From 0bfc7bcbf92fb9f9c6a92ab9b217230d490607da Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Thu, 11 Aug 2016 22:19:12 +0200 Subject: re-compute refresh session hash in reveal step --- src/exchange/taler-exchange-httpd_db.c | 172 +++++++++++++++++++++++++++++---- 1 file changed, 152 insertions(+), 20 deletions(-) (limited to 'src/exchange') diff --git a/src/exchange/taler-exchange-httpd_db.c b/src/exchange/taler-exchange-httpd_db.c index 9847a7ba3..edee7da7c 100644 --- a/src/exchange/taler-exchange-httpd_db.c +++ b/src/exchange/taler-exchange-httpd_db.c @@ -1166,6 +1166,8 @@ send_melt_commitment_error (struct MHD_Connection *connection, * @param melt information about the melted coin * @param num_newcoins number of newcoins being generated * @param denom_pubs array of @a num_newcoins keys for the new coins + * @param hash_context hash context to update by hashing in the data + * from this offset * @return #GNUNET_OK if the committment was honest, * #GNUNET_NO if there was a problem and we generated an error message * #GNUNET_SYSERR if we could not even generate an error message @@ -1178,7 +1180,8 @@ check_commitment (struct MHD_Connection *connection, const struct TALER_TransferPrivateKeyP *transfer_priv, const struct TALER_EXCHANGEDB_RefreshMelt *melt, unsigned int num_newcoins, - const struct TALER_DenominationPublicKey *denom_pubs) + const struct TALER_DenominationPublicKey *denom_pubs, + struct GNUNET_HashContext *hash_context) { struct TALER_TransferPublicKeyP transfer_pub; struct TALER_TransferSecretP transfer_secret; @@ -1187,6 +1190,8 @@ check_commitment (struct MHD_Connection *connection, unsigned int j; int ret; + /* FIXME: instead of consulting DB, reconstruct everything + from transfer_priv here! */ if (GNUNET_OK != TMH_plugin->get_refresh_transfer_public_key (TMH_plugin->cls, session, @@ -1206,8 +1211,7 @@ check_commitment (struct MHD_Connection *connection, &transfer_pub, sizeof (struct TALER_TransferPublicKeyP))) { - GNUNET_log (GNUNET_ERROR_TYPE_WARNING, - "transfer keys do not match\n"); + GNUNET_break_op (0); return send_melt_commitment_error (connection, session, session_hash, @@ -1275,6 +1279,7 @@ check_commitment (struct MHD_Connection *connection, commit_coins[j].coin_ev, buf_len)) ) { + GNUNET_break_op (0); GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "blind envelope does not match for k=%u, old=%d\n", off, @@ -1289,6 +1294,9 @@ check_commitment (struct MHD_Connection *connection, "envelope"); goto cleanup; } + GNUNET_CRYPTO_hash_context_read (hash_context, + commit_coins[j].coin_ev, + commit_coins[j].coin_ev_size); GNUNET_free (buf); } ret = GNUNET_OK; @@ -1391,17 +1399,6 @@ execute_refresh_reveal_transaction (struct MHD_Connection *connection, int ret; START_TRANSACTION (session, connection); - if (GNUNET_OK != - TMH_plugin->get_refresh_commit_coins (TMH_plugin->cls, - session, - session_hash, - refresh_session->noreveal_index, - refresh_session->num_newcoins, - commit_coins)) - { - GNUNET_break (0); - return TMH_RESPONSE_reply_internal_db_error (connection); - } key_state = TMH_KS_acquire (); for (j=0;jnum_newcoins;j++) { @@ -1456,6 +1453,8 @@ TMH_DB_execute_refresh_reveal (struct MHD_Connection *connection, unsigned int i; unsigned int j; unsigned int off; + struct GNUNET_HashContext *hash_context; + struct GNUNET_HashCode sh_check; if (NULL == (session = TMH_plugin->get_session (TMH_plugin->cls))) { @@ -1489,34 +1488,167 @@ TMH_DB_execute_refresh_reveal (struct MHD_Connection *connection, ? GNUNET_NO : GNUNET_SYSERR; } + hash_context = GNUNET_CRYPTO_hash_context_start (); + /* first, iterate over transfer public keys for hash_context */ + off = 0; + for (i=0;iget_refresh_transfer_public_key (TMH_plugin->cls, + session, + session_hash, + i, + &tp)) + { + GNUNET_break (0); + GNUNET_free (denom_pubs); + GNUNET_CRYPTO_rsa_signature_free (refresh_session.melt.coin.denom_sig.rsa_signature); + GNUNET_CRYPTO_rsa_public_key_free (refresh_session.melt.coin.denom_pub.rsa_public_key); + GNUNET_CRYPTO_hash_context_abort (hash_context); + return (MHD_YES == TMH_RESPONSE_reply_internal_db_error (connection)) + ? GNUNET_NO : GNUNET_SYSERR; + } + } + else + { + /* compute tp from private key */ + GNUNET_CRYPTO_ecdhe_key_get_public (&transfer_privs[i - off].ecdhe_priv, + &tp.ecdhe_pub); + } + GNUNET_CRYPTO_hash_context_read (hash_context, + &tp, + sizeof (struct TALER_TransferPublicKeyP)); + } + + /* next, add all of the hashes from the denomination keys to the + hash_context */ + { + struct TALER_DenominationPublicKey denom_pubs[refresh_session.num_newcoins]; + + if (GNUNET_OK != + TMH_plugin->get_refresh_order (TMH_plugin->cls, + session, + session_hash, + refresh_session.num_newcoins, + denom_pubs)) + { + GNUNET_break (0); + GNUNET_free (denom_pubs); + GNUNET_CRYPTO_rsa_signature_free (refresh_session.melt.coin.denom_sig.rsa_signature); + GNUNET_CRYPTO_rsa_public_key_free (refresh_session.melt.coin.denom_pub.rsa_public_key); + GNUNET_CRYPTO_hash_context_abort (hash_context); + return (MHD_YES == TMH_RESPONSE_reply_internal_db_error (connection)) + ? GNUNET_NO : GNUNET_SYSERR; + } + for (i=0;iget_refresh_commit_coins (TMH_plugin->cls, + session, + session_hash, + i, + refresh_session.num_newcoins, + commit_coins)) + { + GNUNET_break (0); + GNUNET_free (denom_pubs); + GNUNET_CRYPTO_rsa_signature_free (refresh_session.melt.coin.denom_sig.rsa_signature); + GNUNET_CRYPTO_rsa_public_key_free (refresh_session.melt.coin.denom_pub.rsa_public_key); + GNUNET_CRYPTO_hash_context_abort (hash_context); + return TMH_RESPONSE_reply_internal_db_error (connection); + } + /* add envelopes to hash_context */ + for (j=0;j