diff options
Diffstat (limited to 'src/exchange')
-rw-r--r-- | src/exchange/taler-exchange-httpd_deposit.c | 48 | ||||
-rw-r--r-- | src/exchange/taler-exchange-httpd_responses.c | 36 |
2 files changed, 32 insertions, 52 deletions
diff --git a/src/exchange/taler-exchange-httpd_deposit.c b/src/exchange/taler-exchange-httpd_deposit.c index 8f0ac8218..323a77b55 100644 --- a/src/exchange/taler-exchange-httpd_deposit.c +++ b/src/exchange/taler-exchange-httpd_deposit.c @@ -510,37 +510,25 @@ TEH_handler_deposit (struct MHD_Connection *connection, NULL); } - /* check deposit signature */ + if (GNUNET_OK != + TALER_wallet_deposit_verify (&deposit.amount_with_fee, + &deposit.deposit_fee, + &dc.h_wire, + &deposit.h_contract_terms, + NULL /* h_extensions! */, + &deposit.coin.denom_pub_hash, + deposit.timestamp, + &deposit.merchant_pub, + deposit.refund_deadline, + &deposit.coin.coin_pub, + &deposit.csig)) { - struct TALER_DepositRequestPS dr = { - .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT), - .purpose.size = htonl (sizeof (dr)), - .h_contract_terms = deposit.h_contract_terms, - .h_wire = dc.h_wire, - .h_denom_pub = deposit.coin.denom_pub_hash, - .wallet_timestamp = GNUNET_TIME_absolute_hton (deposit.timestamp), - .refund_deadline = GNUNET_TIME_absolute_hton (deposit.refund_deadline), - .merchant = deposit.merchant_pub, - .coin_pub = deposit.coin.coin_pub - }; - - TALER_amount_hton (&dr.amount_with_fee, - &deposit.amount_with_fee); - TALER_amount_hton (&dr.deposit_fee, - &deposit.deposit_fee); - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, - &dr, - &deposit.csig.eddsa_signature, - &deposit.coin.coin_pub.eddsa_pub)) - { - TALER_LOG_WARNING ("Invalid signature on /deposit request\n"); - GNUNET_JSON_parse_free (spec); - return TALER_MHD_reply_with_error (connection, - MHD_HTTP_UNAUTHORIZED, - TALER_EC_EXCHANGE_DEPOSIT_COIN_SIGNATURE_INVALID, - NULL); - } + TALER_LOG_WARNING ("Invalid signature on /deposit request\n"); + GNUNET_JSON_parse_free (spec); + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_UNAUTHORIZED, + TALER_EC_EXCHANGE_DEPOSIT_COIN_SIGNATURE_INVALID, + NULL); } /* execute transaction */ diff --git a/src/exchange/taler-exchange-httpd_responses.c b/src/exchange/taler-exchange-httpd_responses.c index 6dd204c6d..cb1179d6d 100644 --- a/src/exchange/taler-exchange-httpd_responses.c +++ b/src/exchange/taler-exchange-httpd_responses.c @@ -61,33 +61,25 @@ TEH_RESPONSE_compile_transaction_history ( { const struct TALER_EXCHANGEDB_DepositListEntry *deposit = pos->details.deposit; - struct TALER_DepositRequestPS dr = { - .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT), - .purpose.size = htonl (sizeof (dr)), - .h_contract_terms = deposit->h_contract_terms, - .h_denom_pub = deposit->h_denom_pub, - .wallet_timestamp = GNUNET_TIME_absolute_hton (deposit->timestamp), - .refund_deadline = GNUNET_TIME_absolute_hton ( - deposit->refund_deadline), - .merchant = deposit->merchant_pub, - .coin_pub = *coin_pub - }; + struct TALER_MerchantWireHash h_wire; TALER_merchant_wire_signature_hash (deposit->receiver_wire_account, &deposit->wire_salt, - &dr.h_wire); - - TALER_amount_hton (&dr.amount_with_fee, - &deposit->amount_with_fee); - TALER_amount_hton (&dr.deposit_fee, - &deposit->deposit_fee); + &h_wire); #if ENABLE_SANITY_CHECKS /* internal sanity check before we hand out a bogus sig... */ if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, - &dr, - &deposit->csig.eddsa_signature, - &coin_pub->eddsa_pub)) + TALER_wallet_deposit_verify (&deposit->amount_with_fee, + &deposit->deposit_fee, + &h_wire, + &deposit->h_contract_terms, + NULL /* h_extensions! */, + &deposit->h_denom_pub, + deposit->timestamp, + &deposit->merchant_pub, + deposit->refund_deadline, + coin_pub, + &deposit->csig)) { GNUNET_break (0); json_decref (history); @@ -114,7 +106,7 @@ TEH_RESPONSE_compile_transaction_history ( GNUNET_JSON_pack_data_auto ("h_contract_terms", &deposit->h_contract_terms), GNUNET_JSON_pack_data_auto ("h_wire", - &dr.h_wire), + &h_wire), GNUNET_JSON_pack_data_auto ("h_denom_pub", &deposit->h_denom_pub), GNUNET_JSON_pack_data_auto ("coin_sig", |