diff options
Diffstat (limited to 'src/exchange')
| -rw-r--r-- | src/exchange/Makefile.am | 1 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd.c | 1 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_kyc-wallet.c | 151 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_kyc-wallet.h | 43 |
4 files changed, 196 insertions, 0 deletions
diff --git a/src/exchange/Makefile.am b/src/exchange/Makefile.am index 1f53b012..a0fe1c20 100644 --- a/src/exchange/Makefile.am +++ b/src/exchange/Makefile.am @@ -83,6 +83,7 @@ taler_exchange_httpd_SOURCES = \ taler-exchange-httpd_deposit.c taler-exchange-httpd_deposit.h \ taler-exchange-httpd_deposits_get.c taler-exchange-httpd_deposits_get.h \ taler-exchange-httpd_keys.c taler-exchange-httpd_keys.h \ + taler-exchange-httpd_kyc-wallet.c taler-exchange-httpd_kyc-wallet.h \ taler-exchange-httpd_link.c taler-exchange-httpd_link.h \ taler-exchange-httpd_management.h \ taler-exchange-httpd_management_auditors.c \ diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index e9aa94c0..7386a8a4 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -33,6 +33,7 @@ #include "taler-exchange-httpd_deposit.h" #include "taler-exchange-httpd_deposits_get.h" #include "taler-exchange-httpd_keys.h" +#include "taler-exchange-httpd_kyc-wallet.h" #include "taler-exchange-httpd_link.h" #include "taler-exchange-httpd_management.h" #include "taler-exchange-httpd_melt.h" diff --git a/src/exchange/taler-exchange-httpd_kyc-wallet.c b/src/exchange/taler-exchange-httpd_kyc-wallet.c new file mode 100644 index 00000000..84eb28fa --- /dev/null +++ b/src/exchange/taler-exchange-httpd_kyc-wallet.c @@ -0,0 +1,151 @@ +/* + This file is part of TALER + Copyright (C) 2021 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU Affero General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file taler-exchange-httpd_kyc-wallet.c + * @brief Handle request for wallet for KYC check. + * @author Christian Grothoff + */ +#include "platform.h" +#include <gnunet/gnunet_util_lib.h> +#include <gnunet/gnunet_json_lib.h> +#include <jansson.h> +#include <microhttpd.h> +#include <pthread.h> +#include "taler_json_lib.h" +#include "taler_mhd_lib.h" +#include "taler-exchange-httpd_kyc-wallet.h" +#include "taler-exchange-httpd_responses.h" + + +/** + * Context for the request. + */ +struct KycRequestContext +{ + /** + * Public key of the reserve/wallet this is about. + */ + struct TALER_ReservePublicKeyP reserve_pub; + + /** + * Current KYC status. + */ + struct TALER_EXCHANGEDB_KycStatus kyc; +}; + + +/** + * Function implementing database transaction to check wallet's KYC status. + * Runs the transaction logic; IF it returns a non-error code, the transaction + * logic MUST NOT queue a MHD response. IF it returns an hard error, the + * transaction logic MUST queue a MHD response and set @a mhd_ret. IF it + * returns the soft error code, the function MAY be called again to retry and + * MUST not queue a MHD response. + * + * @param cls closure with a `struct KycRequestContext *` + * @param connection MHD request which triggered the transaction + * @param[out] mhd_ret set to MHD response status for @a connection, + * if transaction failed (!) + * @return transaction status + */ +static enum GNUNET_DB_QueryStatus +wallet_kyc_check (void *cls, + struct MHD_Connection *connection, + MHD_RESULT *mhd_ret) +{ + struct KycRequestContext *krc = cls; + enum GNUNET_DB_QueryStatus qs; + + qs = TEH_plugin->inselect_wallet_kyc_status (TEH_plugin->cls, + &krc->reserve_pub, + &krc->kyc); + if (qs < 0) + { + if (GNUNET_DB_STATUS_SOFT_ERROR == qs) + return qs; + GNUNET_break (0); + *mhd_ret = TALER_MHD_reply_with_error (connection, + MHD_HTTP_INTERNAL_SERVER_ERROR, + TALER_EC_GENERIC_DB_FETCH_FAILED, + "inselect_wallet_status"); + return qs; + } + return qs; +} + + +MHD_RESULT +TEH_handler_kyc_wallet ( + struct MHD_Connection *connection, + const json_t *root) +{ + struct TALER_ReserveSignatureP reserve_sig; + struct KycRequestContext krc; + struct GNUNET_JSON_Specification spec[] = { + GNUNET_JSON_spec_fixed_auto ("reserve_sig", + &reserve_sig), + GNUNET_JSON_spec_fixed_auto ("reserve_pub", + &krc.reserve_pub), + GNUNET_JSON_spec_end () + }; + MHD_RESULT res; + enum GNUNET_GenericReturnValue ret; + struct GNUNET_CRYPTO_EccSignaturePurpose purpose = { + .size = htonl (sizeof (purpose)), + .purpose = htonl (TALER_SIGNATURE_WALLET_ACCOUNT_SETUP) + }; + + ret = TALER_MHD_parse_json_data (connection, + root, + spec); + if (GNUNET_SYSERR == ret) + return MHD_NO; /* hard failure */ + if (GNUNET_NO == ret) + return MHD_YES; /* failure */ + + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_verify_ (TALER_SIGNATURE_WALLET_ACCOUNT_SETUP, + &purpose, + &reserve_sig.eddsa_signature, + &krc.reserve_pub.eddsa_pub)) + { + GNUNET_break_op (0); + return TALER_MHD_reply_with_error ( + connection, + MHD_HTTP_FORBIDDEN, + TALER_EC_EXCHANGE_KYC_WALLET_SIGNATURE_INVALID, + NULL); + } + + ret = TEH_DB_run_transaction (connection, + "check wallet kyc", + &res, + &wallet_kyc_check, + &krc); + if (GNUNET_SYSERR == ret) + return res; + + // FIXME: act on krc.kyc! + return TALER_MHD_reply_static ( + connection, + MHD_HTTP_NO_CONTENT, + NULL, + NULL, + 0); +} + + +/* end of taler-exchange-httpd_kyc-wallet.c */ diff --git a/src/exchange/taler-exchange-httpd_kyc-wallet.h b/src/exchange/taler-exchange-httpd_kyc-wallet.h new file mode 100644 index 00000000..70ac5094 --- /dev/null +++ b/src/exchange/taler-exchange-httpd_kyc-wallet.h @@ -0,0 +1,43 @@ +/* + This file is part of TALER + Copyright (C) 2021 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU Affero General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file taler-exchange-httpd_kyc-wallet.h + * @brief Handle /kyc-wallet requests + * @author Christian Grothoff + */ +#ifndef TALER_EXCHANGE_HTTPD_KYC_WALLET_H +#define TALER_EXCHANGE_HTTPD_KYC_WALLET_H + +#include <microhttpd.h> +#include "taler-exchange-httpd.h" + + +/** + * Handle a "/kyc-wallet" request. Parses the "reserve_pub" EdDSA key of the + * reserve and the signature "reserve_sig" which affirms the operation. If OK, + * a KYC record is created (if missing) and the KYC status returned. + * + * @param connection request to handle + * @param root uploaded JSON data + * @return MHD result code + */ +MHD_RESULT +TEH_handler_kyc_wallet ( + struct MHD_Connection *connection, + const json_t *root); + + +#endif |