diff options
| author | Marcello Stanisci <marcello.stanisci@inria.fr> | 2015-09-17 17:54:34 +0200 |
|---|---|---|
| committer | Marcello Stanisci <marcello.stanisci@inria.fr> | 2015-09-17 17:54:34 +0200 |
| commit | e84d5dc451ad9fe214a3014457a1cf0c0e504e9a (patch) | |
| tree | ac9d38bd5e9be95879bb21b4740bb2c3a95209a1 | |
| parent | d9ab393f2d85158e225cd50f85342d5211c40210 (diff) | |
| download | merchant-e84d5dc451ad9fe214a3014457a1cf0c0e504e9a.tar.gz merchant-e84d5dc451ad9fe214a3014457a1cf0c0e504e9a.tar.bz2 merchant-e84d5dc451ad9fe214a3014457a1cf0c0e504e9a.zip | |
now signing only the contract JSON's hash; no other information.
| -rw-r--r-- | src/backend-lib/taler-merchant-httpd_contract.c | 10 | ||||
| -rw-r--r-- | src/backend-lib/taler_merchant_contract_lib.h | 20 | ||||
| -rw-r--r-- | src/backend/taler-merchant-httpd.c | 32 | ||||
| -rw-r--r-- | src/frontend/README | 1 | ||||
| -rw-r--r-- | src/frontend/checkout.php | 5 | ||||
| -rw-r--r-- | src/frontend/generate_taler_contract.php | 67 | ||||
| -rw-r--r-- | src/frontend/index.html | 2 | ||||
| -rw-r--r-- | src/tests/merchant-contract-test.c | 4 |
8 files changed, 99 insertions, 42 deletions
diff --git a/src/backend-lib/taler-merchant-httpd_contract.c b/src/backend-lib/taler-merchant-httpd_contract.c index 319ca07c..9f0d7788 100644 --- a/src/backend-lib/taler-merchant-httpd_contract.c +++ b/src/backend-lib/taler-merchant-httpd_contract.c @@ -67,7 +67,7 @@ json_t * MERCHANT_handle_contract (json_t *j_contract, PGconn *db_conn, const struct MERCHANT_WIREFORMAT_Sepa *wire, - struct ContractNBO *contract) + struct Contract *contract) { json_t *root; json_t *j_details; @@ -145,15 +145,23 @@ MERCHANT_handle_contract (json_t *j_contract, a, nounce, json_integer_value (j_product_id))); + #ifdef OBSOLETE contract->h_wire = h_wire; TALER_amount_hton (&amount_nbo, &amount); contract->amount = amount_nbo; contract->t = GNUNET_TIME_absolute_hton (timestamp); contract->m = GNUNET_htonll ((uint64_t) j_trans_id); // safe? + #endif + GNUNET_CRYPTO_hash (a, strlen (a) + 1, &contract->h_contract_details); free (a); contract->purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_CONTRACT); + + #ifdef OBSOLETE contract->purpose.size = htonl (sizeof (struct ContractNBO)); + #endif + + contract->purpose.size = htonl (sizeof (struct Contract)); return root; } diff --git a/src/backend-lib/taler_merchant_contract_lib.h b/src/backend-lib/taler_merchant_contract_lib.h index 950e2061..45e8e097 100644 --- a/src/backend-lib/taler_merchant_contract_lib.h +++ b/src/backend-lib/taler_merchant_contract_lib.h @@ -1,3 +1,21 @@ +/** + * Simplified version of the contract to be signed, meant to obsolete + * 'struct ContractNBO'. + */ +struct Contract +{ + /** + * Purpose header for the signature over contract + */ + struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + + /** + * Hash of the JSON contract in UTF-8 including 0-termination, + * using JSON_COMPACT encoding with sorted fields. + */ + struct GNUNET_HashCode h_contract_details; + +}; GNUNET_NETWORK_STRUCT_BEGIN @@ -58,4 +76,4 @@ json_t * MERCHANT_handle_contract (json_t *j_contract, PGconn *db_conn, const struct MERCHANT_WIREFORMAT_Sepa *wire, - struct ContractNBO *contract); + struct Contract *contract); diff --git a/src/backend/taler-merchant-httpd.c b/src/backend/taler-merchant-httpd.c index 57a8b109..7336a49d 100644 --- a/src/backend/taler-merchant-httpd.c +++ b/src/backend/taler-merchant-httpd.c @@ -338,7 +338,11 @@ url_handler (void *cls, unsigned int no_destroy; struct GNUNET_CRYPTO_EddsaSignature c_sig; struct GNUNET_CRYPTO_EddsaPublicKey pub; + #ifdef OBSOLETE struct ContractNBO contract; + #else + struct Contract contract; + #endif struct MHD_Response *resp; json_t *j_contract_complete; json_t *root; @@ -452,13 +456,6 @@ url_handler (void *cls, goto end; } - #if 0 - /* FIXME TMH_RESPONSE_reply_json subverts the order of some fields */ - str = json_dumps (root_tmp, JSON_INDENT(2) | JSON_PRESERVE_ORDER); - printf ("%s\n", str); - return; - #endif - if (NULL == (j_contract_complete = MERCHANT_handle_contract (root_tmp, db_conn, wire, @@ -468,14 +465,6 @@ url_handler (void *cls, goto end; } - #if 0 - /* FIXME TMH_RESPONSE_reply_json subverts the order of some fields */ - str = json_dumps (j_contract_complete, JSON_INDENT(2) | JSON_PRESERVE_ORDER); - printf ("%s\n", str); - return; - #endif - - GNUNET_CRYPTO_eddsa_sign (privkey, &contract.purpose, &c_sig); /** @@ -495,15 +484,6 @@ url_handler (void *cls, "contract", j_contract_complete, "sig", j_sig_enc, "eddsa_pub", eddsa_pub_enc); - - - #if 1 - /* FIXME TMH_RESPONSE_reply_json subverts the order of some fields */ - str = json_dumps (response, JSON_INDENT(2) | JSON_PRESERVE_ORDER); - printf ("%s\n", str); - return; - #endif - TMH_RESPONSE_reply_json (connection, response, MHD_HTTP_OK); return MHD_YES; @@ -648,16 +628,14 @@ run (void *cls, char *const *args, const char *cfgfile, mint, GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_FAST)); } - - mhd = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY, port, NULL, NULL, &url_handler, NULL, MHD_OPTION_END); - EXITIF (NULL == mhd); + /* WARNING: a 'poll_mhd ()' call is here in the original merchant. Is that mandatory ? */ GNUNET_CRYPTO_hash (wire, sizeof (*wire), &h_wire); diff --git a/src/frontend/README b/src/frontend/README index 8cfb139e..fa26f81c 100644 --- a/src/frontend/README +++ b/src/frontend/README @@ -24,3 +24,4 @@ o pay.php | Actual receiving of money, plus it gives back a "fullfillment" page o toy | the nginx configuration file skeleton for this virtual server. To be tuned as needed. +o sample.json | JSON structure to be reproduced from the frontend, to be fed to the backend diff --git a/src/frontend/checkout.php b/src/frontend/checkout.php index d9542c3b..061f2028 100644 --- a/src/frontend/checkout.php +++ b/src/frontend/checkout.php @@ -92,8 +92,9 @@ function taler_pay(form) if (contract_request.status == 200) { /* display contract_requestificate (i.e. it sends the JSON string - to the extension) */ + to the extension) alert (contract_request.responseText); */ handle_contract(contract_request.responseText); + } else { @@ -172,7 +173,7 @@ function test_without_wallet(){ tbutton.removeAttribute("disabled"); }; -// test_without_wallet(); +test_without_wallet(); // Register event to be triggered by the wallet as a response to our // first event diff --git a/src/frontend/generate_taler_contract.php b/src/frontend/generate_taler_contract.php index 15c0841f..4cadb876 100644 --- a/src/frontend/generate_taler_contract.php +++ b/src/frontend/generate_taler_contract.php @@ -25,10 +25,12 @@ to the wallet */ +$cli_debug = !TRUE; + // 1) recover the session information session_start(); -if ( (! isset($_SESSION['receiver'])) || - (! isset($_SESSION['amount'])) ) +if (!$cli_debug && ((! isset($_SESSION['receiver'])) || + (! isset($_SESSION['amount']))) ) { http_response_code (404); echo "Please select a contract before getting to this page..."; @@ -37,8 +39,19 @@ if ( (! isset($_SESSION['receiver'])) || } /* Obtain session state */ -$receiver = $_SESSION['receiver']; -$amount = intval ($_SESSION['amount']); +if (!$cli_debug) +{ + $receiver = $_SESSION['receiver']; + $amount = intval ($_SESSION['amount']); +} +else +{ + $receiver = "Test Receiver"; + $amount = "5"; + +} + + /* Fill in variables for simple JSON contract */ // fake product id @@ -57,15 +70,49 @@ $value = $amount; $fraction = 0; // This is our 'toy' currency $currency = "KUDOS"; +// The tax for this deal +$teatax = array ('value' => 1, + 'fraction' => 0, + 'currency' => $currency); // pack the JSON for the contract // --- FIXME: exact format needs review! -$json = json_encode (array ('desc' => $desc, - 'product' => $p_id, - 'cid' => $transaction_id, - 'price' => array ('value' => $value, - 'fraction' => $fraction, - 'currency' => $currency))); +$json = json_encode (array ('amount' => array ('value' => $value, + 'fraction' => $fraction, + 'currency' => $currency), + 'max fee' => array ('value' => 3, + 'fraction' => 0, + 'currency' => $currency), + 'trans_id' => $transaction_id, + 'details' => + array ('items' => + array ('description' => $desc, + 'quantity' => 1, + 'itemprice' => array ('value' => $value, + 'fraction' => $fraction, + 'currency' => $currency)), + 'product_id' => $p_id, + 'taxes' => array (array ('teatax' => $teatax)), + 'delivery_date' => "Some Date Format", + 'delivery location' => 'LNAME1', + 'merchant' => array ('address' => 'LNAME2', + 'name' => 'test merchant', + 'jurisdiction' => + array ('country' => 'Test Country', + 'city' => 'Test City', + 'state' => 'Test State', + 'region' => 'Test Region', + 'province' => 'Test Province', + 'ZIP code' => 4908)), + 'L-names' => array (array ('LNAME1' => 'Test Address 1', + 'LNAME2' => 'Test Address 2')))));//, + //JSON_PRETTY_PRINT); + +if ($cli_debug && FALSE) +{ + echo $json . "\n"; + exit; +} // Craft the HTTP request, note that the backend // could be on an entirely different machine if diff --git a/src/frontend/index.html b/src/frontend/index.html index 02545475..4f7787cc 100644 --- a/src/frontend/index.html +++ b/src/frontend/index.html @@ -163,7 +163,7 @@ wallet_installed_cb(); } - // test_without_wallet(); + test_without_wallet(); /* Set up a listener to be called whenever a Wallet gets installed so that the user is led towards the demo's steps progressively */ diff --git a/src/tests/merchant-contract-test.c b/src/tests/merchant-contract-test.c index a1855203..c2a3cd0b 100644 --- a/src/tests/merchant-contract-test.c +++ b/src/tests/merchant-contract-test.c @@ -95,7 +95,11 @@ run (void *cls, char *const *args, const char *cfgfile, struct TALER_Amount amount; int64_t t_id; int64_t p_id; + #ifdef OBSOLETE struct ContractNBO contract; + #else + struct Contract contract; + #endif struct GNUNET_TIME_Absolute deldate; db_conn = NULL; |