diff options
Diffstat (limited to 'src/lib/exchange_api_recoup_refresh.c')
-rw-r--r-- | src/lib/exchange_api_recoup_refresh.c | 231 |
1 files changed, 86 insertions, 145 deletions
diff --git a/src/lib/exchange_api_recoup_refresh.c b/src/lib/exchange_api_recoup_refresh.c index 8ae8f9764..0c2e21cbf 100644 --- a/src/lib/exchange_api_recoup_refresh.c +++ b/src/lib/exchange_api_recoup_refresh.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2017-2022 Taler Systems SA + Copyright (C) 2017-2023 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software @@ -27,6 +27,7 @@ #include <gnunet/gnunet_curl_lib.h> #include "taler_json_lib.h" #include "taler_exchange_service.h" +#include "exchange_api_common.h" #include "exchange_api_handle.h" #include "taler_signatures.h" #include "exchange_api_curl_defaults.h" @@ -39,9 +40,9 @@ struct TALER_EXCHANGE_RecoupRefreshHandle { /** - * The connection to exchange this request handle will use + * The keys of the exchange this request handle will use */ - struct TALER_EXCHANGE_Handle *exchange; + struct TALER_EXCHANGE_Keys *keys; /** * The url for this request. @@ -79,6 +80,11 @@ struct TALER_EXCHANGE_RecoupRefreshHandle */ struct TALER_CoinSpendPublicKeyP coin_pub; + /** + * Signature affirming the recoup-refresh operation. + */ + struct TALER_CoinSpendSignatureP coin_sig; + }; @@ -95,16 +101,15 @@ process_recoup_response ( const struct TALER_EXCHANGE_RecoupRefreshHandle *ph, const json_t *json) { - struct TALER_CoinSpendPublicKeyP old_coin_pub; + struct TALER_EXCHANGE_RecoupRefreshResponse rrr = { + .hr.reply = json, + .hr.http_status = MHD_HTTP_OK + }; struct GNUNET_JSON_Specification spec_refresh[] = { GNUNET_JSON_spec_fixed_auto ("old_coin_pub", - &old_coin_pub), + &rrr.details.ok.old_coin_pub), GNUNET_JSON_spec_end () }; - struct TALER_EXCHANGE_HttpResponse hr = { - .reply = json, - .http_status = MHD_HTTP_OK - }; if (GNUNET_OK != GNUNET_JSON_parse (json, @@ -115,8 +120,7 @@ process_recoup_response ( return GNUNET_SYSERR; } ph->cb (ph->cb_cls, - &hr, - &old_coin_pub); + &rrr); return GNUNET_OK; } @@ -136,16 +140,16 @@ handle_recoup_refresh_finished (void *cls, { struct TALER_EXCHANGE_RecoupRefreshHandle *ph = cls; const json_t *j = response; - struct TALER_EXCHANGE_HttpResponse hr = { - .reply = j, - .http_status = (unsigned int) response_code + struct TALER_EXCHANGE_RecoupRefreshResponse rrr = { + .hr.reply = j, + .hr.http_status = (unsigned int) response_code }; ph->job = NULL; switch (response_code) { case 0: - hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE; + rrr.hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE; break; case MHD_HTTP_OK: if (GNUNET_OK != @@ -153,8 +157,8 @@ handle_recoup_refresh_finished (void *cls, j)) { GNUNET_break_op (0); - hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - hr.http_status = 0; + rrr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; + rrr.hr.http_status = 0; break; } TALER_EXCHANGE_recoup_refresh_cancel (ph); @@ -162,128 +166,60 @@ handle_recoup_refresh_finished (void *cls, case MHD_HTTP_BAD_REQUEST: /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ - hr.ec = TALER_JSON_get_error_code (j); - hr.hint = TALER_JSON_get_error_hint (j); + rrr.hr.ec = TALER_JSON_get_error_code (j); + rrr.hr.hint = TALER_JSON_get_error_hint (j); break; case MHD_HTTP_FORBIDDEN: /* Nothing really to verify, exchange says one of the signatures is invalid; as we checked them, this should never happen, we should pass the JSON reply to the application */ - hr.ec = TALER_JSON_get_error_code (j); - hr.hint = TALER_JSON_get_error_hint (j); + rrr.hr.ec = TALER_JSON_get_error_code (j); + rrr.hr.hint = TALER_JSON_get_error_hint (j); break; case MHD_HTTP_NOT_FOUND: /* Nothing really to verify, this should never happen, we should pass the JSON reply to the application */ - hr.ec = TALER_JSON_get_error_code (j); - hr.hint = TALER_JSON_get_error_hint (j); + rrr.hr.ec = TALER_JSON_get_error_code (j); + rrr.hr.hint = TALER_JSON_get_error_hint (j); break; case MHD_HTTP_CONFLICT: - { - /* Insufficient funds, proof attached */ - json_t *history; - struct TALER_Amount total; - struct TALER_DenominationHashP h_denom_pub; - const struct TALER_EXCHANGE_DenomPublicKey *dki; - enum TALER_ErrorCode ec; - - dki = &ph->pk; - history = json_object_get (j, - "history"); - if (GNUNET_OK != - TALER_EXCHANGE_verify_coin_history (dki, - dki->fees.deposit.currency, - &ph->coin_pub, - history, - &h_denom_pub, - &total)) - { - GNUNET_break_op (0); - hr.http_status = 0; - hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - } - else - { - hr.ec = TALER_JSON_get_error_code (j); - hr.hint = TALER_JSON_get_error_hint (j); - } - ec = TALER_JSON_get_error_code (j); - switch (ec) - { - case TALER_EC_EXCHANGE_GENERIC_INSUFFICIENT_FUNDS: - if (0 > TALER_amount_cmp (&total, - &dki->value)) - { - /* recoup MAY have still been possible */ - /* FIXME: This code may falsely complain, as we do not - know that the smallest denomination offered by the - exchange is here. We should look at the key - structure of ph->exchange, and find the smallest - _currently withdrawable_ denomination and check - if the value remaining would suffice... */ - GNUNET_break_op (0); - hr.http_status = 0; - hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - break; - } - break; - case TALER_EC_EXCHANGE_GENERIC_COIN_CONFLICTING_DENOMINATION_KEY: - if (0 == GNUNET_memcmp (&ph->pk.h_key, - &h_denom_pub)) - { - /* invalid proof provided */ - GNUNET_break_op (0); - hr.http_status = 0; - hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - break; - } - /* valid error from exchange */ - break; - default: - GNUNET_break_op (0); - hr.http_status = 0; - hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; - break; - } - ph->cb (ph->cb_cls, - &hr, - NULL); - TALER_EXCHANGE_recoup_refresh_cancel (ph); - return; - } + rrr.hr.ec = TALER_JSON_get_error_code (j); + rrr.hr.hint = TALER_JSON_get_error_hint (j); + break; case MHD_HTTP_GONE: /* Kind of normal: the money was already sent to the merchant (it was too late for the refund). */ - hr.ec = TALER_JSON_get_error_code (j); - hr.hint = TALER_JSON_get_error_hint (j); + rrr.hr.ec = TALER_JSON_get_error_code (j); + rrr.hr.hint = TALER_JSON_get_error_hint (j); break; case MHD_HTTP_INTERNAL_SERVER_ERROR: /* Server had an internal issue; we should retry, but this API leaves this to the application */ - hr.ec = TALER_JSON_get_error_code (j); - hr.hint = TALER_JSON_get_error_hint (j); + rrr.hr.ec = TALER_JSON_get_error_code (j); + rrr.hr.hint = TALER_JSON_get_error_hint (j); break; default: /* unexpected response code */ - hr.ec = TALER_JSON_get_error_code (j); - hr.hint = TALER_JSON_get_error_hint (j); + rrr.hr.ec = TALER_JSON_get_error_code (j); + rrr.hr.hint = TALER_JSON_get_error_hint (j); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Unexpected response code %u/%d for exchange recoup\n", (unsigned int) response_code, - (int) hr.ec); + (int) rrr.hr.ec); GNUNET_break (0); break; } ph->cb (ph->cb_cls, - &hr, - NULL); + &rrr); TALER_EXCHANGE_recoup_refresh_cancel (ph); } struct TALER_EXCHANGE_RecoupRefreshHandle * TALER_EXCHANGE_recoup_refresh ( - struct TALER_EXCHANGE_Handle *exchange, + struct GNUNET_CURL_Context *ctx, + const char *url, + struct TALER_EXCHANGE_Keys *keys, const struct TALER_EXCHANGE_DenomPublicKey *pk, const struct TALER_DenominationSignature *denom_sig, const struct TALER_ExchangeWithdrawValues *exchange_vals, @@ -294,19 +230,21 @@ TALER_EXCHANGE_recoup_refresh ( void *recoup_cb_cls) { struct TALER_EXCHANGE_RecoupRefreshHandle *ph; - struct GNUNET_CURL_Context *ctx; - struct TALER_CoinSpendSignatureP coin_sig; - struct TALER_CoinSpendPublicKeyP coin_pub; struct TALER_DenominationHashP h_denom_pub; json_t *recoup_obj; CURL *eh; char arg_str[sizeof (struct TALER_CoinSpendPublicKeyP) * 2 + 32]; struct TALER_CoinSpendPrivateKeyP coin_priv; - union TALER_DenominationBlindingKeyP bks; + union GNUNET_CRYPTO_BlindingSecretP bks; GNUNET_assert (NULL != recoup_cb); - GNUNET_assert (GNUNET_YES == - TEAH_handle_is_ready (exchange)); + ph = GNUNET_new (struct TALER_EXCHANGE_RecoupRefreshHandle); + ph->pk = *pk; + memset (&ph->pk.key, + 0, + sizeof (ph->pk.key)); /* zero out, as lifetime cannot be warranted */ + ph->cb = recoup_cb; + ph->cb_cls = recoup_cb_cls; TALER_planchet_setup_coin_priv (ps, exchange_vals, &coin_priv); @@ -314,13 +252,13 @@ TALER_EXCHANGE_recoup_refresh ( exchange_vals, &bks); GNUNET_CRYPTO_eddsa_key_get_public (&coin_priv.eddsa_priv, - &coin_pub.eddsa_pub); + &ph->coin_pub.eddsa_pub); TALER_denom_pub_hash (&pk->key, &h_denom_pub); TALER_wallet_recoup_refresh_sign (&h_denom_pub, &bks, &coin_priv, - &coin_sig); + &ph->coin_sig); recoup_obj = GNUNET_JSON_PACK ( GNUNET_JSON_pack_data_auto ("denom_pub_hash", &h_denom_pub), @@ -329,28 +267,38 @@ TALER_EXCHANGE_recoup_refresh ( TALER_JSON_pack_exchange_withdraw_values ("ewv", exchange_vals), GNUNET_JSON_pack_data_auto ("coin_sig", - &coin_sig), + &ph->coin_sig), GNUNET_JSON_pack_data_auto ("coin_blind_key_secret", &bks)); - if (TALER_DENOMINATION_CS == denom_sig->cipher) + switch (denom_sig->unblinded_sig->cipher) { - struct TALER_CsNonce nonce; - - // FIXME: add this to the spec! - /* NOTE: this is not elegant, and as per the note in TALER_coin_ev_hash() - it is not strictly clear that the nonce is needed. Best case would be - to find a way to include it more 'naturally' somehow, for example with - the variant union version of bks! */ - TALER_cs_refresh_nonce_derive (rms, - idx, - &nonce); - GNUNET_assert ( - 0 == - json_object_set_new (recoup_obj, - "cs_nonce", - GNUNET_JSON_from_data_auto ( - &nonce))); + case GNUNET_CRYPTO_BSA_INVALID: + json_decref (recoup_obj); + GNUNET_break (0); + GNUNET_free (ph); + return NULL; + case GNUNET_CRYPTO_BSA_RSA: + break; + case GNUNET_CRYPTO_BSA_CS: + { + union GNUNET_CRYPTO_BlindSessionNonce nonce; + + /* NOTE: this is not elegant, and as per the note in TALER_coin_ev_hash() + it is not strictly clear that the nonce is needed. Best case would be + to find a way to include it more 'naturally' somehow, for example with + the variant union version of bks! */ + TALER_cs_refresh_nonce_derive (rms, + idx, + &nonce.cs_nonce); + GNUNET_assert ( + 0 == + json_object_set_new (recoup_obj, + "cs_nonce", + GNUNET_JSON_from_data_auto ( + &nonce))); + } + break; } { @@ -358,28 +306,20 @@ TALER_EXCHANGE_recoup_refresh ( char *end; end = GNUNET_STRINGS_data_to_string ( - &coin_pub, + &ph->coin_pub, sizeof (struct TALER_CoinSpendPublicKeyP), pub_str, sizeof (pub_str)); *end = '\0'; GNUNET_snprintf (arg_str, sizeof (arg_str), - "/coins/%s/recoup-refresh", + "coins/%s/recoup-refresh", pub_str); } - ph = GNUNET_new (struct TALER_EXCHANGE_RecoupRefreshHandle); - ph->coin_pub = coin_pub; - ph->exchange = exchange; - ph->pk = *pk; - memset (&ph->pk.key, - 0, - sizeof (ph->pk.key)); /* zero out, as lifetime cannot be warranted */ - ph->cb = recoup_cb; - ph->cb_cls = recoup_cb_cls; - ph->url = TEAH_path_to_url (exchange, - arg_str); + ph->url = TALER_url_join (url, + arg_str, + NULL); if (NULL == ph->url) { json_decref (recoup_obj); @@ -405,7 +345,7 @@ TALER_EXCHANGE_recoup_refresh ( GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "URL for recoup-refresh: `%s'\n", ph->url); - ctx = TEAH_handle_to_context (exchange); + ph->keys = TALER_EXCHANGE_keys_incref (keys); ph->job = GNUNET_CURL_job_add2 (ctx, eh, ph->ctx.headers, @@ -426,6 +366,7 @@ TALER_EXCHANGE_recoup_refresh_cancel ( } GNUNET_free (ph->url); TALER_curl_easy_post_finished (&ph->ctx); + TALER_EXCHANGE_keys_decref (ph->keys); GNUNET_free (ph); } |