-address FIXMEs for purses GET requests

2022-05-07 23:41:33 +02:00 · 2022-05-07 23:41:33 +02:00 · 415c922c92
commit 415c922c92
parent 2d84d7f6dd
4 changed files with 76 additions and 27 deletions
--- a/contrib/gana
+++ b/contrib/gana
@ -1 +1 @@
-Subproject commit 625ae124ff4404702be49a06cf118ce0c7510d22
+Subproject commit 74cf5789db8d857780ac49b7ab9307b3cd4d80c4
--- a/src/exchange/taler-exchange-httpd_purses_get.c
+++ b/src/exchange/taler-exchange-httpd_purses_get.c
@ -364,6 +364,9 @@ TEH_handler_purses_get (struct TEH_RequestContext *rc,

  {
    struct GNUNET_TIME_Timestamp dt = GNUNET_TIME_timestamp_get ();
+    struct TALER_ExchangePublicKeyP exchange_pub;
+    struct TALER_ExchangeSignatureP exchange_sig;
+    enum TALER_ErrorCode ec;

    if (GNUNET_TIME_timestamp_cmp (dt,
                                   >,
@ -373,17 +376,32 @@ TEH_handler_purses_get (struct TEH_RequestContext *rc,
        TALER_amount_cmp (&gc->amount,
                          &gc->deposited))
      dt = GNUNET_TIME_UNIT_ZERO_TS;
-
-    // FIXME: add exchange signature!?
-    // FIXME: return amount?
-    res = TALER_MHD_REPLY_JSON_PACK (
-      rc->connection,
-      MHD_HTTP_OK,
-      GNUNET_JSON_pack_timestamp ("merge_timestamp",
-                                  gc->merge_timestamp),
-      GNUNET_JSON_pack_timestamp ("deposit_timestamp",
-                                  dt)
-      );
+    if (TALER_EC_NONE !=
+        (ec = TALER_exchange_purse_status_sign (
+           &TEH_keys_exchange_sign_,
+           gc->merge_timestamp,
+           dt,
+           &gc->deposited,
+           &exchange_pub,
+           &exchange_sig)))
+      res = TALER_MHD_reply_with_ec (rc->connection,
+                                     ec,
+                                     NULL);
+    else
+      res = TALER_MHD_REPLY_JSON_PACK (
+        rc->connection,
+        MHD_HTTP_OK,
+        TALER_JSON_pack_amount ("balance",
+                                &gc->deposited),
+        GNUNET_JSON_pack_data_auto ("exchange_sig",
+                                    &exchange_sig),
+        GNUNET_JSON_pack_data_auto ("exchange_pub",
+                                    &exchange_pub),
+        GNUNET_JSON_pack_timestamp ("merge_timestamp",
+                                    gc->merge_timestamp),
+        GNUNET_JSON_pack_timestamp ("deposit_timestamp",
+                                    dt)
+        );
  }
  return res;
 }
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@ -4097,6 +4097,12 @@ struct TALER_EXCHANGE_PurseGetResponse
       */
      struct GNUNET_TIME_Timestamp deposit_timestamp;

+      /**
+       * Reserve balance (how much was deposited in
+       * total into the reserve, minus deposit fees).
+       */
+      struct TALER_Amount balance;
+
    } success;

  } details;
@ -4126,7 +4132,7 @@ struct TALER_EXCHANGE_PurseGetHandle;
 * Request information about a purse from the exchange.
 *
 * @param exchange exchange handle
- * @param purse_priv private key of the purse
+ * @param purse_pub public key of the purse
 * @param timeout how long to wait for a change to happen
 * @param wait_for_merge true to wait for a merge event, otherwise wait for a deposit event
 * @param cb function to call with the exchange's result
@ -4136,7 +4142,7 @@ struct TALER_EXCHANGE_PurseGetHandle;
 struct TALER_EXCHANGE_PurseGetHandle *
 TALER_EXCHANGE_purse_get (
  struct TALER_EXCHANGE_Handle *exchange,
-  const struct TALER_PurseContractPrivateKeyP *purse_priv,
+  const struct TALER_PurseContractPublicKeyP *purse_pub,
  struct GNUNET_TIME_Relative timeout,
  bool wait_for_merge,
  TALER_EXCHANGE_PurseGetCallback cb,
--- a/src/lib/exchange_api_purses_get.c
+++ b/src/lib/exchange_api_purses_get.c
@ -94,14 +94,22 @@ handle_purse_get_finished (void *cls,
    break;
  case MHD_HTTP_OK:
    {
-      // FIXME: check exchange signature!
+      struct TALER_ExchangePublicKeyP exchange_pub;
+      struct TALER_ExchangeSignatureP exchange_sig;
      struct GNUNET_JSON_Specification spec[] = {
        GNUNET_JSON_spec_timestamp ("merge_timestamp",
                                    &dr.details.success.merge_timestamp),
        GNUNET_JSON_spec_timestamp ("deposit_timestamp",
                                    &dr.details.success.deposit_timestamp),
+        TALER_JSON_spec_amount_any ("balance",
+                                    &dr.details.success.balance),
+        GNUNET_JSON_spec_fixed_auto ("exchange_pub",
+                                     &exchange_pub),
+        GNUNET_JSON_spec_fixed_auto ("exchange_sig",
+                                     &exchange_sig),
        GNUNET_JSON_spec_end ()
      };
+      const struct TALER_EXCHANGE_Keys *key_state;

      if (GNUNET_OK !=
          GNUNET_JSON_parse (j,
@ -113,6 +121,30 @@ handle_purse_get_finished (void *cls,
        dr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED;
        break;
      }
+
+      key_state = TALER_EXCHANGE_get_keys (pgh->exchange);
+      if (GNUNET_OK !=
+          TALER_EXCHANGE_test_signing_key (key_state,
+                                           &exchange_pub))
+      {
+        GNUNET_break_op (0);
+        dr.hr.http_status = 0;
+        dr.hr.ec = TALER_EC_EXCHANGE_PURSES_GET_INVALID_SIGNATURE_BY_EXCHANGE;
+        break;
+      }
+      if (GNUNET_OK !=
+          TALER_exchange_purse_status_verify (
+            dr.details.success.merge_timestamp,
+            dr.details.success.deposit_timestamp,
+            &dr.details.success.balance,
+            &exchange_pub,
+            &exchange_sig))
+      {
+        GNUNET_break_op (0);
+        dr.hr.http_status = 0;
+        dr.hr.ec = TALER_EC_EXCHANGE_PURSES_GET_INVALID_SIGNATURE_BY_EXCHANGE;
+        break;
+      }
      pgh->cb (pgh->cb_cls,
               &dr);
      TALER_EXCHANGE_purse_get_cancel (pgh);
@ -163,7 +195,7 @@ handle_purse_get_finished (void *cls,
 struct TALER_EXCHANGE_PurseGetHandle *
 TALER_EXCHANGE_purse_get (
  struct TALER_EXCHANGE_Handle *exchange,
-  const struct TALER_PurseContractPrivateKeyP *purse_priv,
+  const struct TALER_PurseContractPublicKeyP *purse_pub,
  struct GNUNET_TIME_Relative timeout,
  bool wait_for_merge,
  TALER_EXCHANGE_PurseGetCallback cb,
@ -171,8 +203,7 @@ TALER_EXCHANGE_purse_get (
 {
  struct TALER_EXCHANGE_PurseGetHandle *pgh;
  CURL *eh;
-  struct TALER_PurseContractPublicKeyP purse_pub;
-  char arg_str[sizeof (purse_pub) * 2 + 64];
+  char arg_str[sizeof (*purse_pub) * 2 + 64];

  if (GNUNET_YES !=
      TEAH_handle_is_ready (exchange))
@ -184,15 +215,13 @@ TALER_EXCHANGE_purse_get (
  pgh->exchange = exchange;
  pgh->cb = cb;
  pgh->cb_cls = cb_cls;
-  GNUNET_CRYPTO_eddsa_key_get_public (&purse_priv->eddsa_priv,
-                                      &purse_pub.eddsa_pub);
  {
-    char cpub_str[sizeof (purse_pub) * 2];
+    char cpub_str[sizeof (*purse_pub) * 2];
    char *end;
    char timeout_str[32];

-    end = GNUNET_STRINGS_data_to_string (&purse_pub,
-                                         sizeof (purse_pub),
+    end = GNUNET_STRINGS_data_to_string (purse_pub,
+                                         sizeof (*purse_pub),
                                         cpub_str,
                                         sizeof (cpub_str));
    *end = '\0';
@ -231,10 +260,6 @@ TALER_EXCHANGE_purse_get (
    GNUNET_free (pgh);
    return NULL;
  }
-  /* FIXME: add signature with purse_priv
-     to authorize the GET request!? Or
-     decide it is non-critical and only
-     pass purse_pub? */
  pgh->job = GNUNET_CURL_job_add (TEAH_handle_to_context (exchange),
                                  eh,
                                  &handle_purse_get_finished,