20 files changed, 33 insertions, 40 deletions

diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index 0518af3f0..42b538364 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -257,6 +257,12 @@ struct RefreshMeltResponseSignatureBody
    * @e melt_client_signature must be a valid signature.
    */
   struct GNUNET_CRYPTO_EddsaPublicKey session_key;
+
+  /**
+   * Security parameter requested for the commitments.
+   */
+  uint32_t kappa GNUNET_PACKED;
+
 };
 
 
diff --git a/src/mint/key_io.c b/src/mint/key_io.c
index f401a1268..ea49c88b6 100644
--- a/src/mint/key_io.c
+++ b/src/mint/key_io.c
@@ -23,7 +23,6 @@
  * @author Christian Grothoff
  */
 #include "platform.h"
-#include "mint.h"
 #include "key_io.h"
 
 
diff --git a/src/mint/mint.h b/src/mint/mint.h
index fb4889dbb..03595f64f 100644
--- a/src/mint/mint.h
+++ b/src/mint/mint.h
@@ -26,11 +26,5 @@
 #include <jansson.h>
 #include "taler_util.h"
 
-/**
- * For now, we just do EUR.  Should become configurable
- * in the future!
- */
-#define MINT_CURRENCY "EUR"
-
 
 #endif /* _MINT_H */
diff --git a/src/mint/mint_db.c b/src/mint/mint_db.c
index 0e908425d..a9595f2eb 100644
--- a/src/mint/mint_db.c
+++ b/src/mint/mint_db.c
@@ -30,7 +30,6 @@
 #include "taler_signatures.h"
 #include "taler-mint-httpd_responses.h"
 #include "mint_db.h"
-#include "mint.h"
 #include <pthread.h>
 
 /**
diff --git a/src/mint/taler-mint-dbinit.c b/src/mint/taler-mint-dbinit.c
index 3d080b523..acc8277c4 100644
--- a/src/mint/taler-mint-dbinit.c
+++ b/src/mint/taler-mint-dbinit.c
@@ -13,18 +13,15 @@
   You should have received a copy of the GNU General Public License along with
   TALER; see the file COPYING.  If not, If not, see <http://www.gnu.org/licenses/>
 */
-
 /**
  * @file taler-mint-dbinit.c
  * @brief Create tables for the mint database.
  * @author Florian Dold
  */
-
 #include "platform.h"
 #include <gnunet/gnunet_util_lib.h>
 #include <libpq-fe.h>
-#include "mint.h"
-
+#include "taler_util.h"
 
 #define break_db_err(result) do { \
     GNUNET_break(0); \
@@ -39,7 +36,7 @@ static PGconn *db_conn;
 static char *TALER_MINT_db_connection_cfg_str;
 
 
-int
+static int
 TALER_MINT_init_withdraw_tables (PGconn *conn)
 {
   PGresult *result;
diff --git a/src/mint/taler-mint-httpd.c b/src/mint/taler-mint-httpd.c
index a8201c5e8..0ee87b393 100644
--- a/src/mint/taler-mint-httpd.c
+++ b/src/mint/taler-mint-httpd.c
@@ -27,7 +27,6 @@
 #include <microhttpd.h>
 #include <libpq-fe.h>
 #include <pthread.h>
-#include "mint.h"
 #include "taler_signatures.h"
 #include "taler_util.h"
 #include "taler-mint-httpd_parsing.h"
diff --git a/src/mint/taler-mint-httpd.h b/src/mint/taler-mint-httpd.h
index ed56b048d..c1305b1ce 100644
--- a/src/mint/taler-mint-httpd.h
+++ b/src/mint/taler-mint-httpd.h
@@ -30,6 +30,12 @@
  */
 #define KAPPA 3
 
+/**
+ * For now, we just do EUR.  Should become configurable
+ * in the future!
+ */
+#define MINT_CURRENCY "EUR"
+
 
 /**
  * The mint's configuration.
diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c
index 39017409c..8ddb17ab7 100644
--- a/src/mint/taler-mint-httpd_db.c
+++ b/src/mint/taler-mint-httpd_db.c
@@ -22,22 +22,17 @@
  * - actually abstract DB implementation (i.e. via plugin logic)
  *   (this file should remain largely unchanged with the exception
  *    of the PQ-specific DB handle types)
- * - /refresh/melt: all
+ * - /refresh/melt:
  *   + properly check all conditions and handle errors
  *   + properly check transaction logic
  *   + check for leaks
  *   + check low-level API
- * - /refresh/commit: all
+ * - /refresh/reveal:
  *   + properly check all conditions and handle errors
  *   + properly check transaction logic
  *   + check for leaks
  *   + check low-level API
- * - /refresh/reveal: all
- *   + properly check all conditions and handle errors
- *   + properly check transaction logic
- *   + check for leaks
- *   + check low-level API
- * - /refresh/link: all
+ * - /refresh/link:
  *   + properly check all conditions and handle errors
  *   + properly check transaction logic
  *   + check for leaks
@@ -51,7 +46,6 @@
 #include "taler-mint-httpd_keys.h"
 #include "taler-mint-httpd_responses.h"
 #include "mint_db.h"
-#include "mint.h"
 #include "taler_util.h"
 #include "taler-mint-httpd_keystate.h"
 
@@ -644,7 +638,8 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection,
     TALER_MINT_DB_rollback (db_conn);
     return TALER_MINT_reply_refresh_melt_success (connection,
                                                   &session.melt_sig,
-                                                  refresh_session_pub);
+                                                  refresh_session_pub,
+                                                  session.kappa);
   }
   if (GNUNET_SYSERR == res)
   {
@@ -657,7 +652,7 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection,
   session.melt_sig = *client_signature;
   session.num_oldcoins = coin_count;
   session.num_newcoins = num_new_denoms;
-  session.kappa = 0; /* FIXME: should be chosen by mint per config! */
+  session.kappa = KAPPA;
   session.noreveal_index = UINT16_MAX;
   session.has_commit_sig = GNUNET_NO;
   if (GNUNET_OK !=
@@ -720,7 +715,8 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection,
   }
   return TALER_MINT_reply_refresh_melt_success (connection,
                                                 client_signature,
-                                                refresh_session_pub);
+                                                refresh_session_pub,
+                                                session.kappa);
 
 
 }
diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h
index 4b9aa1fe0..d2566cf7c 100644
--- a/src/mint/taler-mint-httpd_db.h
+++ b/src/mint/taler-mint-httpd_db.h
@@ -26,7 +26,6 @@
 #include <gnunet/gnunet_util_lib.h>
 #include "taler_util.h"
 #include "taler-mint-httpd_keys.h"
-#include "mint.h"
 #include "mint_db.h"
 
 
diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c
index 78d424b80..5caac5826 100644
--- a/src/mint/taler-mint-httpd_deposit.c
+++ b/src/mint/taler-mint-httpd_deposit.c
@@ -32,7 +32,6 @@
 #include <microhttpd.h>
 #include <libpq-fe.h>
 #include <pthread.h>
-#include "mint.h"
 #include "mint_db.h"
 #include "taler_signatures.h"
 #include "taler_util.h"
diff --git a/src/mint/taler-mint-httpd_keys.c b/src/mint/taler-mint-httpd_keys.c
index a03f5d23c..7a804938a 100644
--- a/src/mint/taler-mint-httpd_keys.c
+++ b/src/mint/taler-mint-httpd_keys.c
@@ -24,7 +24,6 @@
 #include <gnunet/gnunet_util_lib.h>
 #include <jansson.h>
 #include <microhttpd.h>
-#include "mint.h"
 #include "taler-mint-httpd_keys.h"
 #include "taler-mint-httpd_keystate.h"
 
diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c
index bbec042e3..210262e6c 100644
--- a/src/mint/taler-mint-httpd_keystate.c
+++ b/src/mint/taler-mint-httpd_keystate.c
@@ -23,7 +23,6 @@
 #include "platform.h"
 #include <gnunet/gnunet_util_lib.h>
 #include <pthread.h>
-#include "mint.h"
 #include "taler_signatures.h"
 #include "taler-mint-httpd_keystate.h"
 #include "taler_util.h"
diff --git a/src/mint/taler-mint-httpd_keystate.h b/src/mint/taler-mint-httpd_keystate.h
index b71fedd27..90220a0e9 100644
--- a/src/mint/taler-mint-httpd_keystate.h
+++ b/src/mint/taler-mint-httpd_keystate.h
@@ -28,7 +28,6 @@
 #include <microhttpd.h>
 #include <jansson.h>
 #include "taler-mint-httpd.h"
-#include "mint.h"
 #include "key_io.h"
 
 
diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c
index 1267ca48b..e9222be27 100644
--- a/src/mint/taler-mint-httpd_refresh.c
+++ b/src/mint/taler-mint-httpd_refresh.c
@@ -24,7 +24,6 @@
 #include <gnunet/gnunet_util_lib.h>
 #include <jansson.h>
 #include <microhttpd.h>
-#include "mint.h"
 #include "mint_db.h"
 #include "taler_signatures.h"
 #include "taler_util.h"
diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c
index de0736bdc..2c46a3246 100644
--- a/src/mint/taler-mint-httpd_responses.c
+++ b/src/mint/taler-mint-httpd_responses.c
@@ -525,12 +525,14 @@ TALER_MINT_reply_withdraw_sign_success (struct MHD_Connection *connection,
  * @param connection the connection to send the response to
  * @param signature the client's signature over the melt request
  * @param session_pub the refresh session public key.
+ * @param kappa security parameter to use for cut and choose
  * @return a MHD result code
  */
 int
 TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection,
                                        const struct GNUNET_CRYPTO_EddsaSignature *signature,
-                                       const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub)
+                                       const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
+                                       unsigned int kappa)
 {
   int ret;
   struct RefreshMeltResponseSignatureBody body;
@@ -541,13 +543,15 @@ TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection,
   body.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_MELT_RESPONSE);
   body.melt_client_signature = *signature;
   body.session_key = *session_pub;
+  body.kappa = htonl (kappa);
   TALER_MINT_keys_sign (&body.purpose,
                         &sig);
   sig_json = TALER_JSON_from_sig (&body.purpose, &sig);
   ret = TALER_MINT_reply_json_pack (connection,
                                     MHD_HTTP_OK,
-                                    "{s:o}",
-                                    "signature", sig_json);
+                                    "{s:o, s:i}",
+                                    "signature", sig_json,
+                                    "kappa", (int) kappa);
   json_decref (sig_json);
   return ret;
 }
diff --git a/src/mint/taler-mint-httpd_responses.h b/src/mint/taler-mint-httpd_responses.h
index 6cf934094..3e8f3f3ff 100644
--- a/src/mint/taler-mint-httpd_responses.h
+++ b/src/mint/taler-mint-httpd_responses.h
@@ -256,12 +256,14 @@ TALER_MINT_reply_refresh_commit_success (struct MHD_Connection *connection,
  * @param connection the connection to send the response to
  * @param signature the client's signature over the melt request
  * @param session_pub the refresh session public key.
+ * @param kappa security parameter to use for cut and choose
  * @return a MHD result code
  */
 int
 TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection,
                                        const struct GNUNET_CRYPTO_EddsaSignature *signature,
-                                       const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub);
+                                       const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
+                                       unsigned int kappa);
 
 
 /**
diff --git a/src/mint/taler-mint-keycheck.c b/src/mint/taler-mint-keycheck.c
index c2deec0c2..03be23a1a 100644
--- a/src/mint/taler-mint-keycheck.c
+++ b/src/mint/taler-mint-keycheck.c
@@ -23,7 +23,6 @@
 
 #include <platform.h>
 #include <gnunet/gnunet_util_lib.h>
-#include "mint.h"
 #include "taler_signatures.h"
 #include "key_io.h"
 
diff --git a/src/mint/taler-mint-keyup.c b/src/mint/taler-mint-keyup.c
index 35a4c0410..17a1e9d8e 100644
--- a/src/mint/taler-mint-keyup.c
+++ b/src/mint/taler-mint-keyup.c
@@ -26,7 +26,6 @@
 #include <gnunet/gnunet_util_lib.h>
 #include "taler_util.h"
 #include "taler_signatures.h"
-#include "mint.h"
 #include "key_io.h"
 
 /**
diff --git a/src/mint/taler-mint-reservemod.c b/src/mint/taler-mint-reservemod.c
index b2129d261..f531dbf4b 100644
--- a/src/mint/taler-mint-reservemod.c
+++ b/src/mint/taler-mint-reservemod.c
@@ -26,7 +26,6 @@
 #include <libpq-fe.h>
 #include "taler_util.h"
 #include "taler_signatures.h"
-#include "mint.h"
 #include "mint_db.h"
 
 char *mintdir;
diff --git a/src/mint/test_mint_common.c b/src/mint/test_mint_common.c
index 99526b9da..ee1768d37 100644
--- a/src/mint/test_mint_common.c
+++ b/src/mint/test_mint_common.c
@@ -20,7 +20,7 @@
  */
 #include "platform.h"
 #include "gnunet/gnunet_util_lib.h"
-#include "mint.h"
+
 
 #define RSA_KEY_SIZE 1024