aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-03-24 17:13:17 +0100
committerChristian Grothoff <christian@grothoff.org>2015-03-24 17:13:17 +0100
commitf052af1e6bc9532c7a924ca3e8edba2e990b3b83 (patch)
tree7440e5d69953e657e8cd62a9ee2ba3c9864cdf13 /src
parent55959bd01d636d324077d4201df0beca676e8d58 (diff)
address #3731: no need for session public key or signature
Diffstat (limited to 'src')
-rw-r--r--src/include/taler_crypto_lib.h39
-rw-r--r--src/include/taler_signatures.h70
-rw-r--r--src/mint/taler-mint-httpd_db.c9
-rw-r--r--src/mint/taler-mint-httpd_db.h4
-rw-r--r--src/mint/taler-mint-httpd_refresh.c65
-rw-r--r--src/mint/taler_mintdb_plugin.h15
6 files changed, 9 insertions, 193 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index a7e902777..3156e63ed 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -94,32 +94,6 @@ struct TALER_MerchantPrivateKey
/**
- * Type of public keys used by clients to sign
- * messages during a melting session.
- */
-struct TALER_SessionPublicKey
-{
- /**
- * Taler uses EdDSA for melting session keys.
- */
- struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
-};
-
-
-/**
- * Type of public keys used by clients to sign
- * messages during a melting session.
- */
-struct TALER_SessionPrivateKey
-{
- /**
- * Taler uses EdDSA for melting session keys.
- */
- struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
-};
-
-
-/**
* Type of transfer public keys used during refresh
* operations.
*/
@@ -148,19 +122,6 @@ struct TALER_TransferPrivateKey
/**
- * Type of signatures used by clients to sign
- * messages during a melting session.
- */
-struct TALER_SessionSignature
-{
- /**
- * Taler uses EdDSA for melting session keys.
- */
- struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
-};
-
-
-/**
* Type of online public keys used by the mint to sign
* messages.
*/
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index fa713dc42..b8fe8a7b7 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -61,28 +61,16 @@
#define TALER_SIGNATURE_REFRESH_MELT_COIN 5
/**
- * Signature where the refresh session confirms
- * the commits.
- */
-#define TALER_SIGNATURE_REFRESH_MELT_SESSION 6
-
-/**
* Signature where the mint (current signing key)
* confirms the no-reveal index for cut-and-choose and
* the validity of the melted coins.
*/
-#define TALER_SIGNATURE_REFRESH_MELT_RESPONSE 7
-
-/**
- * Signature where coins confirm that they want
- * to be melted into a certain session.
- */
-#define TALER_SIGNATURE_REFRESH_MELT_CONFIRM 9
+#define TALER_SIGNATURE_REFRESH_MELT_RESPONSE 6
/**
* Signature where the Mint confirms a deposit request.
*/
-#define TALER_SIGNATURE_MINT_DEPOSIT 10
+#define TALER_SIGNATURE_MINT_DEPOSIT 7
/***********************/
@@ -278,40 +266,6 @@ struct RefreshMeltCoinSignature
/**
- * Message signed by a coin to indicate that the coin should
- * be melted.
- */
-struct RefreshMeltSessionSignature
-{
- /**
- * Purpose is #TALER_SIGNATURE_REFRESH_MELT_SESSION
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Which melting operation should the coin become a part of.
- */
- struct GNUNET_HashCode melt_hash;
-
- /**
- * Public key of the refresh session for which
- * @e melt_client_signature must be a valid signature.
- */
- struct TALER_SessionPublicKey session_key;
-
- /**
- * What is the total value of the coins created during the
- * refresh, including melting fee!
- */
- struct TALER_AmountNBO amount_with_fee;
-
- /* FIXME: we should probably also include the value of
- the melting fee here as well! */
-
-};
-
-
-/**
* Format of the block signed by the Mint in response to a successful
* "/refresh/melt" request. Hereby the mint affirms that all of the
* coins were successfully melted. This also commits the mint to a
@@ -337,26 +291,6 @@ struct RefreshMeltResponseSignatureBody
/**
- * Message signed by the client requesting the final
- * result of the melting operation.
- */
-struct RefreshMeltConfirmSignRequestBody
-{
- /**
- * Purpose is #TALER_SIGNATURE_REFRESH_MELT_CONFIRM.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- // FIXME: We probably need more info in here...
-
- /**
- * Public key the client uses for this session.
- */
- struct TALER_SessionPublicKey session_pub;
-};
-
-
-/**
* Information about a signing key of the mint. Signing keys are used
* to sign mint messages other than coins, i.e. to confirm that a
* deposit was successful or that a refresh was accepted.
diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c
index 7592403da..c18936e1f 100644
--- a/src/mint/taler-mint-httpd_db.c
+++ b/src/mint/taler-mint-httpd_db.c
@@ -494,7 +494,6 @@ refresh_accept_melts (struct MHD_Connection *connection,
struct TALER_MINTDB_Session *session,
const struct MintKeyState *key_state,
const struct GNUNET_HashCode *session_hash,
- const struct TALER_SessionPublicKey *session_pub,
const struct TALER_CoinPublicInfo *coin_public_info,
const struct MeltDetails *coin_details,
uint16_t oldcoin_index)
@@ -587,9 +586,6 @@ refresh_accept_melts (struct MHD_Connection *connection,
*
* @param connection the MHD connection to handle
* @param session_hash hash code of the session the coins are melted into
- * @param refresh_session_pub public key of the refresh session
- * @param client_signature signature of the client (matching @a refresh_session_pub)
- * over the melting request
* @param num_new_denoms number of entries in @a denom_pubs, size of y-dimension of @commit_coin array
* @param denum_pubs public keys of the coins we want to withdraw in the end
* @param coin_count number of entries in @a coin_public_infos and @a coin_melt_details, size of y-dimension of @commit_link array
@@ -606,8 +602,6 @@ refresh_accept_melts (struct MHD_Connection *connection,
int
TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection,
const struct GNUNET_HashCode *session_hash,
- const struct TALER_SessionPublicKey *refresh_session_pub,
- const struct TALER_SessionSignature *client_signature,
unsigned int num_new_denoms,
const struct TALER_DenominationPublicKey *denom_pubs,
unsigned int coin_count,
@@ -665,7 +659,6 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection,
session,
key_state,
session_hash,
- refresh_session_pub,
&coin_public_infos[i],
&coin_melt_details[i],
i)))
@@ -724,8 +717,6 @@ TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection,
/* store 'global' session data */
- refresh_session.melt_sig = *client_signature;
- refresh_session.refresh_session_pub = *refresh_session_pub;
refresh_session.num_oldcoins = coin_count;
refresh_session.num_newcoins = num_new_denoms;
refresh_session.kappa = KAPPA; // FIXME... (#3711)
diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h
index edf8248c7..ed96bbd4b 100644
--- a/src/mint/taler-mint-httpd_db.h
+++ b/src/mint/taler-mint-httpd_db.h
@@ -108,8 +108,6 @@ struct MeltDetails
*
* @param connection the MHD connection to handle
* @param session_hash hash code of the session the coins are melted into
- * @param client_signature signature of the client (matching @a refresh_session_pub)
- * over the melting request
* @param num_new_denoms number of entries in @a denom_pubs, size of y-dimension of @commit_coin array
* @param denum_pubs array of public denomination keys for the refresh (?)
* @param coin_count number of entries in @a coin_public_infos and @ a coin_melt_details, size of y-dimension of @commit_link array
@@ -126,8 +124,6 @@ struct MeltDetails
int
TALER_MINT_db_execute_refresh_melt (struct MHD_Connection *connection,
const struct GNUNET_HashCode *session_hash,
- const struct TALER_SessionPublicKey *refresh_session_pub,
- const struct TALER_SessionSignature *client_signature,
unsigned int num_new_denoms,
const struct TALER_DenominationPublicKey *denom_pubs,
unsigned int coin_count,
diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c
index 775ffd4ce..6575f02c9 100644
--- a/src/mint/taler-mint-httpd_refresh.c
+++ b/src/mint/taler-mint-httpd_refresh.c
@@ -40,13 +40,12 @@
* and then hand things of to execute the melt operation.
*
* @param connection the MHD connection to handle
- * @param refresh_session_pub public key of the melt operation
* @param num_new_denoms number of coins to be created, size of y-dimension of @commit_link array
* @param denom_pubs array of @a num_new_denoms keys
* @param coin_count number of coins to be melted, size of y-dimension of @commit_coin array
* @param coin_public_infos array with @a coin_count entries about the coins
* @param coin_melt_details array with @a coin_count entries with melting details
- * @param commit_hash hash over the data that the client commits to
+ * @param session_hash hash over the data that the client commits to
* @param commit_client_sig signature of the client over this commitment
* @param kappa size of x-dimension of @commit_coin and @commit_link arrays
* @param commit_coin 2d array of coin commitments (what the mint is to sign
@@ -58,21 +57,18 @@
*/
static int
handle_refresh_melt_binary (struct MHD_Connection *connection,
- const struct TALER_SessionPublicKey *refresh_session_pub,
unsigned int num_new_denoms,
const struct TALER_DenominationPublicKey *denom_pubs,
unsigned int coin_count,
struct TALER_CoinPublicInfo *coin_public_infos,
const struct MeltDetails *coin_melt_details,
- const struct GNUNET_HashCode *commit_hash,
- const struct TALER_SessionSignature *commit_client_sig,
+ const struct GNUNET_HashCode *session_hash,
unsigned int kappa,
struct RefreshCommitCoin *const* commit_coin,
struct RefreshCommitLink *const* commit_link)
{
unsigned int i;
- struct RefreshMeltSessionSignature body;
struct MintKeyState *key_state;
struct TALER_MINT_DenomKeyIssue *dki;
struct TALER_Amount cost;
@@ -83,27 +79,6 @@ handle_refresh_melt_binary (struct MHD_Connection *connection,
struct TALER_Amount fee_melt;
struct TALER_Amount total_melt;
- /* check that signature from the session public key is ok */
- body.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_MELT_SESSION);
- body.purpose.size = htonl (sizeof (struct RefreshMeltSessionSignature));
- body.melt_hash = *commit_hash;
- TALER_amount_hton (&body.amount_with_fee,
- &coin_melt_details->melt_amount_with_fee);
-
- if (GNUNET_OK !=
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_REFRESH_MELT_SESSION,
- &body.purpose,
- &commit_client_sig->eddsa_signature,
- &refresh_session_pub->eddsa_pub))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "signature invalid (did not verify)\n");
- return TALER_MINT_reply_json_pack (connection,
- MHD_HTTP_UNAUTHORIZED,
- "{s:s}",
- "error",
- "invalid signature (verification)");
- }
GNUNET_assert (GNUNET_OK ==
TALER_amount_get_zero (MINT_CURRENCY,
&total_cost));
@@ -174,9 +149,7 @@ handle_refresh_melt_binary (struct MHD_Connection *connection,
"error", "value mismatch");
}
return TALER_MINT_db_execute_refresh_melt (connection,
- commit_hash,
- refresh_session_pub,
- commit_client_sig,
+ session_hash,
num_new_denoms,
denom_pubs,
coin_count,
@@ -382,7 +355,6 @@ free_commit_links (struct RefreshCommitLink **commit_link,
* #handle_refresh_melt_binary().
*
* @param connection the MHD connection to handle
- * @param refresh_session_pub public key of the melt operation
* @param new_denoms array of denomination keys
* @param melt_coins array of coins to melt
* @param melt_sig_json signature affirming the melt operation
@@ -398,7 +370,6 @@ free_commit_links (struct RefreshCommitLink **commit_link,
*/
static int
handle_refresh_melt_json (struct MHD_Connection *connection,
- const struct TALER_SessionPublicKey *refresh_session_pub,
const json_t *new_denoms,
const json_t *melt_coins,
const json_t *melt_sig_json,
@@ -420,19 +391,14 @@ handle_refresh_melt_json (struct MHD_Connection *connection,
struct TALER_CoinPublicInfo *coin_public_infos;
struct MeltDetails *coin_melt_details;
unsigned int coin_count;
- struct GNUNET_HashCode commit_hash;
+ struct GNUNET_HashCode session_hash;
struct GNUNET_HashContext *hash_context;
struct RefreshCommitCoin *commit_coin[kappa];
struct RefreshCommitLink *commit_link[kappa];
- const struct TALER_SessionSignature commit_client_sig;
/* For the signature check, we hash most of the inputs together
(except for the signatures on the coins). */
hash_context = GNUNET_CRYPTO_hash_context_start ();
- GNUNET_CRYPTO_hash_context_read (hash_context,
- refresh_session_pub,
- sizeof (struct TALER_SessionPublicKey));
-
num_new_denoms = json_array_size (new_denoms);
denom_pubs = GNUNET_malloc (num_new_denoms *
sizeof (struct TALER_DenominationPublicKey));
@@ -625,25 +591,13 @@ handle_refresh_melt_json (struct MHD_Connection *connection,
}
GNUNET_CRYPTO_hash_context_finish (hash_context,
- &commit_hash);
-
- res = GNUNET_MINT_parse_navigate_json (connection,
- commit_signature,
- JNAV_FIELD,
- "sig",
- JNAV_RET_DATA,
- &commit_client_sig,
- sizeof (struct TALER_SessionSignature));
-
- if (GNUNET_OK != res)
- return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
-
+ &session_hash);
for (i=0;i<coin_count;i++)
{
/* verify signatures on coins to melt */
res = verify_coin_public_info (connection,
- &commit_hash,
+ &session_hash,
&coin_public_infos[i],
&coin_melt_details[i]);
if (GNUNET_OK != res)
@@ -655,14 +609,12 @@ handle_refresh_melt_json (struct MHD_Connection *connection,
/* execute commit */
res = handle_refresh_melt_binary (connection,
- refresh_session_pub,
num_new_denoms,
denom_pubs,
coin_count,
coin_public_infos,
coin_melt_details,
- &commit_hash,
- &commit_client_sig,
+ &session_hash,
kappa,
commit_coin,
commit_link);
@@ -716,10 +668,8 @@ TALER_MINT_handler_refresh_melt (struct RequestHandler *rh,
unsigned int num_oldcoins;
unsigned int num_newcoins;
json_t *coin_detail;
- struct TALER_SessionPublicKey refresh_session_pub;
int res;
struct GNUNET_MINT_ParseFieldSpec spec[] = {
- TALER_MINT_PARSE_FIXED ("session_pub", &refresh_session_pub),
TALER_MINT_PARSE_ARRAY ("new_denoms", &new_denoms),
TALER_MINT_PARSE_ARRAY ("melt_coins", &melt_coins),
TALER_MINT_PARSE_ARRAY ("melt_signature", &melt_sig_json),
@@ -787,7 +737,6 @@ TALER_MINT_handler_refresh_melt (struct RequestHandler *rh,
num_oldcoins = json_array_size (coin_detail);
res = handle_refresh_melt_json (connection,
- &refresh_session_pub,
new_denoms,
melt_coins,
melt_sig_json,
diff --git a/src/mint/taler_mintdb_plugin.h b/src/mint/taler_mintdb_plugin.h
index 326737e61..d461413f1 100644
--- a/src/mint/taler_mintdb_plugin.h
+++ b/src/mint/taler_mintdb_plugin.h
@@ -235,21 +235,6 @@ struct Deposit
*/
struct RefreshSession
{
- /**
- * Signature over the commitments by the client.
- */
- struct TALER_SessionSignature commit_sig;
-
- /**
- * Public key the client uses to sign messages in
- * this exchange.
- */
- struct TALER_SessionPublicKey refresh_session_pub;
-
- /**
- * Signature over the melt by the client.
- */
- struct TALER_SessionSignature melt_sig;
/**
* Number of coins we are melting.