3 files changed, 78 insertions, 10 deletions

diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c
index 4ae4408e5..63bca2ecc 100644
--- a/src/mint/taler-mint-httpd_db.c
+++ b/src/mint/taler-mint-httpd_db.c
@@ -732,8 +732,12 @@ check_commitment (struct MHD_Connection *connection,
     {
       GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                   "transfer keys do not match\n");
-      return (MHD_YES == TALER_MINT_reply_external_error (connection,
-                                                          "Transfer private key missmatch"))
+      /* FIXME: return more specific error with original signature (#3712) */
+      return (MHD_YES == 
+	      TALER_MINT_reply_refresh_reveal_missmatch (connection,
+							 off,
+							 j,
+							 "transfer key"))
         ? GNUNET_NO : GNUNET_SYSERR;
     }
 
@@ -757,8 +761,9 @@ check_commitment (struct MHD_Connection *connection,
                                 &shared_secret))
     {
       GNUNET_break (0);
-      return (MHD_YES == TALER_MINT_reply_internal_error (connection,
-                                                          "Decryption error"))
+      return (MHD_YES == 
+	      TALER_MINT_reply_internal_error (connection,
+					       "Decryption error"))
         ? GNUNET_NO : GNUNET_SYSERR;
     }
 
@@ -773,8 +778,12 @@ check_commitment (struct MHD_Connection *connection,
     {
       GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                   "shared secrets do not match\n");
-      return (MHD_YES == TALER_MINT_reply_external_error (connection,
-                                                          "Shared secret missmatch"))
+      /* FIXME: return more specific error with original signature (#3712) */
+      return (MHD_YES ==
+	      TALER_MINT_reply_refresh_reveal_missmatch (connection,
+							 off,
+							 j,
+							 "transfer secret"))
         ? GNUNET_NO : GNUNET_SYSERR;
     }
   }
@@ -843,9 +852,12 @@ check_commitment (struct MHD_Connection *connection,
                   "blind envelope does not match for kappa=%u, old=%d\n",
                   off,
                   (int) j);
-      /* FIXME: return more specific error with exact offset */
-      return (MHD_YES == TALER_MINT_reply_external_error (connection,
-                                                          "Envelope missmatch"))
+      /* FIXME: return more specific error with original signature (#3712) */
+      return (MHD_YES ==
+	      TALER_MINT_reply_refresh_reveal_missmatch (connection,
+							 off,
+							 j,
+							 "envelope"))
         ? GNUNET_NO : GNUNET_SYSERR;
     }
     GNUNET_free (buf);
diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c
index 2faeb5ca8..dc51dee4b 100644
--- a/src/mint/taler-mint-httpd_responses.c
+++ b/src/mint/taler-mint-httpd_responses.c
@@ -189,7 +189,6 @@ TALER_MINT_reply_external_error (struct MHD_Connection *connection,
 }
 
 
-
 /**
  * Send a response indicating an error committing a
  * transaction (concurrent interference).
@@ -717,6 +716,39 @@ TALER_MINT_reply_refresh_reveal_success (struct MHD_Connection *connection,
 
 
 /**
+ * Send a response for a failed "/refresh/reveal", where the
+ * revealed value(s) do not match the original commitment.
+ *
+ * FIXME: should also include the client's signature over
+ * the original reveal operation and the data that was signed
+ * over eventually... (#3712)
+ *
+ * @param connection the connection to send the response to
+ * @param off offset in the array of kappa-commitments where
+ *            the missmatch was detected
+ * @param j index of the coin for which the missmatch was
+ *            detected
+ * @param missmatch_object name of the object that was
+ *            bogus (i.e. "transfer key").
+ * @return a MHD result code
+ */
+int
+TALER_MINT_reply_refresh_reveal_missmatch (struct MHD_Connection *connection,
+					   unsigned int off,
+					   unsigned int j,
+					   const char *missmatch_object)
+{
+  return TALER_MINT_reply_json_pack (connection,
+				     MHD_HTTP_BAD_REQUEST,
+				     "{s:s, s:i, s:i, s:s}",
+				     "error", "commitment violation",
+				     "offset", (int) off,
+				     "index", (int) j,
+				     "object", missmatch_object);
+}
+
+
+/**
  * Send a response for "/refresh/link".
  *
  * @param connection the connection to send the response to
diff --git a/src/mint/taler-mint-httpd_responses.h b/src/mint/taler-mint-httpd_responses.h
index 7d0824c88..d42aa29b6 100644
--- a/src/mint/taler-mint-httpd_responses.h
+++ b/src/mint/taler-mint-httpd_responses.h
@@ -298,6 +298,30 @@ TALER_MINT_reply_refresh_reveal_success (struct MHD_Connection *connection,
 
 
 /**
+ * Send a response for a failed "/refresh/reveal", where the
+ * revealed value(s) do not match the original commitment.
+ *
+ * FIXME: should also include the client's signature over
+ * the original reveal operation and the data that was signed
+ * over eventually... (#3712)
+ *
+ * @param connection the connection to send the response to
+ * @param off offset in the array of kappa-commitments where
+ *            the missmatch was detected
+ * @param j index of the coin for which the missmatch was
+ *            detected
+ * @param missmatch_object name of the object that was
+ *            bogus (i.e. "transfer key").
+ * @return a MHD result code
+ */
+int
+TALER_MINT_reply_refresh_reveal_missmatch (struct MHD_Connection *connection,
+					   unsigned int off,
+					   unsigned int j,
+					   const char *missmatch_object);
+
+
+/**
  * Send a response for "/refresh/link".
  *
  * @param connection the connection to send the response to