diff options
author | Christian Grothoff <christian@grothoff.org> | 2015-03-13 09:49:47 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2015-03-13 09:49:47 +0100 |
commit | 968e4aa68f4185d24466bb3ba8bfaba8d9c27ef1 (patch) | |
tree | a29d92350a3b9a8c38986e55bb08b23c9d9d3aa3 /src/mint | |
parent | 2f70806cfaff445880639857fef45fd7bdd7f8a5 (diff) |
slightly better error generation on /refresh/reveal errors
Diffstat (limited to 'src/mint')
-rw-r--r-- | src/mint/taler-mint-httpd_db.c | 30 | ||||
-rw-r--r-- | src/mint/taler-mint-httpd_responses.c | 34 | ||||
-rw-r--r-- | src/mint/taler-mint-httpd_responses.h | 24 |
3 files changed, 78 insertions, 10 deletions
diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 4ae4408e5..63bca2ecc 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -732,8 +732,12 @@ check_commitment (struct MHD_Connection *connection, { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "transfer keys do not match\n"); - return (MHD_YES == TALER_MINT_reply_external_error (connection, - "Transfer private key missmatch")) + /* FIXME: return more specific error with original signature (#3712) */ + return (MHD_YES == + TALER_MINT_reply_refresh_reveal_missmatch (connection, + off, + j, + "transfer key")) ? GNUNET_NO : GNUNET_SYSERR; } @@ -757,8 +761,9 @@ check_commitment (struct MHD_Connection *connection, &shared_secret)) { GNUNET_break (0); - return (MHD_YES == TALER_MINT_reply_internal_error (connection, - "Decryption error")) + return (MHD_YES == + TALER_MINT_reply_internal_error (connection, + "Decryption error")) ? GNUNET_NO : GNUNET_SYSERR; } @@ -773,8 +778,12 @@ check_commitment (struct MHD_Connection *connection, { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "shared secrets do not match\n"); - return (MHD_YES == TALER_MINT_reply_external_error (connection, - "Shared secret missmatch")) + /* FIXME: return more specific error with original signature (#3712) */ + return (MHD_YES == + TALER_MINT_reply_refresh_reveal_missmatch (connection, + off, + j, + "transfer secret")) ? GNUNET_NO : GNUNET_SYSERR; } } @@ -843,9 +852,12 @@ check_commitment (struct MHD_Connection *connection, "blind envelope does not match for kappa=%u, old=%d\n", off, (int) j); - /* FIXME: return more specific error with exact offset */ - return (MHD_YES == TALER_MINT_reply_external_error (connection, - "Envelope missmatch")) + /* FIXME: return more specific error with original signature (#3712) */ + return (MHD_YES == + TALER_MINT_reply_refresh_reveal_missmatch (connection, + off, + j, + "envelope")) ? GNUNET_NO : GNUNET_SYSERR; } GNUNET_free (buf); diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c index 2faeb5ca8..dc51dee4b 100644 --- a/src/mint/taler-mint-httpd_responses.c +++ b/src/mint/taler-mint-httpd_responses.c @@ -189,7 +189,6 @@ TALER_MINT_reply_external_error (struct MHD_Connection *connection, } - /** * Send a response indicating an error committing a * transaction (concurrent interference). @@ -717,6 +716,39 @@ TALER_MINT_reply_refresh_reveal_success (struct MHD_Connection *connection, /** + * Send a response for a failed "/refresh/reveal", where the + * revealed value(s) do not match the original commitment. + * + * FIXME: should also include the client's signature over + * the original reveal operation and the data that was signed + * over eventually... (#3712) + * + * @param connection the connection to send the response to + * @param off offset in the array of kappa-commitments where + * the missmatch was detected + * @param j index of the coin for which the missmatch was + * detected + * @param missmatch_object name of the object that was + * bogus (i.e. "transfer key"). + * @return a MHD result code + */ +int +TALER_MINT_reply_refresh_reveal_missmatch (struct MHD_Connection *connection, + unsigned int off, + unsigned int j, + const char *missmatch_object) +{ + return TALER_MINT_reply_json_pack (connection, + MHD_HTTP_BAD_REQUEST, + "{s:s, s:i, s:i, s:s}", + "error", "commitment violation", + "offset", (int) off, + "index", (int) j, + "object", missmatch_object); +} + + +/** * Send a response for "/refresh/link". * * @param connection the connection to send the response to diff --git a/src/mint/taler-mint-httpd_responses.h b/src/mint/taler-mint-httpd_responses.h index 7d0824c88..d42aa29b6 100644 --- a/src/mint/taler-mint-httpd_responses.h +++ b/src/mint/taler-mint-httpd_responses.h @@ -298,6 +298,30 @@ TALER_MINT_reply_refresh_reveal_success (struct MHD_Connection *connection, /** + * Send a response for a failed "/refresh/reveal", where the + * revealed value(s) do not match the original commitment. + * + * FIXME: should also include the client's signature over + * the original reveal operation and the data that was signed + * over eventually... (#3712) + * + * @param connection the connection to send the response to + * @param off offset in the array of kappa-commitments where + * the missmatch was detected + * @param j index of the coin for which the missmatch was + * detected + * @param missmatch_object name of the object that was + * bogus (i.e. "transfer key"). + * @return a MHD result code + */ +int +TALER_MINT_reply_refresh_reveal_missmatch (struct MHD_Connection *connection, + unsigned int off, + unsigned int j, + const char *missmatch_object); + + +/** * Send a response for "/refresh/link". * * @param connection the connection to send the response to |