aboutsummaryrefslogtreecommitdiff
path: root/src/mint
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-01-26 12:22:26 +0100
committerChristian Grothoff <christian@grothoff.org>2015-01-26 12:22:26 +0100
commitae917eeee0a3100538cf71972a0cadcc80098d80 (patch)
treeb974e974b53cc258aa24adc448c1df4cbc0d9e49 /src/mint
parentd4506f8a041385f7695b04b1ddfacb894d05da5c (diff)
intermediary commit, breaking the build by starting to move towards variable-size GNUnet signatures instead of fixed-size signatures; much broken now
Diffstat (limited to 'src/mint')
-rw-r--r--src/mint/mint.h58
-rw-r--r--src/mint/mint_common.c18
-rw-r--r--src/mint/mint_db.c114
-rw-r--r--src/mint/mint_db.h56
-rw-r--r--src/mint/taler-mint-httpd.c1
-rw-r--r--src/mint/taler-mint-httpd_db.c191
-rw-r--r--src/mint/taler-mint-httpd_db.h15
-rw-r--r--src/mint/taler-mint-httpd_deposit.c1
-rw-r--r--src/mint/taler-mint-httpd_keys.c31
-rw-r--r--src/mint/taler-mint-httpd_keys.h10
-rw-r--r--src/mint/taler-mint-httpd_parsing.c68
-rw-r--r--src/mint/taler-mint-httpd_parsing.h27
-rw-r--r--src/mint/taler-mint-httpd_refresh.c99
-rw-r--r--src/mint/taler-mint-httpd_responses.c22
-rw-r--r--src/mint/taler-mint-httpd_responses.h2
-rw-r--r--src/mint/taler-mint-httpd_withdraw.c62
-rw-r--r--src/mint/taler-mint-keyup.c27
-rw-r--r--src/mint/test_mint_common.c26
18 files changed, 557 insertions, 271 deletions
diff --git a/src/mint/mint.h b/src/mint/mint.h
index 39dda7d5f..1dc179340 100644
--- a/src/mint/mint.h
+++ b/src/mint/mint.h
@@ -29,7 +29,6 @@
#include <gnunet/gnunet_common.h>
#include <libpq-fe.h>
#include "taler_util.h"
-#include "taler_rsa.h"
#include "taler_signatures.h"
#define DIR_SIGNKEYS "signkeys"
@@ -55,7 +54,7 @@ struct TALER_MINT_DenomKeyIssuePriv
* The private key of the denomination. Will be NULL if the private key is
* not available.
*/
- struct TALER_RSA_PrivateKey *denom_priv;
+ struct GNUNET_CRYPTO_rsa_PrivateKey *denom_priv;
struct TALER_MINT_DenomKeyIssue issue;
};
@@ -75,26 +74,43 @@ struct TALER_CoinPublicInfo
/*
* The public key signifying the coin's denomination.
*/
- struct TALER_RSA_PublicKeyBinaryEncoded denom_pub;
+ struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub;
/**
* Signature over coin_pub by denom_pub.
*/
- struct TALER_RSA_Signature denom_sig;
+ struct GNUNET_CRYPTO_rsa_Signature *denom_sig;
};
+/**
+ * Information we keep for a withdrawn coin to reproduce
+ * the /withdraw operation if needed, and to have proof
+ * that a reserve was drained by this amount.
+ */
+struct CollectableBlindcoin
+{
+ /**
+ * Our signature over the (blinded) coin.
+ */
+ struct GNUNET_CRYPTO_rsa_Signature *sig;
+ /**
+ * Denomination key (which coin was generated).
+ */
+ struct GNUNET_CRYPOT_rsa_PublicKey *denom_pub;
-
-struct CollectableBlindcoin
-{
- struct TALER_RSA_BlindedSignaturePurpose ev;
- struct TALER_RSA_Signature ev_sig;
- struct TALER_RSA_PublicKeyBinaryEncoded denom_pub;
+ /**
+ * Public key of the reserve that was drained.
+ */
struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub;
+
+ /**
+ * Signature confirming the withdrawl, matching @e reserve_pub,
+ * @e denom_pub and @e h_blind.
+ */
struct GNUNET_CRYPTO_EddsaSignature reserve_sig;
};
@@ -127,7 +143,7 @@ struct RefreshCommitLink
struct LinkData
{
struct GNUNET_CRYPTO_EcdsaPrivateKey coin_priv;
- struct TALER_RSA_BlindingKeyBinaryEncoded bkey_enc;
+ struct GNUNET_CRYPTO_rsa_BlindingKey *bkey_enc;
};
@@ -149,7 +165,17 @@ GNUNET_NETWORK_STRUCT_END
struct RefreshCommitCoin
{
struct GNUNET_CRYPTO_EddsaPublicKey session_pub;
- struct TALER_RSA_BlindedSignaturePurpose coin_ev;
+
+ /**
+ * Blinded message to be signed (in envelope).
+ */
+ char *coin_ev;
+
+ /**
+ * Number of bytes in @e coin_ev.
+ */
+ size_t coin_ev_size;
+
uint16_t cnc_index;
uint16_t newcoin_index;
char link_enc[sizeof (struct LinkData)];
@@ -177,17 +203,17 @@ struct Deposit
/* FIXME: should be TALER_CoinPublicInfo */
struct GNUNET_CRYPTO_EddsaPublicKey coin_pub;
- struct TALER_RSA_PublicKeyBinaryEncoded denom_pub;
+ struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub;
- struct TALER_RSA_Signature coin_sig;
+ struct GNUNET_CRYPTO_rsa_Signature *coin_sig;
- struct TALER_RSA_Signature ubsig;
+ struct GNUNET_CRYPTO_rsa_Signature *ubsig; // ???
/**
* Type of the deposit (also purpose of the signature). Either
* #TALER_SIGNATURE_DEPOSIT or #TALER_SIGNATURE_INCREMENTAL_DEPOSIT.
*/
- struct TALER_RSA_SignaturePurpose purpose;
+ // struct TALER_RSA_SignaturePurpose purpose; // FIXME: bad type!
uint64_t transaction_id;
diff --git a/src/mint/mint_common.c b/src/mint/mint_common.c
index 734085e7b..bb55f30c4 100644
--- a/src/mint/mint_common.c
+++ b/src/mint/mint_common.c
@@ -93,7 +93,7 @@ TALER_MINT_read_denom_key (const char *filename,
uint64_t size;
size_t offset;
void *data;
- struct TALER_RSA_PrivateKey *priv;
+ struct GNUNET_CRYPTO_rsa_PrivateKey *priv;
int ret;
ret = GNUNET_SYSERR;
@@ -115,7 +115,8 @@ TALER_MINT_read_denom_key (const char *filename,
data,
size))
goto cleanup;
- if (NULL == (priv = TALER_RSA_decode_key (data + offset, size - offset)))
+ if (NULL == (priv = GNUNET_CRYPTO_rsa_private_key_decode (data + offset,
+ size - offset)))
goto cleanup;
dki->denom_priv = priv;
memcpy (&dki->issue.signature, data, offset);
@@ -138,22 +139,22 @@ int
TALER_MINT_write_denom_key (const char *filename,
const struct TALER_MINT_DenomKeyIssuePriv *dki)
{
- struct TALER_RSA_PrivateKeyBinaryEncoded *priv_enc;
+ char *priv_enc;
+ size_t priv_enc_size;
struct GNUNET_DISK_FileHandle *fh;
ssize_t wrote;
size_t wsize;
int ret;
fh = NULL;
- priv_enc = NULL;
+ priv_enc_size = GNUNET_CRYPTO_rsa_private_key_encode (dki->denom_priv,
+ &priv_enc);
ret = GNUNET_SYSERR;
if (NULL == (fh = GNUNET_DISK_file_open
(filename,
GNUNET_DISK_OPEN_WRITE | GNUNET_DISK_OPEN_CREATE | GNUNET_DISK_OPEN_TRUNCATE,
GNUNET_DISK_PERM_USER_READ | GNUNET_DISK_PERM_USER_WRITE)))
goto cleanup;
- if (NULL == (priv_enc = TALER_RSA_encode_key (dki->denom_priv)))
- goto cleanup;
wsize = sizeof (struct TALER_MINT_DenomKeyIssuePriv)
- offsetof (struct TALER_MINT_DenomKeyIssuePriv, issue.signature);
if (GNUNET_SYSERR == (wrote = GNUNET_DISK_file_write (fh,
@@ -162,12 +163,11 @@ TALER_MINT_write_denom_key (const char *filename,
goto cleanup;
if (wrote != wsize)
goto cleanup;
- wsize = ntohs (priv_enc->len);
if (GNUNET_SYSERR == (wrote = GNUNET_DISK_file_write (fh,
priv_enc,
- wsize)))
+ priv_enc_size)))
goto cleanup;
- if (wrote != wsize)
+ if (wrote != priv_enc_size)
goto cleanup;
ret = GNUNET_OK;
cleanup:
diff --git a/src/mint/mint_db.c b/src/mint/mint_db.c
index 6ce60fc45..60ad14493 100644
--- a/src/mint/mint_db.c
+++ b/src/mint/mint_db.c
@@ -54,25 +54,44 @@ static char *TALER_MINT_db_connection_cfg_str;
if (cond) { GNUNET_break (0); goto EXITIF_exit; } \
} while (0)
+
+/**
+ * Locate the response for a /withdraw request under the
+ * key of the hash of the blinded message.
+ *
+ * @param db_conn database connection to use
+ * @param h_blind hash of the blinded message
+ * @param collectable corresponding collectable coin (blind signature)
+ * if a coin is found
+ * @return #GNUNET_SYSERR on internal error
+ * #GNUNET_NO if the collectable was not found
+ * #GNUNET_YES on success
+ */
int
TALER_MINT_DB_get_collectable_blindcoin (PGconn *db_conn,
- struct TALER_RSA_BlindedSignaturePurpose *blind_ev,
+ const struct GNUNET_HashCode *h_blind,
struct CollectableBlindcoin *collectable)
{
PGresult *result;
struct TALER_DB_QueryParam params[] = {
- TALER_DB_QUERY_PARAM_PTR (blind_ev),
+ TALER_DB_QUERY_PARAM_PTR (h_blind),
TALER_DB_QUERY_PARAM_END
};
- result = TALER_DB_exec_prepared (db_conn, "get_collectable_blindcoins", params);
+ char *sig_buf;
+ size_t sig_buf_size;
+
+ result = TALER_DB_exec_prepared (db_conn,
+ "get_collectable_blindcoins",
+ params);
if (PGRES_TUPLES_OK != PQresultStatus (result))
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Query failed: %s\n", PQresultErrorMessage (result));
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Query failed: %s\n",
+ PQresultErrorMessage (result));
PQclear (result);
return GNUNET_SYSERR;
}
-
if (0 == PQntuples (result))
{
PQclear (result);
@@ -80,7 +99,7 @@ TALER_MINT_DB_get_collectable_blindcoin (PGconn *db_conn,
}
struct TALER_DB_ResultSpec rs[] = {
- TALER_DB_RESULT_SPEC("blind_ev_sig", &collectable->ev_sig),
+ TALER_DB_RESULT_SPEC_VAR("blind_sig", &sig_buf, &sig_buf_size),
TALER_DB_RESULT_SPEC("denom_pub", &collectable->denom_pub),
TALER_DB_RESULT_SPEC("reserve_sig", &collectable->reserve_sig),
TALER_DB_RESULT_SPEC("reserve_pub", &collectable->reserve_pub),
@@ -93,43 +112,66 @@ TALER_MINT_DB_get_collectable_blindcoin (PGconn *db_conn,
PQclear (result);
return GNUNET_SYSERR;
}
- (void) memcpy (&collectable->ev, blind_ev, sizeof (struct TALER_RSA_BlindedSignaturePurpose));
PQclear (result);
return GNUNET_OK;
}
+/**
+ * Store collectable bit coin under the corresponding
+ * hash of the blinded message.
+ *
+ * @param db_conn database connection to use
+ * @param h_blind hash of the blinded message
+ * @param collectable corresponding collectable coin (blind signature)
+ * if a coin is found
+ * @return #GNUNET_SYSERR on internal error
+ * #GNUNET_NO if the collectable was not found
+ * #GNUNET_YES on success
+ */
int
TALER_MINT_DB_insert_collectable_blindcoin (PGconn *db_conn,
+ const struct GNUNET_HashCode *h_blind,
const struct CollectableBlindcoin *collectable)
{
PGresult *result;
- struct TALER_DB_QueryParam params[] = {
- TALER_DB_QUERY_PARAM_PTR (&collectable->ev),
- TALER_DB_QUERY_PARAM_PTR (&collectable->ev_sig),
- TALER_DB_QUERY_PARAM_PTR (&collectable->denom_pub),
- TALER_DB_QUERY_PARAM_PTR (&collectable->reserve_pub),
- TALER_DB_QUERY_PARAM_PTR (&collectable->reserve_sig),
- TALER_DB_QUERY_PARAM_END
- };
- result = TALER_DB_exec_prepared (db_conn, "insert_collectable_blindcoins", params);
+ char *sig_buf;
+ size_t sig_buf_size;
+
+ sig_buf_size = GNUNET_CRYPTO_rsa_signature_encode (collectable->sig,
+ &sig_buf);
+ {
+ struct TALER_DB_QueryParam params[] = {
+ TALER_DB_QUERY_PARAM_PTR (&h_blind),
+ TALER_DB_QUERY_PARAM_PTR_SIZED (sig_buf, sig_buf_size),
+ TALER_DB_QUERY_PARAM_PTR (&collectable->denom_pub),
+ TALER_DB_QUERY_PARAM_PTR (&collectable->reserve_pub),
+ TALER_DB_QUERY_PARAM_PTR (&collectable->reserve_sig),
+ TALER_DB_QUERY_PARAM_END
+ };
- if (PGRES_COMMAND_OK != PQresultStatus (result))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Query failed: %s\n", PQresultErrorMessage (result));
- PQclear (result);
- return GNUNET_SYSERR;
- }
+ result = TALER_DB_exec_prepared (db_conn,
+ "insert_collectable_blindcoins",
+ params);
+ if (PGRES_COMMAND_OK != PQresultStatus (result))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Query failed: %s\n",
+ PQresultErrorMessage (result));
+ PQclear (result);
+ return GNUNET_SYSERR;
+ }
- if (0 != strcmp ("1", PQcmdTuples (result)))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Insert failed (updated '%s' tupes instead of '1')\n",
- PQcmdTuples (result));
+ if (0 != strcmp ("1", PQcmdTuples (result)))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Insert failed (updated '%s' tupes instead of '1')\n",
+ PQcmdTuples (result));
+ PQclear (result);
+ return GNUNET_SYSERR;
+ }
PQclear (result);
- return GNUNET_SYSERR;
}
-
- PQclear (result);
return GNUNET_OK;
}
@@ -730,7 +772,7 @@ int
TALER_MINT_DB_insert_refresh_order (PGconn *db_conn,
uint16_t newcoin_index,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
- const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub)
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub)
{
uint16_t newcoin_index_nbo = htons (newcoin_index);
struct TALER_DB_QueryParam params[] = {
@@ -1267,7 +1309,7 @@ int
TALER_MINT_DB_get_refresh_order (PGconn *db_conn,
uint16_t newcoin_index,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
- struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub)
+ struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub)
{
uint16_t newcoin_index_nbo = htons (newcoin_index);
@@ -1315,7 +1357,7 @@ int
TALER_MINT_DB_insert_refresh_collectable (PGconn *db_conn,
uint16_t newcoin_index,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
- const struct TALER_RSA_Signature *ev_sig)
+ const struct GNUNET_CRYPTO_rsa_Signature *ev_sig)
{
uint16_t newcoin_index_nbo = htons (newcoin_index);
struct TALER_DB_QueryParam params[] = {
@@ -1343,7 +1385,7 @@ int
TALER_MINT_DB_get_refresh_collectable (PGconn *db_conn,
uint16_t newcoin_index,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
- struct TALER_RSA_Signature *ev_sig)
+ struct GNUNET_CRYPTO_rsa_Signature *ev_sig)
{
uint16_t newcoin_index_nbo = htons (newcoin_index);
@@ -1394,7 +1436,7 @@ TALER_MINT_DB_insert_refresh_melt (PGconn *db_conn,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
uint16_t oldcoin_index,
const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub,
- const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub)
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub)
{
uint16_t oldcoin_index_nbo = htons (oldcoin_index);
struct TALER_DB_QueryParam params[] = {
@@ -1499,8 +1541,8 @@ TALER_db_get_link (PGconn *db_conn,
for (i = 0; i < PQntuples (result); i++)
{
struct LinkDataEnc link_data_enc;
- struct TALER_RSA_PublicKeyBinaryEncoded denom_pub;
- struct TALER_RSA_Signature ev_sig;
+ struct GNUNET_CRYPTO_rsa__PublicKey *denom_pub;
+ struct GNUNET_CRYPTO_rsa_Signature *sig;
struct TALER_DB_ResultSpec rs[] = {
TALER_DB_RESULT_SPEC("link_vector_enc", &link_data_enc),
TALER_DB_RESULT_SPEC("denom_pub", &denom_pub),
diff --git a/src/mint/mint_db.h b/src/mint/mint_db.h
index 7998a01cf..01ad1a6ed 100644
--- a/src/mint/mint_db.h
+++ b/src/mint/mint_db.h
@@ -27,7 +27,6 @@
#include <microhttpd.h>
#include <gnunet/gnunet_util_lib.h>
#include "taler_util.h"
-#include "taler_rsa.h"
#include "taler-mint-httpd_db.h"
#include "mint.h"
@@ -35,13 +34,40 @@
int
TALER_MINT_DB_prepare (PGconn *db_conn);
+
+/**
+ * Locate the response for a /withdraw request under the
+ * key of the hash of the blinded message.
+ *
+ * @param db_conn database connection to use
+ * @param h_blind hash of the blinded message
+ * @param collectable corresponding collectable coin (blind signature)
+ * if a coin is found
+ * @return #GNUNET_SYSERR on internal error
+ * #GNUNET_NO if the collectable was not found
+ * #GNUNET_YES on success
+ */
int
TALER_MINT_DB_get_collectable_blindcoin (PGconn *db_conn,
- struct TALER_RSA_BlindedSignaturePurpose *blind_ev,
+ const struct GNUNET_HashCode *h_blind,
struct CollectableBlindcoin *collectable);
+
+/**
+ * Store collectable bit coin under the corresponding
+ * hash of the blinded message.
+ *
+ * @param db_conn database connection to use
+ * @param h_blind hash of the blinded message
+ * @param collectable corresponding collectable coin (blind signature)
+ * if a coin is found
+ * @return #GNUNET_SYSERR on internal error
+ * #GNUNET_NO if the collectable was not found
+ * #GNUNET_YES on success
+ */
int
TALER_MINT_DB_insert_collectable_blindcoin (PGconn *db_conn,
+ const struct GNUNET_HashCode *h_blind,
const struct CollectableBlindcoin *collectable);
@@ -62,6 +88,15 @@ TALER_MINT_DB_get_reserve (PGconn *db_conn,
const struct GNUNET_CRYPTO_EddsaPublicKey *reserve_pub,
struct Reserve *reserve_res);
+
+/**
+ * Update information about a reserve.
+ *
+ * @param db_conn
+ * @param reserve current reserve status
+ * @param fresh FIXME
+ * @return #GNUNET_OK on success
+ */
int
TALER_MINT_DB_update_reserve (PGconn *db_conn,
const struct Reserve *reserve,
@@ -72,7 +107,7 @@ int
TALER_MINT_DB_insert_refresh_order (PGconn *db_conn,
uint16_t newcoin_index,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
- const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub);
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub);
int
TALER_MINT_DB_get_refresh_session (PGconn *db_conn,
@@ -123,19 +158,22 @@ int
TALER_MINT_DB_get_refresh_order (PGconn *db_conn,
uint16_t newcoin_index,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
- struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub);
+ struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub);
int
TALER_MINT_DB_insert_refresh_collectable (PGconn *db_conn,
uint16_t newcoin_index,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
- const struct TALER_RSA_Signature *ev_sig);
+ const struct GNUNET_CRYPTO_rsa_Signature *ev_sig);
+
int
TALER_MINT_DB_get_refresh_collectable (PGconn *db_conn,
uint16_t newcoin_index,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
- struct TALER_RSA_Signature *ev_sig);
+ struct GNUNET_CRYPTO_rsa_Signature *ev_sig);
+
+
int
TALER_MINT_DB_set_reveal_ok (PGconn *db_conn,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub);
@@ -145,7 +183,7 @@ TALER_MINT_DB_insert_refresh_melt (PGconn *db_conn,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
uint16_t oldcoin_index,
const struct GNUNET_CRYPTO_EcdsaPublicKey *coin_pub,
- const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub);
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub);
int
@@ -158,8 +196,8 @@ TALER_MINT_DB_get_refresh_melt (PGconn *db_conn,
typedef
int (*LinkIterator) (void *cls,
const struct LinkDataEnc *link_data_enc,
- const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub,
- const struct TALER_RSA_Signature *ev_sig);
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub,
+ const struct GNUNET_CRYPTO_rsa_Signature *ev_sig);
int
TALER_db_get_link (PGconn *db_conn,
diff --git a/src/mint/taler-mint-httpd.c b/src/mint/taler-mint-httpd.c
index 9dc03cdea..ffd97a1ad 100644
--- a/src/mint/taler-mint-httpd.c
+++ b/src/mint/taler-mint-httpd.c
@@ -29,7 +29,6 @@
#include <pthread.h>
#include "mint.h"
#include "taler_signatures.h"
-#include "taler_rsa.h"
#include "taler_json_lib.h"
#include "taler-mint-httpd_parsing.h"
#include "taler-mint-httpd_mhd.h"
diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c
index 369e88967..78946f50f 100644
--- a/src/mint/taler-mint-httpd_db.c
+++ b/src/mint/taler-mint-httpd_db.c
@@ -83,9 +83,9 @@ TALER_MINT_db_execute_deposit (struct MHD_Connection *connection,
if (GNUNET_SYSERR == res)
{
- GNUNET_break (0);
+ GNUNET_break (0);
/* FIXME: return error message to client via MHD! */
- return MHD_NO;
+ return MHD_NO;
}
{
@@ -221,56 +221,65 @@ TALER_MINT_db_execute_withdraw_status (struct MHD_Connection *connection,
* Execute a /withdraw/sign.
*
* @param connection the MHD connection to handle
- * @param wsrd_ro details about the withdraw request
+ * @param reserve public key of the reserve
+ * @param denomination_pub public key of the denomination requested
+ * @param blinded_msg blinded message to be signed
+ * @param blinded_msg_len number of bytes in @a blinded_msg
+ * @param signature signature over the withdraw request, to be stored in DB
* @return MHD result code
*/
int
TALER_MINT_db_execute_withdraw_sign (struct MHD_Connection *connection,
- const struct TALER_WithdrawRequest *wsrd_ro)
+ const struct GNUNET_CRYPTO_EddsaPublicKey *reserve,
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denomination_pub,
+ const char *blinded_msg,
+ size_t blinded_msg_len,
+ const struct GNUNET_CRYPTO_EddsaSignature *signature)
{
PGconn *db_conn;
- struct Reserve reserve;
+ struct Reserve db_reserve;
struct MintKeyState *key_state;
struct CollectableBlindcoin collectable;
struct TALER_MINT_DenomKeyIssuePriv *dki;
- struct TALER_RSA_Signature ev_sig;
+ struct GNUNET_CRYPTO_rsa_Signature *sig;
struct TALER_Amount amount_required;
- /* FIXME: the fact that we do this here is a sign that we
- need to have different versions of this struct for
- the different places it is used! */
- struct TALER_WithdrawRequest wsrd = *wsrd_ro;
+ struct GNUNET_HashCode h_blind;
int res;
+ GNUNET_CRYPTO_hash (blinded_msg,
+ blinded_msg_len,
+ &h_blind);
+
if (NULL == (db_conn = TALER_MINT_DB_get_connection ()))
{
GNUNET_break (0);
return TALER_MINT_reply_internal_db_error (connection);
}
-
-
res = TALER_MINT_DB_get_collectable_blindcoin (db_conn,
- &wsrd.coin_envelope,
+ &h_blind,
&collectable);
if (GNUNET_SYSERR == res)
{
- // FIXME: return 'internal error'
GNUNET_break (0);
- return MHD_NO;
+ return TALER_MINT_reply_internal_db_error (connection);
}
/* Don't sign again if we have already signed the coin */
if (GNUNET_YES == res)
- return TALER_MINT_reply_withdraw_sign_success (connection,
- &collectable);
+ {
+ res = TALER_MINT_reply_withdraw_sign_success (connection,
+ &collectable);
+ GNUNET_CRYPTO_rsa_signature_free (collectable.sig);
+ return res;
+ }
GNUNET_assert (GNUNET_NO == res);
res = TALER_MINT_DB_get_reserve (db_conn,
- &wsrd.reserve_pub,
- &reserve);
+ reserve,
+ &db_reserve);
if (GNUNET_SYSERR == res)
{
- // FIXME: return 'internal error'
GNUNET_break (0);
- return MHD_NO;
+ return TALER_MINT_reply_internal_db_error (connection);
}
if (GNUNET_NO == res)
return TALER_MINT_reply_json_pack (connection,
@@ -279,26 +288,9 @@ TALER_MINT_db_execute_withdraw_sign (struct MHD_Connection *connection,
"error",
"Reserve not found");
- // fill out all the missing info in the request before
- // we can check the signature on the request
-
- wsrd.purpose.purpose = htonl (TALER_SIGNATURE_WITHDRAW);
- wsrd.purpose.size = htonl (sizeof (struct TALER_WithdrawRequest) -
- offsetof (struct TALER_WithdrawRequest, purpose));
-
- if (GNUNET_OK !=
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WITHDRAW,
- &wsrd.purpose,
- &wsrd.sig,
- &wsrd.reserve_pub))
- return TALER_MINT_reply_json_pack (connection,
- MHD_HTTP_UNAUTHORIZED,
- "{s:s}",
- "error", "Invalid Signature");
-
key_state = TALER_MINT_key_state_acquire ();
dki = TALER_MINT_get_denom_key (key_state,
- &wsrd.denomination_pub);
+ denomination_pub);
TALER_MINT_key_state_release (key_state);
if (NULL == dki)
return TALER_MINT_reply_json_pack (connection,
@@ -307,52 +299,54 @@ TALER_MINT_db_execute_withdraw_sign (struct MHD_Connection *connection,
"error",
"Denomination not found");
- amount_required = TALER_amount_ntoh (dki->issue.value);
- amount_required = TALER_amount_add (amount_required,
+ amount_required = TALER_amount_add (TALER_amount_ntoh (dki->issue.value),
TALER_amount_ntoh (dki->issue.fee_withdraw));
-
if (0 < TALER_amount_cmp (amount_required,
- TALER_amount_ntoh (reserve.balance)))
+ TALER_amount_ntoh (db_reserve.balance)))
return TALER_MINT_reply_json_pack (connection,
MHD_HTTP_PAYMENT_REQUIRED,
"{s:s}",
"error",
"Insufficient funds");
- if (GNUNET_OK !=
- TALER_RSA_sign (dki->denom_priv,
- &wsrd.coin_envelope,
- sizeof (struct TALER_RSA_BlindedSignaturePurpose),
- &ev_sig))
+
+ db_reserve.balance = TALER_amount_hton
+ (TALER_amount_subtract (TALER_amount_ntoh (db_reserve.balance),
+ amount_required));
+
+ sig = GNUNET_CRYPTO_rsa_sign (dki->denom_priv,
+ blinded_msg,
+ blinded_msg_len);
+ if (NULL == sig)
{
- // FIXME: return 'internal error'
GNUNET_break (0);
- return MHD_NO;
+ return TALER_MINT_reply_internal_error (connection,
+ "Internal error");
}
- reserve.balance = TALER_amount_hton (TALER_amount_subtract (TALER_amount_ntoh (reserve.balance),
- amount_required));
+ /* transaction start */
if (GNUNET_OK !=
TALER_MINT_DB_update_reserve (db_conn,
- &reserve,
+ &db_reserve,
GNUNET_YES))
{
- // FIXME: return 'internal error'
GNUNET_break (0);
- return MHD_NO;
+ return TALER_MINT_reply_internal_db_error (connection);
}
-
collectable.ev = wsrd.coin_envelope;
- collectable.ev_sig = ev_sig;
+ collectable.sig = sig;
collectable.reserve_pub = wsrd.reserve_pub;
collectable.reserve_sig = wsrd.sig;
if (GNUNET_OK !=
TALER_MINT_DB_insert_collectable_blindcoin (db_conn,
+ &h_blind,
&collectable))
{
- // FIXME: return 'internal error'
GNUNET_break (0);
- return GNUNET_NO;;
+ GNUNET_CRYPTO_rsa_signature_free (sig);
+ return TALER_MINT_reply_internal_db_error (connection);
}
+ /* transaction end */
+ GNUNET_CRYPTO_rsa_signature_free (sig);
return TALER_MINT_reply_withdraw_sign_success (connection,
&collectable);
}
@@ -378,7 +372,7 @@ refresh_accept_denoms (struct MHD_Connection *connection,
const struct MintKeyState *key_state,
const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub,
unsigned int denom_pubs_count,
- const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pubs,
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pubs,
struct TALER_Amount *r_amount)
{
unsigned int i;
@@ -554,7 +548,7 @@ int
TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection,
const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub,
unsigned int num_new_denoms,
- const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pubs,
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pubs,
unsigned int coin_count,
const struct TALER_CoinPublicInfo *coin_public_infos)
{
@@ -821,10 +815,10 @@ helper_refresh_reveal_send_response (struct MHD_Connection *connection,
{
int res;
unsigned int newcoin_index;
- struct TALER_RSA_Signature *sigs;
+ struct GNUNET_CRYPTO_rsa_Signature **sigs;
sigs = GNUNET_malloc (refresh_session->num_newcoins *
- sizeof (struct TALER_RSA_Signature));
+ sizeof (struct GNUNET_CRYPTO_rsa_Signature *));
for (newcoin_index = 0; newcoin_index < refresh_session->num_newcoins; newcoin_index++)
{
res = TALER_MINT_DB_get_refresh_collectable (db_conn,
@@ -984,10 +978,12 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
{
struct RefreshCommitCoin commit_coin;
struct LinkData link_data;
- struct TALER_RSA_BlindedSignaturePurpose *coin_ev_check;
+ // struct BlindedSignaturePurpose *coin_ev_check;
struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub;
- struct TALER_RSA_BlindingKey *bkey;
- struct TALER_RSA_PublicKeyBinaryEncoded denom_pub;
+ struct GNUNET_CRYPTO_rsa_BlindingKey *bkey;
+ struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub;
+ char *buf;
+ size_t buf_len;
bkey = NULL;
res = TALER_MINT_DB_get_refresh_commit_coin (db_conn,
@@ -1011,7 +1007,8 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
}
GNUNET_CRYPTO_ecdsa_key_get_public (&link_data.coin_priv, &coin_pub);
- if (NULL == (bkey = TALER_RSA_blinding_key_decode (&link_data.bkey_enc)))
+ if (NULL == (bkey = GNUNET_CRYPTO_rsa_blinding_key_decode (link_data.bkey_enc,
+ link_data.bkey_enc_size)))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Invalid blinding key\n");
// FIXME: return error code!
@@ -1024,26 +1021,31 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
// FIXME: return error code!
return MHD_NO;
}
- if (NULL == (coin_ev_check =
- TALER_RSA_message_blind (&coin_pub,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
+ if (NULL == (buf_len =
+ GNUNET_CRYPTO_rsa_blind (&h_msg,
bkey,
- &denom_pub)))
+ denom_pub,
+ &buf)))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "blind failed\n");
// FIXME: return error code!
return MHD_NO;
}
- if (0 != memcmp (&coin_ev_check,
- &commit_coin.coin_ev,
- sizeof (struct TALER_RSA_BlindedSignaturePurpose)))
+ if ( (buf_len != commit_coin.coin_ev_size) ||
+ (0 != memcmp (buf,
+ commit_coin.coin_ev,
+ buf_len)) )
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "blind envelope does not match for kappa=%d, old=%d\n",
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "blind envelope does not match for kappa=%d, old=%d\n",
(int) (i+off), (int) j);
// FIXME: return error code!
+ GNUNET_free (buf);
return MHD_NO;
}
+ GNUNET_free (buf);
+
}
}
@@ -1058,9 +1060,9 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
for (j = 0; j < refresh_session.num_newcoins; j++)
{
struct RefreshCommitCoin commit_coin;
- struct TALER_RSA_PublicKeyBinaryEncoded denom_pub;
+ struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub;
struct TALER_MINT_DenomKeyIssuePriv *dki;
- struct TALER_RSA_Signature ev_sig;
+ struct GNUNET_CRYPTO_rsa_Signature *ev_sig;
res = TALER_MINT_DB_get_refresh_commit_coin (db_conn,
refresh_session_pub,
@@ -1091,11 +1093,10 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
// FIXME: return error code!
return MHD_NO;
}
- if (GNUNET_OK !=
- TALER_RSA_sign (dki->denom_priv,
- &commit_coin.coin_ev,
- sizeof (struct TALER_RSA_BlindedSignaturePurpose),
- &ev_sig))
+ ev_sig = GNUNET_CRYPTO_rsa_sign (dki->denom_priv,
+ commit_coin.coin_ev,
+ commit_coin.coin_ev_len);
+ if (NULL == ev_sig)
{
GNUNET_break (0);
// FIXME: return error code!
@@ -1144,25 +1145,33 @@ TALER_MINT_db_execute_refresh_reveal (struct MHD_Connection *connection,
static int
link_iter (void *cls,
const struct LinkDataEnc *link_data_enc,
- const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub,
- const struct TALER_RSA_Signature *ev_sig)
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub,
+ const struct GNUNET_CRYPTO_rsa_Signature *ev_sig)
{
json_t *list = cls;
json_t *obj = json_object ();
+ char *buf;
+ size_t buf_len;
+
json_array_append_new (list, obj);
json_object_set_new (obj, "link_enc",
- TALER_JSON_from_data (link_data_enc,
- sizeof (struct LinkDataEnc)));
+ TALER_JSON_from_data (link_data_enc,
+ sizeof (struct LinkDataEnc)));
+ buf_len = GNUNET_CRYPTO_rsa_public_key_encode (denom_pub,
+ &buf);
json_object_set_new (obj, "denom_pub",
- TALER_JSON_from_data (denom_pub,
- sizeof (struct TALER_RSA_PublicKeyBinaryEncoded)));
-
+ TALER_JSON_from_data (buf,
+ buf_len));
+ GNUNET_free (buf);
+ buf_len = GNUNET_CRYPTO_rsa_signature_encode (ev_sig,
+ &buf);
json_object_set_new (obj, "ev_sig",
- TALER_JSON_from_data (ev_sig,
- sizeof (struct TALER_RSA_Signature)));
+ TALER_JSON_from_data (buf,
+ buf_len));
+ GNUNET_free (buf_len);
return GNUNET_OK;
}
diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h
index 2a03812aa..dd82cbcb1 100644
--- a/src/mint/taler-mint-httpd_db.h
+++ b/src/mint/taler-mint-httpd_db.h
@@ -25,7 +25,6 @@
#include <microhttpd.h>
#include <gnunet/gnunet_util_lib.h>
#include "taler_util.h"
-#include "taler_rsa.h"
#include "taler-mint-httpd_keys.h"
#include "mint.h"
@@ -62,12 +61,20 @@ TALER_MINT_db_execute_withdraw_status (struct MHD_Connection *connection,
* Execute a /withdraw/sign.
*
* @param connection the MHD connection to handle
- * @param wsrd details about the withdraw request
+ * @param reserve public key of the reserve
+ * @param denomination_pub public key of the denomination requested
+ * @param blinded_msg blinded message to be signed
+ * @param blinded_msg_len number of bytes in @a blinded_msg
+ * @param signature signature over the withdraw request, to be stored in DB
* @return MHD result code
*/
int
TALER_MINT_db_execute_withdraw_sign (struct MHD_Connection *connection,
- const struct TALER_WithdrawRequest *wsrd);
+ const struct GNUNET_CRYPTO_EddsaPublicKey *reserve,
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denomination_pub,
+ const char *blinded_msg,
+ size_t blinded_msg_len,
+ const struct GNUNET_CRYPTO_EddsaSignature *signature);
@@ -86,7 +93,7 @@ int
TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection,
const struct GNUNET_CRYPTO_EddsaPublicKey *refresh_session_pub,
unsigned int num_new_denoms,
- const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pubs,
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pubs,
unsigned int coin_count,
const struct TALER_CoinPublicInfo *coin_public_infos);
diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c
index c4f4718e3..6eeb3bff1 100644
--- a/src/mint/taler-mint-httpd_deposit.c
+++ b/src/mint/taler-mint-httpd_deposit.c
@@ -36,7 +36,6 @@
#include "mint.h"
#include "mint_db.h"
#include "taler_signatures.h"
-#include "taler_rsa.h"
#include "taler_json_lib.h"
#include "taler-mint-httpd_parsing.h"
#include "taler-mint-httpd_keys.h"
diff --git a/src/mint/taler-mint-httpd_keys.c b/src/mint/taler-mint-httpd_keys.c
index aa1e2c6e6..24851575a 100644
--- a/src/mint/taler-mint-httpd_keys.c
+++ b/src/mint/taler-mint-httpd_keys.c
@@ -32,7 +32,6 @@
#include <pthread.h>
#include "mint.h"
#include "taler_signatures.h"
-#include "taler_rsa.h"
#include "taler_json_lib.h"
#include "taler-mint-httpd_parsing.h"
#include "taler-mint-httpd_keys.h"
@@ -66,14 +65,23 @@ static int reload_pipe[2];
static json_t *
denom_key_issue_to_json (const struct TALER_MINT_DenomKeyIssue *dki)
{
+ char *buf;
+ size_t buf_len;
json_t *dk_json = json_object ();
+
json_object_set_new (dk_json, "master_sig",
TALER_JSON_from_data (&dki->signature, sizeof (struct GNUNET_CRYPTO_EddsaSignature)));
json_object_set_new (dk_json, "stamp_start", TALER_JSON_from_abs (GNUNET_TIME_absolute_ntoh (dki->start)));
json_object_set_new (dk_json, "stamp_expire_withdraw", TALER_JSON_from_abs (GNUNET_TIME_absolute_ntoh (dki->expire_withdraw)));
json_object_set_new (dk_json, "stamp_expire_deposit", TALER_JSON_from_abs (GNUNET_TIME_absolute_ntoh (dki->expire_spend)));
+
+
+ buf_len = GNUNET_CRYPTO_rsa_public_key_encode (dki->denom_pub,
+ &buf);
json_object_set_new (dk_json, "denom_pub",
- TALER_JSON_from_data (&dki->denom_pub, sizeof (struct TALER_RSA_PublicKeyBinaryEncoded)));
+ TALER_JSON_from_data (buf,
+ buf_len));
+ GNUNET_free (buf);
json_object_set_new (dk_json, "value",
TALER_JSON_from_amount (TALER_amount_ntoh (dki->value)));
json_object_set_new (dk_json,
@@ -341,14 +349,19 @@ TALER_MINT_key_state_acquire (void)
*/
struct TALER_MINT_DenomKeyIssuePriv *
TALER_MINT_get_denom_key (const struct MintKeyState *key_state,
- const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub)
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub)
{
struct TALER_MINT_DenomKeyIssuePriv *issue;
struct GNUNET_HashCode hash;
+ char *buf;
+ size_t buf_len;
- GNUNET_CRYPTO_hash (denom_pub,
- sizeof (struct TALER_RSA_PublicKeyBinaryEncoded),
+ buf_len = GNUNET_CRYPTO_rsa_public_key_encode (denom_pub,
+ *buf);
+ GNUNET_CRYPTO_hash (buf,
+ buf_len,
&hash);
+ GNUNET_free (buf);
issue = GNUNET_CONTAINER_multihashmap_get (key_state->denomkey_map, &hash);
return issue;
}
@@ -373,10 +386,10 @@ TALER_MINT_test_coin_valid (const struct MintKeyState *key_state,
dki = TALER_MINT_get_denom_key (key_state, &coin_public_info->denom_pub);
if (NULL == dki)
return GNUNET_NO;
- if (GNUNET_OK != TALER_RSA_verify (&coin_public_info->coin_pub,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
- &coin_public_info->denom_sig,
- &dki->issue.denom_pub))
+ if (GNUNET_OK !=
+ GNUNET_CRYPTO_rsa_verify (&c_hash,
+ coin_public_info->denom_sig,
+ dki->issue.denom_pub))
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"coin signature is invalid\n");
diff --git a/src/mint/taler-mint-httpd_keys.h b/src/mint/taler-mint-httpd_keys.h
index cef0ac950..596350345 100644
--- a/src/mint/taler-mint-httpd_keys.h
+++ b/src/mint/taler-mint-httpd_keys.h
@@ -107,7 +107,7 @@ TALER_MINT_key_state_acquire (void);
*/
struct TALER_MINT_DenomKeyIssuePriv *
TALER_MINT_get_denom_key (const struct MintKeyState *key_state,
- const struct TALER_RSA_PublicKeyBinaryEncoded *denom_pub);
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub);
/**
@@ -116,9 +116,9 @@ TALER_MINT_get_denom_key (const struct MintKeyState *key_state,
*
* @param key_state the key state to use for checking the coin's validity
* @param coin_public_info the coin public info to check for validity
- * @return GNUNET_YES if the coin is valid,
- * GNUNET_NO if it is invalid
- * GNUNET_SYSERROR if an internal error occured
+ * @return #GNUNET_YES if the coin is valid,
+ * #GNUNET_NO if it is invalid
+ * #GNUNET_SYSERROR if an internal error occured
*/
int
TALER_MINT_test_coin_valid (const struct MintKeyState *key_state,
@@ -129,7 +129,7 @@ TALER_MINT_test_coin_valid (const struct MintKeyState *key_state,
* Read signals from a pipe in a loop, and reload keys from disk if
* SIGUSR1 is read from the pipe.
*
- * @return GNUNET_OK if we terminated normally, GNUNET_SYSERR on error
+ * @return #GNUNET_OK if we terminated normally, #GNUNET_SYSERR on error
*/
int
TALER_MINT_key_reload_loop (void);
diff --git a/src/mint/taler-mint-httpd_parsing.c b/src/mint/taler-mint-httpd_parsing.c
index 56744c6b0..c4e28bba7 100644
--- a/src/mint/taler-mint-httpd_parsing.c
+++ b/src/mint/taler-mint-httpd_parsing.c
@@ -553,22 +553,29 @@ TALER_MINT_parse_json_data (struct MHD_Connection *connection,
{
unsigned int i;
int ret;
+ void *ptr;
ret = GNUNET_YES;
for (i=0; NULL != spec[i].field_name; i++)
{
if (0 == spec[i].destination_size_in)
+ {
+ ptr = NULL;
parse_variable_json_data (connection, root,
spec[i].field_name,
- (void **) spec[i].destination,
+ &ptr,
&spec[i].destination_size_out,
&ret);
+ spec[i].destination = ptr;
+ }
else
+ {
parse_fixed_json_data (connection, root,
spec[i].field_name,
spec[i].destination,
spec[i].destination_size_in,
&ret);
+ }
}
if (GNUNET_YES != ret)
TALER_MINT_release_parsed_data (spec);
@@ -641,4 +648,63 @@ TALER_MINT_mhd_request_arg_data (struct MHD_Connection *connection,
return GNUNET_OK;
}
+
+/**
+ * Extraxt variable-size base32crockford encoded data from request.
+ *
+ * Queues an error response to the connection if the parameter is missing
+ * or the encoding is invalid.
+ *
+ * @param connection the MHD connection
+ * @param param_name the name of the parameter with the key
+ * @param[out] out_data pointer to allocate buffer and store the result
+ * @param[out] out_size set to the size of the buffer allocated in @a out_data
+ * @return
+ * #GNUNET_YES if the the argument is present
+ * #GNUNET_NO if the argument is absent or malformed
+ * #GNUNET_SYSERR on internal error (error response could not be sent)
+ */
+int
+TALER_MINT_mhd_request_var_arg_data (struct MHD_Connection *connection,
+ const char *param_name,
+ void **out_data,
+ size_t *out_size)
+{
+ const char *str;
+ size_t slen;
+ size_t olen;
+ void *out;
+
+ str = MHD_lookup_connection_value (connection,
+ MHD_GET_ARGUMENT_KIND,
+ param_name);
+ if (NULL == str)
+ {
+ return (MHD_NO ==
+ TALER_MINT_reply_arg_missing (connection, param_name))
+ ? GNUNET_SYSERR : GNUNET_NO;
+ }
+ slen = strlen (str);
+ olen = (slen * 5) / 8;
+ out = GNUNET_malloc (olen);
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (str,
+ strlen (str),
+ out,
+ olen))
+ {
+ GNUNET_free (out);
+ *out_size = 0;
+ return (MHD_NO ==
+ TALER_MINT_reply_arg_invalid (connection, param_name))
+ ? GNUNET_SYSERR : GNUNET_NO;
+ }
+ *out_data = out;
+ *out_size = olen;
+ return GNUNET_OK;
+
+}
+
+
+
/* end of taler-mint-httpd_parsing.c */
diff --git a/src/mint/taler-mint-httpd_parsing.h b/src/mint/taler-mint-httpd_parsing.h
index 59c31f595..5f5f35dfc 100644
--- a/src/mint/taler-mint-httpd_parsing.h
+++ b/src/mint/taler-mint-httpd_parsing.h
@@ -209,9 +209,8 @@ TALER_MINT_release_parsed_data (struct GNUNET_MINT_ParseFieldSpec *spec);
* Generate line in parser specification for variable-size value.
*
* @param field name of the field
- * @param value where to store the value
*/
-#define TALER_MINT_PARSE_VARIABLE(field,value) { field, &value, 0, 0 }
+#define TALER_MINT_PARSE_VARIABLE(field) { field, NULL, 0, 0 }
/**
* Generate line in parser specification indicating the end of the spec.
@@ -220,7 +219,7 @@ TALER_MINT_release_parsed_data (struct GNUNET_MINT_ParseFieldSpec *spec);
/**
- * Extraxt base32crockford encoded data from request.
+ * Extraxt fixed-size base32crockford encoded data from request.
*
* Queues an error response to the connection if the parameter is missing or
* invalid.
@@ -241,6 +240,28 @@ TALER_MINT_mhd_request_arg_data (struct MHD_Connection *connection,
size_t out_size);
+/**
+ * Extraxt variable-size base32crockford encoded data from request.
+ *
+ * Queues an error response to the connection if the parameter is missing
+ * or the encoding is invalid.
+ *
+ * @param connection the MHD connection
+ * @param param_name the name of the parameter with the key
+ * @param[out] out_data pointer to allocate buffer and store the result
+ * @param[out] out_size set to the size of the buffer allocated in @a out_data
+ * @return
+ * #GNUNET_YES if the the argument is present
+ * #GNUNET_NO if the argument is absent or malformed
+ * #GNUNET_SYSERR on internal error (error response could not be sent)
+ */
+int
+TALER_MINT_mhd_request_var_arg_data (struct MHD_Connection *connection,
+ const char *param_name,
+ void **out_data,
+ size_t *out_size);
+
+
#endif /* TALER_MICROHTTPD_LIB_H_ */
diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c
index 69ba87c29..40737ae31 100644
--- a/src/mint/taler-mint-httpd_refresh.c
+++ b/src/mint/taler-mint-httpd_refresh.c
@@ -34,7 +34,6 @@
#include "mint.h"
#include "mint_db.h"
#include "taler_signatures.h"
-#include "taler_rsa.h"
#include "taler_json_lib.h"
#include "taler-mint-httpd_parsing.h"
#include "taler-mint-httpd_keys.h"
@@ -94,7 +93,7 @@ check_confirm_signature (struct MHD_Connection *connection,
* @param connection the connection to send error responses to
* @param root the JSON object to extract the coin info from
* @return #GNUNET_YES if coin public info in JSON was valid
- * #GNUNET_NO otherwise
+ * #GNUNET_NO JSON was invalid, response was generated
* #GNUNET_SYSERR on internal error
*/
static int
@@ -103,33 +102,38 @@ request_json_require_coin_public_info (struct MHD_Connection *connection,
struct TALER_CoinPublicInfo *r_public_info)
{
int ret;
-
- GNUNET_assert (NULL != root);
-
- ret = GNUNET_MINT_parse_navigate_json (connection, root,
- JNAV_FIELD, "coin_pub",
- JNAV_RET_DATA,
- &r_public_info->coin_pub,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
- if (GNUNET_OK != ret)
- return ret;
-
- ret = GNUNET_MINT_parse_navigate_json (connection, root,
- JNAV_FIELD, "denom_sig",
- JNAV_RET_DATA,
- &r_public_info->denom_sig,
- sizeof (struct TALER_RSA_Signature));
- if (GNUNET_OK != ret)
- return ret;
-
- ret = GNUNET_MINT_parse_navigate_json (connection, root,
- JNAV_FIELD, "denom_pub",
- JNAV_RET_DATA,
- &r_public_info->denom_pub,
- sizeof (struct TALER_RSA_PublicKeyBinaryEncoded));
+ struct GNUNET_CRYPTO_rsa_Signature *sig;
+ struct GNUNET_CRYPTO_rsa_PublicKey *pk;
+ struct GNUNET_MINT_ParseFieldSpec spec[] =
+ {
+ TALER_MINT_PARSE_FIXED("coin_pub", &r_public_info->coin_pub),
+ TALER_MINT_PARSE_VARIABLE("denom_sig"),
+ TALER_MINT_PARSE_VARIABLE("denom_pub"),
+ TALER_MINT_PARSE_END
+ };
+
+ ret = TALER_MINT_parse_json_data (connection,
+ root,
+ spec);
if (GNUNET_OK != ret)
return ret;
-
+ sig = GNUNET_CRYPTO_rsa_signature_decode (spec[1].destination,
+ spec[1].destination_size_out);
+ pk = GNUNET_CRYPTO_rsa_public_key_decode (spec[2].destination,
+ spec[2].destination_size_out);
+ TALER_MINT_release_parsed_data (spec);
+ if ( (NULL == pk) ||
+ (NULL == sig) )
+ {
+ if (NULL != sig)
+ GNUNET_CRYPTO_rsa_signature_free (sig);
+ if (NULL != pk)
+ GNUNET_CRYPTO_rsa_public_key_free (pk);
+ // FIXME: send error reply...
+ return GNUNET_NO;
+ }
+ r_public_info->denom_sig = sig;
+ r_public_info->denom_pub = pk;
return GNUNET_OK;
}
@@ -247,7 +251,7 @@ TALER_MINT_handler_refresh_melt (struct RequestHandler *rh,
json_t *new_denoms;
unsigned int num_new_denoms;
unsigned int i;
- struct TALER_RSA_PublicKeyBinaryEncoded *denom_pubs;
+ struct GNUNET_CRYPTO_rsa_PublicKey *denom_pubs;
json_t *melt_coins;
struct TALER_CoinPublicInfo *coin_public_infos;
unsigned int coin_count;
@@ -256,6 +260,8 @@ TALER_MINT_handler_refresh_melt (struct RequestHandler *rh,
struct MintKeyState *key_state;
struct RefreshMeltSignatureBody body;
json_t *melt_sig_json;
+ char *buf;
+ size_t buf_size;
res = TALER_MINT_parse_post_json (connection,
connection_cls,
@@ -291,23 +297,31 @@ TALER_MINT_handler_refresh_melt (struct RequestHandler *rh,
return res;
num_new_denoms = json_array_size (new_denoms);
denom_pubs = GNUNET_malloc (num_new_denoms *
- sizeof (struct TALER_RSA_PublicKeyBinaryEncoded));
+ sizeof (struct GNUNET_CRYPTO_rsa_PublicKey *));
for (i=0;i<num_new_denoms;i++)
{
res = GNUNET_MINT_parse_navigate_json (connection, root,
JNAV_FIELD, "new_denoms",
JNAV_INDEX, (int) i,
- JNAV_RET_DATA,
- &denom_pubs[i],
- sizeof (struct TALER_RSA_PublicKeyBinaryEncoded));
-
+ JNAV_RET_DATA_VAR,
+ &buf,
+ &buf_size);
if (GNUNET_OK != res)
{
GNUNET_free (denom_pubs);
/* FIXME: proper cleanup! */
return res;
}
+ denom_pubs[i] = GNUNET_CRYPTO_rsa_public_key_decode (buf, buf_size);
+ GNUNET_free (buf);
+ if (NULL == denom_pubs[i])
+ {
+ GNUNET_free (denom_pubs);
+ /* FIXME: proper cleanup! */
+ /* FIXME: generate error reply */
+ return GNUNET_SYSERR;
+ }
}
res = GNUNET_MINT_parse_navigate_json (connection, root,
@@ -377,9 +391,14 @@ TALER_MINT_handler_refresh_melt (struct RequestHandler *rh,
/* check that signature from the session public key is ok */
hash_context = GNUNET_CRYPTO_hash_context_start ();
for (i = 0; i < num_new_denoms; i++)
+ {
+ buf_size = GNUNET_CRYPTO_rsa_public_key_encode (denom_pubs[i],
+ &buf);
GNUNET_CRYPTO_hash_context_read (hash_context,
- &denom_pubs[i],
- sizeof (struct TALER_RSA_PublicKeyBinaryEncoded));
+ buf,
+ buf_size);
+ GNUNET_free (buf);
+ }
for (i = 0; i < coin_count; i++)
GNUNET_CRYPTO_hash_context_read (hash_context,
&coin_public_infos[i].coin_pub,
@@ -526,9 +545,9 @@ TALER_MINT_handler_refresh_commit (struct RequestHandler *rh,
JNAV_FIELD, "coin_evs",
JNAV_INDEX, (int) i,
JNAV_INDEX, (int) j,
- JNAV_RET_DATA,
- commit_coin[i][j].coin_ev,
- sizeof (struct TALER_RSA_BlindedSignaturePurpose));
+ JNAV_RET_DATA_VAR,
+ &commit_coin[i][j].coin_ev,
+ &commit_coin[i][j].coin_ev_size);
if (GNUNET_OK != res)
{
@@ -539,8 +558,8 @@ TALER_MINT_handler_refresh_commit (struct RequestHandler *rh,
}
GNUNET_CRYPTO_hash_context_read (hash_context,
- &commit_coin[i][j].coin_ev,
- sizeof (struct TALER_RSA_BlindedSignaturePurpose));
+ commit_coin[i][j].coin_ev,
+ commit_coin[i][j].coin_ev_size);
res = GNUNET_MINT_parse_navigate_json (connection, root,
JNAV_FIELD, "link_encs",
diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c
index 75342cd2d..92bde3c70 100644
--- a/src/mint/taler-mint-httpd_responses.c
+++ b/src/mint/taler-mint-httpd_responses.c
@@ -295,10 +295,15 @@ TALER_MINT_reply_withdraw_sign_success (struct MHD_Connection *connection,
const struct CollectableBlindcoin *collectable)
{
json_t *root = json_object ();
+ size_t sig_buf_size;
+ char *sig_buf;
+ sig_buf_size = GNUNET_CRYPTO_rsa_signature_encode (collectable->sig,
+ &sig_buf);
json_object_set_new (root, "ev_sig",
- TALER_JSON_from_data (&collectable->ev_sig,
- sizeof (struct TALER_RSA_Signature)));
+ TALER_JSON_from_data (sig_buf,
+ sig_buf_size));
+ GNUNET_free (sig_buf);
return TALER_MINT_reply_json (connection,
root,
MHD_HTTP_OK);
@@ -388,19 +393,26 @@ TALER_MINT_reply_refresh_commit_success (struct MHD_Connection *connection,
int
TALER_MINT_reply_refresh_reveal_success (struct MHD_Connection *connection,
unsigned int num_newcoins,
- const struct TALER_RSA_Signature *sigs)
+ const struct GNUNET_CRYPTO_rsa_Signature *sigs)
{
int newcoin_index;
json_t *root;
json_t *list;
+ char *buf;
+ size_t buf_size;
root = json_object ();
list = json_array ();
json_object_set_new (root, "ev_sigs", list);
for (newcoin_index = 0; newcoin_index < num_newcoins; newcoin_index++)
+ {
+ buf_size = GNUNET_CRYPTO_rsa_signature_encode (&sigs[newcoin_index],
+ &buf);
json_array_append_new (list,
- TALER_JSON_from_data (&sigs[newcoin_index],
- sizeof (struct TALER_RSA_Signature)));
+ TALER_JSON_from_data (buf,
+ buf_size));
+ GNUNET_free (buf);
+ }
return TALER_MINT_reply_json (connection,
root,
MHD_HTTP_OK);
diff --git a/src/mint/taler-mint-httpd_responses.h b/src/mint/taler-mint-httpd_responses.h
index 11e916f16..f92101ff7 100644
--- a/src/mint/taler-mint-httpd_responses.h
+++ b/src/mint/taler-mint-httpd_responses.h
@@ -209,7 +209,7 @@ TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection,
int
TALER_MINT_reply_refresh_reveal_success (struct MHD_Connection *connection,
unsigned int num_newcoins,
- const struct TALER_RSA_Signature *sigs);
+ const struct GNUNET_CRYPTO_rsa_Signature *sigs);
diff --git a/src/mint/taler-mint-httpd_withdraw.c b/src/mint/taler-mint-httpd_withdraw.c
index 5259c7fbf..1cf410910 100644
--- a/src/mint/taler-mint-httpd_withdraw.c
+++ b/src/mint/taler-mint-httpd_withdraw.c
@@ -32,7 +32,6 @@
#include "mint.h"
#include "mint_db.h"
#include "taler_signatures.h"
-#include "taler_rsa.h"
#include "taler_json_lib.h"
#include "taler-mint-httpd_parsing.h"
#include "taler-mint-httpd_keys.h"
@@ -94,6 +93,12 @@ TALER_MINT_handler_withdraw_sign (struct RequestHandler *rh,
{
struct TALER_WithdrawRequest wsrd;
int res;
+ const struct GNUNET_CRYPTO_rsa_PublicKey *denomination_pub;
+ char *denomination_pub_data;
+ size_t denomination_pub_data_size;
+ char *blinded_msg;
+ size_t blinded_msg_len;
+ const struct GNUNET_CRYPTO_EddsaSignature signature;
res = TALER_MINT_mhd_request_arg_data (connection,
"reserve_pub",
@@ -105,33 +110,66 @@ TALER_MINT_handler_withdraw_sign (struct RequestHandler *rh,
return MHD_YES; /* invalid request */
/* FIXME: handle variable-size signing keys! */
- res = TALER_MINT_mhd_request_arg_data (connection,
- "denom_pub",
- &wsrd.denomination_pub,
- sizeof (struct TALER_RSA_PublicKeyBinaryEncoded));
+ res = TALER_MINT_mhd_request_var_arg_data (connection,
+ "denom_pub",
+ &denomination_pub_data,
+ &denomination_pub_data_size);
if (GNUNET_SYSERR == res)
return MHD_NO; /* internal error */
if (GNUNET_NO == res)
return MHD_YES; /* invalid request */
- res = TALER_MINT_mhd_request_arg_data (connection,
- "coin_ev",
- &wsrd.coin_envelope,
- sizeof (struct TALER_RSA_Signature));
+ res = TALER_MINT_mhd_request_var_arg_data (connection,
+ "coin_ev",
+ &blinded_msg,
+ &blinded_msg_len);
if (GNUNET_SYSERR == res)
return MHD_NO; /* internal error */
if (GNUNET_NO == res)
return MHD_YES; /* invalid request */
res = TALER_MINT_mhd_request_arg_data (connection,
"reserve_sig",
- &wsrd.sig,
+ &signature,
sizeof (struct GNUNET_CRYPTO_EddsaSignature));
if (GNUNET_SYSERR == res)
return MHD_NO; /* internal error */
if (GNUNET_NO == res)
return MHD_YES; /* invalid request */
- return TALER_MINT_db_execute_withdraw_sign (connection,
- &wsrd);
+ /* verify signature! */
+ wsrd.purpose.size = htonl (sizeof (struct TALER_WithdrawRequest));
+ wsrd.purpose.type = htonl (TALER_SIGNATURE_WITHDRAW);
+ GNUNET_CRYPTO_hash (denomination_pub_data,
+ denomination_pub_data_size,
+ &wsrd.h_denomination_pub);
+ GNUNET_CRYPTO_hash (blinded_msg,
+ blinded_msg_len,
+ &wsrd.h_coin_envelope);
+ if (GNUNET_OK !=
+ GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WITHDRAW,
+ &wsrd.purpose,
+ &signature,
+ &wsrd.reserve_pub))
+ {
+ return 42; // FIXME: generate error reply
+ }
+ denomination_pub = GNUNET_CRYPTO_rsa_private_key_decode (denomination_pub_data,
+ denomination_pub_data_size);
+ if (NULL == denomination_pub)
+ {
+ GNUNET_free (denomination_pub_data);
+ GNUNET_free (blinded_msg);
+ return 42; // FIXME: generate error reply
+ }
+ res = TALER_MINT_db_execute_withdraw_sign (connection,
+ &wsrd.reserve_pub,
+ denomination_pub,
+ blinded_msg,
+ blinded_msg_len,
+ &signature);
+ GNUNET_free (denomination_pub_data);
+ GNUNET_free (blinded_msg);
+ GNUNET_CRYPTO_rsa_public_key_free (denomination_pub);
+ return res;
}
/* end of taler-mint-httpd_withdraw.c */
diff --git a/src/mint/taler-mint-keyup.c b/src/mint/taler-mint-keyup.c
index 263618ade..c2a326566 100644
--- a/src/mint/taler-mint-keyup.c
+++ b/src/mint/taler-mint-keyup.c
@@ -105,7 +105,7 @@ static struct GNUNET_CRYPTO_EddsaPublicKey *master_pub;
static struct GNUNET_TIME_Absolute lookahead_sign_stamp;
-int
+static int
config_get_denom (const char *section, const char *option, struct TALER_Amount *denom)
{
char *str;
@@ -117,7 +117,7 @@ config_get_denom (const char *section, const char *option, struct TALER_Amount *
}
-char *
+static char *
get_signkey_dir ()
{
char *dir;
@@ -128,7 +128,7 @@ get_signkey_dir ()
}
-char *
+static char *
get_signkey_file (struct GNUNET_TIME_Absolute start)
{
char *dir;
@@ -140,13 +140,12 @@ get_signkey_file (struct GNUNET_TIME_Absolute start)
}
-
/**
* Hash the data defining the coin type.
* Exclude information that may not be the same for all
* instances of the coin type (i.e. the anchor, overlap).
*/
-void
+static void
hash_coin_type (const struct CoinTypeParams *p, struct GNUNET_HashCode *hash)
{
struct CoinTypeNBO p_nbo;
@@ -254,7 +253,7 @@ get_anchor_iter (void *cls,
* @param overlap what's the overlap between the keys validity period?
* @param[out] anchor the timestamp where the first new key should be generated
*/
-void
+static void
get_anchor (const char *dir,
struct GNUNET_TIME_Relative duration,
struct GNUNET_TIME_Relative overlap,
@@ -291,6 +290,7 @@ get_anchor (const char *dir,
// anchor is now the stamp where we need to create a new key
}
+
static void
create_signkey_issue_priv (struct GNUNET_TIME_Absolute start,
struct GNUNET_TIME_Relative duration,
@@ -327,7 +327,7 @@ check_signkey_valid (const char *signkey_filename)
}
-int
+static int
mint_keys_update_signkeys ()
{
struct GNUNET_TIME_Relative signkey_duration;
@@ -377,7 +377,7 @@ mint_keys_update_signkeys ()
}
-int
+static int
get_cointype_params (const char *ct, struct CoinTypeParams *params)
{
const char *dir;
@@ -434,8 +434,8 @@ static void
create_denomkey_issue (struct CoinTypeParams *params,
struct TALER_MINT_DenomKeyIssuePriv *dki)
{
- GNUNET_assert (NULL != (dki->denom_priv = TALER_RSA_key_create ()));
- TALER_RSA_key_get_public (dki->denom_priv, &dki->issue.denom_pub);
+ GNUNET_assert (NULL != (dki->denom_priv = GNUNET_CRYPTO_rsa_private_key_create ()));
+ dki->issue.denom_pub = GNUNET_CRYPTO_rsa_private_key_get_get_public (dki->denom_priv);
dki->issue.master = *master_pub;
dki->issue.start = GNUNET_TIME_absolute_hton (params->anchor);
dki->issue.expire_withdraw =
@@ -470,7 +470,7 @@ check_cointype_valid (const char *filename, struct CoinTypeParams *params)
}
-int
+static int
mint_keys_update_cointype (const char *coin_alias)
{
struct CoinTypeParams p;
@@ -496,7 +496,7 @@ mint_keys_update_cointype (const char *coin_alias)
printf ("Target path: %s\n", dkf);
create_denomkey_issue (&p, &denomkey_issue);
ret = TALER_MINT_write_denom_key (dkf, &denomkey_issue);
- TALER_RSA_key_free (denomkey_issue.denom_priv);
+ GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv);
if (GNUNET_OK != ret)
{
fprintf (stderr, "Can't write to file '%s'\n", dkf);
@@ -514,7 +514,7 @@ mint_keys_update_cointype (const char *coin_alias)
}
-int
+static int
mint_keys_update_denomkeys ()
{
char *coin_types;
@@ -659,4 +659,3 @@ main (int argc, char *const *argv)
return 1;
return 0;
}
-
diff --git a/src/mint/test_mint_common.c b/src/mint/test_mint_common.c
index d4bbb6c46..7946f4f1a 100644
--- a/src/mint/test_mint_common.c
+++ b/src/mint/test_mint_common.c
@@ -22,7 +22,6 @@
#include "platform.h"
#include "gnunet/gnunet_util_lib.h"
-#include "taler_rsa.h"
#include "mint.h"
#define EXITIF(cond) \
@@ -34,9 +33,11 @@ int
main (int argc, const char *const argv[])
{
struct TALER_MINT_DenomKeyIssuePriv dki;
- struct TALER_RSA_PrivateKeyBinaryEncoded *enc;
+ char *enc;
+ size_t enc_size;
struct TALER_MINT_DenomKeyIssuePriv dki_read;
- struct TALER_RSA_PrivateKeyBinaryEncoded *enc_read;
+ char *enc_read;
+ size_t enc_read_size;
char *tmpfile;
int ret;
@@ -51,20 +52,17 @@ main (int argc, const char *const argv[])
&dki.issue.signature,
sizeof (dki) - offsetof (struct TALER_MINT_DenomKeyIssue,
signature));
- dki.denom_priv = TALER_RSA_key_create ();
- EXITIF (NULL == (enc = TALER_RSA_encode_key (dki.denom_priv)));
+ dki.denom_priv = GNUNET_CRYPTO_rsa_private_key_create ();
+ enc_size = GNUNET_CRYPTO_rsa_private_key_encode (dki.denom_priv, &enc);
EXITIF (NULL == (tmpfile = GNUNET_DISK_mktemp ("test_mint_common")));
EXITIF (GNUNET_OK != TALER_MINT_write_denom_key (tmpfile, &dki));
EXITIF (GNUNET_OK != TALER_MINT_read_denom_key (tmpfile, &dki_read));
- EXITIF (NULL == (enc_read = TALER_RSA_encode_key (dki_read.denom_priv)));
- EXITIF (enc->len != enc_read->len);
+ enc_read_size = GNUNET_CRYPTO_rsa_privae_key_encode (dki_read.denom_priv,
+ &enc_read);
+ EXITIF (enc_size != enc_read_size);
EXITIF (0 != memcmp (enc,
enc_read,
- ntohs(enc->len)));
- EXITIF (0 != memcmp (&dki.issue.signature,
- &dki_read.issue.signature,
- sizeof (dki) - offsetof (struct TALER_MINT_DenomKeyIssue,
- signature)));
+ enc_size));
ret = 0;
EXITIF_exit:
@@ -76,8 +74,8 @@ main (int argc, const char *const argv[])
}
GNUNET_free_non_null (enc_read);
if (NULL != dki.denom_priv)
- TALER_RSA_key_free (dki.denom_priv);
+ GNUNET_CRYPTO_rsa_private_key_free (dki.denom_priv);
if (NULL != dki_read.denom_priv)
- TALER_RSA_key_free (dki_read.denom_priv);
+ GNUNET_CRYPOT_rsa_private_key_free (dki_read.denom_priv);
return ret;
}