diff options
Diffstat (limited to 'src/mint')
| -rw-r--r-- | src/mint/Makefile.am | 1 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd.c | 23 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_admin.c | 152 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_admin.h | 46 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_db.c | 49 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_db.h | 19 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_parsing.h | 2 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_responses.c | 19 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_responses.h | 12 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_test.c | 102 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_test.h | 44 |
11 files changed, 422 insertions, 47 deletions
diff --git a/src/mint/Makefile.am b/src/mint/Makefile.am index 2cda4fac1..112dbbf18 100644 --- a/src/mint/Makefile.am +++ b/src/mint/Makefile.am @@ -11,6 +11,7 @@ taler_mint_httpd_SOURCES = \ taler-mint-httpd_parsing.c taler-mint-httpd_parsing.h \ taler-mint-httpd_responses.c taler-mint-httpd_responses.h \ taler-mint-httpd_mhd.c taler-mint-httpd_mhd.h \ + taler-mint-httpd_admin.c taler-mint-httpd_admin.h \ taler-mint-httpd_deposit.c taler-mint-httpd_deposit.h \ taler-mint-httpd_withdraw.c taler-mint-httpd_withdraw.h \ taler-mint-httpd_refresh.c taler-mint-httpd_refresh.h diff --git a/src/mint/taler-mint-httpd.c b/src/mint/taler-mint-httpd.c index 51cb14c88..a0f1eca4b 100644 --- a/src/mint/taler-mint-httpd.c +++ b/src/mint/taler-mint-httpd.c @@ -28,6 +28,7 @@ #include <pthread.h> #include "taler-mint-httpd_parsing.h" #include "taler-mint-httpd_mhd.h" +#include "taler-mint-httpd_admin.h" #include "taler-mint-httpd_deposit.h" #include "taler-mint-httpd_withdraw.h" #include "taler-mint-httpd_refresh.h" @@ -199,6 +200,15 @@ handle_mhd_request (void *cls, "Only GET is allowed", 0, &TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED }, + /* FIXME: maybe conditionally compile these? */ + { "/admin/add/incoming", MHD_HTTP_METHOD_POST, "application/json", + NULL, 0, + &TMH_ADMIN_handler_admin_add_incoming, MHD_HTTP_OK }, + { "/admin/add/incoming", NULL, "text/plain", + "Only POST is allowed", 0, + &TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED }, + + #if HAVE_DEVELOPER { "/test", MHD_HTTP_METHOD_POST, "application/json", NULL, 0, @@ -242,10 +252,17 @@ handle_mhd_request (void *cls, "Only POST is allowed", 0, &TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED }, - { "/test/rsa", MHD_HTTP_METHOD_POST, "application/json", + { "/test/rsa/get", MHD_HTTP_METHOD_GET, "application/json", + NULL, 0, + &TMH_TEST_handler_test_rsa_get, MHD_HTTP_OK }, + { "/test/rsa/get", NULL, "text/plain", + "Only GET is allowed", 0, + &TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED }, + + { "/test/rsa/sign", MHD_HTTP_METHOD_POST, "application/json", NULL, 0, - &TMH_TEST_handler_test_rsa, MHD_HTTP_OK }, - { "/test/rsa", NULL, "text/plain", + &TMH_TEST_handler_test_rsa_sign, MHD_HTTP_OK }, + { "/test/rsa/sign", NULL, "text/plain", "Only POST is allowed", 0, &TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED }, diff --git a/src/mint/taler-mint-httpd_admin.c b/src/mint/taler-mint-httpd_admin.c new file mode 100644 index 000000000..22ead53ee --- /dev/null +++ b/src/mint/taler-mint-httpd_admin.c @@ -0,0 +1,152 @@ +/* + This file is part of TALER + Copyright (C) 2014 GNUnet e.V. + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU Affero General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License along with + TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file taler-mint-httpd_admin.c + * @brief Handle /admin/ requests + * @author Christian Grothoff + */ +#include "platform.h" +#include <gnunet/gnunet_util_lib.h> +#include <jansson.h> +#include "taler-mint-httpd_admin.h" +#include "taler-mint-httpd_parsing.h" +#include "taler-mint-httpd_responses.h" + + +/** + * Check permissions (we only allow access to /admin/ from loopback). + * + * @param connection connection to perform access check for + * @return #GNUNET_OK if permitted, + * #GNUNET_NO if denied and error was queued, + * #GNUNET_SYSERR if denied and we failed to report + */ +static int +check_permissions (struct MHD_Connection *connection) +{ + const union MHD_ConnectionInfo *ci; + const struct sockaddr *addr; + int res; + + ci = MHD_get_connection_info (connection, + MHD_CONNECTION_INFO_CLIENT_ADDRESS); + if (NULL == ci) + { + GNUNET_break (0); + res = TMH_RESPONSE_reply_internal_error (connection, + "Failed to verify client address"); + return (MHD_YES == res) ? GNUNET_NO : GNUNET_SYSERR; + } + addr = ci->client_addr; + switch (addr->sa_family) + { + case AF_INET: + { + const struct sockaddr_in *sin = (const struct sockaddr_in *) addr; + + if (INADDR_LOOPBACK != sin->sin_addr.s_addr) + { + res = TMH_RESPONSE_reply_permission_denied (connection, + "/admin/ only allowed via loopback"); + return (MHD_YES == res) ? GNUNET_NO : GNUNET_SYSERR; + } + break; + } + case AF_INET6: + { + const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *) addr; + + if (! IN6_IS_ADDR_LOOPBACK (&sin6->sin6_addr)) + { + res = TMH_RESPONSE_reply_permission_denied (connection, + "/admin/ only allowed via loopback"); + return (MHD_YES == res) ? GNUNET_NO : GNUNET_SYSERR; + } + break; + } + default: + GNUNET_break (0); + res = TMH_RESPONSE_reply_internal_error (connection, + "Unsupported AF"); + return (MHD_YES == res) ? GNUNET_NO : GNUNET_SYSERR; + } + return GNUNET_OK; +} + + + +/** + * Handle a "/admin/add/incoming" request. Parses the + * given "reserve_pub", "amount", "transaction" and "h_wire" + * details and adds the respective transaction to the database. + * + * @param rh context of the handler + * @param connection the MHD connection to handle + * @param[in,out] connection_cls the connection's closure (can be updated) + * @param upload_data upload data + * @param[in,out] upload_data_size number of bytes (left) in @a upload_data + * @return MHD result code + */ +int +TMH_ADMIN_handler_admin_add_incoming (struct TMH_RequestHandler *rh, + struct MHD_Connection *connection, + void **connection_cls, + const char *upload_data, + size_t *upload_data_size) +{ + struct TALER_ReservePublicKeyP reserve_pub; + struct TALER_Amount amount; + struct GNUNET_TIME_Absolute at; + json_t *wire; + json_t *root; + struct TMH_PARSE_FieldSpecification spec[] = { + TMH_PARSE_MEMBER_FIXED ("reserve_pub", &reserve_pub), + TMH_PARSE_MEMBER_AMOUNT ("amount", &amount), + TMH_PARSE_MEMBER_TIME_ABS ("execution_date", &at), + TMH_PARSE_MEMBER_OBJECT ("wire", &wire), + TMH_PARSE_MEMBER_END + }; + int res; + + res = check_permissions (connection); + if (GNUNET_OK != res) + return (GNUNET_OK == res) ? MHD_YES : MHD_NO; + + res = TMH_PARSE_post_json (connection, + connection_cls, + upload_data, + upload_data_size, + &root); + if (GNUNET_SYSERR == res) + return MHD_NO; + if ( (GNUNET_NO == res) || (NULL == root) ) + return MHD_YES; + res = TMH_PARSE_json_data (connection, + root, + spec); + json_decref (root); + if (GNUNET_OK != res) + return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; + res = TMH_DB_execute_admin_add_incoming (connection, + &reserve_pub, + &amount, + at, + wire); + TMH_PARSE_release_data (spec); + return res; +} + +/* end of taler-mint-httpd_admin.c */ diff --git a/src/mint/taler-mint-httpd_admin.h b/src/mint/taler-mint-httpd_admin.h new file mode 100644 index 000000000..b8ca3ce59 --- /dev/null +++ b/src/mint/taler-mint-httpd_admin.h @@ -0,0 +1,46 @@ +/* + This file is part of TALER + Copyright (C) 2014 GNUnet e.V. + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU Affero General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License along with + TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file taler-mint-httpd_admin.h + * @brief Handle /admin/ requests + * @author Christian Grothoff + */ +#ifndef TALER_MINT_HTTPD_ADMIN_H +#define TALER_MINT_HTTPD_ADMIN_H + +#include <microhttpd.h> +#include "taler-mint-httpd.h" + +/** + * Handle a "/admin/add/incoming" request. Parses the + * given "reserve_pub", "amount", "transaction" and "h_wire" + * details and adds the respective transaction to the database. + * + * @param rh context of the handler + * @param connection the MHD connection to handle + * @param[in,out] connection_cls the connection's closure (can be updated) + * @param upload_data upload data + * @param[in,out] upload_data_size number of bytes (left) in @a upload_data + * @return MHD result code + */ +int +TMH_ADMIN_handler_admin_add_incoming (struct TMH_RequestHandler *rh, + struct MHD_Connection *connection, + void **connection_cls, + const char *upload_data, + size_t *upload_data_size); + +#endif diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c index 78a8d6f40..e4e8c59ec 100644 --- a/src/mint/taler-mint-httpd_db.c +++ b/src/mint/taler-mint-httpd_db.c @@ -1374,4 +1374,53 @@ TMH_DB_execute_refresh_link (struct MHD_Connection *connection, } +/** + * Add an incoming transaction to the database. Checks if the + * transaction is fresh (not a duplicate) and if so adds it to + * the database. + * + * @param connection the MHD connection to handle + * @param reserve_pub public key of the reserve + * @param amount amount to add to the reserve + * @param execution_time when did we receive the wire transfer + * @param wire details about the wire transfer + * @return MHD result code + */ +int +TMH_DB_execute_admin_add_incoming (struct MHD_Connection *connection, + const struct TALER_ReservePublicKeyP *reserve_pub, + const struct TALER_Amount *amount, + struct GNUNET_TIME_Absolute execution_time, + json_t *wire) +{ + struct TALER_MINTDB_Session *session; + int ret; + + if (NULL == (session = TMH_plugin->get_session (TMH_plugin->cls, + TMH_test_mode))) + { + GNUNET_break (0); + return TMH_RESPONSE_reply_internal_db_error (connection); + } + ret = TMH_plugin->reserves_in_insert (TMH_plugin->cls, + session, + reserve_pub, + amount, + execution_time, + wire); + if (GNUNET_SYSERR == ret) + { + GNUNET_break (0); + return TMH_RESPONSE_reply_internal_db_error (connection); + } + return TMH_RESPONSE_reply_json_pack (connection, + MHD_HTTP_OK, + "{s:s}", + "status", + (GNUNET_OK == ret) + ? "NEW" + : "DUP"); +} + + /* end of taler-mint-httpd_db.c */ diff --git a/src/mint/taler-mint-httpd_db.h b/src/mint/taler-mint-httpd_db.h index 56a4dd9cb..8a171153a 100644 --- a/src/mint/taler-mint-httpd_db.h +++ b/src/mint/taler-mint-httpd_db.h @@ -167,5 +167,24 @@ TMH_DB_execute_refresh_link (struct MHD_Connection *connection, const struct TALER_CoinSpendPublicKeyP *coin_pub); + +/** + * Add an incoming transaction to the database. + * + * @param connection the MHD connection to handle + * @param reserve_pub public key of the reserve + * @param amount amount to add to the reserve + * @param execution_time when did we receive the wire transfer + * @param wire details about the wire transfer + * @return MHD result code + */ +int +TMH_DB_execute_admin_add_incoming (struct MHD_Connection *connection, + const struct TALER_ReservePublicKeyP *reserve_pub, + const struct TALER_Amount *amount, + struct GNUNET_TIME_Absolute execution_time, + json_t *wire); + + #endif /* TALER_MINT_HTTPD_DB_H */ diff --git a/src/mint/taler-mint-httpd_parsing.h b/src/mint/taler-mint-httpd_parsing.h index 4714ab6a0..2439f39f9 100644 --- a/src/mint/taler-mint-httpd_parsing.h +++ b/src/mint/taler-mint-httpd_parsing.h @@ -134,6 +134,7 @@ enum TMH_PARSE_JsonNavigationCommand * Param: struct GNUNET_TIME_Absolute * */ TMH_PARSE_JNC_RET_TIME_ABSOLUTE + }; @@ -299,6 +300,7 @@ TMH_PARSE_release_data (struct TMH_PARSE_FieldSpecification *spec); */ #define TMH_PARSE_MEMBER_TIME_ABS(field,atime) { field, atime, sizeof(*atime), 0, TMH_PARSE_JNC_RET_TIME_ABSOLUTE, 0 } + /** * Generate line in parser specification indicating the end of the spec. */ diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c index ccc144e29..013cc19b8 100644 --- a/src/mint/taler-mint-httpd_responses.c +++ b/src/mint/taler-mint-httpd_responses.c @@ -172,6 +172,25 @@ TMH_RESPONSE_reply_arg_missing (struct MHD_Connection *connection, /** + * Send a response indicating permission denied. + * + * @param connection the MHD connection to use + * @param hint hint about why access was denied + * @return a MHD result code + */ +int +TMH_RESPONSE_reply_permission_denied (struct MHD_Connection *connection, + const char *hint) +{ + return TMH_RESPONSE_reply_json_pack (connection, + MHD_HTTP_FORBIDDEN, + "{s:s, s:s}", + "error", "permission denied", + "hint", hint); +} + + +/** * Send a response indicating an internal error. * * @param connection the MHD connection to use diff --git a/src/mint/taler-mint-httpd_responses.h b/src/mint/taler-mint-httpd_responses.h index 2ae06209d..1f8e1e44c 100644 --- a/src/mint/taler-mint-httpd_responses.h +++ b/src/mint/taler-mint-httpd_responses.h @@ -115,6 +115,18 @@ TMH_RESPONSE_reply_arg_missing (struct MHD_Connection *connection, /** + * Send a response indicating permission denied. + * + * @param connection the MHD connection to use + * @param hint hint about why access was denied + * @return a MHD result code + */ +int +TMH_RESPONSE_reply_permission_denied (struct MHD_Connection *connection, + const char *hint); + + +/** * Send a response indicating an internal error. * * @param connection the MHD connection to use diff --git a/src/mint/taler-mint-httpd_test.c b/src/mint/taler-mint-httpd_test.c index 22c13908e..0c6838ee5 100644 --- a/src/mint/taler-mint-httpd_test.c +++ b/src/mint/taler-mint-httpd_test.c @@ -30,9 +30,15 @@ /** + * Private key the test module uses for signing. + */ +static struct GNUNET_CRYPTO_rsa_PrivateKey *rsa_pk; + + +/** * Handle a "/test/base32" request. Parses the JSON in the post, runs * the Crockford Base32 decoder on the "input" field in the JSON, - * hashes the result and sends the hashed value back as a JSON + * hashes the result and sends the hashed value back as a JSON * string with in Base32 Crockford encoding. Thus, this API * allows testing the hashing and Crockford encoding/decoding * functions. @@ -197,7 +203,7 @@ TMH_TEST_handler_test_hkdf (struct TMH_RequestHandler *rh, TMH_PARSE_MEMBER_VARIABLE ("input"), TMH_PARSE_MEMBER_END }; - + res = TMH_PARSE_post_json (connection, connection_cls, upload_data, @@ -296,11 +302,11 @@ TMH_TEST_handler_test_ecdhe (struct TMH_RequestHandler *rh, /** - * Handle a "/test/eddsa" request. Parses the JSON in the post, + * Handle a "/test/eddsa" request. Parses the JSON in the post, * which must contain a "eddsa_pub" with a public key and an *"eddsa_sig" with the corresponding signature for a purpose * of #TALER_SIGNATURE_CLIENT_TEST_EDDSA. If the signature is - * valid, a reply with a #TALER_SIGNATURE_MINT_TEST_EDDSA is + * valid, a reply with a #TALER_SIGNATURE_MINT_TEST_EDDSA is * returned using the same JSON format. * * @param rh context of the handler @@ -384,9 +390,8 @@ TMH_TEST_handler_test_eddsa (struct TMH_RequestHandler *rh, /** - * Handle a "/test/rsa" request. Parses the JSON in the post, which - * must contain an "blind_ev" blinded value. An RSA public key - * ("rsa_pub") and a blinded signature ("rsa_blind_sig") are returned. + * Handle a "/test/rsa/get" request. Returns the RSA public key + * ("rsa_pub") which is used for signing in "/test/rsa/sign". * * @param rh context of the handler * @param connection the MHD connection to handle @@ -396,21 +401,66 @@ TMH_TEST_handler_test_eddsa (struct TMH_RequestHandler *rh, * @return MHD result code */ int -TMH_TEST_handler_test_rsa (struct TMH_RequestHandler *rh, - struct MHD_Connection *connection, - void **connection_cls, - const char *upload_data, - size_t *upload_data_size) +TMH_TEST_handler_test_rsa_get (struct TMH_RequestHandler *rh, + struct MHD_Connection *connection, + void **connection_cls, + const char *upload_data, + size_t *upload_data_size) { - json_t *json; int res; struct GNUNET_CRYPTO_rsa_PublicKey *pub; + + if (NULL == rsa_pk) + rsa_pk = GNUNET_CRYPTO_rsa_private_key_create (1024); + if (NULL == rsa_pk) + { + GNUNET_break (0); + return TMH_RESPONSE_reply_internal_error (connection, + "Failed to create RSA key"); + } + pub = GNUNET_CRYPTO_rsa_private_key_get_public (rsa_pk); + if (NULL == pub) + { + GNUNET_break (0); + return TMH_RESPONSE_reply_internal_error (connection, + "Failed to get public RSA key"); + } + res = TMH_RESPONSE_reply_json_pack (connection, + MHD_HTTP_OK, + "{s:o}", + "rsa_pub", + TALER_json_from_rsa_public_key (pub)); + GNUNET_CRYPTO_rsa_public_key_free (pub); + return res; +} + + +/** + * Handle a "/test/rsa/sign" request. Parses the JSON in the post, which + * must contain an "blind_ev" blinded value. A a blinded signature + * ("rsa_blind_sig") is returned. + * + * @param rh context of the handler + * @param connection the MHD connection to handle + * @param[in,out] connection_cls the connection's closure (can be updated) + * @param upload_data upload data + * @param[in,out] upload_data_size number of bytes (left) in @a upload_data + * @return MHD result code + */ +int +TMH_TEST_handler_test_rsa_sign (struct TMH_RequestHandler *rh, + struct MHD_Connection *connection, + void **connection_cls, + const char *upload_data, + size_t *upload_data_size) +{ + json_t *json; + int res; struct GNUNET_CRYPTO_rsa_Signature *sig; struct TMH_PARSE_FieldSpecification spec[] = { TMH_PARSE_MEMBER_VARIABLE ("blind_ev"), TMH_PARSE_MEMBER_END }; - struct GNUNET_CRYPTO_rsa_PrivateKey *pk; res = TMH_PARSE_post_json (connection, connection_cls, @@ -427,50 +477,38 @@ TMH_TEST_handler_test_rsa (struct TMH_RequestHandler *rh, json_decref (json); if (GNUNET_YES != res) return (GNUNET_NO == res) ? MHD_YES : MHD_NO; - pk = GNUNET_CRYPTO_rsa_private_key_create (1024); - if (NULL == pk) + if (NULL == rsa_pk) + rsa_pk = GNUNET_CRYPTO_rsa_private_key_create (1024); + if (NULL == rsa_pk) { GNUNET_break (0); TMH_PARSE_release_data (spec); return TMH_RESPONSE_reply_internal_error (connection, "Failed to create RSA key"); } - sig = GNUNET_CRYPTO_rsa_sign (pk, + sig = GNUNET_CRYPTO_rsa_sign (rsa_pk, spec[0].destination, spec[0].destination_size_out); if (NULL == sig) { GNUNET_break (0); - GNUNET_CRYPTO_rsa_private_key_free (pk); TMH_PARSE_release_data (spec); return TMH_RESPONSE_reply_internal_error (connection, "Failed to RSA-sign"); } TMH_PARSE_release_data (spec); - pub = GNUNET_CRYPTO_rsa_private_key_get_public (pk); - GNUNET_CRYPTO_rsa_private_key_free (pk); - if (NULL == pub) - { - GNUNET_break (0); - GNUNET_CRYPTO_rsa_signature_free (sig); - return TMH_RESPONSE_reply_internal_error (connection, - "Failed to get public RSA key"); - } res = TMH_RESPONSE_reply_json_pack (connection, MHD_HTTP_OK, - "{s:o, s:o}", - "rsa_pub", - TALER_json_from_rsa_public_key (pub), + "{s:o}", "rsa_blind_sig", TALER_json_from_rsa_signature (sig)); GNUNET_CRYPTO_rsa_signature_free (sig); - GNUNET_CRYPTO_rsa_public_key_free (pub); return res; } /** - * Handle a "/test/transfer" request. Parses the JSON in the post, + * Handle a "/test/transfer" request. Parses the JSON in the post, * which must contain a "secret_enc" with the encrypted link secret, * a "trans_priv" with the transfer private key, a "coin_pub" with * a coin public key. A reply with the decrypted "secret" is diff --git a/src/mint/taler-mint-httpd_test.h b/src/mint/taler-mint-httpd_test.h index 1bc5fb66c..33844aab1 100644 --- a/src/mint/taler-mint-httpd_test.h +++ b/src/mint/taler-mint-httpd_test.h @@ -29,7 +29,7 @@ /** * Handle a "/test/base32" request. Parses the JSON in the post, runs * the Crockford Base32 decoder on the "input" field in the JSON, - * hashes the result and sends the hashed value back as a JSON + * hashes the result and sends the hashed value back as a JSON * string with in Base32 Crockford encoding. Thus, this API * allows testing the hashing and Crockford encoding/decoding * functions. @@ -122,11 +122,11 @@ TMH_TEST_handler_test_ecdhe (struct TMH_RequestHandler *rh, /** - * Handle a "/test/eddsa" request. Parses the JSON in the post, + * Handle a "/test/eddsa" request. Parses the JSON in the post, * which must contain a "eddsa_pub" with a public key and an *"ecdsa_sig" with the corresponding signature for a purpose * of #TALER_SIGNATURE_CLIENT_TEST_EDDSA. If the signature is - * valid, a reply with a #TALER_SIGNATURE_MINT_TEST_EDDSA is + * valid, a reply with a #TALER_SIGNATURE_MINT_TEST_EDDSA is * returned using the same JSON format. * * @param rh context of the handler @@ -143,10 +143,30 @@ TMH_TEST_handler_test_eddsa (struct TMH_RequestHandler *rh, const char *upload_data, size_t *upload_data_size); + +/** + * Handle a "/test/rsa/get" request. Returns the RSA public key + * ("rsa_pub") which is used for signing in "/test/rsa/sign". + * + * @param rh context of the handler + * @param connection the MHD connection to handle + * @param[in,out] connection_cls the connection's closure (can be updated) + * @param upload_data upload data + * @param[in,out] upload_data_size number of bytes (left) in @a upload_data + * @return MHD result code + */ +int +TMH_TEST_handler_test_rsa_get (struct TMH_RequestHandler *rh, + struct MHD_Connection *connection, + void **connection_cls, + const char *upload_data, + size_t *upload_data_size); + + /** - * Handle a "/test/rsa" request. Parses the JSON in the post, which - * must contain an "blind_ev" blinded value. An RSA public key - * ("rsa_pub") and a blinded signature ("rsa_blind_sig") are returned. + * Handle a "/test/rsa/sign" request. Parses the JSON in the post, which + * must contain an "blind_ev" blinded value. A a blinded signature + * ("rsa_blind_sig") is returned. * * @param rh context of the handler * @param connection the MHD connection to handle @@ -156,15 +176,15 @@ TMH_TEST_handler_test_eddsa (struct TMH_RequestHandler *rh, * @return MHD result code */ int -TMH_TEST_handler_test_rsa (struct TMH_RequestHandler *rh, - struct MHD_Connection *connection, - void **connection_cls, - const char *upload_data, - size_t *upload_data_size); +TMH_TEST_handler_test_rsa_sign (struct TMH_RequestHandler *rh, + struct MHD_Connection *connection, + void **connection_cls, + const char *upload_data, + size_t *upload_data_size); /** - * Handle a "/test/transfer" request. Parses the JSON in the post, + * Handle a "/test/transfer" request. Parses the JSON in the post, * which must contain a "secret_enc" with the encrypted link secret, * a "trans_priv" with the transfer private key, a "coin_pub" with * a coin public key. A reply with the decrypted "secret" is |