aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-01-27 18:35:17 +0100
committerChristian Grothoff <christian@grothoff.org>2015-01-27 18:35:17 +0100
commitc3731d0df7e03561c7da777b5f75ba53206a38b5 (patch)
tree751e00e70f0fde8a7c11faf6fd0a46ed2aaad361
parent16817ef0d12ee1b51203f96b0dd3708c1dae3509 (diff)
downloadexchange-c3731d0df7e03561c7da777b5f75ba53206a38b5.tar.gz
exchange-c3731d0df7e03561c7da777b5f75ba53206a38b5.zip
implementing varsize link data
-rw-r--r--src/mint/mint.h76
-rw-r--r--src/mint/mint_db.c191
-rw-r--r--src/mint/mint_db.h72
-rw-r--r--src/mint/taler-mint-httpd_db.c15
-rw-r--r--src/mint/taler-mint-httpd_db.h6
-rw-r--r--src/mint/taler-mint-httpd_refresh.c28
-rw-r--r--src/mint/taler-mint-keyup.c7
7 files changed, 266 insertions, 129 deletions
diff --git a/src/mint/mint.h b/src/mint/mint.h
index b194be687..010ff4d5f 100644
--- a/src/mint/mint.h
+++ b/src/mint/mint.h
@@ -115,43 +115,89 @@ struct CollectableBlindcoin
115}; 115};
116 116
117 117
118/**
119 * Global information for a refreshing session.
120 */
118struct RefreshSession 121struct RefreshSession
119{ 122{
123 /**
124 * Signature over the commitments by the client.
125 */
120 struct GNUNET_CRYPTO_EddsaSignature commit_sig; 126 struct GNUNET_CRYPTO_EddsaSignature commit_sig;
127
128 /**
129 * Public key of the refreshing session, used to sign
130 * the client's commit message.
131 */
121 struct GNUNET_CRYPTO_EddsaPublicKey session_pub; 132 struct GNUNET_CRYPTO_EddsaPublicKey session_pub;
122 int has_commit_sig; 133
134 /**
135 * Number of coins we are melting.
136 */
123 uint16_t num_oldcoins; 137 uint16_t num_oldcoins;
138
139 /**
140 * Number of new coins we are creating.
141 */
124 uint16_t num_newcoins; 142 uint16_t num_newcoins;
143
144 /**
145 * Number of parallel operations we perform for the cut and choose.
146 * (must be greater or equal to three for security).
147 */
125 uint16_t kappa; 148 uint16_t kappa;
149
150 /**
151 * Index (smaller @e kappa) which the mint has chosen to not
152 * have revealed during cut and choose.
153 */
126 uint16_t noreveal_index; 154 uint16_t noreveal_index;
155
156 /**
157 * FIXME.
158 */
159 int has_commit_sig;
160
161 /**
162 * FIXME.
163 */
127 uint8_t reveal_ok; 164 uint8_t reveal_ok;
128}; 165};
129 166
130 167
131/** 168/**
132 * FIXME 169 * For each (old) coin being melted, we have a `struct
170 * RefreshCommitLink` that allows the user to find the shared secret
171 * to decrypt the respective refresh links for the new coins in the
172 * `struct RefreshCommitCoin`.
133 */ 173 */
134struct RefreshCommitLink 174struct RefreshCommitLink
135{ 175{
136 struct GNUNET_CRYPTO_EddsaPublicKey session_pub; 176 /**
177 * Transfer public key (FIXME: explain!)
178 */
137 struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub; 179 struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub;
180
181 /**
182 * FIXME: this can't be exactly the shared secret, must
183 * be a commitment to it or something.
184 */
138 struct GNUNET_HashCode shared_secret; 185 struct GNUNET_HashCode shared_secret;
139 uint16_t cnc_index;
140 uint16_t oldcoin_index;
141}; 186};
142 187
143 188
144/** 189/**
145 * FIXME 190 * We have as many `struct RefreshCommitCoin` as there are new
191 * coins being created by the refresh.
146 */ 192 */
147struct RefreshCommitCoin 193struct RefreshCommitCoin
148{ 194{
195
149 /** 196 /**
150 * Refresh session's public key. 197 * Encrypted data allowing those able to decrypt it to derive
198 * the private keys of the new coins created by the refresh.
151 */ 199 */
152 struct GNUNET_CRYPTO_EddsaPublicKey session_pub; 200 struct TALER_RefreshLinkEncrypted *refresh_link;
153
154 struct TALER_RefreshLinkEncrypted refresh_link;
155 201
156 /** 202 /**
157 * Blinded message to be signed (in envelope), with @e coin_env_size bytes. 203 * Blinded message to be signed (in envelope), with @e coin_env_size bytes.
@@ -163,16 +209,6 @@ struct RefreshCommitCoin
163 */ 209 */
164 size_t coin_ev_size; 210 size_t coin_ev_size;
165 211
166 /**
167 * FIXME: needed?
168 */
169 uint16_t cnc_index;
170
171 /**
172 * FIXME: needed?
173 */
174 uint16_t newcoin_index;
175
176}; 212};
177 213
178 214
diff --git a/src/mint/mint_db.c b/src/mint/mint_db.c
index eb83e61a9..2b0ebc955 100644
--- a/src/mint/mint_db.c
+++ b/src/mint/mint_db.c
@@ -1131,7 +1131,8 @@ TALER_MINT_DB_insert_known_coin (PGconn *db_conn,
1131 1131
1132 1132
1133int 1133int
1134TALER_MINT_DB_upsert_known_coin (PGconn *db_conn, struct KnownCoin *known_coin) 1134TALER_MINT_DB_upsert_known_coin (PGconn *db_conn,
1135 struct KnownCoin *known_coin)
1135{ 1136{
1136 int ret; 1137 int ret;
1137 ret = TALER_MINT_DB_update_known_coin (db_conn, known_coin); 1138 ret = TALER_MINT_DB_update_known_coin (db_conn, known_coin);
@@ -1146,58 +1147,38 @@ TALER_MINT_DB_upsert_known_coin (PGconn *db_conn, struct KnownCoin *known_coin)
1146} 1147}
1147 1148
1148 1149
1150/**
1151 * Store the commitment to the given (encrypted) refresh link data
1152 * for the given refresh session.
1153 *
1154 * @param db_conn database connection to use
1155 * @param refresh_session_pub public key of the refresh session this
1156 * commitment belongs with
1157 * @param i
1158 * @param j
1159 * @param commit_link link information to store
1160 * @return #GNUNET_SYSERR on internal error, #GNUNET_OK on success
1161 */
1149int 1162int
1150TALER_MINT_DB_insert_refresh_commit_link (PGconn *db_conn, 1163TALER_MINT_DB_insert_refresh_commit_link (PGconn *db_conn,
1164 const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub,
1165 int i, int j,
1151 const struct RefreshCommitLink *commit_link) 1166 const struct RefreshCommitLink *commit_link)
1152{ 1167{
1153 uint16_t cnc_index_nbo = htons (commit_link->cnc_index); 1168 uint16_t cnc_index_nbo = htons (i);
1154 uint16_t oldcoin_index_nbo = htons (commit_link->oldcoin_index); 1169 uint16_t oldcoin_index_nbo = htons (j);
1155 struct TALER_DB_QueryParam params[] = { 1170 struct TALER_DB_QueryParam params[] = {
1156 TALER_DB_QUERY_PARAM_PTR(&commit_link->session_pub), 1171 TALER_DB_QUERY_PARAM_PTR(refresh_session_pub),
1157 TALER_DB_QUERY_PARAM_PTR(&commit_link->transfer_pub), 1172 TALER_DB_QUERY_PARAM_PTR(&commit_link->transfer_pub),
1158 TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), 1173 TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo),
1159 TALER_DB_QUERY_PARAM_PTR(&oldcoin_index_nbo), 1174 TALER_DB_QUERY_PARAM_PTR(&oldcoin_index_nbo),
1160 TALER_DB_QUERY_PARAM_PTR_SIZED(&commit_link->shared_secret_enc, sizeof (struct GNUNET_HashCode)), 1175 TALER_DB_QUERY_PARAM_PTR(&commit_link->shared_secret),
1161 TALER_DB_QUERY_PARAM_END 1176 TALER_DB_QUERY_PARAM_END
1162 }; 1177 };
1163 1178
1164 PGresult *result = TALER_DB_exec_prepared (db_conn, "insert_refresh_commit_link", params); 1179 PGresult *result = TALER_DB_exec_prepared (db_conn,
1165 1180 "insert_refresh_commit_link",
1166 if (PGRES_COMMAND_OK != PQresultStatus (result)) 1181 params);
1167 {
1168 break_db_err (result);
1169 PQclear (result);
1170 return GNUNET_SYSERR;
1171 }
1172
1173 if (0 != strcmp ("1", PQcmdTuples (result)))
1174 {
1175 GNUNET_break (0);
1176 return GNUNET_SYSERR;
1177 }
1178
1179 PQclear (result);
1180 return GNUNET_OK;
1181}
1182
1183
1184int
1185TALER_MINT_DB_insert_refresh_commit_coin (PGconn *db_conn,
1186 const struct RefreshCommitCoin *commit_coin)
1187{
1188 uint16_t cnc_index_nbo = htons (commit_coin->cnc_index);
1189 uint16_t newcoin_index_nbo = htons (commit_coin->newcoin_index);
1190 struct TALER_DB_QueryParam params[] = {
1191 TALER_DB_QUERY_PARAM_PTR(&commit_coin->session_pub),
1192 TALER_DB_QUERY_PARAM_PTR(&commit_coin->coin_ev),
1193 TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo),
1194 TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo),
1195 TALER_DB_QUERY_PARAM_PTR_SIZED(&commit_coin->link_enc, sizeof (struct LinkData)),
1196 TALER_DB_QUERY_PARAM_END
1197 };
1198
1199 PGresult *result = TALER_DB_exec_prepared (db_conn, "insert_refresh_commit_coin", params);
1200
1201 if (PGRES_COMMAND_OK != PQresultStatus (result)) 1182 if (PGRES_COMMAND_OK != PQresultStatus (result))
1202 { 1183 {
1203 break_db_err (result); 1184 break_db_err (result);
@@ -1233,12 +1214,9 @@ TALER_MINT_DB_get_refresh_commit_link (PGconn *db_conn,
1233 TALER_DB_QUERY_PARAM_END 1214 TALER_DB_QUERY_PARAM_END
1234 }; 1215 };
1235 1216
1236 cc->cnc_index = cnc_index; 1217 PGresult *result = TALER_DB_exec_prepared (db_conn,
1237 cc->oldcoin_index = oldcoin_index; 1218 "get_refresh_commit_link",
1238 cc->session_pub = *refresh_session_pub; 1219 params);
1239
1240 PGresult *result = TALER_DB_exec_prepared (db_conn, "get_refresh_commit_link", params);
1241
1242 if (PGRES_TUPLES_OK != PQresultStatus (result)) 1220 if (PGRES_TUPLES_OK != PQresultStatus (result))
1243 { 1221 {
1244 break_db_err (result); 1222 break_db_err (result);
@@ -1254,8 +1232,7 @@ TALER_MINT_DB_get_refresh_commit_link (PGconn *db_conn,
1254 1232
1255 struct TALER_DB_ResultSpec rs[] = { 1233 struct TALER_DB_ResultSpec rs[] = {
1256 TALER_DB_RESULT_SPEC("transfer_pub", &cc->transfer_pub), 1234 TALER_DB_RESULT_SPEC("transfer_pub", &cc->transfer_pub),
1257 TALER_DB_RESULT_SPEC_SIZED("link_secret_enc", &cc->shared_secret_enc, 1235 TALER_DB_RESULT_SPEC("link_secret_enc", &cc->shared_secret),
1258 TALER_REFRESH_SHARED_SECRET_LENGTH),
1259 TALER_DB_RESULT_SPEC_END 1236 TALER_DB_RESULT_SPEC_END
1260 }; 1237 };
1261 1238
@@ -1267,7 +1244,46 @@ TALER_MINT_DB_get_refresh_commit_link (PGconn *db_conn,
1267 } 1244 }
1268 1245
1269 PQclear (result); 1246 PQclear (result);
1270 return GNUNET_YES; 1247 return GNUNET_OK;
1248}
1249
1250
1251int
1252TALER_MINT_DB_insert_refresh_commit_coin (PGconn *db_conn,
1253 const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub,
1254 int i, int j,
1255 const struct RefreshCommitCoin *commit_coin)
1256{
1257 uint16_t cnc_index_nbo = htons (i);
1258 uint16_t newcoin_index_nbo = htons (j);
1259 struct TALER_DB_QueryParam params[] = {
1260 TALER_DB_QUERY_PARAM_PTR(refresh_session_pub),
1261 TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coin->coin_ev, commit_coin->coin_ev_size),
1262 TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo),
1263 TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo),
1264 TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coin->refresh_link->coin_priv_enc,
1265 commit_coin->refresh_link->blinding_key_enc_size +
1266 sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)),
1267 TALER_DB_QUERY_PARAM_END
1268 };
1269
1270 PGresult *result = TALER_DB_exec_prepared (db_conn, "insert_refresh_commit_coin", params);
1271
1272 if (PGRES_COMMAND_OK != PQresultStatus (result))
1273 {
1274 break_db_err (result);
1275 PQclear (result);
1276 return GNUNET_SYSERR;
1277 }
1278
1279 if (0 != strcmp ("1", PQcmdTuples (result)))
1280 {
1281 GNUNET_break (0);
1282 return GNUNET_SYSERR;
1283 }
1284
1285 PQclear (result);
1286 return GNUNET_OK;
1271} 1287}
1272 1288
1273 1289
@@ -1280,17 +1296,17 @@ TALER_MINT_DB_get_refresh_commit_coin (PGconn *db_conn,
1280{ 1296{
1281 uint16_t cnc_index_nbo = htons (cnc_index); 1297 uint16_t cnc_index_nbo = htons (cnc_index);
1282 uint16_t newcoin_index_nbo = htons (newcoin_index); 1298 uint16_t newcoin_index_nbo = htons (newcoin_index);
1283
1284 cc->cnc_index = cnc_index;
1285 cc->newcoin_index = newcoin_index;
1286 cc->session_pub = *refresh_session_pub;
1287
1288 struct TALER_DB_QueryParam params[] = { 1299 struct TALER_DB_QueryParam params[] = {
1289 TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), 1300 TALER_DB_QUERY_PARAM_PTR(refresh_session_pub),
1290 TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), 1301 TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo),
1291 TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo), 1302 TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo),
1292 TALER_DB_QUERY_PARAM_END 1303 TALER_DB_QUERY_PARAM_END
1293 }; 1304 };
1305 char *c_buf;
1306 size_t c_buf_size;
1307 char *rl_buf;
1308 size_t rl_buf_size;
1309 struct TALER_RefreshLinkEncrypted *rl;
1294 1310
1295 PGresult *result = TALER_DB_exec_prepared (db_conn, "get_refresh_commit_coin", params); 1311 PGresult *result = TALER_DB_exec_prepared (db_conn, "get_refresh_commit_coin", params);
1296 1312
@@ -1308,19 +1324,34 @@ TALER_MINT_DB_get_refresh_commit_coin (PGconn *db_conn,
1308 } 1324 }
1309 1325
1310 struct TALER_DB_ResultSpec rs[] = { 1326 struct TALER_DB_ResultSpec rs[] = {
1311 TALER_DB_RESULT_SPEC("coin_ev", &cc->coin_ev), 1327 TALER_DB_RESULT_SPEC_VAR("coin_ev", &c_buf, &c_buf_size),
1312 TALER_DB_RESULT_SPEC_SIZED("link_vector_enc", &cc->link_enc, 1328 TALER_DB_RESULT_SPEC_VAR("link_vector_enc", &rl_buf, &rl_buf_size),
1313 TALER_REFRESH_LINK_LENGTH),
1314 TALER_DB_RESULT_SPEC_END 1329 TALER_DB_RESULT_SPEC_END
1315 }; 1330 };
1316
1317 if (GNUNET_YES != TALER_DB_extract_result (result, rs, 0)) 1331 if (GNUNET_YES != TALER_DB_extract_result (result, rs, 0))
1318 { 1332 {
1319 PQclear (result); 1333 PQclear (result);
1320 return GNUNET_SYSERR; 1334 return GNUNET_SYSERR;
1321 } 1335 }
1322
1323 PQclear (result); 1336 PQclear (result);
1337 if (rl_buf_size < sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))
1338 {
1339 GNUNET_free (c_buf);
1340 GNUNET_free (rl_buf);
1341 return GNUNET_SYSERR;
1342 }
1343
1344 rl = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) +
1345 rl_buf_size - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
1346 rl->blinding_key_enc = (const char *) &rl[1];
1347 rl->blinding_key_enc_size = rl_buf_size - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey);
1348 memcpy (rl->coin_priv_enc,
1349 rl_buf,
1350 rl_buf_size);
1351 GNUNET_free (rl_buf);
1352 cc->refresh_link = rl;
1353 cc->coin_ev = c_buf;
1354 cc->coin_ev_size = c_buf_size;
1324 return GNUNET_YES; 1355 return GNUNET_YES;
1325} 1356}
1326 1357
@@ -1582,15 +1613,17 @@ TALER_db_get_link (PGconn *db_conn,
1582 1613
1583 for (i = 0; i < PQntuples (result); i++) 1614 for (i = 0; i < PQntuples (result); i++)
1584 { 1615 {
1585 struct LinkDataEnc link_data_enc; 1616 struct TALER_RefreshLinkEncrypted *link_enc;
1586 struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub; 1617 struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub;
1587 struct GNUNET_CRYPTO_rsa_Signature *sig; 1618 struct GNUNET_CRYPTO_rsa_Signature *sig;
1619 char *ld_buf;
1620 size_t ld_buf_size;
1588 char *pk_buf; 1621 char *pk_buf;
1589 size_t pk_buf_size; 1622 size_t pk_buf_size;
1590 char *sig_buf; 1623 char *sig_buf;
1591 size_t sig_buf_size; 1624 size_t sig_buf_size;
1592 struct TALER_DB_ResultSpec rs[] = { 1625 struct TALER_DB_ResultSpec rs[] = {
1593 TALER_DB_RESULT_SPEC("link_vector_enc", &link_data_enc), 1626 TALER_DB_RESULT_SPEC_VAR("link_vector_enc", &ld_buf, &ld_buf_size),
1594 TALER_DB_RESULT_SPEC_VAR("denom_pub", &pk_buf, &pk_buf_size), 1627 TALER_DB_RESULT_SPEC_VAR("denom_pub", &pk_buf, &pk_buf_size),
1595 TALER_DB_RESULT_SPEC_VAR("ev_sig", &sig_buf, &sig_buf_size), 1628 TALER_DB_RESULT_SPEC_VAR("ev_sig", &sig_buf, &sig_buf_size),
1596 TALER_DB_RESULT_SPEC_END 1629 TALER_DB_RESULT_SPEC_END
@@ -1602,39 +1635,59 @@ TALER_db_get_link (PGconn *db_conn,
1602 GNUNET_break (0); 1635 GNUNET_break (0);
1603 return GNUNET_SYSERR; 1636 return GNUNET_SYSERR;
1604 } 1637 }
1638 if (ld_buf_size < sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))
1639 {
1640 PQclear (result);
1641 GNUNET_free (pk_buf);
1642 GNUNET_free (sig_buf);
1643 GNUNET_free (ld_buf);
1644 GNUNET_break (0);
1645 return GNUNET_SYSERR;
1646 }
1647 link_enc = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) +
1648 ld_buf_size - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
1649 link_enc->blinding_key_enc = (const char *) &link_enc[1];
1650 link_enc->blinding_key_enc_size = ld_buf_size - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey);
1651 memcpy (link_enc->coin_priv_enc,
1652 ld_buf,
1653 ld_buf_size);
1654
1605 sig = GNUNET_CRYPTO_rsa_signature_decode (sig_buf, 1655 sig = GNUNET_CRYPTO_rsa_signature_decode (sig_buf,
1606 sig_buf_size); 1656 sig_buf_size);
1607 denom_pub = GNUNET_CRYPTO_rsa_public_key_decode (pk_buf, 1657 denom_pub = GNUNET_CRYPTO_rsa_public_key_decode (pk_buf,
1608 pk_buf_size); 1658 pk_buf_size);
1609 GNUNET_free (pk_buf); 1659 GNUNET_free (pk_buf);
1610 GNUNET_free (sig_buf); 1660 GNUNET_free (sig_buf);
1661 GNUNET_free (ld_buf);
1611 if ( (NULL == sig) || 1662 if ( (NULL == sig) ||
1612 (NULL == denom_pub) ) 1663 (NULL == denom_pub) )
1613 { 1664 {
1614 PQclear (result);
1615 if (NULL != denom_pub) 1665 if (NULL != denom_pub)
1616 GNUNET_CRYPTO_rsa_public_key_free (denom_pub); 1666 GNUNET_CRYPTO_rsa_public_key_free (denom_pub);
1617 if (NULL != sig) 1667 if (NULL != sig)
1618 GNUNET_CRYPTO_rsa_signature_free (sig); 1668 GNUNET_CRYPTO_rsa_signature_free (sig);
1669 GNUNET_free (link_enc);
1619 GNUNET_break (0); 1670 GNUNET_break (0);
1671 PQclear (result);
1620 return GNUNET_SYSERR; 1672 return GNUNET_SYSERR;
1621 } 1673 }
1622 if (GNUNET_OK != (res = link_iter (cls, 1674 if (GNUNET_OK != (res = link_iter (cls,
1623 &link_data_enc, 1675 link_enc,
1624 denom_pub, 1676 denom_pub,
1625 sig))) 1677 sig)))
1626 { 1678 {
1627 GNUNET_assert (GNUNET_SYSERR != res); 1679 GNUNET_assert (GNUNET_SYSERR != res);
1628 GNUNET_CRYPTO_rsa_signature_free (sig); 1680 GNUNET_CRYPTO_rsa_signature_free (sig);
1629 GNUNET_CRYPTO_rsa_public_key_free (denom_pub); 1681 GNUNET_CRYPTO_rsa_public_key_free (denom_pub);
1682 GNUNET_free (link_enc);
1630 PQclear (result); 1683 PQclear (result);
1631 return res; 1684 return res;
1632 } 1685 }
1633 GNUNET_CRYPTO_rsa_signature_free (sig); 1686 GNUNET_CRYPTO_rsa_signature_free (sig);
1634 GNUNET_CRYPTO_rsa_public_key_free (denom_pub); 1687 GNUNET_CRYPTO_rsa_public_key_free (denom_pub);
1688 GNUNET_free (link_enc);
1635 } 1689 }
1636 1690
1637 PQclear (result);
1638 return GNUNET_OK; 1691 return GNUNET_OK;
1639} 1692}
1640 1693
@@ -1643,7 +1696,7 @@ int
1643TALER_db_get_transfer (PGconn *db_conn, 1696TALER_db_get_transfer (PGconn *db_conn,
1644 const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub, 1697 const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub,
1645 struct GNUNET_CRYPTO_EcdsaPublicKey *transfer_pub, 1698 struct GNUNET_CRYPTO_EcdsaPublicKey *transfer_pub,
1646 struct SharedSecretEnc *shared_secret_enc) 1699 struct GNUNET_HashCode *shared_secret_enc)
1647{ 1700{
1648 struct TALER_DB_QueryParam params[] = { 1701 struct TALER_DB_QueryParam params[] = {
1649 TALER_DB_QUERY_PARAM_PTR(coin_pub), 1702 TALER_DB_QUERY_PARAM_PTR(coin_pub),
@@ -1667,7 +1720,9 @@ TALER_db_get_transfer (PGconn *db_conn,
1667 1720
1668 if (1 != PQntuples (result)) 1721 if (1 != PQntuples (result))
1669 { 1722 {
1670 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "got %d tuples for get_transfer\n", PQntuples (result)); 1723 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1724 "got %d tuples for get_transfer\n",
1725 PQntuples (result));
1671 GNUNET_break (0); 1726 GNUNET_break (0);
1672 return GNUNET_SYSERR; 1727 return GNUNET_SYSERR;
1673 } 1728 }
diff --git a/src/mint/mint_db.h b/src/mint/mint_db.h
index 0f746c14d..e0c2e2e0a 100644
--- a/src/mint/mint_db.h
+++ b/src/mint/mint_db.h
@@ -122,23 +122,49 @@ TALER_MINT_DB_get_known_coin (PGconn *db_conn,
122 122
123 123
124int 124int
125TALER_MINT_DB_upsert_known_coin (PGconn *db_conn, struct KnownCoin *known_coin); 125TALER_MINT_DB_upsert_known_coin (PGconn *db_conn,
126 struct KnownCoin *known_coin);
127
128
126 129
127 130
128int 131int
129TALER_MINT_DB_insert_refresh_commit_link (PGconn *db_conn, 132TALER_MINT_DB_create_refresh_session (PGconn *db_conn,
130 const struct RefreshCommitLink *commit_link); 133 const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub);
131 134
135
136/**
137 * Store the commitment to the given (encrypted) refresh link data
138 * for the given refresh session.
139 *
140 * @param db_conn database connection to use
141 * @param refresh_session_pub public key of the refresh session this
142 * commitment belongs with
143 * @param i
144 * @param j
145 * @param commit_link link information to store
146 * @return #GNUNET_SYSERR on internal error, #GNUNET_OK on success
147 */
132int 148int
133TALER_MINT_DB_insert_refresh_commit_coin (PGconn *db_conn, 149TALER_MINT_DB_insert_refresh_commit_link (PGconn *db_conn,
134 const struct RefreshCommitCoin *commit_coin); 150 const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub,
151 int i, int j,
152 const struct RefreshCommitLink *commit_link);
135 153
136 154
137int 155int
138TALER_MINT_DB_get_refresh_commit_link (PGconn *db_conn, 156TALER_MINT_DB_get_refresh_commit_link (PGconn *db_conn,
139 const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, 157 const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub,
140 int i, int j, 158 int i, int j,
141 struct RefreshCommitLink *commit_link); 159 struct RefreshCommitLink *cc);
160
161
162int
163TALER_MINT_DB_insert_refresh_commit_coin (PGconn *db_conn,
164 const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub,
165 int i,
166 int j,
167 const struct RefreshCommitCoin *commit_coin);
142 168
143 169
144int 170int
@@ -148,12 +174,6 @@ TALER_MINT_DB_get_refresh_commit_coin (PGconn *db_conn,
148 struct RefreshCommitCoin *commit_coin); 174 struct RefreshCommitCoin *commit_coin);
149 175
150 176
151int
152TALER_MINT_DB_create_refresh_session (PGconn *db_conn,
153 const struct GNUNET_CRYPTO_EddsaPublicKey
154 *session_pub);
155
156
157struct GNUNET_CRYPTO_rsa_PublicKey * 177struct GNUNET_CRYPTO_rsa_PublicKey *
158TALER_MINT_DB_get_refresh_order (PGconn *db_conn, 178TALER_MINT_DB_get_refresh_order (PGconn *db_conn,
159 uint16_t newcoin_index, 179 uint16_t newcoin_index,
@@ -178,6 +198,7 @@ int
178TALER_MINT_DB_set_reveal_ok (PGconn *db_conn, 198TALER_MINT_DB_set_reveal_ok (PGconn *db_conn,
179 const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub); 199 const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub);
180 200
201
181int 202int
182TALER_MINT_DB_insert_refresh_melt (PGconn *db_conn, 203TALER_MINT_DB_insert_refresh_melt (PGconn *db_conn,
183 const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub, 204 const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
@@ -193,11 +214,15 @@ TALER_MINT_DB_get_refresh_melt (PGconn *db_conn,
193 struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub); 214 struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub);
194 215
195 216
196typedef 217/**
197int (*LinkIterator) (void *cls, 218 * FIXME: doc, name is bad, too.
198 const struct LinkDataEnc *link_data_enc, 219 */
199 const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub, 220typedef int
200 const struct GNUNET_CRYPTO_rsa_Signature *ev_sig); 221(*LinkIterator) (void *cls,
222 const struct TALER_RefreshLinkEncrypted *link_data_enc,
223 const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub,
224 const struct GNUNET_CRYPTO_rsa_Signature *ev_sig);
225
201 226
202int 227int
203TALER_db_get_link (PGconn *db_conn, 228TALER_db_get_link (PGconn *db_conn,
@@ -206,26 +231,37 @@ TALER_db_get_link (PGconn *db_conn,
206 void *cls); 231 void *cls);
207 232
208 233
234/**
235 * Obtain shared secret from the transfer public key (?).
236 *
237 * @param shared_secret_enc[out] set to shared secret; FIXME: use other type
238 * to indicate this is the encrypted secret
239 */
209int 240int
210TALER_db_get_transfer (PGconn *db_conn, 241TALER_db_get_transfer (PGconn *db_conn,
211 const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub, 242 const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub,
212 struct GNUNET_CRYPTO_EcdsaPublicKey *transfer_pub, 243 struct GNUNET_CRYPTO_EcdsaPublicKey *transfer_pub,
213 struct SharedSecretEnc *shared_secret_enc); 244 struct GNUNET_HashCode *shared_secret_enc);
214 245
215int 246int
216TALER_MINT_DB_init_deposits (PGconn *db_conn, int temporary); 247TALER_MINT_DB_init_deposits (PGconn *db_conn, int temporary);
217 248
249
218int 250int
219TALER_MINT_DB_prepare_deposits (PGconn *db_conn); 251TALER_MINT_DB_prepare_deposits (PGconn *db_conn);
220 252
253
221int 254int
222TALER_MINT_DB_insert_deposit (PGconn *db_conn, 255TALER_MINT_DB_insert_deposit (PGconn *db_conn,
223 const struct Deposit *deposit); 256 const struct Deposit *deposit);
224 257
258
225int 259int
226TALER_MINT_DB_get_deposit (PGconn *db_conn, 260TALER_MINT_DB_get_deposit (PGconn *db_conn,
227 const struct GNUNET_CRYPTO_EddsaPublicKey *coin_pub, 261 const struct GNUNET_CRYPTO_EddsaPublicKey *coin_pub,
228 struct Deposit **r_deposit); 262 struct Deposit **r_deposit);
263
264
229int 265int
230TALER_MINT_DB_insert_known_coin (PGconn *db_conn, 266TALER_MINT_DB_insert_known_coin (PGconn *db_conn,
231 const struct KnownCoin *known_coin); 267 const struct KnownCoin *known_coin);
diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c
index 59e573457..874ac72ee 100644
--- a/src/mint/taler-mint-httpd_db.c
+++ b/src/mint/taler-mint-httpd_db.c
@@ -689,8 +689,10 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection,
689 * 689 *
690 * @param connection the MHD connection to handle 690 * @param connection the MHD connection to handle
691 * @param kappa size of x-dimension of @commit_coin and @commit_link arrays 691 * @param kappa size of x-dimension of @commit_coin and @commit_link arrays
692 * @param num_oldcoins size of y-dimension of @commit_coin and @commit_link arrays 692 * @param num_oldcoins size of y-dimension of @commit_link array
693 * @param num_newcoins size of y-dimension of @commit_coin and @commit_link arrays 693 * @param num_newcoins size of y-dimension of @commit_coin array
694 * @param commit_coin
695 * @param commit_link
694 * @return MHD result code 696 * @return MHD result code
695 */ 697 */
696int 698int
@@ -730,6 +732,9 @@ TALER_MINT_db_execute_refresh_commit (struct MHD_Connection *connection,
730 { 732 {
731 if (GNUNET_OK != 733 if (GNUNET_OK !=
732 TALER_MINT_DB_insert_refresh_commit_coin (db_conn, 734 TALER_MINT_DB_insert_refresh_commit_coin (db_conn,
735 refresh_session_pub,
736 i,
737 j,
733 &commit_coin[i][j])) 738 &commit_coin[i][j]))
734 { 739 {
735 // FIXME: return 'internal error'? 740 // FIXME: return 'internal error'?
@@ -739,7 +744,11 @@ TALER_MINT_db_execute_refresh_commit (struct MHD_Connection *connection,
739 } 744 }
740 745
741 if (GNUNET_OK != 746 if (GNUNET_OK !=
742 TALER_MINT_DB_insert_refresh_commit_link (db_conn, &commit_link[i][j])) 747 TALER_MINT_DB_insert_refresh_commit_link (db_conn,
748 refresh_session_pub,
749 i,
750 j,
751 &commit_link[i][j]))
743 { 752 {
744 // FIXME: return 'internal error'? 753 // FIXME: return 'internal error'?
745 GNUNET_break (0); 754 GNUNET_break (0);
diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h
index 31f64d9f7..3f8c13414 100644
--- a/src/mint/taler-mint-httpd_db.h
+++ b/src/mint/taler-mint-httpd_db.h
@@ -103,8 +103,10 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection,
103 * 103 *
104 * @param connection the MHD connection to handle 104 * @param connection the MHD connection to handle
105 * @param kappa size of x-dimension of @commit_coin and @commit_link arrays 105 * @param kappa size of x-dimension of @commit_coin and @commit_link arrays
106 * @param num_oldcoins size of y-dimension of @commit_coin and @commit_link arrays 106 * @param num_oldcoins size of y-dimension of @commit_coin array
107 * @param num_newcoins size of y-dimension of @commit_coin and @commit_link arrays 107 * @param num_newcoins size of y-dimension of @commit_link array
108 * @param commit_coin
109 * @param commit_link
108 * @return MHD result code 110 * @return MHD result code
109 */ 111 */
110int 112int
diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c
index 40737ae31..42a224f32 100644
--- a/src/mint/taler-mint-httpd_refresh.c
+++ b/src/mint/taler-mint-httpd_refresh.c
@@ -541,6 +541,9 @@ TALER_MINT_handler_refresh_commit (struct RequestHandler *rh,
541 sizeof (struct RefreshCommitCoin)); 541 sizeof (struct RefreshCommitCoin));
542 for (j = 0; j < num_newcoins; j++) 542 for (j = 0; j < num_newcoins; j++)
543 { 543 {
544 char *link_end;
545 size_t link_enc_size;
546
544 res = GNUNET_MINT_parse_navigate_json (connection, root, 547 res = GNUNET_MINT_parse_navigate_json (connection, root,
545 JNAV_FIELD, "coin_evs", 548 JNAV_FIELD, "coin_evs",
546 JNAV_INDEX, (int) i, 549 JNAV_INDEX, (int) i,
@@ -565,9 +568,9 @@ TALER_MINT_handler_refresh_commit (struct RequestHandler *rh,
565 JNAV_FIELD, "link_encs", 568 JNAV_FIELD, "link_encs",
566 JNAV_INDEX, (int) i, 569 JNAV_INDEX, (int) i,
567 JNAV_INDEX, (int) j, 570 JNAV_INDEX, (int) j,
568 JNAV_RET_DATA, 571 JNAV_RET_DATA_VAR,
569 commit_coin[i][j].link_enc, 572 &link_enc,
570 TALER_REFRESH_LINK_LENGTH); 573 &link_enc_size);
571 if (GNUNET_OK != res) 574 if (GNUNET_OK != res)
572 { 575 {
573 // FIXME: return 'internal error'? 576 // FIXME: return 'internal error'?
@@ -575,13 +578,13 @@ TALER_MINT_handler_refresh_commit (struct RequestHandler *rh,
575 GNUNET_CRYPTO_hash_context_abort (hash_context); 578 GNUNET_CRYPTO_hash_context_abort (hash_context);
576 return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; 579 return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
577 } 580 }
581 // FIXME: convert link_enc / link_enc_size to
582 // commit_coin[i][j].refresh_link!
583
578 584
579 GNUNET_CRYPTO_hash_context_read (hash_context, 585 GNUNET_CRYPTO_hash_context_read (hash_context,
580 commit_coin[i][j].link_enc, 586 commit_coin[i][j].link_enc,
581 TALER_REFRESH_LINK_LENGTH); 587 TALER_REFRESH_LINK_LENGTH);
582 commit_coin[i][j].cnc_index = i;
583 commit_coin[i][j].newcoin_index = j;
584 commit_coin[i][j].session_pub = refresh_session_pub;
585 } 588 }
586 } 589 }
587 590
@@ -617,8 +620,8 @@ TALER_MINT_handler_refresh_commit (struct RequestHandler *rh,
617 JNAV_INDEX, (int) i, 620 JNAV_INDEX, (int) i,
618 JNAV_INDEX, (int) j, 621 JNAV_INDEX, (int) j,
619 JNAV_RET_DATA, 622 JNAV_RET_DATA,
620 commit_link[i][j].shared_secret_enc, 623 &commit_link[i][j].shared_secret,
621 TALER_REFRESH_SHARED_SECRET_LENGTH); 624 sizeof (struct GNUNET_HashCode));
622 625
623 if (GNUNET_OK != res) 626 if (GNUNET_OK != res)
624 { 627 {
@@ -628,13 +631,8 @@ TALER_MINT_handler_refresh_commit (struct RequestHandler *rh,
628 } 631 }
629 632
630 GNUNET_CRYPTO_hash_context_read (hash_context, 633 GNUNET_CRYPTO_hash_context_read (hash_context,
631 commit_link[i][j].shared_secret_enc, 634 &commit_link[i][j].shared_secret,
632 TALER_REFRESH_SHARED_SECRET_LENGTH); 635 sizeof (struct GNUNET_HashCode));
633
634 commit_link[i][j].cnc_index = i;
635 commit_link[i][j].oldcoin_index = j;
636 commit_link[i][j].session_pub = refresh_session_pub;
637
638 } 636 }
639 } 637 }
640 GNUNET_CRYPTO_hash_context_finish (hash_context, &commit_hash); 638 GNUNET_CRYPTO_hash_context_finish (hash_context, &commit_hash);
diff --git a/src/mint/taler-mint-keyup.c b/src/mint/taler-mint-keyup.c
index a57b1e6ba..7c35317ce 100644
--- a/src/mint/taler-mint-keyup.c
+++ b/src/mint/taler-mint-keyup.c
@@ -646,9 +646,10 @@ main (int argc, char *const *argv)
646 // check if key from file matches the one from the configuration 646 // check if key from file matches the one from the configuration
647 { 647 {
648 struct GNUNET_CRYPTO_EddsaPublicKey master_pub_from_cfg; 648 struct GNUNET_CRYPTO_EddsaPublicKey master_pub_from_cfg;
649 if (GNUNET_OK != TALER_configuration_get_data (kcfg, "mint", "master_pub", 649 if (GNUNET_OK !=
650 &master_pub_from_cfg, 650 GNUNET_CONFIGURATION_get_data (kcfg, "mint", "master_pub",
651 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey))) 651 &master_pub_from_cfg,
652 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)))
652 { 653 {
653 fprintf (stderr, "master key missing in configuration (mint.master_pub)\n"); 654 fprintf (stderr, "master key missing in configuration (mint.master_pub)\n");
654 return 1; 655 return 1;