summaryrefslogtreecommitdiff
path: root/src/util/taler-exchange-secmod-cs.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/util/taler-exchange-secmod-cs.c')
-rw-r--r--src/util/taler-exchange-secmod-cs.c131
1 files changed, 87 insertions, 44 deletions
diff --git a/src/util/taler-exchange-secmod-cs.c b/src/util/taler-exchange-secmod-cs.c
index ed0eba15d..3e9ba1558 100644
--- a/src/util/taler-exchange-secmod-cs.c
+++ b/src/util/taler-exchange-secmod-cs.c
@@ -269,7 +269,7 @@ struct BatchJob
/**
* Result with the signature.
*/
- struct TALER_BlindedDenominationCsSignAnswer cs_answer;
+ struct GNUNET_CRYPTO_CsBlindSignature cs_answer;
} sign;
/**
@@ -285,7 +285,7 @@ struct BatchJob
/**
* Pair of points to return.
*/
- struct TALER_DenominationCSPublicRPairP rpairp;
+ struct GNUNET_CRYPTO_CSPublicRPairP rpairp;
} rderive;
@@ -341,6 +341,13 @@ static struct GNUNET_TIME_Timestamp now_tmp;
static char *keydir;
/**
+ * Name of the configuration section prefix to use. Usually either "taler-exchange" or
+ * "donau". The actual configuration section will then be
+ * "$SECTION-secmod-cs".
+ */
+static char *section;
+
+/**
* How much should coin creation (@e duration_withdraw) duration overlap
* with the next denomination? Basically, the starting time of two
* denominations is always @e duration_withdraw - #overlap_duration apart.
@@ -433,7 +440,7 @@ generate_response (struct DenominationKey *dk)
/**
* Do the actual signing work.
*
- * @param h_cs key to sign with
+ * @param h_cs hash of key to sign with
* @param planchet message to sign
* @param for_melt true if for melting
* @param[out] cs_sigp set to the CS signature
@@ -441,9 +448,9 @@ generate_response (struct DenominationKey *dk)
*/
static enum TALER_ErrorCode
do_sign (const struct TALER_CsPubHashP *h_cs,
- const struct TALER_BlindedCsPlanchet *planchet,
+ const struct GNUNET_CRYPTO_CsBlindedMessage *planchet,
bool for_melt,
- struct TALER_BlindedDenominationCsSignAnswer *cs_sigp)
+ struct GNUNET_CRYPTO_CsBlindSignature *cs_sigp)
{
struct GNUNET_CRYPTO_CsRSecret r[2];
struct DenominationKey *dk;
@@ -473,15 +480,14 @@ do_sign (const struct TALER_CsPubHashP *h_cs,
GNUNET_assert (dk->rc < UINT_MAX);
dk->rc++;
GNUNET_assert (0 == pthread_mutex_unlock (&keys_lock));
- GNUNET_CRYPTO_cs_r_derive (&planchet->nonce.nonce,
+ GNUNET_CRYPTO_cs_r_derive (&planchet->nonce,
for_melt ? "rm" : "rw",
&dk->denom_priv,
r);
- cs_sigp->b = GNUNET_CRYPTO_cs_sign_derive (&dk->denom_priv,
- r,
- planchet->c,
- &planchet->nonce.nonce,
- &cs_sigp->s_scalar);
+ GNUNET_CRYPTO_cs_sign_derive (&dk->denom_priv,
+ r,
+ planchet,
+ cs_sigp);
GNUNET_assert (0 == pthread_mutex_lock (&keys_lock));
GNUNET_assert (dk->rc > 0);
dk->rc--;
@@ -543,14 +549,14 @@ fail_derive (struct TES_Client *client,
*/
static enum GNUNET_GenericReturnValue
send_signature (struct TES_Client *client,
- const struct TALER_BlindedDenominationCsSignAnswer *cs_answer)
+ const struct GNUNET_CRYPTO_CsBlindSignature *cs_answer)
{
struct TALER_CRYPTO_SignResponse sres;
sres.header.size = htons (sizeof (sres));
sres.header.type = htons (TALER_HELPER_CS_MT_RES_SIGNATURE);
- sres.reserved = htonl (0);
- sres.cs_answer = *cs_answer;
+ sres.b = htonl (cs_answer->b);
+ sres.cs_answer = cs_answer->s_scalar;
return TES_transmit (client->csock,
&sres.header);
}
@@ -569,13 +575,13 @@ static enum GNUNET_GenericReturnValue
handle_sign_request (struct TES_Client *client,
const struct TALER_CRYPTO_CsSignRequestMessage *sr)
{
- struct TALER_BlindedDenominationCsSignAnswer cs_answer;
+ struct GNUNET_CRYPTO_CsBlindSignature cs_answer;
struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
enum TALER_ErrorCode ec;
enum GNUNET_GenericReturnValue ret;
ec = do_sign (&sr->h_cs,
- &sr->planchet,
+ &sr->message,
(0 != ntohl (sr->for_melt)),
&cs_answer);
if (TALER_EC_NONE != ec)
@@ -605,12 +611,12 @@ handle_sign_request (struct TES_Client *client,
*/
static enum TALER_ErrorCode
do_derive (const struct TALER_CsPubHashP *h_cs,
- const struct TALER_CsNonce *nonce,
+ const struct GNUNET_CRYPTO_CsSessionNonce *nonce,
bool for_melt,
- struct TALER_DenominationCSPublicRPairP *rpairp)
+ struct GNUNET_CRYPTO_CSPublicRPairP *rpairp)
{
struct DenominationKey *dk;
- struct TALER_DenominationCSPrivateRPairP r_priv;
+ struct GNUNET_CRYPTO_CSPrivateRPairP r_priv;
GNUNET_assert (0 == pthread_mutex_lock (&keys_lock));
dk = GNUNET_CONTAINER_multihashmap_get (keys,
@@ -637,7 +643,7 @@ do_derive (const struct TALER_CsPubHashP *h_cs,
GNUNET_assert (dk->rc < UINT_MAX);
dk->rc++;
GNUNET_assert (0 == pthread_mutex_unlock (&keys_lock));
- GNUNET_CRYPTO_cs_r_derive (&nonce->nonce,
+ GNUNET_CRYPTO_cs_r_derive (nonce,
for_melt ? "rm" : "rw",
&dk->denom_priv,
r_priv.r);
@@ -662,10 +668,10 @@ do_derive (const struct TALER_CsPubHashP *h_cs,
*/
static enum GNUNET_GenericReturnValue
send_derivation (struct TES_Client *client,
- const struct TALER_DenominationCSPublicRPairP *r_pub)
+ const struct GNUNET_CRYPTO_CSPublicRPairP *r_pub)
{
struct TALER_CRYPTO_RDeriveResponse rdr = {
- .header.size = htons (sizeof (struct TALER_CRYPTO_RDeriveResponse)),
+ .header.size = htons (sizeof (rdr)),
.header.type = htons (TALER_HELPER_CS_MT_RES_RDERIVE),
.r_pub = *r_pub
};
@@ -776,7 +782,7 @@ worker (void *cls)
= bj->details.sign.sr;
bj->ec = do_sign (&sr->h_cs,
- &sr->planchet,
+ &sr->message,
(0 != ntohl (sr->for_melt)),
&bj->details.sign.cs_answer);
break;
@@ -1093,8 +1099,9 @@ setup_key (struct DenominationKey *dk,
GNUNET_CRYPTO_cs_private_key_generate (&priv);
GNUNET_CRYPTO_cs_private_key_get_public (&priv,
&pub);
- TALER_cs_pub_hash (&pub,
- &dk->h_cs);
+ GNUNET_CRYPTO_hash (&pub,
+ sizeof (pub),
+ &dk->h_cs.hash);
GNUNET_asprintf (&dk->filename,
"%s/%s/%llu",
keydir,
@@ -1242,7 +1249,7 @@ static enum GNUNET_GenericReturnValue
handle_r_derive_request (struct TES_Client *client,
const struct TALER_CRYPTO_CsRDeriveRequest *rdr)
{
- struct TALER_DenominationCSPublicRPairP r_pub;
+ struct GNUNET_CRYPTO_CSPublicRPairP r_pub;
struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
enum TALER_ErrorCode ec;
enum GNUNET_GenericReturnValue ret;
@@ -1773,20 +1780,19 @@ parse_key (struct Denomination *denom,
return;
}
{
- struct GNUNET_CRYPTO_CsPublicKey pub;
struct DenominationKey *dk;
struct DenominationKey *before;
- GNUNET_CRYPTO_cs_private_key_get_public (priv,
- &pub);
dk = GNUNET_new (struct DenominationKey);
dk->denom_priv = *priv;
dk->denom = denom;
dk->anchor = anchor;
dk->filename = GNUNET_strdup (filename);
- TALER_cs_pub_hash (&pub,
- &dk->h_cs);
- dk->denom_pub = pub;
+ GNUNET_CRYPTO_cs_private_key_get_public (priv,
+ &dk->denom_pub);
+ GNUNET_CRYPTO_hash (&dk->denom_pub,
+ sizeof (dk->denom_pub),
+ &dk->h_cs.hash);
generate_response (dk);
if (GNUNET_OK !=
GNUNET_CONTAINER_multihashmap_put (
@@ -1808,7 +1814,9 @@ parse_key (struct Denomination *denom,
NULL != pos;
pos = pos->next)
{
- if (GNUNET_TIME_timestamp_cmp (pos->anchor, >, anchor))
+ if (GNUNET_TIME_timestamp_cmp (pos->anchor,
+ >,
+ anchor))
break;
before = pos;
}
@@ -1956,6 +1964,11 @@ parse_denomination_cfg (const struct GNUNET_CONFIGURATION_Handle *cfg,
const char *ct,
struct Denomination *denom)
{
+ char *secname;
+
+ GNUNET_asprintf (&secname,
+ "%s-secmod-cs",
+ section);
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_time (cfg,
ct,
@@ -1965,6 +1978,7 @@ parse_denomination_cfg (const struct GNUNET_CONFIGURATION_Handle *cfg,
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
ct,
"DURATION_WITHDRAW");
+ GNUNET_free (secname);
return GNUNET_SYSERR;
}
if (GNUNET_TIME_relative_cmp (overlap_duration,
@@ -1972,11 +1986,13 @@ parse_denomination_cfg (const struct GNUNET_CONFIGURATION_Handle *cfg,
denom->duration_withdraw))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
- "taler-exchange-secmod-cs",
+ secname,
"OVERLAP_DURATION",
"Value given must be smaller than value for DURATION_WITHDRAW!");
+ GNUNET_free (secname);
return GNUNET_SYSERR;
}
+ GNUNET_free (secname);
denom->section = GNUNET_strdup (ct);
return GNUNET_OK;
}
@@ -2091,28 +2107,36 @@ load_denominations (void *cls,
static enum GNUNET_GenericReturnValue
load_durations (const struct GNUNET_CONFIGURATION_Handle *cfg)
{
+ char *secname;
+
+ GNUNET_asprintf (&secname,
+ "%s-secmod-cs",
+ section);
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_time (cfg,
- "taler-exchange-secmod-cs",
+ secname,
"OVERLAP_DURATION",
&overlap_duration))
{
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
- "taler-exchange-secmod-cs",
+ secname,
"OVERLAP_DURATION");
+ GNUNET_free (secname);
return GNUNET_SYSERR;
}
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_time (cfg,
- "taler-exchange-secmod-cs",
+ secname,
"LOOKAHEAD_SIGN",
&lookahead_sign))
{
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
- "taler-exchange-secmod-cs",
+ secname,
"LOOKAHEAD_SIGN");
+ GNUNET_free (secname);
return GNUNET_SYSERR;
}
+ GNUNET_free (secname);
return GNUNET_OK;
}
@@ -2156,6 +2180,7 @@ run (void *cls,
.updater = &cs_update_client_keys,
.init = &cs_client_init
};
+ char *secname;
(void) cls;
(void) args;
@@ -2170,27 +2195,40 @@ run (void *cls,
/* get current time again, we may be timetraveling! */
now = GNUNET_TIME_timestamp_get ();
}
+ GNUNET_asprintf (&secname,
+ "%s-secmod-cs",
+ section);
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_filename (cfg,
- "taler-exchange-secmod-cs",
+ secname,
"KEY_DIR",
&keydir))
{
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
- "taler-exchange-secmod-cs",
+ secname,
"KEY_DIR");
+ GNUNET_free (secname);
global_ret = EXIT_NOTCONFIGURED;
return;
}
+ GNUNET_free (secname);
if (GNUNET_OK !=
load_durations (cfg))
{
global_ret = EXIT_NOTCONFIGURED;
return;
}
- global_ret = TES_listen_start (cfg,
- "taler-exchange-secmod-cs",
- &cb);
+ {
+ char *secname;
+
+ GNUNET_asprintf (&secname,
+ "%s-secmod-cs",
+ section);
+ global_ret = TES_listen_start (cfg,
+ secname,
+ &cb);
+ GNUNET_free (secname);
+ }
if (0 != global_ret)
return;
sem_init (&worker_sem,
@@ -2263,6 +2301,11 @@ main (int argc,
char **argv)
{
struct GNUNET_GETOPT_CommandLineOption options[] = {
+ GNUNET_GETOPT_option_string ('s',
+ "section",
+ "SECTION",
+ "name of the configuration section prefix to use, default is 'taler'",
+ &section),
GNUNET_GETOPT_option_timetravel ('T',
"timetravel"),
GNUNET_GETOPT_option_timestamp ('t',
@@ -2281,7 +2324,7 @@ main (int argc,
/* Restrict permissions for the key files that we create. */
(void) umask (S_IWGRP | S_IROTH | S_IWOTH | S_IXOTH);
-
+ section = GNUNET_strdup ("taler-exchange");
/* force linker to link against libtalerutil; if we do
not do this, the linker may "optimize" libtalerutil
away and skip #TALER_OS_init(), which we do need */
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-04 09:23:20 +0000