From 9d6e1040669435dfa2ab93abd4f1669c7bf90871 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Sat, 6 Nov 2021 19:43:47 +0100
Subject: include h_extensions in deposit confirmation

---
 src/lib/auditor_api_deposit_confirmation.c | 91 ++++++++----------------------
 1 file changed, 25 insertions(+), 66 deletions(-)

(limited to 'src/lib/auditor_api_deposit_confirmation.c')

diff --git a/src/lib/auditor_api_deposit_confirmation.c b/src/lib/auditor_api_deposit_confirmation.c
index 89f67f92e..41f9d5e42 100644
--- a/src/lib/auditor_api_deposit_confirmation.c
+++ b/src/lib/auditor_api_deposit_confirmation.c
@@ -168,10 +168,11 @@ handle_deposit_confirmation_finished (void *cls,
  * @param master_sig master signature affirming validity of @a exchange_pub
  * @return #GNUNET_OK if signatures are OK, #GNUNET_SYSERR if not
  */
-static int
+static enum GNUNET_GenericReturnValue
 verify_signatures (const struct TALER_MerchantWireHash *h_wire,
                    const struct TALER_PrivateContractHash *h_contract_terms,
                    struct GNUNET_TIME_Absolute exchange_timestamp,
+                   struct GNUNET_TIME_Absolute wire_deadline,
                    struct GNUNET_TIME_Absolute refund_deadline,
                    const struct TALER_Amount *amount_without_fee,
                    const struct TALER_CoinSpendPublicKeyP *coin_pub,
@@ -184,36 +185,29 @@ verify_signatures (const struct TALER_MerchantWireHash *h_wire,
                    struct GNUNET_TIME_Absolute ep_end,
                    const struct TALER_MasterSignatureP *master_sig)
 {
+  if (GNUNET_OK !=
+      TALER_exchange_deposit_confirm_verify (h_contract_terms,
+                                             h_wire,
+                                             NULL /* h_extensions! */,
+                                             exchange_timestamp,
+                                             wire_deadline,
+                                             refund_deadline,
+                                             amount_without_fee,
+                                             coin_pub,
+                                             merchant_pub,
+                                             exchange_pub,
+                                             exchange_sig))
   {
-    struct TALER_DepositConfirmationPS dc = {
-      .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT),
-      .purpose.size = htonl (sizeof (dc)),
-      .h_contract_terms = *h_contract_terms,
-      .h_wire = *h_wire,
-      .exchange_timestamp = GNUNET_TIME_absolute_hton (exchange_timestamp),
-      .refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline),
-      .coin_pub = *coin_pub,
-      .merchant = *merchant_pub
-    };
-
-    TALER_amount_hton (&dc.amount_without_fee,
-                       amount_without_fee);
-    if (GNUNET_OK !=
-        GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT,
-                                    &dc,
-                                    &exchange_sig->eddsa_signature,
-                                    &exchange_pub->eddsa_pub))
+    GNUNET_break_op (0);
+    TALER_LOG_WARNING (
+      "Invalid signature on /deposit-confirmation request!\n");
     {
-      GNUNET_break_op (0);
-      TALER_LOG_WARNING (
-        "Invalid signature on /deposit-confirmation request!\n");
-      {
-        TALER_LOG_DEBUG ("... amount_without_fee was %s\n",
-                         TALER_amount2s (amount_without_fee));
-      }
-      return GNUNET_SYSERR;
+      TALER_LOG_DEBUG ("... amount_without_fee was %s\n",
+                       TALER_amount2s (amount_without_fee));
     }
+    return GNUNET_SYSERR;
   }
+
   if (GNUNET_OK !=
       TALER_exchange_offline_signkey_validity_verify (
         exchange_pub,
@@ -237,45 +231,13 @@ verify_signatures (const struct TALER_MerchantWireHash *h_wire,
 }
 
 
-/**
- * Submit a deposit-confirmation permission to the auditor and get the
- * auditor's response.  Note that while we return the response
- * verbatim to the caller for further processing, we do already verify
- * that the response is well-formed.  If the auditor's reply is not
- * well-formed, we return an HTTP status code of zero to @a cb.
- *
- * We also verify that the @a exchange_sig is valid for this deposit-confirmation
- * request, and that the @a master_sig is a valid signature for @a
- * exchange_pub.  Also, the @a auditor must be ready to operate (i.e.  have
- * finished processing the /version reply).  If either check fails, we do
- * NOT initiate the transaction with the auditor and instead return NULL.
- *
- * @param auditor the auditor handle; the auditor must be ready to operate
- * @param h_wire hash of merchant wire details
- * @param h_contract_terms hash of the contact of the merchant with the customer (further details are never disclosed to the auditor)
- * @param exchange_timestamp timestamp when deposit was received by the exchange
- * @param refund_deadline date until which the merchant can issue a refund to the customer via the auditor (can be zero if refunds are not allowed); must not be after the @a wire_deadline
- * @param amount_without_fee the amount confirmed to be wired by the exchange to the merchant
- * @param coin_pub coin’s public key
- * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests)
- * @param exchange_sig the signature made with purpose #TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT
- * @param exchange_pub the public key of the exchange that matches @a exchange_sig
- * @param master_pub master public key of the exchange
- * @param ep_start when does @a exchange_pub validity start
- * @param ep_expire when does @a exchange_pub usage end
- * @param ep_end when does @a exchange_pub legal validity end
- * @param master_sig master signature affirming validity of @a exchange_pub
- * @param cb the callback to call when a reply for this request is available
- * @param cb_cls closure for the above callback
- * @return a handle for this request; NULL if the inputs are invalid (i.e.
- *         signatures fail to verify).  In this case, the callback is not called.
- */
 struct TALER_AUDITOR_DepositConfirmationHandle *
 TALER_AUDITOR_deposit_confirmation (
   struct TALER_AUDITOR_Handle *auditor,
   const struct TALER_MerchantWireHash *h_wire,
   const struct TALER_PrivateContractHash *h_contract_terms,
   struct GNUNET_TIME_Absolute exchange_timestamp,
+  struct GNUNET_TIME_Absolute wire_deadline,
   struct GNUNET_TIME_Absolute refund_deadline,
   const struct TALER_Amount *amount_without_fee,
   const struct TALER_CoinSpendPublicKeyP *coin_pub,
@@ -306,6 +268,7 @@ TALER_AUDITOR_deposit_confirmation (
       verify_signatures (h_wire,
                          h_contract_terms,
                          exchange_timestamp,
+                         wire_deadline,
                          refund_deadline,
                          amount_without_fee,
                          coin_pub,
@@ -332,6 +295,8 @@ TALER_AUDITOR_deposit_confirmation (
                                    exchange_timestamp),
         GNUNET_JSON_pack_time_abs ("refund_deadline",
                                    refund_deadline),
+        GNUNET_JSON_pack_time_abs ("wire_deadline",
+                                   wire_deadline),
         TALER_JSON_pack_amount ("amount_without_fee",
                                 amount_without_fee),
         GNUNET_JSON_pack_data_auto ("coin_pub",
@@ -397,12 +362,6 @@ TALER_AUDITOR_deposit_confirmation (
 }
 
 
-/**
- * Cancel a deposit-confirmation permission request.  This function cannot be used
- * on a request handle if a response is already served for it.
- *
- * @param deposit_confirmation the deposit-confirmation permission request handle
- */
 void
 TALER_AUDITOR_deposit_confirmation_cancel (
   struct TALER_AUDITOR_DepositConfirmationHandle *deposit_confirmation)
-- 
cgit v1.2.3