From a064ca705efe56ded01bc59cf575f17792a4b452 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Fri, 17 Jan 2020 20:20:28 +0100 Subject: check currencies match first --- src/lib/exchange_api_common.c | 27 ++++++++++++++++++--------- src/lib/exchange_api_reserve.c | 25 ++++++++++++++++++++++++- 2 files changed, 42 insertions(+), 10 deletions(-) (limited to 'src/lib') diff --git a/src/lib/exchange_api_common.c b/src/lib/exchange_api_common.c index 04b87cbb9..649752021 100644 --- a/src/lib/exchange_api_common.c +++ b/src/lib/exchange_api_common.c @@ -139,9 +139,12 @@ TALER_EXCHANGE_verify_coin_history (const struct /* check that deposit fee matches our expectations from /keys! */ TALER_amount_ntoh (&fee, &dr.deposit_fee); - if (0 != - TALER_amount_cmp (&fee, - &dk->fee_deposit)) + if ( (GNUNET_YES != + TALER_amount_cmp_currency (&fee, + &dki->fee_deposit)) || + (0 != + TALER_amount_cmp (&fee, + &dk->fee_deposit)) ) { GNUNET_break_op (0); return GNUNET_SYSERR; @@ -188,9 +191,12 @@ TALER_EXCHANGE_verify_coin_history (const struct /* check that melt fee matches our expectations from /keys! */ TALER_amount_ntoh (&fee, &rm.melt_fee); - if (0 != - TALER_amount_cmp (&fee, - &dk->fee_refresh)) + if ( (GNUNET_YES != + TALER_amount_cmp_currency (&fee, + &dki->fee_refresh)) || + (0 != + TALER_amount_cmp (&fee, + &dk->fee_refresh)) ) { GNUNET_break_op (0); return GNUNET_SYSERR; @@ -249,9 +255,12 @@ TALER_EXCHANGE_verify_coin_history (const struct /* check that refund fee matches our expectations from /keys! */ TALER_amount_ntoh (&fee, &rr.refund_fee); - if (0 != - TALER_amount_cmp (&fee, - &dk->fee_refund)) + if ( (GNUNET_YES != + TALER_amount_cmp_currency (&fee, + &dki->fee_refund)) || + (0 != + TALER_amount_cmp (&fee, + &dk->fee_refund)) ) { GNUNET_break_op (0); return GNUNET_SYSERR; diff --git a/src/lib/exchange_api_reserve.c b/src/lib/exchange_api_reserve.c index bb898b52d..2f9b0e9de 100644 --- a/src/lib/exchange_api_reserve.c +++ b/src/lib/exchange_api_reserve.c @@ -224,7 +224,30 @@ parse_reserve_history (struct TALER_EXCHANGE_Handle *exchange, GNUNET_JSON_parse_free (withdraw_spec); return GNUNET_SYSERR; } - /* TODO: check that withdraw fee matches expectations! */ + /* check that withdraw fee matches expectations! */ + { + const struct TALER_EXCHANGE_Keys *key_state; + const struct TALER_EXCHANGE_DenomPublicKey *dki; + struct TALER_Amount fee; + + key_state = TALER_EXCHANGE_get_keys (exchange); + dki = TALER_EXCHANGE_get_denomination_key_by_hash (key_state, + &withdraw_purpose. + h_denomination_pub); + TALER_amount_ntoh (&fee, + &withdraw_purpose.withdraw_fee); + if ( (GNUNET_YES != + TALER_amount_cmp_currency (&fee, + &dki->fee_withdraw)) || + (0 != + TALER_amount_cmp (&fee, + &dki->fee_withdraw)) ) + { + GNUNET_break_op (0); + GNUNET_JSON_parse_free (withdraw_spec); + return GNUNET_SYSERR; + } + } rhistory[off].details.out_authorization_sig = json_object_get (transaction, "signature"); -- cgit v1.2.3