diff options
Diffstat (limited to 'src/lib/exchange_api_purse_deposit.c')
-rw-r--r-- | src/lib/exchange_api_purse_deposit.c | 347 |
1 files changed, 97 insertions, 250 deletions
diff --git a/src/lib/exchange_api_purse_deposit.c b/src/lib/exchange_api_purse_deposit.c index 67f5355d9..9c5fa4e78 100644 --- a/src/lib/exchange_api_purse_deposit.c +++ b/src/lib/exchange_api_purse_deposit.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2022 Taler Systems SA + Copyright (C) 2022-2023 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software @@ -28,6 +28,7 @@ #include <gnunet/gnunet_curl_lib.h> #include "taler_json_lib.h" #include "taler_exchange_service.h" +#include "exchange_api_common.h" #include "exchange_api_handle.h" #include "taler_signatures.h" #include "exchange_api_curl_defaults.h" @@ -44,11 +45,21 @@ struct Coin struct TALER_CoinSpendPublicKeyP coin_pub; /** + * Signature made with the coin. + */ + struct TALER_CoinSpendSignatureP coin_sig; + + /** * Coin's denomination. */ struct TALER_DenominationHashP h_denom_pub; /** + * Age restriction hash for the coin. + */ + struct TALER_AgeCommitmentHash ahac; + + /** * How much did we say the coin contributed. */ struct TALER_Amount contribution; @@ -62,9 +73,9 @@ struct TALER_EXCHANGE_PurseDepositHandle { /** - * The connection to exchange this request handle will use + * The keys of the exchange this request handle will use */ - struct TALER_EXCHANGE_Handle *exchange; + struct TALER_EXCHANGE_Keys *keys; /** * The url for this request. @@ -133,10 +144,9 @@ handle_purse_deposit_finished (void *cls, .hr.reply = j, .hr.http_status = (unsigned int) response_code }; - const struct TALER_EXCHANGE_Keys *keys; + const struct TALER_EXCHANGE_Keys *keys = pch->keys; pch->job = NULL; - keys = TALER_EXCHANGE_get_keys (pch->exchange); switch (response_code) { case 0: @@ -152,20 +162,18 @@ handle_purse_deposit_finished (void *cls, &exchange_sig), GNUNET_JSON_spec_fixed_auto ("exchange_pub", &exchange_pub), - GNUNET_JSON_spec_fixed_auto ("merge_pub", - &dr.details.success.merge_pub), GNUNET_JSON_spec_fixed_auto ("h_contract_terms", - &dr.details.success.h_contract_terms), + &dr.details.ok.h_contract_terms), GNUNET_JSON_spec_timestamp ("exchange_timestamp", &etime), GNUNET_JSON_spec_timestamp ("purse_expiration", - &dr.details.success.purse_expiration), + &dr.details.ok.purse_expiration), TALER_JSON_spec_amount ("total_deposited", keys->currency, - &dr.details.success.total_deposited), + &dr.details.ok.total_deposited), TALER_JSON_spec_amount ("purse_value_after_fees", keys->currency, - &dr.details.success.purse_value_after_fees), + &dr.details.ok.purse_value_after_fees), GNUNET_JSON_spec_end () }; @@ -191,12 +199,11 @@ handle_purse_deposit_finished (void *cls, if (GNUNET_OK != TALER_exchange_online_purse_created_verify ( etime, - dr.details.success.purse_expiration, - &dr.details.success.purse_value_after_fees, - &dr.details.success.total_deposited, + dr.details.ok.purse_expiration, + &dr.details.ok.purse_value_after_fees, + &dr.details.ok.total_deposited, &pch->purse_pub, - &dr.details.success.merge_pub, - &dr.details.success.h_contract_terms, + &dr.details.ok.h_contract_terms, &exchange_pub, &exchange_sig)) { @@ -229,58 +236,19 @@ handle_purse_deposit_finished (void *cls, { case TALER_EC_EXCHANGE_PURSE_DEPOSIT_CONFLICTING_META_DATA: { - const char *partner_url = NULL; struct TALER_CoinSpendPublicKeyP coin_pub; struct TALER_CoinSpendSignatureP coin_sig; - struct TALER_Amount amount; - struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_fixed_auto ("coin_sig", - &coin_sig), - GNUNET_JSON_spec_fixed_auto ("coin_pub", - &coin_pub), - GNUNET_JSON_spec_mark_optional ( - GNUNET_JSON_spec_string ("partner_url", - &partner_url), - NULL), - TALER_JSON_spec_amount ("amount", - keys->currency, - &amount), - GNUNET_JSON_spec_end () - }; + struct TALER_DenominationHashP h_denom_pub; + struct TALER_AgeCommitmentHash phac; bool found = false; if (GNUNET_OK != - GNUNET_JSON_parse (j, - spec, - NULL, NULL)) - { - GNUNET_break_op (0); - dr.hr.http_status = 0; - dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - break; - } - for (unsigned int i = 0; i<pch->num_deposits; i++) - if (0 == GNUNET_memcmp (&coin_pub, - &pch->coins[i].coin_pub)) - { - found = true; - break; - } - if (! found) - { - /* proof is about a coin we did not even deposit */ - GNUNET_break_op (0); - dr.hr.http_status = 0; - dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - break; - } - if (NULL == partner_url) - partner_url = pch->base_url; - if (GNUNET_OK != - TALER_wallet_purse_deposit_verify ( - partner_url, + TALER_EXCHANGE_check_purse_coin_conflict_ ( &pch->purse_pub, - &amount, + pch->base_url, + j, + &h_denom_pub, + &phac, &coin_pub, &coin_sig)) { @@ -289,176 +257,51 @@ handle_purse_deposit_finished (void *cls, dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; break; } - /* meta data conflict is real! */ - break; - } - case TALER_EC_EXCHANGE_GENERIC_INSUFFICIENT_FUNDS: - { - json_t *history; - struct TALER_Amount total; - struct TALER_DenominationHashP h_denom_pub; - const struct TALER_EXCHANGE_DenomPublicKey *dki; - struct TALER_CoinSpendPublicKeyP coin_pub; - struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_fixed_auto ("coin_pub", - &coin_pub), - GNUNET_JSON_spec_json ("history", - &history), - GNUNET_JSON_spec_end () - }; - bool found = false; - const struct Coin *my_coin; - - if (GNUNET_OK != - GNUNET_JSON_parse (j, - spec, - NULL, NULL)) - { - GNUNET_break_op (0); - dr.hr.http_status = 0; - dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - break; - } for (unsigned int i = 0; i<pch->num_deposits; i++) { - if (0 == GNUNET_memcmp (&coin_pub, - &pch->coins[i].coin_pub)) + struct Coin *coin = &pch->coins[i]; + if (0 != GNUNET_memcmp (&coin_pub, + &coin->coin_pub)) + continue; + if (0 != + GNUNET_memcmp (&coin->h_denom_pub, + &h_denom_pub)) { found = true; - my_coin = &pch->coins[i]; break; } - } - if (! found) - { - /* proof is about a coin we did not even deposit */ - GNUNET_break_op (0); - dr.hr.http_status = 0; - dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - break; - } - dki = TALER_EXCHANGE_get_denomination_key_by_hash ( - keys, - &my_coin->h_denom_pub); - if (NULL == dki) - { - dr.hr.http_status = 0; - dr.hr.ec = TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN; - GNUNET_break_op (0); - break; - } - if (GNUNET_OK != - TALER_EXCHANGE_verify_coin_history (dki, - dki->value.currency, - &coin_pub, - history, - &h_denom_pub, - &total)) - { - GNUNET_break_op (0); - dr.hr.http_status = 0; - dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - json_decref (history); - break; - } - json_decref (history); - if (0 > - TALER_amount_add (&total, - &total, - &my_coin->contribution)) - { - /* clearly not OK if our transaction would have caused - the overflow... */ - break; - } - if (0 >= TALER_amount_cmp (&total, - &dki->value)) - { - /* transaction should have still fit */ - GNUNET_break (0); - dr.hr.http_status = 0; - dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - break; - } - /* everything OK, proof of double-spending was provided */ - } - case TALER_EC_EXCHANGE_GENERIC_COIN_CONFLICTING_DENOMINATION_KEY: - { - json_t *history; - struct TALER_Amount total; - struct TALER_DenominationHashP h_denom_pub; - const struct Coin *my_coin; - const struct TALER_EXCHANGE_DenomPublicKey *dki; - struct TALER_CoinSpendPublicKeyP coin_pub; - struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_fixed_auto ("coin_pub", - &coin_pub), - GNUNET_JSON_spec_json ("history", - &history), - GNUNET_JSON_spec_end () - }; - bool found = false; - - if (GNUNET_OK != - GNUNET_JSON_parse (j, - spec, - NULL, NULL)) - { - GNUNET_break_op (0); - dr.hr.http_status = 0; - dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - break; - } - for (unsigned int i = 0; i<pch->num_deposits; i++) - { - if (0 == GNUNET_memcmp (&coin_pub, - &pch->coins[i].coin_pub)) + if (0 != + GNUNET_memcmp (&coin->ahac, + &phac)) { found = true; - my_coin = &pch->coins[i]; break; } - } - if (! found) - { - /* proof is about a coin we did not even deposit */ - GNUNET_break_op (0); - dr.hr.http_status = 0; - dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - break; - } - dki = TALER_EXCHANGE_get_denomination_key_by_hash ( - keys, - &my_coin->h_denom_pub); - memset (&h_denom_pub, - 0, - sizeof (h_denom_pub)); - if (GNUNET_OK != - TALER_EXCHANGE_verify_coin_history (dki, - dki->value.currency, - &coin_pub, - history, - &h_denom_pub, - &total)) - { - GNUNET_break_op (0); - dr.hr.http_status = 0; - dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - json_decref (history); + if (0 == GNUNET_memcmp (&coin_sig, + &coin->coin_sig)) + { + /* identical signature => not a conflict */ + continue; + } + found = true; break; } - json_decref (history); - if (0 == GNUNET_memcmp (&dki->h_key, - &h_denom_pub)) + if (! found) { - /* sorry, this proves nothing */ GNUNET_break_op (0); dr.hr.http_status = 0; dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; break; } - /* everything OK, proof of conflicting denomination was provided */ + /* meta data conflict is real! */ + break; } + case TALER_EC_EXCHANGE_GENERIC_INSUFFICIENT_FUNDS: + /* Nothing to check anymore here, proof needs to be + checked in the GET /coins/$COIN_PUB handler */ + break; + case TALER_EC_EXCHANGE_GENERIC_COIN_CONFLICTING_DENOMINATION_KEY: + break; default: GNUNET_break_op (0); dr.hr.http_status = 0; @@ -467,7 +310,7 @@ handle_purse_deposit_finished (void *cls, } /* ec switch */ break; case MHD_HTTP_GONE: - /* could happen if denomination was revoked */ + /* could happen if denomination was revoked or purse expired */ /* Note: one might want to check /keys for revocation signature here, alas tricky in case our /keys is outdated => left to clients */ @@ -500,32 +343,32 @@ handle_purse_deposit_finished (void *cls, struct TALER_EXCHANGE_PurseDepositHandle * TALER_EXCHANGE_purse_deposit ( - struct TALER_EXCHANGE_Handle *exchange, + struct GNUNET_CURL_Context *ctx, + const char *url, + struct TALER_EXCHANGE_Keys *keys, const char *purse_exchange_url, const struct TALER_PurseContractPublicKeyP *purse_pub, uint8_t min_age, unsigned int num_deposits, - const struct TALER_EXCHANGE_PurseDeposit *deposits, + const struct TALER_EXCHANGE_PurseDeposit deposits[static num_deposits], TALER_EXCHANGE_PurseDepositCallback cb, void *cb_cls) { struct TALER_EXCHANGE_PurseDepositHandle *pch; - struct GNUNET_CURL_Context *ctx; json_t *create_obj; json_t *deposit_arr; CURL *eh; char arg_str[sizeof (pch->purse_pub) * 2 + 32]; + // FIXME: use purse_exchange_url for wad transfers (#7271) + (void) purse_exchange_url; if (0 == num_deposits) { GNUNET_break (0); return NULL; } - GNUNET_assert (GNUNET_YES == - TEAH_handle_is_ready (exchange)); pch = GNUNET_new (struct TALER_EXCHANGE_PurseDepositHandle); pch->purse_pub = *purse_pub; - pch->exchange = exchange; pch->cb = cb; pch->cb_cls = cb_cls; { @@ -540,11 +383,12 @@ TALER_EXCHANGE_purse_deposit ( *end = '\0'; GNUNET_snprintf (arg_str, sizeof (arg_str), - "/purses/%s/deposit", + "purses/%s/deposit", pub_str); } - pch->url = TEAH_path_to_url (exchange, - arg_str); + pch->url = TALER_url_join (url, + arg_str, + NULL); if (NULL == pch->url) { GNUNET_break (0); @@ -553,38 +397,40 @@ TALER_EXCHANGE_purse_deposit ( } deposit_arr = json_array (); GNUNET_assert (NULL != deposit_arr); - pch->base_url = TEAH_path_to_url (exchange, - "/"); + pch->base_url = GNUNET_strdup (url); pch->num_deposits = num_deposits; pch->coins = GNUNET_new_array (num_deposits, struct Coin); for (unsigned int i = 0; i<num_deposits; i++) { const struct TALER_EXCHANGE_PurseDeposit *deposit = &deposits[i]; + const struct TALER_AgeCommitmentProof *acp = deposit->age_commitment_proof; struct Coin *coin = &pch->coins[i]; json_t *jdeposit; - struct TALER_CoinSpendSignatureP coin_sig; -#if FIXME_OEC - struct TALER_AgeCommitmentHash agh; - struct TALER_AgeCommitmentHash *aghp = NULL; + struct TALER_AgeCommitmentHash *achp = NULL; struct TALER_AgeAttestation attest; + struct TALER_AgeAttestation *attestp = NULL; - TALER_age_commitment_hash (&deposit->age_commitment, - &agh); - aghp = &agh; - if (GNUNET_OK != - TALER_age_commitment_attest (&deposit->age_proof, - min_age, - &attest)) + if (NULL != acp) { - GNUNET_break (0); - json_decref (deposit_arr); - GNUNET_free (pch->base_url); - GNUNET_free (pch->coins); - GNUNET_free (pch); - return NULL; + TALER_age_commitment_hash (&acp->commitment, + &coin->ahac); + achp = &coin->ahac; + if (GNUNET_OK != + TALER_age_commitment_attest (acp, + min_age, + &attest)) + { + GNUNET_break (0); + json_decref (deposit_arr); + GNUNET_free (pch->base_url); + GNUNET_free (pch->coins); + GNUNET_free (pch->url); + GNUNET_free (pch); + return NULL; + } + attestp = &attest; } -#endif GNUNET_CRYPTO_eddsa_key_get_public (&deposit->coin_priv.eddsa_priv, &coin->coin_pub.eddsa_pub); coin->h_denom_pub = deposit->h_denom_pub; @@ -593,17 +439,17 @@ TALER_EXCHANGE_purse_deposit ( pch->base_url, &pch->purse_pub, &deposit->amount, + &coin->h_denom_pub, + &coin->ahac, &deposit->coin_priv, - &coin_sig); + &coin->coin_sig); jdeposit = GNUNET_JSON_PACK ( -#if FIXME_OEC GNUNET_JSON_pack_allow_null ( GNUNET_JSON_pack_data_auto ("h_age_commitment", - aghp)), + achp)), GNUNET_JSON_pack_allow_null ( GNUNET_JSON_pack_data_auto ("age_attestation", - &attest)), -#endif + attestp)), TALER_JSON_pack_amount ("amount", &deposit->amount), GNUNET_JSON_pack_data_auto ("denom_pub_hash", @@ -613,7 +459,7 @@ TALER_EXCHANGE_purse_deposit ( GNUNET_JSON_pack_data_auto ("coin_pub", &coin->coin_pub), GNUNET_JSON_pack_data_auto ("coin_sig", - &coin_sig)); + &coin->coin_sig)); GNUNET_assert (0 == json_array_append_new (deposit_arr, jdeposit)); @@ -643,7 +489,7 @@ TALER_EXCHANGE_purse_deposit ( GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "URL for purse deposit: `%s'\n", pch->url); - ctx = TEAH_handle_to_context (exchange); + pch->keys = TALER_EXCHANGE_keys_incref (keys); pch->job = GNUNET_CURL_job_add2 (ctx, eh, pch->ctx.headers, @@ -665,6 +511,7 @@ TALER_EXCHANGE_purse_deposit_cancel ( GNUNET_free (pch->base_url); GNUNET_free (pch->url); GNUNET_free (pch->coins); + TALER_EXCHANGE_keys_decref (pch->keys); TALER_curl_easy_post_finished (&pch->ctx); GNUNET_free (pch); } |