Commit Graph

582 Commits

Author SHA1 Message Date
Christian Grothoff
62d8368b1b
-fix more FTBFS issues 2022-02-06 19:53:23 +01:00
Christian Grothoff
66abbcac3f
-fix more FTBFS issues 2022-02-06 19:44:05 +01:00
Christian Grothoff
e735475623
-work on refresh_common FTBFS 2022-02-06 19:00:01 +01:00
Christian Grothoff
f173296c3c
-fix refresh FTBFS 2022-02-06 18:39:28 +01:00
Christian Grothoff
57bbdb0997
-fix melt FTBFS 2022-02-06 18:35:08 +01:00
Gian Demarmels
34a7f59060
fixed src util and other stuff 2022-02-05 23:42:17 +01:00
Christian Grothoff
718ad3996f
-FTBFS 2022-02-05 20:40:39 +01:00
Gian Demarmels
e8740316a7
fixes to crypto.c changes 2022-02-05 20:22:55 +01:00
Christian Grothoff
41d132757b
-implement new client-side csr logic 2022-02-05 17:06:42 +01:00
Gian Demarmels
f46dc9ea5e
Merge branch 'master' of ssh://git.taler.net/exchange 2022-02-05 00:33:16 +01:00
Gian Demarmels
c42376cf40
crypto implementation 2022-02-05 00:32:53 +01:00
Christian Grothoff
aea7fc36c3
-style fix 2022-02-05 00:13:51 +01:00
Christian Grothoff
d81a6c7cf2
-work on reveal 2022-02-05 00:12:58 +01:00
Christian Grothoff
b30765c7d0
make API actually workable, sketch out melt 2022-02-04 23:58:41 +01:00
Christian Grothoff
cfc6c3fcd0
make API actually workable: 2022-02-04 23:09:19 +01:00
Christian Grothoff
d833966d52
-API work 2022-02-04 22:02:48 +01:00
Christian Grothoff
03fd154a69
messing with CS/RSA fixes 2022-02-04 19:30:15 +01:00
Gian Demarmels
a67786078b
resolves merge conflicts 2022-02-04 16:50:32 +01:00
Gian Demarmels
086cf05794
refactor TALER_coin_ev_hash 2022-02-04 15:37:34 +01:00
Gian Demarmels
2213012866
include denom_pub into coin_ev_hash 2022-02-04 15:37:34 +01:00
Gian Demarmels
be50c084f8
fixed nonce check, renamed WithdrawNonce 2022-02-04 15:37:33 +01:00
Christian Grothoff
3510f953b0
-make picky gcc happy 2022-02-04 15:37:32 +01:00
Lucien Heuzeveldt
8d85c8b5b6
implement feedback 2022-02-04 15:37:30 +01:00
Gian Demarmels
5b7e8f9ac5
refactoring 2022-02-04 15:36:11 +01:00
Gian Demarmels
9c2aefaa51
removed varargs 2022-02-04 15:36:08 +01:00
Lucien Heuzeveldt
9074e66ebc
implement withdraw (nonce reuse check missing) 2022-02-04 15:35:31 +01:00
Lucien Heuzeveldt
82405b0ce5
implement CS key handling and csr endpoint 2022-02-04 15:34:19 +01:00
Lucien Heuzeveldt
fbb6d03f69
fix const due to changes in TALER_planchet_prepare 2022-02-04 15:33:10 +01:00
Lucien Heuzeveldt
3225566c93
implement exchange_api_csr 2022-02-04 15:33:07 +01:00
Gian Demarmels
f3fb7c29e6
added CS data structures, implemented CS keypair 2022-02-04 15:31:45 +01:00
8684a9bfea
[age_restriction] progress 13/n
- major refactoring of extensions
  - extensions live now in a separate library, libtalerextensions
  - refactored all components using age_restriction accordingly
  - plumbing for plugin support for extensions roughly layed down
2022-01-23 01:36:21 +01:00
0b56de6c99
[age restriction] progress 12/n
- taler-offline-tool now handles extensions
  - command "extensions" added with subcommands "show" and "sign"
  - parses extensions from taler config
  - shows and signs of extensions and their configurations
  - creates signed set of configurations for upload
  - added test for retrieval of extension config

- simplified signature verification for extensions
  - remove per-extension signatures, also from DB schema
  - adjust prepared statements accordingly
  - adjust DB event handler for extensions
  - allow NULL for config for extension in DB schema
  - handler for /management/extensions adjusted to new datastructures

- changed test for TALER_denom_blind/TALER_denom_sign_blinded with and
  without TALER_AgeHash

- minor updates and various fixes
2022-01-21 15:41:02 +01:00
Christian Grothoff
e7aeec04f4
The current recoup API is broken. I guess this is another example where "trivial" API changes turn out to have (multiple!) unexpected consequences.
The current "/recoup" API does not have clear idempotency semantics, as we've discussed on the phone.  This is already bad by itself, as it makes it hard to write down what the API does other than "whatever the implementation does".

However, it actually breaks correctness in this (admittedly kinda contrived, but not impossible) case:

Say that we have a coin A obtained via withdrawal and a coin B obtained via refreshing coin A. Now the denominations of A gets revoked..

The wallet does a recoup of A for EUR:1.

Now the denomination of B also gets revoked.  The wallet recoups B (incidentally also for EUR:1) and now A can be recouped again for EUR:1.  But now the exchange is in a state where it will refuse a legitimate recoup request for A because the detection for an idempotent request kicks in.

This is IMHO bad API design, and the exchange should simply always recoup the maximum amount.

Furthermore, we usually follow the principle of "API calls that take up DB space are paid".  With the current recoup API, I can do many tiny recoup requests which the exchange then has to store, right?

I guess it would not be a big change to remove the "amount" value from the recoup/recoup-refresh request bodies, right?

- Florian
2022-01-11 12:47:35 +01:00
e30989c930
[age restriction] progress 11/n
Parse age restriction information from "/keys"
- parse "age_restriction" extension, extract mask for age groups
- parse denominations from "age_restricted_denoms", too, if available
2022-01-10 00:04:23 +01:00
cc7d7707ab
[age restriction] progress 10/n
More work towards support for extensions:
- Prepared statements and DB-plugin-functions for setting and retrieving
  configurations from the database added.
- primitive "registry" of extensions for age restrictions and peer2peer
  (stub)
- TALER_Extensions now with FP for parsing, setting and converting a
  configuration.
- /management/extensions handler now verifies signature of the (opaque)
  json object for all extensions.
- /management/extensions handler calls the FP in the corrensponding
  TALER_Extension for parsing and setting the configuration of a
  particular extension

More work towards age restriction:
- TALER_Extensions interfaces for config-parser, -setter and converter
  implemented for age restriction
- DB event handler now retrieves config from database, parses it and
  sets it (the age mask) in the global extension.
- load_age_mask now loads age mask from the global extension (and not
  from the config file)
- add age_restricted_denoms to /keys response
2022-01-08 14:40:20 +01:00
ef4238874f
[age restriction] progress 9/n
More worke towards support for extensions and age restriction:

- taler-exchange-httpd_management_extensions.c almost completed
  - handling of request implemented
  - stub "set_extensions" for database transaction added

- utility functions added
  - TALER_exchange_offline_extension_agemask_{sign,verify}
  - TALER_agemask_parse_json
2021-12-27 23:24:48 +01:00
Christian Grothoff
f6ecb6c895
-eliminate redundant hash operation on link signatures 2021-12-25 15:39:01 +01:00
Christian Grothoff
84c9adf5a6
v12: also do not sign over merchant_pub in REFUND signature, centralize logic 2021-12-25 14:58:04 +01:00
Christian Grothoff
87376e02eb
protocol v12 changes (/recoup split, signature changes) plus database sharding plus O(n^2)=>O(n) worst-case complexity reduction on coin balance checks 2021-12-25 13:56:40 +01:00
Christian Grothoff
2c14d33870
deduplicate melt signing logic, remove coin_pub from data being signed over 2021-12-25 13:56:40 +01:00
1b23857f2c
[age restriction] progress 8/n
More work towards support for extensions and age restriction

- updated gana
- added handler for DB-Event
- added TEH_extensions_init() and _done()
- added global for age restriction
- added stub for post handler
- added SQL-table for extension metadata
- added enum type for extensions and other data structures

Also:
- fixed some warnings -Wmaybe-unitialized
2021-12-23 15:15:33 +01:00
Christian Grothoff
1acc851deb
-fix recoup ugliness 2021-12-16 20:18:44 +01:00
Christian Grothoff
1a1fafbd43
introducing GNUNET_TIME_Timestamp, recoup now with amounts 2021-12-14 16:04:40 +01:00
Christian Grothoff
a25429cadd
fix #7123 2021-12-11 20:06:15 +01:00
Christian Grothoff
e0700ad916
optimize /deposit logic to minimize serialization failures (presumably) 2021-12-08 20:33:14 +01:00
Christian Grothoff
7e84b5570a
fix error handling for very large uploads, fix re-generation of /keys response after Expires expires 2021-12-08 18:12:28 +01:00
Christian Grothoff
2e6e2387b8
logging 2021-12-08 14:53:22 +01:00
Christian Grothoff
32e185978f
tolerate missing 'Expire' header better 2021-12-08 14:33:13 +01:00
Christian Grothoff
7dcd217b60
-fix balance calculation 2021-12-06 16:37:32 +01:00
Christian Grothoff
6ba9f934c4
-add FIXMEs 2021-12-05 19:23:16 +01:00