From de9fdf860af9bdeadee4ed21a2c03dc34d58dd86 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Thu, 2 May 2019 21:16:51 +0200 Subject: replace denom_pub with denom_pub_hash in exchange API to reduce bandwidth --- src/exchange/taler-exchange-httpd_deposit.c | 19 +++++----- src/exchange/taler-exchange-httpd_keystate.c | 8 ++--- src/exchange/taler-exchange-httpd_keystate.h | 2 +- src/exchange/taler-exchange-httpd_payback.c | 21 +++++++----- src/exchange/taler-exchange-httpd_refresh_melt.c | 40 ++++++++++------------ src/exchange/taler-exchange-httpd_refresh_reveal.c | 1 - src/exchange/taler-exchange-httpd_refund.c | 6 ++-- .../taler-exchange-httpd_reserve_withdraw.c | 22 ++++++------ src/exchange/taler-exchange-httpd_responses.c | 5 +-- src/exchange/test_taler_exchange_aggregator.c | 3 +- 10 files changed, 63 insertions(+), 64 deletions(-) (limited to 'src/exchange') diff --git a/src/exchange/taler-exchange-httpd_deposit.c b/src/exchange/taler-exchange-httpd_deposit.c index 530cff770..5a1bf4963 100644 --- a/src/exchange/taler-exchange-httpd_deposit.c +++ b/src/exchange/taler-exchange-httpd_deposit.c @@ -246,7 +246,7 @@ verify_and_execute_deposit (struct MHD_Connection *connection, struct TALER_Amount amount_without_fee; struct DepositContext dc; struct TEH_KS_StateHandle *mks; - struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki; + const struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki; /* check signature */ dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT); @@ -282,9 +282,9 @@ verify_and_execute_deposit (struct MHD_Connection *connection, TALER_EC_EXCHANGE_BAD_CONFIGURATION, "no keys"); } - dki = TEH_KS_denomination_key_lookup (mks, - &deposit->coin.denom_pub, - TEH_KS_DKU_DEPOSIT); + dki = TEH_KS_denomination_key_lookup_by_hash (mks, + &deposit->coin.denom_pub_hash, + TEH_KS_DKU_DEPOSIT); if (NULL == dki) { TEH_KS_release (mks); @@ -392,7 +392,7 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh, struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_json ("wire", &wire), TALER_JSON_spec_amount ("contribution", &deposit.amount_with_fee), - TALER_JSON_spec_denomination_public_key ("denom_pub", &deposit.coin.denom_pub), + GNUNET_JSON_spec_fixed_auto ("denom_pub_hash", &deposit.coin.denom_pub_hash), TALER_JSON_spec_denomination_signature ("ub_sig", &deposit.coin.denom_sig), GNUNET_JSON_spec_fixed_auto ("coin_pub", &deposit.coin.coin_pub), GNUNET_JSON_spec_fixed_auto ("merchant_pub", &deposit.merchant_pub), @@ -487,9 +487,9 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh, TALER_EC_EXCHANGE_BAD_CONFIGURATION, "no keys"); } - dki = TEH_KS_denomination_key_lookup (key_state, - &deposit.coin.denom_pub, - TEH_KS_DKU_DEPOSIT); + dki = TEH_KS_denomination_key_lookup_by_hash (key_state, + &deposit.coin.denom_pub_hash, + TEH_KS_DKU_DEPOSIT); if (NULL == dki) { /* FIXME: #3887: if DK was revoked, we might want to give a 403 and not a 404! */ @@ -504,7 +504,8 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh, &dki->issue.properties.fee_deposit); /* check coin signature */ if (GNUNET_YES != - TALER_test_coin_valid (&deposit.coin)) + TALER_test_coin_valid (&deposit.coin, + &dki->denom_pub)) { TALER_LOG_WARNING ("Invalid coin passed for /deposit\n"); TEH_KS_release (key_state); diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c index 901ab6fa6..a452a1246 100644 --- a/src/exchange/taler-exchange-httpd_keystate.c +++ b/src/exchange/taler-exchange-httpd_keystate.c @@ -39,7 +39,7 @@ * release version, and the format is NOT the same that semantic * versioning uses either. */ -#define TALER_PROTOCOL_VERSION "2:0:0" +#define TALER_PROTOCOL_VERSION "3:0:0" /** @@ -674,7 +674,7 @@ add_denomination_transaction (void *cls, qs = TEH_plugin->get_denomination_info (TEH_plugin->cls, session, - &dki->denom_pub, + &dki->issue.properties.denom_hash, &issue_exists); if (0 > qs) return qs; @@ -789,7 +789,7 @@ revocations_iter (void *cls, struct TEH_KS_StateHandle *key_state = rfc->key_state; struct AddRevocationContext arc; struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki; - + dki = GNUNET_CONTAINER_multihashmap_get (key_state->denomkey_map, denom_hash); if (NULL == dki) @@ -1613,7 +1613,7 @@ make_fresh_key_state (struct GNUNET_TIME_Absolute now) json_decref (rfc.sign_keys_array); return NULL; } - + /* Initialize `current_sign_key_issue` and `rfc.sign_keys_array` */ TALER_EXCHANGEDB_signing_keys_iterate (TEH_exchange_directory, &reload_keys_sign_iter, diff --git a/src/exchange/taler-exchange-httpd_keystate.h b/src/exchange/taler-exchange-httpd_keystate.h index 62d693731..c9b982306 100644 --- a/src/exchange/taler-exchange-httpd_keystate.h +++ b/src/exchange/taler-exchange-httpd_keystate.h @@ -127,7 +127,7 @@ enum TEH_KS_DenominationKeyUse { struct TALER_EXCHANGEDB_DenominationKeyIssueInformation * TEH_KS_denomination_key_lookup (const struct TEH_KS_StateHandle *key_state, const struct TALER_DenominationPublicKey *denom_pub, - enum TEH_KS_DenominationKeyUse use); + enum TEH_KS_DenominationKeyUse use); /** diff --git a/src/exchange/taler-exchange-httpd_payback.c b/src/exchange/taler-exchange-httpd_payback.c index 2164863ee..06181519f 100644 --- a/src/exchange/taler-exchange-httpd_payback.c +++ b/src/exchange/taler-exchange-httpd_payback.c @@ -326,9 +326,9 @@ verify_and_execute_payback (struct MHD_Connection *connection, TALER_EC_EXCHANGE_BAD_CONFIGURATION, "no keys"); } - dki = TEH_KS_denomination_key_lookup (key_state, - &coin->denom_pub, - TEH_KS_DKU_PAYBACK); + dki = TEH_KS_denomination_key_lookup_by_hash (key_state, + &coin->denom_pub_hash, + TEH_KS_DKU_PAYBACK); if (NULL == dki) { TEH_KS_release (key_state); @@ -342,7 +342,8 @@ verify_and_execute_payback (struct MHD_Connection *connection, /* check denomination signature */ if (GNUNET_YES != - TALER_test_coin_valid (coin)) + TALER_test_coin_valid (coin, + &dki->denom_pub)) { TALER_LOG_WARNING ("Invalid coin passed for /payback\n"); TEH_KS_release (key_state); @@ -358,8 +359,6 @@ verify_and_execute_payback (struct MHD_Connection *connection, pr.h_denom_pub = dki->issue.properties.denom_hash; pr.coin_blind = *coin_bks; - TEH_KS_release (key_state); - if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_PAYBACK, &pr.purpose, @@ -367,6 +366,7 @@ verify_and_execute_payback (struct MHD_Connection *connection, &coin->coin_pub.eddsa_pub)) { TALER_LOG_WARNING ("Invalid signature on /payback request\n"); + TEH_KS_release (key_state); return TEH_RESPONSE_reply_signature_invalid (connection, TALER_EC_PAYBACK_SIGNATURE_INVALID, "coin_sig"); @@ -378,15 +378,18 @@ verify_and_execute_payback (struct MHD_Connection *connection, if (GNUNET_YES != GNUNET_CRYPTO_rsa_blind (&c_hash, &coin_bks->bks, - coin->denom_pub.rsa_public_key, + dki->denom_pub.rsa_public_key, &coin_ev, &coin_ev_size)) { GNUNET_break (0); + TEH_KS_release (key_state); + return TEH_RESPONSE_reply_internal_error (connection, TALER_EC_PAYBACK_BLINDING_FAILED, "coin_bks"); } + TEH_KS_release (key_state); GNUNET_CRYPTO_hash (coin_ev, coin_ev_size, &pc.h_blind); @@ -454,8 +457,8 @@ TEH_PAYBACK_handler_payback (struct TEH_RequestHandler *rh, struct TALER_DenominationBlindingKeyP coin_bks; struct TALER_CoinSpendSignatureP coin_sig; struct GNUNET_JSON_Specification spec[] = { - TALER_JSON_spec_denomination_public_key ("denom_pub", - &coin.denom_pub), + GNUNET_JSON_spec_fixed_auto ("denom_pub_hash", + &coin.denom_pub_hash), TALER_JSON_spec_denomination_signature ("denom_sig", &coin.denom_sig), GNUNET_JSON_spec_fixed_auto ("coin_pub", diff --git a/src/exchange/taler-exchange-httpd_refresh_melt.c b/src/exchange/taler-exchange-httpd_refresh_melt.c index 8e776c77b..1b8e04a07 100644 --- a/src/exchange/taler-exchange-httpd_refresh_melt.c +++ b/src/exchange/taler-exchange-httpd_refresh_melt.c @@ -412,8 +412,8 @@ TEH_REFRESH_handler_refresh_melt (struct TEH_RequestHandler *rh, &rmc.refresh_session.coin.coin_pub), TALER_JSON_spec_denomination_signature ("denom_sig", &rmc.refresh_session.coin.denom_sig), - TALER_JSON_spec_denomination_public_key ("denom_pub", - &rmc.refresh_session.coin.denom_pub), + GNUNET_JSON_spec_fixed_auto ("denom_pub_hash", + &rmc.refresh_session.coin.denom_pub_hash), GNUNET_JSON_spec_fixed_auto ("confirm_sig", &rmc.refresh_session.coin_sig), TALER_JSON_spec_amount ("value_with_fee", @@ -444,17 +444,6 @@ TEH_REFRESH_handler_refresh_melt (struct TEH_RequestHandler *rh, if (GNUNET_OK != res) return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; - if (GNUNET_OK != - TALER_test_coin_valid (&rmc.refresh_session.coin)) - { - GNUNET_break_op (0); - GNUNET_JSON_parse_free (spec); - return TEH_RESPONSE_reply_signature_invalid (connection, - TALER_EC_REFRESH_MELT_DENOMINATION_SIGNATURE_INVALID, - "denom_sig"); - } - - /* run actual logic, now that the request was parsed */ key_state = TEH_KS_acquire (GNUNET_TIME_absolute_get ()); if (NULL == key_state) { @@ -464,9 +453,9 @@ TEH_REFRESH_handler_refresh_melt (struct TEH_RequestHandler *rh, "no keys"); goto cleanup; } - rmc.dki = TEH_KS_denomination_key_lookup (key_state, - &rmc.refresh_session.coin.denom_pub, - TEH_KS_DKU_DEPOSIT); + rmc.dki = TEH_KS_denomination_key_lookup_by_hash (key_state, + &rmc.refresh_session.coin.denom_pub_hash, + TEH_KS_DKU_DEPOSIT); if (NULL == rmc.dki) { TALER_LOG_WARNING ("Unknown denomination key in /refresh/melt request\n"); @@ -476,6 +465,20 @@ TEH_REFRESH_handler_refresh_melt (struct TEH_RequestHandler *rh, goto cleanup; } + if (GNUNET_OK != + TALER_test_coin_valid (&rmc.refresh_session.coin, + &rmc.dki->denom_pub)) + { + GNUNET_break_op (0); + GNUNET_JSON_parse_free (spec); + TEH_KS_release (key_state); + return TEH_RESPONSE_reply_signature_invalid (connection, + TALER_EC_REFRESH_MELT_DENOMINATION_SIGNATURE_INVALID, + "denom_sig"); + } + + /* run actual logic, now that the request was parsed */ + /* make sure coin is 'known' in database */ { struct TEH_DB_KnowCoinContext kcc; @@ -502,11 +505,6 @@ TEH_REFRESH_handler_refresh_melt (struct TEH_RequestHandler *rh, TEH_KS_release (key_state); key_state = NULL; } - if (NULL != rmc.refresh_session.coin.denom_pub.rsa_public_key) - { - GNUNET_CRYPTO_rsa_public_key_free (rmc.refresh_session.coin.denom_pub.rsa_public_key); - rmc.refresh_session.coin.denom_pub.rsa_public_key = NULL; - } if (NULL != rmc.refresh_session.coin.denom_sig.rsa_signature) { GNUNET_CRYPTO_rsa_signature_free (rmc.refresh_session.coin.denom_sig.rsa_signature); diff --git a/src/exchange/taler-exchange-httpd_refresh_reveal.c b/src/exchange/taler-exchange-httpd_refresh_reveal.c index bdf59c37b..25de5f1fe 100644 --- a/src/exchange/taler-exchange-httpd_refresh_reveal.c +++ b/src/exchange/taler-exchange-httpd_refresh_reveal.c @@ -265,7 +265,6 @@ static void free_refresh_melt (struct TALER_EXCHANGEDB_RefreshMelt *refresh_melt) { GNUNET_CRYPTO_rsa_signature_free (refresh_melt->session.coin.denom_sig.rsa_signature); - GNUNET_CRYPTO_rsa_public_key_free (refresh_melt->session.coin.denom_pub.rsa_public_key); } diff --git a/src/exchange/taler-exchange-httpd_refund.c b/src/exchange/taler-exchange-httpd_refund.c index 92dd54e9f..ee6aac1bd 100644 --- a/src/exchange/taler-exchange-httpd_refund.c +++ b/src/exchange/taler-exchange-httpd_refund.c @@ -342,9 +342,9 @@ refund_transaction (void *cls, "no keys"); return GNUNET_DB_STATUS_HARD_ERROR; } - dki = TEH_KS_denomination_key_lookup (mks, - &dep->coin.denom_pub, - TEH_KS_DKU_DEPOSIT); + dki = TEH_KS_denomination_key_lookup_by_hash (mks, + &dep->coin.denom_pub_hash, + TEH_KS_DKU_DEPOSIT); if (NULL == dki) { /* DKI not found, but we do have a coin with this DK in our database; diff --git a/src/exchange/taler-exchange-httpd_reserve_withdraw.c b/src/exchange/taler-exchange-httpd_reserve_withdraw.c index 370916b00..c988cde68 100644 --- a/src/exchange/taler-exchange-httpd_reserve_withdraw.c +++ b/src/exchange/taler-exchange-httpd_reserve_withdraw.c @@ -116,9 +116,9 @@ struct WithdrawContext struct TALER_Amount amount_required; /** - * Denomination public key. + * Hash of the denomination public key. */ - struct TALER_DenominationPublicKey denomination_pub; + struct GNUNET_HashCode denom_pub_hash; /** * Signature over the request. @@ -229,7 +229,7 @@ withdraw_transaction (void *cls, */ { #define PUBSIZE 80 - char pub_s[PUBSIZE]; + char pub_s[PUBSIZE]; GNUNET_break (NULL != GNUNET_STRINGS_data_to_string (&r.pub, @@ -312,7 +312,7 @@ withdraw_transaction (void *cls, #endif TALER_amount_ntoh (&fee_withdraw, &wc->dki->issue.properties.fee_withdraw); - wc->collectable.denom_pub = wc->denomination_pub; + wc->collectable.denom_pub_hash = wc->denom_pub_hash; wc->collectable.amount_with_fee = wc->amount_required; wc->collectable.withdraw_fee = fee_withdraw; wc->collectable.reserve_pub = wc->wsrd.reserve_pub; @@ -370,8 +370,8 @@ TEH_RESERVE_handler_reserve_withdraw (struct TEH_RequestHandler *rh, &wc.wsrd.reserve_pub), GNUNET_JSON_spec_fixed_auto ("reserve_sig", &wc.signature), - TALER_JSON_spec_denomination_public_key ("denom_pub", - &wc.denomination_pub), + GNUNET_JSON_spec_fixed_auto ("denom_pub_hash", + &wc.denom_pub_hash), GNUNET_JSON_spec_end () }; @@ -399,9 +399,9 @@ TEH_RESERVE_handler_reserve_withdraw (struct TEH_RequestHandler *rh, TALER_EC_EXCHANGE_BAD_CONFIGURATION, "no keys"); } - wc.dki = TEH_KS_denomination_key_lookup (wc.key_state, - &wc.denomination_pub, - TEH_KS_DKU_WITHDRAW); + wc.dki = TEH_KS_denomination_key_lookup_by_hash (wc.key_state, + &wc.denom_pub_hash, + TEH_KS_DKU_WITHDRAW); if (NULL == wc.dki) { GNUNET_JSON_parse_free (spec); @@ -435,8 +435,8 @@ TEH_RESERVE_handler_reserve_withdraw (struct TEH_RequestHandler *rh, = htonl (sizeof (struct TALER_WithdrawRequestPS)); wc.wsrd.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW); - GNUNET_CRYPTO_rsa_public_key_hash (wc.denomination_pub.rsa_public_key, - &wc.wsrd.h_denomination_pub); + wc.wsrd.h_denomination_pub + = wc.denom_pub_hash; GNUNET_CRYPTO_hash (wc.blinded_msg, wc.blinded_msg_len, &wc.wsrd.h_coin_envelope); diff --git a/src/exchange/taler-exchange-httpd_responses.c b/src/exchange/taler-exchange-httpd_responses.c index 21046ef93..21394337d 100644 --- a/src/exchange/taler-exchange-httpd_responses.c +++ b/src/exchange/taler-exchange-httpd_responses.c @@ -750,7 +750,6 @@ TEH_RESPONSE_compile_reserve_history (const struct TALER_EXCHANGEDB_ReserveHisto break; case TALER_EXCHANGEDB_RO_WITHDRAW_COIN: { - struct GNUNET_HashCode h_denom_pub; struct TALER_Amount value; value = pos->details.withdraw->amount_with_fee; @@ -771,15 +770,13 @@ TEH_RESPONSE_compile_reserve_history (const struct TALER_EXCHANGEDB_ReserveHisto } } ret |= 2; - GNUNET_CRYPTO_rsa_public_key_hash (pos->details.withdraw->denom_pub.rsa_public_key, - &h_denom_pub); GNUNET_assert (0 == json_array_append_new (json_history, json_pack ("{s:s, s:o, s:o, s:o, s:o, s:o}", "type", "WITHDRAW", "reserve_sig", GNUNET_JSON_from_data_auto (&pos->details.withdraw->reserve_sig), "h_coin_envelope", GNUNET_JSON_from_data_auto (&pos->details.withdraw->h_coin_envelope), - "h_denom_pub", GNUNET_JSON_from_data_auto (&h_denom_pub), + "h_denom_pub", GNUNET_JSON_from_data_auto (&pos->details.withdraw->denom_pub_hash), "withdraw_fee", TALER_JSON_from_amount (&pos->details.withdraw->withdraw_fee), "amount", TALER_JSON_from_amount (&value)))); } diff --git a/src/exchange/test_taler_exchange_aggregator.c b/src/exchange/test_taler_exchange_aggregator.c index 0ba8152df..c0d3d912f 100644 --- a/src/exchange/test_taler_exchange_aggregator.c +++ b/src/exchange/test_taler_exchange_aggregator.c @@ -383,7 +383,8 @@ fake_coin (struct TALER_CoinPublicInfo *coin) { struct GNUNET_HashCode hc; - coin->denom_pub.rsa_public_key = coin_pub; + GNUNET_CRYPTO_rsa_public_key_hash (coin_pub, + &coin->denom_pub_hash); GNUNET_CRYPTO_hash_create_random (GNUNET_CRYPTO_QUALITY_WEAK, &hc); coin->denom_sig.rsa_signature = GNUNET_CRYPTO_rsa_sign_fdh (coin_pk, -- cgit v1.2.3