diff options
| author | Christian Grothoff <christian@grothoff.org> | 2015-04-13 13:11:54 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2015-04-13 13:11:54 +0200 |
| commit | 9e9bad8dad9aacd3028e1baab76de36c8a5dbdc7 (patch) | |
| tree | 95bb3ee1bd7f28d5f04f2e2259cb5a06a7c6e69c /src | |
| parent | b69e3bf14b5ed73962daa9dfc3f0103b63038177 (diff) | |
distinguish active/old denomination keys (#3634)
Diffstat (limited to 'src')
| -rw-r--r-- | src/mint/Makefile.am | 1 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_db.c | 15 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_deposit.c | 6 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_keystate.c | 43 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_keystate.h | 28 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_refresh.c | 9 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_responses.c | 17 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_withdraw.c | 3 |
8 files changed, 94 insertions, 28 deletions
diff --git a/src/mint/Makefile.am b/src/mint/Makefile.am index 538020e9e..8d62f67c3 100644 --- a/src/mint/Makefile.am +++ b/src/mint/Makefile.am @@ -17,7 +17,6 @@ taler_mint_httpd_SOURCES = \ taler_mint_httpd_LDADD = \ $(LIBGCRYPT_LIBS) \ $(top_builddir)/src/util/libtalerutil.la \ - $(top_builddir)/src/pq/libtalerpq.la \ $(top_builddir)/src/mintdb/libtalermintdb.la \ -lmicrohttpd \ -ljansson \ diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 11bd60f7b..e72397571 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -136,7 +136,8 @@ TMH_DB_execute_deposit (struct MHD_Connection *connection, } mks = TMH_KS_acquire (); dki = TMH_KS_denomination_key_lookup (mks, - &deposit->coin.denom_pub); + &deposit->coin.denom_pub, + TMH_KS_DKU_DEPOSIT); TALER_amount_ntoh (&value, &dki->issue.value); TMH_KS_release (mks); @@ -320,7 +321,8 @@ TMH_DB_execute_withdraw_sign (struct MHD_Connection *connection, /* Check if balance is sufficient */ key_state = TMH_KS_acquire (); dki = TMH_KS_denomination_key_lookup (key_state, - denomination_pub); + denomination_pub, + TMH_KS_DKU_WITHDRAW); if (NULL == dki) { TMH_KS_release (key_state); @@ -392,7 +394,8 @@ TMH_DB_execute_withdraw_sign (struct MHD_Connection *connection, break; case TALER_MINTDB_RO_WITHDRAW_COIN: tdki = TMH_KS_denomination_key_lookup (key_state, - &pos->details.withdraw->denom_pub); + &pos->details.withdraw->denom_pub, + TMH_KS_DKU_WITHDRAW); TALER_amount_ntoh (&value, &tdki->issue.value); if (0 == (res & 2)) @@ -510,7 +513,8 @@ refresh_accept_melts (struct MHD_Connection *connection, int res; dki = &TMH_KS_denomination_key_lookup (key_state, - &coin_details->coin_info.denom_pub)->issue; + &coin_details->coin_info.denom_pub, + TMH_KS_DKU_DEPOSIT)->issue; if (NULL == dki) return (MHD_YES == @@ -1023,7 +1027,8 @@ refresh_mint_coin (struct MHD_Connection *connection, struct TALER_DenominationSignature ev_sig; dki = TMH_KS_denomination_key_lookup (key_state, - denom_pub); + denom_pub, + TMH_KS_DKU_WITHDRAW); if (NULL == dki) { GNUNET_break (0); diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c index e85eac78a..509eb5c67 100644 --- a/src/mint/taler-mint-httpd_deposit.c +++ b/src/mint/taler-mint-httpd_deposit.c @@ -86,7 +86,8 @@ verify_and_execute_deposit (struct MHD_Connection *connection, /* check denomination exists and is valid */ key_state = TMH_KS_acquire (); dki = TMH_KS_denomination_key_lookup (key_state, - &deposit->coin.denom_pub); + &deposit->coin.denom_pub, + TMH_KS_DKU_DEPOSIT); if (NULL == dki) { TMH_KS_release (key_state); @@ -188,7 +189,8 @@ parse_and_handle_deposit_request (struct MHD_Connection *connection, GNUNET_free (wire_enc); ks = TMH_KS_acquire (); dki = TMH_KS_denomination_key_lookup (ks, - &deposit.coin.denom_pub); + &deposit.coin.denom_pub, + TMH_KS_DKU_DEPOSIT); if (NULL == dki) { TMH_KS_release (ks); diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c index 60d18ef14..6da2ebbee 100644 --- a/src/mint/taler-mint-httpd_keystate.c +++ b/src/mint/taler-mint-httpd_keystate.c @@ -461,19 +461,56 @@ TMH_KS_acquire (void) * * @param key_state state to look in * @param denom_pub denomination public key + * @param use purpose for which the key is being located * @return the denomination key issue, * or NULL if denom_pub could not be found */ struct TALER_MINTDB_DenominationKeyIssueInformation * TMH_KS_denomination_key_lookup (const struct TMH_KS_StateHandle *key_state, - const struct TALER_DenominationPublicKey *denom_pub) + const struct TALER_DenominationPublicKey *denom_pub, + enum TMH_KS_DenominationKeyUse use) { struct GNUNET_HashCode hc; + struct TALER_MINTDB_DenominationKeyIssueInformation *dki; + struct GNUNET_TIME_Absolute now; GNUNET_CRYPTO_rsa_public_key_hash (denom_pub->rsa_public_key, &hc); - return GNUNET_CONTAINER_multihashmap_get (key_state->denomkey_map, - &hc); + dki = GNUNET_CONTAINER_multihashmap_get (key_state->denomkey_map, + &hc); + if (now.abs_value_us < + GNUNET_TIME_absolute_ntoh (dki->issue.start).abs_value_us) + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Not returning DKI for %s, as start time is in the future\n", + GNUNET_h2s (&hc)); + return NULL; + } + now = GNUNET_TIME_absolute_get (); + switch (use) + { + case TMH_KS_DKU_WITHDRAW: + if (now.abs_value_us > + GNUNET_TIME_absolute_ntoh (dki->issue.expire_withdraw).abs_value_us) + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Not returning DKI for %s, as time to create coins has passed\n", + GNUNET_h2s (&hc)); + return NULL; + } + break; + case TMH_KS_DKU_DEPOSIT: + if (now.abs_value_us > + GNUNET_TIME_absolute_ntoh (dki->issue.expire_spend).abs_value_us) + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Not returning DKI for %s, as time to spend coin has passed\n", + GNUNET_h2s (&hc)); + return NULL; + } + break; + } + return dki; } diff --git a/src/mint/taler-mint-httpd_keystate.h b/src/mint/taler-mint-httpd_keystate.h index 118a86e78..bcdd01f56 100644 --- a/src/mint/taler-mint-httpd_keystate.h +++ b/src/mint/taler-mint-httpd_keystate.h @@ -57,17 +57,41 @@ TMH_KS_release (struct TMH_KS_StateHandle *key_state); /** + * Denomination key lookups can be for signing of fresh coins + * or to validate signatures on existing coins. As the validity + * periods for a key differ, the caller must specify which + * use is relevant for the current operation. + */ +enum TMH_KS_DenominationKeyUse { + + /** + * The key is to be used for a /withdraw/sign or /refresh (mint) + * operation. + */ + TMH_KS_DKU_WITHDRAW, + + /** + * The key is to be usd for a /deposit or /refresh (melt) operation. + */ + TMH_KS_DKU_DEPOSIT + +}; + + +/** * Look up the issue for a denom public key. Note that the result * is only valid while the @a key_state is not released! * * @param key_state state to look in * @param denom_pub denomination public key + * @param use purpose for which the key is being located * @return the denomination key issue, - * or NULL if denom_pub could not be found + * or NULL if denom_pub could not be found (or is not valid at this time for the given @a use) */ struct TALER_MINTDB_DenominationKeyIssueInformation * TMH_KS_denomination_key_lookup (const struct TMH_KS_StateHandle *key_state, - const struct TALER_DenominationPublicKey *denom_pub); + const struct TALER_DenominationPublicKey *denom_pub, + enum TMH_KS_DenominationKeyUse use); /** diff --git a/src/mint/taler-mint-httpd_refresh.c b/src/mint/taler-mint-httpd_refresh.c index 38af09d85..0f9dbfa0c 100644 --- a/src/mint/taler-mint-httpd_refresh.c +++ b/src/mint/taler-mint-httpd_refresh.c @@ -80,7 +80,8 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, for (i=0;i<num_new_denoms;i++) { dki = &TMH_KS_denomination_key_lookup (key_state, - &denom_pubs[i])->issue; + &denom_pubs[i], + TMH_KS_DKU_WITHDRAW)->issue; TALER_amount_ntoh (&value, &dki->value); TALER_amount_ntoh (&fee_withdraw, @@ -108,7 +109,8 @@ handle_refresh_melt_binary (struct MHD_Connection *connection, /* calculate contribution of the i-th melt by subtracting the fee; add the rest to the total_melt value */ dki = &TMH_KS_denomination_key_lookup (key_state, - &coin_melt_details[i].coin_info.denom_pub)->issue; + &coin_melt_details[i].coin_info.denom_pub, + TMH_KS_DKU_DEPOSIT)->issue; TALER_amount_ntoh (&fee_melt, &dki->fee_refresh); if (GNUNET_OK != @@ -234,7 +236,8 @@ verify_coin_public_info (struct MHD_Connection *connection, key_state = TMH_KS_acquire (); dki = TMH_KS_denomination_key_lookup (key_state, - &melt_detail->coin_info.denom_pub); + &melt_detail->coin_info.denom_pub, + TMH_KS_DKU_DEPOSIT); if (NULL == dki) { TMH_KS_release (key_state); diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c index aad96fe72..4cd5f87ed 100644 --- a/src/mint/taler-mint-httpd_responses.c +++ b/src/mint/taler-mint-httpd_responses.c @@ -468,8 +468,6 @@ compile_reserve_history (const struct TALER_MINTDB_ReserveHistory *rh, json_t *transaction; int ret; const struct TALER_MINTDB_ReserveHistory *pos; - struct TALER_MINTDB_DenominationKeyIssueInformation *dki; - struct TMH_KS_StateHandle *key_state; struct TALER_WithdrawRequestPS wr; json_history = json_array (); @@ -502,7 +500,6 @@ compile_reserve_history (const struct TALER_MINTDB_ReserveHistory *rh, } } - key_state = TMH_KS_acquire (); ret = 0; for (pos = rh; NULL != pos; pos = pos->next) { @@ -511,29 +508,28 @@ compile_reserve_history (const struct TALER_MINTDB_ReserveHistory *rh, case TALER_MINTDB_RO_BANK_TO_MINT: break; case TALER_MINTDB_RO_WITHDRAW_COIN: - - dki = TMH_KS_denomination_key_lookup (key_state, - &pos->details.withdraw->denom_pub); - TALER_amount_ntoh (&value, - &dki->issue.value); + value = pos->details.withdraw->amount_with_fee; if (0 == ret) + { withdraw_total = value; + } else + { if (GNUNET_OK != TALER_amount_add (&withdraw_total, &withdraw_total, &value)) { - TMH_KS_release (key_state); json_decref (json_history); return NULL; } + } ret = 1; wr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW); wr.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS)); wr.reserve_pub = pos->details.withdraw->reserve_pub; TALER_amount_hton (&wr.amount_with_fee, - &pos->details.withdraw->amount_with_fee); + &value); TALER_amount_hton (&wr.withdraw_fee, &pos->details.withdraw->withdraw_fee); GNUNET_CRYPTO_rsa_public_key_hash (pos->details.withdraw->denom_pub.rsa_public_key, @@ -552,7 +548,6 @@ compile_reserve_history (const struct TALER_MINTDB_ReserveHistory *rh, break; } } - TMH_KS_release (key_state); if (GNUNET_SYSERR == TALER_amount_subtract (balance, diff --git a/src/mint/taler-mint-httpd_withdraw.c b/src/mint/taler-mint-httpd_withdraw.c index cd79532b2..ca7ec9a01 100644 --- a/src/mint/taler-mint-httpd_withdraw.c +++ b/src/mint/taler-mint-httpd_withdraw.c @@ -128,7 +128,8 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh, blinded_msg_len = spec[0].destination_size_out; ks = TMH_KS_acquire (); dki = TMH_KS_denomination_key_lookup (ks, - &denomination_pub); + &denomination_pub, + TMH_KS_DKU_WITHDRAW); if (NULL == dki) { TMH_PARSE_release_data (spec); |