diff options
| author | Christian Grothoff <christian@grothoff.org> | 2022-06-28 20:25:45 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2022-06-28 20:25:45 +0200 |
| commit | ded7f9ca189d8abbfcb6eb874d68bdc1a644da8f (patch) | |
| tree | e939971252fa7e25e799063f3f5cbc23e243853d /src/exchange/taler-exchange-httpd_purses_deposit.c | |
| parent | 379c580efc9d8da331e1d32dbde28111caf18a9b (diff) | |
| download | exchange-ded7f9ca189d8abbfcb6eb874d68bdc1a644da8f.tar.gz exchange-ded7f9ca189d8abbfcb6eb874d68bdc1a644da8f.tar.bz2 exchange-ded7f9ca189d8abbfcb6eb874d68bdc1a644da8f.zip | |
-fix issue with missing signature over denomination and age restriction hash in purse deposit
Diffstat (limited to 'src/exchange/taler-exchange-httpd_purses_deposit.c')
| -rw-r--r-- | src/exchange/taler-exchange-httpd_purses_deposit.c | 46 |
1 files changed, 33 insertions, 13 deletions
diff --git a/src/exchange/taler-exchange-httpd_purses_deposit.c b/src/exchange/taler-exchange-httpd_purses_deposit.c index af7200f12..4158b2936 100644 --- a/src/exchange/taler-exchange-httpd_purses_deposit.c +++ b/src/exchange/taler-exchange-httpd_purses_deposit.c @@ -239,6 +239,8 @@ deposit_transaction (void *cls, struct TALER_Amount amount; struct TALER_CoinSpendPublicKeyP coin_pub; struct TALER_CoinSpendSignatureP coin_sig; + struct TALER_DenominationHashP h_denom_pub; + struct TALER_AgeCommitmentHash phac; char *partner_url = NULL; TEH_plugin->rollback (TEH_plugin->cls); @@ -246,6 +248,8 @@ deposit_transaction (void *cls, pcc->purse_pub, &coin->cpi.coin_pub, &amount, + &h_denom_pub, + &phac, &coin_sig, &partner_url); if (qs < 0) @@ -268,6 +272,10 @@ deposit_transaction (void *cls, TALER_EC_EXCHANGE_PURSE_DEPOSIT_CONFLICTING_META_DATA), GNUNET_JSON_pack_data_auto ("coin_pub", &coin_pub), + GNUNET_JSON_pack_data_auto ("h_denom_pub", + &h_denom_pub), + GNUNET_JSON_pack_data_auto ("h_age_commitment", + &phac), GNUNET_JSON_pack_data_auto ("coin_sig", &coin_sig), GNUNET_JSON_pack_allow_null ( @@ -336,21 +344,33 @@ parse_coin (struct MHD_Connection *connection, if (GNUNET_OK != res) return res; } - if (GNUNET_OK != - TALER_wallet_purse_deposit_verify (TEH_base_url, - pcc->purse_pub, - &coin->amount, - &coin->cpi.coin_pub, - &coin->coin_sig)) { - TALER_LOG_WARNING ("Invalid signature on /purses/$PID/deposit request\n"); - GNUNET_JSON_parse_free (spec); - return (MHD_YES == - TALER_MHD_reply_with_error (connection, - MHD_HTTP_FORBIDDEN, - TALER_EC_EXCHANGE_PURSE_DEPOSIT_COIN_SIGNATURE_INVALID, - TEH_base_url)) + struct TALER_AgeCommitmentHash h_age; + + if (no_age_commitment) + memset (&h_age, 0, sizeof (h_age)); + else + TALER_age_commitment_hash (&age_commitment, + &h_age); + + if (GNUNET_OK != + TALER_wallet_purse_deposit_verify (TEH_base_url, + pcc->purse_pub, + &coin->amount, + &coin->cpi.denom_pub_hash, + &h_age, + &coin->cpi.coin_pub, + &coin->coin_sig)) + { + TALER_LOG_WARNING ("Invalid signature on /purses/$PID/deposit request\n"); + GNUNET_JSON_parse_free (spec); + return (MHD_YES == + TALER_MHD_reply_with_error (connection, + MHD_HTTP_FORBIDDEN, + TALER_EC_EXCHANGE_PURSE_DEPOSIT_COIN_SIGNATURE_INVALID, + TEH_base_url)) ? GNUNET_NO : GNUNET_SYSERR; + } } /* check denomination exists and is valid */ { |