From b38134ea4a2a90fdce6d9f661ed58df47a17bcfe Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Wed, 29 Mar 2017 14:43:54 +0200 Subject: implement /payback parsing and signature verification --- src/exchange/Makefile.am | 1 + src/exchange/taler-exchange-httpd_db.c | 23 ++++ src/exchange/taler-exchange-httpd_db.h | 29 ++++- src/exchange/taler-exchange-httpd_keystate.c | 3 + src/exchange/taler-exchange-httpd_keystate.h | 9 +- src/exchange/taler-exchange-httpd_payback.c | 180 +++++++++++++++++++++++++++ src/exchange/taler-exchange-httpd_payback.h | 51 ++++++++ src/exchange/taler-exchange-httpd_reserve.c | 10 +- src/include/taler_error_codes.h | 21 ++++ 9 files changed, 315 insertions(+), 12 deletions(-) create mode 100644 src/exchange/taler-exchange-httpd_payback.c create mode 100644 src/exchange/taler-exchange-httpd_payback.h diff --git a/src/exchange/Makefile.am b/src/exchange/Makefile.am index 42fe82523..ecb774b29 100644 --- a/src/exchange/Makefile.am +++ b/src/exchange/Makefile.am @@ -37,6 +37,7 @@ taler_exchange_httpd_SOURCES = \ taler-exchange-httpd_keystate.c taler-exchange-httpd_keystate.h \ taler-exchange-httpd_mhd.c taler-exchange-httpd_mhd.h \ taler-exchange-httpd_parsing.c taler-exchange-httpd_parsing.h \ + taler-exchange-httpd_payback.c taler-exchange-httpd_payback.h \ taler-exchange-httpd_refresh.c taler-exchange-httpd_refresh.h \ taler-exchange-httpd_refund.c taler-exchange-httpd_refund.h \ taler-exchange-httpd_reserve.c taler-exchange-httpd_reserve.h \ diff --git a/src/exchange/taler-exchange-httpd_db.c b/src/exchange/taler-exchange-httpd_db.c index c3bc8ae48..cac700ab8 100644 --- a/src/exchange/taler-exchange-httpd_db.c +++ b/src/exchange/taler-exchange-httpd_db.c @@ -2256,4 +2256,27 @@ TEH_DB_execute_track_transaction (struct MHD_Connection *connection, } +/** + * Execute a "/payback". The validity of the coin and signature have + * already been checked. The database must now check that the coin is + * not (double) spent, and execute the transaction (record details, + * generate success or failure response). + * + * @param connection the MHD connection to handle + * @param coin information about the coin + * @param coin_bks blinding data of the coin (to be checked) + * @param coin_sig signature of the coin + * @return MHD result code + */ +int +TEH_DB_execute_payback (struct MHD_Connection *connection, + const struct TALER_CoinPublicInfo *coin, + const struct TALER_DenominationBlindingKeyP *coin_bks, + const struct TALER_CoinSpendSignatureP *coin_sig) +{ + GNUNET_break (0); /* not implemented (#3887) */ + return MHD_NO; +} + + /* end of taler-exchange-httpd_db.c */ diff --git a/src/exchange/taler-exchange-httpd_db.h b/src/exchange/taler-exchange-httpd_db.h index 47afaadcb..67c8665f2 100644 --- a/src/exchange/taler-exchange-httpd_db.h +++ b/src/exchange/taler-exchange-httpd_db.h @@ -214,7 +214,7 @@ TEH_DB_execute_admin_add_incoming (struct MHD_Connection *connection, */ int TEH_DB_execute_track_transfer (struct MHD_Connection *connection, - const struct TALER_WireTransferIdentifierRawP *wtid); + const struct TALER_WireTransferIdentifierRawP *wtid); /** @@ -230,10 +230,29 @@ TEH_DB_execute_track_transfer (struct MHD_Connection *connection, */ int TEH_DB_execute_track_transaction (struct MHD_Connection *connection, - const struct GNUNET_HashCode *h_proposal_data, - const struct GNUNET_HashCode *h_wire, - const struct TALER_CoinSpendPublicKeyP *coin_pub, - const struct TALER_MerchantPublicKeyP *merchant_pub); + const struct GNUNET_HashCode *h_proposal_data, + const struct GNUNET_HashCode *h_wire, + const struct TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_MerchantPublicKeyP *merchant_pub); + + +/** + * Execute a "/payback". The validity of the coin and signature have + * already been checked. The database must now check that the coin is + * not (double) spent, and execute the transaction (record details, + * generate success or failure response). + * + * @param connection the MHD connection to handle + * @param coin information about the coin + * @param coin_bks blinding data of the coin (to be checked) + * @param coin_sig signature of the coin + * @return MHD result code + */ +int +TEH_DB_execute_payback (struct MHD_Connection *connection, + const struct TALER_CoinPublicInfo *coin, + const struct TALER_DenominationBlindingKeyP *coin_bks, + const struct TALER_CoinSpendSignatureP *coin_sig); #endif diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c index e7fc16506..e754eb4fc 100644 --- a/src/exchange/taler-exchange-httpd_keystate.c +++ b/src/exchange/taler-exchange-httpd_keystate.c @@ -806,6 +806,9 @@ TEH_KS_denomination_key_lookup (const struct TEH_KS_StateHandle *key_state, return NULL; } break; + case TEH_KS_DKU_PAYBACK: + GNUNET_break (0); /* not implemented (#3887) */ + return NULL; } return dki; } diff --git a/src/exchange/taler-exchange-httpd_keystate.h b/src/exchange/taler-exchange-httpd_keystate.h index 12aa241d7..2b7df6378 100644 --- a/src/exchange/taler-exchange-httpd_keystate.h +++ b/src/exchange/taler-exchange-httpd_keystate.h @@ -92,9 +92,14 @@ enum TEH_KS_DenominationKeyUse { TEH_KS_DKU_WITHDRAW, /** - * The key is to be usd for a /deposit or /refresh (melt) operation. + * The key is to be used for a /deposit or /refresh (melt) operation. */ - TEH_KS_DKU_DEPOSIT + TEH_KS_DKU_DEPOSIT, + + /** + * The key is to be used for a /payback operation. + */ + TEH_KS_DKU_PAYBACK }; diff --git a/src/exchange/taler-exchange-httpd_payback.c b/src/exchange/taler-exchange-httpd_payback.c new file mode 100644 index 000000000..2b33112d3 --- /dev/null +++ b/src/exchange/taler-exchange-httpd_payback.c @@ -0,0 +1,180 @@ +/* + This file is part of TALER + Copyright (C) 2017 Inria and GNUnet e.V. + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU Affero General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License along with + TALER; see the file COPYING. If not, see +*/ +/** + * @file taler-exchange-httpd_payback.c + * @brief Handle /payback requests; parses the POST and JSON and + * verifies the coin signature before handing things off + * to the database. + * @author Christian Grothoff + */ +#include "platform.h" +#include +#include +#include +#include +#include +#include "taler_json_lib.h" +#include "taler-exchange-httpd_parsing.h" +#include "taler-exchange-httpd_payback.h" +#include "taler-exchange-httpd_responses.h" +#include "taler-exchange-httpd_keystate.h" +#include "taler-exchange-httpd_validation.h" + + +/** + * We have parsed the JSON information about the payback request. Do + * some basic sanity checks (especially that the signature on the + * request and coin is valid) and then execute the payback operation. + * Note that we need the DB to check the fee structure, so this is not + * done here. + * + * @param connection the MHD connection to handle + * @param coin information about the coin + * @param coin_bks blinding data of the coin (to be checked) + * @param coin_sig signature of the coin + * @return MHD result code + */ +static int +verify_and_execute_payback (struct MHD_Connection *connection, + const struct TALER_CoinPublicInfo *coin, + const struct TALER_DenominationBlindingKeyP *coin_bks, + const struct TALER_CoinSpendSignatureP *coin_sig) +{ + struct TEH_KS_StateHandle *key_state; + const struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki; + struct TALER_PaybackRequestPS pr; + + + /* check denomination exists and is in payback mode */ + key_state = TEH_KS_acquire (); + dki = TEH_KS_denomination_key_lookup (key_state, + &coin->denom_pub, + TEH_KS_DKU_PAYBACK); + if (NULL == dki) + { + TEH_KS_release (key_state); + TALER_LOG_WARNING ("Denomination key in /payback request not in payback mode\n"); + return TEH_RESPONSE_reply_arg_unknown (connection, + TALER_EC_PAYBACK_DENOMINATION_KEY_UNKNOWN, + "denom_pub"); + } + + /* check denomination signature */ + if (GNUNET_YES != + TALER_test_coin_valid (coin)) + { + TALER_LOG_WARNING ("Invalid coin passed for /payback\n"); + TEH_KS_release (key_state); + return TEH_RESPONSE_reply_signature_invalid (connection, + TALER_EC_PAYBACK_DENOMINATION_SIGNATURE_INVALID, + "denom_sig"); + } + + /* check payback request signature */ + pr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_PAYBACK); + pr.purpose.size = htonl (sizeof (struct TALER_PaybackRequestPS)); + pr.coin_pub = coin->coin_pub; + pr.h_denom_pub = dki->issue.properties.denom_hash; + pr.coin_blind = *coin_bks; + + TEH_KS_release (key_state); + + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_PAYBACK, + &pr.purpose, + &coin_sig->eddsa_signature, + &coin->coin_pub.eddsa_pub)) + { + TALER_LOG_WARNING ("Invalid signature on /payback request\n"); + return TEH_RESPONSE_reply_signature_invalid (connection, + TALER_EC_PAYBACK_SIGNATURE_INVALID, + "coin_sig"); + } + + return TEH_DB_execute_payback (connection, + coin, + coin_bks, + coin_sig); +} + + +/** + * Handle a "/payback" request. Parses the JSON, and, if successful, + * passes the JSON data to #parse_and_handle_payback_request() to + * further check the details of the operation specified. If + * everything checks out, this will ultimately lead to the "/refund" + * being executed, or rejected. + * + * @param rh context of the handler + * @param connection the MHD connection to handle + * @param[in,out] connection_cls the connection's closure (can be updated) + * @param upload_data upload data + * @param[in,out] upload_data_size number of bytes (left) in @a upload_data + * @return MHD result code + */ +int +TEH_PAYBACK_handler_payback (struct TEH_RequestHandler *rh, + struct MHD_Connection *connection, + void **connection_cls, + const char *upload_data, + size_t *upload_data_size) +{ + json_t *json; + int res; + struct TALER_CoinPublicInfo coin; + struct TALER_DenominationBlindingKeyP coin_bks; + struct TALER_CoinSpendSignatureP coin_sig; + struct GNUNET_JSON_Specification spec[] = { + TALER_JSON_spec_denomination_public_key ("denom_pub", + &coin.denom_pub), + TALER_JSON_spec_denomination_signature ("ub_sig", + &coin.denom_sig), + GNUNET_JSON_spec_fixed_auto ("coin_pub", + &coin.coin_pub), + GNUNET_JSON_spec_fixed_auto ("coin_blind_key_secret", + &coin_bks), + GNUNET_JSON_spec_fixed_auto ("coin_sig", + &coin_sig), + GNUNET_JSON_spec_end () + }; + + res = TEH_PARSE_post_json (connection, + connection_cls, + upload_data, + upload_data_size, + &json); + if (GNUNET_SYSERR == res) + return MHD_NO; + if ( (GNUNET_NO == res) || (NULL == json) ) + return MHD_YES; + res = TEH_PARSE_json_data (connection, + json, + spec); + json_decref (json); + if (GNUNET_SYSERR == res) + return MHD_NO; /* hard failure */ + if (GNUNET_NO == res) + return MHD_YES; /* failure */ + res = verify_and_execute_payback (connection, + &coin, + &coin_bks, + &coin_sig); + GNUNET_JSON_parse_free (spec); + return res; +} + + +/* end of taler-exchange-httpd_payback.c */ diff --git a/src/exchange/taler-exchange-httpd_payback.h b/src/exchange/taler-exchange-httpd_payback.h new file mode 100644 index 000000000..4572db400 --- /dev/null +++ b/src/exchange/taler-exchange-httpd_payback.h @@ -0,0 +1,51 @@ +/* + This file is part of TALER + Copyright (C) 2017 GNUnet e.V. + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU Affero General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License along with + TALER; see the file COPYING. If not, see +*/ +/** + * @file taler-exchange-httpd_payback.h + * @brief Handle /payback requests + * @author Christian Grothoff + */ +#ifndef TALER_EXCHANGE_HTTPD_PAYBACK_H +#define TALER_EXCHANGE_HTTPD_PAYBACK_H + +#include +#include +#include "taler-exchange-httpd.h" + + +/** + * Handle a "/payback" request. Parses the JSON, and, if successful, + * passes the JSON data to #parse_and_handle_payback_request() to + * further check the details of the operation specified. If + * everything checks out, this will ultimately lead to the "/refund" + * being executed, or rejected. + * + * @param rh context of the handler + * @param connection the MHD connection to handle + * @param[in,out] connection_cls the connection's closure (can be updated) + * @param upload_data upload data + * @param[in,out] upload_data_size number of bytes (left) in @a upload_data + * @return MHD result code + */ +int +TEH_PAYBACK_handler_payback (struct TEH_RequestHandler *rh, + struct MHD_Connection *connection, + void **connection_cls, + const char *upload_data, + size_t *upload_data_size); + + +#endif diff --git a/src/exchange/taler-exchange-httpd_reserve.c b/src/exchange/taler-exchange-httpd_reserve.c index 0abe37c5a..78f8ff1d0 100644 --- a/src/exchange/taler-exchange-httpd_reserve.c +++ b/src/exchange/taler-exchange-httpd_reserve.c @@ -103,14 +103,14 @@ TEH_RESERVE_handler_reserve_withdraw (struct TEH_RequestHandler *rh, struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_varsize ("coin_ev", - (void **) &blinded_msg, - &blinded_msg_len), + (void **) &blinded_msg, + &blinded_msg_len), GNUNET_JSON_spec_fixed_auto ("reserve_pub", - &wsrd.reserve_pub), + &wsrd.reserve_pub), GNUNET_JSON_spec_fixed_auto ("reserve_sig", - &signature), + &signature), TALER_JSON_spec_denomination_public_key ("denom_pub", - &denomination_pub), + &denomination_pub), GNUNET_JSON_spec_end () }; diff --git a/src/include/taler_error_codes.h b/src/include/taler_error_codes.h index 817dd0eff..3c48a6d44 100644 --- a/src/include/taler_error_codes.h +++ b/src/include/taler_error_codes.h @@ -831,6 +831,27 @@ enum TALER_ErrorCode */ TALER_EC_TRACK_TRANSACTION_MERCHANT_SIGNATURE_INVALID = 1804, + /** + * The given denomination key is not in the "payback" set of the + * exchange right now. This response is provided with an + * HTTP status code of MHD_HTTP_NOT_FOUND. + */ + TALER_EC_PAYBACK_DENOMINATION_KEY_UNKNOWN = 1850, + + /** + * The given coin signature is invalid for the request. + * This response is provided with an + * HTTP status code of MHD_HTTP_UNAUTHORIZED. + */ + TALER_EC_PAYBACK_SIGNATURE_INVALID = 1851, + + /** + * The signature of the denomination key over the coin is not valid. + * This response is provided with HTTP status code + * MHD_HTTP_BAD_REQUEST. + */ + TALER_EC_PAYBACK_DENOMINATION_SIGNATURE_INVALID = 1852, + /* *********** Merchant backend error codes ********* */ -- cgit v1.2.3