taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

-complete extended reserve history signature check logic to libtalerexchange

Browse Source
This commit is contained in:
Christian Grothoff 2022-05-22 23:50:58 +02:00
parent 67535ebf65
commit 3599ac0ac2
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
5 changed files with 80 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/exchange/taler-exchange-httpd_responses.c
View File

@ -755,16 +755,18 @@ TEH_RESPONSE_compile_reserve_history (
&merge->h_contract_terms), &merge->h_contract_terms),
GNUNET_JSON_pack_data_auto ("merge_pub", GNUNET_JSON_pack_data_auto ("merge_pub",
&merge->merge_pub), &merge->merge_pub),
GNUNET_JSON_pack_data_auto ("purse_sig", GNUNET_JSON_pack_uint64 ("min_age",
&merge->purse_sig), merge->min_age),
GNUNET_JSON_pack_uint64 ("flags",
merge->flags),
GNUNET_JSON_pack_data_auto ("purse_pub", GNUNET_JSON_pack_data_auto ("purse_pub",
&merge->purse_pub), &merge->purse_pub),
GNUNET_JSON_pack_data_auto ("merge_sig",
&merge->merge_sig),
GNUNET_JSON_pack_data_auto ("reserve_sig", GNUNET_JSON_pack_data_auto ("reserve_sig",
&merge->reserve_sig), &merge->reserve_sig),
GNUNET_JSON_pack_timestamp ("merge_timestamp", GNUNET_JSON_pack_timestamp ("merge_timestamp",
merge->merge_timestamp), merge->merge_timestamp),
GNUNET_JSON_pack_timestamp ("purse_expiration",
merge->purse_expiration),
TALER_JSON_pack_amount ("amount", TALER_JSON_pack_amount ("amount",
&amount), &amount),
TALER_JSON_pack_amount ("purse_fee", TALER_JSON_pack_amount ("purse_fee",

17
src/exchangedb/plugin_exchangedb_postgres.c
View File

@ -2136,11 +2136,12 @@ prepare_statements (struct PostgresClosure *pg)
",pr.purse_fee_frac" ",pr.purse_fee_frac"
",pr.h_contract_terms" ",pr.h_contract_terms"
",pr.merge_pub" ",pr.merge_pub"
",pr.purse_sig"
",am.reserve_sig" ",am.reserve_sig"
",pm.purse_pub" ",pm.purse_pub"
",pm.merge_sig"
",pm.merge_timestamp" ",pm.merge_timestamp"
",pr.purse_expiration"
",pr.age_limit"
",pr.flags"
" FROM purse_merges pm" " FROM purse_merges pm"
" JOIN purse_requests pr" " JOIN purse_requests pr"
" USING (purse_pub)" " USING (purse_pub)"
@ -6191,6 +6192,7 @@ add_p2p_merge (void *cls,
merge = GNUNET_new (struct TALER_EXCHANGEDB_PurseMerge); merge = GNUNET_new (struct TALER_EXCHANGEDB_PurseMerge);
{ {
uint32_t flags32;
struct GNUNET_PQ_ResultSpec rs[] = { struct GNUNET_PQ_ResultSpec rs[] = {
TALER_PQ_RESULT_SPEC_AMOUNT ("purse_fee", TALER_PQ_RESULT_SPEC_AMOUNT ("purse_fee",
&merge->purse_fee), &merge->purse_fee),
@ -6198,16 +6200,18 @@ add_p2p_merge (void *cls,
&merge->amount_with_fee), &merge->amount_with_fee),
GNUNET_PQ_result_spec_timestamp ("merge_timestamp", GNUNET_PQ_result_spec_timestamp ("merge_timestamp",
&merge->merge_timestamp), &merge->merge_timestamp),
GNUNET_PQ_result_spec_timestamp ("purse_expiration",
&merge->purse_expiration),
GNUNET_PQ_result_spec_uint32 ("age_limit",
&merge->min_age),
GNUNET_PQ_result_spec_uint32 ("flags",
&flags32),
GNUNET_PQ_result_spec_auto_from_type ("h_contract_terms", GNUNET_PQ_result_spec_auto_from_type ("h_contract_terms",
&merge->h_contract_terms), &merge->h_contract_terms),
GNUNET_PQ_result_spec_auto_from_type ("merge_pub", GNUNET_PQ_result_spec_auto_from_type ("merge_pub",
&merge->merge_pub), &merge->merge_pub),
GNUNET_PQ_result_spec_auto_from_type ("purse_sig",
&merge->purse_sig),
GNUNET_PQ_result_spec_auto_from_type ("purse_pub", GNUNET_PQ_result_spec_auto_from_type ("purse_pub",
&merge->purse_pub), &merge->purse_pub),
GNUNET_PQ_result_spec_auto_from_type ("merge_sig",
&merge->merge_sig),
GNUNET_PQ_result_spec_auto_from_type ("reserve_sig", GNUNET_PQ_result_spec_auto_from_type ("reserve_sig",
&merge->reserve_sig), &merge->reserve_sig),
GNUNET_PQ_result_spec_end GNUNET_PQ_result_spec_end
@ -6223,6 +6227,7 @@ add_p2p_merge (void *cls,
rhc->status = GNUNET_SYSERR; rhc->status = GNUNET_SYSERR;
return; return;
} }
merge->flags = (enum TALER_WalletAccountMergeFlags) flags32;
} }
GNUNET_assert (0 <= GNUNET_assert (0 <=
TALER_amount_add (&rhc->balance_out, TALER_amount_add (&rhc->balance_out,

25
src/include/taler_exchange_service.h
View File

@ -1510,21 +1510,11 @@ struct TALER_EXCHANGE_ReserveHistoryEntry
*/ */
struct TALER_PurseMergePublicKeyP merge_pub; struct TALER_PurseMergePublicKeyP merge_pub;
/**
* Purse signature.
*/
struct TALER_PurseContractSignatureP purse_sig;
/** /**
* Purse public key. * Purse public key.
*/ */
struct TALER_PurseContractPublicKeyP purse_pub; struct TALER_PurseContractPublicKeyP purse_pub;
/**
* Merge signature.
*/
struct TALER_PurseMergePublicKeyP merge_sig;
/** /**
* Signature by the reserve approving the merge. * Signature by the reserve approving the merge.
*/ */
@ -1535,6 +1525,21 @@ struct TALER_EXCHANGE_ReserveHistoryEntry
*/ */
struct GNUNET_TIME_Timestamp merge_timestamp; struct GNUNET_TIME_Timestamp merge_timestamp;
/**
* When was the purse set to expire.
*/
struct GNUNET_TIME_Timestamp purse_expiration;
/**
* Minimum age required for depositing into the purse.
*/
uint32_t min_age;
/**
* Flags of the purse.
*/
enum TALER_WalletAccountMergeFlags flags;
} merge_details; } merge_details;
} details; } details;

25
src/include/taler_exchangedb_plugin.h
View File

@ -1009,21 +1009,11 @@ struct TALER_EXCHANGEDB_PurseMerge
*/ */
struct TALER_PurseMergePublicKeyP merge_pub; struct TALER_PurseMergePublicKeyP merge_pub;
/**
* Purse signature.
*/
struct TALER_PurseContractSignatureP purse_sig;
/** /**
* Purse public key. * Purse public key.
*/ */
struct TALER_PurseContractPublicKeyP purse_pub; struct TALER_PurseContractPublicKeyP purse_pub;
/**
* Merge signature.
*/
struct TALER_PurseMergePublicKeyP merge_sig;
/** /**
* Signature by the reserve approving the merge. * Signature by the reserve approving the merge.
*/ */
@ -1034,6 +1024,21 @@ struct TALER_EXCHANGEDB_PurseMerge
*/ */
struct GNUNET_TIME_Timestamp merge_timestamp; struct GNUNET_TIME_Timestamp merge_timestamp;
/**
* When was the purse set to expire.
*/
struct GNUNET_TIME_Timestamp purse_expiration;
/**
* Minimum age required for depositing into the purse.
*/
uint32_t min_age;
/**
* Flags of the purse.
*/
enum TALER_WalletAccountMergeFlags flags;
}; };

41
src/lib/exchange_api_common.c
View File

@ -397,17 +397,18 @@ parse_merge (struct TALER_EXCHANGE_ReserveHistoryEntry *rh,
struct HistoryParseContext *uc, struct HistoryParseContext *uc,
const json_t *transaction) const json_t *transaction)
{ {
uint32_t flags32;
struct GNUNET_JSON_Specification merge_spec[] = { struct GNUNET_JSON_Specification merge_spec[] = {
GNUNET_JSON_spec_fixed_auto ("h_contract_terms", GNUNET_JSON_spec_fixed_auto ("h_contract_terms",
&rh->details.merge_details.h_contract_terms), &rh->details.merge_details.h_contract_terms),
GNUNET_JSON_spec_fixed_auto ("merge_pub", GNUNET_JSON_spec_fixed_auto ("merge_pub",
&rh->details.merge_details.merge_pub), &rh->details.merge_details.merge_pub),
GNUNET_JSON_spec_fixed_auto ("purse_sig",
&rh->details.merge_details.purse_sig),
GNUNET_JSON_spec_fixed_auto ("purse_pub", GNUNET_JSON_spec_fixed_auto ("purse_pub",
&rh->details.merge_details.purse_pub), &rh->details.merge_details.purse_pub),
GNUNET_JSON_spec_fixed_auto ("merge_sig", GNUNET_JSON_spec_uint32 ("min_age",
&rh->details.merge_details.merge_sig), &rh->details.merge_details.min_age),
GNUNET_JSON_spec_uint32 ("flags",
&flags32),
GNUNET_JSON_spec_fixed_auto ("reserve_sig", GNUNET_JSON_spec_fixed_auto ("reserve_sig",
&rh->details.merge_details.reserve_sig), &rh->details.merge_details.reserve_sig),
TALER_JSON_spec_amount_any ("purse_fee", TALER_JSON_spec_amount_any ("purse_fee",
@ -426,8 +427,24 @@ parse_merge (struct TALER_EXCHANGE_ReserveHistoryEntry *rh,
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
rh->details.merge_details.flags =
GNUNET_break (0); // FIXME: verify signatures! (enum TALER_WalletAccountMergeFlags) flags32;
if (GNUNET_OK !=
TALER_wallet_account_merge_verify (
rh->details.merge_details.merge_timestamp,
&rh->details.merge_details.purse_pub,
rh->details.merge_details.purse_expiration,
&rh->details.merge_details.h_contract_terms,
&rh->amount,
&rh->details.merge_details.purse_fee,
rh->details.merge_details.min_age,
rh->details.merge_details.flags,
uc->reserve_pub,
&rh->details.merge_details.reserve_sig))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
if (0 > if (0 >
TALER_amount_add (uc->total_in, TALER_amount_add (uc->total_in,
uc->total_in, uc->total_in,
@ -473,8 +490,16 @@ parse_history (struct TALER_EXCHANGE_ReserveHistoryEntry *rh,
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
if (GNUNET_OK !=
GNUNET_break (0); // FIXME: verify signature! TALER_wallet_reserve_history_verify (
rh->details.history_details.request_timestamp,
&rh->details.history_details.history_fee,
uc->reserve_pub,
&rh->details.history_details.reserve_sig))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
if (0 > if (0 >
TALER_amount_add (uc->total_out, TALER_amount_add (uc->total_out,
uc->total_out, uc->total_out,