[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] branch master updated: messing with CS/RSA fixes
|
From: |
gnunet |
|
Subject: |
[taler-exchange] branch master updated: messing with CS/RSA fixes |
|
Date: |
Fri, 04 Feb 2022 19:30:18 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
The following commit(s) were added to refs/heads/master by this push:
new 03fd154a messing with CS/RSA fixes
03fd154a is described below
commit 03fd154a69212df740cf3b09567a1bb081b64873
Author: Christian Grothoff <grothoff@gnunet.org>
AuthorDate: Fri Feb 4 19:29:52 2022 +0100
messing with CS/RSA fixes
---
src/include/taler_crypto_lib.h | 17 +++-
src/include/taler_exchange_service.h | 1 -
src/include/taler_testing_lib.h | 46 +--------
src/lib/exchange_api_withdraw.c | 20 ----
src/testing/test_exchange_api.c | 146 -----------------------------
src/testing/testing_api_cmd_refresh.c | 4 +-
src/testing/testing_api_cmd_withdraw.c | 84 +----------------
src/testing/testing_api_helpers_exchange.c | 34 +------
src/util/crypto.c | 24 +++--
9 files changed, 34 insertions(+), 342 deletions(-)
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index d9565dd7..7b38b1f7 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -987,6 +987,17 @@ struct TALER_ExchangeWithdrawValues
void
TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub);
+
+/**
+ * Create private key for a Taler coin.
+ *
+ * @param[out] coin_priv private key to initialize
+ */
+void
+TALER_planchet_setup_coin_priv (
+ struct TALER_CoinSpendPrivateKeyP *coin_priv);
+
+
/**
* @brief Method to derive withdraw nonce
*
@@ -1472,9 +1483,9 @@ TALER_planchet_setup_refresh (const struct
TALER_TransferSecretP *secret_seed,
* @oaram alg_values WitdrawValues containing cipher
*/
void
-TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps,
- const struct
- TALER_ExchangeWithdrawValues *alg_values);
+TALER_planchet_setup_random (
+ struct TALER_PlanchetSecretsP *ps,
+ const struct TALER_ExchangeWithdrawValues *alg_values);
/**
* Create a blinding secret @a bs for @a cipher.
diff --git a/src/include/taler_exchange_service.h
b/src/include/taler_exchange_service.h
index 68c97186..beb33738 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -1461,7 +1461,6 @@ TALER_EXCHANGE_withdraw (
const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_ReservePrivateKeyP *reserve_priv,
struct TALER_PlanchetSecretsP *ps,
- struct TALER_ExchangeWithdrawValues *alg_values,
TALER_EXCHANGE_WithdrawCallback res_cb,
void *res_cb_cls);
diff --git a/src/include/taler_testing_lib.h b/src/include/taler_testing_lib.h
index c6bebbee..20e3145f 100644
--- a/src/include/taler_testing_lib.h
+++ b/src/include/taler_testing_lib.h
@@ -66,13 +66,11 @@ TALER_TESTING_make_wire_details (const char *payto);
*
* @param keys array of keys to search
* @param amount coin value to look for
- * @param cipher denomination cipher
* @return NULL if no matching key was found
*/
const struct TALER_EXCHANGE_DenomPublicKey *
TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys,
- const struct TALER_Amount *amount,
- const enum TALER_DenominationCipher cipher);
+ const struct TALER_Amount *amount);
/**
@@ -1290,24 +1288,6 @@ TALER_TESTING_cmd_withdraw_amount (const char *label,
unsigned int expected_response_code);
-/**
- * Create a withdraw command using a CS denomination, letting the caller
specify
- * the desired amount as string.
- *
- * @param label command label.
- * @param reserve_reference command providing us with a reserve to withdraw
from
- * @param amount how much we withdraw.
- * @param expected_response_code which HTTP response code
- * we expect from the exchange.
- * @return the withdraw command to be executed by the interpreter.
- */
-struct TALER_TESTING_Command
-TALER_TESTING_cmd_withdraw_cs_amount (const char *label,
- const char *reserve_reference,
- const char *amount,
- unsigned int expected_response_code);
-
-
/**
* Create a withdraw command, letting the caller specify
* the desired amount as string and also re-using an existing
@@ -1332,30 +1312,6 @@ TALER_TESTING_cmd_withdraw_amount_reuse_key (
unsigned int expected_response_code);
-/**
- * Create a CS withdraw command, letting the caller specify
- * the desired amount as string and also re-using an existing
- * coin private key in the process (violating the specification,
- * which will result in an error when spending the coin!).
- *
- * @param label command label.
- * @param reserve_reference command providing us with a reserve to withdraw
from
- * @param amount how much we withdraw.
- * @param coin_ref reference to (withdraw/reveal) command of a coin
- * from which we should re-use the private key
- * @param expected_response_code which HTTP response code
- * we expect from the exchange.
- * @return the withdraw command to be executed by the interpreter.
- */
-struct TALER_TESTING_Command
-TALER_TESTING_cmd_withdraw_cs_amount_reuse_key (
- const char *label,
- const char *reserve_reference,
- const char *amount,
- const char *coin_ref,
- unsigned int expected_response_code);
-
-
/**
* Create withdraw command, letting the caller specify the
* amount by a denomination key.
diff --git a/src/lib/exchange_api_withdraw.c b/src/lib/exchange_api_withdraw.c
index a5a88676..7b851b49 100644
--- a/src/lib/exchange_api_withdraw.c
+++ b/src/lib/exchange_api_withdraw.c
@@ -220,31 +220,12 @@ withdraw_cs_stage_two_callback (void *cls,
}
-/**
- * Withdraw a coin from the exchange using a /reserve/withdraw request. Note
- * that to ensure that no money is lost in case of hardware failures,
- * the caller must have committed (most of) the arguments to disk
- * before calling, and be ready to repeat the request with the same
- * arguments in case of failures.
- *
- * @param exchange the exchange handle; the exchange must be ready to operate
- * @param pk kind of coin to create
- * @param reserve_priv private key of the reserve to withdraw from
- * @param ps secrets of the planchet
- * caller must have committed this value to disk before the call (with
@a pk)
- * @param res_cb the callback to call when the final result for this request
is available
- * @param res_cb_cls closure for the above callback
- * @return handle for the operation on success, NULL on error, i.e.
- * if the inputs are invalid (i.e. denomination key not with this
exchange).
- * In this case, the callback is not called.
- */
struct TALER_EXCHANGE_WithdrawHandle *
TALER_EXCHANGE_withdraw (
struct TALER_EXCHANGE_Handle *exchange,
const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_ReservePrivateKeyP *reserve_priv,
struct TALER_PlanchetSecretsP *ps,
- struct TALER_ExchangeWithdrawValues *alg_values,
TALER_EXCHANGE_WithdrawCallback res_cb,
void *res_cb_cls)
{
@@ -256,7 +237,6 @@ TALER_EXCHANGE_withdraw (
wh->cb_cls = res_cb_cls;
wh->reserve_priv = reserve_priv;
wh->ps = *ps;
- wh->alg_values = *alg_values,
wh->pk = *pk;
wh->csrh = NULL;
diff --git a/src/testing/test_exchange_api.c b/src/testing/test_exchange_api.c
index bae57fa6..d701e4af 100644
--- a/src/testing/test_exchange_api.c
+++ b/src/testing/test_exchange_api.c
@@ -890,145 +890,6 @@ run (void *cls,
TALER_TESTING_cmd_end ()
};
- /**
- * Test CS withdrawal plus spending.
- */
- struct TALER_TESTING_Command withdraw_cs[] = {
- /**
- * Move money to the exchange's bank account.
- */
- CMD_TRANSFER_TO_EXCHANGE ("create-reserve-cs-1",
- "EUR:6.02"),
- TALER_TESTING_cmd_check_bank_admin_transfer ("check-create-reserve-cs-1",
- "EUR:6.02",
- bc.user42_payto,
- bc.exchange_payto,
- "create-reserve-cs-1"),
- /**
- * Make a reserve exist, according to the previous
- * transfer.
- */
- CMD_EXEC_WIREWATCH ("wirewatch-cs-1"),
- /**
- * Withdraw EUR:5.
- */
- TALER_TESTING_cmd_withdraw_cs_amount ("withdraw-cs-coin-1",
- "create-reserve-cs-1",
- "EUR:5",
- MHD_HTTP_OK),
- /**
- * Withdraw EUR:1 using the SAME private coin key as for the previous coin
- * (in violation of the specification, to be detected on spending!).
- */
- TALER_TESTING_cmd_withdraw_cs_amount_reuse_key ("withdraw-cs-coin-1x",
- "create-reserve-cs-1",
- "EUR:1",
- "withdraw-cs-coin-1",
- MHD_HTTP_OK),
- /**
- * Check the reserve is depleted.
- */
- TALER_TESTING_cmd_status ("status-cs-1",
- "create-reserve-cs-1",
- "EUR:0",
- MHD_HTTP_OK),
- /*
- * Try to overdraw.
- */
- TALER_TESTING_cmd_withdraw_cs_amount ("withdraw-cs-coin-2",
- "create-reserve-cs-1",
- "EUR:5",
- MHD_HTTP_CONFLICT),
- // TODO: add test for nonce reuse
- TALER_TESTING_cmd_end ()
- };
-
- struct TALER_TESTING_Command spend_cs[] = {
- /**
- * Spend the coin.
- */
- TALER_TESTING_cmd_deposit ("deposit-cs-simple",
- "withdraw-cs-coin-1",
- 0,
- bc.user42_payto,
- "{\"items\":[{\"name\":\"ice
cream\",\"value\":1}]}",
- GNUNET_TIME_UNIT_ZERO,
- "EUR:5",
- MHD_HTTP_OK),
- TALER_TESTING_cmd_deposit_replay ("deposit-cs-simple-replay",
- "deposit-cs-simple",
- MHD_HTTP_OK),
- TALER_TESTING_cmd_deposit ("deposit-cs-reused-coin-key-failure",
- "withdraw-cs-coin-1x",
- 0,
- bc.user42_payto,
- "{\"items\":[{\"name\":\"ice
cream\",\"value\":1}]}",
- GNUNET_TIME_UNIT_ZERO,
- "EUR:1",
- MHD_HTTP_CONFLICT),
- /**
- * Try to double spend using different wire details.
- */
- TALER_TESTING_cmd_deposit ("deposit-cs-double-1",
- "withdraw-cs-coin-1",
- 0,
- bc.user43_payto,
- "{\"items\":[{\"name\":\"ice
cream\",\"value\":1}]}",
- GNUNET_TIME_UNIT_ZERO,
- "EUR:5",
- MHD_HTTP_CONFLICT),
- /* Try to double spend using a different transaction id.
- * The test needs the contract terms to differ. This
- * is currently the case because of the "timestamp" field,
- * which is set automatically by #TALER_TESTING_cmd_deposit().
- * This could theoretically fail if at some point a deposit
- * command executes in less than 1 ms. *///
- TALER_TESTING_cmd_deposit ("deposit-cs-double-1",
- "withdraw-cs-coin-1",
- 0,
- bc.user43_payto,
- "{\"items\":[{\"name\":\"ice
cream\",\"value\":1}]}",
- GNUNET_TIME_UNIT_ZERO,
- "EUR:5",
- MHD_HTTP_CONFLICT),
- /**
- * Try to double spend with different proposal.
- */
- TALER_TESTING_cmd_deposit ("deposit-cs-double-2",
- "withdraw-cs-coin-1",
- 0,
- bc.user43_payto,
- "{\"items\":[{\"name\":\"ice
cream\",\"value\":2}]}",
- GNUNET_TIME_UNIT_ZERO,
- "EUR:5",
- MHD_HTTP_CONFLICT),
- TALER_TESTING_cmd_end ()
- };
-
- // TODO: CS refresh
-
- struct TALER_TESTING_Command track_cs[] = {
- /* Try resolving a deposit's WTID, as we never triggered
- * execution of transactions, the answer should be that
- * the exchange knows about the deposit, but has no WTID yet.
- *///
- TALER_TESTING_cmd_track_transaction ("deposit-cs-wtid-found",
- "deposit-cs-simple",
- 0,
- MHD_HTTP_ACCEPTED,
- NULL),
- /* Try resolving a deposit's WTID for a failed deposit.
- * As the deposit failed, the answer should be that the
- * exchange does NOT know about the deposit.
- */
- TALER_TESTING_cmd_track_transaction ("deposit-cs-wtid-failing",
- "deposit-cs-double-2",
- 0,
- MHD_HTTP_NOT_FOUND,
- NULL),
- TALER_TESTING_cmd_end ()
- };
-
#define RESERVE_OPEN_CLOSE_CHUNK 4
#define RESERVE_OPEN_CLOSE_ITERATIONS 3
@@ -1098,13 +959,6 @@ run (void *cls,
refund),
TALER_TESTING_cmd_batch ("recoup",
recoup),
- TALER_TESTING_cmd_batch ("withdraw-cs",
- withdraw_cs),
- TALER_TESTING_cmd_batch ("spend-cs",
- spend_cs),
- // TODO: Clause Schnorr refresh
- TALER_TESTING_cmd_batch ("track-cs",
- track_cs),
TALER_TESTING_cmd_batch ("reserve-open-close",
reserve_open_close),
/* End the suite. */
diff --git a/src/testing/testing_api_cmd_refresh.c
b/src/testing/testing_api_cmd_refresh.c
index 0b47f508..9f49b354 100644
--- a/src/testing/testing_api_cmd_refresh.c
+++ b/src/testing/testing_api_cmd_refresh.c
@@ -1049,9 +1049,7 @@ melt_run (void *cls,
return;
}
fresh_pk = TALER_TESTING_find_pk (TALER_EXCHANGE_get_keys (is->exchange),
- &fresh_amount,
- // FIXME: replace hardcoded value
- TALER_DENOMINATION_RSA);
+ &fresh_amount);
if (NULL == fresh_pk)
{
GNUNET_break (0);
diff --git a/src/testing/testing_api_cmd_withdraw.c
b/src/testing/testing_api_cmd_withdraw.c
index da514ddf..7e2eecce 100644
--- a/src/testing/testing_api_cmd_withdraw.c
+++ b/src/testing/testing_api_cmd_withdraw.c
@@ -72,11 +72,6 @@ struct WithdrawState
*/
struct TALER_Amount amount;
- /**
- * Type of denomination that we should withdraw
- */
- enum TALER_DenominationCipher cipher;
-
/**
* If @e amount is NULL, this specifies the denomination key to
* use. Otherwise, this will be set (by the interpreter) to the
@@ -120,11 +115,6 @@ struct WithdrawState
*/
struct TALER_PlanchetSecretsP ps;
- /**
- * Withdraw Values used for planchet creation
- */
- struct TALER_ExchangeWithdrawValues alg_values;
-
/**
* Reserve history entry that corresponds to this operation.
* Will be of type #TALER_EXCHANGE_RTT_WITHDRAWAL.
@@ -396,10 +386,9 @@ withdraw_run (void *cls,
ws->reserve_payto_uri
= TALER_payto_from_reserve (ws->exchange_url,
&ws->reserve_pub);
- ws->alg_values.cipher = ws->cipher;
if (NULL == ws->reuse_coin_key_ref)
{
- TALER_planchet_setup_random (&ws->ps, &ws->alg_values);
+ TALER_planchet_setup_coin_priv (&ws->ps.coin_priv);
}
else
{
@@ -420,14 +409,13 @@ withdraw_run (void *cls,
TALER_TESTING_get_trait_coin_priv (cref,
index,
&coin_priv));
- TALER_planchet_setup_random (&ws->ps, &ws->alg_values);
+ TALER_planchet_setup_coin_priv (&ws->ps.coin_priv);
ws->ps.coin_priv = *coin_priv;
}
if (NULL == ws->pk)
{
dpk = TALER_TESTING_find_pk (TALER_EXCHANGE_get_keys (is->exchange),
- &ws->amount,
- ws->cipher);
+ &ws->amount);
if (NULL == dpk)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -455,7 +443,6 @@ withdraw_run (void *cls,
ws->pk,
rp,
&ws->ps,
- &ws->alg_values,
&reserve_withdraw_cb,
ws);
if (NULL == ws->wsh)
@@ -570,8 +557,6 @@ TALER_TESTING_cmd_withdraw_amount (const char *label,
const char *amount,
unsigned int expected_response_code)
{
- // TODO: ATM this is hardcoded to RSA denominations
- // (use TALER_TESTING_cmd_withdraw_cs_amount for Clause Schnorr)
struct WithdrawState *ws;
ws = GNUNET_new (struct WithdrawState);
@@ -587,43 +572,6 @@ TALER_TESTING_cmd_withdraw_amount (const char *label,
GNUNET_assert (0);
}
ws->expected_response_code = expected_response_code;
- ws->cipher = TALER_DENOMINATION_RSA;
- {
- struct TALER_TESTING_Command cmd = {
- .cls = ws,
- .label = label,
- .run = &withdraw_run,
- .cleanup = &withdraw_cleanup,
- .traits = &withdraw_traits
- };
-
- return cmd;
- }
-}
-
-
-struct TALER_TESTING_Command
-TALER_TESTING_cmd_withdraw_cs_amount (const char *label,
- const char *reserve_reference,
- const char *amount,
- unsigned int expected_response_code)
-{
- struct WithdrawState *ws;
-
- ws = GNUNET_new (struct WithdrawState);
- ws->reserve_reference = reserve_reference;
- if (GNUNET_OK !=
- TALER_string_to_amount (amount,
- &ws->amount))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "Failed to parse amount `%s' at %s\n",
- amount,
- label);
- GNUNET_assert (0);
- }
- ws->expected_response_code = expected_response_code;
- ws->cipher = TALER_DENOMINATION_CS;
{
struct TALER_TESTING_Command cmd = {
.cls = ws,
@@ -661,8 +609,6 @@ TALER_TESTING_cmd_withdraw_amount_reuse_key (
const char *coin_ref,
unsigned int expected_response_code)
{
- // TODO: ATM this is hardcoded to RSA denominations
- // (use TALER_TESTING_cmd_withdraw_cs_amount for Clause Schnorr)
struct TALER_TESTING_Command cmd;
cmd = TALER_TESTING_cmd_withdraw_amount (label,
@@ -678,29 +624,6 @@ TALER_TESTING_cmd_withdraw_amount_reuse_key (
}
-struct TALER_TESTING_Command
-TALER_TESTING_cmd_withdraw_cs_amount_reuse_key (
- const char *label,
- const char *reserve_reference,
- const char *amount,
- const char *coin_ref,
- unsigned int expected_response_code)
-{
- struct TALER_TESTING_Command cmd;
-
- cmd = TALER_TESTING_cmd_withdraw_cs_amount (label,
- reserve_reference,
- amount,
- expected_response_code);
- {
- struct WithdrawState *ws = cmd.cls;
-
- ws->reuse_coin_key_ref = coin_ref;
- }
- return cmd;
-}
-
-
/**
* Create withdraw command, letting the caller specify the
* amount by a denomination key.
@@ -733,7 +656,6 @@ TALER_TESTING_cmd_withdraw_denomination (
ws->reserve_reference = reserve_reference;
ws->pk = TALER_EXCHANGE_copy_denomination_key (dk);
ws->expected_response_code = expected_response_code;
- ws->cipher = dk->key.cipher;
{
struct TALER_TESTING_Command cmd = {
.cls = ws,
diff --git a/src/testing/testing_api_helpers_exchange.c
b/src/testing/testing_api_helpers_exchange.c
index a30db033..9414af66 100644
--- a/src/testing/testing_api_helpers_exchange.c
+++ b/src/testing/testing_api_helpers_exchange.c
@@ -411,18 +411,9 @@ TALER_TESTING_prepare_exchange (const char
*config_filename,
}
-/**
- * Find denomination key matching the given amount.
- *
- * @param keys array of keys to search
- * @param amount coin value to look for
- * @param cipher denomination cipher
- * @return NULL if no matching key was found
- */
const struct TALER_EXCHANGE_DenomPublicKey *
TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys,
- const struct TALER_Amount *amount,
- const enum TALER_DenominationCipher cipher)
+ const struct TALER_Amount *amount)
{
struct GNUNET_TIME_Timestamp now;
struct TALER_EXCHANGE_DenomPublicKey *pk;
@@ -432,8 +423,6 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys
*keys,
for (unsigned int i = 0; i<keys->num_denom_keys; i++)
{
pk = &keys->denom_keys[i];
- if (cipher != pk->key.cipher)
- continue;
if ( (0 == TALER_amount_cmp (amount,
&pk->value)) &&
(GNUNET_TIME_timestamp_cmp (now,
@@ -450,8 +439,6 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys
*keys,
for (unsigned int i = 0; i<keys->num_denom_keys; i++)
{
pk = &keys->denom_keys[i];
- if (cipher != pk->key.cipher)
- continue;
if ( (0 == TALER_amount_cmp (amount,
&pk->value)) &&
(GNUNET_TIME_timestamp_cmp (now,
@@ -473,25 +460,6 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys
*keys,
return NULL;
}
}
- // do 3rd pass to check if cipher type is to blame for failure
- for (unsigned int i = 0; i<keys->num_denom_keys; i++)
- {
- pk = &keys->denom_keys[i];
- if ( (0 == TALER_amount_cmp (amount,
- &pk->value)) &&
- (cipher != pk->key.cipher) )
- {
- GNUNET_log
- (GNUNET_ERROR_TYPE_WARNING,
- "Have denomination key for `%s', but with wrong"
- " cipher type %d vs %d\n",
- str,
- cipher,
- pk->key.cipher);
- GNUNET_free (str);
- return NULL;
- }
- }
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"No denomination key for amount %s found\n",
str);
diff --git a/src/util/crypto.c b/src/util/crypto.c
index fee3f31e..18f809e3 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -245,19 +245,23 @@ TALER_planchet_blinding_secret_create (struct
TALER_PlanchetSecretsP *ps,
}
-/**
- * @brief setup a random planchet
- * In Case of RSA planchet, the bks gets set
- * In Case of Clause Schnorr this will be set in future
- */
void
-TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps,
- const struct
- TALER_ExchangeWithdrawValues *alg_values)
+TALER_planchet_setup_coin_priv (
+ struct TALER_CoinSpendPrivateKeyP *coin_priv)
{
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
- &ps->coin_priv,
- sizeof (struct TALER_CoinSpendPrivateKeyP));
+ coin_priv,
+ sizeof (*coin_priv));
+ // FIXME-jeff/dold: Clamping?
+}
+
+
+void
+TALER_planchet_setup_random (
+ struct TALER_PlanchetSecretsP *ps,
+ const struct TALER_ExchangeWithdrawValues *alg_values)
+{
+ TALER_planchet_setup_coin_priv (&ps->coin_priv);
switch (alg_values->cipher)
{
case TALER_DENOMINATION_INVALID:
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-exchange] branch master updated: messing with CS/RSA fixes,
gnunet <=