diff options
author | Özgür Kesim <oec-taler@kesim.org> | 2023-04-22 17:18:59 +0200 |
---|---|---|
committer | Özgür Kesim <oec-taler@kesim.org> | 2023-04-22 17:18:59 +0200 |
commit | 6f492b2a97a8623e18a36c583e320d876753ae8b (patch) | |
tree | cbdd48bc5ca07be4803a4ac4d356177e687ad5c8 /src/exchange/taler-exchange-httpd_age-withdraw_reveal.c | |
parent | 89a9224c3bb9bfae84c27c1bbf0d9dfd5341ec0a (diff) | |
download | exchange-6f492b2a97a8623e18a36c583e320d876753ae8b.tar.gz exchange-6f492b2a97a8623e18a36c583e320d876753ae8b.tar.bz2 exchange-6f492b2a97a8623e18a36c583e320d876753ae8b.zip |
WiP: age-withdraw, continue with finalize_age_withdraw_and_sign, 9/n
Also:
- added duplicate planchet check for age-withdraw_reveal
- added stubs for (get|insert)_age_withdraw_reveal
Diffstat (limited to 'src/exchange/taler-exchange-httpd_age-withdraw_reveal.c')
-rw-r--r-- | src/exchange/taler-exchange-httpd_age-withdraw_reveal.c | 146 |
1 files changed, 116 insertions, 30 deletions
diff --git a/src/exchange/taler-exchange-httpd_age-withdraw_reveal.c b/src/exchange/taler-exchange-httpd_age-withdraw_reveal.c index 31ff57c6b..828877ab5 100644 --- a/src/exchange/taler-exchange-httpd_age-withdraw_reveal.c +++ b/src/exchange/taler-exchange-httpd_age-withdraw_reveal.c @@ -74,9 +74,9 @@ struct AgeRevealContext struct TALER_Amount total_fee; /** - * #num_coins hashes of blinded coins. + * #num_coins hashes of blinded coin planchets. */ - struct TALER_BlindedCoinHashP *coin_evs; + struct TALER_BlindedPlanchet *coin_evs; /** * secrets for #num_coins*(kappa - 1) disclosed coins. @@ -90,6 +90,39 @@ struct AgeRevealContext struct TALER_EXCHANGEDB_AgeWithdrawCommitment commitment; }; + +/** + * Information per planchet in the batch. + */ +struct PlanchetContext +{ + + /** + * Hash of the (blinded) message to be signed by the Exchange. + */ + struct TALER_BlindedCoinHashP h_coin_envelope; + + /** + * Value of the coin being exchanged (matching the denomination key) + * plus the transaction fee. We include this in what is being + * signed so that we can verify a reserve's remaining total balance + * without needing to access the respective denomination key + * information each time. + */ + struct TALER_Amount amount_with_fee; + + /** + * Blinded planchet. + */ + struct TALER_BlindedPlanchet blinded_planchet; + + /** + * Set to the resulting signed coin data to be returned to the client. + */ + struct TALER_EXCHANGEDB_CollectableBlindcoin collectable; + +}; + /** * Helper function to free resources in the context */ @@ -198,11 +231,11 @@ parse_age_withdraw_reveal_json ( /* Parse blinded envelopes */ actx->coin_evs = GNUNET_new_array (actx->num_coins, - struct TALER_BlindedCoinHashP); + struct TALER_BlindedPlanchet); json_array_foreach (j_coin_evs, idx, value) { struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_fixed_auto (NULL, &actx->coin_evs[idx]), + TALER_JSON_spec_blinded_planchet (NULL, &actx->coin_evs[idx]), GNUNET_JSON_spec_end () }; @@ -220,6 +253,22 @@ parse_age_withdraw_reveal_json ( msg); goto EXIT; } + + /* Check for duplicate planchets */ + for (unsigned int i = 0; i < idx; i++) + { + if (0 == TALER_blinded_planchet_cmp (&actx->coin_evs[idx], + &actx->coin_evs[i])) + { + GNUNET_break_op (0); + *mhd_ret = TALER_MHD_reply_with_error (connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_PARAMETER_MALFORMED, + "duplicate planchet"); + goto EXIT; + } + + } }; /* Parse diclosed keys */ @@ -308,7 +357,7 @@ find_original_commitment ( case GNUNET_DB_STATUS_SOFT_ERROR: /* FIXME oec: Do we queue a result in this case or retry? */ default: - GNUNET_break (0); /* should be impossible */ + GNUNET_break (0); *result = TALER_MHD_reply_with_error (connection, MHD_HTTP_INTERNAL_SERVER_ERROR, TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE, @@ -414,6 +463,7 @@ denomination_is_valid ( * @param connection The HTTP connection to the client * @param len The lengths of the array @a denoms_h * @param denoms_h array of hashes of denomination public keys + * @param coin_evs array of blinded coin planchets * @param[out] dks On success, will be filled with the denomination keys. Caller must deallocate. * @param amount_with_fee The committed amount including fees * @param[out] total_amount On success, will contain the total sum of all denominations @@ -427,6 +477,7 @@ are_denominations_valid ( struct MHD_Connection *connection, uint32_t len, const struct TALER_DenominationHashP *denoms_h, + const struct TALER_BlindedPlanchet *coin_evs, struct TEH_DenominationKey **dks, const struct TALER_Amount *amount_with_fee, struct TALER_Amount *total_amount, @@ -458,7 +509,16 @@ are_denominations_valid ( &denoms_h[i], dks[i], result)) + return GNUNET_SYSERR; + + /* Ensure the ciphers from the planchets match the denominations' */ + if (dks[i]->denom_pub.cipher != coin_evs[i].cipher) { + GNUNET_break_op (0); + *result = TALER_MHD_reply_with_error (connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_EXCHANGE_GENERIC_CIPHER_MISMATCH, + NULL); return GNUNET_SYSERR; } @@ -468,9 +528,9 @@ are_denominations_valid ( total_amount, &dks[i]->meta.value)) { - GNUNET_break (0); + GNUNET_break_op (0); *result = TALER_MHD_reply_with_error (connection, - MHD_HTTP_INTERNAL_SERVER_ERROR, + MHD_HTTP_BAD_REQUEST, TALER_EC_EXCHANGE_AGE_WITHDRAW_AMOUNT_OVERFLOW, "amount"); return GNUNET_SYSERR; @@ -482,9 +542,9 @@ are_denominations_valid ( total_fee, &dks[i]->meta.fees.withdraw)) { - GNUNET_break (0); + GNUNET_break_op (0); *result = TALER_MHD_reply_with_error (connection, - MHD_HTTP_INTERNAL_SERVER_ERROR, + MHD_HTTP_BAD_REQUEST, TALER_EC_EXCHANGE_AGE_WITHDRAW_AMOUNT_OVERFLOW, "fee"); return GNUNET_SYSERR; @@ -504,9 +564,10 @@ are_denominations_valid ( if (0 != TALER_amount_cmp (&sum, amount_with_fee)) { GNUNET_break_op (0); - *result = TALER_MHD_reply_with_ec (connection, - TALER_EC_EXCHANGE_AGE_WITHDRAW_AMOUNT_INCORRECT, - NULL); + *result = TALER_MHD_reply_with_error (connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_EXCHANGE_AGE_WITHDRAW_AMOUNT_INCORRECT, + NULL); return GNUNET_SYSERR; } } @@ -537,7 +598,7 @@ are_denominations_valid ( * @param max_age Maximum age allowed for the age restriction * @param noreveal_idx Index that was given to the client in response to the age-withdraw request * @param num_coins Number of coins - * @param coin_evs The Hashes of the undisclosed, blinded coins, @a num_coins many + * @param coin_evs The blindet planchets of the undisclosed coins, @a num_coins many * @param denom_keys The array of denomination keys, @a num_coins. Needed to detect Clause-Schnorr-based denominations * @param disclosed_coin_secrets The secrets of the disclosed coins, (TALER_CNC_KAPPA - 1)*num_coins many * @param[out] result On error, a HTTP-response will be queued and result set accordingly @@ -550,7 +611,7 @@ verify_commitment_and_max_age ( const uint32_t max_age, const uint32_t noreveal_idx, const uint32_t num_coins, - const struct TALER_BlindedCoinHashP *coin_evs, + const struct TALER_BlindedPlanchet *coin_evs, const struct TEH_DenominationKey *denom_keys, const struct TALER_PlanchetMasterSecretP *disclosed_coin_secrets, MHD_RESULT *result) @@ -735,21 +796,47 @@ verify_commitment_and_max_age ( * @return GNUNET_OK on success, GNUNET_SYSERR otherwise */ static enum GNUNET_GenericReturnValue -sign_and_persist_blinded_coins ( +finalize_age_withdraw_and_sign ( struct MHD_Connection *connection, - const struct TALER_AgeWithdrawCommitmentHashP *h_commitment_orig, + const struct TALER_AgeWithdrawCommitmentHashP *h_commitment, const uint32_t num_coins, - const struct TALER_BlindedCoinHashP *coin_evs, + const struct TALER_BlindedPlanchet *coin_evs, const struct TEH_DenominationKey *denom_keys, MHD_RESULT *result) { enum GNUNET_GenericReturnValue ret = GNUNET_SYSERR; + struct TEH_CoinSignData csds[num_coins]; + struct TALER_BlindedDenominationSignature bss[num_coins]; + + for (uint32_t i = 0; i<num_coins; i++) + { + csds[i].h_denom_pub = &denom_keys[i].h_denom_pub; + csds[i].bp = &coin_evs[i]; + } + + /* First, sign the the blinded coins */ + { + enum TALER_ErrorCode ec; + ec = TEH_keys_denomination_batch_sign (csds, + num_coins, + false, + bss); + if (TALER_EC_NONE != ec) + { + GNUNET_break (0); + *result = TALER_MHD_reply_with_ec (connection, + ec, + NULL); + return GNUNET_SYSERR; + } + } /* TODO[oec]: - * - sign the planchets * - in a transaction: save the coins. + * - add signature response */ - #pragma message "FIXME[oec]: implement sign_and_persist_blinded_coins" + +#pragma message "FIXME[oec]: implement finalize_age_withdraw_and_sign" return ret; } @@ -777,15 +864,13 @@ TEH_handler_age_withdraw_reveal ( actx.ach = *ach; /* Parse JSON body*/ + ret = TALER_MHD_parse_json_data (rc->connection, + root, + spec); + if (GNUNET_OK != ret) { - ret = TALER_MHD_parse_json_data (rc->connection, - root, - spec); - if (GNUNET_OK != ret) - { - GNUNET_break_op (0); - return (GNUNET_SYSERR == ret) ? MHD_NO : MHD_YES; - } + GNUNET_break_op (0); + return (GNUNET_SYSERR == ret) ? MHD_NO : MHD_YES; } @@ -814,6 +899,7 @@ TEH_handler_age_withdraw_reveal ( rc->connection, actx.num_coins, actx.denoms_h, + actx.coin_evs, &actx.denom_keys, &actx.commitment.amount_with_fee, &actx.total_amount, @@ -821,8 +907,8 @@ TEH_handler_age_withdraw_reveal ( &result)) break; - /* Verify the computed h_commitment equals the committed one and that - * coins have a maximum age group corresponding max_age (age-mask dependent) */ + /* Verify the computed h_commitment equals the committed one and that coins + * have a maximum age group corresponding max_age (age-mask dependent) */ if (GNUNET_OK != verify_commitment_and_max_age ( rc->connection, &actx.commitment.h_commitment, @@ -836,7 +922,7 @@ TEH_handler_age_withdraw_reveal ( break; /* Finally, sign and persist the coins */ - if (GNUNET_OK != sign_and_persist_blinded_coins ( + if (GNUNET_OK != finalize_age_withdraw_and_sign ( rc->connection, &actx.commitment.h_commitment, actx.num_coins, |