From 35bec60894510a3833358183db02e0c1c9cc41a2 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Thu, 10 Dec 2020 11:49:20 +0100 Subject: implement POST /managment/keys --- src/exchange/Makefile.am | 1 + src/exchange/taler-exchange-httpd_keys.c | 27 +- src/exchange/taler-exchange-httpd_keys.h | 10 +- .../taler-exchange-httpd_management_post_keys.c | 33 +-- src/exchangedb/exchange-0002.sql | 36 --- src/exchangedb/plugin_exchangedb_postgres.c | 292 +++++++++------------ src/include/taler_exchangedb_plugin.h | 52 ++-- 7 files changed, 203 insertions(+), 248 deletions(-) (limited to 'src') diff --git a/src/exchange/Makefile.am b/src/exchange/Makefile.am index 246b174c7..bea212ede 100644 --- a/src/exchange/Makefile.am +++ b/src/exchange/Makefile.am @@ -89,6 +89,7 @@ taler_exchange_httpd_SOURCES = \ taler-exchange-httpd_management_auditors.c \ taler-exchange-httpd_management_auditors_AP_disable.c \ taler-exchange-httpd_management_denominations_HDP_revoke.c \ + taler-exchange-httpd_management_post_keys.c \ taler-exchange-httpd_management_signkey_EP_revoke.c \ taler-exchange-httpd_management_wire.c \ taler-exchange-httpd_management_wire_disable.c \ diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c index d39af5933..5accf6e15 100644 --- a/src/exchange/taler-exchange-httpd_keys.c +++ b/src/exchange/taler-exchange-httpd_keys.c @@ -1924,10 +1924,12 @@ load_fees (const char *section_name, int TEH_keys_load_fees (const struct GNUNET_HashCode *h_denom_pub, + struct TALER_DenominationPublicKey *denom_pub, struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta) { struct KeyStateHandle *ksh; struct HelperDenomination *hd; + int ok; ksh = get_key_state (); if (NULL == ksh) @@ -1941,16 +1943,21 @@ TEH_keys_load_fees (const struct GNUNET_HashCode *h_denom_pub, meta->start = hd->start_time; meta->expire_withdraw = GNUNET_TIME_absolute_add (meta->start, hd->validity_duration); - return load_fees (hd->section_name, - meta); + ok = load_fees (hd->section_name, + meta); + if (GNUNET_OK == ok) + denom_pub->rsa_public_key + = GNUNET_CRYPTO_rsa_public_key_dup (hd->denom_pub.rsa_public_key); + else + denom_pub->rsa_public_key + = NULL; + return ok; } int TEH_keys_get_timing (const struct TALER_ExchangePublicKeyP *exchange_pub, - struct GNUNET_TIME_Absolute *start_sign, - struct GNUNET_TIME_Absolute *end_sign, - struct GNUNET_TIME_Absolute *end_legal) + struct TALER_EXCHANGEDB_SignkeyMetaData *meta) { struct KeyStateHandle *ksh; struct HelperSignkey *hsk; @@ -1966,11 +1973,11 @@ TEH_keys_get_timing (const struct TALER_ExchangePublicKeyP *exchange_pub, pid.public_key = exchange_pub->eddsa_pub; hsk = GNUNET_CONTAINER_multipeermap_get (ksh->helpers.esign_keys, &pid); - *start_sign = hsk->start_time; - *end_sign = GNUNET_TIME_absolute_add (*start_sign, - hsk->validity_duration); - *end_legal = GNUNET_TIME_absolute_add (*end_sign, - signkey_legal_duration); + meta->start = hsk->start_time; + meta->expire_sign = GNUNET_TIME_absolute_add (meta->start, + hsk->validity_duration); + meta->expire_legal = GNUNET_TIME_absolute_add (meta->expire_sign, + signkey_legal_duration); return GNUNET_OK; } diff --git a/src/exchange/taler-exchange-httpd_keys.h b/src/exchange/taler-exchange-httpd_keys.h index dc78e0e54..e91b1e16c 100644 --- a/src/exchange/taler-exchange-httpd_keys.h +++ b/src/exchange/taler-exchange-httpd_keys.h @@ -248,11 +248,13 @@ TEH_keys_management_get_handler (const struct TEH_RequestHandler *rh, * * @param h_denom_pub hash of the denomination public key * to use to derive the section name of the configuration to use + * @param[out] denom_pub set to the denomination public key (to be freed by caller!) * @param[out] meta denomination type data to complete * @return #GNUNET_OK on success */ int TEH_keys_load_fees (const struct GNUNET_HashCode *h_denom_pub, + struct TALER_DenominationPublicKey *denom_pub, struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta); @@ -260,16 +262,12 @@ TEH_keys_load_fees (const struct GNUNET_HashCode *h_denom_pub, * Load expiration times for the given onling signing key. * * @param exchange_pub the online signing key - * @param[out] start_sign starting signing time - * @param[out] end_sign send signing time - * @param[out] end_legal legal expiration time + * @param[out] meta set to meta data about the key * @return #GNUNET_OK on success */ int TEH_keys_get_timing (const struct TALER_ExchangePublicKeyP *exchange_pub, - struct GNUNET_TIME_Absolute *start_sign, - struct GNUNET_TIME_Absolute *end_sign, - struct GNUNET_TIME_Absolute *end_legal); + struct TALER_EXCHANGEDB_SignkeyMetaData *meta); /** diff --git a/src/exchange/taler-exchange-httpd_management_post_keys.c b/src/exchange/taler-exchange-httpd_management_post_keys.c index 0e4609e20..06750716e 100644 --- a/src/exchange/taler-exchange-httpd_management_post_keys.c +++ b/src/exchange/taler-exchange-httpd_management_post_keys.c @@ -27,6 +27,7 @@ #include "taler_json_lib.h" #include "taler_mhd_lib.h" #include "taler_signatures.h" +#include "taler-exchange-httpd_keys.h" #include "taler-exchange-httpd_management.h" #include "taler-exchange-httpd_responses.h" @@ -125,6 +126,7 @@ add_keys (void *cls, enum GNUNET_DB_QueryStatus qs; bool is_active = false; struct TALER_EXCHANGEDB_DenominationKeyMetaData meta; + struct TALER_DenominationPublicKey denom_pub; /* For idempotency, check if the key is already active */ qs = TEH_plugin->lookup_denomination_key ( @@ -147,6 +149,7 @@ add_keys (void *cls, { if (GNUNET_OK != TEH_keys_load_fees (&akc->d_sigs[i].h_denom_pub, + &denom_pub, &meta)) { *mhd_ret = TALER_MHD_reply_with_error ( @@ -159,13 +162,13 @@ add_keys (void *cls, } else { - active = true; + is_active = true; } /* check signature is valid */ { if (GNUNET_OK != - TALER_exchange_offline_denomkey_validity_verify ( + TALER_exchange_offline_denom_validity_verify ( &akc->d_sigs[i].h_denom_pub, meta.start, meta.expire_withdraw, @@ -189,12 +192,15 @@ add_keys (void *cls, } if (is_active) continue; /* skip, already known */ - qs = TEH_plugin->activate_denomination_key ( + qs = TEH_plugin->add_denomination_key ( TEH_plugin->cls, session, &akc->d_sigs[i].h_denom_pub, + &denom_pub, + &meta, &TEH_master_public_key, &akc->d_sigs[i].master_sig); + GNUNET_CRYPTO_rsa_public_key_free (denom_pub.rsa_public_key); if (qs < 0) { if (GNUNET_DB_STATUS_SOFT_ERROR == qs) @@ -214,17 +220,13 @@ add_keys (void *cls, { enum GNUNET_DB_QueryStatus qs; bool is_active = false; - struct GNUNET_TIME_Absolute start_sign; - struct GNUNET_TIME_Absolute end_sign; - struct GNUNET_TIME_Absolute end_legal; + struct TALER_EXCHANGEDB_SignkeyMetaData meta; qs = TEH_plugin->lookup_signing_key ( TEH_plugin->cls, session, &akc->s_sigs[i].exchange_pub, - &start_sign, - &end_sign, - &end_legal); + &meta); if (qs < 0) { if (GNUNET_DB_STATUS_SOFT_ERROR == qs) @@ -240,9 +242,7 @@ add_keys (void *cls, { if (GNUNET_OK != TEH_keys_get_timing (&akc->s_sigs[i].exchange_pub, - &start_sign, - &end_sign, - &end_legal)) + &meta)) { /* For idempotency, check if the key is already active */ *mhd_ret = TALER_MHD_reply_with_error ( @@ -263,9 +263,9 @@ add_keys (void *cls, if (GNUNET_OK != TALER_exchange_offline_signkey_validity_verify ( &akc->s_sigs[i].exchange_pub, - start_sign, - end_sign, - end_legal, + meta.start, + meta.expire_sign, + meta.expire_legal, &TEH_master_public_key, &akc->s_sigs[i].master_sig)) { @@ -282,7 +282,8 @@ add_keys (void *cls, qs = TEH_plugin->activate_signing_key ( TEH_plugin->cls, session, - &akc->s_sigs[i].exchange_pub, // FIXME: provision meta data!? + &akc->s_sigs[i].exchange_pub, + &meta, &akc->s_sigs[i].master_sig); if (qs < 0) { diff --git a/src/exchangedb/exchange-0002.sql b/src/exchangedb/exchange-0002.sql index 601935bf6..da01151bc 100644 --- a/src/exchangedb/exchange-0002.sql +++ b/src/exchangedb/exchange-0002.sql @@ -42,42 +42,6 @@ COMMENT ON INDEX prepare_get_index IS 'for wire_prepare_data_get'; --- NOTE: current thinking is that we will NOT need this table! --- => Instead, 'future' keys are only with the secmod until --- the offline key is provided! -CREATE TABLE IF NOT EXISTS future_denominations - (denom_pub_hash BYTEA PRIMARY KEY CHECK (LENGTH(denom_pub_hash)=64) - ,denom_pub BYTEA NOT NULL - ,valid_from INT8 NOT NULL - ,expire_withdraw INT8 NOT NULL - ,expire_deposit INT8 NOT NULL - ,expire_legal INT8 NOT NULL - ,coin_val INT8 NOT NULL - ,coin_frac INT4 NOT NULL - ,fee_withdraw_val INT8 NOT NULL - ,fee_withdraw_frac INT4 NOT NULL - ,fee_deposit_val INT8 NOT NULL - ,fee_deposit_frac INT4 NOT NULL - ,fee_refresh_val INT8 NOT NULL - ,fee_refresh_frac INT4 NOT NULL - ,fee_refund_val INT8 NOT NULL - ,fee_refund_frac INT4 NOT NULL - ); -COMMENT ON TABLE future_denominations - IS 'Future denominations. Moved to denomiations once the master signature is provided. Kept separate (instead of using NULL-able master_sig column) to ensure denomination keys without master signature cannot satisfy foreign key constraints of other tables.'; -COMMENT ON COLUMN future_denominations.valid_from - IS 'Earliest time when the private key can be used to withdraw.'; -COMMENT ON COLUMN future_denominations.expire_withdraw - IS 'Latest time when the private key can be used to withdraw.'; - -CREATE INDEX IF NOT EXISTS future_denominations_expire_withdraw_index - ON future_denominations - (expire_withdraw); -COMMENT ON INDEX future_denominations_expire_withdraw_index - IS 'Future denominations that cannot be withdrawn anymore can be deleted.'; - - - CREATE TABLE IF NOT EXISTS auditors (auditor_pub BYTEA PRIMARY KEY CHECK (LENGTH(auditor_pub)=32) ,auditor_name VARCHAR NOT NULL diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index 24ae5b2e5..66bebdb0b 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -267,7 +267,7 @@ postgres_get_session (void *cls) #endif struct GNUNET_PQ_PreparedStatement ps[] = { /* Used in #postgres_insert_denomination_info() [FIXME: soon obsolete!] and - #postgres_activate_denomination_key() */ + #postgres_add_denomination_key() */ GNUNET_PQ_make_prepare ("denomination_insert", "INSERT INTO denominations " "(denom_pub_hash" @@ -1548,25 +1548,25 @@ postgres_get_session (void *cls) ") VALUES " "($1, $2);", 2), - /* used in #postgres_lookup_future_denomination_key() */ - GNUNET_PQ_make_prepare ("lookup_future_denomination_key", + /* used in #postgres_insert_signkey() */ + GNUNET_PQ_make_prepare ("insert_signkey", + "INSERT INTO exchange_sign_keys " + "(exchange_pub" + ",valid_from" + ",expire_sign" + ",expire_legal" + ",master_sig" + ") VALUES " + "($1, $2, $3, $4, $5);", + 5), + /* used in #postgres_lookup_signing_key() */ + GNUNET_PQ_make_prepare ("lookup_signing_key", "SELECT" " valid_from" - ",expire_withdraw" - ",expire_deposit" + ",expire_sign" ",expire_legal" - ",coin_val" - ",coin_frac" - ",fee_withdraw_val" - ",fee_withdraw_frac" - ",fee_deposit_val" - ",fee_deposit_frac" - ",fee_refresh_val" - ",fee_refresh_frac" - ",fee_refund_val" - ",fee_refund_frac" - " FROM future_denominations" - " WHERE denom_pub_hash=$1;", + " FROM exchange_sign_keys" + " WHERE exchange_pub=$1", 1), /* used in #postgres_lookup_denomination_key() */ GNUNET_PQ_make_prepare ("lookup_denomination_key", @@ -1609,33 +1609,6 @@ postgres_get_session (void *cls) " AND end_date > $2" " AND start_date < $3;", 1), - /* used in #postgres_activate_denomination_key() */ - GNUNET_PQ_make_prepare ("lookup_future_denomination_key_full", - "SELECT" - " denom_pub" - ",valid_from" - ",expire_withdraw" - ",expire_deposit" - ",expire_legal" - ",coin_val" - ",coin_frac" - ",fee_withdraw_val" - ",fee_withdraw_frac" - ",fee_deposit_val" - ",fee_deposit_frac" - ",fee_refresh_val" - ",fee_refresh_frac" - ",fee_refund_val" - ",fee_refund_frac" - " FROM future_denominations" - " WHERE denom_pub_hash=$1;", - 1), - /* used in #postgres_activate_denomination_key() */ - GNUNET_PQ_make_prepare ("delete_future_denomination", - "DELETE" - " FROM future_denominations" - " WHERE denom_pub_hash=$1;", - 1), /* used in #postgres_commit */ GNUNET_PQ_make_prepare ("do_commit", "COMMIT", @@ -8496,7 +8469,7 @@ postgres_insert_signkey_revocation ( /** - * Lookup information about a future denomination key. + * Lookup information about current denomination key. * * @param cls closure * @param session a session @@ -8505,7 +8478,7 @@ postgres_insert_signkey_revocation ( * @return transaction status code */ static enum GNUNET_DB_QueryStatus -postgres_lookup_future_denomination_key ( +postgres_lookup_denomination_key ( void *cls, struct TALER_EXCHANGEDB_Session *session, const struct GNUNET_HashCode *h_denom_pub, @@ -8539,166 +8512,155 @@ postgres_lookup_future_denomination_key ( }; return GNUNET_PQ_eval_prepared_singleton_select (session->conn, - "lookup_future_denomination_key", + "lookup_denomination_key", params, rs); } /** - * Lookup information about current denomination key. + * Activate future denomination key, turning it into a "current" or "valid" + * denomination key by adding the master signature. Deletes the + * denomination key from the 'future' table an inserts the data into the + * main denominations table. Because this function will trigger multiple SQL + * statements, it must be run within a transaction. * * @param cls closure * @param session a session * @param h_denom_pub hash of the denomination public key - * @param[out] meta set to various meta data about the key + * @param meta meta data about the denomination + * @param master_pub master public key + * @param master_sig master signature to add * @return transaction status code */ static enum GNUNET_DB_QueryStatus -postgres_lookup_denomination_key ( +postgres_add_denomination_key ( void *cls, struct TALER_EXCHANGEDB_Session *session, const struct GNUNET_HashCode *h_denom_pub, - struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta) + const struct TALER_DenominationPublicKey *denom_pub, + const struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta, + const struct TALER_MasterPublicKeyP *master_pub, + const struct TALER_MasterSignatureP *master_sig) { struct PostgresClosure *pg = cls; - struct GNUNET_PQ_QueryParam params[] = { - GNUNET_PQ_query_param_auto_from_type (h_denom_pub), + struct GNUNET_PQ_QueryParam iparams[] = { + GNUNET_PQ_query_param_auto_from_type (&h_denom_pub), + GNUNET_PQ_query_param_rsa_public_key (denom_pub->rsa_public_key), + GNUNET_PQ_query_param_auto_from_type (master_pub), + GNUNET_PQ_query_param_auto_from_type (master_sig), + TALER_PQ_query_param_absolute_time (&meta->start), + TALER_PQ_query_param_absolute_time (&meta->expire_withdraw), + TALER_PQ_query_param_absolute_time (&meta->expire_deposit), + TALER_PQ_query_param_absolute_time (&meta->expire_legal), + TALER_PQ_query_param_amount (&meta->value), + TALER_PQ_query_param_amount (&meta->fee_withdraw), + TALER_PQ_query_param_amount (&meta->fee_deposit), + TALER_PQ_query_param_amount (&meta->fee_refresh), + TALER_PQ_query_param_amount (&meta->fee_refund), GNUNET_PQ_query_param_end }; - struct GNUNET_PQ_ResultSpec rs[] = { - TALER_PQ_result_spec_absolute_time ("valid_from", - &meta->start), - TALER_PQ_result_spec_absolute_time ("expire_withdraw", - &meta->expire_withdraw), - TALER_PQ_result_spec_absolute_time ("expire_deposit", - &meta->expire_deposit), - TALER_PQ_result_spec_absolute_time ("expire_legal", - &meta->expire_legal), - TALER_PQ_RESULT_SPEC_AMOUNT ("coin", - &meta->value), - TALER_PQ_RESULT_SPEC_AMOUNT ("fee_withdraw", - &meta->fee_withdraw), - TALER_PQ_RESULT_SPEC_AMOUNT ("fee_deposit", - &meta->fee_deposit), - TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refresh", - &meta->fee_refresh), - TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refund", - &meta->fee_refund), - GNUNET_PQ_result_spec_end - }; - return GNUNET_PQ_eval_prepared_singleton_select (session->conn, - "lookup_denomination_key", - params, - rs); + if (NULL == session) + session = postgres_get_session (pg); + if (NULL == session) + return GNUNET_DB_STATUS_HARD_ERROR; + /* Sanity check: ensure fees match coin currency */ + GNUNET_assert (GNUNET_YES == + TALER_amount_cmp_currency (&meta->value, + &meta->fee_withdraw)); + GNUNET_assert (GNUNET_YES == + TALER_amount_cmp_currency (&meta->value, + &meta->fee_deposit)); + GNUNET_assert (GNUNET_YES == + TALER_amount_cmp_currency (&meta->value, + &meta->fee_refresh)); + GNUNET_assert (GNUNET_YES == + TALER_amount_cmp_currency (&meta->value, + &meta->fee_refund)); + return GNUNET_PQ_eval_prepared_non_select (session->conn, + "denomination_insert", + iparams); } /** - * Activate future denomination key, turning it into a "current" or "valid" - * denomination key by adding the master signature. Deletes the - * denomination key from the 'future' table an inserts the data into the - * main denominations table. Because this function will trigger multiple SQL - * statements, it must be run within a transaction. + * Add signing key. * * @param cls closure * @param session a session - * @param h_denom_pub hash of the denomination public key - * @param master_pub master public key + * @param exchange_pub the exchange online signing public key + * @param meta meta data about @a exchange_pub * @param master_sig master signature to add * @return transaction status code */ static enum GNUNET_DB_QueryStatus -postgres_activate_denomination_key ( +postgres_activate_signing_key ( void *cls, struct TALER_EXCHANGEDB_Session *session, - const struct GNUNET_HashCode *h_denom_pub, - const struct TALER_MasterPublicKeyP *master_pub, + const struct TALER_ExchangePublicKeyP *exchange_pub, + const struct TALER_EXCHANGEDB_SignkeyMetaData *meta, const struct TALER_MasterSignatureP *master_sig) { struct PostgresClosure *pg = cls; - struct TALER_EXCHANGEDB_DenominationKeyMetaData meta; - enum GNUNET_DB_QueryStatus qs; - struct TALER_DenominationPublicKey denom_pub; + struct GNUNET_PQ_QueryParam iparams[] = { + GNUNET_PQ_query_param_auto_from_type (&exchange_pub), + TALER_PQ_query_param_absolute_time (&meta->start), + TALER_PQ_query_param_absolute_time (&meta->expire_sign), + TALER_PQ_query_param_absolute_time (&meta->expire_legal), + GNUNET_PQ_query_param_auto_from_type (master_sig), + GNUNET_PQ_query_param_end + }; + + if (NULL == session) + session = postgres_get_session (pg); + if (NULL == session) + return GNUNET_DB_STATUS_HARD_ERROR; + return GNUNET_PQ_eval_prepared_non_select (session->conn, + "insert_signkey", + iparams); +} + + +/** + * Lookup signing key meta data. + * + * @param cls closure + * @param session a session + * @param exchange_pub the exchange online signing public key + * @param[out] meta meta data about @a exchange_pub + * @return transaction status code + */ +static enum GNUNET_DB_QueryStatus +postgres_lookup_signing_key ( + void *cls, + struct TALER_EXCHANGEDB_Session *session, + const struct TALER_ExchangePublicKeyP *exchange_pub, + struct TALER_EXCHANGEDB_SignkeyMetaData *meta) +{ + struct PostgresClosure *pg = cls; struct GNUNET_PQ_QueryParam params[] = { - GNUNET_PQ_query_param_auto_from_type (&h_denom_pub), + GNUNET_PQ_query_param_auto_from_type (exchange_pub), GNUNET_PQ_query_param_end }; struct GNUNET_PQ_ResultSpec rs[] = { - GNUNET_PQ_result_spec_rsa_public_key ("denom_pub", - &denom_pub.rsa_public_key), TALER_PQ_result_spec_absolute_time ("valid_from", - &meta.start), - TALER_PQ_result_spec_absolute_time ("expire_withdraw", - &meta.expire_withdraw), - TALER_PQ_result_spec_absolute_time ("expire_deposit", - &meta.expire_deposit), + &meta->start), + TALER_PQ_result_spec_absolute_time ("expire_sign", + &meta->expire_sign), TALER_PQ_result_spec_absolute_time ("expire_legal", - &meta.expire_legal), - TALER_PQ_RESULT_SPEC_AMOUNT ("coin", - &meta.value), - TALER_PQ_RESULT_SPEC_AMOUNT ("fee_withdraw", - &meta.fee_withdraw), - TALER_PQ_RESULT_SPEC_AMOUNT ("fee_deposit", - &meta.fee_deposit), - TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refresh", - &meta.fee_refresh), - TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refund", - &meta.fee_refund), + &meta->expire_legal), GNUNET_PQ_result_spec_end }; - qs = GNUNET_PQ_eval_prepared_singleton_select (session->conn, - "lookup_future_denomination_key_full", - params, - rs); - if (0 >= qs) - return qs; - /* Sanity check: ensure fees match coin currency */ - GNUNET_assert (GNUNET_YES == - TALER_amount_cmp_currency (&meta.value, - &meta.fee_withdraw)); - GNUNET_assert (GNUNET_YES == - TALER_amount_cmp_currency (&meta.value, - &meta.fee_deposit)); - GNUNET_assert (GNUNET_YES == - TALER_amount_cmp_currency (&meta.value, - &meta.fee_refresh)); - GNUNET_assert (GNUNET_YES == - TALER_amount_cmp_currency (&meta.value, - &meta.fee_refund)); - /* insert logic */ - { - struct GNUNET_PQ_QueryParam iparams[] = { - GNUNET_PQ_query_param_auto_from_type (&h_denom_pub), - GNUNET_PQ_query_param_rsa_public_key (denom_pub.rsa_public_key), - GNUNET_PQ_query_param_auto_from_type (master_pub), - GNUNET_PQ_query_param_auto_from_type (master_sig), - TALER_PQ_query_param_absolute_time (&meta.start), - TALER_PQ_query_param_absolute_time (&meta.expire_withdraw), - TALER_PQ_query_param_absolute_time (&meta.expire_deposit), - TALER_PQ_query_param_absolute_time (&meta.expire_legal), - TALER_PQ_query_param_amount (&meta.value), - TALER_PQ_query_param_amount (&meta.fee_withdraw), - TALER_PQ_query_param_amount (&meta.fee_deposit), - TALER_PQ_query_param_amount (&meta.fee_refresh), - TALER_PQ_query_param_amount (&meta.fee_refund), - GNUNET_PQ_query_param_end - }; - - qs = GNUNET_PQ_eval_prepared_non_select (session->conn, - "denomination_insert", - iparams); - } - GNUNET_CRYPTO_rsa_public_key_free (denom_pub.rsa_public_key); - if (qs < 0) - return qs; - - /* Finally, run delete logic */ - return GNUNET_PQ_eval_prepared_non_select (session->conn, - "delete_future_denomination", - params); + if (NULL == session) + session = postgres_get_session (pg); + if (NULL == session) + return GNUNET_DB_STATUS_HARD_ERROR; + return GNUNET_PQ_eval_prepared_singleton_select (session->conn, + "lookup_signing_key", + params, + rs); } @@ -9071,16 +9033,18 @@ libtaler_plugin_exchangedb_postgres_init (void *cls) = &postgres_get_wire_fees; plugin->insert_signkey_revocation = &postgres_insert_signkey_revocation; - plugin->lookup_future_denomination_key - = &postgres_lookup_future_denomination_key; plugin->lookup_denomination_key = &postgres_lookup_denomination_key; plugin->insert_auditor_denom_sig = &postgres_insert_auditor_denom_sig; plugin->lookup_wire_fee_by_time = &postgres_lookup_wire_fee_by_time; - plugin->activate_denomination_key - = &postgres_activate_denomination_key; + plugin->add_denomination_key + = &postgres_add_denomination_key; + plugin->activate_signing_key + = &postgres_activate_signing_key; + plugin->lookup_signing_key + = &postgres_lookup_signing_key; return plugin; } diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 65c317267..2380e71e9 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -3339,7 +3339,7 @@ struct TALER_EXCHANGEDB_Plugin /** - * Lookup information about a future denomination key. + * Lookup information about current denomination key. * * @param cls closure * @param session a session @@ -3348,7 +3348,7 @@ struct TALER_EXCHANGEDB_Plugin * @return transaction status code */ enum GNUNET_DB_QueryStatus - (*lookup_future_denomination_key)( + (*lookup_denomination_key)( void *cls, struct TALER_EXCHANGEDB_Session *session, const struct GNUNET_HashCode *h_denom_pub, @@ -3356,45 +3356,65 @@ struct TALER_EXCHANGEDB_Plugin /** - * Lookup information about current denomination key. + * Add denomination key. * * @param cls closure * @param session a session * @param h_denom_pub hash of the denomination public key - * @param[out] meta set to various meta data about the key + * @param denom_pub the denomination public key + * @param meta meta data about the denomination + * @param master_pub master public key (consider removing this in the future!) + * @param master_sig master signature to add * @return transaction status code */ enum GNUNET_DB_QueryStatus - (*lookup_denomination_key)( + (*add_denomination_key)( void *cls, struct TALER_EXCHANGEDB_Session *session, const struct GNUNET_HashCode *h_denom_pub, - struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta); + const struct TALER_DenominationPublicKey *denom_pub, + const struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta, + const struct TALER_MasterPublicKeyP *master_pub, + const struct TALER_MasterSignatureP *master_sig); /** - * Activate future denomination key, turning it into a "current" or "valid" - * denomination key by adding the master signature. Deletes the - * denomination key from the 'future' table an inserts the data into the - * main denominations table. Because this function will trigger multiple SQL - * statements, it must be run within a transaction. + * Activate future signing key, turning it into a "current" or "valid" + * denomination key by adding the master signature. * * @param cls closure * @param session a session - * @param h_denom_pub hash of the denomination public key - * @param master_pub master public key used for @a master_sig + * @param exchange_pub the exchange online signing public key + * @param meta meta data about @a exchange_pub * @param master_sig master signature to add * @return transaction status code */ enum GNUNET_DB_QueryStatus - (*activate_denomination_key)( + (*activate_signing_key)( void *cls, struct TALER_EXCHANGEDB_Session *session, - const struct GNUNET_HashCode *h_denom_pub, - const struct TALER_MasterPublicKeyP *master_pub, + const struct TALER_ExchangePublicKeyP *exchange_pub, + const struct TALER_EXCHANGEDB_SignkeyMetaData *meta, const struct TALER_MasterSignatureP *master_sig); + /** + * Lookup signing key meta data. + * + * @param cls closure + * @param session a session + * @param exchange_pub the exchange online signing public key + * @param[out] meta meta data about @a exchange_pub + * @return transaction status code + */ + enum GNUNET_DB_QueryStatus + (*lookup_signing_key)( + void *cls, + struct TALER_EXCHANGEDB_Session *session, + const struct TALER_ExchangePublicKeyP *exchange_pub, + struct TALER_EXCHANGEDB_SignkeyMetaData *meta); + + /** * Insert information about an auditor auditing a denomination key. * -- cgit v1.2.3