taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

introduce TALER_wallet_deposit_verify

Browse Source
This commit is contained in:
Christian Grothoff 2021-11-06 16:52:14 +01:00
parent 938e2ce39c
commit 8175fdfa0f
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
9 changed files with 287 additions and 204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
src/auditor/taler-helper-auditor-coins.c
View File

@ -1619,32 +1619,32 @@ deposit_cb (void *cls,
/* Verify deposit signature */ /* Verify deposit signature */
{ {
struct TALER_DepositRequestPS dr = { struct TALER_MerchantWireHash h_wire;
.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT), struct TALER_DenominationHash h_denom_pub;
.purpose.size = htonl (sizeof (dr)), struct TALER_Amount deposit_fee;
.h_contract_terms = deposit->h_contract_terms,
.wallet_timestamp = GNUNET_TIME_absolute_hton (deposit->timestamp),
.refund_deadline = GNUNET_TIME_absolute_hton (deposit->refund_deadline),
.deposit_fee = issue->fee_deposit,
.merchant = deposit->merchant_pub,
.coin_pub = deposit->coin.coin_pub
};
TALER_denom_pub_hash (denom_pub, TALER_denom_pub_hash (denom_pub,
&dr.h_denom_pub); &h_denom_pub);
TALER_merchant_wire_signature_hash (deposit->receiver_wire_account, TALER_merchant_wire_signature_hash (deposit->receiver_wire_account,
&deposit->wire_salt, &deposit->wire_salt,
&dr.h_wire); &h_wire);
TALER_amount_hton (&dr.amount_with_fee, TALER_amount_ntoh (&deposit_fee,
&deposit->amount_with_fee); &issue->fee_deposit);
/* NOTE: This is one of the operations we might eventually /* NOTE: This is one of the operations we might eventually
want to do in parallel in the background to improve want to do in parallel in the background to improve
auditor performance! */ auditor performance! */
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, TALER_wallet_deposit_verify (&deposit->amount_with_fee,
&dr, &deposit_fee,
&deposit->csig.eddsa_signature, &h_wire,
&deposit->coin.coin_pub.eddsa_pub)) &deposit->h_contract_terms,
NULL /* h_extensions! */,
&h_denom_pub,
deposit->timestamp,
&deposit->merchant_pub,
deposit->refund_deadline,
&deposit->coin.coin_pub,
&deposit->csig))
{ {
TALER_ARL_report (report_bad_sig_losses, TALER_ARL_report (report_bad_sig_losses,
GNUNET_JSON_PACK ( GNUNET_JSON_PACK (

48
src/exchange/taler-exchange-httpd_deposit.c
View File

@ -510,37 +510,25 @@ TEH_handler_deposit (struct MHD_Connection *connection,
NULL); NULL);
} }
/* check deposit signature */ if (GNUNET_OK !=
TALER_wallet_deposit_verify (&deposit.amount_with_fee,
&deposit.deposit_fee,
&dc.h_wire,
&deposit.h_contract_terms,
NULL /* h_extensions! */,
&deposit.coin.denom_pub_hash,
deposit.timestamp,
&deposit.merchant_pub,
deposit.refund_deadline,
&deposit.coin.coin_pub,
&deposit.csig))
{ {
struct TALER_DepositRequestPS dr = { TALER_LOG_WARNING ("Invalid signature on /deposit request\n");
.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT), GNUNET_JSON_parse_free (spec);
.purpose.size = htonl (sizeof (dr)), return TALER_MHD_reply_with_error (connection,
.h_contract_terms = deposit.h_contract_terms, MHD_HTTP_UNAUTHORIZED,
.h_wire = dc.h_wire, TALER_EC_EXCHANGE_DEPOSIT_COIN_SIGNATURE_INVALID,
.h_denom_pub = deposit.coin.denom_pub_hash, NULL);
.wallet_timestamp = GNUNET_TIME_absolute_hton (deposit.timestamp),
.refund_deadline = GNUNET_TIME_absolute_hton (deposit.refund_deadline),
.merchant = deposit.merchant_pub,
.coin_pub = deposit.coin.coin_pub
};
TALER_amount_hton (&dr.amount_with_fee,
&deposit.amount_with_fee);
TALER_amount_hton (&dr.deposit_fee,
&deposit.deposit_fee);
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT,
&dr,
&deposit.csig.eddsa_signature,
&deposit.coin.coin_pub.eddsa_pub))
{
TALER_LOG_WARNING ("Invalid signature on /deposit request\n");
GNUNET_JSON_parse_free (spec);
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_UNAUTHORIZED,
TALER_EC_EXCHANGE_DEPOSIT_COIN_SIGNATURE_INVALID,
NULL);
}
} }
/* execute transaction */ /* execute transaction */

36
src/exchange/taler-exchange-httpd_responses.c
View File

@ -61,33 +61,25 @@ TEH_RESPONSE_compile_transaction_history (
{ {
const struct TALER_EXCHANGEDB_DepositListEntry *deposit = const struct TALER_EXCHANGEDB_DepositListEntry *deposit =
pos->details.deposit; pos->details.deposit;
struct TALER_DepositRequestPS dr = { struct TALER_MerchantWireHash h_wire;
.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT),
.purpose.size = htonl (sizeof (dr)),
.h_contract_terms = deposit->h_contract_terms,
.h_denom_pub = deposit->h_denom_pub,
.wallet_timestamp = GNUNET_TIME_absolute_hton (deposit->timestamp),
.refund_deadline = GNUNET_TIME_absolute_hton (
deposit->refund_deadline),
.merchant = deposit->merchant_pub,
.coin_pub = *coin_pub
};
TALER_merchant_wire_signature_hash (deposit->receiver_wire_account, TALER_merchant_wire_signature_hash (deposit->receiver_wire_account,
&deposit->wire_salt, &deposit->wire_salt,
&dr.h_wire); &h_wire);
TALER_amount_hton (&dr.amount_with_fee,
&deposit->amount_with_fee);
TALER_amount_hton (&dr.deposit_fee,
&deposit->deposit_fee);
#if ENABLE_SANITY_CHECKS #if ENABLE_SANITY_CHECKS
/* internal sanity check before we hand out a bogus sig... */ /* internal sanity check before we hand out a bogus sig... */
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, TALER_wallet_deposit_verify (&deposit->amount_with_fee,
&dr, &deposit->deposit_fee,
&deposit->csig.eddsa_signature, &h_wire,
&coin_pub->eddsa_pub)) &deposit->h_contract_terms,
NULL /* h_extensions! */,
&deposit->h_denom_pub,
deposit->timestamp,
&deposit->merchant_pub,
deposit->refund_deadline,
coin_pub,
&deposit->csig))
{ {
GNUNET_break (0); GNUNET_break (0);
json_decref (history); json_decref (history);
@ -114,7 +106,7 @@ TEH_RESPONSE_compile_transaction_history (
GNUNET_JSON_pack_data_auto ("h_contract_terms", GNUNET_JSON_pack_data_auto ("h_contract_terms",
&deposit->h_contract_terms), &deposit->h_contract_terms),
GNUNET_JSON_pack_data_auto ("h_wire", GNUNET_JSON_pack_data_auto ("h_wire",
&dr.h_wire), &h_wire),
GNUNET_JSON_pack_data_auto ("h_denom_pub", GNUNET_JSON_pack_data_auto ("h_denom_pub",
&deposit->h_denom_pub), &deposit->h_denom_pub),
GNUNET_JSON_pack_data_auto ("coin_sig", GNUNET_JSON_pack_data_auto ("coin_sig",

62
src/include/taler_crypto_lib.h
View File

@ -1549,6 +1549,68 @@ TALER_CRYPTO_helper_esign_disconnect (
/* ********************* wallet signing ************************** */ /* ********************* wallet signing ************************** */
/**
* Sign a deposit permission. Function for wallets.
*
* @param amount the amount to be deposited
* @param deposit_fee the deposit fee we expect to pay
* @param h_wire hash of the merchants account details
* @param h_contract_terms hash of the contact of the merchant with the customer (further details are never disclosed to the exchange)
* @param h_extensions hash over the extensions
* @param h_denom_pub hash of the coin denomination's public key
* @param coin_priv coins private key
* @param wallet_timestamp timestamp when the contract was finalized, must not be too far in the future
* @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests)
* @param refund_deadline date until which the merchant can issue a refund to the customer via the exchange (can be zero if refunds are not allowed); must not be after the @a wire_deadline
* @param[out] coin_sig set to the signature made with purpose #TALER_SIGNATURE_WALLET_COIN_DEPOSIT
*/
void
TALER_wallet_deposit_sign (
const struct TALER_Amount *amount,
const struct TALER_Amount *deposit_fee,
const struct TALER_MerchantWireHash *h_wire,
const struct TALER_PrivateContractHash *h_contract_terms,
const struct TALER_ExtensionContractHash *h_extensions,
const struct TALER_DenominationHash *h_denom_pub,
struct GNUNET_TIME_Absolute wallet_timestamp,
const struct TALER_MerchantPublicKeyP *merchant_pub,
struct GNUNET_TIME_Absolute refund_deadline,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
struct TALER_CoinSpendSignatureP *coin_sig);
/**
* Verify a deposit permission.
*
* @param amount the amount to be deposited
* @param deposit_fee the deposit fee we expect to pay
* @param h_wire hash of the merchants account details
* @param h_contract_terms hash of the contact of the merchant with the customer (further details are never disclosed to the exchange)
* @param h_extensions hash over the extensions
* @param h_denom_pub hash of the coin denomination's public key
* @param wallet_timestamp timestamp when the contract was finalized, must not be too far in the future
* @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests)
* @param refund_deadline date until which the merchant can issue a refund to the customer via the exchange (can be zero if refunds are not allowed); must not be after the @a wire_deadline
* @param coin_pub coins public key
* @param coin_sig the signature made with purpose #TALER_SIGNATURE_WALLET_COIN_DEPOSIT
* @return #GNUNET_OK if the signature is valid
*/
enum GNUNET_GenericReturnValue
TALER_wallet_deposit_verify (
const struct TALER_Amount *amount,
const struct TALER_Amount *deposit_fee,
const struct TALER_MerchantWireHash *h_wire,
const struct TALER_PrivateContractHash *h_contract_terms,
const struct TALER_ExtensionContractHash *h_extensions,
const struct TALER_DenominationHash *h_denom_pub,
struct GNUNET_TIME_Absolute wallet_timestamp,
const struct TALER_MerchantPublicKeyP *merchant_pub,
struct GNUNET_TIME_Absolute refund_deadline,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig);
/** /**
* Sign link data. * Sign link data.
* *

51
src/lib/exchange_api_common.c
View File

@ -492,30 +492,31 @@ TALER_EXCHANGE_verify_coin_history (
if (0 == strcasecmp (type, if (0 == strcasecmp (type,
"DEPOSIT")) "DEPOSIT"))
{ {
struct TALER_DepositRequestPS dr = { struct TALER_MerchantWireHash h_wire;
.purpose.size = htonl (sizeof (dr)), struct TALER_PrivateContractHash h_contract_terms;
.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT), // struct TALER_ExtensionContractHash h_extensions; // FIXME!
.coin_pub = *coin_pub struct GNUNET_TIME_Absolute wallet_timestamp;
}; struct TALER_MerchantPublicKeyP merchant_pub;
struct GNUNET_TIME_Absolute refund_deadline = {0};
struct TALER_CoinSpendSignatureP sig; struct TALER_CoinSpendSignatureP sig;
struct GNUNET_JSON_Specification spec[] = { struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_fixed_auto ("coin_sig", GNUNET_JSON_spec_fixed_auto ("coin_sig",
&sig), &sig),
GNUNET_JSON_spec_fixed_auto ("h_contract_terms", GNUNET_JSON_spec_fixed_auto ("h_contract_terms",
&dr.h_contract_terms), &h_contract_terms),
GNUNET_JSON_spec_fixed_auto ("h_wire", GNUNET_JSON_spec_fixed_auto ("h_wire",
&dr.h_wire), &h_wire),
GNUNET_JSON_spec_fixed_auto ("h_denom_pub", GNUNET_JSON_spec_fixed_auto ("h_denom_pub",
&dr.h_denom_pub), h_denom_pub),
TALER_JSON_spec_absolute_time_nbo ("timestamp", TALER_JSON_spec_absolute_time ("timestamp",
&dr.wallet_timestamp), &wallet_timestamp),
GNUNET_JSON_spec_mark_optional ( GNUNET_JSON_spec_mark_optional (
TALER_JSON_spec_absolute_time_nbo ("refund_deadline", TALER_JSON_spec_absolute_time ("refund_deadline",
&dr.refund_deadline)), &refund_deadline)),
TALER_JSON_spec_amount_any_nbo ("deposit_fee", TALER_JSON_spec_amount_any ("deposit_fee",
&dr.deposit_fee), &fee),
GNUNET_JSON_spec_fixed_auto ("merchant_pub", GNUNET_JSON_spec_fixed_auto ("merchant_pub",
&dr.merchant), &merchant_pub),
GNUNET_JSON_spec_end () GNUNET_JSON_spec_end ()
}; };
@ -527,23 +528,25 @@ TALER_EXCHANGE_verify_coin_history (
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
TALER_amount_hton (&dr.amount_with_fee,
&amount);
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, TALER_wallet_deposit_verify (&amount,
&dr, &fee,
&sig.eddsa_signature, &h_wire,
&coin_pub->eddsa_pub)) &h_contract_terms,
NULL /* h_extensions! */,
h_denom_pub,
wallet_timestamp,
&merchant_pub,
refund_deadline,
coin_pub,
&sig))
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
*h_denom_pub = dr.h_denom_pub;
if (NULL != dk) if (NULL != dk)
{ {
/* check that deposit fee matches our expectations from /keys! */ /* check that deposit fee matches our expectations from /keys! */
TALER_amount_ntoh (&fee,
&dr.deposit_fee);
if ( (GNUNET_YES != if ( (GNUNET_YES !=
TALER_amount_cmp_currency (&fee, TALER_amount_cmp_currency (&fee,
&dk->fee_deposit)) || &dk->fee_deposit)) ||

93
src/lib/exchange_api_deposit.c
View File

@ -431,39 +431,26 @@ verify_signatures (const struct TALER_EXCHANGE_DenomPublicKey *dki,
struct GNUNET_TIME_Absolute refund_deadline, struct GNUNET_TIME_Absolute refund_deadline,
const struct TALER_CoinSpendSignatureP *coin_sig) const struct TALER_CoinSpendSignatureP *coin_sig)
{ {
if (GNUNET_OK !=
TALER_wallet_deposit_verify (amount,
&dki->fee_deposit,
h_wire,
h_contract_terms,
NULL /* FIXME: h_extensions! */,
denom_pub_hash,
timestamp,
merchant_pub,
refund_deadline,
coin_pub,
coin_sig))
{ {
struct TALER_DepositRequestPS dr = { GNUNET_break_op (0);
.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT), TALER_LOG_WARNING ("Invalid coin signature on /deposit request!\n");
.purpose.size = htonl (sizeof (dr)), TALER_LOG_DEBUG ("... amount_with_fee was %s\n",
.h_contract_terms = *h_contract_terms, TALER_amount2s (amount));
.h_wire = *h_wire, TALER_LOG_DEBUG ("... deposit_fee was %s\n",
.h_denom_pub = *denom_pub_hash, TALER_amount2s (&dki->fee_deposit));
.wallet_timestamp = GNUNET_TIME_absolute_hton (timestamp), return GNUNET_SYSERR;
.refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline),
.merchant = *merchant_pub,
.coin_pub = *coin_pub
};
TALER_amount_hton (&dr.amount_with_fee,
amount);
TALER_amount_hton (&dr.deposit_fee,
&dki->fee_deposit);
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT,
&dr,
&coin_sig->eddsa_signature,
&coin_pub->eddsa_pub))
{
GNUNET_break_op (0);
TALER_LOG_WARNING ("Invalid coin signature on /deposit request!\n");
{
TALER_LOG_DEBUG ("... amount_with_fee was %s\n",
TALER_amount2s (amount));
TALER_LOG_DEBUG ("... deposit_fee was %s\n",
TALER_amount2s (&dki->fee_deposit));
}
return GNUNET_SYSERR;
}
} }
/* check coin signature */ /* check coin signature */
@ -496,48 +483,6 @@ verify_signatures (const struct TALER_EXCHANGE_DenomPublicKey *dki,
} }
void
TALER_EXCHANGE_deposit_permission_sign (
const struct TALER_Amount *amount,
const struct TALER_Amount *deposit_fee,
const struct TALER_MerchantWireHash *h_wire,
const struct TALER_PrivateContractHash *h_contract_terms,
const struct TALER_ExtensionContractHash *h_extensions,
const struct TALER_DenominationHash *h_denom_pub,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
struct GNUNET_TIME_Absolute wallet_timestamp,
const struct TALER_MerchantPublicKeyP *merchant_pub,
struct GNUNET_TIME_Absolute refund_deadline,
struct TALER_CoinSpendSignatureP *coin_sig)
{
struct TALER_DepositRequestPS dr = {
.purpose.size = htonl (sizeof (dr)),
.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT),
.h_contract_terms = *h_contract_terms,
.h_wire = *h_wire,
.h_denom_pub = *h_denom_pub,
.wallet_timestamp = GNUNET_TIME_absolute_hton (wallet_timestamp),
.refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline),
.merchant = *merchant_pub
};
// FIXME: sign also over h_extensions!
GNUNET_assert (GNUNET_OK ==
GNUNET_TIME_round_abs (&wallet_timestamp));
GNUNET_assert (GNUNET_OK ==
GNUNET_TIME_round_abs (&refund_deadline));
GNUNET_CRYPTO_eddsa_key_get_public (&coin_priv->eddsa_priv,
&dr.coin_pub.eddsa_pub);
TALER_amount_hton (&dr.amount_with_fee,
amount);
TALER_amount_hton (&dr.deposit_fee,
deposit_fee);
GNUNET_CRYPTO_eddsa_sign (&coin_priv->eddsa_priv,
&dr,
&coin_sig->eddsa_signature);
}
struct TALER_EXCHANGE_DepositHandle * struct TALER_EXCHANGE_DepositHandle *
TALER_EXCHANGE_deposit ( TALER_EXCHANGE_deposit (
struct TALER_EXCHANGE_Handle *exchange, struct TALER_EXCHANGE_Handle *exchange,

58
src/lib/exchange_api_refund.c
View File

@ -87,7 +87,7 @@ struct TALER_EXCHANGE_RefundHandle
* @param[out] exchange_sig set to the exchange's signature * @param[out] exchange_sig set to the exchange's signature
* @return #GNUNET_OK if the signature is valid, #GNUNET_SYSERR if not * @return #GNUNET_OK if the signature is valid, #GNUNET_SYSERR if not
*/ */
static int static enum GNUNET_GenericReturnValue
verify_refund_signature_ok (struct TALER_EXCHANGE_RefundHandle *rh, verify_refund_signature_ok (struct TALER_EXCHANGE_RefundHandle *rh,
const json_t *json, const json_t *json,
struct TALER_ExchangePublicKeyP *exchange_pub, struct TALER_ExchangePublicKeyP *exchange_pub,
@ -138,7 +138,7 @@ verify_refund_signature_ok (struct TALER_EXCHANGE_RefundHandle *rh,
* @param json json reply with the coin transaction history * @param json json reply with the coin transaction history
* @return #GNUNET_OK if the signature is valid, #GNUNET_SYSERR if not * @return #GNUNET_OK if the signature is valid, #GNUNET_SYSERR if not
*/ */
static int static enum GNUNET_GenericReturnValue
verify_conflict_history_ok (struct TALER_EXCHANGE_RefundHandle *rh, verify_conflict_history_ok (struct TALER_EXCHANGE_RefundHandle *rh,
const json_t *json) const json_t *json)
{ {
@ -196,29 +196,32 @@ verify_conflict_history_ok (struct TALER_EXCHANGE_RefundHandle *rh,
if (0 == strcasecmp (type, if (0 == strcasecmp (type,
"DEPOSIT")) "DEPOSIT"))
{ {
struct TALER_DepositRequestPS dr = { struct TALER_Amount deposit_fee;
.purpose.size = htonl (sizeof (dr)), struct TALER_MerchantWireHash h_wire;
.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT), struct TALER_PrivateContractHash h_contract_terms;
.coin_pub = rh->depconf.coin_pub // struct TALER_ExtensionContractHash h_extensions; // FIXME!
}; struct TALER_DenominationHash h_denom_pub;
struct GNUNET_TIME_Absolute wallet_timestamp;
struct TALER_MerchantPublicKeyP merchant_pub;
struct GNUNET_TIME_Absolute refund_deadline;
struct TALER_CoinSpendSignatureP sig; struct TALER_CoinSpendSignatureP sig;
struct GNUNET_JSON_Specification spec[] = { struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_fixed_auto ("coin_sig", GNUNET_JSON_spec_fixed_auto ("coin_sig",
&sig), &sig),
GNUNET_JSON_spec_fixed_auto ("h_contract_terms", GNUNET_JSON_spec_fixed_auto ("h_contract_terms",
&dr.h_contract_terms), &h_contract_terms),
GNUNET_JSON_spec_fixed_auto ("h_wire", GNUNET_JSON_spec_fixed_auto ("h_wire",
&dr.h_wire), &h_wire),
GNUNET_JSON_spec_fixed_auto ("h_denom_pub", GNUNET_JSON_spec_fixed_auto ("h_denom_pub",
&dr.h_denom_pub), &h_denom_pub),
TALER_JSON_spec_absolute_time_nbo ("timestamp", TALER_JSON_spec_absolute_time ("timestamp",
&dr.wallet_timestamp), &wallet_timestamp),
TALER_JSON_spec_absolute_time_nbo ("refund_deadline", TALER_JSON_spec_absolute_time ("refund_deadline",
&dr.refund_deadline), &refund_deadline),
TALER_JSON_spec_amount_any_nbo ("deposit_fee", TALER_JSON_spec_amount_any ("deposit_fee",
&dr.deposit_fee), &deposit_fee),
GNUNET_JSON_spec_fixed_auto ("merchant_pub", GNUNET_JSON_spec_fixed_auto ("merchant_pub",
&dr.merchant), &merchant_pub),
GNUNET_JSON_spec_end () GNUNET_JSON_spec_end ()
}; };
@ -230,21 +233,26 @@ verify_conflict_history_ok (struct TALER_EXCHANGE_RefundHandle *rh,
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
TALER_amount_hton (&dr.amount_with_fee,
&amount);
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT, TALER_wallet_deposit_verify (&amount,
&dr, &deposit_fee,
&sig.eddsa_signature, &h_wire,
&rh->depconf.coin_pub.eddsa_pub)) &h_contract_terms,
NULL /* h_extensions! */,
&h_denom_pub,
wallet_timestamp,
&merchant_pub,
refund_deadline,
&rh->depconf.coin_pub,
&sig))
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
if ( (0 != GNUNET_memcmp (&rh->depconf.h_contract_terms, if ( (0 != GNUNET_memcmp (&rh->depconf.h_contract_terms,
&dr.h_contract_terms)) || &h_contract_terms)) ||
(0 != GNUNET_memcmp (&rh->depconf.merchant, (0 != GNUNET_memcmp (&rh->depconf.merchant,
&dr.merchant)) ) &merchant_pub)) )
{ {
/* deposit information is about a different merchant/contract */ /* deposit information is about a different merchant/contract */
GNUNET_break_op (0); GNUNET_break_op (0);

22
src/testing/testing_api_cmd_deposit.c
View File

@ -420,17 +420,17 @@ deposit_run (void *cls,
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_JSON_merchant_wire_signature_hash (ds->wire_details, TALER_JSON_merchant_wire_signature_hash (ds->wire_details,
&h_wire)); &h_wire));
TALER_EXCHANGE_deposit_permission_sign (&ds->amount, TALER_wallet_deposit_sign (&ds->amount,
&denom_pub->fee_deposit, &denom_pub->fee_deposit,
&h_wire, &h_wire,
&h_contract_terms, &h_contract_terms,
NULL, /* FIXME: extension hash! */ NULL, /* FIXME: extension hash! */
&denom_pub->h_key, &denom_pub->h_key,
coin_priv, ds->wallet_timestamp,
ds->wallet_timestamp, &merchant_pub,
&merchant_pub, ds->refund_deadline,
ds->refund_deadline, coin_priv,
&coin_sig); &coin_sig);
} }
ds->dh = TALER_EXCHANGE_deposit (is->exchange, ds->dh = TALER_EXCHANGE_deposit (is->exchange,
&ds->amount, &ds->amount,

85
src/util/wallet_signatures.c
View File

@ -23,6 +23,91 @@
#include "taler_signatures.h" #include "taler_signatures.h"
void
TALER_wallet_deposit_sign (
const struct TALER_Amount *amount,
const struct TALER_Amount *deposit_fee,
const struct TALER_MerchantWireHash *h_wire,
const struct TALER_PrivateContractHash *h_contract_terms,
const struct TALER_ExtensionContractHash *h_extensions,
const struct TALER_DenominationHash *h_denom_pub,
struct GNUNET_TIME_Absolute wallet_timestamp,
const struct TALER_MerchantPublicKeyP *merchant_pub,
struct GNUNET_TIME_Absolute refund_deadline,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
struct TALER_CoinSpendSignatureP *coin_sig)
{
struct TALER_DepositRequestPS dr = {
.purpose.size = htonl (sizeof (dr)),
.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT),
.h_contract_terms = *h_contract_terms,
.h_wire = *h_wire,
.h_denom_pub = *h_denom_pub,
.wallet_timestamp = GNUNET_TIME_absolute_hton (wallet_timestamp),
.refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline),
.merchant = *merchant_pub
};
// FIXME: sign also over h_extensions!
GNUNET_assert (GNUNET_OK ==
GNUNET_TIME_round_abs (&wallet_timestamp));
GNUNET_assert (GNUNET_OK ==
GNUNET_TIME_round_abs (&refund_deadline));
GNUNET_CRYPTO_eddsa_key_get_public (&coin_priv->eddsa_priv,
&dr.coin_pub.eddsa_pub);
TALER_amount_hton (&dr.amount_with_fee,
amount);
TALER_amount_hton (&dr.deposit_fee,
deposit_fee);
GNUNET_CRYPTO_eddsa_sign (&coin_priv->eddsa_priv,
&dr,
&coin_sig->eddsa_signature);
}
enum GNUNET_GenericReturnValue
TALER_wallet_deposit_verify (
const struct TALER_Amount *amount,
const struct TALER_Amount *deposit_fee,
const struct TALER_MerchantWireHash *h_wire,
const struct TALER_PrivateContractHash *h_contract_terms,
const struct TALER_ExtensionContractHash *h_extensions,
const struct TALER_DenominationHash *h_denom_pub,
struct GNUNET_TIME_Absolute wallet_timestamp,
const struct TALER_MerchantPublicKeyP *merchant_pub,
struct GNUNET_TIME_Absolute refund_deadline,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig)
{
struct TALER_DepositRequestPS dr = {
.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT),
.purpose.size = htonl (sizeof (dr)),
.h_contract_terms = *h_contract_terms,
.h_wire = *h_wire,
.h_denom_pub = *h_denom_pub,
.wallet_timestamp = GNUNET_TIME_absolute_hton (wallet_timestamp),
.refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline),
.merchant = *merchant_pub,
.coin_pub = *coin_pub
};
TALER_amount_hton (&dr.amount_with_fee,
amount);
TALER_amount_hton (&dr.deposit_fee,
deposit_fee);
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT,
&dr,
&coin_sig->eddsa_signature,
&coin_pub->eddsa_pub))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
return GNUNET_OK;
}
void void
TALER_wallet_link_sign (const struct TALER_DenominationHash *h_denom_pub, TALER_wallet_link_sign (const struct TALER_DenominationHash *h_denom_pub,
const struct TALER_TransferPublicKeyP *transfer_pub, const struct TALER_TransferPublicKeyP *transfer_pub,