diff options
| -rw-r--r-- | src/auditor/taler-auditor-httpd_deposit-confirmation.c | 46 | ||||
| -rw-r--r-- | src/auditordb/auditor-0001.sql | 1 | ||||
| -rw-r--r-- | src/auditordb/plugin_auditordb_postgres.c | 3 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_deposit.c | 11 | ||||
| -rw-r--r-- | src/include/taler_auditor_service.h | 2 | ||||
| -rw-r--r-- | src/include/taler_auditordb_plugin.h | 5 | ||||
| -rw-r--r-- | src/include/taler_crypto_lib.h | 34 | ||||
| -rw-r--r-- | src/include/taler_signatures.h | 18 | ||||
| -rw-r--r-- | src/include/taler_testing_lib.h | 2 | ||||
| -rw-r--r-- | src/lib/auditor_api_deposit_confirmation.c | 91 | ||||
| -rw-r--r-- | src/lib/exchange_api_deposit.c | 115 | ||||
| -rw-r--r-- | src/testing/testing_api_cmd_auditor_deposit_confirmation.c | 9 | ||||
| -rw-r--r-- | src/testing/testing_api_cmd_deposit.c | 27 | ||||
| -rw-r--r-- | src/util/Makefile.am | 1 | ||||
| -rw-r--r-- | src/util/wallet_signatures.c | 6 |
15 files changed, 230 insertions, 141 deletions
diff --git a/src/auditor/taler-auditor-httpd_deposit-confirmation.c b/src/auditor/taler-auditor-httpd_deposit-confirmation.c index c7a23d71..20500a88 100644 --- a/src/auditor/taler-auditor-httpd_deposit-confirmation.c +++ b/src/auditor/taler-auditor-httpd_deposit-confirmation.c @@ -183,33 +183,25 @@ verify_and_execute_deposit_confirmation ( } /* check deposit confirmation signature */ + if (GNUNET_OK != + TALER_exchange_deposit_confirm_verify (&dc->h_contract_terms, + &dc->h_wire, + NULL /* h_extensions! */, + dc->exchange_timestamp, + dc->wire_deadline, + dc->refund_deadline, + &dc->amount_without_fee, + &dc->coin_pub, + &dc->merchant, + &dc->exchange_pub, + &dc->exchange_sig)) { - struct TALER_DepositConfirmationPS dcs = { - .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT), - .purpose.size = htonl (sizeof (struct TALER_DepositConfirmationPS)), - .h_contract_terms = dc->h_contract_terms, - .h_wire = dc->h_wire, - .exchange_timestamp = GNUNET_TIME_absolute_hton (dc->exchange_timestamp), - .refund_deadline = GNUNET_TIME_absolute_hton (dc->refund_deadline), - .coin_pub = dc->coin_pub, - .merchant = dc->merchant - }; - - TALER_amount_hton (&dcs.amount_without_fee, - &dc->amount_without_fee); - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT, - &dcs, - &dc->exchange_sig.eddsa_signature, - &dc->exchange_pub.eddsa_pub)) - { - TALER_LOG_WARNING ( - "Invalid signature on /deposit-confirmation request\n"); - return TALER_MHD_reply_with_error (connection, - MHD_HTTP_FORBIDDEN, - TALER_EC_AUDITOR_DEPOSIT_CONFIRMATION_SIGNATURE_INVALID, - "exchange signature invalid"); - } + TALER_LOG_WARNING ( + "Invalid signature on /deposit-confirmation request\n"); + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_FORBIDDEN, + TALER_EC_AUDITOR_DEPOSIT_CONFIRMATION_SIGNATURE_INVALID, + "exchange signature invalid"); } /* execute transaction */ @@ -263,6 +255,8 @@ TAH_DEPOSIT_CONFIRMATION_handler (struct TAH_RequestHandler *rh, &dc.exchange_timestamp), TALER_JSON_spec_absolute_time ("refund_deadline", &dc.refund_deadline), + TALER_JSON_spec_absolute_time ("wire_deadline", + &dc.wire_deadline), TALER_JSON_spec_amount ("amount_without_fee", TAH_currency, &dc.amount_without_fee), diff --git a/src/auditordb/auditor-0001.sql b/src/auditordb/auditor-0001.sql index 3a0d7dd9..e7ac7538 100644 --- a/src/auditordb/auditor-0001.sql +++ b/src/auditordb/auditor-0001.sql @@ -231,6 +231,7 @@ CREATE TABLE IF NOT EXISTS deposit_confirmations ,h_wire BYTEA CHECK (LENGTH(h_wire)=64) ,exchange_timestamp INT8 NOT NULL ,refund_deadline INT8 NOT NULL + ,wire_deadline INT8 NOT NULL ,amount_without_fee_val INT8 NOT NULL ,amount_without_fee_frac INT4 NOT NULL ,coin_pub BYTEA CHECK (LENGTH(coin_pub)=32) diff --git a/src/auditordb/plugin_auditordb_postgres.c b/src/auditordb/plugin_auditordb_postgres.c index 577f1803..49387127 100644 --- a/src/auditordb/plugin_auditordb_postgres.c +++ b/src/auditordb/plugin_auditordb_postgres.c @@ -1032,6 +1032,7 @@ postgres_insert_deposit_confirmation ( GNUNET_PQ_query_param_auto_from_type (&dc->h_wire), TALER_PQ_query_param_absolute_time (&dc->exchange_timestamp), TALER_PQ_query_param_absolute_time (&dc->refund_deadline), + TALER_PQ_query_param_absolute_time (&dc->wire_deadline), TALER_PQ_query_param_amount (&dc->amount_without_fee), GNUNET_PQ_query_param_auto_from_type (&dc->coin_pub), GNUNET_PQ_query_param_auto_from_type (&dc->merchant), @@ -1114,6 +1115,8 @@ deposit_confirmation_cb (void *cls, &dc.exchange_timestamp), GNUNET_PQ_result_spec_absolute_time ("refund_deadline", &dc.refund_deadline), + GNUNET_PQ_result_spec_absolute_time ("wire_deadline", + &dc.wire_deadline), TALER_PQ_RESULT_SPEC_AMOUNT ("amount_without_fee", &dc.amount_without_fee), GNUNET_PQ_result_spec_auto_from_type ("coin_pub", diff --git a/src/exchange/taler-exchange-httpd_deposit.c b/src/exchange/taler-exchange-httpd_deposit.c index 323a77b5..e9851de7 100644 --- a/src/exchange/taler-exchange-httpd_deposit.c +++ b/src/exchange/taler-exchange-httpd_deposit.c @@ -58,9 +58,11 @@ static MHD_RESULT reply_deposit_success (struct MHD_Connection *connection, const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_MerchantWireHash *h_wire, + const struct TALER_ExtensionContractHash *h_extensions, const struct TALER_PrivateContractHash *h_contract_terms, struct GNUNET_TIME_Absolute exchange_timestamp, struct GNUNET_TIME_Absolute refund_deadline, + struct GNUNET_TIME_Absolute wire_deadline, const struct TALER_MerchantPublicKeyP *merchant, const struct TALER_Amount *amount_without_fee) { @@ -73,11 +75,14 @@ reply_deposit_success (struct MHD_Connection *connection, .h_wire = *h_wire, .exchange_timestamp = GNUNET_TIME_absolute_hton (exchange_timestamp), .refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline), + .wire_deadline = GNUNET_TIME_absolute_hton (wire_deadline), .coin_pub = *coin_pub, - .merchant = *merchant + .merchant_pub = *merchant }; enum TALER_ErrorCode ec; + if (NULL != h_extensions) + dc.h_extensions = *h_extensions; TALER_amount_hton (&dc.amount_without_fee, amount_without_fee); if (TALER_EC_NONE != @@ -184,9 +189,11 @@ deposit_precheck (void *cls, *mhd_ret = reply_deposit_success (connection, &deposit->coin.coin_pub, &dc->h_wire, + NULL /* h_extensions! */, &deposit->h_contract_terms, dc->exchange_timestamp, deposit->refund_deadline, + deposit->wire_deadline, &deposit->merchant_pub, &amount_without_fee); /* Treat as 'hard' DB error as we want to rollback and @@ -559,9 +566,11 @@ TEH_handler_deposit (struct MHD_Connection *connection, res = reply_deposit_success (connection, &deposit.coin.coin_pub, &dc.h_wire, + NULL /* h_extensions! */, &deposit.h_contract_terms, dc.exchange_timestamp, deposit.refund_deadline, + deposit.wire_deadline, &deposit.merchant_pub, &amount_without_fee); GNUNET_JSON_parse_free (spec); diff --git a/src/include/taler_auditor_service.h b/src/include/taler_auditor_service.h index 9e2e46d2..4da72c1c 100644 --- a/src/include/taler_auditor_service.h +++ b/src/include/taler_auditor_service.h @@ -235,6 +235,7 @@ typedef void * @param h_wire hash of merchant wire details * @param h_contract_terms hash of the contact of the merchant with the customer (further details are never disclosed to the auditor) * @param exchange_timestamp timestamp when the contract was finalized, must not be too far in the future + * @param wire_deadline date until which the exchange should wire the funds * @param refund_deadline date until which the merchant can issue a refund to the customer via the auditor (can be zero if refunds are not allowed); must not be after the @a wire_deadline * @param amount_without_fee the amount confirmed to be wired by the exchange to the merchant * @param coin_pub coin’s public key @@ -257,6 +258,7 @@ TALER_AUDITOR_deposit_confirmation ( const struct TALER_MerchantWireHash *h_wire, const struct TALER_PrivateContractHash *h_contract_terms, struct GNUNET_TIME_Absolute timestamp, + struct GNUNET_TIME_Absolute wire_deadline, struct GNUNET_TIME_Absolute refund_deadline, const struct TALER_Amount *amount_without_fee, const struct TALER_CoinSpendPublicKeyP *coin_pub, diff --git a/src/include/taler_auditordb_plugin.h b/src/include/taler_auditordb_plugin.h index 18db8694..8dd454b9 100644 --- a/src/include/taler_auditordb_plugin.h +++ b/src/include/taler_auditordb_plugin.h @@ -296,6 +296,11 @@ struct TALER_AUDITORDB_DepositConfirmation struct GNUNET_TIME_Absolute refund_deadline; /** + * How much time does the @e exchange have to wire the funds? + */ + struct GNUNET_TIME_Absolute wire_deadline; + + /** * Amount to be deposited, excluding fee. Calculated from the * amount with fee and the fee from the deposit request. */ diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 881e368e..7787c23d 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -1547,6 +1547,40 @@ TALER_CRYPTO_helper_esign_disconnect ( struct TALER_CRYPTO_ExchangeSignHelper *esh); +/* ********************* exchange signing ************************** */ + + +/** + * Verify a deposit confirmation. + * + * @param h_contract_terms hash of the contact of the merchant with the customer (further details are never disclosed to the exchange) + * @param h_wire hash of the merchant’s account details + * @param h_extensions hash over the extensions, can be NULL + * @param exchange_timestamp timestamp when the contract was finalized, must not be too far off + * @param wire_deadline date until which the exchange should wire the funds + * @param refund_deadline date until which the merchant can issue a refund to the customer via the exchange (can be zero if refunds are not allowed); must not be after the @a wire_deadline + * @param amount_without_fee the amount to be deposited after fees + * @param coin_pub public key of the deposited coin + * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests) + * @param exchange_pub exchange's online signing public key + * @param exchange_sig the signature made with purpose #TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT + * @return #GNUNET_OK if the signature is valid + */ +enum GNUNET_GenericReturnValue +TALER_exchange_deposit_confirm_verify ( + const struct TALER_PrivateContractHash *h_contract_terms, + const struct TALER_MerchantWireHash *h_wire, + const struct TALER_ExtensionContractHash *h_extensions, + struct GNUNET_TIME_Absolute exchange_timestamp, + struct GNUNET_TIME_Absolute wire_deadline, + struct GNUNET_TIME_Absolute refund_deadline, + const struct TALER_Amount *amount_without_fee, + const struct TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_MerchantPublicKeyP *merchant_pub, + const struct TALER_ExchangePublicKeyP *exchange_pub, + const struct TALER_ExchangeSignatureP *exchange_sig); + + /* ********************* wallet signing ************************** */ diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 5eef0db6..40755348 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -556,12 +556,24 @@ struct TALER_DepositConfirmationPS struct TALER_MerchantWireHash h_wire GNUNET_PACKED; /** + * Hash over the extension options of the deposit, 0 if there + * were not extension options. + */ + struct TALER_ExtensionContractHash h_extensions GNUNET_PACKED; + + /** * Time when this confirmation was generated / when the exchange received * the deposit request. */ struct GNUNET_TIME_AbsoluteNBO exchange_timestamp; /** + * By when does the exchange expect to pay the merchant + * (as per the merchant's request). + */ + struct GNUNET_TIME_AbsoluteNBO wire_deadline; + + /** * How much time does the @e merchant have to issue a refund * request? Zero if refunds are not allowed. After this time, the * coin cannot be refunded. Note that the wire transfer will not be @@ -577,9 +589,7 @@ struct TALER_DepositConfirmationPS struct TALER_AmountNBO amount_without_fee; /** - * The coin's public key. This is the value that must have been - * signed (blindly) by the Exchange. The deposit request is to be - * signed by the corresponding private key (using EdDSA). + * The public key of the coin that was deposited. */ struct TALER_CoinSpendPublicKeyP coin_pub; @@ -587,7 +597,7 @@ struct TALER_DepositConfirmationPS * The Merchant's public key. Allows the merchant to later refund * the transaction or to inquire about the wire transfer identifier. */ - struct TALER_MerchantPublicKeyP merchant; + struct TALER_MerchantPublicKeyP merchant_pub; }; diff --git a/src/include/taler_testing_lib.h b/src/include/taler_testing_lib.h index 2656300f..e99912a6 100644 --- a/src/include/taler_testing_lib.h +++ b/src/include/taler_testing_lib.h @@ -2379,6 +2379,8 @@ TALER_TESTING_get_trait (const struct TALER_TESTING_Trait *traits, op (coin_priv, const struct TALER_CoinSpendPrivateKeyP) \ op (coin_pub, const struct TALER_CoinSpendPublicKeyP) \ op (absolute_time, const struct GNUNET_TIME_Absolute) \ + op (wire_deadline, const struct GNUNET_TIME_Absolute) \ + op (refund_deadline, const struct GNUNET_TIME_Absolute) \ op (exchange_pub, const struct TALER_ExchangePublicKeyP) \ op (exchange_sig, const struct TALER_ExchangeSignatureP) \ op (blinding_key, const union TALER_DenominationBlindingKeyP) diff --git a/src/lib/auditor_api_deposit_confirmation.c b/src/lib/auditor_api_deposit_confirmation.c index 89f67f92..41f9d5e4 100644 --- a/src/lib/auditor_api_deposit_confirmation.c +++ b/src/lib/auditor_api_deposit_confirmation.c @@ -168,10 +168,11 @@ handle_deposit_confirmation_finished (void *cls, * @param master_sig master signature affirming validity of @a exchange_pub * @return #GNUNET_OK if signatures are OK, #GNUNET_SYSERR if not */ -static int +static enum GNUNET_GenericReturnValue verify_signatures (const struct TALER_MerchantWireHash *h_wire, const struct TALER_PrivateContractHash *h_contract_terms, struct GNUNET_TIME_Absolute exchange_timestamp, + struct GNUNET_TIME_Absolute wire_deadline, struct GNUNET_TIME_Absolute refund_deadline, const struct TALER_Amount *amount_without_fee, const struct TALER_CoinSpendPublicKeyP *coin_pub, @@ -184,36 +185,29 @@ verify_signatures (const struct TALER_MerchantWireHash *h_wire, struct GNUNET_TIME_Absolute ep_end, const struct TALER_MasterSignatureP *master_sig) { + if (GNUNET_OK != + TALER_exchange_deposit_confirm_verify (h_contract_terms, + h_wire, + NULL /* h_extensions! */, + exchange_timestamp, + wire_deadline, + refund_deadline, + amount_without_fee, + coin_pub, + merchant_pub, + exchange_pub, + exchange_sig)) { - struct TALER_DepositConfirmationPS dc = { - .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT), - .purpose.size = htonl (sizeof (dc)), - .h_contract_terms = *h_contract_terms, - .h_wire = *h_wire, - .exchange_timestamp = GNUNET_TIME_absolute_hton (exchange_timestamp), - .refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline), - .coin_pub = *coin_pub, - .merchant = *merchant_pub - }; - - TALER_amount_hton (&dc.amount_without_fee, - amount_without_fee); - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT, - &dc, - &exchange_sig->eddsa_signature, - &exchange_pub->eddsa_pub)) + GNUNET_break_op (0); + TALER_LOG_WARNING ( + "Invalid signature on /deposit-confirmation request!\n"); { - GNUNET_break_op (0); - TALER_LOG_WARNING ( - "Invalid signature on /deposit-confirmation request!\n"); - { - TALER_LOG_DEBUG ("... amount_without_fee was %s\n", - TALER_amount2s (amount_without_fee)); - } - return GNUNET_SYSERR; + TALER_LOG_DEBUG ("... amount_without_fee was %s\n", + TALER_amount2s (amount_without_fee)); } + return GNUNET_SYSERR; } + if (GNUNET_OK != TALER_exchange_offline_signkey_validity_verify ( exchange_pub, @@ -237,45 +231,13 @@ verify_signatures (const struct TALER_MerchantWireHash *h_wire, } -/** - * Submit a deposit-confirmation permission to the auditor and get the - * auditor's response. Note that while we return the response - * verbatim to the caller for further processing, we do already verify - * that the response is well-formed. If the auditor's reply is not - * well-formed, we return an HTTP status code of zero to @a cb. - * - * We also verify that the @a exchange_sig is valid for this deposit-confirmation - * request, and that the @a master_sig is a valid signature for @a - * exchange_pub. Also, the @a auditor must be ready to operate (i.e. have - * finished processing the /version reply). If either check fails, we do - * NOT initiate the transaction with the auditor and instead return NULL. - * - * @param auditor the auditor handle; the auditor must be ready to operate - * @param h_wire hash of merchant wire details - * @param h_contract_terms hash of the contact of the merchant with the customer (further details are never disclosed to the auditor) - * @param exchange_timestamp timestamp when deposit was received by the exchange - * @param refund_deadline date until which the merchant can issue a refund to the customer via the auditor (can be zero if refunds are not allowed); must not be after the @a wire_deadline - * @param amount_without_fee the amount confirmed to be wired by the exchange to the merchant - * @param coin_pub coin’s public key - * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests) - * @param exchange_sig the signature made with purpose #TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT - * @param exchange_pub the public key of the exchange that matches @a exchange_sig - * @param master_pub master public key of the exchange - * @param ep_start when does @a exchange_pub validity start - * @param ep_expire when does @a exchange_pub usage end - * @param ep_end when does @a exchange_pub legal validity end - * @param master_sig master signature affirming validity of @a exchange_pub - * @param cb the callback to call when a reply for this request is available - * @param cb_cls closure for the above callback - * @return a handle for this request; NULL if the inputs are invalid (i.e. - * signatures fail to verify). In this case, the callback is not called. - */ struct TALER_AUDITOR_DepositConfirmationHandle * TALER_AUDITOR_deposit_confirmation ( struct TALER_AUDITOR_Handle *auditor, const struct TALER_MerchantWireHash *h_wire, const struct TALER_PrivateContractHash *h_contract_terms, struct GNUNET_TIME_Absolute exchange_timestamp, + struct GNUNET_TIME_Absolute wire_deadline, struct GNUNET_TIME_Absolute refund_deadline, const struct TALER_Amount *amount_without_fee, const struct TALER_CoinSpendPublicKeyP *coin_pub, @@ -306,6 +268,7 @@ TALER_AUDITOR_deposit_confirmation ( verify_signatures (h_wire, h_contract_terms, exchange_timestamp, + wire_deadline, refund_deadline, amount_without_fee, coin_pub, @@ -332,6 +295,8 @@ TALER_AUDITOR_deposit_confirmation ( exchange_timestamp), GNUNET_JSON_pack_time_abs ("refund_deadline", refund_deadline), + GNUNET_JSON_pack_time_abs ("wire_deadline", + wire_deadline), TALER_JSON_pack_amount ("amount_without_fee", amount_without_fee), GNUNET_JSON_pack_data_auto ("coin_pub", @@ -397,12 +362,6 @@ TALER_AUDITOR_deposit_confirmation ( } -/** - * Cancel a deposit-confirmation permission request. This function cannot be used - * on a request handle if a response is already served for it. - * - * @param deposit_confirmation the deposit-confirmation permission request handle - */ void TALER_AUDITOR_deposit_confirmation_cancel ( struct TALER_AUDITOR_DepositConfirmationHandle *deposit_confirmation) diff --git a/src/lib/exchange_api_deposit.c b/src/lib/exchange_api_deposit.c index 188c17f1..60dcb066 100644 --- a/src/lib/exchange_api_deposit.c +++ b/src/lib/exchange_api_deposit.c @@ -81,9 +81,58 @@ struct TALER_EXCHANGE_DepositHandle void *cb_cls; /** - * Information the exchange should sign in response. + * Hash over the contract for which this deposit is made. */ - struct TALER_DepositConfirmationPS depconf; + struct TALER_PrivateContractHash h_contract_terms GNUNET_PACKED; + + /** + * Hash over the wiring information of the merchant. + */ + struct TALER_MerchantWireHash h_wire GNUNET_PACKED; + + /** + * Hash over the extension options of the deposit, 0 if there + * were not extension options. + */ + struct TALER_ExtensionContractHash h_extensions GNUNET_PACKED; + + /** + * Time when this confirmation was generated / when the exchange received + * the deposit request. + */ + struct GNUNET_TIME_Absolute exchange_timestamp; + + /** + * By when does the exchange expect to pay the merchant + * (as per the merchant's request). + */ + struct GNUNET_TIME_Absolute wire_deadline; + + /** + * How much time does the @e merchant have to issue a refund + * request? Zero if refunds are not allowed. After this time, the + * coin cannot be refunded. Note that the wire transfer will not be + * performed by the exchange until the refund deadline. This value + * is taken from the original deposit request. + */ + struct GNUNET_TIME_Absolute refund_deadline; + + /** + * Amount to be deposited, excluding fee. Calculated from the + * amount with fee and the fee from the deposit request. + */ + struct TALER_Amount amount_without_fee; + + /** + * The public key of the coin that was deposited. + */ + struct TALER_CoinSpendPublicKeyP coin_pub; + + /** + * The Merchant's public key. Allows the merchant to later refund + * the transaction or to inquire about the wire transfer identifier. + */ + struct TALER_MerchantPublicKeyP merchant_pub; /** * Exchange signature, set for #auditor_cb. @@ -132,7 +181,6 @@ auditor_cb (void *cls, struct TALER_EXCHANGE_DepositHandle *dh = cls; const struct TALER_EXCHANGE_Keys *key_state; const struct TALER_EXCHANGE_SigningPublicKey *spk; - struct TALER_Amount amount_without_fee; struct TEAH_AuditorInteractionEntry *aie; if (0 != GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, @@ -153,18 +201,17 @@ auditor_cb (void *cls, GNUNET_break_op (0); return NULL; } - TALER_amount_ntoh (&amount_without_fee, - &dh->depconf.amount_without_fee); aie = GNUNET_new (struct TEAH_AuditorInteractionEntry); aie->dch = TALER_AUDITOR_deposit_confirmation ( ah, - &dh->depconf.h_wire, - &dh->depconf.h_contract_terms, - GNUNET_TIME_absolute_ntoh (dh->depconf.exchange_timestamp), - GNUNET_TIME_absolute_ntoh (dh->depconf.refund_deadline), - &amount_without_fee, - &dh->depconf.coin_pub, - &dh->depconf.merchant, + &dh->h_wire, + &dh->h_contract_terms, + dh->exchange_timestamp, + dh->wire_deadline, + dh->refund_deadline, + &dh->amount_without_fee, + &dh->coin_pub, + &dh->merchant_pub, &dh->exchange_pub, &dh->exchange_sig, &key_state->master_pub, @@ -204,7 +251,7 @@ verify_deposit_signature_conflict ( if (GNUNET_OK != TALER_EXCHANGE_verify_coin_history (&dh->dki, dh->dki.value.currency, - &dh->depconf.coin_pub, + &dh->coin_pub, history, &h_denom_pub, &total)) @@ -286,8 +333,8 @@ handle_deposit_finished (void *cls, GNUNET_JSON_spec_mark_optional ( GNUNET_JSON_spec_string ("transaction_base_url", &dr.details.success.transaction_base_url)), - TALER_JSON_spec_absolute_time_nbo ("exchange_timestamp", - &dh->depconf.exchange_timestamp), + TALER_JSON_spec_absolute_time ("exchange_timestamp", + &dh->exchange_timestamp), GNUNET_JSON_spec_end () }; @@ -313,10 +360,17 @@ handle_deposit_finished (void *cls, } if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT, - &dh->depconf, - &dh->exchange_sig.eddsa_signature, - &dh->exchange_pub.eddsa_pub)) + TALER_exchange_deposit_confirm_verify (&dh->h_contract_terms, + &dh->h_wire, + &dh->h_extensions, + dh->exchange_timestamp, + dh->wire_deadline, + dh->refund_deadline, + &dh->amount_without_fee, + &dh->coin_pub, + &dh->merchant_pub, + &dh->exchange_pub, + &dh->exchange_sig)) { GNUNET_break_op (0); dr.hr.http_status = 0; @@ -331,8 +385,7 @@ handle_deposit_finished (void *cls, } dr.details.success.exchange_sig = &dh->exchange_sig; dr.details.success.exchange_pub = &dh->exchange_pub; - dr.details.success.deposit_timestamp - = GNUNET_TIME_absolute_ntoh (dh->depconf.exchange_timestamp); + dr.details.success.deposit_timestamp = dh->exchange_timestamp; break; case MHD_HTTP_BAD_REQUEST: /* This should never happen, either us or the exchange is buggy @@ -621,18 +674,14 @@ TALER_EXCHANGE_deposit ( json_decref (deposit_obj); return NULL; } - dh->depconf.purpose.size - = htonl (sizeof (struct TALER_DepositConfirmationPS)); - dh->depconf.purpose.purpose - = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT); - dh->depconf.h_contract_terms = *h_contract_terms; - dh->depconf.h_wire = h_wire; - /* dh->depconf.exchange_timestamp; -- initialized later from exchange reply! */ - dh->depconf.refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline); - TALER_amount_hton (&dh->depconf.amount_without_fee, - &amount_without_fee); - dh->depconf.coin_pub = *coin_pub; - dh->depconf.merchant = *merchant_pub; + dh->h_contract_terms = *h_contract_terms; + dh->h_wire = h_wire; + /* dh->h_extensions = ... */ + dh->refund_deadline = refund_deadline; + dh->wire_deadline = wire_deadline; + dh->amount_without_fee = amount_without_fee; + dh->coin_pub = *coin_pub; + dh->merchant_pub = *merchant_pub; dh->amount_with_fee = *amount; dh->dki = *dki; memset (&dh->dki.key, diff --git a/src/testing/testing_api_cmd_auditor_deposit_confirmation.c b/src/testing/testing_api_cmd_auditor_deposit_confirmation.c index 6522fe5b..12496e0e 100644 --- a/src/testing/testing_api_cmd_auditor_deposit_confirmation.c +++ b/src/testing/testing_api_cmd_auditor_deposit_confirmation.c @@ -205,6 +205,7 @@ deposit_confirmation_run (void *cls, struct TALER_PrivateContractHash h_contract_terms; const struct GNUNET_TIME_Absolute *exchange_timestamp = NULL; struct GNUNET_TIME_Absolute timestamp; + const struct GNUNET_TIME_Absolute *wire_deadline; struct GNUNET_TIME_Absolute refund_deadline; struct TALER_Amount amount_without_fee; struct TALER_CoinSpendPublicKeyP coin_pub; @@ -243,6 +244,10 @@ deposit_confirmation_run (void *cls, TALER_TESTING_get_trait_absolute_time (deposit_cmd, dcs->coin_index, &exchange_timestamp)); + GNUNET_assert (GNUNET_OK == + TALER_TESTING_get_trait_wire_deadline (deposit_cmd, + dcs->coin_index, + &wire_deadline)); GNUNET_assert (NULL != exchange_timestamp); keys = TALER_EXCHANGE_get_keys (dcs->is->exchange); GNUNET_assert (NULL != keys); @@ -297,7 +302,8 @@ deposit_confirmation_run (void *cls, /* refund deadline is optional, defaults to zero */ { struct GNUNET_JSON_Specification spec[] = { - TALER_JSON_spec_absolute_time ("refund_deadline", &refund_deadline), + TALER_JSON_spec_absolute_time ("refund_deadline", + &refund_deadline), GNUNET_JSON_spec_end () }; @@ -313,6 +319,7 @@ deposit_confirmation_run (void *cls, &h_wire, &h_contract_terms, *exchange_timestamp, + *wire_deadline, refund_deadline, &amount_without_fee, &coin_pub, diff --git a/src/testing/testing_api_cmd_deposit.c b/src/testing/testing_api_cmd_deposit.c index 9d2e15b7..29b2ce64 100644 --- a/src/testing/testing_api_cmd_deposit.c +++ b/src/testing/testing_api_cmd_deposit.c @@ -85,6 +85,11 @@ struct DepositState struct GNUNET_TIME_Absolute refund_deadline; /** + * Wire deadline. + */ + struct GNUNET_TIME_Absolute wire_deadline; + + /** * Set (by the interpreter) to a fresh private key. This * key will be used to sign the deposit request. */ @@ -285,7 +290,6 @@ deposit_run (void *cls, const struct TALER_EXCHANGE_DenomPublicKey *denom_pub; const struct TALER_DenominationSignature *denom_pub_sig; struct TALER_CoinSpendSignatureP coin_sig; - struct GNUNET_TIME_Absolute wire_deadline; struct TALER_MerchantPublicKeyP merchant_pub; struct TALER_PrivateContractHash h_contract_terms; enum TALER_ErrorCode ec; @@ -402,18 +406,23 @@ deposit_run (void *cls, { struct GNUNET_TIME_Relative refund_deadline; - refund_deadline = GNUNET_TIME_absolute_get_remaining (ds->refund_deadline); - wire_deadline = GNUNET_TIME_relative_to_absolute - (GNUNET_TIME_relative_multiply (refund_deadline, 2)); + refund_deadline + = GNUNET_TIME_absolute_get_remaining (ds->refund_deadline); + ds->wire_deadline + = GNUNET_TIME_relative_to_absolute ( + GNUNET_TIME_relative_multiply (refund_deadline, + 2)); } else { ds->refund_deadline = ds->wallet_timestamp; - wire_deadline = GNUNET_TIME_relative_to_absolute (GNUNET_TIME_UNIT_ZERO); + ds->wire_deadline + = GNUNET_TIME_relative_to_absolute ( + GNUNET_TIME_UNIT_ZERO); } GNUNET_CRYPTO_eddsa_key_get_public (&ds->merchant_priv.eddsa_priv, &merchant_pub.eddsa_pub); - (void) GNUNET_TIME_round_abs (&wire_deadline); + (void) GNUNET_TIME_round_abs (&ds->wire_deadline); { struct TALER_MerchantWireHash h_wire; @@ -434,7 +443,7 @@ deposit_run (void *cls, } ds->dh = TALER_EXCHANGE_deposit (is->exchange, &ds->amount, - wire_deadline, + ds->wire_deadline, payto_uri, &wire_salt, &h_contract_terms, @@ -555,6 +564,10 @@ deposit_traits (void *cls, TALER_TESTING_make_trait_deposit_fee_amount (&ds->deposit_fee), TALER_TESTING_make_trait_absolute_time (0, &ds->exchange_timestamp), + TALER_TESTING_make_trait_wire_deadline (0, + &ds->wire_deadline), + TALER_TESTING_make_trait_refund_deadline (0, + &ds->refund_deadline), TALER_TESTING_trait_end () }; diff --git a/src/util/Makefile.am b/src/util/Makefile.am index c8455dd4..556c3b6f 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am @@ -70,6 +70,7 @@ libtalerutil_la_SOURCES = \ crypto_helper_esign.c \ crypto_wire.c \ denom.c \ + exchange_signatures.c \ getopt.c \ lang.c \ iban.c \ diff --git a/src/util/wallet_signatures.c b/src/util/wallet_signatures.c index 3f9e297f..8700d4a8 100644 --- a/src/util/wallet_signatures.c +++ b/src/util/wallet_signatures.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2020, 2021 Taler Systems SA + Copyright (C) 2021 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software @@ -14,8 +14,8 @@ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> */ /** - * @file secmod_signatures.c - * @brief Utility functions for Taler security module signatures + * @file wallet_signatures.c + * @brief Utility functions for Taler wallet signatures * @author Christian Grothoff */ #include "platform.h" |