From fa7f190745327322ced27b506fd9e905c4e65b8c Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Thu, 29 Jan 2015 20:18:04 +0100 Subject: logic of execute_refresh_commit is now clean --- src/mint/mint.h | 55 ----- src/mint/mint_db.c | 454 +++++++++++++++++++++++------------------ src/mint/mint_db.h | 170 +++++++++++---- src/mint/taler-mint-httpd_db.c | 42 ++-- 4 files changed, 404 insertions(+), 317 deletions(-) (limited to 'src/mint') diff --git a/src/mint/mint.h b/src/mint/mint.h index e2d559701..fb4889dbb 100644 --- a/src/mint/mint.h +++ b/src/mint/mint.h @@ -26,7 +26,6 @@ #include #include "taler_util.h" - /** * For now, we just do EUR. Should become configurable * in the future! @@ -34,58 +33,4 @@ #define MINT_CURRENCY "EUR" - - - - - - - -/** - * For each (old) coin being melted, we have a `struct - * RefreshCommitLink` that allows the user to find the shared secret - * to decrypt the respective refresh links for the new coins in the - * `struct RefreshCommitCoin`. - */ -struct RefreshCommitLink -{ - /** - * Transfer public key (FIXME: explain!) - */ - struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub; - - /** - * Encrypted shared secret to decrypt the link. - */ - struct TALER_EncryptedLinkSecret shared_secret_enc; -}; - - -/** - * We have as many `struct RefreshCommitCoin` as there are new - * coins being created by the refresh. - */ -struct RefreshCommitCoin -{ - - /** - * Encrypted data allowing those able to decrypt it to derive - * the private keys of the new coins created by the refresh. - */ - struct TALER_RefreshLinkEncrypted *refresh_link; - - /** - * Blinded message to be signed (in envelope), with @e coin_env_size bytes. - */ - char *coin_ev; - - /** - * Number of bytes in @e coin_ev. - */ - size_t coin_ev_size; - -}; - - - #endif /* _MINT_H */ diff --git a/src/mint/mint_db.c b/src/mint/mint_db.c index 67cf4b352..0e908425d 100644 --- a/src/mint/mint_db.c +++ b/src/mint/mint_db.c @@ -818,209 +818,6 @@ TALER_MINT_DB_upsert_known_coin (PGconn *db_conn, } -/** - * Store the commitment to the given (encrypted) refresh link data - * for the given refresh session. - * - * @param db_conn database connection to use - * @param refresh_session_pub public key of the refresh session this - * commitment belongs with - * @param i - * @param j - * @param commit_link link information to store - * @return #GNUNET_SYSERR on internal error, #GNUNET_OK on success - */ -int -TALER_MINT_DB_insert_refresh_commit_link (PGconn *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - int i, int j, - const struct RefreshCommitLink *commit_link) -{ - uint16_t cnc_index_nbo = htons (i); - uint16_t oldcoin_index_nbo = htons (j); - struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), - TALER_DB_QUERY_PARAM_PTR(&commit_link->transfer_pub), - TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), - TALER_DB_QUERY_PARAM_PTR(&oldcoin_index_nbo), - TALER_DB_QUERY_PARAM_PTR(&commit_link->shared_secret_enc), - TALER_DB_QUERY_PARAM_END - }; - - PGresult *result = TALER_DB_exec_prepared (db_conn, - "insert_refresh_commit_link", - params); - if (PGRES_COMMAND_OK != PQresultStatus (result)) - { - break_db_err (result); - PQclear (result); - return GNUNET_SYSERR; - } - - if (0 != strcmp ("1", PQcmdTuples (result))) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - - PQclear (result); - return GNUNET_OK; -} - - -int -TALER_MINT_DB_get_refresh_commit_link (PGconn *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - int cnc_index, - int oldcoin_index, - struct RefreshCommitLink *cc) -{ - uint16_t cnc_index_nbo = htons (cnc_index); - uint16_t oldcoin_index_nbo = htons (oldcoin_index); - - struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), - TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), - TALER_DB_QUERY_PARAM_PTR(&oldcoin_index_nbo), - TALER_DB_QUERY_PARAM_END - }; - - PGresult *result = TALER_DB_exec_prepared (db_conn, - "get_refresh_commit_link", - params); - if (PGRES_TUPLES_OK != PQresultStatus (result)) - { - break_db_err (result); - PQclear (result); - return GNUNET_SYSERR; - } - - if (0 == PQntuples (result)) - { - PQclear (result); - return GNUNET_NO; - } - - struct TALER_DB_ResultSpec rs[] = { - TALER_DB_RESULT_SPEC("transfer_pub", &cc->transfer_pub), - TALER_DB_RESULT_SPEC("link_secret_enc", &cc->shared_secret_enc), - TALER_DB_RESULT_SPEC_END - }; - - if (GNUNET_YES != TALER_DB_extract_result (result, rs, 0)) - { - PQclear (result); - GNUNET_free (cc); - return GNUNET_SYSERR; - } - - PQclear (result); - return GNUNET_OK; -} - - -int -TALER_MINT_DB_insert_refresh_commit_coin (PGconn *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - int i, int j, - const struct RefreshCommitCoin *commit_coin) -{ - uint16_t cnc_index_nbo = htons (i); - uint16_t newcoin_index_nbo = htons (j); - struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), - TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coin->coin_ev, commit_coin->coin_ev_size), - TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), - TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo), - TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coin->refresh_link->coin_priv_enc, - commit_coin->refresh_link->blinding_key_enc_size + - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)), - TALER_DB_QUERY_PARAM_END - }; - - PGresult *result = TALER_DB_exec_prepared (db_conn, "insert_refresh_commit_coin", params); - - if (PGRES_COMMAND_OK != PQresultStatus (result)) - { - break_db_err (result); - PQclear (result); - return GNUNET_SYSERR; - } - - if (0 != strcmp ("1", PQcmdTuples (result))) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - - PQclear (result); - return GNUNET_OK; -} - - -int -TALER_MINT_DB_get_refresh_commit_coin (PGconn *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - int cnc_index, - int newcoin_index, - struct RefreshCommitCoin *cc) -{ - uint16_t cnc_index_nbo = htons (cnc_index); - uint16_t newcoin_index_nbo = htons (newcoin_index); - struct TALER_DB_QueryParam params[] = { - TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), - TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), - TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo), - TALER_DB_QUERY_PARAM_END - }; - char *c_buf; - size_t c_buf_size; - char *rl_buf; - size_t rl_buf_size; - struct TALER_RefreshLinkEncrypted *rl; - - PGresult *result = TALER_DB_exec_prepared (db_conn, "get_refresh_commit_coin", params); - - if (PGRES_TUPLES_OK != PQresultStatus (result)) - { - break_db_err (result); - PQclear (result); - return GNUNET_SYSERR; - } - - if (0 == PQntuples (result)) - { - PQclear (result); - return GNUNET_NO; - } - - struct TALER_DB_ResultSpec rs[] = { - TALER_DB_RESULT_SPEC_VAR("coin_ev", &c_buf, &c_buf_size), - TALER_DB_RESULT_SPEC_VAR("link_vector_enc", &rl_buf, &rl_buf_size), - TALER_DB_RESULT_SPEC_END - }; - if (GNUNET_YES != TALER_DB_extract_result (result, rs, 0)) - { - PQclear (result); - return GNUNET_SYSERR; - } - PQclear (result); - if (rl_buf_size < sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)) - { - GNUNET_free (c_buf); - GNUNET_free (rl_buf); - return GNUNET_SYSERR; - } - rl = TALER_refresh_link_encrypted_decode (rl_buf, - rl_buf_size); - GNUNET_free (rl_buf); - cc->refresh_link = rl; - cc->coin_ev = c_buf; - cc->coin_ev_size = c_buf_size; - return GNUNET_YES; -} - - struct GNUNET_CRYPTO_rsa_PublicKey * TALER_MINT_DB_get_refresh_order (PGconn *db_conn, uint16_t newcoin_index, @@ -2028,6 +1825,257 @@ TALER_MINT_DB_get_refresh_melt (PGconn *db_conn, } +/** + * Store information about the commitment of the + * given coin for the given refresh session in the database. + * + * @param db_conn database connection to use + * @param refresh_session_pub refresh session this commitment belongs to + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to refreshed (new) coins + * @param commit_coin coin commitment to store + * @return #GNUNET_OK on success + * #GNUNET_SYSERR on error + */ +int +TALER_MINT_DB_insert_refresh_commit_coin (PGconn *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + const struct RefreshCommitCoin *commit_coin) +{ + // FIXME: check logic! + uint16_t cnc_index_nbo = htons (i); + uint16_t newcoin_index_nbo = htons (j); + struct TALER_DB_QueryParam params[] = { + TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), + TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coin->coin_ev, commit_coin->coin_ev_size), + TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), + TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo), + TALER_DB_QUERY_PARAM_PTR_SIZED(commit_coin->refresh_link->coin_priv_enc, + commit_coin->refresh_link->blinding_key_enc_size + + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)), + TALER_DB_QUERY_PARAM_END + }; + + PGresult *result = TALER_DB_exec_prepared (db_conn, "insert_refresh_commit_coin", params); + + if (PGRES_COMMAND_OK != PQresultStatus (result)) + { + break_db_err (result); + PQclear (result); + return GNUNET_SYSERR; + } + + if (0 != strcmp ("1", PQcmdTuples (result))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + + PQclear (result); + return GNUNET_OK; +} + + +/** + * Obtain information about the commitment of the + * given coin of the given refresh session from the database. + * + * @param db_conn database connection to use + * @param refresh_session_pub refresh session the commitment belongs to + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to refreshed (new) coins + * @param commit_coin[OUT] coin commitment to return + * @return #GNUNET_OK on success + * #GNUNET_NO if not found + * #GNUNET_SYSERR on error + */ +int +TALER_MINT_DB_get_refresh_commit_coin (PGconn *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int cnc_index, + unsigned int newcoin_index, + struct RefreshCommitCoin *cc) +{ + // FIXME: check logic! + uint16_t cnc_index_nbo = htons (cnc_index); + uint16_t newcoin_index_nbo = htons (newcoin_index); + struct TALER_DB_QueryParam params[] = { + TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), + TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), + TALER_DB_QUERY_PARAM_PTR(&newcoin_index_nbo), + TALER_DB_QUERY_PARAM_END + }; + char *c_buf; + size_t c_buf_size; + char *rl_buf; + size_t rl_buf_size; + struct TALER_RefreshLinkEncrypted *rl; + + PGresult *result = TALER_DB_exec_prepared (db_conn, "get_refresh_commit_coin", params); + + if (PGRES_TUPLES_OK != PQresultStatus (result)) + { + break_db_err (result); + PQclear (result); + return GNUNET_SYSERR; + } + + if (0 == PQntuples (result)) + { + PQclear (result); + return GNUNET_NO; + } + + struct TALER_DB_ResultSpec rs[] = { + TALER_DB_RESULT_SPEC_VAR("coin_ev", &c_buf, &c_buf_size), + TALER_DB_RESULT_SPEC_VAR("link_vector_enc", &rl_buf, &rl_buf_size), + TALER_DB_RESULT_SPEC_END + }; + if (GNUNET_YES != TALER_DB_extract_result (result, rs, 0)) + { + PQclear (result); + return GNUNET_SYSERR; + } + PQclear (result); + if (rl_buf_size < sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)) + { + GNUNET_free (c_buf); + GNUNET_free (rl_buf); + return GNUNET_SYSERR; + } + rl = TALER_refresh_link_encrypted_decode (rl_buf, + rl_buf_size); + GNUNET_free (rl_buf); + cc->refresh_link = rl; + cc->coin_ev = c_buf; + cc->coin_ev_size = c_buf_size; + return GNUNET_YES; +} + + +/** + * Store the commitment to the given (encrypted) refresh link data + * for the given refresh session. + * + * @param db_conn database connection to use + * @param refresh_session_pub public key of the refresh session this + * commitment belongs with + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to melted (old) coins + * @param commit_link link information to store + * @return #GNUNET_SYSERR on internal error, #GNUNET_OK on success + */ +int +TALER_MINT_DB_insert_refresh_commit_link (PGconn *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + const struct RefreshCommitLink *commit_link) +{ + // FIXME: check logic! + uint16_t cnc_index_nbo = htons (i); + uint16_t oldcoin_index_nbo = htons (j); + struct TALER_DB_QueryParam params[] = { + TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), + TALER_DB_QUERY_PARAM_PTR(&commit_link->transfer_pub), + TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), + TALER_DB_QUERY_PARAM_PTR(&oldcoin_index_nbo), + TALER_DB_QUERY_PARAM_PTR(&commit_link->shared_secret_enc), + TALER_DB_QUERY_PARAM_END + }; + + PGresult *result = TALER_DB_exec_prepared (db_conn, + "insert_refresh_commit_link", + params); + if (PGRES_COMMAND_OK != PQresultStatus (result)) + { + break_db_err (result); + PQclear (result); + return GNUNET_SYSERR; + } + + if (0 != strcmp ("1", PQcmdTuples (result))) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + + PQclear (result); + return GNUNET_OK; +} + + +/** + * Obtain the commited (encrypted) refresh link data + * for the given refresh session. + * + * @param db_conn database connection to use + * @param refresh_session_pub public key of the refresh session this + * commitment belongs with + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to melted (old) coins + * @param cc[OUT] link information to return + * @return #GNUNET_SYSERR on internal error, + * #GNUNET_NO if commitment was not found + * #GNUNET_OK on success + */ +int +TALER_MINT_DB_get_refresh_commit_link (PGconn *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int cnc_index, + unsigned int oldcoin_index, + struct RefreshCommitLink *cc) +{ + // FIXME: check logic! + uint16_t cnc_index_nbo = htons (cnc_index); + uint16_t oldcoin_index_nbo = htons (oldcoin_index); + + struct TALER_DB_QueryParam params[] = { + TALER_DB_QUERY_PARAM_PTR(refresh_session_pub), + TALER_DB_QUERY_PARAM_PTR(&cnc_index_nbo), + TALER_DB_QUERY_PARAM_PTR(&oldcoin_index_nbo), + TALER_DB_QUERY_PARAM_END + }; + + PGresult *result = TALER_DB_exec_prepared (db_conn, + "get_refresh_commit_link", + params); + if (PGRES_TUPLES_OK != PQresultStatus (result)) + { + break_db_err (result); + PQclear (result); + return GNUNET_SYSERR; + } + + if (0 == PQntuples (result)) + { + PQclear (result); + return GNUNET_NO; + } + + struct TALER_DB_ResultSpec rs[] = { + TALER_DB_RESULT_SPEC("transfer_pub", &cc->transfer_pub), + TALER_DB_RESULT_SPEC("link_secret_enc", &cc->shared_secret_enc), + TALER_DB_RESULT_SPEC_END + }; + + if (GNUNET_YES != TALER_DB_extract_result (result, rs, 0)) + { + PQclear (result); + GNUNET_free (cc); + return GNUNET_SYSERR; + } + + PQclear (result); + return GNUNET_OK; +} + + + + + /** * Compile a list of all (historic) transactions performed * with the given coin (/refresh/melt and /deposit operations). diff --git a/src/mint/mint_db.h b/src/mint/mint_db.h index e53df8ac2..e2bf3bb27 100644 --- a/src/mint/mint_db.h +++ b/src/mint/mint_db.h @@ -86,45 +86,8 @@ TALER_MINT_DB_insert_known_coin (PGconn *db_conn, -/** - * Store the commitment to the given (encrypted) refresh link data - * for the given refresh session. - * - * @param db_conn database connection to use - * @param refresh_session_pub public key of the refresh session this - * commitment belongs with - * @param i - * @param j - * @param commit_link link information to store - * @return #GNUNET_SYSERR on internal error, #GNUNET_OK on success - */ -int -TALER_MINT_DB_insert_refresh_commit_link (PGconn *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - int i, int j, - const struct RefreshCommitLink *commit_link); -int -TALER_MINT_DB_get_refresh_commit_link (PGconn *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - int i, int j, - struct RefreshCommitLink *cc); - - -int -TALER_MINT_DB_insert_refresh_commit_coin (PGconn *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - int i, - int j, - const struct RefreshCommitCoin *commit_coin); - - -int -TALER_MINT_DB_get_refresh_commit_coin (PGconn *db_conn, - const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, - int i, int j, - struct RefreshCommitCoin *commit_coin); struct GNUNET_CRYPTO_rsa_PublicKey * @@ -694,6 +657,136 @@ TALER_MINT_DB_get_refresh_melt (PGconn *db_conn, struct RefreshMelt *melt); +/** + * We have as many `struct RefreshCommitCoin` as there are new + * coins being created by the refresh (for each of the kappa + * sets). These are the coins we ask the mint to sign if the + * respective set is selected. + */ +struct RefreshCommitCoin +{ + + /** + * Encrypted data allowing those able to decrypt it to derive + * the private keys of the new coins created by the refresh. + */ + struct TALER_RefreshLinkEncrypted *refresh_link; + + /** + * Blinded message to be signed (in envelope), with @e coin_env_size bytes. + */ + char *coin_ev; + + /** + * Number of bytes in @e coin_ev. + */ + size_t coin_ev_size; + +}; + + +/** + * Store information about the commitment of the + * given coin for the given refresh session in the database. + * + * @param db_conn database connection to use + * @param refresh_session_pub refresh session this commitment belongs to + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to refreshed (new) coins + * @param commit_coin coin commitment to store + * @return #GNUNET_OK on success + * #GNUNET_SYSERR on error + */ +int +TALER_MINT_DB_insert_refresh_commit_coin (PGconn *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + const struct RefreshCommitCoin *commit_coin); + + +/** + * Obtain information about the commitment of the + * given coin of the given refresh session from the database. + * + * @param db_conn database connection to use + * @param refresh_session_pub refresh session the commitment belongs to + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to refreshed (new) coins + * @param commit_coin[OUT] coin commitment to return + * @return #GNUNET_OK on success + * #GNUNET_NO if not found + * #GNUNET_SYSERR on error + */ +int +TALER_MINT_DB_get_refresh_commit_coin (PGconn *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + struct RefreshCommitCoin *commit_coin); + + +/** + * For each (old) coin being melted, we have a `struct + * RefreshCommitLink` that allows the user to find the shared secret + * to decrypt the respective refresh links for the new coins in the + * `struct RefreshCommitCoin`. + */ +struct RefreshCommitLink +{ + /** + * Transfer public key (FIXME: explain!) + */ + struct GNUNET_CRYPTO_EcdsaPublicKey transfer_pub; + + /** + * Encrypted shared secret to decrypt the link. + */ + struct TALER_EncryptedLinkSecret shared_secret_enc; +}; + + +/** + * Store the commitment to the given (encrypted) refresh link data + * for the given refresh session. + * + * @param db_conn database connection to use + * @param refresh_session_pub public key of the refresh session this + * commitment belongs with + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to melted (old) coins + * @param commit_link link information to store + * @return #GNUNET_SYSERR on internal error, #GNUNET_OK on success + */ +int +TALER_MINT_DB_insert_refresh_commit_link (PGconn *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + const struct RefreshCommitLink *commit_link); + +/** + * Obtain the commited (encrypted) refresh link data + * for the given refresh session. + * + * @param db_conn database connection to use + * @param refresh_session_pub public key of the refresh session this + * commitment belongs with + * @param i set index (1st dimension) + * @param j coin index (2nd dimension), corresponds to melted (old) coins + * @param cc[OUT] link information to return + * @return #GNUNET_SYSERR on internal error, + * #GNUNET_NO if commitment was not found + * #GNUNET_OK on success + */ +int +TALER_MINT_DB_get_refresh_commit_link (PGconn *db_conn, + const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub, + unsigned int i, + unsigned int j, + struct RefreshCommitLink *cc); + + /** * Specification for a /lock operation. */ @@ -833,7 +926,4 @@ TALER_MINT_DB_free_coin_transaction_list (struct TALER_MINT_DB_TransactionList * - - - #endif /* _NEURO_MINT_DB_H */ diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 2f6ca0137..39017409c 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -713,11 +713,11 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection, (res = TALER_MINT_DB_get_refresh_session (db_conn, refresh_session_pub, &session))) - { - // FIXME: send internal error - GNUNET_break (0); - return MHD_NO; - } + { + // FIXME: send internal error + GNUNET_break (0); + return MHD_NO; + } return TALER_MINT_reply_refresh_melt_success (connection, client_signature, refresh_session_pub); @@ -790,6 +790,14 @@ TALER_MINT_db_execute_refresh_commit (struct MHD_Connection *connection, return TALER_MINT_reply_arg_invalid (connection, "session_pub"); } + if ( (refresh_session.kappa != kappa) || + (refresh_session.num_newcoins != num_newcoins) || + (refresh_session.num_oldcoins != num_oldcoins) ) + { + TALER_MINT_DB_rollback (db_conn); + return TALER_MINT_reply_arg_invalid (connection, + "dimensions"); + } if (GNUNET_YES == refresh_session.has_commit_sig) { TALER_MINT_DB_rollback (db_conn); @@ -797,14 +805,9 @@ TALER_MINT_db_execute_refresh_commit (struct MHD_Connection *connection, &refresh_session); return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; } - - - // FIXME: this should check that kappa and num_newcoins match - // our expectations from refresh_session! - - for (i = 0; i < refresh_session.kappa; i++) + for (i = 0; i < kappa; i++) { - for (j = 0; j < refresh_session.num_newcoins; j++) + for (j = 0; j < num_newcoins; j++) { if (GNUNET_OK != TALER_MINT_DB_insert_refresh_commit_coin (db_conn, @@ -813,12 +816,15 @@ TALER_MINT_db_execute_refresh_commit (struct MHD_Connection *connection, j, &commit_coin[i][j])) { - // FIXME: return 'internal error'? - GNUNET_break (0); TALER_MINT_DB_rollback (db_conn); - return MHD_NO; + return TALER_MINT_reply_internal_db_error (connection); } - + } + } + for (i = 0; i < kappa; i++) + { + for (j = 0; j < num_oldcoins; j++) + { if (GNUNET_OK != TALER_MINT_DB_insert_refresh_commit_link (db_conn, refresh_session_pub, @@ -826,10 +832,8 @@ TALER_MINT_db_execute_refresh_commit (struct MHD_Connection *connection, j, &commit_link[i][j])) { - // FIXME: return 'internal error'? - GNUNET_break (0); TALER_MINT_DB_rollback (db_conn); - return MHD_NO; + return TALER_MINT_reply_internal_db_error (connection); } } } -- cgit v1.2.3