[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: clean up truth public key vs UU
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated: clean up truth public key vs UUID and order_id vs. payment secret type confusions |
|
Date: |
Tue, 09 Feb 2021 18:51:07 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 9fbe805 clean up truth public key vs UUID and order_id vs. payment
secret type confusions
9fbe805 is described below
commit 9fbe8053f12eb104f3f51de0d36546d3cf8f7a19
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Feb 9 18:51:04 2021 +0100
clean up truth public key vs UUID and order_id vs. payment secret type
confusions
---
contrib/gana | 2 +-
.../anastasis_authorization_plugin_email.c | 4 +-
.../anastasis_authorization_plugin_file.c | 4 +-
.../anastasis_authorization_plugin_sms.c | 4 +-
src/backend/anastasis-httpd.c | 12 +-
src/backend/anastasis-httpd_truth.c | 54 ++--
src/backend/anastasis-httpd_truth.h | 10 +-
src/backend/anastasis-httpd_truth_upload.c | 11 +-
src/include/anastasis.h | 37 +--
src/include/anastasis_authorization_plugin.h | 2 +-
src/include/anastasis_crypto_lib.h | 95 ++++--
src/include/anastasis_database_plugin.h | 40 ++-
src/include/anastasis_service.h | 295 ++++++++---------
src/include/anastasis_testing_lib.h | 11 +-
src/lib/anastasis_backup.c | 158 ++-------
src/lib/anastasis_recovery.c | 68 ++--
src/restclient/anastasis_api_challenge_run.c | 4 +-
src/restclient/anastasis_api_keyshare_lookup.c | 4 +-
src/restclient/anastasis_api_policy_store.c | 47 ++-
src/restclient/anastasis_api_truth_store.c | 123 ++++---
src/stasis/plugin_anastasis_postgres.c | 96 +++---
src/stasis/stasis-0001.sql | 30 +-
src/stasis/test_anastasis_db.c | 38 +--
src/testing/testing_api_cmd_challenge_run.c | 2 +-
src/testing/testing_api_cmd_keyshare_lookup.c | 2 +-
src/testing/testing_api_cmd_truth_store.c | 359 +++++++++------------
src/testing/testing_api_trait_truth_pub.c | 4 +-
src/util/anastasis_crypto.c | 32 --
28 files changed, 710 insertions(+), 838 deletions(-)
diff --git a/contrib/gana b/contrib/gana
index f5b0263..5de7cb5 160000
--- a/contrib/gana
+++ b/contrib/gana
@@ -1 +1 @@
-Subproject commit f5b02632094606010ed1c28c21931c81fa852d2b
+Subproject commit 5de7cb5209109f97d56f7dd99262f24b0988c6b8
diff --git a/src/authorization/anastasis_authorization_plugin_email.c
b/src/authorization/anastasis_authorization_plugin_email.c
index c203526..f7e00fa 100644
--- a/src/authorization/anastasis_authorization_plugin_email.c
+++ b/src/authorization/anastasis_authorization_plugin_email.c
@@ -34,7 +34,7 @@ struct ANASTASIS_AUTHORIZATION_State
/**
* Public key of the challenge which is authorised
*/
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key;
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key;
/**
* Code which is sent to the user (here saved into a file)
@@ -129,7 +129,7 @@ email_validate (void *cls,
*/
static struct ANASTASIS_AUTHORIZATION_State *
email_start (void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key,
uint64_t code,
char *auth_command,
const void *data,
diff --git a/src/authorization/anastasis_authorization_plugin_file.c
b/src/authorization/anastasis_authorization_plugin_file.c
index 3d9b356..29c9459 100644
--- a/src/authorization/anastasis_authorization_plugin_file.c
+++ b/src/authorization/anastasis_authorization_plugin_file.c
@@ -31,7 +31,7 @@ struct ANASTASIS_AUTHORIZATION_State
/**
* Public key of the challenge which is authorised
*/
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key;
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key;
/**
* Code which is sent to the user (here saved into a file)
@@ -114,7 +114,7 @@ static struct ANASTASIS_AUTHORIZATION_State *
file_start (void *cls,
GNUNET_SCHEDULER_TaskCallback trigger,
void *trigger_cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key,
uint64_t code,
const void *data,
size_t data_length)
diff --git a/src/authorization/anastasis_authorization_plugin_sms.c
b/src/authorization/anastasis_authorization_plugin_sms.c
index 5687643..ba5842d 100644
--- a/src/authorization/anastasis_authorization_plugin_sms.c
+++ b/src/authorization/anastasis_authorization_plugin_sms.c
@@ -53,7 +53,7 @@ struct ANASTASIS_AUTHORIZATION_State
/**
* Public key of the challenge which is authorised
*/
- struct ANASTASIS_CRYPTO_TruthPublicKeyP truth_public_key;
+ struct ANASTASIS_CRYPTO_TruthUUIDP truth_public_key;
/**
* Code which is sent to the user (here sent via SMS)
@@ -184,7 +184,7 @@ static struct ANASTASIS_AUTHORIZATION_State *
sms_start (void *cls,
GNUNET_SCHEDULER_TaskCallback trigger,
void *trigger_cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key,
uint64_t code,
const void *data,
size_t data_length)
diff --git a/src/backend/anastasis-httpd.c b/src/backend/anastasis-httpd.c
index 883c4bd..004bc7a 100644
--- a/src/backend/anastasis-httpd.c
+++ b/src/backend/anastasis-httpd.c
@@ -369,7 +369,7 @@ url_handler (void *cls,
"/truth/",
strlen ("/truth/")))
{
- struct ANASTASIS_CRYPTO_TruthPublicKeyP tpk;
+ struct ANASTASIS_CRYPTO_TruthUUIDP tu;
const char *pub_key_str;
pub_key_str = &url[strlen ("/truth/")];
@@ -377,20 +377,20 @@ url_handler (void *cls,
GNUNET_STRINGS_string_to_data (
pub_key_str,
strlen (pub_key_str),
- &tpk,
- sizeof(tpk)))
+ &tu,
+ sizeof(tu)))
{
GNUNET_break_op (0);
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_BAD_REQUEST,
TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "truth public key");
+ "truth UUID");
}
if (0 == strcmp (method,
MHD_HTTP_METHOD_GET))
{
return AH_handler_truth_get (connection,
- &tpk,
+ &tu,
hc);
}
if (0 == strcmp (method,
@@ -398,7 +398,7 @@ url_handler (void *cls,
{
return AH_handler_truth_post (connection,
hc,
- &tpk,
+ &tu,
upload_data,
upload_data_size);
}
diff --git a/src/backend/anastasis-httpd_truth.c
b/src/backend/anastasis-httpd_truth.c
index dd89522..ce6551d 100644
--- a/src/backend/anastasis-httpd_truth.c
+++ b/src/backend/anastasis-httpd_truth.c
@@ -54,7 +54,7 @@ struct GetContext
/**
* Public key of the challenge which is solved.
*/
- struct ANASTASIS_CRYPTO_TruthPublicKeyP truth_public_key;
+ struct ANASTASIS_CRYPTO_TruthUUIDP truth_uuid;
/**
* true if client provided a payment secret / order ID?
@@ -267,7 +267,7 @@ proposal_cb (void *cls,
return;
}
qs = db->record_challenge_payment (db->cls,
- &gc->truth_public_key,
+ &gc->truth_uuid,
&gc->payment_identifier,
&gc->challenge_cost);
if (0 >= qs)
@@ -353,7 +353,7 @@ check_payment_cb (void *cls,
enum GNUNET_DB_QueryStatus qs;
qs = db->update_challenge_payment (db->cls,
- &gc->truth_public_key,
+ &gc->truth_uuid,
&gc->payment_identifier);
if (0 <= qs)
return; /* continue as planned */
@@ -389,7 +389,7 @@ begin_payment (struct GetContext *gc)
char *order_id;
qs = db->lookup_challenge_payment (db->cls,
- &gc->truth_public_key,
+ &gc->truth_uuid,
&gc->payment_identifier);
if (qs < 0)
{
@@ -452,25 +452,23 @@ begin_payment (struct GetContext *gc)
/**
* Load encrypted keyshare from db and return it to the client.
*
- * @param truth_public key the key to the truth for the looup
+ * @param truth_uuid UUID to the truth for the looup
* @param connection the connection to respond upon
* @return MHD status code
*/
static MHD_RESULT
return_key_share (
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
struct MHD_Connection *connection)
{
- void *encrypted_keyshare;
- size_t encrypted_keyshare_size;
+ struct ANASTASIS_CRYPTO_EncryptedKeyShareP encrypted_keyshare;
{
enum GNUNET_DB_QueryStatus qs;
qs = db->get_key_share (db->cls,
- truth_public_key,
- &encrypted_keyshare,
- &encrypted_keyshare_size);
+ truth_uuid,
+ &encrypted_keyshare);
switch (qs)
{
case GNUNET_DB_STATUS_HARD_ERROR:
@@ -493,12 +491,10 @@ return_key_share (
{
struct MHD_Response *resp;
- resp = MHD_create_response_from_buffer (encrypted_keyshare_size,
- encrypted_keyshare,
+ resp = MHD_create_response_from_buffer (sizeof (encrypted_keyshare),
+ &encrypted_keyshare,
MHD_RESPMEM_MUST_COPY);
- GNUNET_free (encrypted_keyshare);
TALER_MHD_add_global_headers (resp);
-
{
MHD_RESULT ret;
@@ -514,14 +510,14 @@ return_key_share (
/**
* @param connection the MHD connection to handle
- * @param url handles a URL of the format
"/truth/$TRUTH_PUBLIC_KEY[&response=$RESPONSE]"
+ * @param url handles a URL of the format "/truth/$UUID[&response=$RESPONSE]"
* @param hc
* @return MHD result code
*/
MHD_RESULT
AH_handler_truth_get (
struct MHD_Connection *connection,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
struct TM_HandlerContext *hc)
{
struct GetContext *gc = hc->ctx;
@@ -564,7 +560,7 @@ AH_handler_truth_get (
case ANASTASIS_AUTHORIZATION_RES_SUCCESS:
/* Challenge sent successfully */
qs = db->mark_challenge_sent (db->cls,
- &gc->truth_public_key,
+ &gc->truth_uuid,
gc->code);
GNUNET_break (0 < qs);
gc->authorization->cleanup (gc->as);
@@ -583,7 +579,7 @@ AH_handler_truth_get (
case ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED:
/* Challenge sent successfully */
qs = db->mark_challenge_sent (db->cls,
- &gc->truth_public_key,
+ &gc->truth_uuid,
gc->code);
GNUNET_break (0 < qs);
gc->authorization->cleanup (gc->as);
@@ -605,7 +601,7 @@ AH_handler_truth_get (
gc->hc = hc;
hc->ctx = gc;
gc->connection = connection;
- gc->truth_public_key = *truth_public_key;
+ gc->truth_uuid = *truth_uuid;
{
const char *pay_id;
@@ -689,7 +685,7 @@ AH_handler_truth_get (
char *method;
qs = db->get_escrow_challenge (db->cls,
- &gc->truth_public_key,
+ &gc->truth_uuid,
&encrypted_truth,
&encrypted_truth_size,
&truth_mime,
@@ -830,7 +826,7 @@ AH_handler_truth_get (
enum GNUNET_DB_QueryStatus qs;
// FIXME: fails: this is an UPDATE statement, we need to possibly INSERT
_or_ UPDATE
qs = db->mark_challenge_sent (db->cls,
- &gc->truth_public_key,
+ &gc->truth_uuid,
0);
GNUNET_break (0 < qs);
#endif
@@ -839,7 +835,7 @@ AH_handler_truth_get (
TALER_EC_ANASTASIS_TRUTH_CHALLENGE_FAILED,
NULL);
}
- return return_key_share (&gc->truth_public_key,
+ return return_key_share (&gc->truth_uuid,
connection);
}
@@ -850,7 +846,7 @@ AH_handler_truth_get (
GNUNET_free (decrypted_truth);
cs = db->verify_challenge_code (db->cls,
- &gc->truth_public_key,
+ &gc->truth_uuid,
&challenge_response);
switch (cs)
{
@@ -872,7 +868,7 @@ AH_handler_truth_get (
TALER_EC_ANASTASIS_TRUTH_CHALLENGE_UNKNOWN,
NULL);
case ANASTASIS_DB_CODE_STATUS_VALID_CODE_STORED:
- return return_key_share (&gc->truth_public_key,
+ return return_key_share (&gc->truth_uuid,
connection);
}
GNUNET_break (0);
@@ -910,7 +906,7 @@ AH_handler_truth_get (
enum GNUNET_DB_QueryStatus qs;
qs = db->create_challenge_code (db->cls,
- &gc->truth_public_key,
+ &gc->truth_uuid,
gc->authorization->code_rotation_period,
gc->authorization->code_validity_period,
INITIAL_RETRY_COUNTER,
@@ -945,7 +941,7 @@ AH_handler_truth_get (
gc->as = gc->authorization->start (gc->authorization->cls,
&AH_trigger_daemon,
NULL,
- &gc->truth_public_key,
+ &gc->truth_uuid,
gc->code,
decrypted_truth,
decrypted_truth_size);
@@ -972,7 +968,7 @@ AH_handler_truth_get (
case ANASTASIS_AUTHORIZATION_RES_SUCCESS:
/* all good, challenge sent! */
qs = db->mark_challenge_sent (db->cls,
- &gc->truth_public_key,
+ &gc->truth_uuid,
gc->code);
GNUNET_break (0 < qs);
break;
@@ -986,7 +982,7 @@ AH_handler_truth_get (
case ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED:
/* Challenge sent successfully, but HTTP reply failed */
qs = db->mark_challenge_sent (db->cls,
- &gc->truth_public_key,
+ &gc->truth_uuid,
gc->code);
GNUNET_break (0 < qs);
gc->authorization->cleanup (gc->as);
diff --git a/src/backend/anastasis-httpd_truth.h
b/src/backend/anastasis-httpd_truth.h
index 0ad4d8e..f523a55 100644
--- a/src/backend/anastasis-httpd_truth.h
+++ b/src/backend/anastasis-httpd_truth.h
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- Copyright (C) 2014, 2015, 2016 GNUnet e.V.
+ Copyright (C) 2014, 2015, 2016, 2021 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU Affero General Public License as published by the Free
Software
@@ -30,20 +30,20 @@ AH_truth_shutdown (void);
/**
* @param connection the MHD connection to handle
- * @param truth_public_key the truth public key
+ * @param truth_uuid the truth UUID
* @param con_cls
* @return MHD result code
*/
MHD_RESULT
AH_handler_truth_get (
struct MHD_Connection *connection,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
struct TM_HandlerContext *hc);
/**
* @param connection the MHD connection to handle
* @param con_cls the connection's closure
- * @param truth_public_key the truth public key
+ * @param truth_uuid the truth UUID
* @param truth_data truth data
* @param truth_data_size number of bytes (left) in @a truth_data
* @return MHD result code
@@ -52,7 +52,7 @@ int
AH_handler_truth_post (
struct MHD_Connection *connection,
struct TM_HandlerContext *hc,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
const char *truth_data,
size_t *truth_data_size);
diff --git a/src/backend/anastasis-httpd_truth_upload.c
b/src/backend/anastasis-httpd_truth_upload.c
index 52e65cd..8351745 100644
--- a/src/backend/anastasis-httpd_truth_upload.c
+++ b/src/backend/anastasis-httpd_truth_upload.c
@@ -50,7 +50,7 @@ int
AH_handler_truth_post (
struct MHD_Connection *connection,
struct TM_HandlerContext *hc,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key,
const char *truth_data,
size_t *truth_data_size)
{
@@ -60,9 +60,11 @@ AH_handler_truth_post (
struct ANASTASIS_DB_Truth truth;
enum GNUNET_DB_QueryStatus qs;
struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_fixed_auto ("keyshare_data", &truth.keyshare_data),
+ GNUNET_JSON_spec_fixed_auto ("keyshare_data",
+ &truth.keyshare_data),
GNUNET_JSON_spec_string ("method", &truth.method),
- GNUNET_JSON_spec_varsize ("encrypted_truth", &truth.encrypted_truth,
+ GNUNET_JSON_spec_varsize ("encrypted_truth",
+ &truth.encrypted_truth,
&truth.encrypted_truth_size),
GNUNET_JSON_spec_string ("truth_mime", &truth.truth_mime),
GNUNET_JSON_spec_end ()
@@ -95,9 +97,6 @@ AH_handler_truth_post (
truth.encrypted_truth_size,
truth.method,
AH_truth_expiration);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Store truth db status: %i\n",
- qs);
json_decref (json);
GNUNET_JSON_parse_free (spec);
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs)
diff --git a/src/include/anastasis.h b/src/include/anastasis.h
index d631067..cd9b0aa 100644
--- a/src/include/anastasis.h
+++ b/src/include/anastasis.h
@@ -44,15 +44,14 @@ struct ANASTASIS_Challenge;
struct ANASTASIS_DecryptionPolicy
{
/**
- * Set of escrow methods identfied by unique public keys
- * (FIXME: public keys? nonces?)
+ * Set of truths identfied by UUID
*/
- struct ANASTASIS_CRYPTO_NonceP *nonces;
+ struct ANASTASIS_CRYPTO_TruthUUIDP *uuids;
/**
- * length of the methods in this policy
+ * length of the @a uuids in this policy
*/
- uint32_t nonces_length;
+ uint32_t uuids_length;
/**
* encrypted masterkey ( encrypted with the policy key)
@@ -221,9 +220,9 @@ struct ANASTASIS_ChallengeInformation
{
/**
- * nonce which uniquely identifies the challenge
+ * UUID which uniquely identifies the challenge
*/
- struct ANASTASIS_CRYPTO_NonceP nonce;
+ struct ANASTASIS_CRYPTO_TruthUUIDP uuid;
/**
* Cost to solve this challenge
@@ -498,7 +497,7 @@ ANASTASIS_truth_upload (struct GNUNET_CURL_Context *ctx,
const void *truth_data,
size_t truth_data_size,
bool payment_requested,
- const char *paid_order_id,
+ const struct ANASTASIS_PaymentSecretP *paid_order_id,
ANASTASIS_TruthCallback tc,
void *tc_cls);
@@ -520,28 +519,6 @@ void
ANASTASIS_truth_free (struct ANASTASIS_Truth *t);
-/**
- * Extracts truth data from JSON.
- *
- * @param json JSON encoding to decode; truth returned ONLY valid as long
- * as the JSON remains valid (do not decref until the truth
- * is truly finished)
- * @return decoded truth object, NULL on error
- */
-struct ANASTASIS_Truth *
-ANASTASIS_truth_from_json (const json_t *json);
-
-
-/**
- * Returns JSON-encoded truth data.
- *
- * @param t object to return JSON encoding for
- * @return JSON encoding of @a t
- */
-json_t *
-ANASTASIS_truth_to_json (const struct ANASTASIS_Truth *t);
-
-
/**
* Policy object, representing a set of truths (and thus challenges
* to satisfy) to recover a secret.
diff --git a/src/include/anastasis_authorization_plugin.h
b/src/include/anastasis_authorization_plugin.h
index b41daa8..d28658d 100644
--- a/src/include/anastasis_authorization_plugin.h
+++ b/src/include/anastasis_authorization_plugin.h
@@ -154,7 +154,7 @@ struct ANASTASIS_AuthorizationPlugin
(*start)(void *cls,
GNUNET_SCHEDULER_TaskCallback trigger,
void *trigger_cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key,
uint64_t code,
const void *data,
size_t data_length);
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index 9605f13..cbb7b9e 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -70,25 +70,19 @@ struct ANASTASIS_CRYPTO_AccountPrivateKeyP
struct GNUNET_CRYPTO_EddsaPrivateKey priv;
};
-/**
- * An EdDSA private key that is used to identify a truth object
- */
-struct ANASTASIS_CRYPTO_TruthPrivateKeyP
-{
- struct GNUNET_CRYPTO_EddsaPrivateKey priv;
-};
/**
- * An EdDSA public key that is used to identify a truth object
+ * A UUID that is used to identify a truth object
*/
-struct ANASTASIS_CRYPTO_TruthPublicKeyP
+struct ANASTASIS_CRYPTO_TruthUUIDP
{
- struct GNUNET_CRYPTO_EddsaPublicKey pub;
+ struct GNUNET_ShortHashCode uuid;
};
+
/**
* Specifies a TruthKey which is used to decrypt the Truth stored by the user.
-*/
+ */
struct ANASTASIS_CRYPTO_TruthKeyP
{
struct GNUNET_HashCode key GNUNET_PACKED;
@@ -168,8 +162,9 @@ struct ANASTASIS_CRYPTO_AesTagP
/**
- * Specifies a Key Share from an escrow provider, the combined keyshares
generate the EscrowMasterKey
- * which is used to decrypt the Secret from the user.
+ * Specifies a Key Share from an escrow provider, the combined
+ * keyshares generate the EscrowMasterKey which is used to decrypt the
+ * Secret from the user.
*/
struct ANASTASIS_CRYPTO_KeyShareP
{
@@ -182,8 +177,19 @@ struct ANASTASIS_CRYPTO_KeyShareP
*/
struct ANASTASIS_CRYPTO_EncryptedKeyShareP
{
+ /**
+ * Nonce used for the symmetric encryption.
+ */
struct ANASTASIS_CRYPTO_NonceP nonce;
+
+ /**
+ * GCM tag to check authenticity.
+ */
struct ANASTASIS_CRYPTO_AesTagP tag;
+
+ /**
+ * The actual key share.
+ */
struct ANASTASIS_CRYPTO_KeyShareP keyshare;
};
@@ -206,6 +212,57 @@ struct ANASTASIS_CRYPTO_UserIdentifierP
struct GNUNET_HashCode hash GNUNET_PACKED;
};
+
+/**
+ * Random identifier used to later charge a payment.
+ */
+struct ANASTASIS_PaymentSecretP
+{
+ uint32_t id[8];
+};
+
+/**
+ * Data signed by the account public key of a sync client to
+ * authorize the upload of the backup.
+ */
+struct ANASTASIS_UploadSignaturePS
+{
+ /**
+ * Set to #TALER_SIGNATURE_ANASTASIS_POLICY_UPLOAD.
+ */
+ struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+
+ /**
+ * Hash of the new backup.
+ */
+ struct GNUNET_HashCode new_recovery_data_hash;
+
+};
+
+
+/**
+ * Signature made with an account's public key.
+ */
+struct ANASTASIS_AccountSignatureP
+{
+ /**
+ * We use EdDSA.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_sig;
+};
+
+/**
+ * Salt value of an Anastasis service provider.
+ */
+struct ANASTASIS_Salt
+{
+ /**
+ * Salt is specified as 32 byte (256 bit).
+ */
+ char value[256];
+};
+
+
GNUNET_NETWORK_STRUCT_END
@@ -236,18 +293,6 @@ ANASTASIS_CRYPTO_user_identifier_derive (
struct ANASTASIS_CRYPTO_UserIdentifierP *id);
-/**
- * Generates the eddsa public Key and private key which are the identfier of
the truth object.
- * The private key is used to sign the upload.
- * @param nonce is the seed to create and recreate the private key
- * @param pub_key[out] handle for the generated pub key
- */
-void
-ANASTASIS_CRYPTO_truth_public_key_derive (
- const struct ANASTASIS_CRYPTO_NonceP *nonce,
- struct ANASTASIS_CRYPTO_TruthPublicKeyP *pub_key);
-
-
/**
* Generates the eddsa public Key used as the account identifier on the
providers
*
diff --git a/src/include/anastasis_database_plugin.h
b/src/include/anastasis_database_plugin.h
index 5c5b412..50d8eb6 100644
--- a/src/include/anastasis_database_plugin.h
+++ b/src/include/anastasis_database_plugin.h
@@ -334,7 +334,7 @@ struct ANASTASIS_DatabasePlugin
* Upload Truth, which contains the Truth and the KeyShare.
*
* @param cls closure
- * @param truth_public_key the identifier for the Truth
+ * @param truth_uuid the identifier for the Truth
* @param key_share_data contains information of an EncryptedKeyShare
* @param method name of method
* @param nonce nonce used to compute encryption key for encrypted_truth
@@ -347,7 +347,7 @@ struct ANASTASIS_DatabasePlugin
enum GNUNET_DB_QueryStatus
(*store_truth)(
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
const struct ANASTASIS_CRYPTO_EncryptedKeyShareP *key_share_data,
const char *mime_type,
const void *encrypted_truth,
@@ -360,7 +360,7 @@ struct ANASTASIS_DatabasePlugin
* Get the encrypted truth to validate the challenge response
*
* @param cls closure
- * @param truth_public_key the identifier for the Truth
+ * @param truth_uuid the identifier for the Truth
* @param[out] truth contains the encrypted truth
* @param[out] truth_size size of the encrypted truth
* @param[out] truth_mime mime type of truth
@@ -370,7 +370,7 @@ struct ANASTASIS_DatabasePlugin
enum GNUNET_DB_QueryStatus
(*get_escrow_challenge)(
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
void **truth,
size_t *truth_size,
char **truth_mime,
@@ -378,20 +378,18 @@ struct ANASTASIS_DatabasePlugin
/**
- * Lookup (encrypted) key share by @a truth_public_key.
+ * Lookup (encrypted) key share by @a truth_uuid.
*
* @param cls closure
- * @param truth_public_key the identifier for the Truth
- * @param[out] key_share contains the encrypted Keyshare
- * @param[out] key_share_size size of the Keyshare
+ * @param truth_uuid the identifier for the Truth
+ * @param[out] key_share set to the encrypted Keyshare
* @return transaction status
*/
enum GNUNET_DB_QueryStatus
(*get_key_share)(
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
- void **key_share,
- size_t *key_share_size);
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
+ struct ANASTASIS_CRYPTO_EncryptedKeyShareP *key_share);
/**
@@ -515,7 +513,7 @@ struct ANASTASIS_DatabasePlugin
enum ANASTASIS_DB_CodeStatus
(*verify_challenge_code)(
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_pub,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_pub,
const struct GNUNET_HashCode *hashed_code);
/**
@@ -524,7 +522,7 @@ struct ANASTASIS_DatabasePlugin
* for this challenge present and won't insert a new one in this case.
*
* @param cls closure
- * @param truth_public_key the identifier for the challenge
+ * @param truth_uuid the identifier for the challenge
* @param rotation_period for how long is the code available
* @param validity_period for how long is the code available
* @param retry_counter amount of retries allowed
@@ -537,7 +535,7 @@ struct ANASTASIS_DatabasePlugin
enum GNUNET_DB_QueryStatus
(*create_challenge_code)(
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
struct GNUNET_TIME_Relative rotation_period,
struct GNUNET_TIME_Relative validity_period,
unsigned int retry_counter,
@@ -549,13 +547,13 @@ struct ANASTASIS_DatabasePlugin
* Remember in the database that we successfully sent a challenge.
*
* @param cls closure
- * @param truth_public_key the identifier for the challenge
+ * @param truth_uuid the identifier for the challenge
* @param code the challenge that was sent
*/
enum GNUNET_DB_QueryStatus
(*mark_challenge_sent)(
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
uint64_t code);
@@ -571,7 +569,7 @@ struct ANASTASIS_DatabasePlugin
enum GNUNET_DB_QueryStatus
(*record_challenge_payment)(
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
const struct ANASTASIS_PaymentSecretP *payment_secret,
const struct TALER_Amount *amount);
@@ -580,14 +578,14 @@ struct ANASTASIS_DatabasePlugin
* Lookup for a pending payment for a certain challenge
*
* @param cls closure
- * @param truth_public_key identification of the challenge
+ * @param truth_uuid identification of the challenge
* @param[out] payment_secret set to the challenge payment secret
* @return transaction status
*/
enum GNUNET_DB_QueryStatus
(*lookup_challenge_payment)(
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
struct ANASTASIS_PaymentSecretP *payment_secret);
@@ -595,14 +593,14 @@ struct ANASTASIS_DatabasePlugin
* Update payment status of challenge
*
* @param cls closure
- * @param truth_public_key which challenge received a payment
+ * @param truth_uuid which challenge received a payment
* @param payment_identifier proof of payment, must be unique and match
pending payment
* @return transaction status
*/
enum GNUNET_DB_QueryStatus
(*update_challenge_payment)(
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
const struct ANASTASIS_PaymentSecretP *payment_identifier);
diff --git a/src/include/anastasis_service.h b/src/include/anastasis_service.h
index 4d9b033..684480c 100644
--- a/src/include/anastasis_service.h
+++ b/src/include/anastasis_service.h
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- Copyright (C) 2019 Taler Systems SA
+ Copyright (C) 2019-2021 Taler Systems SA
Anastasis is free software; you can redistribute it and/or modify it under
the
terms of the GNU Affero General Public License as published by the Free
Software
@@ -28,107 +28,10 @@
#include <gnunet/gnunet_curl_lib.h>
#include <jansson.h>
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Random identifier used to later charge a payment.
- */
-struct ANASTASIS_PaymentSecretP
-{
- uint32_t id[8];
-};
struct ANASTASIS_SaltOperation;
-/**
- * Data signed by the account public key of a sync client to
- * authorize the upload of the backup.
- */
-struct ANASTASIS_UploadSignaturePS
-{
- /**
- * Set to #TALER_SIGNATURE_ANASTASIS_POLICY_UPLOAD.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * FIXME: Do we need this? (Copied from Sync)
- * Hash of the previous backup, all zeros for none.
- */
- // struct GNUNET_HashCode old_recovery_data_hash;
-
- /**
- * Hash of the new backup.
- */
- struct GNUNET_HashCode new_recovery_data_hash;
-
-};
-
-
-/**
- * Signature made with an account's public key.
- */
-struct ANASTASIS_AccountSignatureP
-{
- /**
- * We use EdDSA.
- */
- struct GNUNET_CRYPTO_EddsaSignature eddsa_sig;
-};
-
-/**
- * Salt value of an Anastasis service provider.
- */
-struct ANASTASIS_Salt
-{
- /**
- * Salt is specified as 32 byte (256 bit).
- */
- char value[256];
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-/**
- * High-level ways how an upload may conclude.
- */
-enum ANASTASIS_UploadStatus
-{
- /**
- * Backup was successfully made.
- */
- ANASTASIS_US_SUCCESS = 0,
-
- /**
- * Account expired or payment was explicitly requested
- * by the client.
- */
- ANASTASIS_US_PAYMENT_REQUIRED,
-
- /**
- * HTTP interaction failed, see HTTP status.
- */
- ANASTASIS_US_HTTP_ERROR,
-
- /**
- * We had an internal error (not sure this can happen,
- * but reserved for HTTP 400 status codes).
- */
- ANASTASIS_US_CLIENT_ERROR,
-
- /**
- * Server had an internal error.
- */
- ANASTASIS_US_SERVER_ERROR,
-
- /**
- * Truth already exists
- */
- ANASTASIS_US_CONFLICTING_TRUTH
-};
-
-
/**
* Detailed results from the successful download.
*/
@@ -173,58 +76,6 @@ struct ANASTASIS_KeyShareDownloadDetails
};
-/**
- * Result of an upload.
- */
-struct ANASTASIS_UploadDetails
-{
- /**
- * High level status of the upload operation.
- */
- enum ANASTASIS_UploadStatus us;
-
- union
- {
- /**
- * Hash of the stored recovery data, returned if
- * @e us is #ANASTASIS_US_SUCCESS.
- */
- const struct GNUNET_HashCode *curr_backup_hash;
-
- /**
- * Previous backup. Returned if @e us is
- * #ANASTASIS_US_CONFLICTING_POLICY
- */
- struct
- {
- /**
- * Hash over @e existing_backup.
- */
- struct GNUNET_HashCode existing_backup_hash;
-
- /**
- * Number of bytes in @e existing_backup.
- */
- size_t existing_backup_size;
-
- /**
- * The backup on the server, which does not match the
- * "previous" backup expected by the client and thus
- * needs to be decrypted, reconciled and re-uploaded.
- */
- const void *existing_backup;
-
- } recovered_backup;
-
- /**
- * A taler://pay/-URI with a request to pay the annual fee for
- * the service. Returned if @e us is #ANASTASIS_US_PAYMENT_REQUIRED.
- */
- const char *payment_request;
-
- } details;
-};
-
typedef void
(*ANASTASIS_ConfigCallback)(void *cls,
unsigned int http_status,
@@ -384,6 +235,116 @@ ANASTASIS_policy_lookup_cancel (
struct ANASTASIS_PolicyStoreOperation;
+/**
+ * High-level ways how an upload may conclude.
+ */
+enum ANASTASIS_UploadStatus
+{
+ /**
+ * Backup was successfully made.
+ */
+ ANASTASIS_US_SUCCESS = 0,
+
+ /**
+ * Account expired or payment was explicitly requested
+ * by the client.
+ */
+ ANASTASIS_US_PAYMENT_REQUIRED,
+
+ /**
+ * HTTP interaction failed, see HTTP status.
+ */
+ ANASTASIS_US_HTTP_ERROR,
+
+ /**
+ * We had an internal error (not sure this can happen,
+ * but reserved for HTTP 400 status codes).
+ */
+ ANASTASIS_US_CLIENT_ERROR,
+
+ /**
+ * Server had an internal error.
+ */
+ ANASTASIS_US_SERVER_ERROR,
+
+ /**
+ * Truth already exists. Not applicable for policy uploads.
+ */
+ ANASTASIS_US_CONFLICTING_TRUTH
+};
+
+
+/**
+ * Result of an upload.
+ */
+struct ANASTASIS_UploadDetails
+{
+ /**
+ * High level status of the upload operation. Determines @e details.
+ */
+ enum ANASTASIS_UploadStatus us;
+
+ /**
+ * HTTP status code.
+ */
+ unsigned int http_status;
+
+ /**
+ * Taler error code.
+ */
+ enum TALER_ErrorCode ec;
+
+ union
+ {
+ /**
+ * Hash of the stored recovery data, returned if
+ * @e us is #ANASTASIS_US_SUCCESS.
+ */
+ const struct GNUNET_HashCode *curr_backup_hash;
+
+ /**
+ * Previous backup. Returned if @e us is
+ * #ANASTASIS_US_CONFLICTING_POLICY
+ */
+ struct
+ {
+ /**
+ * Hash over @e existing_backup.
+ */
+ struct GNUNET_HashCode existing_backup_hash;
+
+ /**
+ * Number of bytes in @e existing_backup.
+ */
+ size_t existing_backup_size;
+
+ /**
+ * The backup on the server, which does not match the
+ * "previous" backup expected by the client and thus
+ * needs to be decrypted, reconciled and re-uploaded.
+ */
+ const void *existing_backup;
+
+ } recovered_backup;
+
+ struct
+ {
+ /**
+ * A taler://pay/-URI with a request to pay the annual fee for
+ * the service. Returned if @e us is #ANASTASIS_US_PAYMENT_REQUIRED.
+ */
+ const char *payment_request;
+
+ /**
+ * The payment secret (aka order ID) extracted from the @e
payment_request.
+ */
+ struct ANASTASIS_PaymentSecretP ps;
+ } payment;
+
+ } details;
+};
+
+
/**
* Callback to process a POST /policy request
*
@@ -393,7 +354,6 @@ struct ANASTASIS_PolicyStoreOperation;
*/
typedef void
(*ANASTASIS_PolicyStoreCallback) (void *cls,
- unsigned int http_status,
const struct ANASTASIS_UploadDetails *up);
@@ -481,7 +441,7 @@ struct ANASTASIS_ChallengeRunOperation *
ANASTASIS_challenge_run (
struct GNUNET_CURL_Context *ctx,
const char *backend_url,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key,
const struct ANASTASIS_CRYPTO_TruthKeyP *truth_key,
const struct ANASTASIS_PaymentSecretP *payment_secret,
ANASTASIS_ChallengeRunCallback cb,
@@ -526,7 +486,7 @@ struct ANASTASIS_KeyShareLookupOperation *
ANASTASIS_keyshare_lookup (
struct GNUNET_CURL_Context *ctx,
const char *backend_url,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key,
const struct ANASTASIS_CRYPTO_TruthKeyP *truth_key,
const struct ANASTASIS_PaymentSecretP *payment_secret,
const struct GNUNET_HashCode *hashed_answer,
@@ -554,14 +514,10 @@ struct ANASTASIS_TruthStoreOperation;
* Callback to process a POST /truth request
*
* @param cls closure
- * @param http_status HTTP status code for this request
- * @param ec anastasis-specific error code
* @param obj the response body
*/
typedef void
(*ANASTASIS_TruthStoreCallback) (void *cls,
- enum TALER_ErrorCode ec,
- unsigned int http_status,
const struct ANASTASIS_UploadDetails *up);
@@ -570,11 +526,15 @@ typedef void
*
* @param ctx the CURL context used to connect to the backend
* @param backend_url backend's base URL, including final "/"
- * @param truth_public_key Identfication of the Truth Upload
+ * @param uuid unique identfication of the Truth Upload
* @param prev_truth_data_hash hash of the previous truth upload, NULL for the
first upload ever
- * @param truth_data contains the data which is stored on the Server in JSON
Format
+ * @param method authorization method
+ * @param encrypted_keyshare key material to return to the client upon
authorization
+ * @param truth_mime mime type of @e encrypted_truth (after decryption)
+ * @param encrypted_truth_size number of bytes in @e encrypted_truth
+ * @param encrypted_truth contains the @a method-specific authorization data
* @param payment_requested true if we want to pay, even if not yet required
- * @param paid_order_id provides order ID of a previous payment for this truth
+ * @param paid_order_id provides order ID of a previous payment for this
truth, or NULL
* @param cb callback processing the response from /truth
* @param cb_cls closure for cb
* @return handle for the operation
@@ -583,10 +543,14 @@ struct ANASTASIS_TruthStoreOperation *
ANASTASIS_truth_store (
struct GNUNET_CURL_Context *ctx,
const char *backend_url,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
- const json_t *truth_data,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *uuid,
+ const char *method,
+ const struct ANASTASIS_CRYPTO_EncryptedKeyShareP *encrypted_keyshare,
+ const char *truth_mime,
+ size_t encrypted_truth_size,
+ const void *encrypted_truth,
bool payment_requested,
- const char *paid_order_id,
+ const struct ANASTASIS_PaymentSecretP *paid_order_id,
ANASTASIS_TruthStoreCallback cb,
void *cb_cls);
@@ -601,7 +565,8 @@ ANASTASIS_truth_store_cancel (
struct ANASTASIS_TruthStoreOperation *tso);
-// FIXME IMPLEMENTATION
+#if 0
+// FIXME: BAD API & MISSING IMPLEMENTATION:
/**
* Defines a Callback for a Escrow Provider Inspection, simply passes back the
terms
@@ -638,6 +603,6 @@ ANASTASIS_escrow_provider_inspect (const char *base_url,
void
ANASTASIS_escrow_provider_inspect_cancel (
struct ANASTASIS_EscrowProviderInspection *epi);
-
+#endif
#endif /* _ANASTASIS_SERVICE_H */
diff --git a/src/include/anastasis_testing_lib.h
b/src/include/anastasis_testing_lib.h
index 45d428c..a68d239 100644
--- a/src/include/anastasis_testing_lib.h
+++ b/src/include/anastasis_testing_lib.h
@@ -170,7 +170,7 @@ ANASTASIS_TESTING_get_trait_truth_public_key (const struct
TALER_TESTING_Command *cmd,
unsigned int index,
const struct
- ANASTASIS_CRYPTO_TruthPublicKeyP
*
+ ANASTASIS_CRYPTO_TruthUUIDP *
*tpk);
/**
@@ -183,7 +183,7 @@ ANASTASIS_TESTING_get_trait_truth_public_key (const struct
struct TALER_TESTING_Trait
ANASTASIS_TESTING_make_trait_truth_public_key (unsigned int index,
const struct
- ANASTASIS_CRYPTO_TruthPublicKeyP
+ ANASTASIS_CRYPTO_TruthUUIDP
*tpk);
/**
* Obtain a code from @a cmd.
@@ -349,13 +349,12 @@ enum ANASTASIS_TESTING_TruthStoreOption
ANASTASIS_TESTING_TSO_NONE = 0,
/**
- * Use random hash for previous upload instead of correct
- * previous hash.
+ * Re-use UUID of previous upload instead of creating a random one.
*/
- ANASTASIS_TESTING_TSO_PREV_HASH_WRONG = 1,
+ ANASTASIS_TESTING_TSO_REFERENCE_UUID = 1,
/**
- * Request payment.
+ * Explicitly request payment.
*/
ANASTASIS_TESTING_TSO_REQUEST_PAYMENT = 2,
diff --git a/src/lib/anastasis_backup.c b/src/lib/anastasis_backup.c
index 4776b3b..750088e 100644
--- a/src/lib/anastasis_backup.c
+++ b/src/lib/anastasis_backup.c
@@ -30,7 +30,7 @@ struct ANASTASIS_Truth
/**
* Identification of the truth.
*/
- struct ANASTASIS_CRYPTO_NonceP nonce;
+ struct ANASTASIS_CRYPTO_TruthUUIDP uuid;
/**
* Keyshare of this truth, used to generate policy keys
@@ -110,29 +110,15 @@ struct ANASTASIS_TruthUpload
* Function called with the result of trying to upload truth.
*
* @param cls our `struct ANASTASIS_TruthUpload`
- * @param ec error code
- * @param http_status HTTP status code (unused)
* @param ud details about the upload result
*/
static void
truth_store_callback (void *cls,
- enum TALER_ErrorCode ec,
- unsigned int http_status,
const struct ANASTASIS_UploadDetails *ud)
{
struct ANASTASIS_TruthUpload *tu = cls;
- (void) http_status;
tu->tso = NULL;
- if (NULL == ud)
- {
- tu->tc (tu->tc_cls,
- ANASTASIS_US_CLIENT_ERROR,
- NULL,
- NULL);
- ANASTASIS_truth_upload_cancel (tu);
- return;
- }
if (ANASTASIS_US_SUCCESS == ud->us)
{
tu->tc (tu->tc_cls,
@@ -163,17 +149,15 @@ ANASTASIS_truth_upload (struct GNUNET_CURL_Context *ctx,
const void *truth_data,
size_t truth_data_size,
bool payment_requested,
- const char *paid_order_id,
+ const struct ANASTASIS_PaymentSecretP *paid_order_id,
ANASTASIS_TruthCallback tc,
void *tc_cls)
{
struct ANASTASIS_TruthUpload *tu;
struct ANASTASIS_Truth *t;
struct ANASTASIS_CRYPTO_EncryptedKeyShareP encrypted_key_share;
- struct ANASTASIS_CRYPTO_TruthPublicKeyP pub_key;
void *encrypted_truth;
size_t encrypted_truth_size;
- json_t *truth;
tu = GNUNET_new (struct ANASTASIS_TruthUpload);
tu->tc = tc;
@@ -194,8 +178,8 @@ ANASTASIS_truth_upload (struct GNUNET_CURL_Context *ctx,
t->salt = *salt;
tu->t = t;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
- &t->nonce,
- sizeof (struct ANASTASIS_CRYPTO_NonceP));
+ &t->uuid,
+ sizeof (struct ANASTASIS_CRYPTO_TruthUUIDP));
ANASTASIS_CRYPTO_keyshare_create (&t->key_share);
ANASTASIS_CRYPTO_keyshare_encrypt (&t->key_share,
&tu->id,
@@ -208,36 +192,19 @@ ANASTASIS_truth_upload (struct GNUNET_CURL_Context *ctx,
truth_data_size,
&encrypted_truth,
&encrypted_truth_size);
- truth = json_pack ("{s:o," /* encrypted KeyShare */
- " s:s," /* method */
- " s:o," /* nonce */
- " s:s}", /* truth_mime */
- "keyshare_data",
- GNUNET_JSON_from_data_auto (&encrypted_key_share),
- "method",
- method,
- "encrypted_truth",
- GNUNET_JSON_from_data (encrypted_truth,
- encrypted_truth_size),
- "truth_mime",
- mime_type);
- GNUNET_free (encrypted_truth);
- if (NULL == truth)
- {
- GNUNET_break (0);
- return NULL;
- }
- ANASTASIS_CRYPTO_truth_public_key_derive (&t->nonce,
- &pub_key);
tu->tso = ANASTASIS_truth_store (tu->ctx,
t->url,
- &pub_key,
- truth,
+ &t->uuid,
+ method,
+ &encrypted_key_share,
+ mime_type,
+ encrypted_truth_size,
+ encrypted_truth,
payment_requested,
paid_order_id,
&truth_store_callback,
tu);
- json_decref (truth);
+ GNUNET_free (encrypted_truth);
if (NULL == tu->tso)
{
GNUNET_break (0);
@@ -277,80 +244,6 @@ ANASTASIS_truth_free (struct ANASTASIS_Truth *t)
}
-json_t *
-ANASTASIS_truth_to_json (const struct ANASTASIS_Truth *t)
-{
- return json_pack ("{s:s, s:o, s:s, s:s, s:s"
- ",s:o, s:o, s:o}",
- "url",
- t->url,
- "nonce",
- GNUNET_JSON_from_data_auto (&t->nonce),
- "method",
- t->method,
- "instructions",
- t->instructions,
- "mime-type",
- t->mime_type,
- "key-share",
- GNUNET_JSON_from_data_auto (&t->key_share),
- "truth-key",
- GNUNET_JSON_from_data_auto (&t->truth_key),
- "salt",
- GNUNET_JSON_from_data_auto (&t->salt));
-}
-
-
-struct ANASTASIS_Truth *
-ANASTASIS_truth_from_json (const json_t *json)
-{
- struct ANASTASIS_Truth *t = GNUNET_new (struct ANASTASIS_Truth);
- const char *url;
- const char *method;
- const char *instructions;
- const char *mime_type;
- struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_string ("url",
- &url),
- GNUNET_JSON_spec_fixed_auto ("nonce",
- &t->nonce),
- GNUNET_JSON_spec_string ("method",
- &method),
- GNUNET_JSON_spec_string ("instructions",
- &instructions),
- GNUNET_JSON_spec_string ("mime-type",
- &mime_type),
- GNUNET_JSON_spec_fixed_auto ("key-share",
- &t->key_share),
- GNUNET_JSON_spec_fixed_auto ("truth-key",
- &t->truth_key),
- GNUNET_JSON_spec_fixed_auto ("salt",
- &t->salt),
- GNUNET_JSON_spec_end ()
- };
- const char *err_name;
- unsigned int err_line;
-
- if (GNUNET_OK !=
- GNUNET_JSON_parse (json,
- spec,
- &err_name,
- &err_line))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "Failed to parse truth in line %u (%s)\n",
- err_line,
- err_name);
- return NULL;
- }
- t->method = GNUNET_strdup (method);
- t->instructions = GNUNET_strdup (instructions);
- t->mime_type = GNUNET_strdup (mime_type);
- t->url = GNUNET_strdup (url);
- return t;
-}
-
-
struct ANASTASIS_Policy
{
/**
@@ -519,13 +412,11 @@ struct ANASTASIS_SecretShare
* Callback to process a POST /policy request
*
* @param cls closure
- * @param http_status HTTP status code for this request
* @param ec anastasis-specific error code
* @param obj the decoded response body
*/
static void
policy_store_cb (void *cls,
- unsigned int http_status,
const struct ANASTASIS_UploadDetails *ud)
{
struct PolicyStoreState *pss = cls;
@@ -549,7 +440,8 @@ policy_store_cb (void *cls,
case ANASTASIS_US_SUCCESS:
break;
case ANASTASIS_US_PAYMENT_REQUIRED:
- pss->payment_request = GNUNET_strdup (ud->details.payment_request);
+ pss->payment_request = GNUNET_strdup (ud->details.payment.payment_request);
+ pss->payment_secret = ud->details.payment.ps;
break;
case ANASTASIS_US_HTTP_ERROR:
case ANASTASIS_US_CLIENT_ERROR:
@@ -558,7 +450,7 @@ policy_store_cb (void *cls,
struct ANASTASIS_ShareResult sr = {
.ss = ANASTASIS_SHARE_STATUS_PROVIDER_FAILED,
.details.provider_failure.provider_url = pss->anastasis_url,
- .details.provider_failure.http_status = http_status,
+ .details.provider_failure.http_status = ud->http_status,
.details.provider_failure.ec = us,
};
@@ -703,15 +595,17 @@ ANASTASIS_secret_share (struct GNUNET_CURL_Context *ctx,
encrypted_master_keys);
}
dec_policies = json_array ();
+ GNUNET_assert (NULL != dec_policies);
for (unsigned int k = 0; k < policies_len; k++)
{
const struct ANASTASIS_Policy *policy = policies[k];
+ json_t *uuids = json_array ();
- json_t *nonces = json_array ();
+ GNUNET_assert (NULL != uuids);
for (unsigned int b = 0; b < policy->truths_length; b++)
- json_array_append (nonces,
+ json_array_append (uuids,
GNUNET_JSON_from_data_auto (
- &policy->truths[b]->nonce));
+ &policy->truths[b]->uuid));
if (0 !=
json_array_append_new (
dec_policies,
@@ -719,8 +613,8 @@ ANASTASIS_secret_share (struct GNUNET_CURL_Context *ctx,
"master_key",
GNUNET_JSON_from_data_auto (
&encrypted_master_keys[k]),
- "nonces",
- nonces,
+ "uuids",
+ uuids,
"salt",
GNUNET_JSON_from_data_auto (&policy->salt))))
{
@@ -747,8 +641,8 @@ ANASTASIS_secret_share (struct GNUNET_CURL_Context *ctx,
const struct ANASTASIS_Policy *p2 = policies[k2];
for (unsigned int l2 = 0; l2 < p2->truths_length; l2++)
if (0 ==
- GNUNET_memcmp (&pt->nonce,
- &p2->truths[l2]->nonce))
+ GNUNET_memcmp (&pt->uuid,
+ &p2->truths[l2]->uuid))
{
unique = false;
break;
@@ -762,15 +656,15 @@ ANASTASIS_secret_share (struct GNUNET_CURL_Context *ctx,
if (0 !=
json_array_append_new (
esc_methods,
- json_pack ("{s:o," /* truth nonce */
+ json_pack ("{s:o," /* truth uuid */
" s:s," /* provider url */
" s:s," /* instructions */
" s:o," /* truth key */
" s:o," /* truth salt */
" s:s}", /* escrow method */
- "nonce",
+ "uuid",
GNUNET_JSON_from_data_auto (
- &pt->nonce),
+ &pt->uuid),
"url",
pt->url,
"instructions",
diff --git a/src/lib/anastasis_recovery.c b/src/lib/anastasis_recovery.c
index 13ed3fc..4decaf3 100644
--- a/src/lib/anastasis_recovery.c
+++ b/src/lib/anastasis_recovery.c
@@ -105,7 +105,7 @@ struct ANASTASIS_Recovery
/**
- * Challenge struct contains the nonce and public key's needed for the
+ * Challenge struct contains the uuid and public key's needed for the
* recovery process and a reference to ANASTASIS_Recovery.
*/
struct ANASTASIS_Challenge
@@ -117,9 +117,9 @@ struct ANASTASIS_Challenge
struct ANASTASIS_ChallengeInformation ci;
/**
- * truth public key which identifies this challenge
+ * UUID which identifies this challenge
*/
- struct ANASTASIS_CRYPTO_TruthPublicKeyP truth_public_key;
+ struct ANASTASIS_CRYPTO_TruthUUIDP uuid;
/**
* Key used to encrypt the truth passed to the server
@@ -227,15 +227,15 @@ keyshare_lookup_cb (void *cls,
struct ANASTASIS_DecryptionPolicy *dps = &recovery->ri.dps[i];
bool missing = false;
- for (unsigned int j = 0; j < dps->nonces_length; j++)
+ for (unsigned int j = 0; j < dps->uuids_length; j++)
{
bool found = false;
for (unsigned int k = 0; k < recovery->solved_challenge_pos; k++)
{
if (0 ==
- GNUNET_memcmp (&dps->nonces[j],
- &recovery->solved_challenges[k].ci.nonce))
+ GNUNET_memcmp (&dps->uuids[j],
+ &recovery->solved_challenges[k].ci.uuid))
{
found = true;
break;
@@ -259,17 +259,17 @@ keyshare_lookup_cb (void *cls,
{
void *core_secret;
size_t core_secret_size;
- struct ANASTASIS_CRYPTO_KeyShareP key_shares[rdps->nonces_length];
+ struct ANASTASIS_CRYPTO_KeyShareP key_shares[rdps->uuids_length];
struct ANASTASIS_CRYPTO_PolicyKeyP policy_key;
- for (unsigned int l = 0; l < rdps->nonces_length; l++)
+ for (unsigned int l = 0; l < rdps->uuids_length; l++)
for (unsigned int m = 0; m < recovery->solved_challenge_pos; m++)
if (0 ==
- GNUNET_memcmp (&rdps->nonces[l],
- &recovery->solved_challenges[m].ci.nonce))
+ GNUNET_memcmp (&rdps->uuids[l],
+ &recovery->solved_challenges[m].ci.uuid))
key_shares[l] = recovery->solved_challenges[m].key_share;
ANASTASIS_CRYPTO_policy_key_derive (key_shares,
- rdps->nonces_length,
+ rdps->uuids_length,
&rdps->salt,
&policy_key);
ANASTASIS_CRYPTO_core_secret_recover (&rdps->emk,
@@ -322,7 +322,7 @@ ANASTASIS_challenge_answer (
&hashed_answer);
c->kslo = ANASTASIS_keyshare_lookup (c->recovery->ctx,
c->ci.url,
- &c->truth_public_key,
+ &c->uuid,
&c->truth_key,
payment_secret,
&hashed_answer,
@@ -412,7 +412,7 @@ ANASTASIS_challenge_start (struct ANASTASIS_Challenge *c,
c->csc_cls = csc_cls;
c->cro = ANASTASIS_challenge_run (c->recovery->ctx,
c->ci.url,
- &c->truth_public_key,
+ &c->uuid,
&c->truth_key,
psp,
&challenge_run_cb,
@@ -614,8 +614,8 @@ policy_lookup_cb (void *cls,
const char *url;
const char *escrow_method;
struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_fixed_auto ("nonce",
- &cs->ci.nonce),
+ GNUNET_JSON_spec_fixed_auto ("uuid",
+ &cs->ci.uuid),
GNUNET_JSON_spec_string ("url",
&url),
GNUNET_JSON_spec_string ("instructions",
@@ -650,16 +650,14 @@ policy_lookup_cb (void *cls,
cs->ci.url = GNUNET_strdup (url);
cs->ci.method = GNUNET_strdup (escrow_method);
cs->ci.instructions = GNUNET_strdup (instructions);
- ANASTASIS_CRYPTO_truth_public_key_derive (&cs->ci.nonce,
- &cs->truth_public_key);
}
json_decref (esc_methods);
for (unsigned int j = 0; j < r->ri.dps_len; j++)
{
struct ANASTASIS_DecryptionPolicy *dp = &r->ri.dps[j];
- json_t *nonces = NULL;
- json_t *nonce;
+ json_t *uuids = NULL;
+ json_t *uuid;
size_t n_index;
struct GNUNET_JSON_Specification spec[] = {
@@ -667,8 +665,8 @@ policy_lookup_cb (void *cls,
&dp->emk),
GNUNET_JSON_spec_fixed_auto ("salt",
&dp->salt),
- GNUNET_JSON_spec_json ("nonces",
- &nonces),
+ GNUNET_JSON_spec_json ("uuids",
+ &uuids),
GNUNET_JSON_spec_end ()
};
@@ -677,10 +675,10 @@ policy_lookup_cb (void *cls,
j),
spec,
NULL, NULL)) ||
- (! json_is_array (nonces)) )
+ (! json_is_array (uuids)) )
{
GNUNET_break_op (0);
- json_decref (nonces);
+ json_decref (uuids);
json_decref (dec_policies);
r->csc (r->csc_cls,
ANASTASIS_RS_POLICY_MALFORMED_JSON,
@@ -690,24 +688,24 @@ policy_lookup_cb (void *cls,
return;
}
- dp->nonces_length = json_array_size (nonces);
- dp->nonces = GNUNET_new_array (dp->nonces_length,
- struct ANASTASIS_CRYPTO_NonceP);
- json_array_foreach (nonces, n_index, nonce)
+ dp->uuids_length = json_array_size (uuids);
+ dp->uuids = GNUNET_new_array (dp->uuids_length,
+ struct ANASTASIS_CRYPTO_TruthUUIDP);
+ json_array_foreach (uuids, n_index, uuid)
{
- const char *nonce_str = json_string_value (nonce);
+ const char *uuid_str = json_string_value (uuid);
- if ( (NULL == nonce_str) ||
+ if ( (NULL == uuid_str) ||
(GNUNET_OK !=
GNUNET_STRINGS_string_to_data (
- nonce_str,
- strlen (nonce_str),
- &dp->nonces[n_index],
- sizeof (struct ANASTASIS_CRYPTO_NonceP))) )
+ uuid_str,
+ strlen (uuid_str),
+ &dp->uuids[n_index],
+ sizeof (struct ANASTASIS_CRYPTO_TruthUUIDP))) )
{
GNUNET_break_op (0);
json_decref (dec_policies);
- json_decref (nonces);
+ json_decref (uuids);
r->csc (r->csc_cls,
ANASTASIS_RS_POLICY_MALFORMED_JSON,
NULL,
@@ -716,7 +714,7 @@ policy_lookup_cb (void *cls,
return;
}
}
- json_decref (nonces);
+ json_decref (uuids);
}
json_decref (dec_policies);
r->pc (r->pc_cls,
diff --git a/src/restclient/anastasis_api_challenge_run.c
b/src/restclient/anastasis_api_challenge_run.c
index 0682bb9..3a79e78 100644
--- a/src/restclient/anastasis_api_challenge_run.c
+++ b/src/restclient/anastasis_api_challenge_run.c
@@ -58,7 +58,7 @@ struct ANASTASIS_ChallengeRunOperation
/**
* Identification of the Truth Object
*/
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key;
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key;
/**
* Key to decrypt the truth on the server
@@ -232,7 +232,7 @@ struct ANASTASIS_ChallengeRunOperation *
ANASTASIS_challenge_run (
struct GNUNET_CURL_Context *ctx,
const char *backend_url,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key,
const struct ANASTASIS_CRYPTO_TruthKeyP *truth_key,
const struct ANASTASIS_PaymentSecretP *payment_secret,
ANASTASIS_ChallengeRunCallback cb,
diff --git a/src/restclient/anastasis_api_keyshare_lookup.c
b/src/restclient/anastasis_api_keyshare_lookup.c
index f7d61e2..fd64f97 100644
--- a/src/restclient/anastasis_api_keyshare_lookup.c
+++ b/src/restclient/anastasis_api_keyshare_lookup.c
@@ -61,7 +61,7 @@ struct ANASTASIS_KeyShareLookupOperation
/**
* Identification of the Truth Object
*/
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key;
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key;
/**
* Key to decrypt the truth on the server
@@ -169,7 +169,7 @@ struct ANASTASIS_KeyShareLookupOperation *
ANASTASIS_keyshare_lookup (
struct GNUNET_CURL_Context *ctx,
const char *backend_url,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key,
const struct ANASTASIS_CRYPTO_TruthKeyP *truth_key,
const struct ANASTASIS_PaymentSecretP *payment_secret,
const struct GNUNET_HashCode *hashed_answer,
diff --git a/src/restclient/anastasis_api_policy_store.c
b/src/restclient/anastasis_api_policy_store.c
index f346ff7..8f1a2a9 100644
--- a/src/restclient/anastasis_api_policy_store.c
+++ b/src/restclient/anastasis_api_policy_store.c
@@ -30,6 +30,8 @@
#include "anastasis_service.h"
#include "anastasis_api_curl_defaults.h"
#include <taler/taler_signatures.h>
+#include <taler/taler_merchant_service.h>
+#include <taler/taler_json_lib.h>
struct ANASTASIS_PolicyStoreOperation
@@ -107,6 +109,8 @@ handle_policy_store_finished (void *cls,
pso->job = NULL;
udp = NULL;
memset (&ud, 0, sizeof (ud));
+ ud.http_status = response_code;
+ ud.ec = TALER_EC_NONE;
switch (response_code)
{
@@ -125,27 +129,58 @@ handle_policy_store_finished (void *cls,
case MHD_HTTP_BAD_REQUEST:
GNUNET_break (0);
ud.us = ANASTASIS_US_CLIENT_ERROR;
+ ud.ec = TALER_JSON_get_error_code2 (data,
+ data_size);
break;
case MHD_HTTP_PAYMENT_REQUIRED:
+ {
+ struct TALER_MERCHANT_PayUriData pd;
+
+ if ( (NULL == pso->pay_uri) ||
+ (GNUNET_OK !=
+ TALER_MERCHANT_parse_pay_uri (pso->pay_uri,
+ &pd)) )
+ {
+ GNUNET_break_op (0);
+ ud.ec = TALER_EC_ANASTASIS_GENERIC_INVALID_PAYMENT_REQUEST;
+ break;
+ }
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (
+ pd.order_id,
+ strlen (pd.order_id),
+ &ud.details.payment.ps,
+ sizeof (ud.details.payment.ps)))
+ {
+ GNUNET_break (0);
+ ud.ec = TALER_EC_ANASTASIS_GENERIC_INVALID_PAYMENT_REQUEST;
+ TALER_MERCHANT_parse_pay_uri_free (&pd);
+ break;
+ }
+ TALER_MERCHANT_parse_pay_uri_free (&pd);
+ }
ud.us = ANASTASIS_US_PAYMENT_REQUIRED;
- ud.details.payment_request = pso->pay_uri;
+ ud.details.payment.payment_request = pso->pay_uri;
udp = &ud;
break;
case MHD_HTTP_LENGTH_REQUIRED:
GNUNET_break (0);
+ ud.ec = TALER_JSON_get_error_code2 (data,
+ data_size);
+ ud.us = ANASTASIS_US_SERVER_ERROR;
break;
case MHD_HTTP_INTERNAL_SERVER_ERROR:
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Internal server error: `%.*s\n",
- (int) data_size,
- (const char *) data);
+ ud.ec = TALER_JSON_get_error_code2 (data,
+ data_size);
+ ud.us = ANASTASIS_US_SERVER_ERROR;
break;
default:
+ ud.ec = TALER_JSON_get_error_code2 (data,
+ data_size);
ud.us = ANASTASIS_US_SERVER_ERROR;
break;
}
pso->cb (pso->cb_cls,
- response_code,
udp);
pso->cb = NULL;
ANASTASIS_policy_store_cancel (pso);
diff --git a/src/restclient/anastasis_api_truth_store.c
b/src/restclient/anastasis_api_truth_store.c
index a51be77..7183930 100644
--- a/src/restclient/anastasis_api_truth_store.c
+++ b/src/restclient/anastasis_api_truth_store.c
@@ -1,6 +1,6 @@
/*
This file is part of Anastasis
- Copyright (C) 2020 Taler Systems SA
+ Copyright (C) 2020, 2021 Taler Systems SA
Anastasis is free software; you can redistribute it and/or modify it under
the
terms of the GNU Lesser General Public License as published by the Free
Software
@@ -27,6 +27,7 @@
#include "anastasis_service.h"
#include "anastasis_api_curl_defaults.h"
#include <taler/taler_json_lib.h>
+#include <taler/taler_merchant_service.h>
struct ANASTASIS_TruthStoreOperation
@@ -99,13 +100,14 @@ handle_truth_store_finished (void *cls,
size_t data_size)
{
struct ANASTASIS_TruthStoreOperation *tso = cls;
- enum TALER_ErrorCode ec = TALER_EC_INVALID;
struct ANASTASIS_UploadDetails ud;
struct ANASTASIS_UploadDetails *udp;
tso->job = NULL;
udp = NULL;
memset (&ud, 0, sizeof (ud));
+ ud.http_status = response_code;
+ ud.ec = TALER_EC_NONE;
switch (response_code)
{
@@ -114,28 +116,51 @@ handle_truth_store_finished (void *cls,
case MHD_HTTP_NO_CONTENT:
ud.us = ANASTASIS_US_SUCCESS;
udp = &ud;
- ec = TALER_EC_NONE;
break;
case MHD_HTTP_NOT_MODIFIED:
ud.us = ANASTASIS_US_SUCCESS;
udp = &ud;
- ec = TALER_EC_NONE;
break;
case MHD_HTTP_BAD_REQUEST:
GNUNET_break (0);
- ec = TALER_JSON_get_error_code2 (data,
- data_size);
+ ud.ec = TALER_JSON_get_error_code2 (data,
+ data_size);
break;
case MHD_HTTP_PAYMENT_REQUIRED:
+ {
+ struct TALER_MERCHANT_PayUriData pd;
+
+ if ( (NULL == tso->pay_uri) ||
+ (GNUNET_OK !=
+ TALER_MERCHANT_parse_pay_uri (tso->pay_uri,
+ &pd)) )
+ {
+ GNUNET_break_op (0);
+ ud.ec = TALER_EC_ANASTASIS_GENERIC_INVALID_PAYMENT_REQUEST;
+ break;
+ }
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (
+ pd.order_id,
+ strlen (pd.order_id),
+ &ud.details.payment.ps,
+ sizeof (ud.details.payment.ps)))
+ {
+ GNUNET_break (0);
+ ud.ec = TALER_EC_ANASTASIS_GENERIC_INVALID_PAYMENT_REQUEST;
+ TALER_MERCHANT_parse_pay_uri_free (&pd);
+ break;
+ }
+ TALER_MERCHANT_parse_pay_uri_free (&pd);
+ }
ud.us = ANASTASIS_US_PAYMENT_REQUIRED;
- ud.details.payment_request = tso->pay_uri;
+ ud.details.payment.payment_request = tso->pay_uri;
udp = &ud;
- ec = TALER_EC_NONE;
break;
case MHD_HTTP_FORBIDDEN:
GNUNET_break (0);
- ec = TALER_JSON_get_error_code2 (data,
- data_size);
+ ud.ec = TALER_JSON_get_error_code2 (data,
+ data_size);
break;
case MHD_HTTP_CONFLICT:
ud.us = ANASTASIS_US_CONFLICTING_TRUTH;
@@ -144,34 +169,28 @@ handle_truth_store_finished (void *cls,
ud.details.recovered_backup.existing_backup
= data;
udp = &ud;
- ec = TALER_EC_NONE;
break;
case MHD_HTTP_GONE:
- ec = TALER_JSON_get_error_code2 (data,
- data_size);
+ ud.ec = TALER_JSON_get_error_code2 (data,
+ data_size);
break;
case MHD_HTTP_LENGTH_REQUIRED:
GNUNET_break (0);
break;
case MHD_HTTP_REQUEST_ENTITY_TOO_LARGE:
- ec = TALER_JSON_get_error_code2 (data,
- data_size);
+ ud.ec = TALER_JSON_get_error_code2 (data,
+ data_size);
break;
case MHD_HTTP_TOO_MANY_REQUESTS:
- ec = TALER_JSON_get_error_code2 (data,
- data_size);
+ ud.ec = TALER_JSON_get_error_code2 (data,
+ data_size);
break;
default:
break;
}
- if (NULL != tso->cb)
- {
- tso->cb (tso->cb_cls,
- ec,
- response_code,
- udp);
- tso->cb = NULL;
- }
+ tso->cb (tso->cb_cls,
+ udp);
+ tso->cb = NULL;
ANASTASIS_truth_store_cancel (tso);
}
@@ -243,10 +262,14 @@ struct ANASTASIS_TruthStoreOperation *
ANASTASIS_truth_store (
struct GNUNET_CURL_Context *ctx,
const char *backend_url,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
- const json_t *truth_data, // FIXME: why json_t?
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *uuid,
+ const char *method,
+ const struct ANASTASIS_CRYPTO_EncryptedKeyShareP *encrypted_keyshare,
+ const char *truth_mime,
+ size_t encrypted_truth_size,
+ const void *encrypted_truth,
bool payment_requested,
- const char *paid_order_id,
+ const struct ANASTASIS_PaymentSecretP *paid_order_id,
ANASTASIS_TruthStoreCallback cb,
void *cb_cls)
{
@@ -257,15 +280,20 @@ ANASTASIS_truth_store (
/* Finished setting up headers */
tso = GNUNET_new (struct ANASTASIS_TruthStoreOperation);
{
- char *pub_key_str;
+ char *uuid_str;
+ char *poi_str;
char *path;
- pub_key_str = GNUNET_STRINGS_data_to_string_alloc (
- truth_public_key,
- sizeof (*truth_public_key));
+ uuid_str = GNUNET_STRINGS_data_to_string_alloc (uuid,
+ sizeof (*uuid));
+ if (NULL != paid_order_id)
+ poi_str = GNUNET_STRINGS_data_to_string_alloc (paid_order_id,
+ sizeof (*paid_order_id));
+ else
+ poi_str = NULL;
GNUNET_asprintf (&path,
"truth/%s",
- pub_key_str);
+ uuid_str);
tso->url =
payment_requested
? TALER_url_join (backend_url,
@@ -275,20 +303,39 @@ ANASTASIS_truth_store (
(NULL != paid_order_id)
? "paying"
: NULL,
- paid_order_id,
+ poi_str,
NULL)
: TALER_url_join (backend_url,
path,
(NULL != paid_order_id)
? "paying"
: NULL,
- paid_order_id,
+ poi_str,
NULL);
GNUNET_free (path);
- GNUNET_free (pub_key_str);
+ GNUNET_free (poi_str);
+ GNUNET_free (uuid_str);
+ }
+ {
+ json_t *truth_data;
+
+ truth_data = json_pack ("{s:o," /* encrypted KeyShare */
+ " s:s," /* method */
+ " s:o," /* nonce */
+ " s:s}", /* truth_mime */
+ "keyshare_data",
+ GNUNET_JSON_from_data_auto (encrypted_keyshare),
+ "method",
+ method,
+ "encrypted_truth",
+ GNUNET_JSON_from_data (encrypted_truth,
+ encrypted_truth_size),
+ "truth_mime",
+ truth_mime);
+ json_str = json_dumps (truth_data,
+ JSON_COMPACT);
+ json_decref (truth_data);
}
- json_str = json_dumps (truth_data,
- JSON_COMPACT);
tso->ctx = ctx;
tso->data = json_str;
tso->cb = cb;
diff --git a/src/stasis/plugin_anastasis_postgres.c
b/src/stasis/plugin_anastasis_postgres.c
index 2dd6a6a..d81b27b 100644
--- a/src/stasis/plugin_anastasis_postgres.c
+++ b/src/stasis/plugin_anastasis_postgres.c
@@ -857,14 +857,14 @@ postgres_record_recdoc_payment (
static enum GNUNET_DB_QueryStatus
postgres_record_challenge_payment (
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
const struct ANASTASIS_PaymentSecretP *payment_secret,
const struct TALER_Amount *amount)
{
struct PostgresClosure *pg = cls;
struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
struct GNUNET_PQ_QueryParam params[] = {
- GNUNET_PQ_query_param_auto_from_type (truth_public_key),
+ GNUNET_PQ_query_param_auto_from_type (truth_uuid),
TALER_PQ_query_param_amount (amount),
GNUNET_PQ_query_param_auto_from_type (payment_secret),
GNUNET_PQ_query_param_absolute_time (&now),
@@ -966,9 +966,8 @@ postgres_check_payment_identifier (
* Upload Truth, which contains the Truth and the KeyShare.
*
* @param cls closure
- * @param truth_public_key the identifier for the Truth
+ * @param truth_uuid the identifier for the Truth
* @param key_share_data contains information of an EncryptedKeyShare
- * @param key_share_data_size size of key_share_data
* @param method name of method
* @param nonce nonce used to compute encryption key for encrypted_truth
* @param aes_gcm_tag authentication tag of encrypted_truth
@@ -980,7 +979,7 @@ postgres_check_payment_identifier (
static enum GNUNET_DB_QueryStatus
postgres_store_truth (
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
const struct ANASTASIS_CRYPTO_EncryptedKeyShareP *key_share_data,
const char *mime_type,
const void *encrypted_truth,
@@ -991,7 +990,7 @@ postgres_store_truth (
struct PostgresClosure *pg = cls;
struct GNUNET_TIME_Absolute expiration = GNUNET_TIME_absolute_get ();
struct GNUNET_PQ_QueryParam params[] = {
- GNUNET_PQ_query_param_auto_from_type (truth_public_key),
+ GNUNET_PQ_query_param_auto_from_type (truth_uuid),
GNUNET_PQ_query_param_auto_from_type (key_share_data),
GNUNET_PQ_query_param_string (method),
GNUNET_PQ_query_param_fixed_size (encrypted_truth,
@@ -1016,7 +1015,7 @@ postgres_store_truth (
* Get the encrypted truth to validate the challenge response
*
* @param cls closure
- * @param truth_public_key the identifier for the Truth
+ * @param truth_uuid the identifier for the Truth
* @param[out] truth contains the encrypted truth
* @param[out] truth_size size of the encrypted truth
* @param[out] truth_mime mime type of truth
@@ -1026,7 +1025,7 @@ postgres_store_truth (
enum GNUNET_DB_QueryStatus
postgres_get_escrow_challenge (
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
void **truth,
size_t *truth_size,
char **truth_mime,
@@ -1034,7 +1033,7 @@ postgres_get_escrow_challenge (
{
struct PostgresClosure *pg = cls;
struct GNUNET_PQ_QueryParam params[] = {
- GNUNET_PQ_query_param_auto_from_type (truth_public_key),
+ GNUNET_PQ_query_param_auto_from_type (truth_uuid),
GNUNET_PQ_query_param_end
};
struct GNUNET_PQ_ResultSpec rs[] = {
@@ -1043,7 +1042,7 @@ postgres_get_escrow_challenge (
truth_size),
GNUNET_PQ_result_spec_string ("truth_mime",
truth_mime),
- GNUNET_PQ_result_spec_string ("method",
+ GNUNET_PQ_result_spec_string ("method_name",
method),
GNUNET_PQ_result_spec_end
};
@@ -1057,30 +1056,27 @@ postgres_get_escrow_challenge (
/**
- * Lookup (encrypted) key share by @a truth_public_key.
+ * Lookup (encrypted) key share by @a truth_uuid.
*
* @param cls closure
- * @param truth_public_key the identifier for the Truth
+ * @param truth_uuid the identifier for the Truth
* @param[out] key_share contains the encrypted Keyshare
- * @param[out] key_share_size size of the Keyshare
* @return transaction status
*/
enum GNUNET_DB_QueryStatus
postgres_get_key_share (
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
- void **key_share,
- size_t *key_share_size)
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
+ struct ANASTASIS_CRYPTO_EncryptedKeyShareP *key_share)
{
struct PostgresClosure *pg = cls;
struct GNUNET_PQ_QueryParam params[] = {
- GNUNET_PQ_query_param_auto_from_type (truth_public_key),
+ GNUNET_PQ_query_param_auto_from_type (truth_uuid),
GNUNET_PQ_query_param_end
};
struct GNUNET_PQ_ResultSpec rs[] = {
- GNUNET_PQ_result_spec_variable_size ("key_share_data",
- key_share,
- key_share_size),
+ GNUNET_PQ_result_spec_auto_from_type ("key_share_data",
+ key_share),
GNUNET_PQ_result_spec_end
};
@@ -1283,7 +1279,7 @@ struct CheckValidityContext
/**
* Truth we are processing.
*/
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_pub;
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_pub;
/**
* Database context.
@@ -1386,7 +1382,7 @@ check_valid_code (void *cls,
enum ANASTASIS_DB_CodeStatus
postgres_verify_challenge_code (
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_pub,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_pub,
const struct GNUNET_HashCode *hashed_code)
{
struct PostgresClosure *pg = cls;
@@ -1425,21 +1421,21 @@ postgres_verify_challenge_code (
* Lookup pending payment for a certain challenge.
*
* @param cls closure
- * @param truth_public_key identification of the challenge
+ * @param truth_uuid identification of the challenge
* @param[out] payment_secret set to the challenge payment secret
* @return transaction status
*/
enum GNUNET_DB_QueryStatus
postgres_lookup_challenge_payment (
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
struct ANASTASIS_PaymentSecretP *payment_secret)
{
struct PostgresClosure *pg = cls;
struct GNUNET_TIME_Absolute timestamp;
struct TALER_Amount amount;
struct GNUNET_PQ_QueryParam params[] = {
- GNUNET_PQ_query_param_auto_from_type (truth_public_key),
+ GNUNET_PQ_query_param_auto_from_type (truth_uuid),
GNUNET_PQ_query_param_end
};
struct GNUNET_PQ_ResultSpec rs[] = {
@@ -1464,20 +1460,20 @@ postgres_lookup_challenge_payment (
* Update payment status of challenge
*
* @param cls closure
- * @param truth_public_key which challenge received a payment
+ * @param truth_uuid which challenge received a payment
* @param payment_identifier proof of payment, must be unique and match
pending payment
* @return transaction status
*/
enum GNUNET_DB_QueryStatus
postgres_update_challenge_payment (
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
const struct ANASTASIS_PaymentSecretP *payment_identifier)
{
struct PostgresClosure *pg = cls;
struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (payment_identifier),
- GNUNET_PQ_query_param_auto_from_type (truth_public_key),
+ GNUNET_PQ_query_param_auto_from_type (truth_uuid),
GNUNET_PQ_query_param_end
};
@@ -1494,7 +1490,7 @@ postgres_update_challenge_payment (
* for this challenge present and won't insert a new one in this case.
*
* @param cls closure
- * @param truth_public_key the identifier for the challenge
+ * @param truth_uuid the identifier for the challenge
* @param rotation_period for how long is the code available
* @param validity_period for how long is the code available
* @param retry_counter amount of retries allowed
@@ -1505,7 +1501,7 @@ postgres_update_challenge_payment (
enum GNUNET_DB_QueryStatus
postgres_create_challenge_code (
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
struct GNUNET_TIME_Relative rotation_period,
struct GNUNET_TIME_Relative validity_period,
unsigned int retry_counter,
@@ -1536,7 +1532,7 @@ postgres_create_challenge_code (
{
struct GNUNET_PQ_QueryParam params[] = {
- GNUNET_PQ_query_param_auto_from_type (truth_public_key),
+ GNUNET_PQ_query_param_auto_from_type (truth_uuid),
TALER_PQ_query_param_absolute_time (&now),
TALER_PQ_query_param_absolute_time (&ex_rot),
GNUNET_PQ_query_param_end
@@ -1575,7 +1571,7 @@ postgres_create_challenge_code (
*retransmission_date = GNUNET_TIME_UNIT_ZERO_ABS;
{
struct GNUNET_PQ_QueryParam params[] = {
- GNUNET_PQ_query_param_auto_from_type (truth_public_key),
+ GNUNET_PQ_query_param_auto_from_type (truth_uuid),
GNUNET_PQ_query_param_uint64 (code),
TALER_PQ_query_param_absolute_time (&now),
TALER_PQ_query_param_absolute_time (&expiration_date),
@@ -1618,19 +1614,19 @@ retry:
* Remember in the database that we successfully sent a challenge.
*
* @param cls closure
- * @param truth_public_key the identifier for the challenge
+ * @param truth_uuid the identifier for the challenge
* @param code the challenge that was sent
*/
static enum GNUNET_DB_QueryStatus
postgres_mark_challenge_sent (
void *cls,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key,
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
uint64_t code)
{
struct PostgresClosure *pg = cls;
struct GNUNET_TIME_Absolute now;
struct GNUNET_PQ_QueryParam params[] = {
- GNUNET_PQ_query_param_auto_from_type (truth_public_key),
+ GNUNET_PQ_query_param_auto_from_type (truth_uuid),
GNUNET_PQ_query_param_uint64 (&code),
TALER_PQ_query_param_absolute_time (&now),
GNUNET_PQ_query_param_end
@@ -1718,7 +1714,7 @@ libanastasis_plugin_db_postgres_init (void *cls)
6),
GNUNET_PQ_make_prepare ("challenge_payment_insert",
"INSERT INTO anastasis_challenge_payment "
- "(truth_public_key"
+ "(truth_uuid"
",amount_val"
",amount_frac"
",payment_identifier"
@@ -1744,7 +1740,7 @@ libanastasis_plugin_db_postgres_init (void *cls)
"WHERE"
" payment_identifier=$1"
" AND"
- " truth_public_key=$2"
+ " truth_uuid=$2"
" AND"
" paid=FALSE;",
2),
@@ -1777,7 +1773,7 @@ libanastasis_plugin_db_postgres_init (void *cls)
" WHERE"
" paid=FALSE"
" AND"
- " truth_public_key=$1;",
+ " truth_uuid=$1;",
1),
GNUNET_PQ_make_prepare ("recdoc_payments_select",
"SELECT"
@@ -1821,9 +1817,9 @@ libanastasis_plugin_db_postgres_init (void *cls)
1),
GNUNET_PQ_make_prepare ("truth_insert",
"INSERT INTO anastasis_truth "
- "(truth_public_key"
+ "(truth_uuid"
",key_share_data"
- ",method"
+ ",method_name"
",encrypted_truth"
",truth_mime"
",expiration"
@@ -1842,14 +1838,14 @@ libanastasis_plugin_db_postgres_init (void *cls)
5),
GNUNET_PQ_make_prepare ("truth_select",
"SELECT "
- "truth_public_key"
+ "truth_uuid"
",key_share_data"
- ",method"
+ ",method_name"
",encrypted_truth"
",truth_mime"
",expiration"
" FROM anastasis_truth"
- " WHERE truth_public_key =$1;",
+ " WHERE truth_uuid =$1;",
1),
GNUNET_PQ_make_prepare ("latest_recoverydocument_select",
"SELECT "
@@ -1900,11 +1896,11 @@ libanastasis_plugin_db_postgres_init (void *cls)
"key_share_data "
"FROM "
"anastasis_truth "
- "WHERE truth_public_key =$1;",
+ "WHERE truth_uuid =$1;",
1),
GNUNET_PQ_make_prepare ("challengecode_insert",
"INSERT INTO anastasis_challengecode "
- "(truth_public_key"
+ "(truth_uuid"
",code"
",creation_date"
",expiration_date"
@@ -1916,7 +1912,7 @@ libanastasis_plugin_db_postgres_init (void *cls)
"SELECT "
" code "
" FROM anastasis_challengecode"
- " WHERE truth_public_key=$1"
+ " WHERE truth_uuid=$1"
" AND expiration_date > $2"
" AND retry_counter > 0;",
2),
@@ -1925,7 +1921,7 @@ libanastasis_plugin_db_postgres_init (void *cls)
" code"
",retransmission_date"
" FROM anastasis_challengecode"
- " WHERE truth_public_key=$1"
+ " WHERE truth_uuid=$1"
" AND expiration_date > $2"
" AND creation_date > $3"
" AND retry_counter > 0"
@@ -1935,19 +1931,19 @@ libanastasis_plugin_db_postgres_init (void *cls)
GNUNET_PQ_make_prepare ("challengecode_update_retry",
"UPDATE anastasis_challengecode"
" SET retry_counter=retry_counter - 1"
- " WHERE truth_public_key=$1"
+ " WHERE truth_uuid=$1"
" AND code=$2"
" AND retry_counter > 0;",
1),
GNUNET_PQ_make_prepare ("challengecode_mark_sent",
"UPDATE anastasis_challengecode"
" SET retransmission_date=$3"
- " WHERE truth_public_key=$1"
+ " WHERE truth_uuid=$1"
" AND code=$2"
" AND creation_date IN"
" (SELECT creation_date"
" FROM anastasis_challengecode"
- " WHERE truth_public_key=$1"
+ " WHERE truth_uuid=$1"
" AND code=$2"
" ORDER BY creation_date DESC"
" LIMIT 1);",
diff --git a/src/stasis/stasis-0001.sql b/src/stasis/stasis-0001.sql
index 2f66fd0..5dd278e 100644
--- a/src/stasis/stasis-0001.sql
+++ b/src/stasis/stasis-0001.sql
@@ -27,19 +27,19 @@ SELECT _v.register_patch('stasis-0001', NULL, NULL);
CREATE TABLE IF NOT EXISTS anastasis_truth
- (truth_public_key BYTEA PRIMARY KEY NOT NULL,
- key_share_data BYTEA NOT NULL,
- method VARCHAR NOT NULL,
+ (truth_uuid BYTEA PRIMARY KEY CHECK(LENGTH(truth_uuid)=32),
+ key_share_data BYTEA CHECK(LENGTH(key_share_data)=80) NOT NULL,
+ method_name VARCHAR NOT NULL,
encrypted_truth BYTEA NOT NULL,
truth_mime VARCHAR NOT NULL,
- expiration TIMESTAMP NOT NULL);
+ expiration INT8 NOT NULL);
COMMENT ON TABLE anastasis_truth
IS 'Truth data is needed to authenticate clients during recovery';
-COMMENT ON COLUMN anastasis_truth.truth_public_key
- IS 'The truth public key identifies this truth record';
+COMMENT ON COLUMN anastasis_truth.truth_uuid
+ IS 'The truth UUID uniquely identifies this truth record';
COMMENT ON COLUMN anastasis_truth.key_share_data
- IS 'Stores the encrypted key share used to recover the key';
-COMMENT ON COLUMN anastasis_truth.method
+ IS 'Stores the encrypted key share used to recover the key (nonce, tag and
keyshare)';
+COMMENT ON COLUMN anastasis_truth.method_name
IS 'Defines the authentication method (SMS, E-Mail, Question..)';
COMMENT ON COLUMN anastasis_truth.encrypted_truth
IS 'Stores the encrypted authentication data';
@@ -50,7 +50,7 @@ COMMENT ON COLUMN anastasis_truth.expiration
CREATE TABLE IF NOT EXISTS anastasis_user
(user_id BYTEA PRIMARY KEY CHECK(LENGTH(user_id)=32),
- expiration_date TIMESTAMP NOT NULL);
+ expiration_date INT8 NOT NULL);
COMMENT ON TABLE anastasis_user
IS 'Saves a user which is using Anastasis';
COMMENT ON COLUMN anastasis_user.user_id
@@ -65,7 +65,7 @@ CREATE TABLE IF NOT EXISTS anastasis_recdoc_payment
amount_val INT8 NOT NULL,
amount_frac INT4 NOT NULL,
payment_identifier BYTEA NOT NULL CHECK(LENGTH(payment_identifier)=32),
- creation_date TIMESTAMP NOT NULL DEFAULT NOW(),
+ creation_date INT8 NOT NULL,
paid BOOLEAN NOT NULL DEFAULT FALSE);
COMMENT ON TABLE anastasis_recdoc_payment
IS 'Records a payment for a recovery document';
@@ -88,18 +88,18 @@ COMMENT ON COLUMN anastasis_recdoc_payment.paid
CREATE TABLE IF NOT EXISTS anastasis_challenge_payment
(payment_id BIGSERIAL PRIMARY KEY,
- truth_public_key BYTEA NOT NULL,
+ truth_uuid BYTEA CHECK(LENGTH(truth_uuid)=32) NOT NULL,
amount_val INT8 NOT NULL,
amount_frac INT4 NOT NULL,
payment_identifier BYTEA NOT NULL CHECK(LENGTH(payment_identifier)=32),
- creation_date TIMESTAMP NOT NULL DEFAULT NOW(),
+ creation_date INT8 NOT NULL,
paid BOOLEAN NOT NULL DEFAULT FALSE
);
COMMENT ON TABLE anastasis_recdoc_payment
IS 'Records a payment for a challenge';
COMMENT ON COLUMN anastasis_challenge_payment.payment_id
IS 'Serial number which identifies the payment';
-COMMENT ON COLUMN anastasis_challenge_payment.truth_public_key
+COMMENT ON COLUMN anastasis_challenge_payment.truth_uuid
IS 'Link to the corresponding challenge which is paid';
COMMENT ON COLUMN anastasis_challenge_payment.amount_val
IS 'Amount we were paid';
@@ -133,7 +133,7 @@ COMMENT ON COLUMN anastasis_recoverydocument.recovery_data
IS 'Contains the encrypted policy and core secret';
CREATE TABLE IF NOT EXISTS anastasis_challengecode
- (truth_public_key BYTEA NOT NULL,
+ (truth_uuid BYTEA PRIMARY KEY CHECK(LENGTH(truth_uuid)=32) NOT NULL,
code INT8 NOT NULL,
creation_date INT8 NOT NULL,
expiration_date INT8 NOT NULL,
@@ -141,7 +141,7 @@ CREATE TABLE IF NOT EXISTS anastasis_challengecode
retry_counter INT4 NOT NULL);
COMMENT ON TABLE anastasis_challengecode
IS 'Stores a code which is checked for the authentication by SMS, E-Mail..';
-COMMENT ON COLUMN anastasis_challengecode.truth_public_key
+COMMENT ON COLUMN anastasis_challengecode.truth_uuid
IS 'Link to the corresponding challenge which is solved';
COMMENT ON COLUMN anastasis_challengecode.code
IS 'The pin code which is sent to the user and verified';
diff --git a/src/stasis/test_anastasis_db.c b/src/stasis/test_anastasis_db.c
index 7ab6bb6..186c507 100644
--- a/src/stasis/test_anastasis_db.c
+++ b/src/stasis/test_anastasis_db.c
@@ -65,8 +65,7 @@ run (void *cls)
struct GNUNET_HashCode res_recovery_data_hash;
struct GNUNET_HashCode r;
struct GNUNET_TIME_Relative rel_time;
- struct ANASTASIS_CRYPTO_TruthPublicKeyP truth_public_key;
- struct ANASTASIS_CRYPTO_NonceP truth_nonce;
+ struct ANASTASIS_CRYPTO_TruthUUIDP truth_uuid;
struct ANASTASIS_CRYPTO_EncryptedKeyShareP key_share;
unsigned int post_counter;
char *mime_type;
@@ -74,9 +73,8 @@ run (void *cls)
uint32_t docVersion;
uint32_t res_version;
size_t recoverydatasize;
- size_t keysharesize;
void *res_recovery_data = NULL;
- void *res_key_share = NULL;
+ struct ANASTASIS_CRYPTO_EncryptedKeyShareP res_key_share;
bool paid;
bool valid_counter;
uint32_t recversion = 1;
@@ -119,10 +117,8 @@ run (void *cls)
TALER_string_to_amount ("EUR:30",&amount);
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
- &truth_nonce,
- sizeof (struct ANASTASIS_CRYPTO_NonceP));
- ANASTASIS_CRYPTO_truth_public_key_derive (&truth_nonce,
- &truth_public_key);
+ &truth_uuid,
+ sizeof (truth_uuid));
rel_time = GNUNET_TIME_UNIT_MONTHS;
GNUNET_assert (GNUNET_OK ==
@@ -132,7 +128,7 @@ run (void *cls)
memset (&key_share, 1, sizeof (key_share));
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->store_truth (plugin->cls,
- &truth_public_key,
+ &truth_uuid,
&key_share,
mime_type,
"encrypted_truth",
@@ -170,12 +166,12 @@ run (void *cls)
&paid));
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->record_challenge_payment (plugin->cls,
- &truth_public_key,
+ &truth_uuid,
&paymentSecretP,
&amount));
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->update_challenge_payment (plugin->cls,
- &truth_public_key,
+ &truth_uuid,
&paymentSecretP));
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->check_challenge_payment (plugin->cls,
@@ -202,13 +198,11 @@ run (void *cls)
}
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->get_key_share (plugin->cls,
- &truth_public_key,
- &res_key_share,
- &keysharesize));
- FAILIF (0 != memcmp (res_key_share,
- &key_share,
- sizeof (key_share)));
- GNUNET_free (res_key_share);
+ &truth_uuid,
+ &res_key_share));
+ FAILIF (0 !=
+ GNUNET_memcmp (&res_key_share,
+ &key_share));
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->get_recovery_document (plugin->cls,
@@ -241,7 +235,7 @@ run (void *cls)
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->create_challenge_code (plugin->cls,
- &truth_public_key,
+ &truth_uuid,
GNUNET_TIME_UNIT_HOURS,
GNUNET_TIME_UNIT_DAYS,
3, /* retry counter */
@@ -255,7 +249,7 @@ run (void *cls)
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->create_challenge_code (plugin->cls,
- &truth_public_key,
+ &truth_uuid,
GNUNET_TIME_UNIT_HOURS,
GNUNET_TIME_UNIT_DAYS,
3, /* retry counter */
@@ -267,14 +261,14 @@ run (void *cls)
&c_hash);
FAILIF (ANASTASIS_DB_CODE_STATUS_CHALLENGE_CODE_MISMATCH !=
plugin->verify_challenge_code (plugin->cls,
- &truth_public_key,
+ &truth_uuid,
&c_hash));
ANASTASIS_hash_answer (challenge_code,
&c_hash);
FAILIF (ANASTASIS_DB_CODE_STATUS_VALID_CODE_STORED !=
plugin->verify_challenge_code (plugin->cls,
- &truth_public_key,
+ &truth_uuid,
&c_hash));
if (-1 == result)
diff --git a/src/testing/testing_api_cmd_challenge_run.c
b/src/testing/testing_api_cmd_challenge_run.c
index a9fcf7b..8e8f15d 100644
--- a/src/testing/testing_api_cmd_challenge_run.c
+++ b/src/testing/testing_api_cmd_challenge_run.c
@@ -80,7 +80,7 @@ struct ChallengeRunState
/**
* Identification of the Truth Object
*/
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key;
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key;
/**
* Reference to upload command we expect to lookup.
diff --git a/src/testing/testing_api_cmd_keyshare_lookup.c
b/src/testing/testing_api_cmd_keyshare_lookup.c
index 49f5a61..26f51fd 100644
--- a/src/testing/testing_api_cmd_keyshare_lookup.c
+++ b/src/testing/testing_api_cmd_keyshare_lookup.c
@@ -65,7 +65,7 @@ struct KeyShareLookupState
/**
* Identification of the Truth Object
*/
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *truth_public_key;
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_public_key;
/**
* Reference to upload command we expect to lookup.
diff --git a/src/testing/testing_api_cmd_truth_store.c
b/src/testing/testing_api_cmd_truth_store.c
index 64318a1..6656614 100644
--- a/src/testing/testing_api_cmd_truth_store.c
+++ b/src/testing/testing_api_cmd_truth_store.c
@@ -31,35 +31,25 @@
struct TruthStoreState
{
/**
- * The policy data.
+ * UUID of the uploaded truth
*/
- json_t *truth_data;
+ struct ANASTASIS_CRYPTO_TruthUUID uuid;
/**
- * Expected status code.
- */
- unsigned int http_status;
-
- /**
- *TruthPublicKey of truth
+ * Key used to encrypt the @e truth_data on the server.
*/
- struct ANASTASIS_CRYPTO_TruthPublicKeyP truth_public_key;
+ struct ANASTASIS_CRYPTO_TruthKeyP;
/**
- * Hash of the current upload.
+ * "Encrypted" key share data we store at the server.
*/
- struct GNUNET_HashCode curr_hash;
+ struct ANASTASIS_CRYPTO_EncryptedKeyShareP encrypted_keyshare;
/**
* The /truth POST operation handle.
*/
struct ANASTASIS_TruthStoreOperation *tso;
- /**
- * The nonce.
- */
- struct GNUNET_CRYPTO_EddsaPublicKey pub;
-
/**
* URL of the anastasis backend.
*/
@@ -77,20 +67,44 @@ struct TruthStoreState
const char *prev_upload;
/**
- * Last upload, or NULL for none, usually same as @e prev_upload.
- * Used to check the response on #MHD_HTTP_CONFLICT.
+ * Authorization method / plugin name.
+ */
+ const char *method;
+
+ /**
+ * Mimetype of @e truth_data.
+ */
+ const char *mime_type;
+
+ /**
+ * Number of bytes in @e truth_data
+ */
+ size_t truth_data_size;
+
+ /**
+ * Data used by the authorization process.
+ */
+ void *truth_data;
+
+ /**
+ * Expected status code.
*/
- const char *last_upload;
+ unsigned int http_status;
/**
- * Payment order ID we got back, if any. Otherwise NULL.
+ * Payment request we got back, or NULL.
*/
- char *payment_order_id;
+ char *pay_uri;
/**
- * Payment order ID we are to provide in the request, may be NULL.
+ * Payment order ID we got back, or all zeros.
*/
- const char *payment_order_req;
+ struct ANASTASIS_PaymentSecretP payment_secret_response;
+
+ /**
+ * Payment order ID we are to provide in the request, or all zeros.
+ */
+ struct ANASTASIS_PaymentSecretP payment_secret_request;
/**
* Options for how we are supposed to do the upload.
@@ -113,6 +127,7 @@ truth_store_cb (void *cls,
const struct ANASTASIS_UploadDetails *ud)
{
struct TruthStoreState *tss = cls;
+
tss->tso = NULL;
if (http_status != tss->http_status)
{
@@ -135,28 +150,28 @@ truth_store_cb (void *cls,
{
struct TALER_MERCHANT_PayUriData pd;
+ tss->pay_uri = GNUNET_strdup (ud->details.payment_request);
if (GNUNET_OK !=
TALER_MERCHANT_parse_pay_uri (ud->details.payment_request,
&pd))
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "Did not find `%s' in `%s'\n",
- "/-/-/",
- ud->details.payment_request);
+ GNUNET_break (0);
TALER_TESTING_interpreter_fail (tss->is);
+ return;
+ }
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (
+ pd.order_id,
+ strlen (pd.order_id),
+ &tss->payment_secret_response,
+ sizeof (tss->payment_secret_response)))
+ {
GNUNET_break (0);
+ TALER_MERCHANT_parse_pay_uri_free (&pd);
+ TALER_TESTING_interpreter_fail (tss->is);
return;
}
- tss->payment_order_id = GNUNET_strdup (pd.order_id);
TALER_MERCHANT_parse_pay_uri_free (&pd);
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "At %s:%d Order ID from Anastasis service is %s\n",
- __FILE__, __LINE__,
- tss->payment_order_id);
-
- memset (&tss->curr_hash,
- 0,
- sizeof (struct GNUNET_HashCode));
}
break;
case ANASTASIS_US_CONFLICTING_TRUTH:
@@ -200,69 +215,101 @@ truth_store_run (void *cls,
struct TALER_TESTING_Interpreter *is)
{
struct TruthStoreState *tss = cls;
- tss->is = is;
+ tss->is = is;
if (NULL != tss->prev_upload)
{
const struct TALER_TESTING_Command *ref;
- ref = TALER_TESTING_interpreter_lookup_command
- (is,
- tss->prev_upload);
+ ref = TALER_TESTING_interpreter_lookup_command (is,
+ tss->prev_upload);
if (NULL == ref)
{
GNUNET_break (0);
TALER_TESTING_interpreter_fail (tss->is);
return;
}
+
if (0 != (ANASTASIS_TESTING_TSO_REFERENCE_ORDER_ID & tss->tsopt))
{
+ const struct ANASTASIS_PaymentSecretP *ps_req;
+
+ if (GNUNET_OK !=
+ TALER_TESTING_get_trait_payment_secret (ref,
+ 0,
+ &ps_req))
{
- const char *order_id;
+ GNUNET_break (0);
+ TALER_TESTING_interpreter_fail (tss->is);
+ return;
+ }
+ tss->payment_secret_request = *ps_req;
+ }
- if (GNUNET_OK !=
- TALER_TESTING_get_trait_order_id (ref,
- 0,
- &order_id))
- {
- GNUNET_break (0);
- TALER_TESTING_interpreter_fail (tss->is);
- return;
- }
- tss->payment_order_req = order_id;
- if (NULL == tss->payment_order_req)
- {
- GNUNET_break (0);
- TALER_TESTING_interpreter_fail (tss->is);
- return;
- }
+ if (0 != (ANASTASIS_TESTING_TSO_REFERENCE_UUID & tss->tsopt))
+ {
+ struct ANASTASIS_CRYPTO_TruthUUID *uuid;
+ struct ANASTASIS_CRYPTO_EncryptedKeyShareP *eks;
+
+ if (GNUNET_OK !=
+ TALER_TESTING_get_trait_uuid (ref,
+ 0,
+ &uuid))
+ {
+ GNUNET_break (0);
+ TALER_TESTING_interpreter_fail (tss->is);
+ return;
}
+ tss->uuid = *uuid;
+ if (GNUNET_OK !=
+ TALER_TESTING_get_trait_encrypted_key_share (ref,
+ 0,
+ &eks))
+ {
+ GNUNET_break (0);
+ TALER_TESTING_interpreter_fail (tss->is);
+ return;
+ }
+ tss->encrypted_keyshare = *eks;
}
}
+ else
{
-
- // Create a truth public key
- struct ANASTASIS_CRYPTO_NonceP nonce;
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
- &nonce,
- sizeof (struct ANASTASIS_CRYPTO_NonceP));
- ANASTASIS_CRYPTO_truth_public_key_derive (&nonce,
- &tss->truth_public_key);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "public key stored in tss: %s\n",
- TALER_B2S (&tss->truth_public_key));
+ &tss->truth_uuid,
+ sizeof (struct ANASTASIS_CRYPTO_TruthUUID));
+ GNUNET_CRYPTO_random_block (
+ GNUNET_CRYPTO_QUALITY_WEAK,
+ &tss->encrypted_keyshare,
+ sizeof (struct ANASTASIS_CRYPTO_EncryptedKeyShareP));
}
- tss->tso = ANASTASIS_truth_store (is->ctx,
- tss->anastasis_url,
- &tss->truth_public_key,
+ {
+ void *encrypted_truth;
+ size_t size_encrypted_truth;
+
+ ANASTASIS_CRYPTO_truth_encrypt (&key,
tss->truth_data,
- (0 !=
- (ANASTASIS_TESTING_TSO_REQUEST_PAYMENT
- & tss->tsopt)),
- tss->payment_order_req,
- &truth_store_cb,
- tss);
+ tss->truth_data_size,
+ &encrypted_truth,
+ &size_encrypted_truth);
+ tss->tso = ANASTASIS_truth_store (
+ is->ctx,
+ tss->anastasis_url,
+ &tss->truth_public_key,
+ tss->method,
+ &tss->keyshare_data,
+ tss->truth_mime,
+ size_encrypted_truth,
+ encrypted_truth,
+ (0 != (ANASTASIS_TESTING_TSO_REQUEST_PAYMENT & tss->tsopt)),
+ (0 != (ANASTASIS_TESTING_TSO_REFERENCE_ORDER_ID & tss->tsopt))
+ ? &tss->payment_secret_request
+ : NULL,
+ &truth_store_cb,
+ tss);
+ GNUNET_free (encrypted_truth);
+ }
if (NULL == tss->tso)
{
GNUNET_break (0);
@@ -293,10 +340,8 @@ truth_store_cleanup (void *cls,
ANASTASIS_truth_store_cancel (tss->tso);
tss->tso = NULL;
}
- if (NULL != tss->payment_order_id)
- {
- GNUNET_free (tss->payment_order_id);
- }
+ GNUNET_free (tss->truth_data);
+ GNUNET_free (tss->pay_uri);
GNUNET_free (tss);
}
@@ -305,8 +350,8 @@ truth_store_cleanup (void *cls,
* Offer internal data to other commands.
*
* @param cls closure
- * @param ret[out] result (could be anything)
- * @param trait name of the trait
+ * @param[out] ret result (could be anything)
+ * @param[out] trait name of the trait
* @param index index number of the object to extract.
* @return #GNUNET_OK on success
*/
@@ -318,12 +363,14 @@ truth_store_traits (void *cls,
{
struct TruthStoreState *tss = cls;
struct TALER_TESTING_Trait traits[] = {
- ANASTASIS_TESTING_make_trait_hash (ANASTASIS_TESTING_TRAIT_HASH_CURRENT,
- &tss->curr_hash),
- ANASTASIS_TESTING_make_trait_truth_public_key (0,
- &tss->truth_public_key),
- TALER_TESTING_make_trait_order_id (0,
- tss->payment_order_id),
+ ANASTASIS_TESTING_make_trait_truth_uuid (0,
+ &tss->uuid),
+ ANASTASIS_TESTING_make_trait_encrypted_key_share (0,
+
&tss->encrypted_keyshare),
+ ANASTASIS_TESTING_make_trait_payment_secret (0,
+
&tss->payment_secret_response),
+ TALER_TESTING_make_trait_url (TALER_TESTING_PT_TALER_URL,
+ &tss->pay_uri),
TALER_TESTING_trait_end ()
};
@@ -334,109 +381,17 @@ truth_store_traits (void *cls,
}
-/**
- * Creates a truth key.
- *
- * @param key_str a str you want to be a truth key
- * @return truthkey (must be freed)
- */
-struct ANASTASIS_CRYPTO_TruthKeyP
-ANASTASIS_TESTING_make_truthkey (const char *key_str)
-{
- struct ANASTASIS_CRYPTO_TruthKeyP key;
-
- GNUNET_CRYPTO_hash (key_str,
- strlen (key_str),
- &key.key);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "TruthKey created: %s\n",
- TALER_B2S (&key));
- return key;
-}
-
-
-/**
- * Creates a sample of truth.
- *
- * @param method the challenge method
- * @param mime_type mime type of the truth
- * @param answer the hashed answer (part of truth) to a challenge
- * @param key the key to encrypt the truth
- * @return truth in json format
- */
-json_t *
-ANASTASIS_TESTING_make_truth_example (
+struct TALER_TESTING_Command
+ANASTASIS_TESTING_cmd_truth_store (
+ const char *label,
+ const char *anastasis_url,
+ const char *prev_upload,
const char *method,
const char *mime_type,
- const struct GNUNET_HashCode answer, // FIXME: use pointer...
- const struct ANASTASIS_CRYPTO_TruthKeyP key) // FIXME: use pointer...
-{
- json_t *truth_data;
- struct ANASTASIS_CRYPTO_EncryptedKeyShareP keyshare_data;
- void *encrypted_truth;
- size_t size_encrypted_truth;
-
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d Hashed answer is %s-%llu b\n", __FILE__, __LINE__,
- TALER_B2S (&answer),
- (unsigned long long) sizeof (answer));
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d TruthKey is %s-%llu b\n", __FILE__, __LINE__,
- TALER_B2S (&key),
- (unsigned long long) sizeof (key));
-
- GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
- &keyshare_data,
- sizeof (struct
- ANASTASIS_CRYPTO_EncryptedKeyShareP));
- ANASTASIS_CRYPTO_truth_encrypt (&key,
- &answer,
- sizeof (answer),
- &encrypted_truth,
- &size_encrypted_truth);
- GNUNET_assert (NULL != encrypted_truth);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "At %s:%d encrypted_truth is %s-%llu b\n", __FILE__, __LINE__,
- TALER_b2s (encrypted_truth, size_encrypted_truth),
- (unsigned long long) size_encrypted_truth);
-
- truth_data = json_pack ("{s:o," /* keyshare_data */
- " s:s," /* method */
- " s:o," /* encrypted_truth */
- " s:s}", /* truth_mime */
- "keyshare_data", GNUNET_JSON_from_data_auto (
- &keyshare_data),
- "method", method,
- "encrypted_truth", GNUNET_JSON_from_data (
- encrypted_truth,
- size_encrypted_truth),
- "truth_mime", mime_type
- );
- GNUNET_assert (NULL != truth_data);
- GNUNET_free (encrypted_truth);
- return truth_data;
-}
-
-
-/**
- * Make the "truth store" command.
- *
- * @param label command label
- * @param anastasis_url base URL of the anastasis serving
- * the truth store request.
- * @param http_status expected HTTP status.
- * @param tso truth store options
- * @param truth_data recovery data to post /truth
- * @return the command
- */
-struct TALER_TESTING_Command
-ANASTASIS_TESTING_cmd_truth_store (const char *label,
- const char *anastasis_url,
- const char *prev_upload,
- unsigned int http_status,
- enum
- ANASTASIS_TESTING_TruthStoreOption tso,
- json_t *truth_data)
+ size_t truth_data_size,
+ const void *truth_data,
+ unsigned int http_status,
+ enum ANASTASIS_TESTING_TruthStoreOption tso)
{
struct TruthStoreState *tss;
@@ -446,14 +401,20 @@ ANASTASIS_TESTING_cmd_truth_store (const char *label,
tss->tsopt = tso;
tss->anastasis_url = anastasis_url;
tss->prev_upload = prev_upload;
-
- struct TALER_TESTING_Command cmd = {
- .cls = tss,
- .label = label,
- .run = &truth_store_run,
- .cleanup = &truth_store_cleanup,
- .traits = &truth_store_traits
- };
-
- return cmd;
+ tss->method = method;
+ tss->mime_type = mime_type;
+ tss->truth_data = GNUNET_memdup (truth_data,
+ truth_data_size);
+ tss->truth_data_size = truth_data_size;
+ {
+ struct TALER_TESTING_Command cmd = {
+ .cls = tss,
+ .label = label,
+ .run = &truth_store_run,
+ .cleanup = &truth_store_cleanup,
+ .traits = &truth_store_traits
+ };
+
+ return cmd;
+ }
}
diff --git a/src/testing/testing_api_trait_truth_pub.c
b/src/testing/testing_api_trait_truth_pub.c
index 76d0fed..2b32949 100644
--- a/src/testing/testing_api_trait_truth_pub.c
+++ b/src/testing/testing_api_trait_truth_pub.c
@@ -41,7 +41,7 @@ int
ANASTASIS_TESTING_get_trait_truth_public_key
(const struct TALER_TESTING_Command *cmd,
unsigned int index,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP **tpk)
+ const struct ANASTASIS_CRYPTO_TruthUUIDP **tpk)
{
return cmd->traits (cmd->cls,
(const void **) tpk,
@@ -60,7 +60,7 @@ ANASTASIS_TESTING_get_trait_truth_public_key
struct TALER_TESTING_Trait
ANASTASIS_TESTING_make_trait_truth_public_key
(unsigned int index,
- const struct ANASTASIS_CRYPTO_TruthPublicKeyP *tpk)
+ const struct ANASTASIS_CRYPTO_TruthUUIDP *tpk)
{
struct TALER_TESTING_Trait ret = {
.index = index,
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index 194ff0a..d882b5e 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -428,38 +428,6 @@ ANASTASIS_CRYPTO_keyshare_decrypt (
}
-void
-ANASTASIS_CRYPTO_truth_public_key_derive (
- const struct ANASTASIS_CRYPTO_NonceP *nonce,
- struct ANASTASIS_CRYPTO_TruthPublicKeyP *pub_key)
-{
- struct ANASTASIS_CRYPTO_TruthPrivateKeyP priv_key;
-
- /* priv_key = ver_secret */
- if (GNUNET_YES !=
- GNUNET_CRYPTO_hkdf (&priv_key.priv,
- sizeof (priv_key.priv),
- GCRY_MD_SHA512,
- GCRY_MD_SHA256,
- nonce,
- sizeof (struct ANASTASIS_CRYPTO_NonceP),
- "ver",
- strlen ("ver"),
- NULL,
- 0))
- {
- GNUNET_break (0);
- return;
- }
- /* go from ver_secret to proper private key (eddsa_d_to_a() in spec) */
- priv_key.priv.d[0] = (priv_key.priv.d[0] & 0x7f) | 0x40;
- priv_key.priv.d[31] &= 0xf8;
-
- GNUNET_CRYPTO_eddsa_key_get_public (&priv_key.priv,
- &pub_key->pub);
-}
-
-
void
ANASTASIS_CRYPTO_truth_encrypt (
const struct ANASTASIS_CRYPTO_TruthKeyP *truth_enc_key,
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: clean up truth public key vs UUID and order_id vs. payment secret type confusions,
gnunet <=