From 9d6e1040669435dfa2ab93abd4f1669c7bf90871 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 6 Nov 2021 19:43:47 +0100 Subject: include h_extensions in deposit confirmation --- src/lib/auditor_api_deposit_confirmation.c | 91 ++++++++---------------------- 1 file changed, 25 insertions(+), 66 deletions(-) (limited to 'src/lib/auditor_api_deposit_confirmation.c') diff --git a/src/lib/auditor_api_deposit_confirmation.c b/src/lib/auditor_api_deposit_confirmation.c index 89f67f92..41f9d5e4 100644 --- a/src/lib/auditor_api_deposit_confirmation.c +++ b/src/lib/auditor_api_deposit_confirmation.c @@ -168,10 +168,11 @@ handle_deposit_confirmation_finished (void *cls, * @param master_sig master signature affirming validity of @a exchange_pub * @return #GNUNET_OK if signatures are OK, #GNUNET_SYSERR if not */ -static int +static enum GNUNET_GenericReturnValue verify_signatures (const struct TALER_MerchantWireHash *h_wire, const struct TALER_PrivateContractHash *h_contract_terms, struct GNUNET_TIME_Absolute exchange_timestamp, + struct GNUNET_TIME_Absolute wire_deadline, struct GNUNET_TIME_Absolute refund_deadline, const struct TALER_Amount *amount_without_fee, const struct TALER_CoinSpendPublicKeyP *coin_pub, @@ -184,36 +185,29 @@ verify_signatures (const struct TALER_MerchantWireHash *h_wire, struct GNUNET_TIME_Absolute ep_end, const struct TALER_MasterSignatureP *master_sig) { + if (GNUNET_OK != + TALER_exchange_deposit_confirm_verify (h_contract_terms, + h_wire, + NULL /* h_extensions! */, + exchange_timestamp, + wire_deadline, + refund_deadline, + amount_without_fee, + coin_pub, + merchant_pub, + exchange_pub, + exchange_sig)) { - struct TALER_DepositConfirmationPS dc = { - .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT), - .purpose.size = htonl (sizeof (dc)), - .h_contract_terms = *h_contract_terms, - .h_wire = *h_wire, - .exchange_timestamp = GNUNET_TIME_absolute_hton (exchange_timestamp), - .refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline), - .coin_pub = *coin_pub, - .merchant = *merchant_pub - }; - - TALER_amount_hton (&dc.amount_without_fee, - amount_without_fee); - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT, - &dc, - &exchange_sig->eddsa_signature, - &exchange_pub->eddsa_pub)) + GNUNET_break_op (0); + TALER_LOG_WARNING ( + "Invalid signature on /deposit-confirmation request!\n"); { - GNUNET_break_op (0); - TALER_LOG_WARNING ( - "Invalid signature on /deposit-confirmation request!\n"); - { - TALER_LOG_DEBUG ("... amount_without_fee was %s\n", - TALER_amount2s (amount_without_fee)); - } - return GNUNET_SYSERR; + TALER_LOG_DEBUG ("... amount_without_fee was %s\n", + TALER_amount2s (amount_without_fee)); } + return GNUNET_SYSERR; } + if (GNUNET_OK != TALER_exchange_offline_signkey_validity_verify ( exchange_pub, @@ -237,45 +231,13 @@ verify_signatures (const struct TALER_MerchantWireHash *h_wire, } -/** - * Submit a deposit-confirmation permission to the auditor and get the - * auditor's response. Note that while we return the response - * verbatim to the caller for further processing, we do already verify - * that the response is well-formed. If the auditor's reply is not - * well-formed, we return an HTTP status code of zero to @a cb. - * - * We also verify that the @a exchange_sig is valid for this deposit-confirmation - * request, and that the @a master_sig is a valid signature for @a - * exchange_pub. Also, the @a auditor must be ready to operate (i.e. have - * finished processing the /version reply). If either check fails, we do - * NOT initiate the transaction with the auditor and instead return NULL. - * - * @param auditor the auditor handle; the auditor must be ready to operate - * @param h_wire hash of merchant wire details - * @param h_contract_terms hash of the contact of the merchant with the customer (further details are never disclosed to the auditor) - * @param exchange_timestamp timestamp when deposit was received by the exchange - * @param refund_deadline date until which the merchant can issue a refund to the customer via the auditor (can be zero if refunds are not allowed); must not be after the @a wire_deadline - * @param amount_without_fee the amount confirmed to be wired by the exchange to the merchant - * @param coin_pub coin’s public key - * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests) - * @param exchange_sig the signature made with purpose #TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT - * @param exchange_pub the public key of the exchange that matches @a exchange_sig - * @param master_pub master public key of the exchange - * @param ep_start when does @a exchange_pub validity start - * @param ep_expire when does @a exchange_pub usage end - * @param ep_end when does @a exchange_pub legal validity end - * @param master_sig master signature affirming validity of @a exchange_pub - * @param cb the callback to call when a reply for this request is available - * @param cb_cls closure for the above callback - * @return a handle for this request; NULL if the inputs are invalid (i.e. - * signatures fail to verify). In this case, the callback is not called. - */ struct TALER_AUDITOR_DepositConfirmationHandle * TALER_AUDITOR_deposit_confirmation ( struct TALER_AUDITOR_Handle *auditor, const struct TALER_MerchantWireHash *h_wire, const struct TALER_PrivateContractHash *h_contract_terms, struct GNUNET_TIME_Absolute exchange_timestamp, + struct GNUNET_TIME_Absolute wire_deadline, struct GNUNET_TIME_Absolute refund_deadline, const struct TALER_Amount *amount_without_fee, const struct TALER_CoinSpendPublicKeyP *coin_pub, @@ -306,6 +268,7 @@ TALER_AUDITOR_deposit_confirmation ( verify_signatures (h_wire, h_contract_terms, exchange_timestamp, + wire_deadline, refund_deadline, amount_without_fee, coin_pub, @@ -332,6 +295,8 @@ TALER_AUDITOR_deposit_confirmation ( exchange_timestamp), GNUNET_JSON_pack_time_abs ("refund_deadline", refund_deadline), + GNUNET_JSON_pack_time_abs ("wire_deadline", + wire_deadline), TALER_JSON_pack_amount ("amount_without_fee", amount_without_fee), GNUNET_JSON_pack_data_auto ("coin_pub", @@ -397,12 +362,6 @@ TALER_AUDITOR_deposit_confirmation ( } -/** - * Cancel a deposit-confirmation permission request. This function cannot be used - * on a request handle if a response is already served for it. - * - * @param deposit_confirmation the deposit-confirmation permission request handle - */ void TALER_AUDITOR_deposit_confirmation_cancel ( struct TALER_AUDITOR_DepositConfirmationHandle *deposit_confirmation) -- cgit v1.2.3