From 415c922c929a2d0a1a7263a406cdd793b0d40cb3 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 7 May 2022 23:41:33 +0200 Subject: -address FIXMEs for purses GET requests --- src/exchange/taler-exchange-httpd_purses_get.c | 40 ++++++++++++++------ src/include/taler_exchange_service.h | 10 ++++- src/lib/exchange_api_purses_get.c | 51 +++++++++++++++++++------- 3 files changed, 75 insertions(+), 26 deletions(-) (limited to 'src') diff --git a/src/exchange/taler-exchange-httpd_purses_get.c b/src/exchange/taler-exchange-httpd_purses_get.c index 59cfa35fa..b363d69ff 100644 --- a/src/exchange/taler-exchange-httpd_purses_get.c +++ b/src/exchange/taler-exchange-httpd_purses_get.c @@ -364,6 +364,9 @@ TEH_handler_purses_get (struct TEH_RequestContext *rc, { struct GNUNET_TIME_Timestamp dt = GNUNET_TIME_timestamp_get (); + struct TALER_ExchangePublicKeyP exchange_pub; + struct TALER_ExchangeSignatureP exchange_sig; + enum TALER_ErrorCode ec; if (GNUNET_TIME_timestamp_cmp (dt, >, @@ -373,17 +376,32 @@ TEH_handler_purses_get (struct TEH_RequestContext *rc, TALER_amount_cmp (&gc->amount, &gc->deposited)) dt = GNUNET_TIME_UNIT_ZERO_TS; - - // FIXME: add exchange signature!? - // FIXME: return amount? - res = TALER_MHD_REPLY_JSON_PACK ( - rc->connection, - MHD_HTTP_OK, - GNUNET_JSON_pack_timestamp ("merge_timestamp", - gc->merge_timestamp), - GNUNET_JSON_pack_timestamp ("deposit_timestamp", - dt) - ); + if (TALER_EC_NONE != + (ec = TALER_exchange_purse_status_sign ( + &TEH_keys_exchange_sign_, + gc->merge_timestamp, + dt, + &gc->deposited, + &exchange_pub, + &exchange_sig))) + res = TALER_MHD_reply_with_ec (rc->connection, + ec, + NULL); + else + res = TALER_MHD_REPLY_JSON_PACK ( + rc->connection, + MHD_HTTP_OK, + TALER_JSON_pack_amount ("balance", + &gc->deposited), + GNUNET_JSON_pack_data_auto ("exchange_sig", + &exchange_sig), + GNUNET_JSON_pack_data_auto ("exchange_pub", + &exchange_pub), + GNUNET_JSON_pack_timestamp ("merge_timestamp", + gc->merge_timestamp), + GNUNET_JSON_pack_timestamp ("deposit_timestamp", + dt) + ); } return res; } diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index 2a88c1014..756e9cd99 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -4097,6 +4097,12 @@ struct TALER_EXCHANGE_PurseGetResponse */ struct GNUNET_TIME_Timestamp deposit_timestamp; + /** + * Reserve balance (how much was deposited in + * total into the reserve, minus deposit fees). + */ + struct TALER_Amount balance; + } success; } details; @@ -4126,7 +4132,7 @@ struct TALER_EXCHANGE_PurseGetHandle; * Request information about a purse from the exchange. * * @param exchange exchange handle - * @param purse_priv private key of the purse + * @param purse_pub public key of the purse * @param timeout how long to wait for a change to happen * @param wait_for_merge true to wait for a merge event, otherwise wait for a deposit event * @param cb function to call with the exchange's result @@ -4136,7 +4142,7 @@ struct TALER_EXCHANGE_PurseGetHandle; struct TALER_EXCHANGE_PurseGetHandle * TALER_EXCHANGE_purse_get ( struct TALER_EXCHANGE_Handle *exchange, - const struct TALER_PurseContractPrivateKeyP *purse_priv, + const struct TALER_PurseContractPublicKeyP *purse_pub, struct GNUNET_TIME_Relative timeout, bool wait_for_merge, TALER_EXCHANGE_PurseGetCallback cb, diff --git a/src/lib/exchange_api_purses_get.c b/src/lib/exchange_api_purses_get.c index b3cb7e662..8bd832411 100644 --- a/src/lib/exchange_api_purses_get.c +++ b/src/lib/exchange_api_purses_get.c @@ -94,14 +94,22 @@ handle_purse_get_finished (void *cls, break; case MHD_HTTP_OK: { - // FIXME: check exchange signature! + struct TALER_ExchangePublicKeyP exchange_pub; + struct TALER_ExchangeSignatureP exchange_sig; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_timestamp ("merge_timestamp", &dr.details.success.merge_timestamp), GNUNET_JSON_spec_timestamp ("deposit_timestamp", &dr.details.success.deposit_timestamp), + TALER_JSON_spec_amount_any ("balance", + &dr.details.success.balance), + GNUNET_JSON_spec_fixed_auto ("exchange_pub", + &exchange_pub), + GNUNET_JSON_spec_fixed_auto ("exchange_sig", + &exchange_sig), GNUNET_JSON_spec_end () }; + const struct TALER_EXCHANGE_Keys *key_state; if (GNUNET_OK != GNUNET_JSON_parse (j, @@ -113,6 +121,30 @@ handle_purse_get_finished (void *cls, dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED; break; } + + key_state = TALER_EXCHANGE_get_keys (pgh->exchange); + if (GNUNET_OK != + TALER_EXCHANGE_test_signing_key (key_state, + &exchange_pub)) + { + GNUNET_break_op (0); + dr.hr.http_status = 0; + dr.hr.ec = TALER_EC_EXCHANGE_PURSES_GET_INVALID_SIGNATURE_BY_EXCHANGE; + break; + } + if (GNUNET_OK != + TALER_exchange_purse_status_verify ( + dr.details.success.merge_timestamp, + dr.details.success.deposit_timestamp, + &dr.details.success.balance, + &exchange_pub, + &exchange_sig)) + { + GNUNET_break_op (0); + dr.hr.http_status = 0; + dr.hr.ec = TALER_EC_EXCHANGE_PURSES_GET_INVALID_SIGNATURE_BY_EXCHANGE; + break; + } pgh->cb (pgh->cb_cls, &dr); TALER_EXCHANGE_purse_get_cancel (pgh); @@ -163,7 +195,7 @@ handle_purse_get_finished (void *cls, struct TALER_EXCHANGE_PurseGetHandle * TALER_EXCHANGE_purse_get ( struct TALER_EXCHANGE_Handle *exchange, - const struct TALER_PurseContractPrivateKeyP *purse_priv, + const struct TALER_PurseContractPublicKeyP *purse_pub, struct GNUNET_TIME_Relative timeout, bool wait_for_merge, TALER_EXCHANGE_PurseGetCallback cb, @@ -171,8 +203,7 @@ TALER_EXCHANGE_purse_get ( { struct TALER_EXCHANGE_PurseGetHandle *pgh; CURL *eh; - struct TALER_PurseContractPublicKeyP purse_pub; - char arg_str[sizeof (purse_pub) * 2 + 64]; + char arg_str[sizeof (*purse_pub) * 2 + 64]; if (GNUNET_YES != TEAH_handle_is_ready (exchange)) @@ -184,15 +215,13 @@ TALER_EXCHANGE_purse_get ( pgh->exchange = exchange; pgh->cb = cb; pgh->cb_cls = cb_cls; - GNUNET_CRYPTO_eddsa_key_get_public (&purse_priv->eddsa_priv, - &purse_pub.eddsa_pub); { - char cpub_str[sizeof (purse_pub) * 2]; + char cpub_str[sizeof (*purse_pub) * 2]; char *end; char timeout_str[32]; - end = GNUNET_STRINGS_data_to_string (&purse_pub, - sizeof (purse_pub), + end = GNUNET_STRINGS_data_to_string (purse_pub, + sizeof (*purse_pub), cpub_str, sizeof (cpub_str)); *end = '\0'; @@ -231,10 +260,6 @@ TALER_EXCHANGE_purse_get ( GNUNET_free (pgh); return NULL; } - /* FIXME: add signature with purse_priv - to authorize the GET request!? Or - decide it is non-critical and only - pass purse_pub? */ pgh->job = GNUNET_CURL_job_add (TEAH_handle_to_context (exchange), eh, &handle_purse_get_finished, -- cgit v1.2.3