7 +750,6 @@ TEH_RESPONSE_compile_reserve_history (const struct TALER_EXCHANGEDB_ReserveHisto
break; break;
case TALER_EXCHANGEDB_RO_WITHDRAW_COIN: case TALER_EXCHANGEDB_RO_WITHDRAW_COIN:
{ {
struct GNUNET_HashCode h_denom_pub;
struct TALER_Amount value; struct TALER_Amount value;
value = pos->details.withdraw->amount_with_fee; value = pos->details.withdraw->amount_with_fee;
@ -771,15 +770,13 @@ TEH_RESPONSE_compile_reserve_history (const struct TALER_EXCHANGEDB_ReserveHisto
} }
} }
ret |= 2; ret |= 2;
GNUNET_CRYPTO_rsa_public_key_hash (pos->details.withdraw->denom_pub.rsa_public_key,
&h_denom_pub);
GNUNET_assert (0 == GNUNET_assert (0 ==
json_array_append_new (json_history, json_array_append_new (json_history,
json_pack ("{s:s, s:o, s:o, s:o, s:o, s:o}", json_pack ("{s:s, s:o, s:o, s:o, s:o, s:o}",
"type", "WITHDRAW", "type", "WITHDRAW",
"reserve_sig", GNUNET_JSON_from_data_auto (&pos->details.withdraw->reserve_sig), "reserve_sig", GNUNET_JSON_from_data_auto (&pos->details.withdraw->reserve_sig),
"h_coin_envelope", GNUNET_JSON_from_data_auto (&pos->details.withdraw->h_coin_envelope), "h_coin_envelope", GNUNET_JSON_from_data_auto (&pos->details.withdraw->h_coin_envelope),
"h_denom_pub", GNUNET_JSON_from_data_auto (&h_denom_pub), "h_denom_pub", GNUNET_JSON_from_data_auto (&pos->details.withdraw->denom_pub_hash),
"withdraw_fee", TALER_JSON_from_amount (&pos->details.withdraw->withdraw_fee), "withdraw_fee", TALER_JSON_from_amount (&pos->details.withdraw->withdraw_fee),
"amount", TALER_JSON_from_amount (&value)))); "amount", TALER_JSON_from_amount (&value))));
} }

3
src/exchange/test_taler_exchange_aggregator.c
View File

@ -383,7 +383,8 @@ fake_coin (struct TALER_CoinPublicInfo *coin)
{ {
struct GNUNET_HashCode hc; struct GNUNET_HashCode hc;
coin->denom_pub.rsa_public_key = coin_pub; GNUNET_CRYPTO_rsa_public_key_hash (coin_pub,
&coin->denom_pub_hash);
GNUNET_CRYPTO_hash_create_random (GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_hash_create_random (GNUNET_CRYPTO_QUALITY_WEAK,
&hc); &hc);
coin->denom_sig.rsa_signature = GNUNET_CRYPTO_rsa_sign_fdh (coin_pk, coin->denom_sig.rsa_signature = GNUNET_CRYPTO_rsa_sign_fdh (coin_pk,

28
src/exchangedb/perf_taler_exchangedb_init.c
View File

@ -263,9 +263,7 @@ PERF_TALER_EXCHANGEDB_deposit_init (const struct PERF_TALER_EXCHANGEDB_Coin *coi
&deposit_fee)); &deposit_fee));
{ {
deposit->coin.coin_pub = coin->public_info.coin_pub; deposit->coin.coin_pub = coin->public_info.coin_pub;
deposit->coin.denom_pub.rsa_public_key = GNUNET_CRYPTO_rsa_public_key_dup ( deposit->coin.denom_pub_hash = coin->public_info.denom_pub_hash;
coin->public_info.denom_pub.rsa_public_key);
GNUNET_assert (NULL != coin->public_info.denom_pub.rsa_public_key);
deposit->coin.denom_sig.rsa_signature = GNUNET_CRYPTO_rsa_signature_dup ( deposit->coin.denom_sig.rsa_signature = GNUNET_CRYPTO_rsa_signature_dup (
coin->public_info.denom_sig.rsa_signature); coin->public_info.denom_sig.rsa_signature);
GNUNET_assert (NULL != coin->public_info.denom_sig.rsa_signature); GNUNET_assert (NULL != coin->public_info.denom_sig.rsa_signature);
@ -298,8 +296,6 @@ PERF_TALER_EXCHANGEDB_deposit_copy (const struct TALER_EXCHANGEDB_Deposit *depos
copy = GNUNET_new (struct TALER_EXCHANGEDB_Deposit); copy = GNUNET_new (struct TALER_EXCHANGEDB_Deposit);
*copy = *deposit; *copy = *deposit;
copy->receiver_wire_account = json_incref (deposit->receiver_wire_account); copy->receiver_wire_account = json_incref (deposit->receiver_wire_account);
copy->coin.denom_pub.rsa_public_key =
GNUNET_CRYPTO_rsa_public_key_dup (deposit->coin.denom_pub.rsa_public_key);
copy->coin.denom_sig.rsa_signature = copy->coin.denom_sig.rsa_signature =
GNUNET_CRYPTO_rsa_signature_dup (deposit->coin.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_dup (deposit->coin.denom_sig.rsa_signature);
return copy; return copy;
@ -315,7 +311,6 @@ PERF_TALER_EXCHANGEDB_deposit_free (struct TALER_EXCHANGEDB_Deposit *deposit)
{ {
if (NULL == deposit) if (NULL == deposit)
return GNUNET_OK; return GNUNET_OK;
GNUNET_CRYPTO_rsa_public_key_free (deposit->coin.denom_pub.rsa_public_key);
GNUNET_CRYPTO_rsa_signature_free (deposit->coin.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (deposit->coin.denom_sig.rsa_signature);
json_decref (deposit->receiver_wire_account); json_decref (deposit->receiver_wire_account);
GNUNET_free (deposit); GNUNET_free (deposit);
@ -350,24 +345,21 @@ PERF_TALER_EXCHANGEDB_coin_init (
/* public_info */ /* public_info */
GNUNET_CRYPTO_eddsa_key_get_public (&coin->priv, GNUNET_CRYPTO_eddsa_key_get_public (&coin->priv,
&coin->public_info.coin_pub.eddsa_pub); &coin->public_info.coin_pub.eddsa_pub);
coin->public_info.denom_pub.rsa_public_key = GNUNET_CRYPTO_rsa_public_key_hash (dki->denom_pub.rsa_public_key,
GNUNET_CRYPTO_rsa_public_key_dup (dki->denom_pub.rsa_public_key); &coin->public_info.denom_pub_hash);
GNUNET_CRYPTO_hash (&coin->public_info.coin_pub, GNUNET_CRYPTO_hash (&coin->public_info.coin_pub,
sizeof (struct TALER_CoinSpendPublicKeyP), sizeof (struct TALER_CoinSpendPublicKeyP),
&hc); &hc);
coin->public_info.denom_sig.rsa_signature = coin->public_info.denom_sig.rsa_signature =
GNUNET_CRYPTO_rsa_sign_fdh (dki->denom_priv.rsa_private_key, GNUNET_CRYPTO_rsa_sign_fdh (dki->denom_priv.rsa_private_key,
&hc); &hc);
GNUNET_assert (NULL != coin->public_info.denom_pub.rsa_public_key);
GNUNET_assert (NULL != coin->public_info.denom_sig.rsa_signature); GNUNET_assert (NULL != coin->public_info.denom_sig.rsa_signature);
/* blind */ /* blind */
coin->blind.sig.rsa_signature = coin->blind.sig.rsa_signature =
GNUNET_CRYPTO_rsa_signature_dup (coin->public_info.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_dup (coin->public_info.denom_sig.rsa_signature);
coin->blind.denom_pub.rsa_public_key = coin->blind.denom_pub_hash = coin->public_info.denom_pub_hash;
GNUNET_CRYPTO_rsa_public_key_dup (dki->denom_pub.rsa_public_key);
GNUNET_assert (NULL != coin->blind.sig.rsa_signature); GNUNET_assert (NULL != coin->blind.sig.rsa_signature);
GNUNET_assert (NULL != coin->blind.denom_pub.rsa_public_key);
TALER_amount_ntoh (&coin->blind.amount_with_fee, TALER_amount_ntoh (&coin->blind.amount_with_fee,
&dki->issue.properties.value); &dki->issue.properties.value);
TALER_amount_ntoh (&coin->blind.withdraw_fee, TALER_amount_ntoh (&coin->blind.withdraw_fee,
@ -396,16 +388,14 @@ PERF_TALER_EXCHANGEDB_coin_copy (const struct PERF_TALER_EXCHANGEDB_Coin *coin)
copy->priv = coin->priv; copy->priv = coin->priv;
/* public_info */ /* public_info */
copy->public_info.coin_pub = coin->public_info.coin_pub; copy->public_info.coin_pub = coin->public_info.coin_pub;
copy->public_info.denom_pub.rsa_public_key = copy->public_info.denom_pub_hash = coin->public_info.denom_pub_hash;
GNUNET_CRYPTO_rsa_public_key_dup (coin->public_info.denom_pub.rsa_public_key);
copy->public_info.denom_sig.rsa_signature = copy->public_info.denom_sig.rsa_signature =
GNUNET_CRYPTO_rsa_signature_dup (coin->public_info.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_dup (coin->public_info.denom_sig.rsa_signature);
/* blind */ /* blind */
copy->blind.sig.rsa_signature = copy->blind.sig.rsa_signature =
GNUNET_CRYPTO_rsa_signature_dup (coin->blind.sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_dup (coin->blind.sig.rsa_signature);
copy->blind.denom_pub.rsa_public_key = copy->blind.denom_pub_hash = coin->blind.denom_pub_hash;
GNUNET_CRYPTO_rsa_public_key_dup (coin->blind.denom_pub.rsa_public_key);
copy->blind.amount_with_fee = coin->blind.amount_with_fee; copy->blind.amount_with_fee = coin->blind.amount_with_fee;
copy->blind.withdraw_fee = coin->blind.withdraw_fee; copy->blind.withdraw_fee = coin->blind.withdraw_fee;
copy->blind.reserve_pub = coin->blind.reserve_pub; copy->blind.reserve_pub = coin->blind.reserve_pub;
@ -426,10 +416,8 @@ PERF_TALER_EXCHANGEDB_coin_free (struct PERF_TALER_EXCHANGEDB_Coin *coin)
{ {
if (NULL == coin) if (NULL == coin)
return GNUNET_OK; return GNUNET_OK;
GNUNET_CRYPTO_rsa_public_key_free (coin->public_info.denom_pub.rsa_public_key);
GNUNET_CRYPTO_rsa_signature_free (coin->public_info.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (coin->public_info.denom_sig.rsa_signature);
GNUNET_CRYPTO_rsa_signature_free (coin->blind.sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (coin->blind.sig.rsa_signature);
GNUNET_CRYPTO_rsa_public_key_free (coin->blind.denom_pub.rsa_public_key);
GNUNET_free (coin); GNUNET_free (coin);
return GNUNET_OK; return GNUNET_OK;
} }
@ -475,9 +463,7 @@ PERF_TALER_EXCHANGEDB_refresh_melt_init (struct TALER_RefreshCommitmentP *rc,
melt->session.coin.coin_pub = coin->public_info.coin_pub; melt->session.coin.coin_pub = coin->public_info.coin_pub;
melt->session.coin.denom_sig.rsa_signature = melt->session.coin.denom_sig.rsa_signature =
GNUNET_CRYPTO_rsa_signature_dup (coin->public_info.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_dup (coin->public_info.denom_sig.rsa_signature);
melt->session.coin.denom_pub.rsa_public_key = melt->session.coin.denom_pub_hash = coin->public_info.denom_pub_hash;
GNUNET_CRYPTO_rsa_public_key_dup (coin->public_info.denom_pub.rsa_public_key);
GNUNET_assert (NULL != melt->session.coin.denom_pub.rsa_public_key);
GNUNET_assert (NULL != melt->session.coin.denom_sig.rsa_signature); GNUNET_assert (NULL != melt->session.coin.denom_sig.rsa_signature);
melt->session.coin_sig = coin_sig; melt->session.coin_sig = coin_sig;
melt->session.rc = *rc; melt->session.rc = *rc;

5
src/exchangedb/perf_taler_exchangedb_interpreter.c
View File

@ -1342,12 +1342,15 @@ interpret (struct PERF_TALER_EXCHANGEDB_interpreter_state *state)
unsigned int denom_index; unsigned int denom_index;
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
struct PERF_TALER_EXCHANGEDB_Data *data; struct PERF_TALER_EXCHANGEDB_Data *data;
struct GNUNET_HashCode hc;
denom_index = state->cmd[state->i].details.get_denomination.index_denom; denom_index = state->cmd[state->i].details.get_denomination.index_denom;
data = &state->cmd[denom_index].exposed; data = &state->cmd[denom_index].exposed;
GNUNET_CRYPTO_rsa_public_key_hash (data->data.dki->denom_pub.rsa_public_key,
&hc);
qs = state->plugin->get_denomination_info (state->plugin->cls, qs = state->plugin->get_denomination_info (state->plugin->cls,
state->session, state->session,
&data->data.dki->denom_pub, &hc,
&data->data.dki->issue); &data->data.dki->issue);
GNUNET_assert (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs); GNUNET_assert (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs);
} }

10
src/exchangedb/plugin_exchangedb_common.c
View File

@ -49,13 +49,11 @@ common_free_reserve_history (void *cls,
case TALER_EXCHANGEDB_RO_WITHDRAW_COIN: case TALER_EXCHANGEDB_RO_WITHDRAW_COIN:
cbc = rh->details.withdraw; cbc = rh->details.withdraw;
GNUNET_CRYPTO_rsa_signature_free (cbc->sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (cbc->sig.rsa_signature);
GNUNET_CRYPTO_rsa_public_key_free (cbc->denom_pub.rsa_public_key);
GNUNET_free (cbc); GNUNET_free (cbc);
break; break;
case TALER_EXCHANGEDB_RO_PAYBACK_COIN: case TALER_EXCHANGEDB_RO_PAYBACK_COIN:
payback = rh->details.payback; payback = rh->details.payback;
GNUNET_CRYPTO_rsa_signature_free (payback->coin.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (payback->coin.denom_sig.rsa_signature);
GNUNET_CRYPTO_rsa_public_key_free (payback->coin.denom_pub.rsa_public_key);
GNUNET_free (payback); GNUNET_free (payback);
break; break;
case TALER_EXCHANGEDB_RO_EXCHANGE_TO_BANK: case TALER_EXCHANGEDB_RO_EXCHANGE_TO_BANK:
@ -92,29 +90,21 @@ common_free_coin_transaction_list (void *cls,
case TALER_EXCHANGEDB_TT_DEPOSIT: case TALER_EXCHANGEDB_TT_DEPOSIT:
if (NULL != list->details.deposit->receiver_wire_account) if (NULL != list->details.deposit->receiver_wire_account)
json_decref (list->details.deposit->receiver_wire_account); json_decref (list->details.deposit->receiver_wire_account);
if (NULL != list->details.deposit->coin.denom_pub.rsa_public_key)
GNUNET_CRYPTO_rsa_public_key_free (list->details.deposit->coin.denom_pub.rsa_public_key);
if (NULL != list->details.deposit->coin.denom_sig.rsa_signature) if (NULL != list->details.deposit->coin.denom_sig.rsa_signature)
GNUNET_CRYPTO_rsa_signature_free (list->details.deposit->coin.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (list->details.deposit->coin.denom_sig.rsa_signature);
GNUNET_free (list->details.deposit); GNUNET_free (list->details.deposit);
break; break;
case TALER_EXCHANGEDB_TT_REFRESH_MELT: case TALER_EXCHANGEDB_TT_REFRESH_MELT:
if (NULL != list->details.melt->session.coin.denom_pub.rsa_public_key)
GNUNET_CRYPTO_rsa_public_key_free (list->details.melt->session.coin.denom_pub.rsa_public_key);
if (NULL != list->details.melt->session.coin.denom_sig.rsa_signature) if (NULL != list->details.melt->session.coin.denom_sig.rsa_signature)
GNUNET_CRYPTO_rsa_signature_free (list->details.melt->session.coin.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (list->details.melt->session.coin.denom_sig.rsa_signature);
GNUNET_free (list->details.melt); GNUNET_free (list->details.melt);
break; break;
case TALER_EXCHANGEDB_TT_REFUND: case TALER_EXCHANGEDB_TT_REFUND:
if (NULL != list->details.refund->coin.denom_pub.rsa_public_key)
GNUNET_CRYPTO_rsa_public_key_free (list->details.refund->coin.denom_pub.rsa_public_key);
if (NULL != list->details.refund->coin.denom_sig.rsa_signature) if (NULL != list->details.refund->coin.denom_sig.rsa_signature)
GNUNET_CRYPTO_rsa_signature_free (list->details.refund->coin.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (list->details.refund->coin.denom_sig.rsa_signature);
GNUNET_free (list->details.refund); GNUNET_free (list->details.refund);
break; break;
case TALER_EXCHANGEDB_TT_PAYBACK: case TALER_EXCHANGEDB_TT_PAYBACK:
if (NULL != list->details.payback->coin.denom_pub.rsa_public_key)
GNUNET_CRYPTO_rsa_public_key_free (list->details.payback->coin.denom_pub.rsa_public_key);
if (NULL != list->details.payback->coin.denom_sig.rsa_signature) if (NULL != list->details.payback->coin.denom_sig.rsa_signature)
GNUNET_CRYPTO_rsa_signature_free (list->details.payback->coin.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (list->details.payback->coin.denom_sig.rsa_signature);
GNUNET_free (list->details.payback); GNUNET_free (list->details.payback);

76
src/exchangedb/plugin_exchangedb_postgres.c
View File

@ -766,7 +766,7 @@ postgres_prepare (PGconn *db_conn)
make sure /reserve/withdraw requests are idempotent. */ make sure /reserve/withdraw requests are idempotent. */
GNUNET_PQ_make_prepare ("get_withdraw_info", GNUNET_PQ_make_prepare ("get_withdraw_info",
"SELECT" "SELECT"
" denom.denom_pub" " denom_pub_hash"
",denom_sig" ",denom_sig"
",reserve_sig" ",reserve_sig"
",reserve_pub" ",reserve_pub"
@ -790,7 +790,7 @@ postgres_prepare (PGconn *db_conn)
GNUNET_PQ_make_prepare ("get_reserves_out", GNUNET_PQ_make_prepare ("get_reserves_out",
"SELECT" "SELECT"
" h_blind_ev" " h_blind_ev"
",denom.denom_pub" ",denom_pub_hash"
",denom_sig" ",denom_sig"
",reserve_sig" ",reserve_sig"
",execution_date" ",execution_date"
@ -838,11 +838,9 @@ postgres_prepare (PGconn *db_conn)
a coin known to the exchange. */ a coin known to the exchange. */
GNUNET_PQ_make_prepare ("get_known_coin", GNUNET_PQ_make_prepare ("get_known_coin",
"SELECT" "SELECT"
" denom.denom_pub" " denom_pub_hash"
",denom_sig" ",denom_sig"
" FROM known_coins" " FROM known_coins"
" JOIN denominations denom"
" USING (denom_pub_hash)"
" WHERE coin_pub=$1" " WHERE coin_pub=$1"
" FOR UPDATE;", " FOR UPDATE;",
1), 1),
@ -876,7 +874,7 @@ postgres_prepare (PGconn *db_conn)
high-level information about a melt operation */ high-level information about a melt operation */
GNUNET_PQ_make_prepare ("get_melt", GNUNET_PQ_make_prepare ("get_melt",
"SELECT" "SELECT"
" denom.denom_pub" " kc.denom_pub_hash"
",denom.fee_refresh_val" ",denom.fee_refresh_val"
",denom.fee_refresh_frac" ",denom.fee_refresh_frac"
",denom.fee_refresh_curr" ",denom.fee_refresh_curr"
@ -1518,6 +1516,7 @@ postgres_prepare (PGconn *db_conn)
",coin_sig" ",coin_sig"
",coin_blind" ",coin_blind"
",h_blind_ev" ",h_blind_ev"
",coins.denom_pub_hash"
",denoms.denom_pub" ",denoms.denom_pub"
",coins.denom_sig" ",coins.denom_sig"
",amount_val" ",amount_val"
@ -1526,10 +1525,10 @@ postgres_prepare (PGconn *db_conn)
" FROM payback" " FROM payback"
" JOIN known_coins coins" " JOIN known_coins coins"
" USING (coin_pub)" " USING (coin_pub)"
" JOIN denominations denoms"
" USING (denom_pub_hash)"
" JOIN reserves_out ro" " JOIN reserves_out ro"
" USING (h_blind_ev)" " USING (h_blind_ev)"
" JOIN denominations denoms"
" ON (coins.denom_pub_hash = denoms.denom_pub_hash)"
" WHERE payback_uuid>=$1" " WHERE payback_uuid>=$1"
" ORDER BY payback_uuid ASC;", " ORDER BY payback_uuid ASC;",
1), 1),
@ -1563,13 +1562,11 @@ postgres_prepare (PGconn *db_conn)
",amount_frac" ",amount_frac"
",amount_curr" ",amount_curr"
",timestamp" ",timestamp"
",denoms.denom_pub" ",coins.denom_pub_hash"
",coins.denom_sig" ",coins.denom_sig"
" FROM payback" " FROM payback"
" JOIN known_coins coins" " JOIN known_coins coins"
" USING (coin_pub)" " USING (coin_pub)"
" JOIN denominations denoms"
" USING (denom_pub_hash)"
" JOIN reserves_out ro" " JOIN reserves_out ro"
" USING (h_blind_ev)" " USING (h_blind_ev)"
" WHERE ro.reserve_pub=$1" " WHERE ro.reserve_pub=$1"
@ -1618,13 +1615,11 @@ postgres_prepare (PGconn *db_conn)
",amount_frac" ",amount_frac"
",amount_curr" ",amount_curr"
",timestamp" ",timestamp"
",denoms.denom_pub" ",coins.denom_pub_hash"
",coins.denom_sig" ",coins.denom_sig"
" FROM payback" " FROM payback"
" JOIN known_coins coins" " JOIN known_coins coins"
" USING (coin_pub)" " USING (coin_pub)"
" JOIN denominations denoms"
" USING (denom_pub_hash)"
" JOIN reserves_out ro" " JOIN reserves_out ro"
" USING (h_blind_ev)" " USING (h_blind_ev)"
" WHERE payback.coin_pub=$1;", " WHERE payback.coin_pub=$1;",
@ -1947,20 +1942,19 @@ postgres_insert_denomination_info (void *cls,
* *
* @param cls the @e cls of this struct with the plugin-specific state * @param cls the @e cls of this struct with the plugin-specific state
* @param session connection to use * @param session connection to use
* @param denom_pub the public key used for signing coins of this denomination * @param denom_pub_hash hash of the public key used for signing coins of this denomination
* @param[out] issue set to issue information with value, fees and other info about the coin * @param[out] issue set to issue information with value, fees and other info about the coin
* @return transaction status code * @return transaction status code
*/ */
static enum GNUNET_DB_QueryStatus static enum GNUNET_DB_QueryStatus
postgres_get_denomination_info (void *cls, postgres_get_denomination_info (void *cls,
struct TALER_EXCHANGEDB_Session *session, struct TALER_EXCHANGEDB_Session *session,
const struct TALER_DenominationPublicKey *denom_pub, const struct GNUNET_HashCode *denom_pub_hash,
struct TALER_EXCHANGEDB_DenominationKeyInformationP *issue) struct TALER_EXCHANGEDB_DenominationKeyInformationP *issue)
{ {
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
struct GNUNET_HashCode dph;
struct GNUNET_PQ_QueryParam params[] = { struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (&dph), GNUNET_PQ_query_param_auto_from_type (denom_pub_hash),
GNUNET_PQ_query_param_end GNUNET_PQ_query_param_end
}; };
struct GNUNET_PQ_ResultSpec rs[] = { struct GNUNET_PQ_ResultSpec rs[] = {
@ -1989,8 +1983,6 @@ postgres_get_denomination_info (void *cls,
GNUNET_PQ_result_spec_end GNUNET_PQ_result_spec_end
}; };
GNUNET_CRYPTO_rsa_public_key_hash (denom_pub->rsa_public_key,
&dph);
qs = GNUNET_PQ_eval_prepared_singleton_select (session->conn, qs = GNUNET_PQ_eval_prepared_singleton_select (session->conn,
"denomination_get", "denomination_get",
params, params,
@ -1999,8 +1991,7 @@ postgres_get_denomination_info (void *cls,
return qs; return qs;
issue->properties.purpose.size = htonl (sizeof (struct TALER_DenominationKeyValidityPS)); issue->properties.purpose.size = htonl (sizeof (struct TALER_DenominationKeyValidityPS));
issue->properties.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY); issue->properties.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY);
GNUNET_CRYPTO_rsa_public_key_hash (denom_pub->rsa_public_key, issue->properties.denom_hash = *denom_pub_hash;
&issue->properties.denom_hash);
return qs; return qs;
} }
@ -2394,8 +2385,8 @@ postgres_get_withdraw_info (void *cls,
GNUNET_PQ_query_param_end GNUNET_PQ_query_param_end
}; };
struct GNUNET_PQ_ResultSpec rs[] = { struct GNUNET_PQ_ResultSpec rs[] = {
GNUNET_PQ_result_spec_rsa_public_key ("denom_pub", GNUNET_PQ_result_spec_auto_from_type ("denom_pub_hash",
&collectable->denom_pub.rsa_public_key), &collectable->denom_pub_hash),
GNUNET_PQ_result_spec_rsa_signature ("denom_sig", GNUNET_PQ_result_spec_rsa_signature ("denom_sig",
&collectable->sig.rsa_signature), &collectable->sig.rsa_signature),
GNUNET_PQ_result_spec_auto_from_type ("reserve_sig", GNUNET_PQ_result_spec_auto_from_type ("reserve_sig",
@ -2434,12 +2425,11 @@ postgres_insert_withdraw_info (void *cls,
{ {
struct PostgresClosure *pg = cls; struct PostgresClosure *pg = cls;
struct TALER_EXCHANGEDB_Reserve reserve; struct TALER_EXCHANGEDB_Reserve reserve;
struct GNUNET_HashCode denom_pub_hash;
struct GNUNET_TIME_Absolute now; struct GNUNET_TIME_Absolute now;
struct GNUNET_TIME_Absolute expiry; struct GNUNET_TIME_Absolute expiry;
struct GNUNET_PQ_QueryParam params[] = { struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (&collectable->h_coin_envelope), GNUNET_PQ_query_param_auto_from_type (&collectable->h_coin_envelope),
GNUNET_PQ_query_param_auto_from_type (&denom_pub_hash), GNUNET_PQ_query_param_auto_from_type (&collectable->denom_pub_hash),
GNUNET_PQ_query_param_rsa_signature (collectable->sig.rsa_signature), GNUNET_PQ_query_param_rsa_signature (collectable->sig.rsa_signature),
GNUNET_PQ_query_param_auto_from_type (&collectable->reserve_pub), GNUNET_PQ_query_param_auto_from_type (&collectable->reserve_pub),
GNUNET_PQ_query_param_auto_from_type (&collectable->reserve_sig), GNUNET_PQ_query_param_auto_from_type (&collectable->reserve_sig),
@ -2451,8 +2441,6 @@ postgres_insert_withdraw_info (void *cls,
now = GNUNET_TIME_absolute_get (); now = GNUNET_TIME_absolute_get ();
(void) GNUNET_TIME_round_abs (&now); (void) GNUNET_TIME_round_abs (&now);
GNUNET_CRYPTO_rsa_public_key_hash (collectable->denom_pub.rsa_public_key,
&denom_pub_hash);
qs = GNUNET_PQ_eval_prepared_non_select (session->conn, qs = GNUNET_PQ_eval_prepared_non_select (session->conn,
"insert_withdraw_info", "insert_withdraw_info",
params); params);
@ -2638,8 +2626,8 @@ add_withdraw_coin (void *cls,
struct GNUNET_PQ_ResultSpec rs[] = { struct GNUNET_PQ_ResultSpec rs[] = {
GNUNET_PQ_result_spec_auto_from_type ("h_blind_ev", GNUNET_PQ_result_spec_auto_from_type ("h_blind_ev",
&cbc->h_coin_envelope), &cbc->h_coin_envelope),
GNUNET_PQ_result_spec_rsa_public_key ("denom_pub", GNUNET_PQ_result_spec_auto_from_type ("denom_pub_hash",
&cbc->denom_pub.rsa_public_key), &cbc->denom_pub_hash),
GNUNET_PQ_result_spec_rsa_signature ("denom_sig", GNUNET_PQ_result_spec_rsa_signature ("denom_sig",
&cbc->sig.rsa_signature), &cbc->sig.rsa_signature),
GNUNET_PQ_result_spec_auto_from_type ("reserve_sig", GNUNET_PQ_result_spec_auto_from_type ("reserve_sig",
@ -2702,8 +2690,8 @@ add_payback (void *cls,
&payback->coin_sig), &payback->coin_sig),
TALER_PQ_result_spec_absolute_time ("timestamp", TALER_PQ_result_spec_absolute_time ("timestamp",
&payback->timestamp), &payback->timestamp),
GNUNET_PQ_result_spec_rsa_public_key ("denom_pub", GNUNET_PQ_result_spec_auto_from_type ("denom_pub_hash",
&payback->coin.denom_pub.rsa_public_key), &payback->coin.denom_pub_hash),
GNUNET_PQ_result_spec_rsa_signature ("denom_sig", GNUNET_PQ_result_spec_rsa_signature ("denom_sig",
&payback->coin.denom_sig.rsa_signature), &payback->coin.denom_sig.rsa_signature),
GNUNET_PQ_result_spec_end GNUNET_PQ_result_spec_end
@ -3291,8 +3279,8 @@ get_known_coin (void *cls,
GNUNET_PQ_query_param_end GNUNET_PQ_query_param_end
}; };
struct GNUNET_PQ_ResultSpec rs[] = { struct GNUNET_PQ_ResultSpec rs[] = {
GNUNET_PQ_result_spec_rsa_public_key ("denom_pub", GNUNET_PQ_result_spec_auto_from_type ("denom_pub_hash",
&coin_info->denom_pub.rsa_public_key), &coin_info->denom_pub_hash),
GNUNET_PQ_result_spec_rsa_signature ("denom_sig", GNUNET_PQ_result_spec_rsa_signature ("denom_sig",
&coin_info->denom_sig.rsa_signature), &coin_info->denom_sig.rsa_signature),
GNUNET_PQ_result_spec_end GNUNET_PQ_result_spec_end
@ -3324,10 +3312,9 @@ insert_known_coin (void *cls,
struct TALER_EXCHANGEDB_Session *session, struct TALER_EXCHANGEDB_Session *session,
const struct TALER_CoinPublicInfo *coin_info) const struct TALER_CoinPublicInfo *coin_info)
{ {
struct GNUNET_HashCode denom_pub_hash;
struct GNUNET_PQ_QueryParam params[] = { struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (&coin_info->coin_pub), GNUNET_PQ_query_param_auto_from_type (&coin_info->coin_pub),
GNUNET_PQ_query_param_auto_from_type (&denom_pub_hash), GNUNET_PQ_query_param_auto_from_type (&coin_info->denom_pub_hash),
GNUNET_PQ_query_param_rsa_signature (coin_info->denom_sig.rsa_signature), GNUNET_PQ_query_param_rsa_signature (coin_info->denom_sig.rsa_signature),
GNUNET_PQ_query_param_end GNUNET_PQ_query_param_end
}; };
@ -3335,8 +3322,6 @@ insert_known_coin (void *cls,
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Creating known coin %s\n", "Creating known coin %s\n",
TALER_B2S (&coin_info->coin_pub)); TALER_B2S (&coin_info->coin_pub));
GNUNET_CRYPTO_rsa_public_key_hash (coin_info->denom_pub.rsa_public_key,
&denom_pub_hash);
return GNUNET_PQ_eval_prepared_non_select (session->conn, return GNUNET_PQ_eval_prepared_non_select (session->conn,
"insert_known_coin", "insert_known_coin",
params); params);
@ -3407,7 +3392,6 @@ postgres_ensure_coin_known (void *cls,
} }
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs) if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs)
{ {
GNUNET_CRYPTO_rsa_public_key_free (known_coin.denom_pub.rsa_public_key);
GNUNET_CRYPTO_rsa_signature_free (known_coin.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (known_coin.denom_sig.rsa_signature);
return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS; /* no change! */ return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS; /* no change! */
} }
@ -3647,8 +3631,8 @@ postgres_get_melt (void *cls,
GNUNET_PQ_query_param_end GNUNET_PQ_query_param_end
}; };
struct GNUNET_PQ_ResultSpec rs[] = { struct GNUNET_PQ_ResultSpec rs[] = {
GNUNET_PQ_result_spec_rsa_public_key ("denom_pub", GNUNET_PQ_result_spec_auto_from_type ("denom_pub_hash",
&refresh_melt->session.coin.denom_pub.rsa_public_key), &refresh_melt->session.coin.denom_pub_hash),
TALER_PQ_result_spec_amount ("fee_refresh", TALER_PQ_result_spec_amount ("fee_refresh",
&refresh_melt->melt_fee), &refresh_melt->melt_fee),
GNUNET_PQ_result_spec_rsa_signature ("denom_sig", GNUNET_PQ_result_spec_rsa_signature ("denom_sig",
@ -4470,8 +4454,8 @@ add_coin_payback (void *cls,
&payback->coin_sig), &payback->coin_sig),
TALER_PQ_result_spec_absolute_time ("timestamp", TALER_PQ_result_spec_absolute_time ("timestamp",
&payback->timestamp), &payback->timestamp),
GNUNET_PQ_result_spec_rsa_public_key ("denom_pub", GNUNET_PQ_result_spec_auto_from_type ("denom_pub_hash",
&payback->coin.denom_pub.rsa_public_key), &payback->coin.denom_pub_hash),
GNUNET_PQ_result_spec_rsa_signature ("denom_sig", GNUNET_PQ_result_spec_rsa_signature ("denom_sig",
&payback->coin.denom_sig.rsa_signature), &payback->coin.denom_sig.rsa_signature),
GNUNET_PQ_result_spec_end GNUNET_PQ_result_spec_end
@ -6356,6 +6340,7 @@ payback_serial_helper_cb (void *cls,
struct TALER_CoinPublicInfo coin; struct TALER_CoinPublicInfo coin;
struct TALER_CoinSpendSignatureP coin_sig; struct TALER_CoinSpendSignatureP coin_sig;
struct TALER_DenominationBlindingKeyP coin_blind; struct TALER_DenominationBlindingKeyP coin_blind;
struct TALER_DenominationPublicKey denom_pub;
struct TALER_Amount amount; struct TALER_Amount amount;
struct GNUNET_HashCode h_blind_ev; struct GNUNET_HashCode h_blind_ev;
struct GNUNET_TIME_Absolute timestamp; struct GNUNET_TIME_Absolute timestamp;
@ -6374,8 +6359,10 @@ payback_serial_helper_cb (void *cls,
&coin_blind), &coin_blind),
GNUNET_PQ_result_spec_auto_from_type ("h_blind_ev", GNUNET_PQ_result_spec_auto_from_type ("h_blind_ev",
&h_blind_ev), &h_blind_ev),
GNUNET_PQ_result_spec_auto_from_type ("denom_pub_hash",
&coin.denom_pub_hash),
GNUNET_PQ_result_spec_rsa_public_key ("denom_pub", GNUNET_PQ_result_spec_rsa_public_key ("denom_pub",
&coin.denom_pub.rsa_public_key), &denom_pub.rsa_public_key),
GNUNET_PQ_result_spec_rsa_signature ("denom_sig", GNUNET_PQ_result_spec_rsa_signature ("denom_sig",
&coin.denom_sig.rsa_signature), &coin.denom_sig.rsa_signature),
TALER_PQ_result_spec_amount ("amount", TALER_PQ_result_spec_amount ("amount",
@ -6399,6 +6386,7 @@ payback_serial_helper_cb (void *cls,
&amount, &amount,
&reserve_pub, &reserve_pub,
&coin, &coin,
&denom_pub,
&coin_sig, &coin_sig,
&coin_blind); &coin_blind);
GNUNET_PQ_cleanup_result (rs); GNUNET_PQ_cleanup_result (rs);

28
src/exchangedb/test_exchangedb.c
View File

@ -271,7 +271,7 @@ create_denom_key_pair (unsigned int size,
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->get_denomination_info (plugin->cls, plugin->get_denomination_info (plugin->cls,
session, session,
&dki.denom_pub, &dki.issue.properties.denom_hash,
&issue2)) &issue2))
{ {
GNUNET_break(0); GNUNET_break(0);
@ -574,7 +574,8 @@ test_melting (struct TALER_EXCHANGEDB_Session *session)
GNUNET_CRYPTO_rsa_sign_fdh (dkp->priv.rsa_private_key, GNUNET_CRYPTO_rsa_sign_fdh (dkp->priv.rsa_private_key,
&hc); &hc);
GNUNET_assert (NULL != refresh_session.coin.denom_sig.rsa_signature); GNUNET_assert (NULL != refresh_session.coin.denom_sig.rsa_signature);
refresh_session.coin.denom_pub = dkp->pub; GNUNET_CRYPTO_rsa_public_key_hash (dkp->pub.rsa_public_key,
&refresh_session.coin.denom_pub_hash);
refresh_session.amount_with_fee = amount_with_fee; refresh_session.amount_with_fee = amount_with_fee;
} }
@ -616,10 +617,9 @@ test_melting (struct TALER_EXCHANGEDB_Session *session)
&ret_refresh_session.session.coin.coin_pub, &ret_refresh_session.session.coin.coin_pub,
sizeof (refresh_session.coin.coin_pub))); sizeof (refresh_session.coin.coin_pub)));
FAILIF (0 != FAILIF (0 !=
GNUNET_CRYPTO_rsa_public_key_cmp (refresh_session.coin.denom_pub.rsa_public_key, GNUNET_memcmp (&refresh_session.coin.denom_pub_hash,
ret_refresh_session.session.coin.denom_pub.rsa_public_key)); &ret_refresh_session.session.coin.denom_pub_hash));
GNUNET_CRYPTO_rsa_signature_free (ret_refresh_session.session.coin.denom_sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (ret_refresh_session.session.coin.denom_sig.rsa_signature);
GNUNET_CRYPTO_rsa_public_key_free (ret_refresh_session.session.coin.denom_pub.rsa_public_key);
/* test 'select_refreshs_above_serial_id' */ /* test 'select_refreshs_above_serial_id' */
auditor_row_cnt = 0; auditor_row_cnt = 0;
@ -1057,6 +1057,7 @@ test_gc (struct TALER_EXCHANGEDB_Session *session)
struct GNUNET_TIME_Absolute now; struct GNUNET_TIME_Absolute now;
struct GNUNET_TIME_Absolute past; struct GNUNET_TIME_Absolute past;
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue2; struct TALER_EXCHANGEDB_DenominationKeyInformationP issue2;
struct GNUNET_HashCode denom_hash;
now = GNUNET_TIME_absolute_get (); now = GNUNET_TIME_absolute_get ();
GNUNET_TIME_round_abs (&now); GNUNET_TIME_round_abs (&now);
@ -1079,10 +1080,13 @@ test_gc (struct TALER_EXCHANGEDB_Session *session)
destroy_denom_key_pair (dkp); destroy_denom_key_pair (dkp);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
GNUNET_CRYPTO_rsa_public_key_hash (dkp->pub.rsa_public_key,
&denom_hash);
if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS != if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS !=
plugin->get_denomination_info (plugin->cls, plugin->get_denomination_info (plugin->cls,
session, session,
&dkp->pub, &denom_hash,
&issue2)) &issue2))
{ {
GNUNET_break(0); GNUNET_break(0);
@ -1376,6 +1380,7 @@ payback_cb (void *cls,
const struct TALER_Amount *amount, const struct TALER_Amount *amount,
const struct TALER_ReservePublicKeyP *reserve_pub, const struct TALER_ReservePublicKeyP *reserve_pub,
const struct TALER_CoinPublicInfo *coin, const struct TALER_CoinPublicInfo *coin,
const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_CoinSpendSignatureP *coin_sig, const struct TALER_CoinSpendSignatureP *coin_sig,
const struct TALER_DenominationBlindingKeyP *coin_blind) const struct TALER_DenominationBlindingKeyP *coin_blind)
{ {
@ -1700,7 +1705,7 @@ run (void *cls)
&dkp_pub_hash); &dkp_pub_hash);
RND_BLK(&cbc.h_coin_envelope); RND_BLK(&cbc.h_coin_envelope);
RND_BLK(&cbc.reserve_sig); RND_BLK(&cbc.reserve_sig);
cbc.denom_pub = dkp->pub; cbc.denom_pub_hash = dkp_pub_hash;
cbc.sig.rsa_signature cbc.sig.rsa_signature
= GNUNET_CRYPTO_rsa_sign_fdh (dkp->priv.rsa_private_key, = GNUNET_CRYPTO_rsa_sign_fdh (dkp->priv.rsa_private_key,
&cbc.h_coin_envelope); &cbc.h_coin_envelope);
@ -1732,7 +1737,6 @@ run (void *cls)
session, session,
&cbc.h_coin_envelope, &cbc.h_coin_envelope,
&cbc2)); &cbc2));
FAILIF (NULL == cbc2.denom_pub.rsa_public_key);
FAILIF(0 != GNUNET_memcmp(&cbc2.reserve_sig, &cbc.reserve_sig)); FAILIF(0 != GNUNET_memcmp(&cbc2.reserve_sig, &cbc.reserve_sig));
FAILIF(0 != GNUNET_memcmp(&cbc2.reserve_pub, &cbc.reserve_pub)); FAILIF(0 != GNUNET_memcmp(&cbc2.reserve_pub, &cbc.reserve_pub));
result = 6; result = 6;
@ -1745,7 +1749,8 @@ run (void *cls)
RND_BLK (&coin_sig); RND_BLK (&coin_sig);
RND_BLK (&coin_blind); RND_BLK (&coin_blind);
RND_BLK (&deposit.coin.coin_pub); RND_BLK (&deposit.coin.coin_pub);
deposit.coin.denom_pub = dkp->pub; GNUNET_CRYPTO_rsa_public_key_hash (dkp->pub.rsa_public_key,
&deposit.coin.denom_pub_hash);
deposit.coin.denom_sig = cbc.sig; deposit.coin.denom_sig = cbc.sig;
deadline = GNUNET_TIME_absolute_get (); deadline = GNUNET_TIME_absolute_get ();
(void) GNUNET_TIME_round_abs (&deadline); (void) GNUNET_TIME_round_abs (&deadline);
@ -1885,7 +1890,8 @@ run (void *cls)
0, 0,
sizeof (deposit)); sizeof (deposit));
RND_BLK (&deposit.coin.coin_pub); RND_BLK (&deposit.coin.coin_pub);
deposit.coin.denom_pub = dkp->pub; GNUNET_CRYPTO_rsa_public_key_hash (dkp->pub.rsa_public_key,
&deposit.coin.denom_pub_hash);
deposit.coin.denom_sig = cbc.sig; deposit.coin.denom_sig = cbc.sig;
RND_BLK (&deposit.csig); RND_BLK (&deposit.csig);
RND_BLK (&deposit.merchant_pub); RND_BLK (&deposit.merchant_pub);
@ -2259,8 +2265,6 @@ run (void *cls)
destroy_denom_key_pair (dkp); destroy_denom_key_pair (dkp);
if (NULL != cbc.sig.rsa_signature) if (NULL != cbc.sig.rsa_signature)
GNUNET_CRYPTO_rsa_signature_free (cbc.sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (cbc.sig.rsa_signature);
if (NULL != cbc2.denom_pub.rsa_public_key)
GNUNET_CRYPTO_rsa_public_key_free (cbc2.denom_pub.rsa_public_key);
if (NULL != cbc2.sig.rsa_signature) if (NULL != cbc2.sig.rsa_signature)
GNUNET_CRYPTO_rsa_signature_free (cbc2.sig.rsa_signature); GNUNET_CRYPTO_rsa_signature_free (cbc2.sig.rsa_signature);
dkp = NULL; dkp = NULL;

10
src/include/taler_crypto_lib.h
View File

@ -354,10 +354,10 @@ struct TALER_CoinPublicInfo
struct TALER_CoinSpendPublicKeyP coin_pub; struct TALER_CoinSpendPublicKeyP coin_pub;
/** /**
* Public key representing the denomination of the coin * Hash of the public key representing the denomination of the coin that is
* that is being deposited. * being deposited.
*/ */
struct TALER_DenominationPublicKey denom_pub; struct GNUNET_HashCode denom_pub_hash;
/** /**
* (Unblinded) signature over @e coin_pub with @e denom_pub, * (Unblinded) signature over @e coin_pub with @e denom_pub,
@ -401,12 +401,14 @@ struct TALER_TrackTransferDetails
* is not expired, and the signature is correct. * is not expired, and the signature is correct.
* *
* @param coin_public_info the coin public info to check for validity * @param coin_public_info the coin public info to check for validity
* @param denom_pub denomination key, must match @a coin_public_info's `denom_pub_hash`
* @return #GNUNET_YES if the coin is valid, * @return #GNUNET_YES if the coin is valid,
* #GNUNET_NO if it is invalid * #GNUNET_NO if it is invalid
* #GNUNET_SYSERR if an internal error occured * #GNUNET_SYSERR if an internal error occured
*/ */
int int
TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info); TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info,
const struct TALER_DenominationPublicKey *denom_pub);
GNUNET_NETWORK_STRUCT_BEGIN GNUNET_NETWORK_STRUCT_BEGIN

9
src/include/taler_exchangedb_plugin.h
View File

@ -147,9 +147,9 @@ struct TALER_EXCHANGEDB_CollectableBlindcoin
struct TALER_DenominationSignature sig; struct TALER_DenominationSignature sig;
/** /**
* Denomination key (which coin was generated). * Hash of the denomination key (which coin was generated).
*/ */
struct TALER_DenominationPublicKey denom_pub; struct GNUNET_HashCode denom_pub_hash;
/** /**
* Value of the coin being exchangeed (matching the denomination key) * Value of the coin being exchangeed (matching the denomination key)
@ -1045,6 +1045,7 @@ typedef int
const struct TALER_Amount *amount, const struct TALER_Amount *amount,
const struct TALER_ReservePublicKeyP *reserve_pub, const struct TALER_ReservePublicKeyP *reserve_pub,
const struct TALER_CoinPublicInfo *coin, const struct TALER_CoinPublicInfo *coin,
const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_CoinSpendSignatureP *coin_sig, const struct TALER_CoinSpendSignatureP *coin_sig,
const struct TALER_DenominationBlindingKeyP *coin_blind); const struct TALER_DenominationBlindingKeyP *coin_blind);
@ -1274,14 +1275,14 @@ struct TALER_EXCHANGEDB_Plugin
* *
* @param cls the @e cls of this struct with the plugin-specific state * @param cls the @e cls of this struct with the plugin-specific state
* @param session connection to use * @param session connection to use
* @param denom_pub the public key used for signing coins of this denomination * @param denom_pub_hash hash of the public key used for signing coins of this denomination
* @param[out] issue set to issue information with value, fees and other info about the coin * @param[out] issue set to issue information with value, fees and other info about the coin
* @return transaction status code * @return transaction status code
*/ */
enum GNUNET_DB_QueryStatus enum GNUNET_DB_QueryStatus
(*get_denomination_info) (void *cls, (*get_denomination_info) (void *cls,
struct TALER_EXCHANGEDB_Session *session, struct TALER_EXCHANGEDB_Session *session,
const struct TALER_DenominationPublicKey *denom_pub, const struct GNUNET_HashCode *denom_pub_hash,
struct TALER_EXCHANGEDB_DenominationKeyInformationP *issue); struct TALER_EXCHANGEDB_DenominationKeyInformationP *issue);

13
src/lib/exchange_api_deposit.c
View File

@ -359,6 +359,7 @@ handle_deposit_finished (void *cls,
* @param h_contract_terms hash of the contact of the merchant with the customer (further details are never disclosed to the exchange) * @param h_contract_terms hash of the contact of the merchant with the customer (further details are never disclosed to the exchange)
* @param coin_pub coins public key * @param coin_pub coins public key
* @param denom_pub denomination key with which the coin is signed * @param denom_pub denomination key with which the coin is signed
* @param denom_pub_hash hash of @a denom_pub
* @param denom_sig exchanges unblinded signature of the coin * @param denom_sig exchanges unblinded signature of the coin
* @param timestamp timestamp when the deposit was finalized * @param timestamp timestamp when the deposit was finalized
* @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests) * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests)
@ -374,6 +375,7 @@ verify_signatures (const struct TALER_EXCHANGE_DenomPublicKey *dki,
const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_DenominationSignature *denom_sig, const struct TALER_DenominationSignature *denom_sig,
const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationPublicKey *denom_pub,
const struct GNUNET_HashCode *denom_pub_hash,
struct GNUNET_TIME_Absolute timestamp, struct GNUNET_TIME_Absolute timestamp,
const struct TALER_MerchantPublicKeyP *merchant_pub, const struct TALER_MerchantPublicKeyP *merchant_pub,
struct GNUNET_TIME_Absolute refund_deadline, struct GNUNET_TIME_Absolute refund_deadline,
@ -414,10 +416,11 @@ verify_signatures (const struct TALER_EXCHANGE_DenomPublicKey *dki,
/* check coin signature */ /* check coin signature */
coin_info.coin_pub = *coin_pub; coin_info.coin_pub = *coin_pub;
coin_info.denom_pub = *denom_pub; coin_info.denom_pub_hash = *denom_pub_hash;
coin_info.denom_sig = *denom_sig; coin_info.denom_sig = *denom_sig;
if (GNUNET_YES != if (GNUNET_YES !=
TALER_test_coin_valid (&coin_info)) TALER_test_coin_valid (&coin_info,
denom_pub))
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
TALER_LOG_WARNING ("Invalid coin passed for /deposit\n"); TALER_LOG_WARNING ("Invalid coin passed for /deposit\n");
@ -489,6 +492,7 @@ TALER_EXCHANGE_deposit (struct TALER_EXCHANGE_Handle *exchange,
json_t *deposit_obj; json_t *deposit_obj;
CURL *eh; CURL *eh;
struct GNUNET_HashCode h_wire; struct GNUNET_HashCode h_wire;
struct GNUNET_HashCode denom_pub_hash;
struct TALER_Amount amount_without_fee; struct TALER_Amount amount_without_fee;
(void) GNUNET_TIME_round_abs (&wire_deadline); (void) GNUNET_TIME_round_abs (&wire_deadline);
@ -512,6 +516,8 @@ TALER_EXCHANGE_deposit (struct TALER_EXCHANGE_Handle *exchange,
TALER_amount_subtract (&amount_without_fee, TALER_amount_subtract (&amount_without_fee,
amount, amount,
&dki->fee_deposit)); &dki->fee_deposit));
GNUNET_CRYPTO_rsa_public_key_hash (denom_pub->rsa_public_key,
&denom_pub_hash);
if (GNUNET_OK != if (GNUNET_OK !=
verify_signatures (dki, verify_signatures (dki,
amount, amount,
@ -520,6 +526,7 @@ TALER_EXCHANGE_deposit (struct TALER_EXCHANGE_Handle *exchange,
coin_pub, coin_pub,
denom_sig, denom_sig,
denom_pub, denom_pub,
&denom_pub_hash,
timestamp, timestamp,
merchant_pub, merchant_pub,
refund_deadline, refund_deadline,
@ -541,7 +548,7 @@ TALER_EXCHANGE_deposit (struct TALER_EXCHANGE_Handle *exchange,
"H_wire", GNUNET_JSON_from_data_auto (&h_wire), "H_wire", GNUNET_JSON_from_data_auto (&h_wire),
"h_contract_terms", GNUNET_JSON_from_data_auto (h_contract_terms), "h_contract_terms", GNUNET_JSON_from_data_auto (h_contract_terms),
"coin_pub", GNUNET_JSON_from_data_auto (coin_pub), "coin_pub", GNUNET_JSON_from_data_auto (coin_pub),
"denom_pub", GNUNET_JSON_from_rsa_public_key (denom_pub->rsa_public_key), "denom_pub_hash", GNUNET_JSON_from_data_auto (&denom_pub_hash),
"ub_sig", GNUNET_JSON_from_rsa_signature (denom_sig->rsa_signature), "ub_sig", GNUNET_JSON_from_rsa_signature (denom_sig->rsa_signature),
"timestamp", GNUNET_JSON_from_time_abs (timestamp), "timestamp", GNUNET_JSON_from_time_abs (timestamp),
"merchant_pub", GNUNET_JSON_from_data_auto (merchant_pub), "merchant_pub", GNUNET_JSON_from_data_auto (merchant_pub),

5
src/lib/exchange_api_payback.c
View File

@ -280,6 +280,7 @@ TALER_EXCHANGE_payback (struct TALER_EXCHANGE_Handle *exchange,
struct GNUNET_CURL_Context *ctx; struct GNUNET_CURL_Context *ctx;
struct TALER_PaybackRequestPS pr; struct TALER_PaybackRequestPS pr;
struct TALER_CoinSpendSignatureP coin_sig; struct TALER_CoinSpendSignatureP coin_sig;
struct GNUNET_HashCode h_denom_pub;
json_t *payback_obj; json_t *payback_obj;
CURL *eh; CURL *eh;
@ -289,6 +290,8 @@ TALER_EXCHANGE_payback (struct TALER_EXCHANGE_Handle *exchange,
pr.purpose.size = htonl (sizeof (struct TALER_PaybackRequestPS)); pr.purpose.size = htonl (sizeof (struct TALER_PaybackRequestPS));
GNUNET_CRYPTO_eddsa_key_get_public (&ps->coin_priv.eddsa_priv, GNUNET_CRYPTO_eddsa_key_get_public (&ps->coin_priv.eddsa_priv,
&pr.coin_pub.eddsa_pub); &pr.coin_pub.eddsa_pub);
GNUNET_CRYPTO_rsa_public_key_hash (pk->key.rsa_public_key,
&h_denom_pub);
pr.h_denom_pub = pk->h_key; pr.h_denom_pub = pk->h_key;
pr.coin_blind = ps->blinding_key; pr.coin_blind = ps->blinding_key;
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
@ -299,7 +302,7 @@ TALER_EXCHANGE_payback (struct TALER_EXCHANGE_Handle *exchange,
payback_obj = json_pack ("{s:o, s:o," /* denom pub/sig */ payback_obj = json_pack ("{s:o, s:o," /* denom pub/sig */
" s:o, s:o," /* coin pub/sig */ " s:o, s:o," /* coin pub/sig */
" s:o}", /* coin_bks */ " s:o}", /* coin_bks */
"denom_pub", GNUNET_JSON_from_rsa_public_key (pk->key.rsa_public_key), "denom_pub_hash", GNUNET_JSON_from_data_auto (&h_denom_pub),
"denom_sig", GNUNET_JSON_from_rsa_signature (denom_sig->rsa_signature), "denom_sig", GNUNET_JSON_from_rsa_signature (denom_sig->rsa_signature),
"coin_pub", GNUNET_JSON_from_data_auto (&pr.coin_pub), "coin_pub", GNUNET_JSON_from_data_auto (&pr.coin_pub),
"coin_sig", GNUNET_JSON_from_data_auto (&coin_sig), "coin_sig", GNUNET_JSON_from_data_auto (&coin_sig),

7
src/lib/exchange_api_refresh.c
View File

@ -1151,6 +1151,7 @@ TALER_EXCHANGE_refresh_melt (struct TALER_EXCHANGE_Handle *exchange,
struct MeltData *md; struct MeltData *md;
struct TALER_CoinSpendSignatureP confirm_sig; struct TALER_CoinSpendSignatureP confirm_sig;
struct TALER_RefreshMeltCoinAffirmationPS melt; struct TALER_RefreshMeltCoinAffirmationPS melt;
struct GNUNET_HashCode h_denom_pub;
GNUNET_assert (GNUNET_YES == GNUNET_assert (GNUNET_YES ==
TEAH_handle_is_ready (exchange)); TEAH_handle_is_ready (exchange));
@ -1174,11 +1175,13 @@ TALER_EXCHANGE_refresh_melt (struct TALER_EXCHANGE_Handle *exchange,
GNUNET_CRYPTO_eddsa_sign (&md->melted_coin.coin_priv.eddsa_priv, GNUNET_CRYPTO_eddsa_sign (&md->melted_coin.coin_priv.eddsa_priv,
&melt.purpose, &melt.purpose,
&confirm_sig.eddsa_signature); &confirm_sig.eddsa_signature);
GNUNET_CRYPTO_rsa_public_key_hash (md->melted_coin.pub_key.rsa_public_key,
&h_denom_pub);
melt_obj = json_pack ("{s:o, s:o, s:o, s:o, s:o, s:o}", melt_obj = json_pack ("{s:o, s:o, s:o, s:o, s:o, s:o}",
"coin_pub", "coin_pub",
GNUNET_JSON_from_data_auto (&melt.coin_pub), GNUNET_JSON_from_data_auto (&melt.coin_pub),
"denom_pub", "denom_pub_hash",
GNUNET_JSON_from_rsa_public_key (md->melted_coin.pub_key.rsa_public_key), GNUNET_JSON_from_data_auto (&h_denom_pub),
"denom_sig", "denom_sig",
GNUNET_JSON_from_rsa_signature (md->melted_coin.sig.rsa_signature), GNUNET_JSON_from_rsa_signature (md->melted_coin.sig.rsa_signature),
"confirm_sig", "confirm_sig",

7
src/lib/exchange_api_reserve.c
View File

@ -1001,6 +1001,7 @@ reserve_withdraw_internal (struct TALER_EXCHANGE_Handle *exchange,
struct GNUNET_CURL_Context *ctx; struct GNUNET_CURL_Context *ctx;
json_t *withdraw_obj; json_t *withdraw_obj;
CURL *eh; CURL *eh;
struct GNUNET_HashCode h_denom_pub;
wsh = GNUNET_new (struct TALER_EXCHANGE_ReserveWithdrawHandle); wsh = GNUNET_new (struct TALER_EXCHANGE_ReserveWithdrawHandle);
wsh->exchange = exchange; wsh->exchange = exchange;
@ -1009,9 +1010,11 @@ reserve_withdraw_internal (struct TALER_EXCHANGE_Handle *exchange,
wsh->pk = pk; wsh->pk = pk;
wsh->reserve_pub = *reserve_pub; wsh->reserve_pub = *reserve_pub;
wsh->c_hash = pd->c_hash; wsh->c_hash = pd->c_hash;
withdraw_obj = json_pack ("{s:o, s:o," /* denom_pub and coin_ev */ GNUNET_CRYPTO_rsa_public_key_hash (pk->key.rsa_public_key,
&h_denom_pub);
withdraw_obj = json_pack ("{s:o, s:o," /* denom_pub_hash and coin_ev */
" s:o, s:o}",/* reserve_pub and reserve_sig */ " s:o, s:o}",/* reserve_pub and reserve_sig */
"denom_pub", GNUNET_JSON_from_rsa_public_key (pk->key.rsa_public_key), "denom_pub_hash", GNUNET_JSON_from_data_auto (&h_denom_pub),
"coin_ev", GNUNET_JSON_from_data (pd->coin_ev, "coin_ev", GNUNET_JSON_from_data (pd->coin_ev,
pd->coin_ev_size), pd->coin_ev_size),
"reserve_pub", GNUNET_JSON_from_data_auto (reserve_pub), "reserve_pub", GNUNET_JSON_from_data_auto (reserve_pub),

15
src/util/crypto.c
View File

@ -77,22 +77,33 @@ TALER_gcrypt_init ()
* is not expired, and the signature is correct. * is not expired, and the signature is correct.
* *
* @param coin_public_info the coin public info to check for validity * @param coin_public_info the coin public info to check for validity
* @param denom_pub denomination key, must match @a coin_public_info's `denom_pub_hash`
* @return #GNUNET_YES if the coin is valid, * @return #GNUNET_YES if the coin is valid,
* #GNUNET_NO if it is invalid * #GNUNET_NO if it is invalid
* #GNUNET_SYSERR if an internal error occured * #GNUNET_SYSERR if an internal error occured
*/ */
int int
TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info) TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info,
const struct TALER_DenominationPublicKey *denom_pub)
{ {
struct GNUNET_HashCode c_hash; struct GNUNET_HashCode c_hash;
#if 1 /* sanity check of invariant, could probably be disabled in production
for slightly more performance */
struct GNUNET_HashCode d_hash;
GNUNET_CRYPTO_rsa_public_key_hash (denom_pub->rsa_public_key,
&d_hash);
GNUNET_assert (0 ==
GNUNET_memcmp (&d_hash,
&coin_public_info->denom_pub_hash));
#endif
GNUNET_CRYPTO_hash (&coin_public_info->coin_pub, GNUNET_CRYPTO_hash (&coin_public_info->coin_pub,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey), sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
&c_hash); &c_hash);
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CRYPTO_rsa_verify (&c_hash, GNUNET_CRYPTO_rsa_verify (&c_hash,
coin_public_info->denom_sig.rsa_signature, coin_public_info->denom_sig.rsa_signature,
coin_public_info->denom_pub.rsa_public_key)) denom_pub->rsa_public_key))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"coin signature is invalid\n"); "coin signature is invalid\n");