summaryrefslogtreecommitdiff
path: root/src/exchange/taler-exchange-httpd_reserves_attest.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/exchange/taler-exchange-httpd_reserves_attest.c')
-rw-r--r--src/exchange/taler-exchange-httpd_reserves_attest.c151
1 files changed, 79 insertions, 72 deletions
diff --git a/src/exchange/taler-exchange-httpd_reserves_attest.c b/src/exchange/taler-exchange-httpd_reserves_attest.c
index a740bb25a..7bbebaad7 100644
--- a/src/exchange/taler-exchange-httpd_reserves_attest.c
+++ b/src/exchange/taler-exchange-httpd_reserves_attest.c
@@ -48,7 +48,7 @@ struct ReserveAttestContext
/**
* Public key of the reserve the inquiry is about.
*/
- const struct TALER_ReservePublicKeyP *reserve_pub;
+ struct TALER_ReservePublicKeyP reserve_pub;
/**
* Hash of the payto URI of this reserve.
@@ -68,7 +68,7 @@ struct ReserveAttestContext
/**
* List of requested details.
*/
- json_t *details;
+ const json_t *details;
/**
* Client signature approving the request.
@@ -76,14 +76,14 @@ struct ReserveAttestContext
struct TALER_ReserveSignatureP reserve_sig;
/**
- * Attributes we are affirming.
+ * Attributes we are affirming. JSON object.
*/
json_t *json_attest;
/**
- * Error code encountered in interaction with KYC provider.
+ * Database error codes encountered.
*/
- enum TALER_ErrorCode ec;
+ enum GNUNET_DB_QueryStatus qs;
/**
* Set to true if we did not find the reserve.
@@ -122,7 +122,7 @@ reply_reserve_attest_success (struct MHD_Connection *connection,
&TEH_keys_exchange_sign_,
now,
rhc->etime,
- rhc->reserve_pub,
+ &rhc->reserve_pub,
rhc->json_attest,
&exchange_pub,
&exchange_sig);
@@ -140,8 +140,12 @@ reply_reserve_attest_success (struct MHD_Connection *connection,
&exchange_sig),
GNUNET_JSON_pack_data_auto ("exchange_pub",
&exchange_pub),
- GNUNET_JSON_pack_array_steal ("attest",
- rhc->json_attest));
+ GNUNET_JSON_pack_timestamp ("exchange_timestamp",
+ now),
+ GNUNET_JSON_pack_timestamp ("expiration_time",
+ rhc->etime),
+ GNUNET_JSON_pack_object_steal ("attributes",
+ rhc->json_attest));
}
@@ -152,68 +156,68 @@ reply_reserve_attest_success (struct MHD_Connection *connection,
* set based on the details requested by the client.
*
* @param cls our `struct ReserveAttestContext *`
- * @param provider_section KYC provider configuration section
- * @param provider_user_id UID at a provider (can be NULL)
- * @param legi_id legitimization process ID (can be NULL)
+ * @param h_payto account for which the attribute data is stored
+ * @param provider_section provider that must be checked
+ * @param collection_time when was the data collected
+ * @param expiration_time when does the data expire
+ * @param enc_attributes_size number of bytes in @a enc_attributes
+ * @param enc_attributes encrypted attribute data
*/
static void
kyc_process_cb (void *cls,
+ const struct TALER_PaytoHashP *h_payto,
const char *provider_section,
- const char *provider_user_id,
- const char *legi_id)
+ struct GNUNET_TIME_Timestamp collection_time,
+ struct GNUNET_TIME_Timestamp expiration_time,
+ size_t enc_attributes_size,
+ const void *enc_attributes)
{
struct ReserveAttestContext *rsc = cls;
- struct GNUNET_TIME_Timestamp etime;
json_t *attrs;
+ json_t *val;
+ const char *name;
bool match = false;
- rsc->ec = TALER_KYCLOGIC_user_to_attributes (provider_section,
- provider_user_id,
- legi_id,
- &etime,
- &attrs);
- if (TALER_EC_NONE != rsc->ec)
- return;
- if (GNUNET_TIME_absolute_is_past (etime.abs_time))
- {
- json_decref (attrs);
+ if (GNUNET_TIME_absolute_is_past (expiration_time.abs_time))
return;
- }
+ attrs = TALER_CRYPTO_kyc_attributes_decrypt (&TEH_attribute_key,
+ enc_attributes,
+ enc_attributes_size);
+ json_object_foreach (attrs, name, val)
{
- json_t *val;
- const char *name;
-
- json_object_foreach (attrs, name, val)
+ bool requested = false;
+ size_t idx;
+ json_t *str;
+
+ if (NULL != json_object_get (rsc->json_attest,
+ name))
+ continue; /* duplicate */
+ json_array_foreach (rsc->details, idx, str)
{
- bool requested = false;
- size_t idx;
- json_t *str;
-
- if (NULL != json_object_get (rsc->json_attest,
- name))
- continue; /* duplicate */
- json_array_foreach (rsc->details, idx, str)
+ if (0 == strcmp (json_string_value (str),
+ name))
{
- if (0 == strcmp (json_string_value (str),
- name))
- {
- requested = true;
- break;
- }
+ requested = true;
+ break;
}
- if (! requested)
- continue;
- match = true;
- GNUNET_assert (0 ==
- json_object_set (rsc->json_attest, /* NOT set_new! */
- name,
- val));
}
+ if (! requested)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Skipping attribute `%s': not requested\n",
+ name);
+ continue;
+ }
+ match = true;
+ GNUNET_assert (0 ==
+ json_object_set (rsc->json_attest, /* NOT set_new! */
+ name,
+ val));
}
json_decref (attrs);
if (! match)
return;
- rsc->etime = GNUNET_TIME_timestamp_min (etime,
+ rsc->etime = GNUNET_TIME_timestamp_min (expiration_time,
rsc->etime);
}
@@ -241,9 +245,9 @@ reserve_attest_transaction (void *cls,
struct ReserveAttestContext *rsc = cls;
enum GNUNET_DB_QueryStatus qs;
- rsc->json_attest = json_array ();
+ rsc->json_attest = json_object ();
GNUNET_assert (NULL != rsc->json_attest);
- qs = TEH_plugin->iterate_kyc_reference (TEH_plugin->cls,
+ qs = TEH_plugin->select_kyc_attributes (TEH_plugin->cls,
&rsc->h_payto,
&kyc_process_cb,
rsc);
@@ -255,7 +259,7 @@ reserve_attest_transaction (void *cls,
= TALER_MHD_reply_with_error (connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
TALER_EC_GENERIC_DB_FETCH_FAILED,
- "iterate_kyc_reference");
+ "select_kyc_attributes");
return qs;
case GNUNET_DB_STATUS_SOFT_ERROR:
GNUNET_break (0);
@@ -273,8 +277,8 @@ reserve_attest_transaction (void *cls,
MHD_RESULT
TEH_handler_reserves_attest (struct TEH_RequestContext *rc,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const json_t *root)
+ const json_t *root,
+ const char *const args[1])
{
struct ReserveAttestContext rsc = {
.etime = GNUNET_TIME_UNIT_FOREVER_TS
@@ -283,15 +287,26 @@ TEH_handler_reserves_attest (struct TEH_RequestContext *rc,
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_timestamp ("request_timestamp",
&rsc.timestamp),
- GNUNET_JSON_spec_json ("details",
- &rsc.details),
+ GNUNET_JSON_spec_array_const ("details",
+ &rsc.details),
GNUNET_JSON_spec_fixed_auto ("reserve_sig",
&rsc.reserve_sig),
GNUNET_JSON_spec_end ()
};
struct GNUNET_TIME_Timestamp now;
- rsc.reserve_pub = reserve_pub;
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (args[0],
+ strlen (args[0]),
+ &rsc.reserve_pub,
+ sizeof (rsc.reserve_pub)))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (rc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_RESERVE_PUB_MALFORMED,
+ args[0]);
+ }
{
enum GNUNET_GenericReturnValue res;
@@ -324,7 +339,7 @@ TEH_handler_reserves_attest (struct TEH_RequestContext *rc,
if (GNUNET_OK !=
TALER_wallet_reserve_attest_request_verify (rsc.timestamp,
rsc.details,
- reserve_pub,
+ &rsc.reserve_pub,
&rsc.reserve_sig))
{
GNUNET_break_op (0);
@@ -338,7 +353,7 @@ TEH_handler_reserves_attest (struct TEH_RequestContext *rc,
char *payto_uri;
payto_uri = TALER_reserve_make_payto (TEH_base_url,
- rsc.reserve_pub);
+ &rsc.reserve_pub);
TALER_payto_hash (payto_uri,
&rsc.h_payto);
GNUNET_free (payto_uri);
@@ -360,18 +375,10 @@ TEH_handler_reserves_attest (struct TEH_RequestContext *rc,
return TALER_MHD_reply_with_error (rc->connection,
MHD_HTTP_NOT_FOUND,
TALER_EC_EXCHANGE_GENERIC_RESERVE_UNKNOWN,
- NULL);
- }
- if (TALER_EC_NONE != rsc.ec)
- {
- json_decref (rsc.json_attest);
- return TALER_MHD_reply_with_ec (rc->connection,
- rsc.ec,
- NULL);
+ args[0]);
}
- mhd_ret = reply_reserve_attest_success (rc->connection,
- &rsc);
- return mhd_ret;
+ return reply_reserve_attest_success (rc->connection,
+ &rsc);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-06 04:39:23 +0000