-address FIXMEs for purses GET requests

3 files changed, 75 insertions, 26 deletions

diff --git a/src/exchange/taler-exchange-httpd_purses_get.c b/src/exchange/taler-exchange-httpd_purses_get.c
index 59cfa35fa..b363d69ff 100644
--- a/src/exchange/taler-exchange-httpd_purses_get.c
+++ b/src/exchange/taler-exchange-httpd_purses_get.c
@@ -364,6 +364,9 @@ TEH_handler_purses_get (struct TEH_RequestContext *rc,
 
   {
     struct GNUNET_TIME_Timestamp dt = GNUNET_TIME_timestamp_get ();
+    struct TALER_ExchangePublicKeyP exchange_pub;
+    struct TALER_ExchangeSignatureP exchange_sig;
+    enum TALER_ErrorCode ec;
 
     if (GNUNET_TIME_timestamp_cmp (dt,
                                    >,
@@ -373,17 +376,32 @@ TEH_handler_purses_get (struct TEH_RequestContext *rc,
         TALER_amount_cmp (&gc->amount,
                           &gc->deposited))
       dt = GNUNET_TIME_UNIT_ZERO_TS;
-
-    // FIXME: add exchange signature!?
-    // FIXME: return amount?
-    res = TALER_MHD_REPLY_JSON_PACK (
-      rc->connection,
-      MHD_HTTP_OK,
-      GNUNET_JSON_pack_timestamp ("merge_timestamp",
-                                  gc->merge_timestamp),
-      GNUNET_JSON_pack_timestamp ("deposit_timestamp",
-                                  dt)
-      );
+    if (TALER_EC_NONE !=
+        (ec = TALER_exchange_purse_status_sign (
+           &TEH_keys_exchange_sign_,
+           gc->merge_timestamp,
+           dt,
+           &gc->deposited,
+           &exchange_pub,
+           &exchange_sig)))
+      res = TALER_MHD_reply_with_ec (rc->connection,
+                                     ec,
+                                     NULL);
+    else
+      res = TALER_MHD_REPLY_JSON_PACK (
+        rc->connection,
+        MHD_HTTP_OK,
+        TALER_JSON_pack_amount ("balance",
+                                &gc->deposited),
+        GNUNET_JSON_pack_data_auto ("exchange_sig",
+                                    &exchange_sig),
+        GNUNET_JSON_pack_data_auto ("exchange_pub",
+                                    &exchange_pub),
+        GNUNET_JSON_pack_timestamp ("merge_timestamp",
+                                    gc->merge_timestamp),
+        GNUNET_JSON_pack_timestamp ("deposit_timestamp",
+                                    dt)
+        );
   }
   return res;
 }
diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h
index 2a88c1014..756e9cd99 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -4097,6 +4097,12 @@ struct TALER_EXCHANGE_PurseGetResponse
        */
       struct GNUNET_TIME_Timestamp deposit_timestamp;
 
+      /**
+       * Reserve balance (how much was deposited in
+       * total into the reserve, minus deposit fees).
+       */
+      struct TALER_Amount balance;
+
     } success;
 
   } details;
@@ -4126,7 +4132,7 @@ struct TALER_EXCHANGE_PurseGetHandle;
  * Request information about a purse from the exchange.
  *
  * @param exchange exchange handle
- * @param purse_priv private key of the purse
+ * @param purse_pub public key of the purse
  * @param timeout how long to wait for a change to happen
  * @param wait_for_merge true to wait for a merge event, otherwise wait for a deposit event
  * @param cb function to call with the exchange's result
@@ -4136,7 +4142,7 @@ struct TALER_EXCHANGE_PurseGetHandle;
 struct TALER_EXCHANGE_PurseGetHandle *
 TALER_EXCHANGE_purse_get (
   struct TALER_EXCHANGE_Handle *exchange,
-  const struct TALER_PurseContractPrivateKeyP *purse_priv,
+  const struct TALER_PurseContractPublicKeyP *purse_pub,
   struct GNUNET_TIME_Relative timeout,
   bool wait_for_merge,
   TALER_EXCHANGE_PurseGetCallback cb,
diff --git a/src/lib/exchange_api_purses_get.c b/src/lib/exchange_api_purses_get.c
index b3cb7e662..8bd832411 100644
--- a/src/lib/exchange_api_purses_get.c
+++ b/src/lib/exchange_api_purses_get.c
@@ -94,14 +94,22 @@ handle_purse_get_finished (void *cls,
     break;
   case MHD_HTTP_OK:
     {
-      // FIXME: check exchange signature!
+      struct TALER_ExchangePublicKeyP exchange_pub;
+      struct TALER_ExchangeSignatureP exchange_sig;
       struct GNUNET_JSON_Specification spec[] = {
         GNUNET_JSON_spec_timestamp ("merge_timestamp",
                                     &dr.details.success.merge_timestamp),
         GNUNET_JSON_spec_timestamp ("deposit_timestamp",
                                     &dr.details.success.deposit_timestamp),
+        TALER_JSON_spec_amount_any ("balance",
+                                    &dr.details.success.balance),
+        GNUNET_JSON_spec_fixed_auto ("exchange_pub",
+                                     &exchange_pub),
+        GNUNET_JSON_spec_fixed_auto ("exchange_sig",
+                                     &exchange_sig),
         GNUNET_JSON_spec_end ()
       };
+      const struct TALER_EXCHANGE_Keys *key_state;
 
       if (GNUNET_OK !=
           GNUNET_JSON_parse (j,
@@ -113,6 +121,30 @@ handle_purse_get_finished (void *cls,
         dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED;
         break;
       }
+
+      key_state = TALER_EXCHANGE_get_keys (pgh->exchange);
+      if (GNUNET_OK !=
+          TALER_EXCHANGE_test_signing_key (key_state,
+                                           &exchange_pub))
+      {
+        GNUNET_break_op (0);
+        dr.hr.http_status = 0;
+        dr.hr.ec = TALER_EC_EXCHANGE_PURSES_GET_INVALID_SIGNATURE_BY_EXCHANGE;
+        break;
+      }
+      if (GNUNET_OK !=
+          TALER_exchange_purse_status_verify (
+            dr.details.success.merge_timestamp,
+            dr.details.success.deposit_timestamp,
+            &dr.details.success.balance,
+            &exchange_pub,
+            &exchange_sig))
+      {
+        GNUNET_break_op (0);
+        dr.hr.http_status = 0;
+        dr.hr.ec = TALER_EC_EXCHANGE_PURSES_GET_INVALID_SIGNATURE_BY_EXCHANGE;
+        break;
+      }
       pgh->cb (pgh->cb_cls,
                &dr);
       TALER_EXCHANGE_purse_get_cancel (pgh);
@@ -163,7 +195,7 @@ handle_purse_get_finished (void *cls,
 struct TALER_EXCHANGE_PurseGetHandle *
 TALER_EXCHANGE_purse_get (
   struct TALER_EXCHANGE_Handle *exchange,
-  const struct TALER_PurseContractPrivateKeyP *purse_priv,
+  const struct TALER_PurseContractPublicKeyP *purse_pub,
   struct GNUNET_TIME_Relative timeout,
   bool wait_for_merge,
   TALER_EXCHANGE_PurseGetCallback cb,
@@ -171,8 +203,7 @@ TALER_EXCHANGE_purse_get (
 {
   struct TALER_EXCHANGE_PurseGetHandle *pgh;
   CURL *eh;
-  struct TALER_PurseContractPublicKeyP purse_pub;
-  char arg_str[sizeof (purse_pub) * 2 + 64];
+  char arg_str[sizeof (*purse_pub) * 2 + 64];
 
   if (GNUNET_YES !=
       TEAH_handle_is_ready (exchange))
@@ -184,15 +215,13 @@ TALER_EXCHANGE_purse_get (
   pgh->exchange = exchange;
   pgh->cb = cb;
   pgh->cb_cls = cb_cls;
-  GNUNET_CRYPTO_eddsa_key_get_public (&purse_priv->eddsa_priv,
-                                      &purse_pub.eddsa_pub);
   {
-    char cpub_str[sizeof (purse_pub) * 2];
+    char cpub_str[sizeof (*purse_pub) * 2];
     char *end;
     char timeout_str[32];
 
-    end = GNUNET_STRINGS_data_to_string (&purse_pub,
-                                         sizeof (purse_pub),
+    end = GNUNET_STRINGS_data_to_string (purse_pub,
+                                         sizeof (*purse_pub),
                                          cpub_str,
                                          sizeof (cpub_str));
     *end = '\0';
@@ -231,10 +260,6 @@ TALER_EXCHANGE_purse_get (
     GNUNET_free (pgh);
     return NULL;
   }
-  /* FIXME: add signature with purse_priv
-     to authorize the GET request!? Or
-     decide it is non-critical and only
-     pass purse_pub? */
   pgh->job = GNUNET_CURL_job_add (TEAH_handle_to_context (exchange),
                                   eh,
                                   &handle_purse_get_finished,