diff options
Diffstat (limited to 'src/exchange')
-rw-r--r-- | src/exchange/taler-exchange-httpd_link.c | 8 | ||||
-rw-r--r-- | src/exchange/taler-exchange-httpd_recoup-refresh.c | 12 | ||||
-rw-r--r-- | src/exchange/taler-exchange-httpd_recoup.c | 12 | ||||
-rw-r--r-- | src/exchange/taler-exchange-httpd_refreshes_reveal.c | 7 | ||||
-rw-r--r-- | src/exchange/taler-exchange-httpd_withdraw.c | 4 |
5 files changed, 42 insertions, 1 deletions
diff --git a/src/exchange/taler-exchange-httpd_link.c b/src/exchange/taler-exchange-httpd_link.c index de10f8b82..47b803ffa 100644 --- a/src/exchange/taler-exchange-httpd_link.c +++ b/src/exchange/taler-exchange-httpd_link.c @@ -91,7 +91,13 @@ handle_link_data (void *cls, TALER_JSON_pack_exchange_withdraw_values ("ewv", &pos->alg_values), GNUNET_JSON_pack_data_auto ("link_sig", - &pos->orig_coin_link_sig)); + &pos->orig_coin_link_sig), + GNUNET_JSON_pack_allow_null ( + pos->have_nonce + ? GNUNET_JSON_pack_data_auto ("cs_nonce", + &pos->nonce) + : GNUNET_JSON_pack_string ("cs_nonce", + NULL))); if ( (NULL == obj) || (0 != json_array_append_new (list, diff --git a/src/exchange/taler-exchange-httpd_recoup-refresh.c b/src/exchange/taler-exchange-httpd_recoup-refresh.c index 3e0588940..829e2cbd7 100644 --- a/src/exchange/taler-exchange-httpd_recoup-refresh.c +++ b/src/exchange/taler-exchange-httpd_recoup-refresh.c @@ -174,6 +174,7 @@ verify_and_execute_recoup_refresh ( const struct TALER_CoinPublicInfo *coin, const struct TALER_ExchangeWithdrawValues *exchange_vals, const union TALER_DenominationBlindingKeyP *coin_bks, + const struct TALER_CsNonce *nonce, const struct TALER_CoinSpendSignatureP *coin_sig) { struct RecoupContext pc; @@ -263,6 +264,9 @@ verify_and_execute_recoup_refresh ( TALER_EC_EXCHANGE_RECOUP_REFRESH_BLINDING_FAILED, NULL); } + if (TALER_DENOMINATION_CS == blinded_planchet.cipher) + blinded_planchet.details.cs_blinded_planchet.nonce + = *nonce; TALER_coin_ev_hash (&blinded_planchet, &coin->denom_pub_hash, &h_blind); @@ -360,6 +364,7 @@ TEH_handler_recoup_refresh (struct MHD_Connection *connection, union TALER_DenominationBlindingKeyP coin_bks; struct TALER_CoinSpendSignatureP coin_sig; struct TALER_ExchangeWithdrawValues exchange_vals; + struct TALER_CsNonce nonce; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_fixed_auto ("denom_pub_hash", &coin.denom_pub_hash), @@ -371,12 +376,18 @@ TEH_handler_recoup_refresh (struct MHD_Connection *connection, &coin_bks), GNUNET_JSON_spec_fixed_auto ("coin_sig", &coin_sig), + GNUNET_JSON_spec_mark_optional ( + GNUNET_JSON_spec_fixed_auto ("cs_nonce", + &nonce)), GNUNET_JSON_spec_end () }; memset (&coin, 0, sizeof (coin)); + memset (&nonce, + 0, + sizeof (nonce)); coin.coin_pub = *coin_pub; ret = TALER_MHD_parse_json_data (connection, root, @@ -392,6 +403,7 @@ TEH_handler_recoup_refresh (struct MHD_Connection *connection, &coin, &exchange_vals, &coin_bks, + &nonce, &coin_sig); GNUNET_JSON_parse_free (spec); return res; diff --git a/src/exchange/taler-exchange-httpd_recoup.c b/src/exchange/taler-exchange-httpd_recoup.c index f4e426fbb..c635769c6 100644 --- a/src/exchange/taler-exchange-httpd_recoup.c +++ b/src/exchange/taler-exchange-httpd_recoup.c @@ -177,6 +177,7 @@ verify_and_execute_recoup ( const struct TALER_CoinPublicInfo *coin, const struct TALER_ExchangeWithdrawValues *exchange_vals, const union TALER_DenominationBlindingKeyP *coin_bks, + const struct TALER_CsNonce *nonce, const struct TALER_CoinSpendSignatureP *coin_sig) { struct RecoupContext pc; @@ -268,6 +269,9 @@ verify_and_execute_recoup ( TALER_EC_EXCHANGE_RECOUP_BLINDING_FAILED, NULL); } + if (TALER_DENOMINATION_CS == blinded_planchet.cipher) + blinded_planchet.details.cs_blinded_planchet.nonce + = *nonce; if (GNUNET_OK != TALER_coin_ev_hash (&blinded_planchet, &coin->denom_pub_hash, @@ -373,6 +377,7 @@ TEH_handler_recoup (struct MHD_Connection *connection, union TALER_DenominationBlindingKeyP coin_bks; struct TALER_CoinSpendSignatureP coin_sig; struct TALER_ExchangeWithdrawValues exchange_vals; + struct TALER_CsNonce nonce; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_fixed_auto ("denom_pub_hash", &coin.denom_pub_hash), @@ -384,12 +389,18 @@ TEH_handler_recoup (struct MHD_Connection *connection, &coin_bks), GNUNET_JSON_spec_fixed_auto ("coin_sig", &coin_sig), + GNUNET_JSON_spec_mark_optional ( + GNUNET_JSON_spec_fixed_auto ("cs_nonce", + &nonce)), GNUNET_JSON_spec_end () }; memset (&coin, 0, sizeof (coin)); + memset (&nonce, + 0, + sizeof (nonce)); coin.coin_pub = *coin_pub; ret = TALER_MHD_parse_json_data (connection, root, @@ -408,6 +419,7 @@ TEH_handler_recoup (struct MHD_Connection *connection, &coin, &exchange_vals, &coin_bks, + &nonce, &coin_sig); GNUNET_JSON_parse_free (spec); return res; diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c index 0d8f7bf9b..779b9df45 100644 --- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c +++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c @@ -634,6 +634,13 @@ resolve_refreshes_reveal_denominations (struct MHD_Connection *connection, rrc->blinded_planchet = rcds[i].blinded_planchet; } + // FIXME: in CS-case, we MUST check if signatures + // already exist under the given nonce + // (TODO: check: refresh session hash OK?), and if so, + // we MUST return the existing signatures (c0/c1 may have changed!) + // and MUST NOT return the fresh signatures! + // => change this to a 'do_refresh_reveal' and + // change SQL to return existing signatures (if any)! qs = TEH_plugin->insert_refresh_reveal (TEH_plugin->cls, melt_serial_id, num_fresh_coins, diff --git a/src/exchange/taler-exchange-httpd_withdraw.c b/src/exchange/taler-exchange-httpd_withdraw.c index 7572f85d2..3799187c1 100644 --- a/src/exchange/taler-exchange-httpd_withdraw.c +++ b/src/exchange/taler-exchange-httpd_withdraw.c @@ -535,6 +535,10 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc, /* Clean up and send back final response */ GNUNET_JSON_parse_free (spec); + // FIXME: in CS-case, we MUST re-transmit any _existing_ signature + // (if database had a record matching the nonce) + // instead of sending a 'fresh' one back (as c0/c1 may differ in + // a client attack! { MHD_RESULT ret; |