diff options
Diffstat (limited to 'src/exchange/taler-exchange-httpd_csr.c')
-rw-r--r-- | src/exchange/taler-exchange-httpd_csr.c | 124 |
1 files changed, 65 insertions, 59 deletions
diff --git a/src/exchange/taler-exchange-httpd_csr.c b/src/exchange/taler-exchange-httpd_csr.c index 14d82ef11..e4fa4f5e4 100644 --- a/src/exchange/taler-exchange-httpd_csr.c +++ b/src/exchange/taler-exchange-httpd_csr.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2014-2022 Taler Systems SA + Copyright (C) 2014-2023 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as @@ -21,6 +21,7 @@ * @brief Handle /csr requests * @author Lucien Heuzeveldt * @author Gian Demarmles + * @author Christian Grothoff */ #include "platform.h" #include <gnunet/gnunet_util_lib.h> @@ -39,12 +40,12 @@ TEH_handler_csr_melt (struct TEH_RequestContext *rc, { struct TALER_RefreshMasterSecretP rms; unsigned int csr_requests_num; - json_t *csr_requests; + const json_t *csr_requests; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_fixed_auto ("rms", &rms), - GNUNET_JSON_spec_json ("nks", - &csr_requests), + GNUNET_JSON_spec_array_const ("nks", + &csr_requests), GNUNET_JSON_spec_end () }; enum TALER_ErrorCode ec; @@ -65,7 +66,7 @@ TEH_handler_csr_melt (struct TEH_RequestContext *rc, if ( (TALER_MAX_FRESH_COINS <= csr_requests_num) || (0 == csr_requests_num) ) { - GNUNET_JSON_parse_free (spec); + GNUNET_break_op (0); return TALER_MHD_reply_with_error ( rc->connection, MHD_HTTP_BAD_REQUEST, @@ -74,11 +75,12 @@ TEH_handler_csr_melt (struct TEH_RequestContext *rc, } { - struct TALER_ExchangeWithdrawValues ewvs[csr_requests_num]; - + struct GNUNET_CRYPTO_BlindingInputValues ewvs[csr_requests_num]; { - struct TALER_CsNonce nonces[csr_requests_num]; + struct GNUNET_CRYPTO_CsSessionNonce nonces[csr_requests_num]; struct TALER_DenominationHashP denom_pub_hashes[csr_requests_num]; + struct TEH_CsDeriveData cdds[csr_requests_num]; + struct GNUNET_CRYPTO_CSPublicRPairP r_pubs[csr_requests_num]; for (unsigned int i = 0; i < csr_requests_num; i++) { @@ -100,24 +102,20 @@ TEH_handler_csr_melt (struct TEH_RequestContext *rc, -1); if (GNUNET_OK != res) { - GNUNET_JSON_parse_free (spec); return (GNUNET_NO == res) ? MHD_YES : MHD_NO; } TALER_cs_refresh_nonce_derive (&rms, coin_off, &nonces[i]); } - GNUNET_JSON_parse_free (spec); for (unsigned int i = 0; i < csr_requests_num; i++) { - const struct TALER_CsNonce *nonce = &nonces[i]; + const struct GNUNET_CRYPTO_CsSessionNonce *nonce = &nonces[i]; const struct TALER_DenominationHashP *denom_pub_hash = &denom_pub_hashes[i]; - struct TALER_DenominationCSPublicRPairP *r_pub - = &ewvs[i].details.cs_values; - ewvs[i].cipher = TALER_DENOMINATION_CS; + ewvs[i].cipher = GNUNET_CRYPTO_BSA_CS; /* check denomination referenced by denom_pub_hash */ { struct TEH_KeyStateHandle *ksh; @@ -130,10 +128,10 @@ TEH_handler_csr_melt (struct TEH_RequestContext *rc, TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING, NULL); } - dk = TEH_keys_denomination_by_hash2 (ksh, - denom_pub_hash, - NULL, - NULL); + dk = TEH_keys_denomination_by_hash_from_state (ksh, + denom_pub_hash, + NULL, + NULL); if (NULL == dk) { return TEH_RESPONSE_reply_unknown_denom_pub_hash ( @@ -168,7 +166,8 @@ TEH_handler_csr_melt (struct TEH_RequestContext *rc, TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED, "csr-melt"); } - if (TALER_DENOMINATION_CS != dk->denom_pub.cipher) + if (GNUNET_CRYPTO_BSA_CS != + dk->denom_pub.bsign_pub_key->cipher) { /* denomination is valid but not for CS */ return TEH_RESPONSE_reply_invalid_denom_cipher_for_operation ( @@ -176,21 +175,23 @@ TEH_handler_csr_melt (struct TEH_RequestContext *rc, denom_pub_hash); } } - - /* derive r_pub */ - // FIXME-#7272: bundle all requests into one derivation request (TEH_keys_..., crypto helper, security module) - ec = TEH_keys_denomination_cs_r_pub_melt (denom_pub_hash, - nonce, - r_pub); - if (TALER_EC_NONE != ec) - { - GNUNET_break (0); - return TALER_MHD_reply_with_ec (rc->connection, - ec, - NULL); - } + cdds[i].h_denom_pub = denom_pub_hash; + cdds[i].nonce = nonce; + } /* for (i) */ + ec = TEH_keys_denomination_cs_batch_r_pub (csr_requests_num, + cdds, + true, + r_pubs); + if (TALER_EC_NONE != ec) + { + GNUNET_break (0); + return TALER_MHD_reply_with_ec (rc->connection, + ec, + NULL); } - } + for (unsigned int i = 0; i < csr_requests_num; i++) + ewvs[i].details.cs_values = r_pubs[i]; + } /* end scope */ /* send response */ { @@ -201,10 +202,13 @@ TEH_handler_csr_melt (struct TEH_RequestContext *rc, for (unsigned int i = 0; i < csr_requests_num; i++) { json_t *csr_obj; + struct TALER_ExchangeWithdrawValues exw = { + .blinding_inputs = &ewvs[i] + }; csr_obj = GNUNET_JSON_PACK ( TALER_JSON_pack_exchange_withdraw_values ("ewv", - &ewvs[i])); + &exw)); GNUNET_assert (NULL != csr_obj); GNUNET_assert (0 == json_array_append_new (csr_response_ewvs, @@ -227,18 +231,16 @@ TEH_handler_csr_withdraw (struct TEH_RequestContext *rc, const json_t *root, const char *const args[]) { - struct TALER_CsNonce nonce; + struct GNUNET_CRYPTO_CsSessionNonce nonce; struct TALER_DenominationHashP denom_pub_hash; - struct TALER_ExchangeWithdrawValues ewv = { - .cipher = TALER_DENOMINATION_CS + struct GNUNET_CRYPTO_BlindingInputValues ewv = { + .cipher = GNUNET_CRYPTO_BSA_CS }; struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_fixed ("nonce", - &nonce, - sizeof (struct TALER_CsNonce)), - GNUNET_JSON_spec_fixed ("denom_pub_hash", - &denom_pub_hash, - sizeof (struct TALER_DenominationHashP)), + GNUNET_JSON_spec_fixed_auto ("nonce", + &nonce), + GNUNET_JSON_spec_fixed_auto ("denom_pub_hash", + &denom_pub_hash), GNUNET_JSON_spec_end () }; struct TEH_DenominationKey *dk; @@ -265,10 +267,10 @@ TEH_handler_csr_withdraw (struct TEH_RequestContext *rc, TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING, NULL); } - dk = TEH_keys_denomination_by_hash2 (ksh, - &denom_pub_hash, - NULL, - NULL); + dk = TEH_keys_denomination_by_hash_from_state (ksh, + &denom_pub_hash, + NULL, + NULL); if (NULL == dk) { return TEH_RESPONSE_reply_unknown_denom_pub_hash ( @@ -303,7 +305,8 @@ TEH_handler_csr_withdraw (struct TEH_RequestContext *rc, TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED, "csr-withdraw"); } - if (TALER_DENOMINATION_CS != dk->denom_pub.cipher) + if (GNUNET_CRYPTO_BSA_CS != + dk->denom_pub.bsign_pub_key->cipher) { /* denomination is valid but not for CS */ return TEH_RESPONSE_reply_invalid_denom_cipher_for_operation ( @@ -315,10 +318,14 @@ TEH_handler_csr_withdraw (struct TEH_RequestContext *rc, /* derive r_pub */ { enum TALER_ErrorCode ec; + const struct TEH_CsDeriveData cdd = { + .h_denom_pub = &denom_pub_hash, + .nonce = &nonce + }; - ec = TEH_keys_denomination_cs_r_pub_withdraw (&denom_pub_hash, - &nonce, - &ewv.details.cs_values); + ec = TEH_keys_denomination_cs_r_pub (&cdd, + false, + &ewv.details.cs_values); if (TALER_EC_NONE != ec) { GNUNET_break (0); @@ -327,17 +334,16 @@ TEH_handler_csr_withdraw (struct TEH_RequestContext *rc, NULL); } } - { - json_t *csr_obj; + struct TALER_ExchangeWithdrawValues exw = { + .blinding_inputs = &ewv + }; - csr_obj = GNUNET_JSON_PACK ( + return TALER_MHD_REPLY_JSON_PACK ( + rc->connection, + MHD_HTTP_OK, TALER_JSON_pack_exchange_withdraw_values ("ewv", - &ewv)); - GNUNET_assert (NULL != csr_obj); - return TALER_MHD_reply_json_steal (rc->connection, - csr_obj, - MHD_HTTP_OK); + &exw)); } } |