[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] branch master updated (84c9adf5 -> 74e4c642)
|
From: |
gnunet |
|
Subject: |
[taler-exchange] branch master updated (84c9adf5 -> 74e4c642) |
|
Date: |
Sat, 25 Dec 2021 16:14:21 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a change to branch master
in repository exchange.
from 84c9adf5 v12: also do not sign over merchant_pub in REFUND signature,
centralize logic
new f6ecb6c8 -eliminate redundant hash operation on link signatures
new 74e4c642 clean up refresh-reveal logic, reducing local copying
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../taler-exchange-httpd_refreshes_reveal.c | 85 ++++++++++++----------
src/exchangedb/plugin_exchangedb_postgres.c | 12 ++-
src/include/taler_crypto_lib.h | 6 +-
src/include/taler_exchangedb_plugin.h | 18 +++--
src/lib/exchange_api_link.c | 8 +-
src/util/wallet_signatures.c | 10 +--
6 files changed, 74 insertions(+), 65 deletions(-)
diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c
b/src/exchange/taler-exchange-httpd_refreshes_reveal.c
index 1cd28048..30a7294c 100644
--- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c
+++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c
@@ -49,7 +49,7 @@ static MHD_RESULT
reply_refreshes_reveal_success (
struct MHD_Connection *connection,
unsigned int num_freshcoins,
- const struct TALER_BlindedDenominationSignature *sigs)
+ const struct TALER_EXCHANGEDB_RefreshRevealedCoin *rrcs)
{
json_t *list;
@@ -63,7 +63,7 @@ reply_refreshes_reveal_success (
obj = GNUNET_JSON_PACK (
TALER_JSON_pack_blinded_denom_sig ("ev_sig",
- &sigs[freshcoin_index]));
+ &rrcs[freshcoin_index].coin_sig));
GNUNET_assert (0 ==
json_array_append_new (list,
obj));
@@ -111,7 +111,7 @@ struct RevealContext
/**
* Envelopes to be signed.
*/
- const struct TALER_RefreshCoinData *rcds;
+ struct TALER_RefreshCoinData *rcds;
/**
* Size of the @e dks, @e rcds and @e ev_sigs arrays (if non-NULL).
@@ -160,7 +160,7 @@ check_commitment (struct RevealContext *rctx,
{
/* Take these coin envelopes from the client */
rce->transfer_pub = rctx->gamma_tp;
- rce->new_coins = (struct TALER_RefreshCoinData *) rctx->rcds;
+ rce->new_coins = rctx->rcds;
off = 1;
}
else
@@ -298,21 +298,16 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
unsigned int num_fresh_coins = json_array_size (new_denoms_h_json);
/* We know num_fresh_coins is bounded by #MAX_FRESH_COINS, so this is safe */
const struct TEH_DenominationKey *dks[num_fresh_coins];
- struct TALER_DenominationHash dk_h[num_fresh_coins];
struct TALER_RefreshCoinData rcds[num_fresh_coins];
- struct TALER_CoinSpendSignatureP link_sigs[num_fresh_coins];
- struct TALER_BlindedDenominationSignature ev_sigs[num_fresh_coins];
+ struct TALER_EXCHANGEDB_RefreshRevealedCoin rrcs[num_fresh_coins];
MHD_RESULT ret;
struct TEH_KeyStateHandle *ksh;
uint64_t melt_serial_id;
- rctx->num_fresh_coins = num_fresh_coins;
memset (dks, 0, sizeof (dks));
+ memset (rrcs, 0, sizeof (rrcs));
memset (rcds, 0, sizeof (rcds));
- memset (link_sigs, 0, sizeof (link_sigs));
- memset (ev_sigs, 0, sizeof (ev_sigs));
- rctx->dks = dks;
- rctx->rcds = rcds;
+ rctx->num_fresh_coins = num_fresh_coins;
ksh = TEH_keys_get_state ();
if (NULL == ksh)
@@ -327,7 +322,7 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
{
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_fixed_auto (NULL,
- &dk_h[i]),
+ &rrcs[i].h_denom_pub),
GNUNET_JSON_spec_end ()
};
enum GNUNET_GenericReturnValue res;
@@ -340,7 +335,7 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
if (GNUNET_OK != res)
return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
dks[i] = TEH_keys_denomination_by_hash2 (ksh,
- &dk_h[i],
+ &rrcs[i].h_denom_pub,
connection,
&ret);
if (NULL == dks[i])
@@ -351,7 +346,7 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
/* This denomination is past the expiration time for withdraws */
return TEH_RESPONSE_reply_expired_denom_pub_hash (
connection,
- &dk_h[i],
+ &rrcs[i].h_denom_pub,
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED,
"REVEAL");
}
@@ -360,7 +355,7 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
/* This denomination is not yet valid */
return TEH_RESPONSE_reply_expired_denom_pub_hash (
connection,
- &dk_h[i],
+ &rrcs[i].h_denom_pub,
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_VALIDITY_IN_FUTURE,
"REVEAL");
}
@@ -378,11 +373,11 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
/* Parse coin envelopes */
for (unsigned int i = 0; i<num_fresh_coins; i++)
{
- struct TALER_RefreshCoinData *rcd = &rcds[i];
+ struct TALER_EXCHANGEDB_RefreshRevealedCoin *rrc = &rrcs[i];
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_varsize (NULL,
- &rcd->coin_ev,
- &rcd->coin_ev_size),
+ &rrc->coin_ev,
+ &rrc->coin_ev_size),
GNUNET_JSON_spec_end ()
};
enum GNUNET_GenericReturnValue res;
@@ -395,10 +390,12 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
if (GNUNET_OK != res)
{
for (unsigned int j = 0; j<i; j++)
- GNUNET_free (rcds[j].coin_ev);
+ GNUNET_free (rrcs[j].coin_ev);
return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
}
- rcd->dk = &dks[i]->denom_pub;
+ GNUNET_CRYPTO_hash (rrc->coin_ev,
+ rrc->coin_ev_size,
+ &rrc->coin_envelope_hash.hash);
}
/* lookup old_coin_pub in database */
@@ -451,7 +448,7 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
{
struct GNUNET_JSON_Specification link_spec[] = {
GNUNET_JSON_spec_fixed_auto (NULL,
- &link_sigs[i]),
+ &rrcs[i].orig_coin_link_sig),
GNUNET_JSON_spec_end ()
};
enum GNUNET_GenericReturnValue res;
@@ -463,15 +460,14 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
-1);
if (GNUNET_OK != res)
return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
- /* Check link_sigs[i] signature */
+ /* Check signature */
if (GNUNET_OK !=
TALER_wallet_link_verify (
- &dk_h[i],
+ &rrcs[i].h_denom_pub,
&rctx->gamma_tp,
- rcds[i].coin_ev,
- rcds[i].coin_ev_size,
+ &rrcs[i].coin_envelope_hash,
&rctx->melt.session.coin.coin_pub,
- &link_sigs[i]))
+ &rrcs[i].orig_coin_link_sig))
{
GNUNET_break_op (0);
ret = TALER_MHD_reply_with_error (
@@ -483,24 +479,35 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
}
}
+ /* prepare for check_commitment */
+ for (unsigned int i = 0; i<rctx->num_fresh_coins; i++)
+ {
+ const struct TALER_EXCHANGEDB_RefreshRevealedCoin *rrc = &rrcs[i];
+ struct TALER_RefreshCoinData *rcd = &rcds[i];
+
+ rcd->coin_ev = rrc->coin_ev;
+ rcd->coin_ev_size = rrc->coin_ev_size;
+ rcd->dk = &dks[i]->denom_pub;
+ }
+ rctx->dks = dks;
+ rctx->rcds = rcds;
if (GNUNET_OK !=
check_commitment (rctx,
connection,
&ret))
goto cleanup;
-
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Creating %u signatures\n",
(unsigned int) rctx->num_fresh_coins);
- /* sign _early_ (optimistic!) to keep out of transaction scope! */
+ /* create fresh coin signatures */
for (unsigned int i = 0; i<rctx->num_fresh_coins; i++)
{
enum TALER_ErrorCode ec = TALER_EC_NONE;
- ev_sigs[i]
+ rrcs[i].coin_sig
= TEH_keys_denomination_sign (
- &dk_h[i],
+ &rrcs[i].h_denom_pub,
rcds[i].coin_ev,
rcds[i].coin_ev_size,
&ec);
@@ -517,18 +524,14 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
"Signatures ready, starting DB interaction\n");
/* Persist operation result in DB */
{
- struct TALER_EXCHANGEDB_RefreshRevealedCoin rrcs[rctx->num_fresh_coins];
enum GNUNET_DB_QueryStatus qs;
for (unsigned int i = 0; i<rctx->num_fresh_coins; i++)
{
struct TALER_EXCHANGEDB_RefreshRevealedCoin *rrc = &rrcs[i];
- rrc->h_denom_pub = dk_h[i];
- rrc->orig_coin_link_sig = link_sigs[i];
rrc->coin_ev = rcds[i].coin_ev;
rrc->coin_ev_size = rcds[i].coin_ev_size;
- rrc->coin_sig = ev_sigs[i];
}
qs = TEH_plugin->insert_refresh_reveal (TEH_plugin->cls,
melt_serial_id,
@@ -537,6 +540,7 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
TALER_CNC_KAPPA - 1,
rctx->transfer_privs,
&rctx->gamma_tp);
+ /* 0 == qs is ok, as we did not check for repeated requests */
if (0 > qs)
{
GNUNET_break (0);
@@ -551,14 +555,17 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
/* Generate final (positive) response */
ret = reply_refreshes_reveal_success (connection,
num_fresh_coins,
- ev_sigs);
+ rrcs);
cleanup:
GNUNET_break (MHD_NO != ret);
/* free resources */
for (unsigned int i = 0; i<num_fresh_coins; i++)
- TALER_blinded_denom_sig_free (&ev_sigs[i]);
- for (unsigned int i = 0; i<num_fresh_coins; i++)
- GNUNET_free (rcds[i].coin_ev);
+ {
+ struct TALER_EXCHANGEDB_RefreshRevealedCoin *rrc = &rrcs[i];
+
+ TALER_blinded_denom_sig_free (&rrc->coin_sig);
+ GNUNET_free (rrc->coin_ev);
+ }
return ret;
}
diff --git a/src/exchangedb/plugin_exchangedb_postgres.c
b/src/exchangedb/plugin_exchangedb_postgres.c
index d5290d9c..d76696aa 100644
--- a/src/exchangedb/plugin_exchangedb_postgres.c
+++ b/src/exchangedb/plugin_exchangedb_postgres.c
@@ -906,6 +906,7 @@ prepare_statements (struct PostgresClosure *pg)
"SELECT "
" rrc.freshcoin_index"
",denom.denom_pub_hash"
+ ",rrc.h_coin_ev"
",rrc.link_sig"
",rrc.coin_ev"
",rrc.ev_sig"
@@ -6083,7 +6084,6 @@ postgres_insert_refresh_reveal (
for (uint32_t i = 0; i<num_rrcs; i++)
{
const struct TALER_EXCHANGEDB_RefreshRevealedCoin *rrc = &rrcs[i];
- struct TALER_BlindedCoinHash h_coin_ev;
struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_uint64 (&melt_serial_id),
GNUNET_PQ_query_param_uint32 (&i),
@@ -6091,15 +6091,12 @@ postgres_insert_refresh_reveal (
GNUNET_PQ_query_param_auto_from_type (&rrc->h_denom_pub),
GNUNET_PQ_query_param_fixed_size (rrc->coin_ev,
rrc->coin_ev_size),
- GNUNET_PQ_query_param_auto_from_type (&h_coin_ev),
+ GNUNET_PQ_query_param_auto_from_type (&rrc->h_coin_ev),
TALER_PQ_query_param_blinded_denom_sig (&rrc->coin_sig),
GNUNET_PQ_query_param_end
};
enum GNUNET_DB_QueryStatus qs;
- GNUNET_CRYPTO_hash (rrc->coin_ev,
- rrc->coin_ev_size,
- &h_coin_ev.hash);
qs = GNUNET_PQ_eval_prepared_non_select (pg->conn,
"insert_refresh_revealed_coin",
params);
@@ -6113,8 +6110,7 @@ postgres_insert_refresh_reveal (
GNUNET_PQ_query_param_auto_from_type (tp),
GNUNET_PQ_query_param_fixed_size (
tprivs,
- num_tprivs
- * sizeof (struct TALER_TransferPrivateKeyP)),
+ num_tprivs * sizeof (struct TALER_TransferPrivateKeyP)),
GNUNET_PQ_query_param_end
};
@@ -6199,6 +6195,8 @@ add_revealed_coins (void *cls,
&rrc->h_denom_pub),
GNUNET_PQ_result_spec_auto_from_type ("link_sig",
&rrc->orig_coin_link_sig),
+ GNUNET_PQ_result_spec_auto_from_type ("h_coin_ev",
+ &rrc->coin_envelope_hash),
GNUNET_PQ_result_spec_variable_size ("coin_ev",
(void **) &rrc->coin_ev,
&rrc->coin_ev_size),
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index db38c0c2..e6c5e2a4 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -1788,8 +1788,7 @@ TALER_wallet_link_sign (const struct
TALER_DenominationHash *h_denom_pub,
*
* @param h_denom_pub hash of the denomiantion public key of the new coin
* @param transfer_pub transfer public key
- * @param coin_ev coin envelope
- * @param coin_ev_size number of bytes in @a coin_ev
+ * @param h_coin_ev hash of the coin envelope
* @param old_coin_pub old coin key that the link signature is for
* @param coin_sig resulting signature
* @return #GNUNET_OK if the signature is valid
@@ -1798,8 +1797,7 @@ enum GNUNET_GenericReturnValue
TALER_wallet_link_verify (
const struct TALER_DenominationHash *h_denom_pub,
const struct TALER_TransferPublicKeyP *transfer_pub,
- const void *coin_ev,
- size_t coin_ev_size,
+ const struct TALER_BlindedCoinHash *h_coin_ev,
const struct TALER_CoinSpendPublicKeyP *old_coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig);
diff --git a/src/include/taler_exchangedb_plugin.h
b/src/include/taler_exchangedb_plugin.h
index 357d9f07..ad6e58a0 100644
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@@ -1635,20 +1635,26 @@ struct TALER_EXCHANGEDB_RefreshRevealedCoin
*/
struct TALER_CoinSpendSignatureP orig_coin_link_sig;
+ /**
+ * Hash of the blinded new coin, that is @e coin_ev.
+ */
+ struct TALER_BlindedCoinHash coin_envelope_hash;
+
+ /**
+ * Signature generated by the exchange over the coin (in blinded format).
+ */
+ struct TALER_BlindedDenominationSignature coin_sig;
+
/**
* Blinded message to be signed (in envelope), with @e coin_env_size bytes.
*/
- char *coin_ev;
+ void *coin_ev;
/**
* Number of bytes in @e coin_ev.
*/
size_t coin_ev_size;
- /**
- * Signature generated by the exchange over the coin (in blinded format).
- */
- struct TALER_BlindedDenominationSignature coin_sig;
};
@@ -2972,7 +2978,7 @@ struct TALER_EXCHANGEDB_Plugin
/**
- * Lookup in the database for the @a num_freshcoins coins that we
+ * Lookup in the database for the fresh coins that we
* created in the given refresh operation.
*
* @param cls the @e cls of this struct with the plugin-specific state
diff --git a/src/lib/exchange_api_link.c b/src/lib/exchange_api_link.c
index 55d3bdb6..ec085b53 100644
--- a/src/lib/exchange_api_link.c
+++ b/src/lib/exchange_api_link.c
@@ -138,6 +138,7 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh,
struct TALER_PlanchetDetail pd;
struct TALER_CoinPubHash c_hash;
struct TALER_CoinSpendPublicKeyP old_coin_pub;
+ struct TALER_BlindedCoinHash coin_envelope_hash;
GNUNET_CRYPTO_eddsa_key_get_public (&lh->coin_priv.eddsa_priv,
&old_coin_pub.eddsa_pub);
@@ -151,11 +152,14 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle
*lh,
GNUNET_JSON_parse_free (spec);
return GNUNET_SYSERR;
}
+ GNUNET_CRYPTO_hash (pd.coin_ev,
+ pd.coin_ev_size,
+ &coin_envelope_hash.hash);
+
if (GNUNET_OK !=
TALER_wallet_link_verify (&pd.denom_pub_hash,
trans_pub,
- pd.coin_ev,
- pd.coin_ev_size,
+ &coin_envelope_hash,
&old_coin_pub,
&link_sig))
{
diff --git a/src/util/wallet_signatures.c b/src/util/wallet_signatures.c
index 9c3723b0..c46dd670 100644
--- a/src/util/wallet_signatures.c
+++ b/src/util/wallet_signatures.c
@@ -133,9 +133,7 @@ enum GNUNET_GenericReturnValue
TALER_wallet_link_verify (
const struct TALER_DenominationHash *h_denom_pub,
const struct TALER_TransferPublicKeyP *transfer_pub,
- // FIXME: consider passing hash!
- const void *coin_ev,
- size_t coin_ev_size,
+ const struct TALER_BlindedCoinHash *h_coin_ev,
const struct TALER_CoinSpendPublicKeyP *old_coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig)
{
@@ -143,12 +141,10 @@ TALER_wallet_link_verify (
.purpose.size = htonl (sizeof (ldp)),
.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_LINK),
.h_denom_pub = *h_denom_pub,
- .transfer_pub = *transfer_pub
+ .transfer_pub = *transfer_pub,
+ .coin_envelope_hash = *h_coin_ev
};
- GNUNET_CRYPTO_hash (coin_ev,
- coin_ev_size,
- &ldp.coin_envelope_hash.hash);
return
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_LINK,
&ldp,
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-exchange] branch master updated (84c9adf5 -> 74e4c642),
gnunet <=