summaryrefslogtreecommitdiff
path: root/src/exchange
diff options
context:
space:
mode:
Diffstat (limited to 'src/exchange')
-rw-r--r--src/exchange/taler-exchange-httpd_csr.c44
-rw-r--r--src/exchange/taler-exchange-httpd_deposit.c7
-rw-r--r--src/exchange/taler-exchange-httpd_keys.c28
-rw-r--r--src/exchange/taler-exchange-httpd_keys.h4
-rw-r--r--src/exchange/taler-exchange-httpd_recoup.c16
-rw-r--r--src/exchange/taler-exchange-httpd_refreshes_reveal.c5
-rw-r--r--src/exchange/taler-exchange-httpd_responses.c47
-rw-r--r--src/exchange/taler-exchange-httpd_responses.h13
-rw-r--r--src/exchange/taler-exchange-httpd_withdraw.c96
9 files changed, 114 insertions, 146 deletions
diff --git a/src/exchange/taler-exchange-httpd_csr.c b/src/exchange/taler-exchange-httpd_csr.c
index 415dc7acf..e1c9037df 100644
--- a/src/exchange/taler-exchange-httpd_csr.c
+++ b/src/exchange/taler-exchange-httpd_csr.c
@@ -54,16 +54,6 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
(void) args;
- memset (&nonce,
- 0,
- sizeof (nonce));
- memset (&denom_pub_hash,
- 0,
- sizeof (denom_pub_hash));
- memset (&r_pub,
- 0,
- sizeof (r_pub));
-
// parse input
{
enum GNUNET_GenericReturnValue res;
@@ -78,7 +68,6 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
// check denomination referenced by denom_pub_hash
{
- MHD_RESULT mret;
struct TEH_KeyStateHandle *ksh;
ksh = TEH_keys_get_state ();
@@ -88,7 +77,6 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
MHD_HTTP_INTERNAL_SERVER_ERROR,
TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING,
NULL);
- return mret;
}
dk = TEH_keys_denomination_by_hash2 (ksh,
&denom_pub_hash,
@@ -134,17 +122,16 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
if (TALER_DENOMINATION_CS != dk->denom_pub.cipher)
{
// denomination is valid but not CS
- return TEH_RESPONSE_reply_unknown_denom_pub_hash (
+ return TEH_RESPONSE_reply_invalid_denom_cipher_for_operation (
rc->connection,
&denom_pub_hash);
}
}
// derive r_pub
- ec = TALER_EC_NONE;
- r_pub = TEH_keys_denomination_cs_r_pub (&denom_pub_hash,
- &nonce,
- &ec);
+ ec = TEH_keys_denomination_cs_r_pub (&denom_pub_hash,
+ &nonce,
+ &r_pub);
if (TALER_EC_NONE != ec)
{
GNUNET_break (0);
@@ -154,20 +141,15 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
}
// send response
- {
- MHD_RESULT ret;
-
- ret = TALER_MHD_REPLY_JSON_PACK (
- rc->connection,
- MHD_HTTP_OK,
- GNUNET_JSON_pack_data_varsize ("r_pub_0",
- &r_pub.r_pub[0],
- sizeof(struct GNUNET_CRYPTO_CsRPublic)),
- GNUNET_JSON_pack_data_varsize ("r_pub_1",
- &r_pub.r_pub[1],
- sizeof(struct GNUNET_CRYPTO_CsRPublic)));
- return ret;
- }
+ return TALER_MHD_REPLY_JSON_PACK (
+ rc->connection,
+ MHD_HTTP_OK,
+ GNUNET_JSON_pack_data_varsize ("r_pub_0",
+ &r_pub.r_pub[0],
+ sizeof(struct GNUNET_CRYPTO_CsRPublic)),
+ GNUNET_JSON_pack_data_varsize ("r_pub_1",
+ &r_pub.r_pub[1],
+ sizeof(struct GNUNET_CRYPTO_CsRPublic)));
}
diff --git a/src/exchange/taler-exchange-httpd_deposit.c b/src/exchange/taler-exchange-httpd_deposit.c
index 11f94f2c5..50ddba604 100644
--- a/src/exchange/taler-exchange-httpd_deposit.c
+++ b/src/exchange/taler-exchange-httpd_deposit.c
@@ -360,9 +360,10 @@ TEH_handler_deposit (struct MHD_Connection *connection,
{
/* denomination cipher and denomination signature cipher not the same */
GNUNET_JSON_parse_free (spec);
- return TEH_RESPONSE_reply_unknown_denom_pub_hash (
- connection,
- &deposit.coin.denom_pub_hash);
+ return TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_EXCHANGE_GENERIC_CIPHER_MISMATCH,
+ NULL);
}
deposit.deposit_fee = dk->meta.fee_deposit;
diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c
index 42f351b75..39c5b760f 100644
--- a/src/exchange/taler-exchange-httpd_keys.c
+++ b/src/exchange/taler-exchange-httpd_keys.c
@@ -974,7 +974,6 @@ helper_cs_cb (
GNUNET_assert (TALER_DENOMINATION_CS == denom_pub->cipher);
TALER_denom_pub_deep_copy (&hd->denom_pub,
denom_pub);
- GNUNET_assert (TALER_DENOMINATION_CS == hd->denom_pub.cipher);
/* load the age mask for the denomination, if applicable */
hd->denom_pub.age_mask = load_age_mask (section_name);
TALER_denom_pub_hash (&hd->denom_pub,
@@ -2458,42 +2457,37 @@ TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub,
}
-struct TALER_DenominationCsPublicR
+enum TALER_ErrorCode
TEH_keys_denomination_cs_r_pub (const struct
TALER_DenominationHash *h_denom_pub,
const struct TALER_WithdrawNonce *nonce,
- enum TALER_ErrorCode *ec)
+ struct TALER_DenominationCsPublicR *r_pub)
{
struct TEH_KeyStateHandle *ksh;
- struct TALER_DenominationCsPublicR none;
struct HelperDenomination *hd;
+ enum TALER_ErrorCode r_derive_ec;
- memset (&none,
- 0,
- sizeof (none));
ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
- *ec = TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING;
- return none;
+ return TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING;
}
hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys,
&h_denom_pub->hash);
if (NULL == hd)
{
- *ec = TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN;
- return none;
+ return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN;
}
if (TALER_DENOMINATION_CS != hd->denom_pub.cipher)
{
- *ec = TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
- return none;
+ return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
}
- return TALER_CRYPTO_helper_cs_r_derive (ksh->helpers->csdh,
- &hd->h_details.h_cs,
- nonce,
- ec);
+ *r_pub = TALER_CRYPTO_helper_cs_r_derive (ksh->helpers->csdh,
+ &hd->h_details.h_cs,
+ nonce,
+ &r_derive_ec);
+ return r_derive_ec;
}
diff --git a/src/exchange/taler-exchange-httpd_keys.h b/src/exchange/taler-exchange-httpd_keys.h
index 7e75c80a9..2cc7d7d7c 100644
--- a/src/exchange/taler-exchange-httpd_keys.h
+++ b/src/exchange/taler-exchange-httpd_keys.h
@@ -229,11 +229,11 @@ TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub,
* @return r_pub, the value inside the structure will be NULL on failure,
* see @a ec for details about the failure
*/
-struct TALER_DenominationCsPublicR
+enum TALER_ErrorCode
TEH_keys_denomination_cs_r_pub (const struct
TALER_DenominationHash *h_denom_pub,
const struct TALER_WithdrawNonce *nonce,
- enum TALER_ErrorCode *ec);
+ struct TALER_DenominationCsPublicR *r_pub);
/**
diff --git a/src/exchange/taler-exchange-httpd_recoup.c b/src/exchange/taler-exchange-httpd_recoup.c
index 1abb88531..cb77ba3f8 100644
--- a/src/exchange/taler-exchange-httpd_recoup.c
+++ b/src/exchange/taler-exchange-httpd_recoup.c
@@ -265,12 +265,16 @@ verify_and_execute_recoup (
TALER_EC_EXCHANGE_RECOUP_BLINDING_FAILED,
NULL);
}
- TALER_coin_ev_hash (
- blinded_planchet.details.rsa_blinded_planchet.blinded_msg,
- blinded_planchet.details.rsa_blinded_planchet.
- blinded_msg_size,
- &pc.h_blind);
- GNUNET_free (blinded_planchet.details.rsa_blinded_planchet.blinded_msg);
+ if (GNUNET_OK != TALER_coin_ev_hash (&blinded_planchet,
+ &pc.h_blind))
+ {
+ GNUNET_break (0);
+ return TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
+ NULL);
+ }
+ TALER_blinded_planchet_free (&blinded_planchet);
}
pc.coin_sig = coin_sig;
diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c
index 5a46aa22e..eba8efbda 100644
--- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c
+++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c
@@ -181,6 +181,7 @@ check_commitment (struct RevealContext *rctx,
{
struct TALER_RefreshCoinData *rcd = &rce->new_coins[j];
struct TALER_PlanchetSecretsP ps;
+ struct TALER_ExchangeWithdrawValues alg_values;
struct TALER_PlanchetDetail pd;
struct TALER_CoinPubHash c_hash;
@@ -188,9 +189,11 @@ check_commitment (struct RevealContext *rctx,
TALER_planchet_setup_refresh (&ts,
j,
&ps);
+ // TODO: implement cipher handling
+ alg_values.cipher = TALER_DENOMINATION_RSA;
GNUNET_assert (GNUNET_OK ==
TALER_planchet_prepare (rcd->dk,
- NULL, /* not needed in RSA*/
+ &alg_values,
&ps,
&c_hash,
&pd));
diff --git a/src/exchange/taler-exchange-httpd_responses.c b/src/exchange/taler-exchange-httpd_responses.c
index 66a3b0af9..8aa54712c 100644
--- a/src/exchange/taler-exchange-httpd_responses.c
+++ b/src/exchange/taler-exchange-httpd_responses.c
@@ -491,6 +491,53 @@ TEH_RESPONSE_reply_expired_denom_pub_hash (
}
+MHD_RESULT
+TEH_RESPONSE_reply_invalid_denom_cipher_for_operation (
+ struct MHD_Connection *connection,
+ const struct TALER_DenominationHash *dph)
+{
+ struct TALER_ExchangePublicKeyP epub;
+ struct TALER_ExchangeSignatureP esig;
+ struct GNUNET_TIME_Timestamp now;
+ enum TALER_ErrorCode ec;
+
+ now = GNUNET_TIME_timestamp_get ();
+ {
+ struct TALER_DenominationUnknownAffirmationPS dua = {
+ .purpose.size = htonl (sizeof (dua)),
+ .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_AFFIRM_DENOM_UNKNOWN),
+ .timestamp = GNUNET_TIME_timestamp_hton (now),
+ .h_denom_pub = *dph,
+ };
+
+ ec = TEH_keys_exchange_sign (&dua,
+ &epub,
+ &esig);
+ }
+ if (TALER_EC_NONE != ec)
+ {
+ GNUNET_break (0);
+ return TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ ec,
+ NULL);
+ }
+ return TALER_MHD_REPLY_JSON_PACK (
+ connection,
+ MHD_HTTP_NOT_FOUND,
+ TALER_JSON_pack_ec (
+ TALER_EC_EXCHANGE_GENERIC_INVALID_DENOMINATION_CIPHER_FOR_OPERATION),
+ GNUNET_JSON_pack_timestamp ("timestamp",
+ now),
+ GNUNET_JSON_pack_data_auto ("exchange_pub",
+ &epub),
+ GNUNET_JSON_pack_data_auto ("exchange_sig",
+ &esig),
+ GNUNET_JSON_pack_data_auto ("h_denom_pub",
+ dph));
+}
+
+
/**
* Send proof that a request is invalid to client because of
* insufficient funds. This function will create a message with all
diff --git a/src/exchange/taler-exchange-httpd_responses.h b/src/exchange/taler-exchange-httpd_responses.h
index db2286ffa..48309a41d 100644
--- a/src/exchange/taler-exchange-httpd_responses.h
+++ b/src/exchange/taler-exchange-httpd_responses.h
@@ -80,6 +80,19 @@ TEH_RESPONSE_reply_expired_denom_pub_hash (
/**
+ * Send assertion that the given denomination cannot be used for this operation.
+ *
+ * @param connection connection to the client
+ * @param dph denomination public key hash
+ * @return MHD result code
+ */
+MHD_RESULT
+TEH_RESPONSE_reply_invalid_denom_cipher_for_operation (
+ struct MHD_Connection *connection,
+ const struct TALER_DenominationHash *dph);
+
+
+/**
* Send proof that a request is invalid to client because of
* insufficient funds. This function will create a message with all
* of the operations affecting the coin that demonstrate that the coin
diff --git a/src/exchange/taler-exchange-httpd_withdraw.c b/src/exchange/taler-exchange-httpd_withdraw.c
index 9925fa8e6..a82a6daa0 100644
--- a/src/exchange/taler-exchange-httpd_withdraw.c
+++ b/src/exchange/taler-exchange-httpd_withdraw.c
@@ -332,36 +332,8 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
&wc.collectable.reserve_sig),
GNUNET_JSON_spec_fixed_auto ("denom_pub_hash",
&wc.collectable.denom_pub_hash),
- GNUNET_JSON_spec_end ()
- };
- // holds pointer to coin_ev_rsa/cs_spec for freeing
- struct GNUNET_JSON_Specification *coin_ev_spec = NULL;
- struct GNUNET_JSON_Specification coin_ev_rsa_spec[] = {
- GNUNET_JSON_spec_varsize (
- "coin_ev",
- (void **) &wc.blinded_planchet.details.rsa_blinded_planchet.blinded_msg,
- &wc.blinded_planchet.details.rsa_blinded_planchet.blinded_msg_size),
- GNUNET_JSON_spec_end ()
- };
- json_t *coin_ev_cs_json;
- struct GNUNET_JSON_Specification coin_ev_cs_json_spec[] = {
- GNUNET_JSON_spec_json ("coin_ev",
- &coin_ev_cs_json),
- GNUNET_JSON_spec_end ()
- };
- struct GNUNET_JSON_Specification coin_ev_cs_spec[] = {
- GNUNET_JSON_spec_fixed (
- "nonce",
- &wc.blinded_planchet.details.cs_blinded_planchet.nonce,
- sizeof (wc.blinded_planchet.details.cs_blinded_planchet.nonce)),
- GNUNET_JSON_spec_fixed (
- "c0",
- &wc.blinded_planchet.details.cs_blinded_planchet.c[0],
- sizeof (wc.blinded_planchet.details.cs_blinded_planchet.c[0])),
- GNUNET_JSON_spec_fixed (
- "c1",
- &wc.blinded_planchet.details.cs_blinded_planchet.c[1],
- sizeof (wc.blinded_planchet.details.cs_blinded_planchet.c[1])),
+ TALER_JSON_spec_blinded_planchet ("coin_ev",
+ &wc.blinded_planchet),
GNUNET_JSON_spec_end ()
};
enum TALER_ErrorCode ec;
@@ -492,36 +464,14 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
enum GNUNET_GenericReturnValue res;
wc.blinded_planchet.cipher = dk->denom_pub.cipher;
switch (wc.blinded_planchet.cipher)
+
+ if (dk->denom_pub.cipher != wc.blinded_planchet.cipher)
{
- case TALER_DENOMINATION_RSA:
- res = TALER_MHD_parse_json_data (rc->connection,
- root,
- coin_ev_rsa_spec);
- if (GNUNET_OK != res)
- return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
- coin_ev_spec = coin_ev_rsa_spec;
- break;
- case TALER_DENOMINATION_CS:
- // coin_ev for CS is nested
- res = TALER_MHD_parse_json_data (rc->connection,
- root,
- coin_ev_cs_json_spec);
- if (GNUNET_OK != res)
- return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
- res = TALER_MHD_parse_json_data (rc->connection,
- coin_ev_cs_json,
- coin_ev_cs_spec);
- GNUNET_JSON_parse_free (coin_ev_cs_json_spec);
- if (GNUNET_OK != res)
- return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
- coin_ev_spec = coin_ev_cs_spec;
- break;
- default:
- GNUNET_break (0);
+ /* denomination cipher and blinded planchet cipher not the same */
GNUNET_JSON_parse_free (spec);
return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_FORBIDDEN,
- TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_EXCHANGE_GENERIC_CIPHER_MISMATCH,
NULL);
}
}
@@ -533,8 +483,6 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
&dk->meta.fee_withdraw))
{
GNUNET_JSON_parse_free (spec);
- if (NULL != coin_ev_spec)
- GNUNET_JSON_parse_free (coin_ev_spec);
return TALER_MHD_reply_with_error (rc->connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
TALER_EC_EXCHANGE_WITHDRAW_AMOUNT_FEE_OVERFLOW,
@@ -554,27 +502,13 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
= htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW);
wc.wsrd.h_denomination_pub
= wc.collectable.denom_pub_hash;
- switch (wc.blinded_planchet.cipher)
+ if (GNUNET_OK != TALER_coin_ev_hash (&wc.blinded_planchet,
+ &wc.wsrd.h_coin_envelope))
{
- case TALER_DENOMINATION_RSA:
- TALER_coin_ev_hash (
- wc.blinded_planchet.details.rsa_blinded_planchet.blinded_msg,
- wc.blinded_planchet.details.rsa_blinded_planchet.blinded_msg_size,
- &wc.wsrd.h_coin_envelope);
- break;
- case TALER_DENOMINATION_CS:
- TALER_coin_ev_hash (
- &wc.blinded_planchet.details.cs_blinded_planchet,
- sizeof (wc.blinded_planchet.details.cs_blinded_planchet),
- &wc.wsrd.h_coin_envelope);
- break;
- default:
GNUNET_break (0);
GNUNET_JSON_parse_free (spec);
- if (NULL != coin_ev_spec)
- GNUNET_JSON_parse_free (coin_ev_spec);
return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_FORBIDDEN,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
NULL);
}
@@ -588,8 +522,6 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
TALER_LOG_WARNING (
"Client supplied invalid signature for withdraw request\n");
GNUNET_JSON_parse_free (spec);
- if (NULL != coin_ev_spec)
- GNUNET_JSON_parse_free (coin_ev_spec);
return TALER_MHD_reply_with_error (rc->connection,
MHD_HTTP_FORBIDDEN,
TALER_EC_EXCHANGE_WITHDRAW_RESERVE_SIGNATURE_INVALID,
@@ -618,8 +550,6 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
default:
GNUNET_break (0);
GNUNET_JSON_parse_free (spec);
- if (NULL != coin_ev_spec)
- GNUNET_JSON_parse_free (coin_ev_spec);
return TALER_MHD_reply_with_error (rc->connection,
MHD_HTTP_FORBIDDEN,
TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
@@ -634,8 +564,6 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
{
GNUNET_break (0);
GNUNET_JSON_parse_free (spec);
- if (NULL != coin_ev_spec)
- GNUNET_JSON_parse_free (coin_ev_spec);
return TALER_MHD_reply_with_ec (rc->connection,
ec,
NULL);
@@ -657,16 +585,12 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
(or we might have done it optimistically above). */
TALER_blinded_denom_sig_free (&wc.collectable.sig);
GNUNET_JSON_parse_free (spec);
- if (NULL != coin_ev_spec)
- GNUNET_JSON_parse_free (coin_ev_spec);
return mhd_ret;
}
}
/* Clean up and send back final response */
GNUNET_JSON_parse_free (spec);
- if (NULL != coin_ev_spec)
- GNUNET_JSON_parse_free (coin_ev_spec);
{
MHD_RESULT ret;
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-21 12:16:09 +0000