Silent key checker when enc is invalid.

author: Marcello Stanisci <stanisci.m@gmail.com> 2020-03-31 15:32:12 +0200
committer: Marcello Stanisci <stanisci.m@gmail.com> 2020-03-31 15:32:12 +0200
commit: 4c196b7c81db58b379c04071ecf48625e53e439a (patch)
tree: c6409d59fd92aaeae82d4d5fa12a2629caf779bb
parent: e03560814c0c3e7ce0ad4056c165efce6a32c4a6 (diff)
download: libeufin-4c196b7c81db58b379c04071ecf48625e53e439a.tar.gz
libeufin-4c196b7c81db58b379c04071ecf48625e53e439a.tar.bz2
libeufin-4c196b7c81db58b379c04071ecf48625e53e439a.zip
4 files changed, 43 insertions, 15 deletions
diff --git a/cli/python/libeufin-cli b/cli/python/libeufin-cli
index 946ebd23..b8917155 100755
--- a/cli/python/libeufin-cli
+++ b/cli/python/libeufin-cli
@@ -96,6 +96,11 @@ def ebics(ctx):
     pass
 
 @cli.group()
+@click.pass_context
+def taler(ctx):
+    pass
+
+@cli.group()
 def native():
     pass
 
@@ -422,6 +427,20 @@ def crz(obj, account_id, date_range, nexus_base_url):
     resp = post(url, json=req)
     print(resp.content.decode("utf-8"))
 
+@taler.command(help="Separate payments with Taler-subject from the rest")
+@click.pass_obj
+@click.option(
+    "--account-id",
+    help="Numerical ID of the customer at the Nexus",
+    required=True
+)
+@click.argument(
+  "nexus-base-url"
+)
+def digest_transactions(obj, account_id, nexus_base_url):
+    url = urljoin(nexus_base_url, "/ebics/subscribers/{}/digest-incoming-transactions".format(account_id))
+    resp = post(url, json=dict())
+    print(resp.content.decode("utf-8"))
 
 @ebics.command(help="Show raw transactions from the Nexus database")
 @click.pass_obj
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
index 3c6e1798..7f3dae0a 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
@@ -643,7 +643,6 @@ fun main() {
 
                 return@get
             }
-
             /**
              * VERY taler-related behaviour, where the Nexus differentiates good
              * incoming transactions (those with a valid subject, i.e. a public key),
@@ -653,19 +652,23 @@ fun main() {
                 val id = expectId(call.parameters["id"])
                 // first find highest ID value of already processed rows.
                 transaction {
+                    // avoid re-processing raw payments
                     val latest = TalerIncomingPaymentEntry.all().sortedByDescending {
                         it.payment.id
-                    }.firstOrNull() ?: throw NexusError(
-                        HttpStatusCode.NotFound, "No payments to process"
-                    )
-                    EbicsRawBankTransactionEntry.find {
-                        EbicsRawBankTransactionsTable.id.greater(latest.id) and
-                                (EbicsRawBankTransactionsTable.nexusSubscriber eq id)
-                    }.forEach {
-                        if (CryptoUtil.checkValidEddsaPublicKey(
-                                Base32Crockford.decode(it.unstructuredRemittanceInformation)
-                            )
-                        ) {
+                    }.firstOrNull()
+
+                    val payments = if (latest == null) {
+                        EbicsRawBankTransactionEntry.find {
+                            EbicsRawBankTransactionsTable.nexusSubscriber eq id
+                        }
+                    } else {
+                        EbicsRawBankTransactionEntry.find {
+                            EbicsRawBankTransactionsTable.id.greater(latest.id) and
+                                    (EbicsRawBankTransactionsTable.nexusSubscriber eq id)
+                        }
+                    }
+                    payments.forEach {
+                        if (CryptoUtil.checkValidEddsaPublicKey(it.unstructuredRemittanceInformation)) {
                             TalerIncomingPaymentEntry.new {
                                 payment = it
                                 valid = true
diff --git a/util/src/main/kotlin/CryptoUtil.kt b/util/src/main/kotlin/CryptoUtil.kt
index 3e98971d..413ce4a7 100644
--- a/util/src/main/kotlin/CryptoUtil.kt
+++ b/util/src/main/kotlin/CryptoUtil.kt
@@ -19,6 +19,7 @@
 
 package tech.libeufin.util
 
+import net.taler.wallet.crypto.Base32Crockford
 import org.bouncycastle.jce.provider.BouncyCastleProvider
 import org.slf4j.Logger
 import org.slf4j.LoggerFactory
@@ -285,7 +286,12 @@ object CryptoUtil {
         return bundle.encoded
     }
 
-    fun checkValidEddsaPublicKey(data: ByteArray): Boolean {
+    fun checkValidEddsaPublicKey(enc: String): Boolean {
+        val data = try {
+            Base32Crockford.decode(enc)
+        } catch (e: Exception) {
+            return false
+        }
         if (data.size != 32) {
             return false
         }
diff --git a/util/src/test/kotlin/CryptoUtilTest.kt b/util/src/test/kotlin/CryptoUtilTest.kt
index bdd8d7e1..705f4434 100644
--- a/util/src/test/kotlin/CryptoUtilTest.kt
+++ b/util/src/test/kotlin/CryptoUtilTest.kt
@@ -150,8 +150,8 @@ class CryptoUtilTest {
         val givenEnc = "XZH3P6NF9DSG3BH0C082X38N2RVK1RV2H24KF76028QBKDM24BCG"
         val non32bytes = "N2RVK1RV2H24KF76028QBKDM24BCG"
 
-        assertTrue(CryptoUtil.checkValidEddsaPublicKey(Base32Crockford.decode(givenEnc)))
-        assertFalse(CryptoUtil.checkValidEddsaPublicKey(Base32Crockford.decode(non32bytes)))
+        assertTrue(CryptoUtil.checkValidEddsaPublicKey(givenEnc))
+        assertFalse(CryptoUtil.checkValidEddsaPublicKey(non32bytes))
     }
 
     @Test
author	Marcello Stanisci <stanisci.m@gmail.com>	2020-03-31 15:32:12 +0200
committer	Marcello Stanisci <stanisci.m@gmail.com>	2020-03-31 15:32:12 +0200
commit	4c196b7c81db58b379c04071ecf48625e53e439a (patch)
tree	c6409d59fd92aaeae82d4d5fa12a2629caf779bb
parent	e03560814c0c3e7ce0ad4056c165efce6a32c4a6 (diff)
download	libeufin-4c196b7c81db58b379c04071ecf48625e53e439a.tar.gz libeufin-4c196b7c81db58b379c04071ecf48625e53e439a.tar.bz2 libeufin-4c196b7c81db58b379c04071ecf48625e53e439a.zip