2015-01-08 18:37:20 +01:00
|
|
|
/*
|
|
|
|
|
This file is part of TALER
|
|
|
|
|
(C) 2014 GNUnet e.V.
|
|
|
|
|
|
|
|
|
|
TALER is free software; you can redistribute it and/or modify it under the
|
|
|
|
|
terms of the GNU Affero General Public License as published by the Free Software
|
|
|
|
|
Foundation; either version 3, or (at your option) any later version.
|
|
|
|
|
|
|
|
|
|
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
|
|
|
|
|
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
|
|
|
|
|
A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
|
|
|
|
|
|
|
|
|
|
You should have received a copy of the GNU Affero General Public License along with
|
|
|
|
|
TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/>
|
|
|
|
|
*/
|
|
|
|
|
/**
|
|
|
|
|
* @file taler-mint-httpd_deposit.c
|
2015-01-19 21:04:58 +01:00
|
|
|
* @brief Handle /deposit requests; parses the POST and JSON and
|
|
|
|
|
* verifies the coin signature before handing things off
|
|
|
|
|
* to the database.
|
2015-01-08 18:37:20 +01:00
|
|
|
* @author Florian Dold
|
|
|
|
|
* @author Benedikt Mueller
|
|
|
|
|
* @author Christian Grothoff
|
2015-01-19 21:09:47 +01:00
|
|
|
*
|
|
|
|
|
* TODO:
|
|
|
|
|
* - actually verify coin signature
|
|
|
|
|
* - revisit `struct Deposit` parsing once the struct
|
|
|
|
|
* has been finalized
|
2015-01-08 18:37:20 +01:00
|
|
|
*/
|
|
|
|
|
#include "platform.h"
|
|
|
|
|
#include <gnunet/gnunet_util_lib.h>
|
|
|
|
|
#include <jansson.h>
|
|
|
|
|
#include <microhttpd.h>
|
|
|
|
|
#include <libpq-fe.h>
|
|
|
|
|
#include <pthread.h>
|
|
|
|
|
#include "mint.h"
|
|
|
|
|
#include "mint_db.h"
|
|
|
|
|
#include "taler_signatures.h"
|
|
|
|
|
#include "taler_json_lib.h"
|
2015-01-16 13:50:07 +01:00
|
|
|
#include "taler-mint-httpd_parsing.h"
|
2015-01-08 18:37:20 +01:00
|
|
|
#include "taler-mint-httpd_keys.h"
|
2015-01-19 21:04:58 +01:00
|
|
|
#include "taler-mint-httpd_db.h"
|
2015-01-08 18:37:20 +01:00
|
|
|
#include "taler-mint-httpd_deposit.h"
|
2015-01-16 13:50:07 +01:00
|
|
|
#include "taler-mint-httpd_responses.h"
|
2015-01-08 18:37:20 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
2015-01-19 21:04:58 +01:00
|
|
|
* We have parsed the JSON information about the deposit, do some
|
|
|
|
|
* basic sanity checks (especially that the signature on the coin is
|
|
|
|
|
* valid, and that this type of coin exists) and then execute the
|
|
|
|
|
* deposit.
|
2015-01-08 18:37:20 +01:00
|
|
|
*
|
2015-01-19 21:04:58 +01:00
|
|
|
* @param connection the MHD connection to handle
|
|
|
|
|
* @param deposit information about the deposit
|
2015-01-08 18:37:20 +01:00
|
|
|
* @return MHD result code
|
|
|
|
|
*/
|
|
|
|
|
static int
|
2015-01-19 21:04:58 +01:00
|
|
|
verify_and_execute_deposit (struct MHD_Connection *connection,
|
|
|
|
|
const struct Deposit *deposit)
|
|
|
|
|
{
|
|
|
|
|
struct MintKeyState *key_state;
|
|
|
|
|
|
2015-01-27 23:06:23 +01:00
|
|
|
/* FIXME: verify coin signature! */
|
|
|
|
|
/*
|
|
|
|
|
if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_DEPOSIT,
|
|
|
|
|
&deposit->purpose,
|
|
|
|
|
&deposit->coin_sig,
|
|
|
|
|
&deposit->coin_pub))
|
|
|
|
|
{
|
|
|
|
|
resp = json_pack ("{s:s}", "error", "Signature verfication failed");
|
|
|
|
|
return TALER_MINT_reply_arg_invalid (connection,
|
|
|
|
|
"csig");
|
|
|
|
|
}
|
|
|
|
|
*/
|
2015-01-19 21:04:58 +01:00
|
|
|
|
|
|
|
|
key_state = TALER_MINT_key_state_acquire ();
|
|
|
|
|
if (GNUNET_YES !=
|
|
|
|
|
TALER_MINT_test_coin_valid (key_state,
|
2015-01-27 23:06:23 +01:00
|
|
|
&deposit->coin))
|
2015-01-19 21:04:58 +01:00
|
|
|
{
|
2015-01-27 23:06:23 +01:00
|
|
|
LOG_WARNING ("Invalid coin passed for /deposit\n");
|
2015-01-19 21:04:58 +01:00
|
|
|
TALER_MINT_key_state_release (key_state);
|
|
|
|
|
return TALER_MINT_reply_json_pack (connection,
|
|
|
|
|
MHD_HTTP_NOT_FOUND,
|
|
|
|
|
"{s:s}",
|
|
|
|
|
"error", "Coin is not valid");
|
|
|
|
|
}
|
|
|
|
|
TALER_MINT_key_state_release (key_state);
|
|
|
|
|
|
|
|
|
|
return TALER_MINT_db_execute_deposit (connection,
|
|
|
|
|
deposit);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Handle a "/deposit" request. This function parses the
|
|
|
|
|
* JSON information and then calls #verify_and_execute_deposit()
|
2015-01-27 23:06:23 +01:00
|
|
|
* to verify the signatures and execute the deposit.
|
2015-01-19 21:04:58 +01:00
|
|
|
*
|
|
|
|
|
* @param connection the MHD connection to handle
|
|
|
|
|
* @param root root of the posted JSON
|
|
|
|
|
* @param purpose is this a #TALER_SIGNATURE_DEPOSIT or
|
2015-01-27 23:06:23 +01:00
|
|
|
* #TALER_SIGNATURE_INCREMENTAL_DEPOSIT // FIXME: bad type, use enum!
|
2015-01-19 21:04:58 +01:00
|
|
|
* @param wire json describing the wire details (?)
|
|
|
|
|
* @return MHD result code
|
|
|
|
|
*/
|
|
|
|
|
static int
|
|
|
|
|
parse_and_handle_deposit_request (struct MHD_Connection *connection,
|
|
|
|
|
const json_t *root,
|
|
|
|
|
uint32_t purpose,
|
|
|
|
|
const json_t *wire)
|
2015-01-08 18:37:20 +01:00
|
|
|
{
|
2015-01-27 23:06:23 +01:00
|
|
|
int res;
|
|
|
|
|
struct Deposit deposit;
|
2015-01-19 21:04:58 +01:00
|
|
|
char *wire_enc;
|
|
|
|
|
size_t len;
|
2015-01-27 23:06:23 +01:00
|
|
|
struct GNUNET_MINT_ParseFieldSpec spec[] = {
|
|
|
|
|
TALER_MINT_PARSE_VARIABLE ("denom_pub"),
|
|
|
|
|
TALER_MINT_PARSE_VARIABLE ("ubsig"),
|
|
|
|
|
TALER_MINT_PARSE_FIXED ("coin_pub", &deposit.coin.coin_pub),
|
|
|
|
|
TALER_MINT_PARSE_FIXED ("merchant_pub", &deposit.merchant_pub),
|
|
|
|
|
TALER_MINT_PARSE_FIXED ("H_a", &deposit.h_contract),
|
|
|
|
|
TALER_MINT_PARSE_FIXED ("H_wire", &deposit.h_wire),
|
|
|
|
|
TALER_MINT_PARSE_FIXED ("csig", &deposit.csig),
|
|
|
|
|
TALER_MINT_PARSE_FIXED ("transaction_id", &deposit.transaction_id),
|
|
|
|
|
TALER_MINT_PARSE_END
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
memset (&deposit, 0, sizeof (deposit));
|
|
|
|
|
res = TALER_MINT_parse_json_data (connection,
|
|
|
|
|
root,
|
|
|
|
|
spec);
|
|
|
|
|
if (GNUNET_SYSERR == res)
|
|
|
|
|
return MHD_NO; /* hard failure */
|
|
|
|
|
if (GNUNET_NO == res)
|
|
|
|
|
return MHD_YES; /* failure */
|
|
|
|
|
deposit.coin.denom_pub
|
|
|
|
|
= GNUNET_CRYPTO_rsa_public_key_decode (spec[0].destination,
|
|
|
|
|
spec[0].destination_size_out);
|
|
|
|
|
if (NULL == deposit.coin.denom_pub)
|
|
|
|
|
{
|
|
|
|
|
LOG_WARNING ("Failed to parse denomination key for /deposit request\n");
|
|
|
|
|
TALER_MINT_release_parsed_data (spec);
|
|
|
|
|
return TALER_MINT_reply_arg_invalid (connection,
|
|
|
|
|
"denom_pub");
|
|
|
|
|
}
|
|
|
|
|
deposit.coin.denom_sig
|
|
|
|
|
= GNUNET_CRYPTO_rsa_signature_decode (spec[1].destination,
|
|
|
|
|
spec[1].destination_size_out);
|
|
|
|
|
if (NULL == deposit.coin.denom_sig)
|
|
|
|
|
{
|
|
|
|
|
LOG_WARNING ("Failed to parse unblinded signature for /deposit request\n");
|
|
|
|
|
GNUNET_CRYPTO_rsa_public_key_free (deposit.coin.denom_pub);
|
|
|
|
|
TALER_MINT_release_parsed_data (spec);
|
|
|
|
|
return TALER_MINT_reply_arg_invalid (connection,
|
|
|
|
|
"denom_pub");
|
|
|
|
|
}
|
2015-01-19 21:04:58 +01:00
|
|
|
if (NULL == (wire_enc = json_dumps (wire, JSON_COMPACT | JSON_SORT_KEYS)))
|
|
|
|
|
{
|
2015-01-27 23:06:23 +01:00
|
|
|
GNUNET_CRYPTO_rsa_public_key_free (deposit.coin.denom_pub);
|
|
|
|
|
GNUNET_CRYPTO_rsa_signature_free (deposit.coin.denom_sig);
|
|
|
|
|
LOG_WARNING ("Failed to parse JSON wire format specification for /deposit request\n");
|
|
|
|
|
TALER_MINT_release_parsed_data (spec);
|
|
|
|
|
return TALER_MINT_reply_arg_invalid (connection,
|
|
|
|
|
"wire");
|
2015-01-19 21:04:58 +01:00
|
|
|
}
|
|
|
|
|
len = strlen (wire_enc) + 1;
|
2015-01-27 23:06:23 +01:00
|
|
|
GNUNET_CRYPTO_hash (wire_enc,
|
|
|
|
|
len,
|
|
|
|
|
&deposit.h_wire);
|
2015-01-19 21:04:58 +01:00
|
|
|
GNUNET_free (wire_enc);
|
|
|
|
|
|
2015-01-27 23:06:23 +01:00
|
|
|
deposit.wire = wire;
|
|
|
|
|
deposit.purpose = purpose;
|
|
|
|
|
|
|
|
|
|
// FIXME: deposit.amount not initialized!
|
|
|
|
|
|
|
|
|
|
res = verify_and_execute_deposit (connection,
|
|
|
|
|
&deposit);
|
|
|
|
|
GNUNET_CRYPTO_rsa_public_key_free (deposit.coin.denom_pub);
|
|
|
|
|
GNUNET_CRYPTO_rsa_signature_free (deposit.coin.denom_sig);
|
|
|
|
|
TALER_MINT_release_parsed_data (spec);
|
2015-01-19 21:04:58 +01:00
|
|
|
return res;
|
2015-01-08 18:37:20 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
2015-01-27 23:06:23 +01:00
|
|
|
* Handle a "/deposit" request. Parses the JSON in the post to find
|
|
|
|
|
* the "type" (either DIRECT_DEPOSIT or INCREMENTAL_DEPOSIT), and, if
|
2015-01-19 21:04:58 +01:00
|
|
|
* successful, passes the JSON data to
|
2015-01-27 23:06:23 +01:00
|
|
|
* #parse_and_handle_deposit_request() to further check the details
|
|
|
|
|
* of the operation specified in the "wire" field of the JSON data.
|
|
|
|
|
* If everything checks out, this will ultimately lead to the
|
|
|
|
|
* "/deposit" being executed, or rejected.
|
2015-01-08 18:37:20 +01:00
|
|
|
*
|
|
|
|
|
* @param rh context of the handler
|
|
|
|
|
* @param connection the MHD connection to handle
|
|
|
|
|
* @param[IN|OUT] connection_cls the connection's closure (can be updated)
|
|
|
|
|
* @param upload_data upload data
|
|
|
|
|
* @param[IN|OUT] upload_data_size number of bytes (left) in @a upload_data
|
|
|
|
|
* @return MHD result code
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
TALER_MINT_handler_deposit (struct RequestHandler *rh,
|
|
|
|
|
struct MHD_Connection *connection,
|
|
|
|
|
void **connection_cls,
|
|
|
|
|
const char *upload_data,
|
|
|
|
|
size_t *upload_data_size)
|
|
|
|
|
{
|
|
|
|
|
json_t *json;
|
|
|
|
|
json_t *wire;
|
|
|
|
|
const char *deposit_type;
|
|
|
|
|
int res;
|
2015-01-19 21:04:58 +01:00
|
|
|
uint32_t purpose;
|
2015-01-08 18:37:20 +01:00
|
|
|
|
2015-01-16 14:04:02 +01:00
|
|
|
res = TALER_MINT_parse_post_json (connection,
|
2015-01-16 14:27:42 +01:00
|
|
|
connection_cls,
|
|
|
|
|
upload_data,
|
|
|
|
|
upload_data_size,
|
|
|
|
|
&json);
|
2015-01-08 18:37:20 +01:00
|
|
|
if (GNUNET_SYSERR == res)
|
|
|
|
|
return MHD_NO;
|
2015-01-16 14:27:42 +01:00
|
|
|
if ( (GNUNET_NO == res) || (NULL == json) )
|
2015-01-08 18:37:20 +01:00
|
|
|
return MHD_YES;
|
|
|
|
|
if (-1 == json_unpack (json,
|
2015-01-16 15:14:18 +01:00
|
|
|
"{s:s, s:o}",
|
2015-01-08 18:37:20 +01:00
|
|
|
"type", &deposit_type,
|
|
|
|
|
"wire", &wire))
|
|
|
|
|
{
|
|
|
|
|
GNUNET_break_op (0);
|
2015-01-19 21:04:58 +01:00
|
|
|
return TALER_MINT_reply_json_pack (connection,
|
|
|
|
|
MHD_HTTP_BAD_REQUEST,
|
|
|
|
|
"{s:s}",
|
|
|
|
|
"error", "Bad format");
|
2015-01-08 18:37:20 +01:00
|
|
|
}
|
|
|
|
|
if (0 == strcmp ("DIRECT_DEPOSIT", deposit_type))
|
2015-01-19 21:04:58 +01:00
|
|
|
purpose = TALER_SIGNATURE_DEPOSIT;
|
2015-01-08 18:37:20 +01:00
|
|
|
else if (0 == strcmp ("INCREMENTAL_DEPOSIT", deposit_type))
|
2015-01-19 21:04:58 +01:00
|
|
|
purpose = TALER_SIGNATURE_INCREMENTAL_DEPOSIT;
|
2015-01-08 18:37:20 +01:00
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
GNUNET_break_op (0);
|
|
|
|
|
json_decref (wire);
|
2015-01-19 21:04:58 +01:00
|
|
|
return TALER_MINT_reply_json_pack (connection,
|
|
|
|
|
MHD_HTTP_BAD_REQUEST,
|
|
|
|
|
"{s:s}",
|
|
|
|
|
"error", "Bad format");
|
|
|
|
|
}
|
|
|
|
|
res = parse_and_handle_deposit_request (connection,
|
|
|
|
|
json,
|
|
|
|
|
purpose,
|
|
|
|
|
wire);
|
|
|
|
|
json_decref (wire);
|
2015-01-08 18:37:20 +01:00
|
|
|
return res;
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-19 21:04:58 +01:00
|
|
|
|
2015-01-08 18:37:20 +01:00
|
|
|
/* end of taler-mint-httpd_deposit.c */
|
