3 files changed, 89 insertions, 12 deletions

diff --git a/src/mint-lib/mint_api_deposit.c b/src/mint-lib/mint_api_deposit.c
index c7868075..346f0280 100644
--- a/src/mint-lib/mint_api_deposit.c
+++ b/src/mint-lib/mint_api_deposit.c
@@ -213,15 +213,53 @@ verify_deposit_signature_forbidden (const struct TALER_MINT_DepositHandle *dh,
       GNUNET_break_op (0);
       return GNUNET_SYSERR;
     }
-    switch (purpose->purpose)
+    switch (ntohl (purpose->purpose))
     {
     case TALER_SIGNATURE_WALLET_COIN_DEPOSIT:
-      GNUNET_break (0);
-      /* FIXME: check amount! #3516 */
+      {
+        const struct TALER_DepositRequestPS *dr;
+        struct TALER_Amount dr_amount;
+
+        if (ntohl (purpose->size) != sizeof (struct TALER_DepositRequestPS))
+        {
+          GNUNET_break (0);
+          MAJ_parse_free (spec);
+          return GNUNET_SYSERR;
+        }
+        dr = (const struct TALER_DepositRequestPS *) purpose;
+        TALER_amount_ntoh (&dr_amount,
+                           &dr->amount_with_fee);
+        if (0 != TALER_amount_cmp (&dr_amount,
+                                   &amount))
+        {
+          GNUNET_break (0);
+          MAJ_parse_free (spec);
+          return GNUNET_SYSERR;
+        }
+      }
       break;
     case TALER_SIGNATURE_WALLET_COIN_MELT:
-      GNUNET_break (0);
-      /* FIXME: check amount! #3516 */
+      {
+        const struct TALER_RefreshMeltCoinAffirmationPS *rm;
+        struct TALER_Amount rm_amount;
+
+        if (ntohl (purpose->size) != sizeof (struct TALER_RefreshMeltCoinAffirmationPS))
+        {
+          GNUNET_break (0);
+          MAJ_parse_free (spec);
+          return GNUNET_SYSERR;
+        }
+        rm = (const struct TALER_RefreshMeltCoinAffirmationPS *) purpose;
+        TALER_amount_ntoh (&rm_amount,
+                           &rm->amount_with_fee);
+        if (0 != TALER_amount_cmp (&rm_amount,
+                                   &amount))
+        {
+          GNUNET_break (0);
+          MAJ_parse_free (spec);
+          return GNUNET_SYSERR;
+        }
+      }
       break;
     default:
       /* signature not supported, new version on server? */
@@ -234,7 +272,7 @@ verify_deposit_signature_forbidden (const struct TALER_MINT_DepositHandle *dh,
                           &total,
                           &amount))
     {
-      /* overflow in history already!? inconceivable! */
+      /* overflow in history already!? inconceivable! Bad mint! */
       GNUNET_break_op (0);
       MAJ_parse_free (spec);
       return GNUNET_SYSERR;
diff --git a/src/mint-lib/mint_api_json.c b/src/mint-lib/mint_api_json.c
index 81511c1c..e2a73bdd 100644
--- a/src/mint-lib/mint_api_json.c
+++ b/src/mint-lib/mint_api_json.c
@@ -202,12 +202,40 @@ parse_json (json_t *root,
 
     case MAJ_CMD_EDDSA_SIGNATURE:
       {
-        /* FIXME: parse the JSON signature
-           and the purpose, then check that the
-           signature is valid and the size field
-           is also correct; if all checks out,
-           return the purpose */
-        GNUNET_break (0); // FIXME: implement! #3516
+        struct TALER_CoinSpendSignatureP sig;
+        struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
+        size_t size;
+        struct MAJ_Specification sig_spec[] = {
+          MAJ_spec_fixed_auto ("eddsa_sig", &sig),
+          MAJ_spec_varsize ("eddsa_val", (void**) &purpose, &size),
+          MAJ_spec_end
+        };
+
+        if (GNUNET_OK !=
+            MAJ_parse_json (pos,
+                            sig_spec))
+        {
+          GNUNET_break_op (0);
+          MAJ_parse_free (sig_spec);
+          return i;
+        }
+        if (size != ntohl (purpose->size))
+        {
+          GNUNET_break_op (0);
+          MAJ_parse_free (sig_spec);
+          return i;
+        }
+        if (GNUNET_OK !=
+            GNUNET_CRYPTO_eddsa_verify (ntohl (purpose->purpose),
+                                        purpose,
+                                        &sig.eddsa_signature,
+                                        spec[i].details.eddsa_signature.pub_key))
+        {
+          GNUNET_break_op (0);
+          MAJ_parse_free (sig_spec);
+          return i;
+        }
+        *spec[i].details.eddsa_signature.purpose_p = purpose;
       }
       break;
 
diff --git a/src/mint-lib/mint_api_json.h b/src/mint-lib/mint_api_json.h
index 91679831..ec3b63cb 100644
--- a/src/mint-lib/mint_api_json.h
+++ b/src/mint-lib/mint_api_json.h
@@ -219,6 +219,17 @@ MAJ_parse_free (struct MAJ_Specification *spec);
 
 
 /**
+ * Variable size object (in network byte order, encoded using Crockford
+ * Base32hex encoding).
+ *
+ * @param name name of the JSON field
+ * @param obj_ptr pointer where to write the data (a `void **`)
+ * @param size where to store the number of bytes allocated for @a obj (of type `size_t *`
+ */
+#define MAJ_spec_varsize(name,obj,size) { .cmd = MAJ_CMD_BINARY_VARIABLE, .field = name, .details.variable_data.dest_p = obj, .details.variable_data.dest_size_p = size }
+
+
+/**
  * Absolute time.
  *
  * @param name name of the JSON field