From 2635f2e0b8246a08e3456ced3068fe161b07a87b Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 27 Sep 2022 16:10:00 +0200 Subject: implement exchange_api_reserves_attest.c --- src/lib/Makefile.am | 1 + src/lib/exchange_api_reserves_attest.c | 358 +++++++++++++++++++++++++++++++++ 2 files changed, 359 insertions(+) create mode 100644 src/lib/exchange_api_reserves_attest.c (limited to 'src/lib') diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am index df02dc097..e695cf043 100644 --- a/src/lib/Makefile.am +++ b/src/lib/Makefile.am @@ -60,6 +60,7 @@ libtalerexchange_la_SOURCES = \ exchange_api_refresh_common.c exchange_api_refresh_common.h \ exchange_api_refreshes_reveal.c \ exchange_api_refund.c \ + exchange_api_reserves_attest.c \ exchange_api_reserves_close.c \ exchange_api_reserves_get.c \ exchange_api_reserves_get_attestable.c \ diff --git a/src/lib/exchange_api_reserves_attest.c b/src/lib/exchange_api_reserves_attest.c new file mode 100644 index 000000000..5ccc18e5a --- /dev/null +++ b/src/lib/exchange_api_reserves_attest.c @@ -0,0 +1,358 @@ +/* + This file is part of TALER + Copyright (C) 2014-2022 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see + +*/ +/** + * @file lib/exchange_api_reserves_attest.c + * @brief Implementation of the POST /reserves/$RESERVE_PUB/attest requests + * @author Christian Grothoff + */ +#include "platform.h" +#include +#include /* just for HTTP attest codes */ +#include +#include +#include +#include "taler_exchange_service.h" +#include "taler_json_lib.h" +#include "exchange_api_handle.h" +#include "taler_signatures.h" +#include "exchange_api_curl_defaults.h" + + +/** + * @brief A /reserves/$RID/attest Handle + */ +struct TALER_EXCHANGE_ReservesAttestHandle +{ + + /** + * The connection to exchange this request handle will use + */ + struct TALER_EXCHANGE_Handle *exchange; + + /** + * The url for this request. + */ + char *url; + + /** + * Handle for the request. + */ + struct GNUNET_CURL_Job *job; + + /** + * Context for #TEH_curl_easy_post(). Keeps the data that must + * persist for Curl to make the upload. + */ + struct TALER_CURL_PostContext post_ctx; + + /** + * Function to call with the result. + */ + TALER_EXCHANGE_ReservesPostAttestCallback cb; + + /** + * Public key of the reserve we are querying. + */ + struct TALER_ReservePublicKeyP reserve_pub; + + /** + * Closure for @a cb. + */ + void *cb_cls; + +}; + + +/** + * We received an #MHD_HTTP_OK attest code. Handle the JSON + * response. + * + * @param rsh handle of the request + * @param j JSON response + * @return #GNUNET_OK on success + */ +static enum GNUNET_GenericReturnValue +handle_reserves_attest_ok (struct TALER_EXCHANGE_ReservesAttestHandle *rsh, + const json_t *j) +{ + struct TALER_EXCHANGE_ReservePostAttestResult rs = { + .hr.reply = j, + .hr.http_status = MHD_HTTP_OK + }; + json_t *attributes; + struct GNUNET_JSON_Specification spec[] = { + GNUNET_JSON_spec_timestamp ("exchange_timestamp", + &rs.details.ok.exchange_time), + GNUNET_JSON_spec_timestamp ("exchange_timestamp", + &rs.details.ok.expiration_time), + GNUNET_JSON_spec_fixed_auto ("exchange_sig", + &rs.details.ok.exchange_sig), + GNUNET_JSON_spec_fixed_auto ("exchange_pub", + &rs.details.ok.exchange_pub), + GNUNET_JSON_spec_json ("attributes", + &attributes), + GNUNET_JSON_spec_end () + }; + + if (GNUNET_OK != + GNUNET_JSON_parse (j, + spec, + NULL, + NULL)) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + rs.details.ok.attributes = attributes; + if (GNUNET_OK != + TALER_exchange_online_reserve_attest_details_verify ( + rs.details.ok.exchange_time, + rs.details.ok.expiration_time, + &rsh->reserve_pub, + attributes, + &rs.details.ok.exchange_pub, + &rs.details.ok.exchange_sig)) + { + GNUNET_break_op (0); + GNUNET_JSON_parse_free (spec); + return GNUNET_SYSERR; + } + // FIXME: verify exchange signature! + // => needs crypto API first! + rsh->cb (rsh->cb_cls, + &rs); + rsh->cb = NULL; + GNUNET_JSON_parse_free (spec); + return GNUNET_OK; +} + + +/** + * Function called when we're done processing the + * HTTP /reserves/$RID/attest request. + * + * @param cls the `struct TALER_EXCHANGE_ReservesAttestHandle` + * @param response_code HTTP response code, 0 on error + * @param response parsed JSON result, NULL on error + */ +static void +handle_reserves_attest_finished (void *cls, + long response_code, + const void *response) +{ + struct TALER_EXCHANGE_ReservesAttestHandle *rsh = cls; + const json_t *j = response; + struct TALER_EXCHANGE_ReservePostAttestResult rs = { + .hr.reply = j, + .hr.http_status = (unsigned int) response_code + }; + + rsh->job = NULL; + switch (response_code) + { + case 0: + rs.hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE; + break; + case MHD_HTTP_OK: + if (GNUNET_OK != + handle_reserves_attest_ok (rsh, + j)) + { + rs.hr.http_status = 0; + rs.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; + } + break; + case MHD_HTTP_BAD_REQUEST: + /* This should never happen, either us or the exchange is buggy + (or API version conflict); just pass JSON reply to the application */ + GNUNET_break (0); + rs.hr.ec = TALER_JSON_get_error_code (j); + rs.hr.hint = TALER_JSON_get_error_hint (j); + break; + case MHD_HTTP_FORBIDDEN: + /* This should never happen, either us or the exchange is buggy + (or API version conflict); just pass JSON reply to the application */ + GNUNET_break (0); + rs.hr.ec = TALER_JSON_get_error_code (j); + rs.hr.hint = TALER_JSON_get_error_hint (j); + break; + case MHD_HTTP_NOT_FOUND: + /* Nothing really to verify, this should never + happen, we should pass the JSON reply to the application */ + rs.hr.ec = TALER_JSON_get_error_code (j); + rs.hr.hint = TALER_JSON_get_error_hint (j); + break; + case MHD_HTTP_CONFLICT: + /* Server doesn't have the requested attributes */ + rs.hr.ec = TALER_JSON_get_error_code (j); + rs.hr.hint = TALER_JSON_get_error_hint (j); + break; + case MHD_HTTP_INTERNAL_SERVER_ERROR: + /* Server had an internal issue; we should retry, but this API + leaves this to the application */ + rs.hr.ec = TALER_JSON_get_error_code (j); + rs.hr.hint = TALER_JSON_get_error_hint (j); + break; + default: + /* unexpected response code */ + GNUNET_break_op (0); + rs.hr.ec = TALER_JSON_get_error_code (j); + rs.hr.hint = TALER_JSON_get_error_hint (j); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Unexpected response code %u/%d for reserves attest\n", + (unsigned int) response_code, + (int) rs.hr.ec); + break; + } + if (NULL != rsh->cb) + { + rsh->cb (rsh->cb_cls, + &rs); + rsh->cb = NULL; + } + TALER_EXCHANGE_reserves_attest_cancel (rsh); +} + + +struct TALER_EXCHANGE_ReservesAttestHandle * +TALER_EXCHANGE_reserves_attest ( + struct TALER_EXCHANGE_Handle *exchange, + const struct TALER_ReservePrivateKeyP *reserve_priv, + unsigned int attributes_length, + const char *const*attributes, + TALER_EXCHANGE_ReservesPostAttestCallback cb, + void *cb_cls) +{ + struct TALER_EXCHANGE_ReservesAttestHandle *rsh; + struct GNUNET_CURL_Context *ctx; + CURL *eh; + char arg_str[sizeof (struct TALER_ReservePublicKeyP) * 2 + 32]; + struct TALER_ReserveSignatureP reserve_sig; + json_t *details; + struct GNUNET_TIME_Timestamp ts; + + if (0 == attributes_length) + { + GNUNET_break (0); + return NULL; + } + if (GNUNET_YES != + TEAH_handle_is_ready (exchange)) + { + GNUNET_break (0); + return NULL; + } + details = json_array (); + GNUNET_assert (NULL != details); + for (unsigned int i = 0; iexchange = exchange; + rsh->cb = cb; + rsh->cb_cls = cb_cls; + GNUNET_CRYPTO_eddsa_key_get_public (&reserve_priv->eddsa_priv, + &rsh->reserve_pub.eddsa_pub); + { + char pub_str[sizeof (struct TALER_ReservePublicKeyP) * 2]; + char *end; + + end = GNUNET_STRINGS_data_to_string ( + &rsh->reserve_pub, + sizeof (rsh->reserve_pub), + pub_str, + sizeof (pub_str)); + *end = '\0'; + GNUNET_snprintf (arg_str, + sizeof (arg_str), + "/reserves/%s/attest", + pub_str); + } + rsh->url = TEAH_path_to_url (exchange, + arg_str); + if (NULL == rsh->url) + { + json_decref (details); + GNUNET_free (rsh); + return NULL; + } + eh = TALER_EXCHANGE_curl_easy_get_ (rsh->url); + if (NULL == eh) + { + GNUNET_break (0); + json_decref (details); + GNUNET_free (rsh->url); + GNUNET_free (rsh); + return NULL; + } + ts = GNUNET_TIME_timestamp_get (); + TALER_wallet_reserve_attest_request_sign (ts, + details, + reserve_priv, + &reserve_sig); + { + json_t *attest_obj = GNUNET_JSON_PACK ( + GNUNET_JSON_pack_data_auto ("reserve_sig", + &reserve_sig), + GNUNET_JSON_pack_timestamp ("request_timestamp", + ts), + GNUNET_JSON_pack_object_steal ("details", + details)); + + if (GNUNET_OK != + TALER_curl_easy_post (&rsh->post_ctx, + eh, + attest_obj)) + { + GNUNET_break (0); + curl_easy_cleanup (eh); + json_decref (attest_obj); + GNUNET_free (rsh->url); + GNUNET_free (rsh); + return NULL; + } + json_decref (attest_obj); + } + ctx = TEAH_handle_to_context (exchange); + rsh->job = GNUNET_CURL_job_add2 (ctx, + eh, + rsh->post_ctx.headers, + &handle_reserves_attest_finished, + rsh); + return rsh; +} + + +void +TALER_EXCHANGE_reserves_attest_cancel ( + struct TALER_EXCHANGE_ReservesAttestHandle *rsh) +{ + if (NULL != rsh->job) + { + GNUNET_CURL_job_cancel (rsh->job); + rsh->job = NULL; + } + TALER_curl_easy_post_finished (&rsh->post_ctx); + GNUNET_free (rsh->url); + GNUNET_free (rsh); +} + + +/* end of exchange_api_reserves_attest.c */ -- cgit v1.2.3