Compare commits

..

2 Commits

11 changed files with 110 additions and 17 deletions

View File

@ -1143,9 +1143,9 @@ struct TALER_FreshCoin
struct TALER_CoinSpendPrivateKeyP coin_priv;
/**
* Optional hash of an age commitment (#TALER_AgeCommitment), maybe NULL.
* Optional hash of an age commitment bound to this coin, maybe NULL.
*/
struct TALER_AgeCommitmentHash *age_commitment_hash;
const struct TALER_AgeCommitmentHash *h_age_commitment;
};
@ -1266,7 +1266,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps);
*
* @param dk denomination key for the coin to be created
* @param ps secret planchet internals (for #TALER_planchet_to_coin)
* @param ach (optional) hash of age commitment (for #TALER_planchet_to_coin)
* @param ach (optional) hash of age commitment to bind to this coin, maybe NULL
* @param[out] c_hash set to the hash of the public key of the coin (needed later)
* @param[out] pd set to the planchet detail for TALER_MERCHANT_tip_pickup() and
* other withdraw operations
@ -1287,6 +1287,7 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
* @param dk denomination key, must match what was given to #TALER_planchet_prepare()
* @param blind_sig blind signature from the exchange
* @param ps secrets from #TALER_planchet_prepare()
* @param ach (optional) hash of age commitment that is bound to this coin, maybe NULL
* @param c_hash hash of the coin's public key for verification of the signature
* @param[out] coin set to the details of the fresh coin
* @return #GNUNET_OK on success
@ -1296,6 +1297,7 @@ TALER_planchet_to_coin (
const struct TALER_DenominationPublicKey *dk,
const struct TALER_BlindedDenominationSignature *blind_sig,
const struct TALER_PlanchetSecretsP *ps,
const struct TALER_AgeCommitmentHash *ach,
const struct TALER_CoinPubHash *c_hash,
struct TALER_FreshCoin *coin);

View File

@ -1359,6 +1359,7 @@ typedef void
* @param reserve_priv private key of the reserve to withdraw from
* @param ps secrets of the planchet
* caller must have committed this value to disk before the call (with @a pk)
* @param ach (optional) hash of the age commitment that should be bound to this coin. Maybe NULL.
* @param res_cb the callback to call when the final result for this request is available
* @param res_cb_cls closure for @a res_cb
* @return NULL
@ -1371,6 +1372,7 @@ TALER_EXCHANGE_withdraw (
const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_ReservePrivateKeyP *reserve_priv,
const struct TALER_PlanchetSecretsP *ps,
const struct TALER_AgeCommitmentHash *ach,
TALER_EXCHANGE_WithdrawCallback res_cb,
void *res_cb_cls);

View File

@ -109,10 +109,12 @@ struct MeltData
struct TALER_PlanchetSecretsP *fresh_coins[TALER_CNC_KAPPA];
/**
* Arrays of @e num_fresh_coins with age commitments. The
* coins to be created, for each cut-and-choose dimension.
* Arrays of @e num_fresh_coins with information about the hashes of age
* commitments coins to be created, for each cut-and-choose dimension. The
* entries in each list might be NULL and indicate no age
* commitment/restriction on the particular coin.
*/
struct TALER_AgeCommitmentHash **ach[TALER_CNC_KAPPA];
struct TALER_AgeCommitmentHash *fresh_ach[TALER_CNC_KAPPA];
};

View File

@ -136,6 +136,7 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshesRevealHandle *rrh,
{
const struct TALER_PlanchetSecretsP *fc;
struct TALER_DenominationPublicKey *pk;
struct TALER_AgeCommitmentHash *ach;
json_t *jsonai;
struct TALER_BlindedDenominationSignature blind_sig;
struct TALER_CoinSpendPublicKeyP coin_pub;
@ -148,6 +149,7 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshesRevealHandle *rrh,
struct TALER_FreshCoin coin;
fc = &rrh->md->fresh_coins[rrh->noreveal_index][i];
ach = &rrh->md->fresh_ach[rrh->noreveal_index][i];
pk = &rrh->md->fresh_pks[i];
jsonai = json_array_get (jsona, i);
GNUNET_assert (NULL != jsonai);
@ -166,14 +168,14 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshesRevealHandle *rrh,
hence recomputing it here... */
GNUNET_CRYPTO_eddsa_key_get_public (&fc->coin_priv.eddsa_priv,
&coin_pub.eddsa_pub);
/* FIXME-Oec: Age commitment hash. */
TALER_coin_pub_hash (&coin_pub,
NULL, /* FIXME-Oec */
ach,
&coin_hash);
if (GNUNET_OK !=
TALER_planchet_to_coin (pk,
&blind_sig,
fc,
ach,
&coin_hash,
&coin))
{

View File

@ -63,6 +63,11 @@ struct TALER_EXCHANGE_WithdrawHandle
*/
struct TALER_PlanchetSecretsP ps;
/**
* Hash of the age commitment for this coin, if applicable. Maybe NULL
*/
const struct TALER_AgeCommitmentHash *ach;
/**
* Denomination key we are withdrawing.
*/
@ -106,6 +111,7 @@ handle_reserve_withdraw_finished (
TALER_planchet_to_coin (&wh->pk.key,
blind_sig,
&wh->ps,
wh->ach,
&wh->c_hash,
&fc))
{
@ -159,6 +165,7 @@ handle_reserve_withdraw_finished (
* @param reserve_priv private key of the reserve to withdraw from
* @param ps secrets of the planchet
* caller must have committed this value to disk before the call (with @a pk)
* @param ach (optional) hash of the age commitment that should be bound to this coin. Maybe NULL.
* @param res_cb the callback to call when the final result for this request is available
* @param res_cb_cls closure for the above callback
* @return handle for the operation on success, NULL on error, i.e.
@ -171,6 +178,7 @@ TALER_EXCHANGE_withdraw (
const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_ReservePrivateKeyP *reserve_priv,
const struct TALER_PlanchetSecretsP *ps,
const struct TALER_AgeCommitmentHash *ach,
TALER_EXCHANGE_WithdrawCallback res_cb,
void *res_cb_cls)
{
@ -183,10 +191,15 @@ TALER_EXCHANGE_withdraw (
wh->cb_cls = res_cb_cls;
wh->pk = *pk;
wh->ps = *ps;
wh->ach = ach;
GNUNET_assert ( (pk->age_restricted && (NULL != ach)) ||
(! pk->age_restricted && (NULL == ach)) );
if (GNUNET_OK !=
TALER_planchet_prepare (&pk->key,
ps,
NULL, /* FIXME-oec */
ach,
&wh->c_hash,
&pd))
{

View File

@ -708,7 +708,7 @@ main (int argc,
GNUNET_break (0);
return 1;
case GNUNET_NO:
return 77;
return 78;
case GNUNET_OK:
if (GNUNET_OK !=
/* Set up event loop and reschedule context, plus
@ -718,11 +718,11 @@ main (int argc,
TALER_TESTING_auditor_setup (&run,
NULL,
CONFIG_FILE))
return 1;
return 2;
break;
default:
GNUNET_break (0);
return 1;
return 3;
}
return 0;
}

View File

@ -1004,7 +1004,7 @@ main (int argc,
GNUNET_break (0);
return 1;
case GNUNET_NO:
return 77;
return 78;
case GNUNET_OK:
if (GNUNET_OK !=
/* Set up event loop and reschedule context, plus
@ -1014,11 +1014,11 @@ main (int argc,
TALER_TESTING_setup_with_exchange (&run,
NULL,
CONFIG_FILE))
return 1;
return 2;
break;
default:
GNUNET_break (0);
return 1;
return 3;
}
return 0;
}

View File

@ -443,6 +443,7 @@ withdraw_run (void *cls,
ws->pk,
rp,
&ws->ps,
NULL, /* FIXME-oec struct TALER_AgeCommitmentHash * */
&reserve_withdraw_cb,
ws);
if (NULL == ws->wsh)

View File

@ -220,6 +220,7 @@ TALER_planchet_to_coin (
const struct TALER_DenominationPublicKey *dk,
const struct TALER_BlindedDenominationSignature *blind_sig,
const struct TALER_PlanchetSecretsP *ps,
const struct TALER_AgeCommitmentHash *ach,
const struct TALER_CoinPubHash *c_hash,
struct TALER_FreshCoin *coin)
{
@ -245,6 +246,7 @@ TALER_planchet_to_coin (
}
coin->sig = sig;
coin->coin_priv = ps->coin_priv;
coin->h_age_commitment = ach;
return GNUNET_OK;
}

View File

@ -101,6 +101,7 @@ test_planchets (void)
GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (&dk_pub,
&ps,
NULL, /* no age commitment */
&c_hash,
&pd));
GNUNET_assert (GNUNET_OK ==
@ -112,6 +113,62 @@ test_planchets (void)
TALER_planchet_to_coin (&dk_pub,
&blind_sig,
&ps,
NULL, /* no age commitment */
&c_hash,
&coin));
TALER_blinded_denom_sig_free (&blind_sig);
TALER_denom_sig_free (&coin.sig);
TALER_denom_priv_free (&dk_priv);
TALER_denom_pub_free (&dk_pub);
return 0;
}
/**
* Test the basic planchet functionality of creating a fresh planchet and
* extracting the respective signature, this time _with_ age commitment.
*
* @return 0 on success
*/
static int
test_planchets_with_age_commitment (void)
{
struct TALER_PlanchetSecretsP ps;
struct TALER_AgeCommitmentHash ach;
struct TALER_DenominationPrivateKey dk_priv;
struct TALER_DenominationPublicKey dk_pub;
struct TALER_PlanchetDetail pd;
struct TALER_BlindedDenominationSignature blind_sig;
struct TALER_FreshCoin coin;
struct TALER_CoinPubHash c_hash;
GNUNET_assert (GNUNET_OK ==
TALER_denom_priv_create (&dk_priv,
&dk_pub,
TALER_DENOMINATION_RSA,
1024));
TALER_planchet_setup_random (&ps);
GNUNET_CRYPTO_random_block (
GNUNET_CRYPTO_QUALITY_WEAK,
&ach,
sizeof(struct TALER_AgeCommitmentHash));
GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (&dk_pub,
&ps,
&ach,
&c_hash,
&pd));
GNUNET_assert (GNUNET_OK ==
TALER_denom_sign_blinded (&blind_sig,
&dk_priv,
pd.coin_ev,
pd.coin_ev_size));
GNUNET_assert (GNUNET_OK ==
TALER_planchet_to_coin (&dk_pub,
&blind_sig,
&ps,
&ach,
&c_hash,
&coin));
TALER_blinded_denom_sig_free (&blind_sig);
@ -221,10 +278,12 @@ main (int argc,
return 1;
if (0 != test_planchets ())
return 2;
if (0 != test_exchange_sigs ())
if (0 != test_planchets_with_age_commitment ())
return 3;
if (0 != test_merchant_sigs ())
if (0 != test_exchange_sigs ())
return 4;
if (0 != test_merchant_sigs ())
return 5;
return 0;
}

View File

@ -268,9 +268,13 @@ test_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh)
enum TALER_ErrorCode ec;
bool success = false;
struct TALER_PlanchetSecretsP ps;
struct TALER_AgeCommitmentHash ach;
struct TALER_CoinPubHash c_hash;
TALER_planchet_setup_random (&ps);
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&ach,
sizeof(ach));
for (unsigned int i = 0; i<MAX_KEYS; i++)
{
if (! keys[i].valid)
@ -281,6 +285,7 @@ test_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh)
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub,
&ps,
&ach,
&c_hash,
&pd));
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
@ -418,8 +423,12 @@ perf_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
enum TALER_ErrorCode ec;
struct GNUNET_TIME_Relative duration;
struct TALER_PlanchetSecretsP ps;
struct TALER_AgeCommitmentHash ach;
TALER_planchet_setup_random (&ps);
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&ach,
sizeof(ach));
duration = GNUNET_TIME_UNIT_ZERO;
TALER_CRYPTO_helper_rsa_poll (dh);
for (unsigned int j = 0; j<NUM_SIGN_PERFS;)
@ -445,6 +454,7 @@ perf_signing (struct TALER_CRYPTO_RsaDenominationHelper *dh,
GNUNET_assert (GNUNET_YES ==
TALER_planchet_prepare (&keys[i].denom_pub,
&ps,
&ach,
&c_hash,
&pd));
/* use this key as long as it works */