summaryrefslogtreecommitdiff
path: root/src/exchange
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-11-28 17:18:22 +0100
committerChristian Grothoff <christian@grothoff.org>2020-11-28 17:18:22 +0100
commit3d8abcc041aca59426fa92c1f164236f295ac847 (patch)
tree3bd9bc44f9b25704811935a0305d3321659ff75a /src/exchange
parenta6f98bab5a1b9d05851d665782c5e8aad4701a41 (diff)
downloadexchange-3d8abcc041aca59426fa92c1f164236f295ac847.tar.gz
exchange-3d8abcc041aca59426fa92c1f164236f295ac847.tar.bz2
exchange-3d8abcc041aca59426fa92c1f164236f295ac847.zip
more work on new endpoints
Diffstat (limited to 'src/exchange')
-rw-r--r--src/exchange/taler-exchange-httpd_auditors.c255
-rw-r--r--src/exchange/taler-exchange-httpd_management_auditors.c8
-rw-r--r--src/exchange/taler-exchange-httpd_management_auditors_AP_disable.c8
-rw-r--r--src/exchange/taler-exchange-httpd_management_post_keys.c28
-rw-r--r--src/exchange/taler-exchange-httpd_management_wire.c8
5 files changed, 284 insertions, 23 deletions
diff --git a/src/exchange/taler-exchange-httpd_auditors.c b/src/exchange/taler-exchange-httpd_auditors.c
new file mode 100644
index 00000000..954cb998
--- /dev/null
+++ b/src/exchange/taler-exchange-httpd_auditors.c
@@ -0,0 +1,255 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2020 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file taler-exchange-httpd_auditors.c
+ * @brief Handle request to add auditor signature on a denomination.
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <gnunet/gnunet_util_lib.h>
+#include <gnunet/gnunet_json_lib.h>
+#include <jansson.h>
+#include <microhttpd.h>
+#include <pthread.h>
+#include "taler_json_lib.h"
+#include "taler_mhd_lib.h"
+#include "taler-exchange-httpd_refund.h"
+#include "taler-exchange-httpd_responses.h"
+#include "taler-exchange-httpd_keystate.h"
+
+/**
+ * Closure for the #add_auditor_denom_sig transaction.
+ */
+struct AddAuditorDenomContext
+{
+ /**
+ * Auditor's signature affirming the AUDITORS XXX operation
+ * (includes timestamp).
+ */
+ struct TALER_AuditorSignatureP auditor_sig;
+
+ /**
+ * Denomination this is about.
+ */
+ const struct GNUNET_HashCode *h_denom_pub;
+
+ /**
+ * Auditor this is about.
+ */
+ const struct TALER_AuditorPublicKeyP *auditor_pub;
+
+};
+
+
+/**
+ * Function implementing database transaction to add an auditors. Runs the
+ * transaction logic; IF it returns a non-error code, the transaction logic
+ * MUST NOT queue a MHD response. IF it returns an hard error, the
+ * transaction logic MUST queue a MHD response and set @a mhd_ret. IF it
+ * returns the soft error code, the function MAY be called again to retry and
+ * MUST not queue a MHD response.
+ *
+ * @param cls closure with a `struct AddAuditorDenomContext`
+ * @param connection MHD request which triggered the transaction
+ * @param session database session to use
+ * @param[out] mhd_ret set to MHD response status for @a connection,
+ * if transaction failed (!)
+ * @return transaction status
+ */
+static enum GNUNET_DB_QueryStatus
+add_auditor_denom_sig (void *cls,
+ struct MHD_Connection *connection,
+ struct TALER_EXCHANGEDB_Session *session,
+ MHD_RESULT *mhd_ret)
+{
+ struct AddAuditorDenomContext *awc = cls;
+ struct TALER_EXCHANGEDB_DenominationKeyMetaData meta;
+ enum GNUNET_DB_QueryStatus qs;
+ bool enabled;
+
+ qs = TEH_plugin->lookup_deomination_key (
+ TEH_plugin->cls,
+ session,
+ aws->h_denom_pub,
+ &meta);
+ if (qs < 0)
+ {
+ if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
+ return qs;
+ GNUNET_break (0);
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_LOOKUP_FAILED,
+ "lookup denomination key");
+ return qs;
+ }
+ if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
+ {
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_NOT_FOUND,
+ TALER_EC_XXX,
+ "denomination unkown");
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ }
+
+ qs = TEH_plugin->lookup_auditor_status (
+ TEH_plugin->cls,
+ session,
+ aws->auditor_pub,
+ &enabled);
+ if (qs < 0)
+ {
+ if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
+ return qs;
+ GNUNET_break (0);
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_LOOKUP_FAILED,
+ "lookup auditor");
+ return qs;
+ }
+ if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
+ {
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_PRECONDITION_FAILED,
+ TALER_EC_EXCHANGE_XXX,
+ "auditor unkown");
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ }
+ if (! enabled)
+ {
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_GONE,
+ TALER_EC_EXCHANGE_XXX,
+ "auditor no longer in use");
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ }
+ {
+ struct TALER_ExchangeKeyValidityPS kv = {
+ .purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS),
+ .purpose.size = htonl (kv),
+ .master = TEH_master_public_key.eddsa_pub,
+ .start = meta->start,
+ .expire_withdraw = GNUNET_TIME_absolute_hton (meta.expire_withdraw),
+ .expire_deposit = GNUNET_TIME_absolute_hton (meta.expire_deposit),
+ .expire_legal = GNUNET_TIME_absolute_hton (meta.expire_legal),
+ .denom_hash = meta->denom_hash
+ };
+
+ TALER_amount_hton (&kv.value,
+ &meta.value);
+ TALER_amount_hton (&kv.fee_withdraw,
+ &meta.fee_withdraw);
+ TALER_amount_hton (&kv.fee_deposit,
+ &meta.fee_deposit);
+ TALER_amount_hton (&kv.fee_refresh,
+ &meta.fee_refresh);
+ TALER_amount_hton (&kv.fee_refund,
+ &meta.fee_refund);
+ GNUNET_CRYPTO_hash (auditor_url,
+ strlen (auditor_url) + 1,
+ &kv.auditor_url_hash);
+ if (GNUNET_OK !=
+ GNUNET_CRYPTO_eddsa_verify (
+ TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS,
+ &kv,
+ &master_sig.eddsa_sig,
+ &TEH_master_public_key.eddsa_pub))
+ {
+ /* signature invalid */
+ GNUNET_break_op (0);
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_XXX,
+ NULL);
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ }
+ }
+
+ qs = TEH_plugin->insert_auditor_denom_sig (TEH_plugin->cls,
+ session,
+ awc->h_denom_pub,
+ awc->auditor_pub,
+ &aws->auditor_sig);
+ if (qs < 0)
+ {
+ GNUNET_break (0);
+ if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
+ return qs;
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_STORE_FAILED,
+ "add auditor signature");
+ return qs;
+ }
+ return qs;
+}
+
+
+/**
+ * Handle a "/auditors/$AUDITOR_PUB/$H_DENOM_PUB" request.
+ *
+ * @param connection the MHD connection to handle
+ * @param root uploaded JSON data
+ * @return MHD result code
+ */
+MHD_RESULT
+TEH_handler_management_denominations_auditors (
+ struct MHD_Connection *connection,
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ const struct GNUNET_HashCode *h_denom_pub,
+ const json_t *root)
+{
+ struct AddAuditorDenomContext awc = {
+ .auditor_pub = auditor_pub,
+ .h_denom_pub = h_denom_pub
+ };
+ struct GNUNET_JSON_Specification spec[] = {
+ GNUNET_JSON_spec_fixed_auto ("auditor_sig",
+ &awc.auditor_sig),
+ GNUNET_JSON_spec_end ()
+ };
+ enum GNUNET_DB_QueryStatus qs;
+
+ {
+ enum GNUNET_GenericReturnValue res;
+
+ res = TALER_MHD_parse_json_data (connection,
+ root,
+ spec);
+ if (GNUNET_SYSERR == res)
+ return MHD_NO; /* hard failure */
+ if (GNUNET_NO == res)
+ return MHD_YES; /* failure */
+ }
+
+ qs = TEH_DB_run_transaction (connection,
+ "add auditor denom sig",
+ &res,
+ &add_auditor_denom_sig,
+ &awc);
+ if (qs < 0)
+ return res;
+ return TALER_MHD_reply_static (
+ connection,
+ MHD_HTTP_NO_CONTENT,
+ NULL,
+ NULL,
+ 0);
+}
+
+
+/* end of taler-exchange-httpd_management_auditors.c */
diff --git a/src/exchange/taler-exchange-httpd_management_auditors.c b/src/exchange/taler-exchange-httpd_management_auditors.c
index a69e2788..4d4d411e 100644
--- a/src/exchange/taler-exchange-httpd_management_auditors.c
+++ b/src/exchange/taler-exchange-httpd_management_auditors.c
@@ -82,10 +82,10 @@ add_auditor (void *cls,
struct AddAuditorContext *aac = cls;
struct GNUNET_TIME_Absolute last_date;
- qs = TEH_plugin->lookup_auditor (TEH_plugin->cls,
- session,
- &aac->auditor_pub,
- &last_date);
+ qs = TEH_plugin->lookup_auditor_timestamp (TEH_plugin->cls,
+ session,
+ &aac->auditor_pub,
+ &last_date);
if (qs < 0)
{
if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
diff --git a/src/exchange/taler-exchange-httpd_management_auditors_AP_disable.c b/src/exchange/taler-exchange-httpd_management_auditors_AP_disable.c
index 374a9203..043482be 100644
--- a/src/exchange/taler-exchange-httpd_management_auditors_AP_disable.c
+++ b/src/exchange/taler-exchange-httpd_management_auditors_AP_disable.c
@@ -82,10 +82,10 @@ del_auditor (void *cls,
struct DelAuditorContext *dac = cls;
struct GNUNET_TIME_Absolute last_date;
- qs = TEH_plugin->lookup_auditor (TEH_plugin->cls,
- session,
- &dac->auditor_pub,
- &last_date);
+ qs = TEH_plugin->lookup_auditor_timestamp (TEH_plugin->cls,
+ session,
+ &dac->auditor_pub,
+ &last_date);
if (qs < 0)
{
if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
diff --git a/src/exchange/taler-exchange-httpd_management_post_keys.c b/src/exchange/taler-exchange-httpd_management_post_keys.c
index 9f7d5633..ab7afd34 100644
--- a/src/exchange/taler-exchange-httpd_management_post_keys.c
+++ b/src/exchange/taler-exchange-httpd_management_post_keys.c
@@ -124,12 +124,13 @@ add_keys (void *cls,
{
enum GNUNET_DB_QueryStatus qs;
bool is_active = false;
+ struct TALER_EXCHANGEDB_DenominationKeyMetaData meta;
qs = TEH_plugin->lookup_future_deomination_key (
TEH_plugin->cls,
session,
&akc->d_sigs[i].h_denom_pub,
- &META);
+ &meta);
if (0 == qs)
{
/* For idempotency, check if the key is already active */
@@ -137,7 +138,7 @@ add_keys (void *cls,
TEH_plugin->cls,
session,
&akc->d_sigs[i].h_denom_pub,
- &META);
+ &meta);
is_active = true; /* if we pass, it's active! */
}
if (qs < 0)
@@ -168,18 +169,23 @@ add_keys (void *cls,
TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY),
.purpose.size = htonl (sizeof (dkv)),
.master = TEH_master_public_key,
- .start = META.start,
- .expire_withdraw = META.expire_withdraw,
- .expire_deposit = META.expire_deposit,
- .expire_legal = META.expire_legal,
- .value = META.value,
- .fee_withdraw = META.fee_withdraw,
- .fee_deposit = META.fee_deposit,
- .fee_refresh = META.fee_refresh,
- .fee_refund = META.fee_refund,
+ .start = GNUNET_TIME_absolute_hton (meta.start),
+ .expire_withdraw = GNUNET_TIME_absolute_hton (meta.expire_withdraw),
+ .expire_deposit = GNUNET_TIME_absolute_hton (meta.expire_deposit),
+ .expire_legal = GNUNET_TIME_absolute_hton (meta.expire_legal),
.denom_hash = akc->d_sigs[i].h_denom_pub
};
+ TALER_amount_hton (&dkv.value,
+ &meta.value);
+ TALER_amount_hton (&dkv.fee_withdraw,
+ &meta.fee_withdraw);
+ TALER_amount_hton (&dkv.fee_deposit,
+ &meta.fee_deposit);
+ TALER_amount_hton (&dkv.fee_refresh,
+ &meta.fee_refresh);
+ TALER_amount_hton (&dkv.fee_refund,
+ &meta.fee_refund);
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (
TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY,
diff --git a/src/exchange/taler-exchange-httpd_management_wire.c b/src/exchange/taler-exchange-httpd_management_wire.c
index 8a13d6cf..a841a1e6 100644
--- a/src/exchange/taler-exchange-httpd_management_wire.c
+++ b/src/exchange/taler-exchange-httpd_management_wire.c
@@ -84,10 +84,10 @@ add_wire (void *cls,
struct AddWireContext *awc = cls;
struct GNUNET_TIME_Absolute last_date;
- qs = TEH_plugin->lookup_wire (TEH_plugin->cls,
- session,
- awc->payto_uri,
- &last_date);
+ qs = TEH_plugin->lookup_wire_timestamp (TEH_plugin->cls,
+ session,
+ awc->payto_uri,
+ &last_date);
if (qs < 0)
{
if (GNUNET_DB_STATUS_SOFT_ERROR == qs)