taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix auditor to properly verify wire fee signatures and more gracefully handle arithmetic amount issue

Browse Source
This commit is contained in:
Christian Grothoff 2018-01-04 00:41:19 +01:00
parent d9f16db0ef
commit 5587732f52
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
7 changed files with 64 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/auditor/taler-auditor.c
View File

@ -1664,10 +1664,15 @@ struct WireFeeInfo
struct GNUNET_TIME_Absolute end_date;
/**
* How high is the fee.
* How high is the wire fee.
*/
struct TALER_Amount wire_fee;
/**
* How high is the closing fee.
*/
struct TALER_Amount closing_fee;
};
@ -1815,6 +1820,7 @@ check_transaction_history (const struct TALER_CoinSpendPublicKeyP *coin_pub,
struct TALER_Amount spent;
struct TALER_Amount value;
struct TALER_Amount merchant_loss;
struct TALER_Amount merchant_delta;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Checking transaction history of coin %s\n",
@ -2043,7 +2049,7 @@ check_transaction_history (const struct TALER_CoinSpendPublicKeyP *coin_pub,
/* Finally, update @a merchant_gain by subtracting what he "lost" from refunds */
if (GNUNET_SYSERR ==
TALER_amount_subtract (merchant_gain,
TALER_amount_subtract (&merchant_delta,
merchant_gain,
&merchant_loss))
{
@ -2055,6 +2061,7 @@ check_transaction_history (const struct TALER_CoinSpendPublicKeyP *coin_pub,
0);
return GNUNET_SYSERR;
}
*merchant_gain = merchant_delta;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Coin %s contributes %s to contract %s\n",
TALER_B2S (coin_pub),
@ -2276,6 +2283,7 @@ get_wire_fee (struct AggregationContext *ac,
&wfi->start_date,
&wfi->end_date,
&wfi->wire_fee,
&wfi->closing_fee,
&master_sig))
{
GNUNET_break (0);
@ -2299,6 +2307,8 @@ get_wire_fee (struct AggregationContext *ac,
wp.end_date = GNUNET_TIME_absolute_hton (wfi->end_date);
TALER_amount_hton (&wp.wire_fee,
&wfi->wire_fee);
TALER_amount_hton (&wp.closing_fee,
&wfi->closing_fee);
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_FEES,
&wp.purpose,

2
src/exchange-lib/test_exchange_api.c
View File

@ -3566,7 +3566,7 @@ run (void *cls)
.label = "check-empty-after-refund" },
#if 0
#if 1
/* Test refunded coins are never executed, even past
refund deadline */
{ .oc = OC_ADMIN_ADD_INCOMING,

1
src/exchange/taler-exchange-aggregator.c
View File

@ -374,6 +374,7 @@ update_fees (struct WirePlugin *wp,
p->start_date,
p->end_date,
&p->wire_fee,
&p->closing_fee,
&p->master_sig);
if (qs < 0)
{

2
src/exchange/taler-exchange-httpd_track_transfer.c
View File

@ -352,6 +352,7 @@ track_transfer_transaction (void *cls,
struct GNUNET_TIME_Absolute wire_fee_start_date;
struct GNUNET_TIME_Absolute wire_fee_end_date;
struct TALER_MasterSignatureP wire_fee_master_sig;
struct TALER_Amount closing_fee;
ctx->is_valid = GNUNET_NO;
ctx->wdd_head = NULL;
@ -393,6 +394,7 @@ track_transfer_transaction (void *cls,
&wire_fee_start_date,
&wire_fee_end_date,
&ctx->wire_fee,
&closing_fee,
&wire_fee_master_sig);
if (0 >= qs)
{

27
src/exchangedb/plugin_exchangedb_postgres.c
View File

@ -383,6 +383,9 @@ postgres_create_tables (void *cls)
",wire_fee_val INT8 NOT NULL"
",wire_fee_frac INT4 NOT NULL"
",wire_fee_curr VARCHAR("TALER_CURRENCY_LEN_STR") NOT NULL"
",closing_fee_val INT8 NOT NULL"
",closing_fee_frac INT4 NOT NULL"
",closing_fee_curr VARCHAR("TALER_CURRENCY_LEN_STR") NOT NULL"
",master_sig BYTEA NOT NULL CHECK (LENGTH(master_sig)=64)"
",PRIMARY KEY (wire_method, start_date)" /* this combo must be unique */
");"),
@ -1170,6 +1173,9 @@ postgres_prepare (PGconn *db_conn)
",wire_fee_val"
",wire_fee_frac"
",wire_fee_curr"
",closing_fee_val"
",closing_fee_frac"
",closing_fee_curr"
",master_sig"
" FROM wire_fee"
" WHERE wire_method=$1"
@ -1185,10 +1191,13 @@ postgres_prepare (PGconn *db_conn)
",wire_fee_val"
",wire_fee_frac"
",wire_fee_curr"
",closing_fee_val"
",closing_fee_frac"
",closing_fee_curr"
",master_sig"
") VALUES "
"($1, $2, $3, $4, $5, $6, $7);",
7),
"($1, $2, $3, $4, $5, $6, $7, $8, $9, $10);",
19),
/* Used in #postgres_store_wire_transfer_out */
GNUNET_PQ_make_prepare ("insert_wire_out",
"INSERT INTO wire_out "
@ -4356,6 +4365,7 @@ postgres_insert_aggregation_tracking (void *cls,
* @param[out] start_date when does the fee go into effect
* @param[out] end_date when does the fee end being valid
* @param[out] wire_fee how high is the wire transfer fee
* @param[out] closing_fee how high is the closing fee
* @param[out] master_sig signature over the above by the exchange master key
* @return status of the transaction
*/
@ -4367,6 +4377,7 @@ postgres_get_wire_fee (void *cls,
struct GNUNET_TIME_Absolute *start_date,
struct GNUNET_TIME_Absolute *end_date,
struct TALER_Amount *wire_fee,
struct TALER_Amount *closing_fee,
struct TALER_MasterSignatureP *master_sig)
{
struct GNUNET_PQ_QueryParam params[] = {
@ -4378,6 +4389,7 @@ postgres_get_wire_fee (void *cls,
TALER_PQ_result_spec_absolute_time ("start_date", start_date),
TALER_PQ_result_spec_absolute_time ("end_date", end_date),
TALER_PQ_result_spec_amount ("wire_fee", wire_fee),
TALER_PQ_result_spec_amount ("closing_fee", closing_fee),
GNUNET_PQ_result_spec_auto_from_type ("master_sig", master_sig),
GNUNET_PQ_result_spec_end
};
@ -4398,6 +4410,7 @@ postgres_get_wire_fee (void *cls,
* @param start_date when does the fee go into effect
* @param end_date when does the fee end being valid
* @param wire_fee how high is the wire transfer fee
* @param closing_fee how high is the closing fee
* @param master_sig signature over the above by the exchange master key
* @return transaction status code
*/
@ -4408,6 +4421,7 @@ postgres_insert_wire_fee (void *cls,
struct GNUNET_TIME_Absolute start_date,
struct GNUNET_TIME_Absolute end_date,
const struct TALER_Amount *wire_fee,
const struct TALER_Amount *closing_fee,
const struct TALER_MasterSignatureP *master_sig)
{
struct GNUNET_PQ_QueryParam params[] = {
@ -4415,10 +4429,12 @@ postgres_insert_wire_fee (void *cls,
TALER_PQ_query_param_absolute_time (&start_date),
TALER_PQ_query_param_absolute_time (&end_date),
TALER_PQ_query_param_amount (wire_fee),
TALER_PQ_query_param_amount (closing_fee),
GNUNET_PQ_query_param_auto_from_type (master_sig),
GNUNET_PQ_query_param_end
};
struct TALER_Amount wf;
struct TALER_Amount cf;
struct TALER_MasterSignatureP sig;
struct GNUNET_TIME_Absolute sd;
struct GNUNET_TIME_Absolute ed;
@ -4431,6 +4447,7 @@ postgres_insert_wire_fee (void *cls,
&sd,
&ed,
&wf,
&cf,
&sig);
if (qs < 0)
return qs;
@ -4449,6 +4466,12 @@ postgres_insert_wire_fee (void *cls,
GNUNET_break (0);
return GNUNET_DB_STATUS_HARD_ERROR;
}
if (0 != TALER_amount_cmp (closing_fee,
&cf))
{
GNUNET_break (0);
return GNUNET_DB_STATUS_HARD_ERROR;
}
if ( (sd.abs_value_us != start_date.abs_value_us) ||
(ed.abs_value_us != end_date.abs_value_us) )
{

23
src/exchangedb/test_exchangedb.c
View File

@ -1062,10 +1062,12 @@ test_wire_fees (struct TALER_EXCHANGEDB_Session *session)
struct GNUNET_TIME_Absolute start_date;
struct GNUNET_TIME_Absolute end_date;
struct TALER_Amount wire_fee;
struct TALER_Amount closing_fee;
struct TALER_MasterSignatureP master_sig;
struct GNUNET_TIME_Absolute sd;
struct GNUNET_TIME_Absolute ed;
struct TALER_Amount fee;
struct TALER_Amount fee2;
struct TALER_MasterSignatureP ms;
start_date = GNUNET_TIME_absolute_get ();
@ -1075,6 +1077,9 @@ test_wire_fees (struct TALER_EXCHANGEDB_Session *session)
GNUNET_assert (GNUNET_OK ==
TALER_string_to_amount (CURRENCY ":1.424242",
&wire_fee));
GNUNET_assert (GNUNET_OK ==
TALER_string_to_amount (CURRENCY ":2.424242",
&closing_fee));
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
&master_sig,
sizeof (master_sig));
@ -1085,6 +1090,7 @@ test_wire_fees (struct TALER_EXCHANGEDB_Session *session)
start_date,
end_date,
&wire_fee,
&closing_fee,
&master_sig))
{
GNUNET_break (0);
@ -1097,6 +1103,7 @@ test_wire_fees (struct TALER_EXCHANGEDB_Session *session)
start_date,
end_date,
&wire_fee,
&closing_fee,
&master_sig))
{
GNUNET_break (0);
@ -1112,6 +1119,7 @@ test_wire_fees (struct TALER_EXCHANGEDB_Session *session)
&sd,
&ed,
&fee,
&fee2,
&ms))
{
GNUNET_break (0);
@ -1125,6 +1133,7 @@ test_wire_fees (struct TALER_EXCHANGEDB_Session *session)
&sd,
&ed,
&fee,
&fee2,
&ms))
{
GNUNET_break (0);
@ -1134,6 +1143,8 @@ test_wire_fees (struct TALER_EXCHANGEDB_Session *session)
(ed.abs_value_us != end_date.abs_value_us) ||
(0 != TALER_amount_cmp (&fee,
&wire_fee)) ||
(0 != TALER_amount_cmp (&fee2,
&closing_fee)) ||
(0 != memcmp (&ms,
&master_sig,
sizeof (ms))) )
@ -1956,7 +1967,8 @@ run (void *cls)
refund.merchant_pub = deposit.merchant_pub;
RND_BLK (&refund.merchant_sig);
refund.h_contract_terms = deposit.h_contract_terms;
refund.rtransaction_id = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, UINT64_MAX);
refund.rtransaction_id = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK,
UINT64_MAX);
refund.refund_amount = deposit.amount_with_fee;
refund.refund_fee = fee_refund;
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
@ -2198,9 +2210,11 @@ main (int argc,
NULL);
plugin_name++;
(void) GNUNET_asprintf (&testname,
"test-exchange-db-%s", plugin_name);
"test-exchange-db-%s",
plugin_name);
(void) GNUNET_asprintf (&config_filename,
"%s.conf", testname);
"%s.conf",
testname);
cfg = GNUNET_CONFIGURATION_create ();
if (GNUNET_OK !=
GNUNET_CONFIGURATION_parse (cfg,
@ -2211,7 +2225,8 @@ main (int argc,
GNUNET_free (testname);
return 2;
}
GNUNET_SCHEDULER_run (&run, cfg);
GNUNET_SCHEDULER_run (&run,
cfg);
GNUNET_CONFIGURATION_destroy (cfg);
GNUNET_free (config_filename);
GNUNET_free (testname);

4
src/include/taler_exchangedb_plugin.h
View File

@ -1698,6 +1698,7 @@ struct TALER_EXCHANGEDB_Plugin
* @param start_date when does the fee go into effect
* @param end_date when does the fee end being valid
* @param wire_fee how high is the wire transfer fee
* @param closing_fee how high is the closing fee
* @param master_sig signature over the above by the exchange master key
* @return transaction status code
*/
@ -1708,6 +1709,7 @@ struct TALER_EXCHANGEDB_Plugin
struct GNUNET_TIME_Absolute start_date,
struct GNUNET_TIME_Absolute end_date,
const struct TALER_Amount *wire_fee,
const struct TALER_Amount *closing_fee,
const struct TALER_MasterSignatureP *master_sig);
@ -1721,6 +1723,7 @@ struct TALER_EXCHANGEDB_Plugin
* @param[out] start_date when does the fee go into effect
* @param[out] end_date when does the fee end being valid
* @param[out] wire_fee how high is the wire transfer fee
* @param[out] closing_fee how high is the closing fee
* @param[out] master_sig signature over the above by the exchange master key
* @return query status of the transaction
*/
@ -1732,6 +1735,7 @@ struct TALER_EXCHANGEDB_Plugin
struct GNUNET_TIME_Absolute *start_date,
struct GNUNET_TIME_Absolute *end_date,
struct TALER_Amount *wire_fee,
struct TALER_Amount *closing_fee,
struct TALER_MasterSignatureP *master_sig);