taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

implemenent flexible csr http endpoint

Browse Source
This commit is contained in:
Lucien Heuzeveldt 2022-02-05 22:16:00 +01:00
parent 718ad3996f
commit 5a47863caf
No known key found for this signature in database
GPG Key ID: F92EA78E19F4E49E
1 changed files with 128 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

211
src/exchange/taler-exchange-httpd_csr.c
View File

@ -37,16 +37,13 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
const json_t *root, const json_t *root,
const char *const args[]) const char *const args[])
{ {
struct TALER_CsNonce nonce; unsigned int csr_requests_num;
struct TALER_DenominationHash denom_pub_hash; json_t *csr_requests;
struct TALER_DenominationCsPublicR r_pub; json_t *csr_response;
struct GNUNET_JSON_Specification spec[] = { struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_fixed ("nonce", GNUNET_JSON_spec_json ("nks",
&nonce, &csr_requests),
sizeof (struct TALER_CsNonce)),
GNUNET_JSON_spec_fixed ("denom_pub_hash",
&denom_pub_hash,
sizeof (struct TALER_DenominationHash)),
GNUNET_JSON_spec_end () GNUNET_JSON_spec_end ()
}; };
enum TALER_ErrorCode ec; enum TALER_ErrorCode ec;
@ -65,88 +62,136 @@ TEH_handler_csr (struct TEH_RequestContext *rc,
if (GNUNET_OK != res) if (GNUNET_OK != res)
return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES; return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
} }
csr_requests_num = json_array_size (csr_requests);
// check denomination referenced by denom_pub_hash // FIXME: check number of requests against an upper bound
struct TALER_CsNonce nonces[GNUNET_NZL (csr_requests_num)];
struct TALER_DenominationHash denom_pub_hashes[GNUNET_NZL (csr_requests_num)];
for (unsigned int i = 0; i < csr_requests_num; i++)
{ {
struct TEH_KeyStateHandle *ksh; struct TALER_CsNonce *nonce = &nonces[i];
struct TALER_DenominationHash *denom_pub_hash = &denom_pub_hashes[i];
struct GNUNET_JSON_Specification csr_spec[] = {
GNUNET_JSON_spec_fixed ("nonce",
nonce,
sizeof (struct TALER_CsNonce)),
GNUNET_JSON_spec_fixed ("denom_pub_hash",
denom_pub_hash,
sizeof (struct TALER_DenominationHash)),
GNUNET_JSON_spec_end ()
};
enum GNUNET_GenericReturnValue res;
ksh = TEH_keys_get_state (); res = TALER_MHD_parse_json_array (rc->connection,
if (NULL == ksh) root,
{ csr_spec,
return TALER_MHD_reply_with_error (rc->connection, i,
MHD_HTTP_INTERNAL_SERVER_ERROR, -1);
TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING, GNUNET_JSON_parse_free (csr_spec);
NULL); if (GNUNET_OK != res)
} return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
dk = TEH_keys_denomination_by_hash2 (ksh,
&denom_pub_hash,
NULL,
NULL);
if (NULL == dk)
{
return TEH_RESPONSE_reply_unknown_denom_pub_hash (
rc->connection,
&denom_pub_hash);
}
if (GNUNET_TIME_absolute_is_past (dk->meta.expire_withdraw.abs_time))
{
/* This denomination is past the expiration time for withdraws/refreshes*/
return TEH_RESPONSE_reply_expired_denom_pub_hash (
rc->connection,
&denom_pub_hash,
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED,
"CSR");
}
if (GNUNET_TIME_absolute_is_future (dk->meta.start.abs_time))
{
/* This denomination is not yet valid, no need to check
for idempotency! */
return TEH_RESPONSE_reply_expired_denom_pub_hash (
rc->connection,
&denom_pub_hash,
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_VALIDITY_IN_FUTURE,
"CSR");
}
if (dk->recoup_possible)
{
/* This denomination has been revoked */
return TEH_RESPONSE_reply_expired_denom_pub_hash (
rc->connection,
&denom_pub_hash,
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED,
"CSR");
}
if (TALER_DENOMINATION_CS != dk->denom_pub.cipher)
{
// denomination is valid but not CS
return TEH_RESPONSE_reply_invalid_denom_cipher_for_operation (
rc->connection,
&denom_pub_hash);
}
} }
// derive r_pub struct TALER_DenominationCsPublicR r_pubs[GNUNET_NZL (csr_requests_num)];
ec = TEH_keys_denomination_cs_r_pub (&denom_pub_hash, for (unsigned int i = 0; i < csr_requests_num; i++)
&nonce,
&r_pub);
if (TALER_EC_NONE != ec)
{ {
GNUNET_break (0); const struct TALER_CsNonce *nonce = &nonces[i];
return TALER_MHD_reply_with_ec (rc->connection, const struct TALER_DenominationHash *denom_pub_hash = &denom_pub_hashes[i];
ec, struct TALER_DenominationCsPublicR *r_pub = &r_pubs[i];
NULL);
// check denomination referenced by denom_pub_hash
{
struct TEH_KeyStateHandle *ksh;
ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
return TALER_MHD_reply_with_error (rc->connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING,
NULL);
}
dk = TEH_keys_denomination_by_hash2 (ksh,
denom_pub_hash,
NULL,
NULL);
if (NULL == dk)
{
return TEH_RESPONSE_reply_unknown_denom_pub_hash (
rc->connection,
&denom_pub_hash[i]);
}
if (GNUNET_TIME_absolute_is_past (dk->meta.expire_withdraw.abs_time))
{
/* This denomination is past the expiration time for withdraws/refreshes*/
return TEH_RESPONSE_reply_expired_denom_pub_hash (
rc->connection,
denom_pub_hash,
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED,
"CSR");
}
if (GNUNET_TIME_absolute_is_future (dk->meta.start.abs_time))
{
/* This denomination is not yet valid, no need to check
for idempotency! */
return TEH_RESPONSE_reply_expired_denom_pub_hash (
rc->connection,
denom_pub_hash,
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_VALIDITY_IN_FUTURE,
"CSR");
}
if (dk->recoup_possible)
{
/* This denomination has been revoked */
return TEH_RESPONSE_reply_expired_denom_pub_hash (
rc->connection,
denom_pub_hash,
TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED,
"CSR");
}
if (TALER_DENOMINATION_CS != dk->denom_pub.cipher)
{
// denomination is valid but not CS
return TEH_RESPONSE_reply_invalid_denom_cipher_for_operation (
rc->connection,
denom_pub_hash);
}
}
// derive r_pub
ec = TEH_keys_denomination_cs_r_pub (denom_pub_hash,
nonce,
r_pub);
if (TALER_EC_NONE != ec)
{
GNUNET_break (0);
return TALER_MHD_reply_with_ec (rc->connection,
ec,
NULL);
}
} }
// send response // send response
return TALER_MHD_REPLY_JSON_PACK ( csr_response = json_array ();
rc->connection, for (unsigned int i = 0; i < csr_requests_num; i++)
MHD_HTTP_OK, {
GNUNET_JSON_pack_data_varsize ("r_pub_0", const struct TALER_DenominationCsPublicR *r_pub = &r_pubs[i];
&r_pub.r_pub[0], json_t *csr_obj;
sizeof(struct GNUNET_CRYPTO_CsRPublic)),
GNUNET_JSON_pack_data_varsize ("r_pub_1", csr_obj = GNUNET_JSON_PACK (
&r_pub.r_pub[1], GNUNET_JSON_pack_data_varsize ("r_pub_0",
sizeof(struct GNUNET_CRYPTO_CsRPublic))); &r_pub->r_pub[0],
sizeof(struct GNUNET_CRYPTO_CsRPublic)),
GNUNET_JSON_pack_data_varsize ("r_pub_1",
&r_pub->r_pub[1],
sizeof(struct GNUNET_CRYPTO_CsRPublic)));
GNUNET_assert (NULL != csr_obj);
GNUNET_assert (0 ==
json_array_append_new (csr_response,
csr_obj));
}
return TALER_MHD_reply_json (rc->connection,
csr_response,
MHD_HTTP_OK);
} }