From 1b89e8380d843d8f0d48a4ea8ecbae3f6d9039db Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Fri, 10 Apr 2020 16:49:54 +0200 Subject: [PATCH] return signature from refund API --- src/include/taler_exchange_service.h | 19 +++++++++++-------- src/lib/exchange_api_refund.c | 19 +++++++++++++------ src/testing/testing_api_cmd_refund.c | 4 +++- 3 files changed, 27 insertions(+), 15 deletions(-) diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index 68f0cea38..de7cb1e2b 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -850,22 +850,23 @@ struct TALER_EXCHANGE_RefundHandle; * @param cls closure * @param hr HTTP response data * @param sign_key exchange key used to sign @a obj, or NULL + * @param signature the actual signature, or NULL on error */ typedef void (*TALER_EXCHANGE_RefundCallback) ( void *cls, const struct TALER_EXCHANGE_HttpResponse *hr, - const struct TALER_ExchangePublicKeyP *sign_key); + const struct TALER_ExchangePublicKeyP *sign_key, + const struct TALER_ExchangeSignatureP *signature); /** - * Submit a refund request to the exchange and get the exchange's - * response. This API is used by a merchant. Note that - * while we return the response verbatim to the caller for further - * processing, we do already verify that the response is well-formed - * (i.e. that signatures included in the response are all valid). If - * the exchange's reply is not well-formed, we return an HTTP status code - * of zero to @a cb. + * Submit a refund request to the exchange and get the exchange's response. + * This API is used by a merchant. Note that while we return the response + * verbatim to the caller for further processing, we do already verify that + * the response is well-formed (i.e. that signatures included in the response + * are all valid). If the exchange's reply is not well-formed, we return an + * HTTP status code of zero to @a cb. * * The @a exchange must be ready to operate (i.e. have * finished processing the /keys reply). If this check fails, we do @@ -913,6 +914,8 @@ TALER_EXCHANGE_refund (struct TALER_EXCHANGE_Handle *exchange, * finished processing the /keys reply). If this check fails, we do * NOT initiate the transaction with the exchange and instead return NULL. * + * FIXME: We can probably DEPRECATE this API and only use #TALER_EXCHANGE_refund()! + * * @param exchange the exchange handle; the exchange must be ready to operate * @param amount the amount to be refunded; must be larger than the refund fee * (as that fee is still being subtracted), and smaller than the amount diff --git a/src/lib/exchange_api_refund.c b/src/lib/exchange_api_refund.c index 7ece7eb10..c64dcc97a 100644 --- a/src/lib/exchange_api_refund.c +++ b/src/lib/exchange_api_refund.c @@ -84,17 +84,19 @@ struct TALER_EXCHANGE_RefundHandle * @param rh refund handle * @param json json reply with the signature * @param[out] exchange_pub set to the exchange's public key + * @param[out] exchange_sig set to the exchange's signature * @return #GNUNET_OK if the signature is valid, #GNUNET_SYSERR if not */ static int verify_refund_signature_ok (const struct TALER_EXCHANGE_RefundHandle *rh, const json_t *json, - struct TALER_ExchangePublicKeyP *exchange_pub) + struct TALER_ExchangePublicKeyP *exchange_pub, + struct TALER_ExchangeSignatureP *exchange_sig) + { - struct TALER_ExchangeSignatureP exchange_sig; const struct TALER_EXCHANGE_Keys *key_state; struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_fixed_auto ("sig", &exchange_sig), + GNUNET_JSON_spec_fixed_auto ("sig", exchange_sig), GNUNET_JSON_spec_fixed_auto ("pub", exchange_pub), GNUNET_JSON_spec_end () }; @@ -118,7 +120,7 @@ verify_refund_signature_ok (const struct TALER_EXCHANGE_RefundHandle *rh, if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_REFUND, &rh->depconf, - &exchange_sig.eddsa_signature, + &exchange_sig->eddsa_signature, &exchange_pub->eddsa_pub)) { GNUNET_break_op (0); @@ -143,7 +145,9 @@ handle_refund_finished (void *cls, { struct TALER_EXCHANGE_RefundHandle *rh = cls; struct TALER_ExchangePublicKeyP exchange_pub; + struct TALER_ExchangeSignatureP exchange_sig; struct TALER_ExchangePublicKeyP *ep = NULL; + struct TALER_ExchangeSignatureP *es = NULL; const json_t *j = response; struct TALER_EXCHANGE_HttpResponse hr = { .reply = j, @@ -160,7 +164,8 @@ handle_refund_finished (void *cls, if (GNUNET_OK != verify_refund_signature_ok (rh, j, - &exchange_pub)) + &exchange_pub, + &exchange_sig)) { GNUNET_break_op (0); hr.http_status = 0; @@ -169,6 +174,7 @@ handle_refund_finished (void *cls, else { ep = &exchange_pub; + es = &exchange_sig; } break; case MHD_HTTP_BAD_REQUEST: @@ -227,7 +233,8 @@ handle_refund_finished (void *cls, } rh->cb (rh->cb_cls, &hr, - ep); + ep, + es); TALER_EXCHANGE_refund_cancel (rh); } diff --git a/src/testing/testing_api_cmd_refund.c b/src/testing/testing_api_cmd_refund.c index 7dbcc3419..47f5a0609 100644 --- a/src/testing/testing_api_cmd_refund.c +++ b/src/testing/testing_api_cmd_refund.c @@ -83,11 +83,13 @@ struct RefundState * @param hr HTTP response details * @param exchange_pub public key the exchange * used for signing @a obj. + * @param exchange_sig actual signature confirming the refund */ static void refund_cb (void *cls, const struct TALER_EXCHANGE_HttpResponse *hr, - const struct TALER_ExchangePublicKeyP *exchange_pub) + const struct TALER_ExchangePublicKeyP *exchange_pub, + const struct TALER_ExchangeSignatureP *exchange_sig) { struct RefundState *rs = cls;