fix FIXME: sign also over balance during account-setup

2022-12-06 13:02:54 +01:00 · 2022-12-06 13:02:54 +01:00 · 21959eebd2
commit 21959eebd2
parent 9e4ac84b6e
4 changed files with 51 additions and 16 deletions
--- a/src/exchange/taler-exchange-httpd_kyc-wallet.c
+++ b/src/exchange/taler-exchange-httpd_kyc-wallet.c
@ -164,8 +164,6 @@ TEH_handler_kyc_wallet (
                                 &reserve_sig),
    GNUNET_JSON_spec_fixed_auto ("reserve_pub",
                                 &reserve_pub),
-    // FIXME: add balance threshold crossed to the request
-    // to spec and client API!
    TALER_JSON_spec_amount ("balance",
                            TEH_currency,
                            &krc.balance),
@ -184,10 +182,9 @@ TEH_handler_kyc_wallet (
    return MHD_YES;   /* failure */

  TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
-  // FIXME: add balance threshold crossed to
-  // what the wallet signs over!
  if (GNUNET_OK !=
      TALER_wallet_account_setup_verify (&reserve_pub,
+                                         &krc.balance,
                                         &reserve_sig))
  {
    GNUNET_break_op (0);
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@ -3192,11 +3192,13 @@ TALER_wallet_reserve_close_verify (
 * Sign a request by a wallet to perform a KYC check.
 *
 * @param reserve_priv key identifying the wallet/account
+ * @param balance_threshold the balance threshold the wallet is about to cross
 * @param[out] reserve_sig resulting signature
 */
 void
 TALER_wallet_account_setup_sign (
  const struct TALER_ReservePrivateKeyP *reserve_priv,
+  const struct TALER_Amount *balance_threshold,
  struct TALER_ReserveSignatureP *reserve_sig);


@ -3204,12 +3206,14 @@ TALER_wallet_account_setup_sign (
 * Verify account setup request.
 *
 * @param reserve_pub reserve the setup request was for
+ * @param balance_threshold the balance threshold the wallet is about to cross
 * @param reserve_sig resulting signature
 * @return #GNUNET_OK if the signature is valid
 */
 enum GNUNET_GenericReturnValue
 TALER_wallet_account_setup_verify (
  const struct TALER_ReservePublicKeyP *reserve_pub,
+  const struct TALER_Amount *balance_threshold,
  const struct TALER_ReserveSignatureP *reserve_sig);


--- a/src/lib/exchange_api_kyc_wallet.c
+++ b/src/lib/exchange_api_kyc_wallet.c
@ -170,6 +170,7 @@ TALER_EXCHANGE_kyc_wallet (struct TALER_EXCHANGE_Handle *exchange,
  GNUNET_CRYPTO_eddsa_key_get_public (&reserve_priv->eddsa_priv,
                                      &reserve_pub.eddsa_pub);
  TALER_wallet_account_setup_sign (reserve_priv,
+                                   balance,
                                   &reserve_sig);
  req = GNUNET_JSON_PACK (
    TALER_JSON_pack_amount ("balance",
--- a/src/util/wallet_signatures.c
+++ b/src/util/wallet_signatures.c
@ -604,36 +604,68 @@ TALER_wallet_withdraw_verify (
 }


+GNUNET_NETWORK_STRUCT_BEGIN
+
+
+/**
+ * @brief Format used for to generate the signature on a request to withdraw
+ * coins from a reserve.
+ */
+struct TALER_AccountSetupRequestSignaturePS
+{
+
+  /**
+   * Purpose must be #TALER_SIGNATURE_WALLET_ACCOUNT_SETUP.
+   * Used with an EdDSA signature of a `struct TALER_ReservePublicKeyP`.
+   */
+  struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+
+  /**
+   * Balance threshold the wallet is about to cross.
+   */
+  struct TALER_AmountNBO threshold;
+
+};
+
+
+GNUNET_NETWORK_STRUCT_END
+
+
 void
 TALER_wallet_account_setup_sign (
  const struct TALER_ReservePrivateKeyP *reserve_priv,
+  const struct TALER_Amount *balance_threshold,
  struct TALER_ReserveSignatureP *reserve_sig)
 {
-  struct GNUNET_CRYPTO_EccSignaturePurpose purpose = {
-    .size = htonl (sizeof (purpose)),
-    .purpose = htonl (TALER_SIGNATURE_WALLET_ACCOUNT_SETUP)
+  struct TALER_AccountSetupRequestSignaturePS asap = {
+    .purpose.size = htonl (sizeof (asap)),
+    .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_ACCOUNT_SETUP)
  };

-  GNUNET_assert (GNUNET_OK ==
-                 GNUNET_CRYPTO_eddsa_sign_ (&reserve_priv->eddsa_priv,
-                                            &purpose,
-                                            &reserve_sig->eddsa_signature));
+  TALER_amount_hton (&asap.threshold,
+                     balance_threshold);
+  GNUNET_CRYPTO_eddsa_sign (&reserve_priv->eddsa_priv,
+                            &asap,
+                            &reserve_sig->eddsa_signature);
 }


 enum GNUNET_GenericReturnValue
 TALER_wallet_account_setup_verify (
  const struct TALER_ReservePublicKeyP *reserve_pub,
+  const struct TALER_Amount *balance_threshold,
  const struct TALER_ReserveSignatureP *reserve_sig)
 {
-  struct GNUNET_CRYPTO_EccSignaturePurpose purpose = {
-    .size = htonl (sizeof (purpose)),
-    .purpose = htonl (TALER_SIGNATURE_WALLET_ACCOUNT_SETUP)
+  struct TALER_AccountSetupRequestSignaturePS asap = {
+    .purpose.size = htonl (sizeof (asap)),
+    .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_ACCOUNT_SETUP)
  };

-  return GNUNET_CRYPTO_eddsa_verify_ (
+  TALER_amount_hton (&asap.threshold,
+                     balance_threshold);
+  return GNUNET_CRYPTO_eddsa_verify (
    TALER_SIGNATURE_WALLET_ACCOUNT_SETUP,
-    &purpose,
+    &asap,
    &reserve_sig->eddsa_signature,
    &reserve_pub->eddsa_pub);
 }
@ -641,6 +673,7 @@ TALER_wallet_account_setup_verify (

 GNUNET_NETWORK_STRUCT_BEGIN

+
 /**
 * Response by which a wallet requests a full
 * reserve history and indicates it is willing