[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] branch master updated (8e7b0f5f -> 69991605)
|
From: |
gnunet |
|
Subject: |
[taler-exchange] branch master updated (8e7b0f5f -> 69991605) |
|
Date: |
Sun, 20 Dec 2020 17:10:21 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a change to branch master
in repository exchange.
from 8e7b0f5f rename wire2.c to wire.c
new 6a73629a re-enable cherry picking test (kind-of passes, not finished)
new 69991605 misc doxygen fixes
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
src/auditor/report-lib.c | 2 +-
src/exchange-tools/taler-auditor-offline.c | 2 +-
src/exchange-tools/taler-exchange-offline.c | 2 +-
src/exchange/exchange.conf | 14 +-
src/exchange/taler-exchange-httpd_keys.c | 24 +--
src/exchange/taler-exchange-httpd_keys.h | 14 +-
.../taler-exchange-httpd_refreshes_reveal.c | 2 +-
src/exchange/taler-exchange-httpd_wire.h | 2 +-
src/exchangedb/exchangedb.conf | 8 -
src/exchangedb/plugin_exchangedb_postgres.c | 13 +-
src/include/taler_crypto_lib.h | 44 ++---
src/include/taler_exchange_service.h | 20 --
src/include/taler_testing_lib.h | 8 +-
src/lib/exchange_api_handle.c | 58 +-----
src/lib/exchange_api_wire.c | 1 -
src/testing/Makefile.am | 5 +-
.../test-taler-exchange-aggregator-postgres.conf | 2 -
.../test-taler-exchange-wirewatch-postgres.conf | 3 -
src/testing/test_auditor_api.conf | 15 +-
src/testing/test_exchange_api.conf | 28 +--
.../test_exchange_api_keys_cherry_picking.c | 188 +++---------------
.../test_exchange_api_keys_cherry_picking.conf | 51 ++---
.../test_exchange_api_overlapping_keys_bug.c | 2 +-
src/testing/test_exchange_api_twisted.conf | 24 ---
src/testing/testing_api_cmd_check_keys.c | 216 +++++++++++----------
src/util/auditor_signatures.c | 2 +-
src/util/crypto.c | 121 +-----------
src/util/crypto_helper_denom.c | 3 +-
src/util/crypto_helper_esign.c | 5 +-
src/util/crypto_wire.c | 4 +-
src/util/offline_signatures.c | 28 +--
src/util/secmod_signatures.c | 4 +-
src/util/taler-helper-crypto-eddsa.c | 7 +-
src/util/taler-helper-crypto-rsa.c | 7 +-
34 files changed, 250 insertions(+), 679 deletions(-)
diff --git a/src/auditor/report-lib.c b/src/auditor/report-lib.c
index 481ee357..19a8ed7d 100644
--- a/src/auditor/report-lib.c
+++ b/src/auditor/report-lib.c
@@ -161,7 +161,7 @@ TALER_ARL_report (json_t *array,
*
* @param cls closure, NULL
* @param denom_pub public key, sometimes NULL (!)
- * @param issue issuing information with value, fees and other info about the
denomination.
+ * @param validity issuing information with value, fees and other info about
the denomination.
*/
static void
add_denomination (void *cls,
diff --git a/src/exchange-tools/taler-auditor-offline.c
b/src/exchange-tools/taler-auditor-offline.c
index 507dd744..7a354edf 100644
--- a/src/exchange-tools/taler-auditor-offline.c
+++ b/src/exchange-tools/taler-auditor-offline.c
@@ -461,7 +461,7 @@ upload_denomination_add (const char *exchange_url,
/**
- * Perform uploads based on the JSON in #io.
+ * Perform uploads based on the JSON in #out.
*
* @param exchange_url base URL of the exchange to use
*/
diff --git a/src/exchange-tools/taler-exchange-offline.c
b/src/exchange-tools/taler-exchange-offline.c
index 22153e66..abcd52f2 100644
--- a/src/exchange-tools/taler-exchange-offline.c
+++ b/src/exchange-tools/taler-exchange-offline.c
@@ -1624,7 +1624,7 @@ upload_keys (const char *exchange_url,
/**
- * Perform uploads based on the JSON in #io.
+ * Perform uploads based on the JSON in #out.
*
* @param exchange_url base URL of the exchange to use
*/
diff --git a/src/exchange/exchange.conf b/src/exchange/exchange.conf
index 3abd8efd..f4bdc4ed 100644
--- a/src/exchange/exchange.conf
+++ b/src/exchange/exchange.conf
@@ -63,20 +63,8 @@ AGGREGATOR_IDLE_SLEEP_INTERVAL = 60 s
# super fast.)
WIREWATCH_IDLE_SLEEP_INTERVAL = 1 s
-# how long is one signkey valid?
-SIGNKEY_DURATION = 4 weeks
-
# how long are the signatures with the signkey valid?
-LEGAL_DURATION = 2 years
-
-# how long do we generate denomination and signing keys
-# ahead of time?
-LOOKAHEAD_SIGN = 32 weeks 1 day
-
-# how long do we provide to clients denomination and signing keys
-# ahead of time?
-LOOKAHEAD_PROVIDE = 4 weeks 1 day
-
+SIGNKEY_LEGAL_DURATION = 2 years
# Directory with our terms of service.
# TERMS_DIR =
diff --git a/src/exchange/taler-exchange-httpd_keys.c
b/src/exchange/taler-exchange-httpd_keys.c
index e955cd95..87dd5467 100644
--- a/src/exchange/taler-exchange-httpd_keys.c
+++ b/src/exchange/taler-exchange-httpd_keys.c
@@ -147,7 +147,7 @@ struct HelperSignkey
* State associated with the crypto helpers / security modules.
* Created per-thread, but NOT updated when the #key_generation
* is updated (instead constantly kept in sync whenever
- * #TEH_get_key_state() is called).
+ * #TEH_keys_get_state() is called).
*/
struct HelperState
{
@@ -335,8 +335,8 @@ static pthread_key_t key_state;
* Counter incremented whenever we have a reason to re-build the keys because
* something external changed (in another thread). The counter is manipulated
* using an atomic update, and thus to ensure that threads notice when it
- * changes, the variable MUST be volatile. See #TEH_get_key_state() and
- * #TEH_update_key_state() for uses of this variable.
+ * changes, the variable MUST be volatile. See #TEH_keys_get_state() and
+ * #TEH_keys_update_states() for uses of this variable.
*/
static volatile uint64_t key_generation;
@@ -816,7 +816,7 @@ clear_denomination_cb (void *cls,
* Free denomination key data.
*
* @param cls a `struct TEH_KeyStateHandle`, unused
- * @param h_denom_pub hash of the denomination public key, unused
+ * @param pid the online signing key (type-disguised), unused
* @param value a `struct SigningKey` to free
* @return #GNUNET_OK (continue to iterate)
*/
@@ -1729,7 +1729,7 @@ TEH_keys_update_states ()
/**
* Obtain the key state for the current thread. Should ONLY be used
- * directly if @a management_only is true. Otherwise use #TEH_get_key_state().
+ * directly if @a management_only is true. Otherwise use #TEH_keys_get_state().
*
* @param management_only if we should NOT run 'finish_keys_response()'
* because we only need the state for the /management/keys API
@@ -1787,7 +1787,7 @@ get_key_state (bool management_only)
struct TEH_KeyStateHandle *
-TEH_get_key_state (void)
+TEH_keys_get_state (void)
{
struct TEH_KeyStateHandle *ksh;
@@ -1811,7 +1811,7 @@ TEH_keys_denomination_by_hash (const struct
GNUNET_HashCode *h_denom_pub,
{
struct TEH_KeyStateHandle *ksh;
- ksh = TEH_get_key_state ();
+ ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
*hc = MHD_HTTP_INTERNAL_SERVER_ERROR;
@@ -1854,7 +1854,7 @@ TEH_keys_denomination_sign (const struct GNUNET_HashCode
*h_denom_pub,
struct TEH_KeyStateHandle *ksh;
struct TALER_DenominationSignature none = { NULL };
- ksh = TEH_get_key_state ();
+ ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
*ec = TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING;
@@ -1873,7 +1873,7 @@ TEH_keys_denomination_revoke (const struct
GNUNET_HashCode *h_denom_pub)
{
struct TEH_KeyStateHandle *ksh;
- ksh = TEH_get_key_state ();
+ ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
GNUNET_break (0);
@@ -1893,7 +1893,7 @@ TEH_keys_exchange_sign_ (
{
struct TEH_KeyStateHandle *ksh;
- ksh = TEH_get_key_state ();
+ ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
/* This *can* happen if the exchange's crypto helper is not running
@@ -1956,7 +1956,7 @@ TEH_keys_exchange_revoke (const struct
TALER_ExchangePublicKeyP *exchange_pub)
{
struct TEH_KeyStateHandle *ksh;
- ksh = TEH_get_key_state ();
+ ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
GNUNET_break (0);
@@ -2037,7 +2037,7 @@ TEH_keys_get_handler (const struct TEH_RequestHandler *rh,
struct TEH_KeyStateHandle *ksh;
const struct KeysResponseData *krd;
- ksh = TEH_get_key_state ();
+ ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
return suspend_request (connection);
diff --git a/src/exchange/taler-exchange-httpd_keys.h
b/src/exchange/taler-exchange-httpd_keys.h
index 54dc8c73..3a72c1c2 100644
--- a/src/exchange/taler-exchange-httpd_keys.h
+++ b/src/exchange/taler-exchange-httpd_keys.h
@@ -101,13 +101,13 @@ struct TEH_KeyStateHandle;
* state if we have reason to believe that something changed.
*
* The result is ONLY valid until the next call to
- * #TEH_keys_denomination_by_hash() or #TEH_get_key_state()
+ * #TEH_keys_denomination_by_hash() or #TEH_keys_get_state()
* or #TEH_keys_exchange_sign().
*
* @return NULL on error
*/
struct TEH_KeyStateHandle *
-TEH_get_key_state (void);
+TEH_keys_get_state (void);
/**
@@ -117,7 +117,7 @@ TEH_get_key_state (void);
*
* (We do not do so immediately, but merely signal to all threads that they
* need to rebuild their key state upon the next call to
- * #TEH_get_key_state()).
+ * #TEH_keys_get_state()).
*/
void
TEH_keys_update_states (void);
@@ -128,7 +128,6 @@ TEH_keys_update_states (void);
* must only be used in this thread and only until another key or
* key state is resolved.
*
- * @param key_state state to look in
* @param h_denom_pub hash of denomination public key
* @param[out] ec set to the error code, in case the operation failed
* @param[out] hc set to the HTTP status code to use
@@ -145,9 +144,9 @@ TEH_keys_denomination_by_hash (const struct GNUNET_HashCode
*h_denom_pub,
* Look up the issue for a denom public key using a given @a ksh. This allows
* requesting multiple denominations with the same @a ksh which thus will
* remain valid until the next call to #TEH_keys_denomination_by_hash() or
- * #TEH_get_key_state() or #TEH_keys_exchange_sign().
+ * #TEH_keys_get_state() or #TEH_keys_exchange_sign().
*
- * @param key_state state to look in
+ * @param ksh key state state to look in
* @param h_denom_pub hash of denomination public key
* @param[out] ec set to the error code, in case the operation failed
* @param[out] hc set to the HTTP status code to use
@@ -231,6 +230,7 @@ TEH_keys_exchange_sign_ (
* number of bytes of the data structure, including its header. Use
* #TEH_keys_exchange_sign() instead of calling this function directly!
*
+ * @param ksh key state state to look in
* @param purpose the message to sign
* @param[out] pub set to the current public signing key of the exchange
* @param[out] sig signature over purpose using current signing key
@@ -281,7 +281,7 @@ TEH_keys_exchange_sign2_ (
*
* This allows requesting multiple denominations with the same @a ksh which
* thus will remain valid until the next call to
- * #TEH_keys_denomination_by_hash() or #TEH_get_key_state() or
+ * #TEH_keys_denomination_by_hash() or #TEH_keys_get_state() or
* #TEH_keys_exchange_sign().
*
* @param ksh key state to use
diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c
b/src/exchange/taler-exchange-httpd_refreshes_reveal.c
index 9533ad53..930de082 100644
--- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c
+++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c
@@ -548,7 +548,7 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
struct TEH_KeyStateHandle *ksh;
struct GNUNET_TIME_Absolute now;
- ksh = TEH_get_key_state ();
+ ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
return TALER_MHD_reply_with_error (connection,
diff --git a/src/exchange/taler-exchange-httpd_wire.h
b/src/exchange/taler-exchange-httpd_wire.h
index b07bfcfb..75094f5a 100644
--- a/src/exchange/taler-exchange-httpd_wire.h
+++ b/src/exchange/taler-exchange-httpd_wire.h
@@ -49,7 +49,7 @@ TEH_WIRE_done (void);
*
* (We do not do so immediately, but merely signal to all threads that they
* need to rebuild their wire state upon the next call to
- * #wire_get_state()).
+ * #TEH_handler_wire()).
*/
void
TEH_wire_update_state (void);
diff --git a/src/exchangedb/exchangedb.conf b/src/exchangedb/exchangedb.conf
index 6853b8d1..77748bf5 100644
--- a/src/exchangedb/exchangedb.conf
+++ b/src/exchangedb/exchangedb.conf
@@ -26,11 +26,3 @@ IDLE_RESERVE_EXPIRATION_TIME = 4 weeks
# After how long do we forget about reserves? Should be above
# the legal expiration timeframe of withdrawn coins.
LEGAL_RESERVE_EXPIRATION_TIME = 7 years
-
-
-# How long should generated coins overlap in their validity
-# periods. Should be long enough to avoid problems with
-# wallets picking one key and then due to network latency
-# another key being valid. The DURATION_WITHDRAW period
-# must be longer than this value.
-DURATION_OVERLAP = 5 minutes
\ No newline at end of file
diff --git a/src/exchangedb/plugin_exchangedb_postgres.c
b/src/exchangedb/plugin_exchangedb_postgres.c
index f71a6773..0e5ded47 100644
--- a/src/exchangedb/plugin_exchangedb_postgres.c
+++ b/src/exchangedb/plugin_exchangedb_postgres.c
@@ -2186,7 +2186,7 @@ struct SignkeysIteratorContext
/**
- * Helper function for #postgres_active_signkeys().
+ * Helper function for #postgres_iterate_active_signkeys().
* Calls the callback with each signkey.
*
* @param cls a `struct SignkeysIteratorContext`
@@ -2294,7 +2294,7 @@ struct AuditorsIteratorContext
/**
- * Helper function for #postgres_active_auditors().
+ * Helper function for #postgres_iterate_active_auditors().
* Calls the callback with each auditor.
*
* @param cls a `struct SignkeysIteratorContext`
@@ -5226,7 +5226,6 @@ postgres_get_coin_transactions (
*tlp = chc.head;
if (NULL == chc.head)
return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;
- GNUNET_break (chc.have_deposit_or_melt);
return GNUNET_DB_STATUS_SUCCESS_ONE_RESULT;
}
@@ -8519,15 +8518,13 @@ postgres_lookup_denomination_key (
/**
- * Activate future denomination key, turning it into a "current" or "valid"
- * denomination key by adding the master signature. Deletes the
- * denomination key from the 'future' table an inserts the data into the
- * main denominations table. Because this function will trigger multiple SQL
- * statements, it must be run within a transaction.
+ * Activate denomination key, turning it into a "current" or "valid"
+ * denomination key by adding the master signature.
*
* @param cls closure
* @param session a session
* @param h_denom_pub hash of the denomination public key
+ * @param denom_pub the actual denomination key
* @param meta meta data about the denomination
* @param master_pub master public key
* @param master_sig master signature to add
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 2154479a..70e49697 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -463,7 +463,7 @@ struct TALER_TrackTransferDetails
* #GNUNET_NO if it is invalid
* #GNUNET_SYSERR if an internal error occurred
*/
-int
+enum GNUNET_GenericReturnValue
TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info,
const struct TALER_DenominationPublicKey *denom_pub);
@@ -650,7 +650,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP
*ps);
* other withdraw operations
* @return #GNUNET_OK on success
*/
-int
+enum GNUNET_GenericReturnValue
TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
const struct TALER_PlanchetSecretsP *ps,
struct GNUNET_HashCode *c_hash,
@@ -668,7 +668,7 @@ TALER_planchet_prepare (const struct
TALER_DenominationPublicKey *dk,
* @param[out] coin set to the details of the fresh coin
* @return #GNUNET_OK on success
*/
-int
+enum GNUNET_GenericReturnValue
TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
const struct GNUNET_CRYPTO_RsaSignature *blind_sig,
const struct TALER_PlanchetSecretsP *ps,
@@ -1081,7 +1081,7 @@ TALER_exchange_offline_auditor_add_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_auditor_add_verify (
const struct TALER_AuditorPublicKeyP *auditor_pub,
const char *auditor_url,
@@ -1115,7 +1115,7 @@ TALER_exchange_offline_auditor_del_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_auditor_del_verify (
const struct TALER_AuditorPublicKeyP *auditor_pub,
struct GNUNET_TIME_Absolute end_date,
@@ -1145,7 +1145,7 @@ TALER_exchange_offline_denomination_revoke_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_denomination_revoke_verify (
const struct GNUNET_HashCode *h_denom_pub,
const struct TALER_MasterPublicKeyP *master_pub,
@@ -1174,7 +1174,7 @@ TALER_exchange_offline_signkey_revoke_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_signkey_revoke_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
const struct TALER_MasterPublicKeyP *master_pub,
@@ -1212,7 +1212,7 @@ TALER_exchange_offline_signkey_validity_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_signkey_validity_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
struct GNUNET_TIME_Absolute start_sign,
@@ -1271,7 +1271,7 @@ TALER_exchange_offline_denom_validity_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_denom_validity_verify (
const struct GNUNET_HashCode *h_denom_pub,
struct GNUNET_TIME_Absolute stamp_start,
@@ -1315,7 +1315,7 @@ TALER_exchange_secmod_eddsa_sign (
* @param secm_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_secmod_eddsa_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
struct GNUNET_TIME_Absolute start_sign,
@@ -1347,7 +1347,7 @@ TALER_exchange_secmod_rsa_sign (
/**
* Verify security module RSA signature.
*
- * @param h_ednom_pub hash of the public key to validate
+ * @param h_denom_pub hash of the public key to validate
* @param section_name name of the section in the configuration
* @param start_sign starting point of validity for signing
* @param duration how long will the key be in use
@@ -1355,7 +1355,7 @@ TALER_exchange_secmod_rsa_sign (
* @param secm_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_secmod_rsa_verify (
const struct GNUNET_HashCode *h_denom_pub,
const char *section_name,
@@ -1420,7 +1420,7 @@ TALER_auditor_denom_validity_sign (
* @param auditor_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_auditor_denom_validity_verify (
const char *auditor_url,
const struct GNUNET_HashCode *h_denom_pub,
@@ -1475,7 +1475,7 @@ TALER_exchange_offline_wire_fee_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_fee_verify (
const char *payment_method,
struct GNUNET_TIME_Absolute start_time,
@@ -1511,7 +1511,7 @@ TALER_exchange_offline_wire_add_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_add_verify (
const char *payto_uri,
struct GNUNET_TIME_Absolute sign_time,
@@ -1544,7 +1544,7 @@ TALER_exchange_offline_wire_del_sign (
* @param master_sig the signature the signature
* @return #GNUNET_OK if the signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_del_verify (
const char *payto_uri,
struct GNUNET_TIME_Absolute sign_time,
@@ -1572,7 +1572,7 @@ TALER_exchange_wire_signature_hash (const char *payto_uri,
* @param master_sig signature of the exchange
* @return #GNUNET_OK if signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_wire_signature_check (
const char *payto_uri,
const struct TALER_MasterPublicKeyP *master_pub,
@@ -1617,7 +1617,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri,
* @param merch_sig signature of the merchant
* @return #GNUNET_OK if signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_merchant_wire_signature_check (
const char *payto_uri,
const char *salt,
@@ -1645,13 +1645,13 @@ TALER_merchant_wire_signature_make (
* Blinds the given message with the given blinding key
*
* @param hash hash of the message to sign
- * @param bkey the blinding key
+ * @param bks the blinding key
* @param pkey the public key of the signer
* @param[out] buf set to a buffer with the blinded message to be signed
* @param[out] buf_size number of bytes stored in @a buf
* @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious
*/
-int
+enum GNUNET_GenericReturnValue
TALER_rsa_blind (const struct GNUNET_HashCode *hash,
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
struct GNUNET_CRYPTO_RsaPublicKey *pkey,
@@ -1661,8 +1661,8 @@ TALER_rsa_blind (const struct GNUNET_HashCode *hash,
/**
* Unblind a blind-signed signature. The signature should have been generated
- * with #GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with
- * #GNUNET_CRYPTO_rsa_blind().
+ * with GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with
+ * GNUNET_CRYPTO_rsa_blind().
*
* @param sig the signature made on the blinded signature purpose
* @param bks the blinding key secret used to blind the signature purpose
diff --git a/src/include/taler_exchange_service.h
b/src/include/taler_exchange_service.h
index 5691e58d..557348dd 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -472,26 +472,6 @@ const struct TALER_EXCHANGE_Keys *
TALER_EXCHANGE_get_keys (struct TALER_EXCHANGE_Handle *exchange);
-/**
- * Set the fake now to be used when requesting "/keys".
- *
- * @param exchange exchange handle.
- * @param now fake now to use. Note: this value will be
- * used _until_ its use will be unset via @a TALER_EXCHANGE_unset_now()
- */
-void
-TALER_EXCHANGE_set_now (struct TALER_EXCHANGE_Handle *exchange,
- struct GNUNET_TIME_Absolute now);
-
-/**
- * Unset the fake now to be used when requesting "/keys".
- *
- * @param exchange exchange handle.
- */
-void
-TALER_EXCHANGE_unset_now (struct TALER_EXCHANGE_Handle *exchange);
-
-
/**
* Let the user set the last valid denomination time manually.
*
diff --git a/src/include/taler_testing_lib.h b/src/include/taler_testing_lib.h
index 0900fac9..fdc1e9bc 100644
--- a/src/include/taler_testing_lib.h
+++ b/src/include/taler_testing_lib.h
@@ -1808,15 +1808,17 @@ TALER_TESTING_cmd_check_keys_pull_all_keys (const char
*label,
* of downloads is less than @a generation, the logic will
* first make sure that @a generation downloads are done,
* and _then_ execute the rest of the command.
- * @param last_denom_date date to be set in the "last_denom_issue"
- * URL parameter of /keys.
+ * @param last_denom_date_ref previous /keys command to use to
+ * obtain the "last_denom_date" value from; "zero" can be used
+ * as a special value to force an absolute time of zero to be
+ * given to as an argument
* @return the command.
*/
struct TALER_TESTING_Command
TALER_TESTING_cmd_check_keys_with_last_denom (
const char *label,
unsigned int generation,
- struct GNUNET_TIME_Absolute last_denom_date);
+ const char *last_denom_date_ref);
/**
diff --git a/src/lib/exchange_api_handle.c b/src/lib/exchange_api_handle.c
index 3d386e09..49af08b1 100644
--- a/src/lib/exchange_api_handle.c
+++ b/src/lib/exchange_api_handle.c
@@ -215,17 +215,6 @@ struct TALER_EXCHANGE_Handle
*/
enum ExchangeHandleState state;
- /**
- * If #GNUNET_YES, use fake now given by the user, in
- * request of "/keys".
- */
- int with_now;
-
- /**
- * Fake now given by the user.
- */
- struct GNUNET_TIME_Absolute now;
-
};
@@ -1044,12 +1033,12 @@ decode_keys_json (const json_t *resp_obj,
if (check_sig)
{
- struct TALER_ExchangeKeySetPS ks;
+ struct TALER_ExchangeKeySetPS ks = {
+ .purpose.size = htonl (sizeof (ks)),
+ .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_KEY_SET),
+ .list_issue_date = GNUNET_TIME_absolute_hton (key_data->list_issue_date)
+ };
- /* Validate signature... */
- ks.purpose.size = htonl (sizeof (ks));
- ks.purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_KEY_SET);
- ks.list_issue_date = GNUNET_TIME_absolute_hton (key_data->list_issue_date);
GNUNET_CRYPTO_hash_context_finish (hash_context,
&ks.hc);
hash_context = NULL;
@@ -1114,34 +1103,6 @@ static void
request_keys (void *cls);
-/**
- * Set the fake now to be used when requesting "/keys".
- *
- * @param exchange exchange handle.
- * @param now fake now to use. Note: this value will be
- * used _until_ its use will be unset via @a TALER_EXCHANGE_unset_now()
- */
-void
-TALER_EXCHANGE_set_now (struct TALER_EXCHANGE_Handle *exchange,
- struct GNUNET_TIME_Absolute now)
-{
- exchange->with_now = GNUNET_YES;
- exchange->now = now;
-}
-
-
-/**
- * Unset the fake now to be used when requesting "/keys".
- *
- * @param exchange exchange handle.
- */
-void
-TALER_EXCHANGE_unset_now (struct TALER_EXCHANGE_Handle *exchange)
-{
- exchange->with_now = GNUNET_NO;
-}
-
-
/**
* Let the user set the last valid denomination time manually.
*
@@ -1940,15 +1901,6 @@ request_keys (void *cls)
/ 1000000LLU);
}
- if (GNUNET_YES == exchange->with_now)
- {
- TALER_LOG_DEBUG ("Faking now to GET /keys: %s\n",
- GNUNET_STRINGS_absolute_time_to_string (exchange->now));
- sprintf (&url[strlen (url)],
- "now=%llu&",
- (unsigned long long) exchange->now.abs_value_us / 1000000LLU);
- }
-
/* Clean the last '&'/'?' sign that we optimistically put. */
url[strlen (url) - 1] = '\0';
kr->url = TEAH_path_to_url (exchange,
diff --git a/src/lib/exchange_api_wire.c b/src/lib/exchange_api_wire.c
index f70c0086..8534d54c 100644
--- a/src/lib/exchange_api_wire.c
+++ b/src/lib/exchange_api_wire.c
@@ -129,7 +129,6 @@ parse_fees (json_t *fees)
if (0 == (len = json_array_size (fee_array)))
{
- GNUNET_break_op (0);
GNUNET_free (fe);
continue; /* skip */
}
diff --git a/src/testing/Makefile.am b/src/testing/Makefile.am
index 34b86ebf..dfea5407 100644
--- a/src/testing/Makefile.am
+++ b/src/testing/Makefile.am
@@ -130,6 +130,7 @@ check_PROGRAMS = \
test_bank_api_with_pybank \
test_bank_api_with_nexus \
test_exchange_api \
+ test_exchange_api_keys_cherry_picking \
test_exchange_api_revocation \
test_exchange_api_overlapping_keys_bug \
test_exchange_management_api \
@@ -142,8 +143,6 @@ if HAVE_TWISTER
test_bank_api_with_pybank_twisted
endif
-# test_exchange_api_keys_cherry_picking disabled for now:
-# needs to be rewritten as we no longer support /keys timetravel!
TESTS = \
@@ -373,8 +372,6 @@ EXTRA_DIST = \
test_exchange_api.conf \
test_exchange_api_twisted.conf \
test_exchange_api_keys_cherry_picking.conf \
- test_exchange_api_keys_cherry_picking_extended.conf \
- test_exchange_api_keys_cherry_picking_extended_2.conf \
test_exchange_api_expire_reserve_now.conf \
test-taler-exchange-aggregator-postgres.conf \
test-taler-exchange-wirewatch-postgres.conf
diff --git a/src/testing/test-taler-exchange-aggregator-postgres.conf
b/src/testing/test-taler-exchange-aggregator-postgres.conf
index a6981dc3..f3a6dfe4 100644
--- a/src/testing/test-taler-exchange-aggregator-postgres.conf
+++ b/src/testing/test-taler-exchange-aggregator-postgres.conf
@@ -21,8 +21,6 @@ MASTER_PUBLIC_KEY =
98NJW3CQHZQGQXTY3K85K531XKPAPAVV4Q5V8PYYRR00NJGZWNVG
# the tracking API.
BASE_URL = "http://localhost:8081/";
-SIGNKEY_LEGAL_DURATION = 2 years
-
[auditor]
BASE_URL = "http://auditor.example.com/";
diff --git a/src/testing/test-taler-exchange-wirewatch-postgres.conf
b/src/testing/test-taler-exchange-wirewatch-postgres.conf
index afa1f34f..8dfd3858 100644
--- a/src/testing/test-taler-exchange-wirewatch-postgres.conf
+++ b/src/testing/test-taler-exchange-wirewatch-postgres.conf
@@ -20,8 +20,6 @@ MASTER_PUBLIC_KEY =
98NJW3CQHZQGQXTY3K85K531XKPAPAVV4Q5V8PYYRR00NJGZWNVG
# Expected base URL of the exchange.
BASE_URL = "http://localhost:8081/";
-signkey_legal_duration = 2 years
-
[exchangedb]
# After how long do we close idle reserves? The exchange
# and the auditor must agree on this value. We currently
@@ -51,7 +49,6 @@ PORT = 8083
# What is the account URL?
PAYTO_URI = "payto://x-taler-bank/localhost/2"
WIRE_GATEWAY_URL = "http://localhost:8082/2/";
-
WIRE_GATEWAY_AUTH_METHOD = basic
USERNAME = Exchange
PASSWORD = x
diff --git a/src/testing/test_auditor_api.conf
b/src/testing/test_auditor_api.conf
index 294381d4..a0304452 100644
--- a/src/testing/test_auditor_api.conf
+++ b/src/testing/test_auditor_api.conf
@@ -20,13 +20,6 @@ TINY_AMOUNT = EUR:0.01
[exchange]
-# how long is one signkey valid?
-signkey_duration = 4 weeks
-
-# how long are the signatures with the signkey valid?
-legal_duration = 2 years
-signkey_legal_duration = 2 years
-
# HTTP port the exchange listens to
PORT = 8081
@@ -40,9 +33,6 @@ DB = postgres
# exchange (or the twister) is actually listening.
BASE_URL = "http://localhost:8081/";
-# Keep it short so the test runs fast.
-LOOKAHEAD_SIGN = 12 h
-
[exchangedb-postgres]
CONFIG = "postgres:///talercheck"
@@ -51,10 +41,7 @@ CONFIG = "postgres:///talercheck"
# Sections starting with "exchange-account-" configure the bank accounts
# of the exchange. The "URL" specifies the account in
-# payto://-format, while the WIRE_JSON specifies the
-# (possibly offline) signed version to be returned in /wire.
-# WIRE_JSON is optional, as not all accounts must be
-# advertised in /wire.
+# payto://-format.
[exchange-account-1]
# What is the URL of our account?
PAYTO_URI = "payto://x-taler-bank/localhost/42"
diff --git a/src/testing/test_exchange_api.conf
b/src/testing/test_exchange_api.conf
index a461620d..614aaed1 100644
--- a/src/testing/test_exchange_api.conf
+++ b/src/testing/test_exchange_api.conf
@@ -24,17 +24,6 @@ PRIVACY_ETAG = 0
TERMS_DIR = /home/grothoff/share/taler-exchange/tos/
PRIVACY_DIR = /home/grothoff/share/taler-exchange/pp/
-# how long is one signkey valid?
-signkey_duration = 4 weeks
-
-# how long are the signatures with the signkey valid?
-legal_duration = 2 years
-signkey_legal_duration = 2 years
-
-# how long do we provide to clients denomination and signing keys
-# ahead of time?
-lookahead_provide = 4 weeks 1 day
-
# HTTP port the exchange listens to
PORT = 8081
@@ -48,44 +37,29 @@ DB = postgres
# exchange (or the twister) is actually listening.
BASE_URL = "http://localhost:8081/";
-# Keep it short so the test runs fast.
-LOOKAHEAD_SIGN = 12 h
-
-
[exchangedb-postgres]
CONFIG = "postgres:///talercheck"
-
[auditordb-postgres]
CONFIG = "postgres:///talercheck"
# Sections starting with "exchange-account-" configure the bank accounts
# of the exchange. The "URL" specifies the account in
-# payto://-format, while the WIRE_JSON specifies the
-# (possibly offline) signed version to be returned in /wire.
-# WIRE_JSON is optional, as not all accounts must be
-# advertised in /wire.
+# payto://-format.
[exchange-account-1]
# What is the URL of our account?
PAYTO_URI = "payto://x-taler-bank/localhost/42"
-
WIRE_GATEWAY_URL = "http://localhost:9081/42/";
-
# ENABLE_CREDIT = YES
-
[exchange-account-2]
# What is the bank account (with the "Taler Bank" demo system)?
PAYTO_URI = "payto://x-taler-bank/localhost/2"
-
WIRE_GATEWAY_AUTH_METHOD = basic
USERNAME = Exchange
PASSWORD = x
-
WIRE_GATEWAY_URL = "http://localhost:9081/2/";
-
ENABLE_DEBIT = YES
-
ENABLE_CREDIT = YES
[bank]
diff --git a/src/testing/test_exchange_api_keys_cherry_picking.c
b/src/testing/test_exchange_api_keys_cherry_picking.c
index 588ef752..e79bc2c5 100644
--- a/src/testing/test_exchange_api_keys_cherry_picking.c
+++ b/src/testing/test_exchange_api_keys_cherry_picking.c
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- Copyright (C) 2018 Taler Systems SA
+ Copyright (C) 2020 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as pub
@@ -41,49 +41,6 @@ lished
*/
#define CONFIG_FILE "test_exchange_api_keys_cherry_picking.conf"
-/**
- * Used to increase the number of denomination keys.
- */
-#define CONFIG_FILE_EXTENDED \
- "test_exchange_api_keys_cherry_picking_extended.conf"
-
-/**
- * Used to increase the number of denomination keys.
- */
-#define CONFIG_FILE_EXTENDED_2 \
- "test_exchange_api_keys_cherry_picking_extended_2.conf"
-
-
-#define NDKS_RIGHT_BEFORE_SERIALIZATION 40
-
-/**
- * Add seconds.
- *
- * @param base absolute time to add seconds to.
- * @param relative number of seconds to add.
- * @return a new absolute time, modified according to @e relative.
- */
-#define ADDSECS(base, secs) \
- GNUNET_TIME_absolute_add \
- (base, \
- GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, \
- secs))
-
-/**
- * Subtract seconds.
- *
- * @param base absolute time to subtract seconds to.
- * @param secs relative number of _seconds_ to subtract.
- * @return a new absolute time, modified according to @e relative.
- */
-#define SUBSECS(base, secs) \
- GNUNET_TIME_absolute_subtract \
- (base, \
- GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, \
- secs))
-#define JAN1971 "1971-01-01"
-#define JAN2030 "2030-01-01"
-
/**
* Exchange configuration data.
*/
@@ -91,26 +48,7 @@ static struct TALER_TESTING_ExchangeConfiguration ec;
/**
- * Wrapper around the time parser.
- *
- * @param str human-readable time string.
- * @return the parsed time from @a str.
- */
-static struct GNUNET_TIME_Absolute
-TTH_parse_time (const char *str)
-{
- struct GNUNET_TIME_Absolute ret;
-
- GNUNET_assert
- (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_absolute (str,
- &ret));
- return ret;
-}
-
-
-/**
- * Main function that will tell the interpreter what commands to
- * run.
+ * Main function that will tell the interpreter what commands to run.
*
* @param cls closure
* @param is[in,out] interpreter state
@@ -119,92 +57,6 @@ static void
run (void *cls,
struct TALER_TESTING_Interpreter *is)
{
- struct TALER_TESTING_Command keys_serialization[] = {
- TALER_TESTING_cmd_serialize_keys
- ("serialize-keys"),
- TALER_TESTING_cmd_connect_with_state
- ("reconnect-with-state",
- "serialize-keys"),
- /**
- * Make sure we have the same keys situation as
- * it was before the serialization.
- */
- TALER_TESTING_cmd_check_keys_with_now (
- "check-keys-after-deserialization",
- 4,
- NDKS_RIGHT_BEFORE_SERIALIZATION,
- /**
- * Pretend 5 seconds passed.
- */
- ADDSECS (TTH_parse_time (JAN2030),
- 5)),
- /**
- * Use one of the deserialized keys.
- */
- TALER_TESTING_cmd_wire
- ("verify-/wire-with-serialized-keys",
- "x-taler-bank",
- NULL,
- MHD_HTTP_OK),
- TALER_TESTING_cmd_end (),
- };
-
- struct TALER_TESTING_Command ordinary_cherry_pick[] = {
- /**
- * 1 DK with 80s withdraw duration, lookahead_sign is 60s
- * => expect 1 DK.
- */
- TALER_TESTING_cmd_check_keys ("check-keys-1",
- 1, /* generation */
- 1),
- /**
- * The far-future now will cause "keyup" to start a fresh
- * key set. The new KS will have only one key, because the
- * current lookahead_sign == 60 seconds and the key's withdraw
- * duration is 80 seconds.
- *///
- TALER_TESTING_cmd_exec_keyup_with_now ("keyup-1",
- CONFIG_FILE,
- TTH_parse_time (JAN2030)),
- /**
- * Should return 1 new key, + the original one. NOTE: the
- * original DK will never be 'cancelled' as for the current
- * libtalerexchange logic, so it must always be counted.
- *///
- TALER_TESTING_cmd_check_keys_with_now ("check-keys-2",
- 2, /* generation */
- 2,
- TTH_parse_time (JAN2030)),
- TALER_TESTING_cmd_exec_keyup_with_now
- ("keyup-3",
- CONFIG_FILE_EXTENDED_2,
- /* Taking care of not using a 'now' that equals the
- * last DK timestamp, otherwise it would get silently
- * overridden. */
- ADDSECS (TTH_parse_time (JAN2030),
- 10)),
- /**
- * Expected number of DK:
- *
- * 3000 (the lookahead_sign time frame, in seconds)
- * - 69 (how many seconds are covered by the latest DK, 79s - 10s already
past)
- * ----
- * 2931
- * / 79 (how many seconds each DK will cover, 80-1)
- * ----
- * 38 (rounded up)
- * + 2 (old DKs already stored locally: 1 from the
- * very initial setup, and 1 from the 'keyup-1' CMD)
- * ----
- * 40
- *///
- TALER_TESTING_cmd_check_keys_with_now (
- "check-keys-3",
- 3 /* generation */,
- NDKS_RIGHT_BEFORE_SERIALIZATION,
- TTH_parse_time (JAN2030)),
- TALER_TESTING_cmd_end ()
- };
struct TALER_TESTING_Command commands[] = {
TALER_TESTING_cmd_auditor_add ("add-auditor-OK",
MHD_HTTP_NO_CONTENT,
@@ -213,15 +65,37 @@ run (void *cls,
"payto://x-taler-bank/localhost/2",
MHD_HTTP_NO_CONTENT,
false),
+ TALER_TESTING_cmd_exec_offline_sign_fees ("offline-sign-fees",
+ CONFIG_FILE,
+ "EUR:0.01",
+ "EUR:0.01"),
TALER_TESTING_cmd_exec_offline_sign_keys ("offline-sign-future-keys",
CONFIG_FILE),
- TALER_TESTING_cmd_check_keys_pull_all_keys ("refetch /keys",
- 1,
- 1 /* FIXME: wrong number...
*/),
- TALER_TESTING_cmd_batch ("ordinary-cherry-pick",
- ordinary_cherry_pick),
- TALER_TESTING_cmd_batch ("keys-serialization",
- keys_serialization),
+ TALER_TESTING_cmd_check_keys_pull_all_keys ("initial-/keys",
+ 1),
+ TALER_TESTING_cmd_sleep ("sleep",
+ 6 /* seconds */),
+ TALER_TESTING_cmd_check_keys ("check-keys-1",
+ 2 /* generation */),
+ TALER_TESTING_cmd_check_keys_with_last_denom ("check-keys-2",
+ 3 /* generation */,
+ "check-keys-1"),
+ TALER_TESTING_cmd_serialize_keys ("serialize-keys"),
+ TALER_TESTING_cmd_connect_with_state ("reconnect-with-state",
+ "serialize-keys"),
+ /**
+ * Make sure we have the same keys situation as
+ * it was before the serialization.
+ */
+ TALER_TESTING_cmd_check_keys ("check-keys-after-deserialization",
+ 4),
+ /**
+ * Use one of the deserialized keys.
+ */
+ TALER_TESTING_cmd_wire ("wire-with-serialized-keys",
+ "x-taler-bank",
+ NULL,
+ MHD_HTTP_OK),
TALER_TESTING_cmd_end ()
};
diff --git a/src/testing/test_exchange_api_keys_cherry_picking.conf
b/src/testing/test_exchange_api_keys_cherry_picking.conf
index 1ce82bd4..74c64e24 100644
--- a/src/testing/test_exchange_api_keys_cherry_picking.conf
+++ b/src/testing/test_exchange_api_keys_cherry_picking.conf
@@ -24,25 +24,6 @@ BASE_URL = "http://localhost:8083/";
PORT = 8083
[exchange]
-
-# how long is one signkey valid?
-signkey_duration = 5 seconds
-
-# how long are the signatures with the signkey valid?
-legal_duration = 2 years
-signkey_legal_duration = 2 years
-
-# This value causes keys to be *RETURNED* in a /keys response.
-# It's a relative time that materializes always in now+itsvalue.
-# We keep it very high, so as to not introduce divergencies between
-# keys that have been created and keys that are returned along /keys.
-lookahead_provide = 10000 seconds
-
-# This value causes keys to be *CREATED*. The rule is that
-# at any given time there are always N keys whose all the withdraw
-# durations sum up to a time window as big as lookahead_sign.
-lookahead_sign = 60 s
-
# HTTP port the exchange listens to
PORT = 8081
@@ -63,48 +44,38 @@ CONFIG = "postgres:///talercheck"
[auditordb-postgres]
CONFIG = "postgres:///talercheck"
-
[exchange-account-1]
-# This is the response we give out for the /wire request. It provides
-# wallets with the bank information for transfers to the exchange.
-WIRE_RESPONSE = ${TALER_CONFIG_HOME}/iban.json
-
-# What is the URL of our bank account? Must match WIRE_RESPONSE above!
PAYTO_URI = payto://x-taler-bank/localhost/42
-
WIRE_GATEWAY_URL = "http://localhost:9082/42/";
-
[exchange-account-2]
-# This is the response we give out for the /wire request. It provides
-# wallets with the bank information for transfers to the exchange.
-WIRE_RESPONSE = ${TALER_CONFIG_HOME}/x-taler-bank.json
-
-# What is the URL of our bank account? Must match WIRE_RESPONSE above!
PAYTO_URI = payto://x-taler-bank/localhost/2
-
WIRE_GATEWAY_URL = "http://localhost:9082/2/";
# Authentication information for basic authentication
TALER_BANK_AUTH_METHOD = "basic"
USERNAME = user
PASSWORD = pass
-
ENABLE_DEBIT = YES
-
ENABLE_CREDIT = YES
[bank]
HTTP_PORT=8082
-[exchangedb]
-duration_overlap = 1 s
+[taler-helper-crypto-rsa]
+OVERLAP_DURATION = 1 s
+LOOKAHEAD_SIGN = 20 s
+
+[taler-helper-crypto-eddsa]
+OVERLAP_DURATION = 1 s
+DURATION = 30 s
+LOOKAHEAD_SIGN = 20 s
[coin_eur_1]
value = EUR:1
-duration_withdraw = 80 s
-duration_spend = 80 s
-duration_legal = 60 s
+duration_withdraw = 5 s
+duration_spend = 6 s
+duration_legal = 7 s
fee_withdraw = EUR:0.01
fee_deposit = EUR:0.01
fee_refresh = EUR:0.03
diff --git a/src/testing/test_exchange_api_overlapping_keys_bug.c
b/src/testing/test_exchange_api_overlapping_keys_bug.c
index 86f75f93..27d4c680 100644
--- a/src/testing/test_exchange_api_overlapping_keys_bug.c
+++ b/src/testing/test_exchange_api_overlapping_keys_bug.c
@@ -87,7 +87,7 @@ run (void *cls,
/* Causes GET /keys?last_denom_issue=0 */
TALER_TESTING_cmd_check_keys_with_last_denom ("second-download",
1,
- GNUNET_TIME_UNIT_ZERO_ABS),
+ "zero"),
TALER_TESTING_cmd_end ()
};
diff --git a/src/testing/test_exchange_api_twisted.conf
b/src/testing/test_exchange_api_twisted.conf
index 4c7e0ce6..378ee61a 100644
--- a/src/testing/test_exchange_api_twisted.conf
+++ b/src/testing/test_exchange_api_twisted.conf
@@ -9,21 +9,6 @@ CURRENCY = EUR
CURRENCY_ROUND_UNIT = EUR:0.01
[exchange]
-
-# how long is one signkey valid?
-SIGNKEY_DURATION = 4 weeks
-
-# how long are the signatures with the signkey valid?
-LEGAL_DURATION = 2 years
-signkey_legal_duration = 2 years
-
-# how long do we provide to clients denomination and signing keys
-# ahead of time?
-LOOKAHEAD_PROVIDE = 4 weeks 1 day
-
-# Keep it short so the test runs fast.
-LOOKAHEAD_SIGN = 12 h
-
# HTTP port the exchange listens to
PORT = 8081
@@ -40,29 +25,22 @@ DB = postgres
# only seeks the exchange/BASE_URL URL to connect to the exchange.
BASE_URL = "http://localhost:8888/";
-
[exchangedb-postgres]
CONFIG = "postgres:///talercheck"
-
[auditor]
BASE_URL = "http://localhost:8083/";
-
PORT = 8083
-
[auditordb-postgres]
CONFIG = "postgres:///talercheck"
[exchange-account-1]
# What is the URL of our account?
PAYTO_URI = "payto://x-taler-bank/localhost/42"
-# This is the response we give out for the /wire request. It provides
-# wallets with the bank information for transfers to the exchange.
WIRE_GATEWAY_URL = "http://localhost:9081/42/";
WIRE_GATEWAY_AUTH_METHOD = NONE
-
[exchange-account-2]
PAYTO_URI = payto://x-taler-bank/localhost/2
WIRE_GATEWAY_URL = "http://localhost:8082/2/";
@@ -72,11 +50,9 @@ PASSWORD = pass
ENABLE_DEBIT = YES
ENABLE_CREDIT = YES
-
[bank]
HTTP_PORT = 8082
-
[twister]
# HTTP listen port for twister
HTTP_PORT = 8888
diff --git a/src/testing/testing_api_cmd_check_keys.c
b/src/testing/testing_api_cmd_check_keys.c
index bdf142dd..5645bb9b 100644
--- a/src/testing/testing_api_cmd_check_keys.c
+++ b/src/testing/testing_api_cmd_check_keys.c
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- (C) 2018 Taler Systems SA
+ (C) 2018, 2020 Taler Systems SA
TALER is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as
@@ -18,15 +18,9 @@
*/
/**
* @file testing/testing_api_cmd_check_keys.c
- * @brief Implementation of "check keys" test command. XXX-NOTE:
- * the number of 'expected keys' is NOT the number of the
- * downloaded keys, but rather the number of keys that the
- * libtalerutil library keeps locally. As for the current
- * design, keys are _never_ discarded by the library,
- * therefore their (expected) number is monotonically
- * ascending.
- *
+ * @brief Implementation of "check keys" test command.
* @author Marcello Stanisci
+ * @author Christian Grothoff
*/
#include "platform.h"
#include "taler_json_lib.h"
@@ -47,37 +41,21 @@ struct CheckKeysState
unsigned int generation;
/**
- * If this value is GNUNET_YES, then the "cherry
+ * If this value is true, then the "cherry
* picking" facility is turned off; whole /keys is
* downloaded.
*/
- unsigned int pull_all_keys;
-
- /**
- * If GNUNET_YES, then the user must specify the
- * last_denom_issue_date manually. This way, it is possible
- * to force whatever X value here (including 0): /keys?last_denom_issue=X.
- */
- unsigned int set_last_denom;
-
- /**
- * Value X to set as the URL parameter:
- * "/keys?last_denom_issue=X" is used only when `set_last_denom'
- * equals #GNUNET_YES.
- */
- struct GNUNET_TIME_Absolute last_denom_date;
+ bool pull_all_keys;
/**
- * If #GNUNET_YES, then we'll provide the "/keys" request.
- * with the "now" argument.
+ * Label of a command to use to derive the "last_denom_issue" date to use.
*/
- int with_now;
+ const char *last_denom_date_ref;
/**
- * Fake now as passed by the user.
+ * Last denomination date we received when doing this request.
*/
- struct GNUNET_TIME_Absolute now;
-
+ struct GNUNET_TIME_Absolute my_denom_date;
};
@@ -100,58 +78,74 @@ check_keys_run (void *cls,
cmd->label,
is->ip,
is->key_generation);
-
if (is->key_generation < cks->generation)
{
+ struct GNUNET_TIME_Absolute rdate;
+
is->working = GNUNET_NO;
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Triggering GET /keys, cmd `%s'\n",
cmd->label);
-
- if (GNUNET_YES == cks->set_last_denom)
+ if (NULL != cks->last_denom_date_ref)
{
- TALER_LOG_DEBUG ("Forcing last_denom_date URL argument\n");
- TALER_EXCHANGE_set_last_denom (is->exchange,
- cks->last_denom_date);
+ if (0 == strcmp ("zero",
+ cks->last_denom_date_ref))
+ {
+ TALER_LOG_DEBUG ("Forcing last_denom_date URL argument set to zero\n");
+ TALER_EXCHANGE_set_last_denom (is->exchange,
+ GNUNET_TIME_UNIT_ZERO_ABS);
+ }
+ else
+ {
+ const struct GNUNET_TIME_Absolute *last_denom_date;
+ const struct TALER_TESTING_Command *ref;
+
+ ref = TALER_TESTING_interpreter_lookup_command (is,
+
cks->last_denom_date_ref);
+ if (NULL == ref)
+ {
+ GNUNET_break (0);
+ TALER_TESTING_interpreter_fail (is);
+ return;
+ }
+ if (GNUNET_OK !=
+ TALER_TESTING_get_trait_absolute_time (ref,
+ 0,
+ &last_denom_date))
+ {
+ GNUNET_break (0);
+ TALER_TESTING_interpreter_fail (is);
+ return;
+ }
+
+ TALER_LOG_DEBUG ("Forcing last_denom_date URL argument\n");
+ TALER_EXCHANGE_set_last_denom (is->exchange,
+ *last_denom_date);
+ }
}
- if (GNUNET_YES == cks->with_now)
- TALER_EXCHANGE_set_now (is->exchange,
- cks->now);
+ rdate = TALER_EXCHANGE_check_keys_current (
+ is->exchange,
+ cks->pull_all_keys
+ ? TALER_EXCHANGE_CKF_FORCE_ALL_NOW
+ : TALER_EXCHANGE_CKF_FORCE_DOWNLOAD);
/* Redownload /keys. */
- GNUNET_break
- (0 == TALER_EXCHANGE_check_keys_current
- (is->exchange,
- cks->pull_all_keys
- ? TALER_EXCHANGE_CKF_FORCE_ALL_NOW
- : TALER_EXCHANGE_CKF_FORCE_DOWNLOAD).abs_value_us);
+ GNUNET_break (0 ==
+ rdate.abs_value_us);
return;
}
-
-#if 0
- /**
- * Not sure this check makes sense: GET /keys is performed on
- * a "maybe" basis, so it can get quite hard to track /keys
- * request. Rather, this CMD should just check if /keys was
- * requested AT LEAST n times before going ahead with checks.
- *///
- if (is->key_generation > cks->generation)
{
- /* We got /keys too often, strange. Fatal. May theoretically
- happen if somehow we were really unlucky and /keys expired
- "naturally", but obviously with a sane configuration this
- should also not be. */
- GNUNET_break (0);
- TALER_LOG_ERROR ("Acutal- vs expected key"
- " generation: %u vs %u\n",
- is->key_generation,
- cks->generation);
- TALER_TESTING_interpreter_fail (is);
- return;
+ const struct TALER_EXCHANGE_Keys *keys;
+
+ keys = TALER_EXCHANGE_get_keys (is->exchange);
+ if (NULL == keys)
+ {
+ GNUNET_break (0);
+ TALER_TESTING_interpreter_fail (is);
+ return;
+ }
+ cks->my_denom_date = keys->last_denom_issue_date;
}
-#endif
- /* Let's unset the fake now before moving on. */
- TALER_EXCHANGE_unset_now (is->exchange);
TALER_TESTING_interpreter_next (is);
}
@@ -173,28 +167,34 @@ check_keys_cleanup (void *cls,
}
-struct TALER_TESTING_Command
-TALER_TESTING_cmd_check_keys_with_last_denom (
- const char *label,
- unsigned int generation,
- struct GNUNET_TIME_Absolute last_denom_date)
+/**
+ * Offer internal data to a "check_keys" CMD state to other
+ * commands.
+ *
+ * @param cls closure
+ * @param[out] ret result (could be anything)
+ * @param trait name of the trait
+ * @param index index number of the object to offer.
+ * @return #GNUNET_OK on success
+ */
+static int
+check_keys_traits (void *cls,
+ const void **ret,
+ const char *trait,
+ unsigned int index)
{
- struct CheckKeysState *cks;
-
- cks = GNUNET_new (struct CheckKeysState);
- cks->generation = generation;
- cks->set_last_denom = GNUNET_YES;
- cks->last_denom_date = last_denom_date;
- {
- struct TALER_TESTING_Command cmd = {
- .cls = cks,
- .label = label,
- .run = &check_keys_run,
- .cleanup = &check_keys_cleanup
- };
-
- return cmd;
- }
+ struct CheckKeysState *cks = cls;
+ struct TALER_TESTING_Trait traits[] = {
+ /* history entry MUST be first due to response code logic below! */
+ TALER_TESTING_make_trait_absolute_time (0,
+ &cks->my_denom_date),
+ TALER_TESTING_trait_end ()
+ };
+
+ return TALER_TESTING_get_trait (traits,
+ ret,
+ trait,
+ index);
}
@@ -211,7 +211,8 @@ TALER_TESTING_cmd_check_keys (const char *label,
.cls = cks,
.label = label,
.run = &check_keys_run,
- .cleanup = &check_keys_cleanup
+ .cleanup = &check_keys_cleanup,
+ .traits = &check_keys_traits
};
return cmd;
@@ -223,21 +224,28 @@ struct TALER_TESTING_Command
TALER_TESTING_cmd_check_keys_pull_all_keys (const char *label,
unsigned int generation)
{
- struct CheckKeysState *cks;
+ struct TALER_TESTING_Command cmd
+ = TALER_TESTING_cmd_check_keys (label,
+ generation);
+ struct CheckKeysState *cks = cmd.cls;
- cks = GNUNET_new (struct CheckKeysState);
- cks->generation = generation;
- cks->pull_all_keys = GNUNET_YES;
- {
- struct TALER_TESTING_Command cmd = {
- .cls = cks,
- .label = label,
- .run = &check_keys_run,
- .cleanup = &check_keys_cleanup
- };
+ cks->pull_all_keys = true;
+ return cmd;
+}
- return cmd;
- }
+
+struct TALER_TESTING_Command
+TALER_TESTING_cmd_check_keys_with_last_denom (
+ const char *label,
+ unsigned int generation,
+ const char *last_denom_date_ref)
+{
+ struct TALER_TESTING_Command cmd
+ = TALER_TESTING_cmd_check_keys (label,
+ generation);
+ struct CheckKeysState *cks = cmd.cls;
+ cks->last_denom_date_ref = last_denom_date_ref;
+ return cmd;
}
diff --git a/src/util/auditor_signatures.c b/src/util/auditor_signatures.c
index 837b31c6..b41ce66a 100644
--- a/src/util/auditor_signatures.c
+++ b/src/util/auditor_signatures.c
@@ -70,7 +70,7 @@ TALER_auditor_denom_validity_sign (
}
-int
+enum GNUNET_GenericReturnValue
TALER_auditor_denom_validity_verify (
const char *auditor_url,
const struct GNUNET_HashCode *h_denom_pub,
diff --git a/src/util/crypto.c b/src/util/crypto.c
index dcff5fd2..4f084b19 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -26,9 +26,8 @@
#include <gcrypt.h>
/**
- * Should we use the RSA blind signing implementation
- * from libgnunetutil? The blinding only works
- * correctly with a current version of libgnunetutil.
+ * Should we use the RSA blind signing implementation from libgnunetutil? The
+ * blinding only works correctly with a current version of libgnunetutil.
*
* Only applies to blinding and unblinding, but
* not to blind signing.
@@ -82,17 +81,7 @@ TALER_gcrypt_init ()
}
-/**
- * Check if a coin is valid; that is, whether the denomination key exists,
- * is not expired, and the signature is correct.
- *
- * @param coin_public_info the coin public info to check for validity
- * @param denom_pub denomination key, must match @a coin_public_info's
`denom_pub_hash`
- * @return #GNUNET_YES if the coin is valid,
- * #GNUNET_NO if it is invalid
- * #GNUNET_SYSERR if an internal error occurred
- */
-int
+enum GNUNET_GenericReturnValue
TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info,
const struct TALER_DenominationPublicKey *denom_pub)
{
@@ -122,17 +111,6 @@ TALER_test_coin_valid (const struct TALER_CoinPublicInfo
*coin_public_info,
}
-/**
- * Given the coin and the transfer private keys, compute the
- * transfer secret. (Technically, we only need one of the two
- * private keys, but the caller currently trivially only has
- * the two private keys, so we derive one of the public keys
- * internally to this function.)
- *
- * @param coin_priv coin key
- * @param trans_priv transfer private key
- * @param[out] ts computed transfer secret
- */
void
TALER_link_derive_transfer_secret (
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
@@ -151,14 +129,6 @@ TALER_link_derive_transfer_secret (
}
-/**
- * Decrypt the shared @a secret from the information in the
- * @a trans_priv and @a coin_pub.
- *
- * @param trans_priv transfer private key
- * @param coin_pub coin public key
- * @param[out] transfer_secret set to the shared secret
- */
void
TALER_link_reveal_transfer_secret (
const struct TALER_TransferPrivateKeyP *trans_priv,
@@ -172,14 +142,6 @@ TALER_link_reveal_transfer_secret (
}
-/**
- * Decrypt the shared @a secret from the information in the
- * @a trans_priv and @a coin_pub.
- *
- * @param trans_pub transfer private key
- * @param coin_priv coin public key
- * @param[out] transfer_secret set to the shared secret
- */
void
TALER_link_recover_transfer_secret (
const struct TALER_TransferPublicKeyP *trans_pub,
@@ -193,13 +155,6 @@ TALER_link_recover_transfer_secret (
}
-/**
- * Setup information for a fresh coin.
- *
- * @param secret_seed seed to use for KDF to derive coin keys
- * @param coin_num_salt number of the coin to include in KDF
- * @param[out] ps value to initialize
- */
void
TALER_planchet_setup_refresh (const struct TALER_TransferSecretP *secret_seed,
uint32_t coin_num_salt,
@@ -220,11 +175,6 @@ TALER_planchet_setup_refresh (const struct
TALER_TransferSecretP *secret_seed,
}
-/**
- * Setup information for a fresh coin.
- *
- * @param[out] ps value to initialize
- */
void
TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps)
{
@@ -234,17 +184,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP
*ps)
}
-/**
- * Prepare a planchet for tipping. Creates and blinds a coin.
- *
- * @param dk denomination key for the coin to be created
- * @param ps secret planchet internals (for #TALER_planchet_to_coin)
- * @param[out] c_hash set to the hash of the public key of the coin (needed
later)
- * @param[out] pd set to the planchet detail for TALER_MERCHANT_tip_pickup()
and
- * other withdraw operations
- * @return #GNUNET_OK on success
- */
-int
+enum GNUNET_GenericReturnValue
TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk,
const struct TALER_PlanchetSecretsP *ps,
struct GNUNET_HashCode *c_hash,
@@ -273,18 +213,7 @@ TALER_planchet_prepare (const struct
TALER_DenominationPublicKey *dk,
}
-/**
- * Obtain a coin from the planchet's secrets and the blind signature
- * of the exchange.
- *
- * @param dk denomination key, must match what was given to
#TALER_planchet_prepare()
- * @param blind_sig blind signature from the exchange
- * @param ps secrets from #TALER_planchet_prepare()
- * @param c_hash hash of the coin's public key for verification of the
signature
- * @param[out] coin set to the details of the fresh coin
- * @return #GNUNET_OK on success
- */
-int
+enum GNUNET_GenericReturnValue
TALER_planchet_to_coin (const struct TALER_DenominationPublicKey *dk,
const struct GNUNET_CRYPTO_RsaSignature *blind_sig,
const struct TALER_PlanchetSecretsP *ps,
@@ -311,17 +240,6 @@ TALER_planchet_to_coin (const struct
TALER_DenominationPublicKey *dk,
}
-/**
- * Compute the commitment for a /refresh/melt operation from
- * the respective public inputs.
- *
- * @param[out] rc set to the value the wallet must commit to
- * @param kappa number of transfer public keys involved (must be
#TALER_CNC_KAPPA)
- * @param num_new_coins number of new coins to be created
- * @param rcs commitments array of @a kappa commitments
- * @param coin_pub public key of the coin to be melted
- * @param amount_with_fee amount to be melted, including fee
- */
void
TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc,
uint32_t kappa,
@@ -556,7 +474,6 @@ rsa_gcd_validate (gcry_mpi_t r, gcry_mpi_t n)
*
* @param hash initial hash of the message to sign
* @param pkey the public key of the signer
- * @param rsize If not NULL, the number of bytes actually stored in buffer
* @return MPI value set to the FDH, NULL if RSA key is malicious
*/
static gcry_mpi_t
@@ -598,7 +515,7 @@ rsa_full_domain_hash (const struct
GNUNET_CRYPTO_RsaPublicKey *pkey,
/**
* Create a blinding key
*
- * @param len length of the key in bits (i.e. 2048)
+ * @param pkey the public key to blind for
* @param bks pre-secret to use to derive the blinding key
* @return the newly created blinding key, NULL if RSA key is malicious
*/
@@ -638,7 +555,7 @@ rsa_blinding_key_derive (const struct
GNUNET_CRYPTO_RsaPublicKey *pkey,
* Print an MPI to a newly created buffer
*
* @param v MPI to print.
- * @param[out] newly allocated buffer containing the result
+ * @param[out] buffer newly allocated buffer containing the result
* @return number of bytes stored in @a buffer
*/
static size_t
@@ -669,17 +586,7 @@ numeric_mpi_alloc_n_print (gcry_mpi_t v,
#endif /* ! USE_GNUNET_RSA_BLINDING */
-/**
- * Blinds the given message with the given blinding key
- *
- * @param hash hash of the message to sign
- * @param bkey the blinding key
- * @param pkey the public key of the signer
- * @param[out] buf set to a buffer with the blinded message to be signed
- * @param[out] buf_size number of bytes stored in @a buf
- * @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious
- */
-int
+enum GNUNET_GenericReturnValue
TALER_rsa_blind (const struct GNUNET_HashCode *hash,
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
struct GNUNET_CRYPTO_RsaPublicKey *pkey,
@@ -710,7 +617,7 @@ TALER_rsa_blind (const struct GNUNET_HashCode *hash,
GNUNET_break (0);
*buf = NULL;
*buf_size = 0;
- return 0;
+ return GNUNET_NO;
}
data = rsa_full_domain_hash (pkey, hash);
@@ -758,16 +665,6 @@ rsa_gcd_validate_failure:
}
-/**
- * Unblind a blind-signed signature. The signature should have been generated
- * with #GNUNET_CRYPTO_rsa_sign() using a hash that was blinded with
- * #GNUNET_CRYPTO_rsa_blind().
- *
- * @param sig the signature made on the blinded signature purpose
- * @param bks the blinding key secret used to blind the signature purpose
- * @param pkey the public key of the signer
- * @return unblinded signature on success, NULL if RSA key is bad or malicious.
- */
struct GNUNET_CRYPTO_RsaSignature *
TALER_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
diff --git a/src/util/crypto_helper_denom.c b/src/util/crypto_helper_denom.c
index c61a46f1..4618383a 100644
--- a/src/util/crypto_helper_denom.c
+++ b/src/util/crypto_helper_denom.c
@@ -663,7 +663,8 @@ void
TALER_CRYPTO_helper_denom_disconnect (
struct TALER_CRYPTO_DenominationHelper *dh)
{
- do_disconnect (dh);
+ if (-1 != dh->sock)
+ do_disconnect (dh);
GNUNET_free (dh->template);
GNUNET_free (dh);
}
diff --git a/src/util/crypto_helper_esign.c b/src/util/crypto_helper_esign.c
index 1cf20e91..688afc7d 100644
--- a/src/util/crypto_helper_esign.c
+++ b/src/util/crypto_helper_esign.c
@@ -317,7 +317,7 @@ handle_mt_purge (struct TALER_CRYPTO_ExchangeSignHelper
*esh,
/**
* Wait until the socket is ready to read.
*
- * @param dh helper to wait for
+ * @param esh helper to wait for
* @return false on timeout (after 5s)
*/
static bool
@@ -591,7 +591,8 @@ void
TALER_CRYPTO_helper_esign_disconnect (
struct TALER_CRYPTO_ExchangeSignHelper *esh)
{
- do_disconnect (esh);
+ if (-1 != esh->sock)
+ do_disconnect (esh);
GNUNET_free (esh->template);
GNUNET_free (esh);
}
diff --git a/src/util/crypto_wire.c b/src/util/crypto_wire.c
index 7aaf7d15..0d31720a 100644
--- a/src/util/crypto_wire.c
+++ b/src/util/crypto_wire.c
@@ -53,7 +53,7 @@ TALER_exchange_wire_signature_hash (const char *payto_uri,
* @param master_sig signature of the exchange
* @return #GNUNET_OK if signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_wire_signature_check (
const char *payto_uri,
const struct TALER_MasterPublicKeyP *master_pub,
@@ -143,7 +143,7 @@ TALER_merchant_wire_signature_hash (const char *payto_uri,
* @param merch_sig signature of the merchant
* @return #GNUNET_OK if signature is valid
*/
-int
+enum GNUNET_GenericReturnValue
TALER_merchant_wire_signature_check (
const char *payto_uri,
const char *salt,
diff --git a/src/util/offline_signatures.c b/src/util/offline_signatures.c
index 5899c134..aab46fc7 100644
--- a/src/util/offline_signatures.c
+++ b/src/util/offline_signatures.c
@@ -47,17 +47,7 @@ TALER_exchange_offline_auditor_add_sign (
}
-/**
- * Verify auditor add signature.
- *
- * @param auditor_pub public key of the auditor
- * @param auditor_url URL of the auditor
- * @param start_date when to enable the auditor (for replay detection)
- * @param master_pub public key to verify against
- * @param master_sig the signature the signature
- * @return #GNUNET_OK if the signature is valid
- */
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_auditor_add_verify (
const struct TALER_AuditorPublicKeyP *auditor_pub,
const char *auditor_url,
@@ -103,7 +93,7 @@ TALER_exchange_offline_auditor_del_sign (
}
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_auditor_del_verify (
const struct TALER_AuditorPublicKeyP *auditor_pub,
struct GNUNET_TIME_Absolute end_date,
@@ -143,7 +133,7 @@ TALER_exchange_offline_denomination_revoke_sign (
}
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_denomination_revoke_verify (
const struct GNUNET_HashCode *h_denom_pub,
const struct TALER_MasterPublicKeyP *master_pub,
@@ -183,7 +173,7 @@ TALER_exchange_offline_signkey_revoke_sign (
}
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_signkey_revoke_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
const struct TALER_MasterPublicKeyP *master_pub,
@@ -231,7 +221,7 @@ TALER_exchange_offline_signkey_validity_sign (
}
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_signkey_validity_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
struct GNUNET_TIME_Absolute start_sign,
@@ -305,7 +295,7 @@ TALER_exchange_offline_denom_validity_sign (
}
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_denom_validity_verify (
const struct GNUNET_HashCode *h_denom_pub,
struct GNUNET_TIME_Absolute stamp_start,
@@ -374,7 +364,7 @@ TALER_exchange_offline_wire_add_sign (
}
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_add_verify (
const char *payto_uri,
struct GNUNET_TIME_Absolute sign_time,
@@ -421,7 +411,7 @@ TALER_exchange_offline_wire_del_sign (
}
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_del_verify (
const char *payto_uri,
struct GNUNET_TIME_Absolute sign_time,
@@ -475,7 +465,7 @@ TALER_exchange_offline_wire_fee_sign (
}
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_offline_wire_fee_verify (
const char *payment_method,
struct GNUNET_TIME_Absolute start_time,
diff --git a/src/util/secmod_signatures.c b/src/util/secmod_signatures.c
index e7542c1e..3df68861 100644
--- a/src/util/secmod_signatures.c
+++ b/src/util/secmod_signatures.c
@@ -45,7 +45,7 @@ TALER_exchange_secmod_eddsa_sign (
}
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_secmod_eddsa_verify (
const struct TALER_ExchangePublicKeyP *exchange_pub,
struct GNUNET_TIME_Absolute start_sign,
@@ -96,7 +96,7 @@ TALER_exchange_secmod_rsa_sign (
}
-int
+enum GNUNET_GenericReturnValue
TALER_exchange_secmod_rsa_verify (
const struct GNUNET_HashCode *h_denom_pub,
const char *section_name,
diff --git a/src/util/taler-helper-crypto-eddsa.c
b/src/util/taler-helper-crypto-eddsa.c
index ad1a783e..c229a8c1 100644
--- a/src/util/taler-helper-crypto-eddsa.c
+++ b/src/util/taler-helper-crypto-eddsa.c
@@ -18,11 +18,6 @@
* @brief Standalone process to perform private key EDDSA operations
* @author Christian Grothoff
*
- * INTEGRATION NOTES:
- * - Option 'DURATION_OVERLAP' renamed to 'OVERLAP_DURATION' for consistency;
- * => need to update in deployment scripts and default configuration!
- * - option 'KEY_DIR' moved from section 'exchange' to
'taler-helper-crypto-eddsa'!
- *
* Key design points:
* - EVERY thread of the exchange will have its own pair of connections to the
* crypto helpers. This way, every threat will also have its own /keys state
@@ -236,7 +231,7 @@ static char *keydir;
/**
* How much should coin creation duration overlap
* with the next key? Basically, the starting time of two
- * keys is always #duration - #duration_overlap apart.
+ * keys is always #duration - #overlap_duration apart.
*/
static struct GNUNET_TIME_Relative overlap_duration;
diff --git a/src/util/taler-helper-crypto-rsa.c
b/src/util/taler-helper-crypto-rsa.c
index 53d5c2c7..345a826a 100644
--- a/src/util/taler-helper-crypto-rsa.c
+++ b/src/util/taler-helper-crypto-rsa.c
@@ -18,11 +18,6 @@
* @brief Standalone process to perform private key RSA operations
* @author Christian Grothoff
*
- * INTEGRATION NOTES:
- * - Option 'DURATION_OVERLAP' renamed to 'OVERLAP_DURATION' for consistency;
- * => need to update in deployment scripts and default configuration!
- * - option 'KEY_DIR' moved from section 'exchange' to
'taler-helper-crypto-rsa'!
- *
* Key design points:
* - EVERY thread of the exchange will have its own pair of connections to the
* crypto helpers. This way, every threat will also have its own /keys state
@@ -288,7 +283,7 @@ static char *keydir;
/**
* How much should coin creation (@e duration_withdraw) duration overlap
* with the next denomination? Basically, the starting time of two
- * denominations is always @e duration_withdraw - #duration_overlap apart.
+ * denominations is always @e duration_withdraw - #overlap_duration apart.
*/
static struct GNUNET_TIME_Relative overlap_duration;
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-exchange] branch master updated (8e7b0f5f -> 69991605),
gnunet <=