commit 8af16247e16ed628391ead3ac53fee938fd824bf
parent 20adecc9bbab9a6e5550e7c05816171720a0f329
Author: Matyja Lukas Adam <lukas.matyja@students.bfh.ch>
Date: Fri, 12 Apr 2024 14:30:21 +0200
[donau] work on issue receipts
Diffstat:
4 files changed, 184 insertions(+), 206 deletions(-)
diff --git a/src/donau/donau-httpd_keys.c b/src/donau/donau-httpd_keys.c
@@ -1288,147 +1288,148 @@ DH_keys_donau_sign_ (
enum TALER_ErrorCode
-DH_keys_denomination_batch_sign (
- unsigned int csds_length,
- const struct DH_BlindSignData csds[static csds_length],
- struct DONAU_BlindedDonationUnitSignature bss[static csds_length])
+DH_keys_donation_batch_sign (
+ unsigned int budis_length,
+ const struct BUDIKeyPair_sign_data bkps[budis_length],
+ struct DONAU_BlindedDonationUnitSignature du_sigs[budis_length])
{
- struct DH_KeyStateHandle *ksh;
- struct DH_DonationUnitKey *du;
- struct TALER_CRYPTO_RsaSignRequest rsrs[csds_length];
- struct TALER_CRYPTO_CsSignRequest csrs[csds_length];
- struct TALER_BlindedDenominationSignature rs[csds_length];
- struct TALER_BlindedDenominationSignature cs[csds_length];
- unsigned int rsrs_pos = 0;
- unsigned int csrs_pos = 0;
- enum TALER_ErrorCode ec;
-
- ksh = DH_keys_get_state ();
- if (NULL == ksh)
- // FIXME change error code
- return TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING;
- for (unsigned int i = 0; i<csds_length; i++)
- {
- const struct DONAU_DonationUnitHashP *h_du_pub = csds[i].h_du_pub;
- const struct DONAU_BlindedUniqueDonationIdentifier *budi = csds[i].budi;
-
- du = GNUNET_CONTAINER_multihashmap_get (du_keys,
- &h_du_pub->hash);
- if (NULL == du)
- // FIXME change error code
- return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN;
- if (budi->blinded_message->cipher !=
- du->donation_unit_pub.bsign_pub_key->cipher)
- return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
- switch (du->donation_unit_pub.bsign_pub_key->cipher)
- {
- case GNUNET_CRYPTO_BSA_RSA:
- /* See DONAU_donation_unit_pub_hash: we guarantee that these
- hashes are equivalent! */
- rsrs[rsrs_pos].h_rsa
- = (const struct TALER_RsaPubHashP *) &du->h_donation_unit_pub;
- rsrs[rsrs_pos].msg
- = budi->blinded_message->details.rsa_blinded_message.blinded_msg;
- rsrs[rsrs_pos].msg_size
- = budi->blinded_message->details.rsa_blinded_message.blinded_msg_size;
- rsrs_pos++;
- break;
- case GNUNET_CRYPTO_BSA_CS:
- /* See DONAU_donation_unit_pub_hash: we guarantee that these
- hashes are equivalent! */
- csrs[csrs_pos].h_cs
- = (const struct TALER_CsPubHashP *) &du->h_donation_unit_pub;
- csrs[csrs_pos].blinded_planchet
- = &budi->blinded_message->details.cs_blinded_message;
- csrs_pos++;
- break;
- default:
- return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
- }
- }
-
- if ( (0 != csrs_pos) &&
- (0 != rsrs_pos) )
- {
- memset (rs,
- 0,
- sizeof (rs));
- memset (cs,
- 0,
- sizeof (cs));
- }
- ec = TALER_EC_NONE;
- if (0 != csrs_pos)
- {
- ec = TALER_CRYPTO_helper_cs_batch_sign (
- csdh,
- csrs_pos,
- csrs,
- false, // for_melt
- cs);
- if (TALER_EC_NONE != ec)
- {
- for (unsigned int i = 0; i<csrs_pos; i++)
- {
- if (NULL != cs[i].blinded_sig)
- {
- GNUNET_CRYPTO_blinded_sig_decref (cs[i].blinded_sig);
- cs[i].blinded_sig = NULL;
- }
- }
- return ec;
- }
- // TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS] += csrs_pos;
- }
- if (0 != rsrs_pos)
- {
- ec = TALER_CRYPTO_helper_rsa_batch_sign (
- rsadh,
- rsrs_pos,
- rsrs,
- rs);
- if (TALER_EC_NONE != ec)
- {
- for (unsigned int i = 0; i<csrs_pos; i++)
- {
- if (NULL != cs[i].blinded_sig)
- {
- GNUNET_CRYPTO_blinded_sig_decref (cs[i].blinded_sig);
- cs[i].blinded_sig = NULL;
- }
- }
- for (unsigned int i = 0; i<rsrs_pos; i++)
- {
- if (NULL != rs[i].blinded_sig)
- {
- GNUNET_CRYPTO_blinded_sig_decref (rs[i].blinded_sig);
- rs[i].blinded_sig = NULL;
- }
- }
- return ec;
- }
- // TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_RSA] += rsrs_pos;
- }
-
- rsrs_pos = 0;
- csrs_pos = 0;
- for (unsigned int i = 0; i<csds_length; i++)
- {
- const struct DONAU_BlindedUniqueDonationIdentifier *budi = csds[i].budi;
-
- switch (budi->blinded_message->cipher)
- {
- case GNUNET_CRYPTO_BSA_RSA:
- bss[i].blinded_sig = rs[rsrs_pos++].blinded_sig;
- break;
- case GNUNET_CRYPTO_BSA_CS:
- bss[i].blinded_sig = cs[csrs_pos++].blinded_sig;
- break;
- default:
- GNUNET_assert (0);
- }
- }
return TALER_EC_NONE;
+// struct DH_KeyStateHandle *ksh;
+// struct DH_DonationUnitKey *du;
+// struct TALER_CRYPTO_RsaSignRequest rsrs[csds_length];
+// struct TALER_CRYPTO_CsSignRequest csrs[csds_length];
+// struct TALER_BlindedDenominationSignature rs[csds_length];
+// struct TALER_BlindedDenominationSignature cs[csds_length];
+// unsigned int rsrs_pos = 0;
+// unsigned int csrs_pos = 0;
+// enum TALER_ErrorCode ec;
+
+// ksh = DH_keys_get_state ();
+// if (NULL == ksh)
+// // FIXME change error code
+// return TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING;
+// for (unsigned int i = 0; i<csds_length; i++)
+// {
+// const struct DONAU_DonationUnitHashP *h_du_pub = csds[i].h_du_pub;
+// const struct DONAU_BlindedUniqueDonationIdentifier *budi = csds[i].budi;
+
+// du = GNUNET_CONTAINER_multihashmap_get (du_keys,
+// &h_du_pub->hash);
+// if (NULL == du)
+// // FIXME change error code
+// return TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN;
+// if (budi->blinded_message->cipher !=
+// du->donation_unit_pub.bsign_pub_key->cipher)
+// return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
+// switch (du->donation_unit_pub.bsign_pub_key->cipher)
+// {
+// case GNUNET_CRYPTO_BSA_RSA:
+// /* See DONAU_donation_unit_pub_hash: we guarantee that these
+// hashes are equivalent! */
+// rsrs[rsrs_pos].h_rsa
+// = (const struct TALER_RsaPubHashP *) &du->h_donation_unit_pub;
+// rsrs[rsrs_pos].msg
+// = budi->blinded_message->details.rsa_blinded_message.blinded_msg;
+// rsrs[rsrs_pos].msg_size
+// = budi->blinded_message->details.rsa_blinded_message.blinded_msg_size;
+// rsrs_pos++;
+// break;
+// case GNUNET_CRYPTO_BSA_CS:
+// /* See DONAU_donation_unit_pub_hash: we guarantee that these
+// hashes are equivalent! */
+// csrs[csrs_pos].h_cs
+// = (const struct TALER_CsPubHashP *) &du->h_donation_unit_pub;
+// csrs[csrs_pos].blinded_planchet
+// = &budi->blinded_message->details.cs_blinded_message;
+// csrs_pos++;
+// break;
+// default:
+// return TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE;
+// }
+// }
+
+// if ( (0 != csrs_pos) &&
+// (0 != rsrs_pos) )
+// {
+// memset (rs,
+// 0,
+// sizeof (rs));
+// memset (cs,
+// 0,
+// sizeof (cs));
+// }
+// ec = TALER_EC_NONE;
+// if (0 != csrs_pos)
+// {
+// ec = TALER_CRYPTO_helper_cs_batch_sign (
+// csdh,
+// csrs_pos,
+// csrs,
+// false, // for_melt
+// cs);
+// if (TALER_EC_NONE != ec)
+// {
+// for (unsigned int i = 0; i<csrs_pos; i++)
+// {
+// if (NULL != cs[i].blinded_sig)
+// {
+// GNUNET_CRYPTO_blinded_sig_decref (cs[i].blinded_sig);
+// cs[i].blinded_sig = NULL;
+// }
+// }
+// return ec;
+// }
+// // TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS] += csrs_pos;
+// }
+// if (0 != rsrs_pos)
+// {
+// ec = TALER_CRYPTO_helper_rsa_batch_sign (
+// rsadh,
+// rsrs_pos,
+// rsrs,
+// rs);
+// if (TALER_EC_NONE != ec)
+// {
+// for (unsigned int i = 0; i<csrs_pos; i++)
+// {
+// if (NULL != cs[i].blinded_sig)
+// {
+// GNUNET_CRYPTO_blinded_sig_decref (cs[i].blinded_sig);
+// cs[i].blinded_sig = NULL;
+// }
+// }
+// for (unsigned int i = 0; i<rsrs_pos; i++)
+// {
+// if (NULL != rs[i].blinded_sig)
+// {
+// GNUNET_CRYPTO_blinded_sig_decref (rs[i].blinded_sig);
+// rs[i].blinded_sig = NULL;
+// }
+// }
+// return ec;
+// }
+// // TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_RSA] += rsrs_pos;
+// }
+
+// rsrs_pos = 0;
+// csrs_pos = 0;
+// for (unsigned int i = 0; i<csds_length; i++)
+// {
+// const struct DONAU_BlindedUniqueDonationIdentifier *budi = csds[i].budi;
+
+// switch (budi->blinded_message->cipher)
+// {
+// case GNUNET_CRYPTO_BSA_RSA:
+// bss[i].blinded_sig = rs[rsrs_pos++].blinded_sig;
+// break;
+// case GNUNET_CRYPTO_BSA_CS:
+// bss[i].blinded_sig = cs[csrs_pos++].blinded_sig;
+// break;
+// default:
+// GNUNET_assert (0);
+// }
+// }
+// return TALER_EC_NONE;
}
@@ -1442,19 +1443,4 @@ DH_keys_donation_unit_by_hash (
return dk;
}
-enum GNUNET_GenericReturnValue
-DONAU_donation_unit_sign_blinded (struct DONAU_BlindedDonationUnitSignature *du_sig,
- const struct DONAU_DonationUnitHashP *h_pub,
- const struct DONAU_BlindedUniqueDonationIdentifier *budi)
-{
- // FIXME: get private key from the hash of the public key...
- const struct DONAU_DonationUnitPrivateKey *du_priv = {0};
- du_sig->blinded_sig
- = GNUNET_CRYPTO_blind_sign (du_priv->bsign_priv_key,
- /*for_melt ? "rm" :*/ "rw",
- budi->blinded_message);
- if (NULL == du_sig->blinded_sig)
- return GNUNET_SYSERR;
- return GNUNET_OK;
-}
/* end of donau-httpd_keys.c */
diff --git a/src/donau/donau-httpd_keys.h b/src/donau/donau-httpd_keys.h
@@ -177,27 +177,18 @@ void
DH_keys_finished (void);
/**
- * Request to sign @a csds.
+ * Request to sign @a budis.
*
- * @param csds array with data to blindly sign (and keys to sign with)
- * @param csds_length length of @a csds array
- * @param for_melt true if this is for a melt operation
- * @param[out] bss array set to the blind signature on success; must be of length @a csds_length
+ * @param budis_length length of @a budis array
+ * @param bkps array with data to blindly sign (and keys to sign with)
+ * @param[out] du_sigs array set to the blind signature on success; must be of length @a budis_length
* @return #TALER_EC_NONE on success
*/
enum TALER_ErrorCode
-DH_keys_donatn_batch_sign (
- unsigned int csds_length,
- const struct DONAU_DonationUnitHashP csds[static csds_length],
- struct DONAU_BlindedDonationUnitSignature bss[static csds_length]);
+DH_keys_donation_batch_sign (
+ unsigned int budis_length,
+ const struct BUDIKeyPair_sign_data bkps[budis_length],
+ struct DONAU_BlindedDonationUnitSignature du_sigs[budis_length]);
-
-enum GNUNET_GenericReturnValue
-DONAU_donation_unit_sign_blinded (struct
- DONAU_BlindedDonationUnitSignature *du_sig,
- const struct
- DONAU_DonationUnitHashP *h_pub,
- const struct
- DONAU_BlindedUniqueDonationIdentifier *budi);
#endif
diff --git a/src/donau/donau-httpd_post-batch-issue.c b/src/donau/donau-httpd_post-batch-issue.c
@@ -46,7 +46,6 @@ struct IssueReceiptsContext
uint64_t year;
};
-
/**
* Parse a bkp encoded in JSON.
*
@@ -318,18 +317,17 @@ start:
&receipts_sum));
for (size_t i = 0; i < num_bkp; i++)
{
- MHD_RESULT mret;
struct DH_DonationUnitKey *dk;
if (NULL == (dk = DH_keys_donation_unit_by_hash (
&irc.bkp[i].h_donation_unit_pub)))
return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_NOT_FOUND,
- TALER_EC_DONAU_GENERIC_KEYS_MISSING,
- NULL);
+ MHD_HTTP_NOT_FOUND,
+ TALER_EC_DONAU_GENERIC_KEYS_MISSING,
+ NULL);
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "public key value: %d\n",
- dk->value.value);
+ "public key value: %lu.%u\n",
+ dk->value.value, dk->value.fraction);
GNUNET_assert (0 <= TALER_amount_add (&receipts_sum,
&receipts_sum,
&dk->value));
@@ -340,11 +338,11 @@ start:
&receipts_sum,
&charity_meta.receipts_to_date);
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "new_receipts_to_date: %lu, receipts_sum: %lu, charity_max_per_year: %lu\n",
- new_receipts_to_date.value, receipts_sum.value, charity_meta.
- max_per_year.value);
+ "new_receipts_to_date: %lu.%u, receipts_sum: %lu.%u, charity_max_per_year: %lu.%u\n",
+ new_receipts_to_date.value, new_receipts_to_date.fraction, receipts_sum.value,
+ receipts_sum.fraction, charity_meta.max_per_year.value, charity_meta.max_per_year.fraction);
// new_receipts_to_date has to be smaller or equal as max_per_year
- if (0 > TALER_amount_cmp (&new_receipts_to_date, &charity_meta.max_per_year))
+ if (0 < TALER_amount_cmp (&new_receipts_to_date, &charity_meta.max_per_year))
return TALER_MHD_reply_with_error (rc->connection,
MHD_HTTP_BAD_REQUEST,
TALER_EC_DONAU_EXCEEDING_DONATION_LIMIT,
@@ -353,32 +351,20 @@ start:
"calculated the new receipts to date amount\n");
/* sign budis and send the signatures back */
- struct DONAU_BlindedDonationUnitSignature *du_sigs = {0};
- for (size_t i = 0; i < num_bkp; i++)
- {
- {
- // FIXME private key is missing
- // const struct DONAU_DonationUnitPrivateKey du_priv;
- const struct DONAU_BlindedUniqueDonationIdentifier budi = irc.bkp[i].
- blinded_udi;
- struct DONAU_BlindedDonationUnitSignature *du_sig = &du_sigs[i];
- if (GNUNET_SYSERR == DONAU_donation_unit_sign_blinded (du_sig, &irc.bkp[i]
- .
- h_donation_unit_pub,
- &
- budi))
- {
- GNUNET_break (0);
- return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED, // TODO:other EC
- NULL);
+ struct DONAU_BlindedDonationUnitSignature du_sigs[num_bkp];
+ struct BUDIKeyPair_sign_data bkps_sign_data[num_bkp];
- }
- }
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "made blind signatures!\n");
+ for (int i = 0; i < num_bkp; i++) {
+ bkps_sign_data[i].h_donation_unit_pub = &irc.bkp[i].h_donation_unit_pub;
+ bkps_sign_data[i].budi = &irc.bkp[i].blinded_udi;
}
+ if (TALER_EC_NONE != DH_keys_donation_batch_sign (num_bkp, bkps_sign_data, du_sigs))
+ return TALER_MHD_reply_with_error (rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED, // TODO:other EC
+ NULL);
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "made blind signatures!\n");
/* save new receipts to date and save receipts Request (blinded signatures,
* charity id, amount, hash over bkps) to make it idempotent*/
enum GNUNET_DB_QueryStatus qs_insert_ir;
diff --git a/src/include/donau_crypto_lib.h b/src/include/donau_crypto_lib.h
@@ -275,6 +275,21 @@ struct DONAU_BlindedUniqueDonationIdentifierKeyPair
};
/**
+ * Information needed to create a blind signature.
+ */
+struct BUDIKeyPair_sign_data
+{
+ /**
+ * Hash of key to sign with.
+ */
+ const struct DONAU_DonationUnitHashP *h_donation_unit_pub;
+
+ /**
+ * Blinded planchet to sign over.
+ */
+ const struct DONAU_BlindedUniqueDonationIdentifier *budi;
+};
+/**
* Hash of a budikeypair array
*/
// struct DONAU_BudiKeyPairsHashP
