diff options
| author | Christian Grothoff <christian@grothoff.org> | 2022-02-17 15:10:14 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2022-02-17 15:18:09 +0100 |
| commit | a351bfc4b4ca15ce7fd998cf9691e85cf84dc426 (patch) | |
| tree | 88ec3b739914739f05d4c8cae2a2af40d29ebf82 /src/exchange/taler-exchange-httpd_refreshes_reveal.c | |
| parent | 8bdf6ab19df70c16d335ecf82f2c3b2117eeb70e (diff) | |
| download | exchange-a351bfc4b4ca15ce7fd998cf9691e85cf84dc426.tar.gz exchange-a351bfc4b4ca15ce7fd998cf9691e85cf84dc426.tar.bz2 exchange-a351bfc4b4ca15ce7fd998cf9691e85cf84dc426.zip | |
-fix CS nonce reuse check logic
Diffstat (limited to 'src/exchange/taler-exchange-httpd_refreshes_reveal.c')
| -rw-r--r-- | src/exchange/taler-exchange-httpd_refreshes_reveal.c | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c index 1f0782aaa..9c0a665b7 100644 --- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c +++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c @@ -116,10 +116,19 @@ struct RevealContext struct TALER_RefreshCoinData *rcds; /** + * Refresh master secret. + */ + struct TALER_RefreshMasterSecretP rms; + + /** * Size of the @e dks, @e rcds and @e ev_sigs arrays (if non-NULL). */ unsigned int num_fresh_coins; + /** + * True if @e rms was provided. + */ + bool have_rms; }; @@ -296,6 +305,9 @@ check_commitment (struct RevealContext *rctx, } TALER_refresh_get_commitment (&rc_expected, TALER_CNC_KAPPA, + rctx->have_rms + ? &rctx->rms + : NULL, rctx->num_fresh_coins, rcs, &rctx->melt.session.coin.coin_pub, @@ -344,7 +356,7 @@ check_commitment (struct RevealContext *rctx, if ( (0 > TALER_amount_add (&total, - &rctx->dks[i]->meta.fee_withdraw, + &rctx->dks[i]->meta.fees.withdraw, &rctx->dks[i]->meta.value)) || (0 > TALER_amount_add (&refresh_cost, @@ -439,7 +451,15 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection, &ret); if (NULL == dks[i]) return ret; - + if ( (TALER_DENOMINATION_CS == dks[i]->denom_pub.cipher) && + (! rctx->have_rms) ) + { + return TALER_MHD_reply_with_error ( + connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_PARAMETER_MISSING, + "rms"); + } if (GNUNET_TIME_absolute_is_past (dks[i]->meta.expire_withdraw.abs_time)) { /* This denomination is past the expiration time for withdraws */ @@ -812,6 +832,9 @@ TEH_handler_reveal (struct TEH_RequestContext *rc, GNUNET_JSON_spec_mark_optional ( GNUNET_JSON_spec_json ("old_age_commitment", &old_age_commitment)), + GNUNET_JSON_spec_mark_optional ( + GNUNET_JSON_spec_fixed_auto ("rms", + &rctx.rms)), GNUNET_JSON_spec_end () }; @@ -852,6 +875,8 @@ TEH_handler_reveal (struct TEH_RequestContext *rc, return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; } } + rctx.have_rms = (NULL != json_object_get (root, + "rms")); /* Check we got enough transfer private keys */ /* Note we do +1 as 1 row (cut-and-choose!) is missing! */ |