-correctly implement CS idempotency check on withdraw

author: Christian Grothoff <christian@grothoff.org> 2022-02-15 17:07:13 +0100
committer: Christian Grothoff <christian@grothoff.org> 2022-02-15 17:07:13 +0100
commit: ef938e0f7aca4232cbae322fdc7b68ed21fcd679 (patch)
tree: 9ea7af8c56ca6a5fd0bc2131bbde8549dc2eef13 /src/exchange/taler-exchange-httpd_withdraw.c
parent: 8ecbdeb55b5f9dfcd39d0ee1eaa2fc3f00aa9c5d (diff)
download: exchange-ef938e0f7aca4232cbae322fdc7b68ed21fcd679.tar.gz
exchange-ef938e0f7aca4232cbae322fdc7b68ed21fcd679.tar.bz2
exchange-ef938e0f7aca4232cbae322fdc7b68ed21fcd679.zip
1 files changed, 19 insertions, 6 deletions
diff --git a/src/exchange/taler-exchange-httpd_withdraw.c b/src/exchange/taler-exchange-httpd_withdraw.c
index 3799187c1..a3ac1de33 100644
--- a/src/exchange/taler-exchange-httpd_withdraw.c
+++ b/src/exchange/taler-exchange-httpd_withdraw.c
@@ -92,6 +92,11 @@ struct WithdrawContext
 {
 
   /**
+   * Hash that uniquely identifies the withdraw request.
+   */
+  struct TALER_WithdrawIdentificationHash wih;
+
+  /**
    * Hash of the (blinded) message to be signed by the Exchange.
    */
   struct TALER_BlindedCoinHash h_coin_envelope;
@@ -155,6 +160,7 @@ withdraw_transaction (void *cls,
 
   now = GNUNET_TIME_timestamp_get ();
   qs = TEH_plugin->do_withdraw (TEH_plugin->cls,
+                                &wc->wih,
                                 &wc->collectable,
                                 now,
                                 &found,
@@ -294,7 +300,7 @@ check_request_idempotent (struct TEH_RequestContext *rc,
   enum GNUNET_DB_QueryStatus qs;
 
   qs = TEH_plugin->get_withdraw_info (TEH_plugin->cls,
-                                      &wc->collectable.h_coin_envelope,
+                                      &wc->wih,
                                       &wc->collectable);
   if (0 > qs)
   {
@@ -496,7 +502,18 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
                                        NULL);
   }
 
-  // TODO: if CS: check nonce for reuse
+  if (GNUNET_OK !=
+      TALER_withdraw_request_hash (&wc.blinded_planchet,
+                                   &wc.collectable.denom_pub_hash,
+                                   &wc.wih))
+  {
+    GNUNET_break (0);
+    GNUNET_JSON_parse_free (spec);
+    return TALER_MHD_reply_with_error (rc->connection,
+                                       MHD_HTTP_INTERNAL_SERVER_ERROR,
+                                       TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
+                                       NULL);
+  }
 
   /* Sign before transaction! */
   ec = TEH_keys_denomination_sign (
@@ -535,10 +552,6 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
   /* Clean up and send back final response */
   GNUNET_JSON_parse_free (spec);
 
-  // FIXME: in CS-case, we MUST re-transmit any _existing_ signature
-  // (if database had a record matching the nonce)
-  // instead of sending a 'fresh' one back (as c0/c1 may differ in
-  // a client attack!
   {
     MHD_RESULT ret;
author	Christian Grothoff <christian@grothoff.org>	2022-02-15 17:07:13 +0100
committer	Christian Grothoff <christian@grothoff.org>	2022-02-15 17:07:13 +0100
commit	ef938e0f7aca4232cbae322fdc7b68ed21fcd679 (patch)
tree	9ea7af8c56ca6a5fd0bc2131bbde8549dc2eef13 /src/exchange/taler-exchange-httpd_withdraw.c
parent	8ecbdeb55b5f9dfcd39d0ee1eaa2fc3f00aa9c5d (diff)
download	exchange-ef938e0f7aca4232cbae322fdc7b68ed21fcd679.tar.gz exchange-ef938e0f7aca4232cbae322fdc7b68ed21fcd679.tar.bz2 exchange-ef938e0f7aca4232cbae322fdc7b68ed21fcd679.zip