return signature from refund API

2020-04-10 16:49:54 +02:00 · 2020-04-10 16:49:54 +02:00 · 1b89e8380d
commit 1b89e8380d
parent 70a794b6f9
3 changed files with 27 additions and 15 deletions
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@ -850,22 +850,23 @@ struct TALER_EXCHANGE_RefundHandle;
 * @param cls closure
 * @param hr HTTP response data
 * @param sign_key exchange key used to sign @a obj, or NULL
 * @param signature the actual signature, or NULL on error
 */
 typedef void
 (*TALER_EXCHANGE_RefundCallback) (
  void *cls,
  const struct TALER_EXCHANGE_HttpResponse *hr,
-  const struct TALER_ExchangePublicKeyP *sign_key);
+  const struct TALER_ExchangePublicKeyP *sign_key,
  const struct TALER_ExchangeSignatureP *signature);
 /**
- * Submit a refund request to the exchange and get the exchange's
+ * Submit a refund request to the exchange and get the exchange's response.
- * response.  This API is used by a merchant.  Note that
+ * This API is used by a merchant.  Note that while we return the response
- * while we return the response verbatim to the caller for further
+ * verbatim to the caller for further processing, we do already verify that
- * processing, we do already verify that the response is well-formed
+ * the response is well-formed (i.e. that signatures included in the response
- * (i.e. that signatures included in the response are all valid).  If
+ * are all valid).  If the exchange's reply is not well-formed, we return an
- * the exchange's reply is not well-formed, we return an HTTP status code
+ * HTTP status code of zero to @a cb.
 * of zero to @a cb.
 *
 * The @a exchange must be ready to operate (i.e.  have
 * finished processing the /keys reply).  If this check fails, we do
@ -913,6 +914,8 @@ TALER_EXCHANGE_refund (struct TALER_EXCHANGE_Handle *exchange,
 * finished processing the /keys reply).  If this check fails, we do
 * NOT initiate the transaction with the exchange and instead return NULL.
 *
 * FIXME: We can probably DEPRECATE this API and only use #TALER_EXCHANGE_refund()!
 *
 * @param exchange the exchange handle; the exchange must be ready to operate
 * @param amount the amount to be refunded; must be larger than the refund fee
 *        (as that fee is still being subtracted), and smaller than the amount
--- a/src/lib/exchange_api_refund.c
+++ b/src/lib/exchange_api_refund.c
@ -84,17 +84,19 @@ struct TALER_EXCHANGE_RefundHandle
 * @param rh refund handle
 * @param json json reply with the signature
 * @param[out] exchange_pub set to the exchange's public key
 * @param[out] exchange_sig set to the exchange's signature
 * @return #GNUNET_OK if the signature is valid, #GNUNET_SYSERR if not
 */
 static int
 verify_refund_signature_ok (const struct TALER_EXCHANGE_RefundHandle *rh,
                            const json_t *json,
-                            struct TALER_ExchangePublicKeyP *exchange_pub)
+                            struct TALER_ExchangePublicKeyP *exchange_pub,
                            struct TALER_ExchangeSignatureP *exchange_sig)
 {
  struct TALER_ExchangeSignatureP exchange_sig;
  const struct TALER_EXCHANGE_Keys *key_state;
  struct GNUNET_JSON_Specification spec[] = {
-    GNUNET_JSON_spec_fixed_auto ("sig", &exchange_sig),
+    GNUNET_JSON_spec_fixed_auto ("sig", exchange_sig),
    GNUNET_JSON_spec_fixed_auto ("pub", exchange_pub),
    GNUNET_JSON_spec_end ()
  };
@ -118,7 +120,7 @@ verify_refund_signature_ok (const struct TALER_EXCHANGE_RefundHandle *rh,
  if (GNUNET_OK !=
      GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_REFUND,
                                  &rh->depconf,
-                                  &exchange_sig.eddsa_signature,
+                                  &exchange_sig->eddsa_signature,
                                  &exchange_pub->eddsa_pub))
  {
    GNUNET_break_op (0);
@ -143,7 +145,9 @@ handle_refund_finished (void *cls,
 {
  struct TALER_EXCHANGE_RefundHandle *rh = cls;
  struct TALER_ExchangePublicKeyP exchange_pub;
  struct TALER_ExchangeSignatureP exchange_sig;
  struct TALER_ExchangePublicKeyP *ep = NULL;
  struct TALER_ExchangeSignatureP *es = NULL;
  const json_t *j = response;
  struct TALER_EXCHANGE_HttpResponse hr = {
    .reply = j,
@ -160,7 +164,8 @@ handle_refund_finished (void *cls,
    if (GNUNET_OK !=
        verify_refund_signature_ok (rh,
                                    j,
-                                    &exchange_pub))
+                                    &exchange_pub,
                                    &exchange_sig))
    {
      GNUNET_break_op (0);
      hr.http_status = 0;
@ -169,6 +174,7 @@ handle_refund_finished (void *cls,
    else
    {
      ep = &exchange_pub;
      es = &exchange_sig;
    }
    break;
  case MHD_HTTP_BAD_REQUEST:
@ -227,7 +233,8 @@ handle_refund_finished (void *cls,
  }
  rh->cb (rh->cb_cls,
          &hr,
-          ep);
+          ep,
          es);
  TALER_EXCHANGE_refund_cancel (rh);
 }
--- a/src/testing/testing_api_cmd_refund.c
+++ b/src/testing/testing_api_cmd_refund.c
@ -83,11 +83,13 @@ struct RefundState
 * @param hr HTTP response details
 * @param exchange_pub public key the exchange
 *        used for signing @a obj.
 * @param exchange_sig actual signature confirming the refund
 */
 static void
 refund_cb (void *cls,
           const struct TALER_EXCHANGE_HttpResponse *hr,
-           const struct TALER_ExchangePublicKeyP *exchange_pub)
+           const struct TALER_ExchangePublicKeyP *exchange_pub,
           const struct TALER_ExchangeSignatureP *exchange_sig)
 {
  struct RefundState *rs = cls;