diff options
Diffstat (limited to 'src/mint/taler-mint-httpd_deposit.c')
-rw-r--r-- | src/mint/taler-mint-httpd_deposit.c | 67 |
1 files changed, 47 insertions, 20 deletions
diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c index ed0eca8bb..ee9f76d5d 100644 --- a/src/mint/taler-mint-httpd_deposit.c +++ b/src/mint/taler-mint-httpd_deposit.c | |||
@@ -23,9 +23,8 @@ | |||
23 | * @author Christian Grothoff | 23 | * @author Christian Grothoff |
24 | * | 24 | * |
25 | * TODO: | 25 | * TODO: |
26 | * - actually verify coin signature | 26 | * - missing 'wire' format check (well-formed SEPA-details) |
27 | * - revisit `struct Deposit` parsing once the struct | 27 | * - ugliy if-construction for deposit type |
28 | * has been finalized | ||
29 | */ | 28 | */ |
30 | #include "platform.h" | 29 | #include "platform.h" |
31 | #include <gnunet/gnunet_util_lib.h> | 30 | #include <gnunet/gnunet_util_lib.h> |
@@ -59,19 +58,25 @@ verify_and_execute_deposit (struct MHD_Connection *connection, | |||
59 | const struct Deposit *deposit) | 58 | const struct Deposit *deposit) |
60 | { | 59 | { |
61 | struct MintKeyState *key_state; | 60 | struct MintKeyState *key_state; |
61 | struct TALER_DepositRequest dr; | ||
62 | 62 | ||
63 | /* FIXME: verify coin signature! */ | 63 | dr.purpose.purpose = htonl (TALER_SIGNATURE_DEPOSIT); |
64 | /* | 64 | dr.purpose.size = htonl (sizeof (struct TALER_DepositRequest)); |
65 | if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_DEPOSIT, | 65 | dr.h_contract = deposit->h_contract; |
66 | &deposit->purpose, | 66 | dr.h_wire = deposit->h_wire; |
67 | &deposit->coin_sig, | 67 | dr.transaction_id = GNUNET_htonll (deposit->transaction_id); |
68 | &deposit->coin_pub)) | 68 | dr.amount = TALER_amount_hton (deposit->amount); |
69 | dr.coin_pub = deposit->coin.coin_pub; | ||
70 | if (GNUNET_OK != | ||
71 | GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_DEPOSIT, | ||
72 | &dr.purpose, | ||
73 | &deposit->csig, | ||
74 | &deposit->coin.coin_pub)) | ||
69 | { | 75 | { |
70 | resp = json_pack ("{s:s}", "error", "Signature verfication failed"); | 76 | LOG_WARNING ("Invalid signature on /deposit request\n"); |
71 | return TALER_MINT_reply_arg_invalid (connection, | 77 | return TALER_MINT_reply_arg_invalid (connection, |
72 | "csig"); | 78 | "csig"); |
73 | } | 79 | } |
74 | */ | ||
75 | 80 | ||
76 | key_state = TALER_MINT_key_state_acquire (); | 81 | key_state = TALER_MINT_key_state_acquire (); |
77 | if (GNUNET_YES != | 82 | if (GNUNET_YES != |
@@ -80,10 +85,7 @@ verify_and_execute_deposit (struct MHD_Connection *connection, | |||
80 | { | 85 | { |
81 | LOG_WARNING ("Invalid coin passed for /deposit\n"); | 86 | LOG_WARNING ("Invalid coin passed for /deposit\n"); |
82 | TALER_MINT_key_state_release (key_state); | 87 | TALER_MINT_key_state_release (key_state); |
83 | return TALER_MINT_reply_json_pack (connection, | 88 | return TALER_MINT_reply_coin_invalid (connection); |
84 | MHD_HTTP_NOT_FOUND, | ||
85 | "{s:s}", | ||
86 | "error", "Coin is not valid"); | ||
87 | } | 89 | } |
88 | TALER_MINT_key_state_release (key_state); | 90 | TALER_MINT_key_state_release (key_state); |
89 | 91 | ||
@@ -101,6 +103,7 @@ verify_and_execute_deposit (struct MHD_Connection *connection, | |||
101 | * @param root root of the posted JSON | 103 | * @param root root of the posted JSON |
102 | * @param purpose is this a #TALER_SIGNATURE_DEPOSIT or | 104 | * @param purpose is this a #TALER_SIGNATURE_DEPOSIT or |
103 | * #TALER_SIGNATURE_INCREMENTAL_DEPOSIT // FIXME: bad type, use enum! | 105 | * #TALER_SIGNATURE_INCREMENTAL_DEPOSIT // FIXME: bad type, use enum! |
106 | * @param amount how much should be deposited | ||
104 | * @param wire json describing the wire details (?) | 107 | * @param wire json describing the wire details (?) |
105 | * @return MHD result code | 108 | * @return MHD result code |
106 | */ | 109 | */ |
@@ -108,6 +111,7 @@ static int | |||
108 | parse_and_handle_deposit_request (struct MHD_Connection *connection, | 111 | parse_and_handle_deposit_request (struct MHD_Connection *connection, |
109 | const json_t *root, | 112 | const json_t *root, |
110 | uint32_t purpose, | 113 | uint32_t purpose, |
114 | const struct TALER_Amount *amount, | ||
111 | const json_t *wire) | 115 | const json_t *wire) |
112 | { | 116 | { |
113 | int res; | 117 | int res; |
@@ -155,6 +159,7 @@ parse_and_handle_deposit_request (struct MHD_Connection *connection, | |||
155 | return TALER_MINT_reply_arg_invalid (connection, | 159 | return TALER_MINT_reply_arg_invalid (connection, |
156 | "denom_pub"); | 160 | "denom_pub"); |
157 | } | 161 | } |
162 | /* FIXME: check that "wire" is formatted correctly */ | ||
158 | if (NULL == (wire_enc = json_dumps (wire, JSON_COMPACT | JSON_SORT_KEYS))) | 163 | if (NULL == (wire_enc = json_dumps (wire, JSON_COMPACT | JSON_SORT_KEYS))) |
159 | { | 164 | { |
160 | GNUNET_CRYPTO_rsa_public_key_free (deposit.coin.denom_pub); | 165 | GNUNET_CRYPTO_rsa_public_key_free (deposit.coin.denom_pub); |
@@ -172,9 +177,7 @@ parse_and_handle_deposit_request (struct MHD_Connection *connection, | |||
172 | 177 | ||
173 | deposit.wire = wire; | 178 | deposit.wire = wire; |
174 | deposit.purpose = purpose; | 179 | deposit.purpose = purpose; |
175 | 180 | deposit.amount = *amount; | |
176 | // FIXME: deposit.amount not initialized! | ||
177 | |||
178 | res = verify_and_execute_deposit (connection, | 181 | res = verify_and_execute_deposit (connection, |
179 | &deposit); | 182 | &deposit); |
180 | GNUNET_CRYPTO_rsa_public_key_free (deposit.coin.denom_pub); | 183 | GNUNET_CRYPTO_rsa_public_key_free (deposit.coin.denom_pub); |
@@ -212,6 +215,8 @@ TALER_MINT_handler_deposit (struct RequestHandler *rh, | |||
212 | const char *deposit_type; | 215 | const char *deposit_type; |
213 | int res; | 216 | int res; |
214 | uint32_t purpose; | 217 | uint32_t purpose; |
218 | struct TALER_Amount amount; | ||
219 | json_t *f; | ||
215 | 220 | ||
216 | res = TALER_MINT_parse_post_json (connection, | 221 | res = TALER_MINT_parse_post_json (connection, |
217 | connection_cls, | 222 | connection_cls, |
@@ -223,16 +228,35 @@ TALER_MINT_handler_deposit (struct RequestHandler *rh, | |||
223 | if ( (GNUNET_NO == res) || (NULL == json) ) | 228 | if ( (GNUNET_NO == res) || (NULL == json) ) |
224 | return MHD_YES; | 229 | return MHD_YES; |
225 | if (-1 == json_unpack (json, | 230 | if (-1 == json_unpack (json, |
226 | "{s:s, s:o}", | 231 | "{s:s, s:o, f:o}", |
227 | "type", &deposit_type, | 232 | "type", &deposit_type, |
228 | "wire", &wire)) | 233 | "wire", &wire, |
234 | "f", &f)) | ||
229 | { | 235 | { |
230 | GNUNET_break_op (0); | 236 | GNUNET_break_op (0); |
237 | json_decref (json); | ||
231 | return TALER_MINT_reply_json_pack (connection, | 238 | return TALER_MINT_reply_json_pack (connection, |
232 | MHD_HTTP_BAD_REQUEST, | 239 | MHD_HTTP_BAD_REQUEST, |
233 | "{s:s}", | 240 | "{s:s}", |
234 | "error", "Bad format"); | 241 | "error", "Bad format"); |
235 | } | 242 | } |
243 | res = TALER_MINT_parse_amount_json (connection, | ||
244 | f, | ||
245 | &amount); | ||
246 | json_decref (f); | ||
247 | if (GNUNET_SYSERR == res) | ||
248 | { | ||
249 | json_decref (wire); | ||
250 | json_decref (json); | ||
251 | return MHD_NO; | ||
252 | } | ||
253 | if (GNUNET_NO == res) | ||
254 | { | ||
255 | json_decref (wire); | ||
256 | json_decref (json); | ||
257 | return MHD_YES; | ||
258 | } | ||
259 | /* FIXME: use array search and enum, this is ugly */ | ||
236 | if (0 == strcmp ("DIRECT_DEPOSIT", deposit_type)) | 260 | if (0 == strcmp ("DIRECT_DEPOSIT", deposit_type)) |
237 | purpose = TALER_SIGNATURE_DEPOSIT; | 261 | purpose = TALER_SIGNATURE_DEPOSIT; |
238 | else if (0 == strcmp ("INCREMENTAL_DEPOSIT", deposit_type)) | 262 | else if (0 == strcmp ("INCREMENTAL_DEPOSIT", deposit_type)) |
@@ -241,6 +265,7 @@ TALER_MINT_handler_deposit (struct RequestHandler *rh, | |||
241 | { | 265 | { |
242 | GNUNET_break_op (0); | 266 | GNUNET_break_op (0); |
243 | json_decref (wire); | 267 | json_decref (wire); |
268 | json_decref (json); | ||
244 | return TALER_MINT_reply_json_pack (connection, | 269 | return TALER_MINT_reply_json_pack (connection, |
245 | MHD_HTTP_BAD_REQUEST, | 270 | MHD_HTTP_BAD_REQUEST, |
246 | "{s:s}", | 271 | "{s:s}", |
@@ -249,8 +274,10 @@ TALER_MINT_handler_deposit (struct RequestHandler *rh, | |||
249 | res = parse_and_handle_deposit_request (connection, | 274 | res = parse_and_handle_deposit_request (connection, |
250 | json, | 275 | json, |
251 | purpose, | 276 | purpose, |
277 | &amount, | ||
252 | wire); | 278 | wire); |
253 | json_decref (wire); | 279 | json_decref (wire); |
280 | json_decref (json); | ||
254 | return res; | 281 | return res; |
255 | } | 282 | } |
256 | 283 | ||