From a3548f0efb5cc970497c07165322317d904be187 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 30 Nov 2020 11:51:42 +0100 Subject: [PATCH] add command to add auditor's denomination signature --- src/include/taler_exchange_service.h | 3 +- src/include/taler_testing_lib.h | 39 ++ src/testing/Makefile.am | 1 + .../testing_api_cmd_auditor_add_denom_sig.c | 365 ++++++++++++++++++ 4 files changed, 407 insertions(+), 1 deletion(-) create mode 100644 src/testing/testing_api_cmd_auditor_add_denom_sig.c diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index 19017eac1..d1ce5a234 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -2561,7 +2561,8 @@ struct TALER_EXCHANGE_AuditorAddDenominationHandle; * @param url HTTP base URL for the exchange * @param h_denom_pub hash of the public key of the denomination * @param auditor_pub public key of the auditor - * @param auditor_sig signature of the auditor + * @param auditor_sig signature of the auditor, of + * purpose #TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS * @param cb function to call with the exchange's result * @param cb_cls closure for @a cb * @return the request handle; NULL upon error diff --git a/src/include/taler_testing_lib.h b/src/include/taler_testing_lib.h index 65df94945..f27938262 100644 --- a/src/include/taler_testing_lib.h +++ b/src/include/taler_testing_lib.h @@ -2051,6 +2051,45 @@ TALER_TESTING_cmd_auditor_del (const char *label, bool bad_sig); +/** + * Add affirmation that the auditor is auditing the given + * denomination. + * The information about the auditor is taken from the + * "[auditor]" section in the configuration file. + * + * @param label command label. + * @param expected_http_status expected HTTP status from exchange + * @param denom_ref reference to a command identifying a denomination key + * @param bad_sig should we use a bogus signature? + * @return the command + */ +struct TALER_TESTING_Command +TALER_TESTING_cmd_auditor_add_denom_sig (const char *label, + unsigned int expected_http_status, + const char *denom_ref, + bool bad_sig); + +/** + * Add statement about wire fees of the exchange. This is always + * done for a few hours around the current time (for the test). + * + * @param label command label. + * @param wire_method wire method to set wire fees for + * @param wire_fee the wire fee to affirm + * @param closing_fee the closing fee to affirm + * @param expected_http_status expected HTTP status from exchange + * @param bad_sig should we use a bogus signature? + * @return the command + */ +struct TALER_TESTING_Command +TALER_TESTING_cmd_set_wire_fee (const char *label, + const char *wire_method, + const char *wire_fee, + const char *closing_fee, + unsigned int expected_http_status, + bool bad_sig); + + /** * Add the given payto-URI bank account to the list of bank * accounts used by the exchange. diff --git a/src/testing/Makefile.am b/src/testing/Makefile.am index 7539cecc3..4ba7fe74c 100644 --- a/src/testing/Makefile.am +++ b/src/testing/Makefile.am @@ -35,6 +35,7 @@ libtalertesting_la_LDFLAGS = \ -version-info 0:0:0 \ -no-undefined libtalertesting_la_SOURCES = \ + testing_api_cmd_auditor_add_denom_sig.c \ testing_api_cmd_auditor_add.c \ testing_api_cmd_auditor_del.c \ testing_api_cmd_auditor_deposit_confirmation.c \ diff --git a/src/testing/testing_api_cmd_auditor_add_denom_sig.c b/src/testing/testing_api_cmd_auditor_add_denom_sig.c new file mode 100644 index 000000000..dc75221df --- /dev/null +++ b/src/testing/testing_api_cmd_auditor_add_denom_sig.c @@ -0,0 +1,365 @@ +/* + This file is part of TALER + Copyright (C) 2020 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3, or (at your + option) any later version. + + TALER is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public + License along with TALER; see the file COPYING. If not, see + +*/ +/** + * @file testing/testing_api_cmd_auditor_add_denom_sig.c + * @brief command for testing POST to /auditor/$AUDITOR_PUB/$H_DENOM_PUB + * @author Christian Grothoff + */ +#include "platform.h" +#include "taler_json_lib.h" +#include +#include "taler_testing_lib.h" +#include "taler_signatures.h" +#include "backoff.h" + + +/** + * State for a "auditor_add" CMD. + */ +struct AuditorAddDenomSigState +{ + + /** + * Auditor enable handle while operation is running. + */ + struct TALER_EXCHANGE_AuditorAddDenominationHandle *dh; + + /** + * Our interpreter. + */ + struct TALER_TESTING_Interpreter *is; + + /** + * Reference to command identifying denomination to add. + */ + const char *denom_ref; + + /** + * Expected HTTP response code. + */ + unsigned int expected_response_code; + + /** + * Should we make the request with a bad master_sig signature? + */ + bool bad_sig; +}; + + +/** + * Callback to analyze the /management/auditor response, just used to check + * if the response code is acceptable. + * + * @param cls closure. + * @param hr HTTP response details + */ +static void +denom_sig_add_cb (void *cls, + const struct TALER_EXCHANGE_HttpResponse *hr) +{ + struct AuditorAddDenomSigState *ds = cls; + + ds->dh = NULL; + if (ds->expected_response_code != hr->http_status) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Unexpected response code %u to command %s in %s:%u\n", + hr->http_status, + ds->is->commands[ds->is->ip].label, + __FILE__, + __LINE__); + json_dumpf (hr->reply, + stderr, + 0); + TALER_TESTING_interpreter_fail (ds->is); + return; + } + TALER_TESTING_interpreter_next (ds->is); +} + + +/** + * Run the command. + * + * @param cls closure. + * @param cmd the command to execute. + * @param is the interpreter state. + */ +static void +auditor_add_run (void *cls, + const struct TALER_TESTING_Command *cmd, + struct TALER_TESTING_Interpreter *is) +{ + struct AuditorAddDenomSigState *ds = cls; + char *exchange_url; + struct TALER_AuditorPrivateKeyP auditor_priv; + struct TALER_AuditorPublicKeyP auditor_pub; + struct TALER_AuditorSignatureP auditor_sig; + struct GNUNET_HashCode h_denom_pub; + char *fn; + const struct TALER_EXCHANGE_DenomPublicKey *dk; + + (void) cmd; + /* Get denom pub from trait */ + { + const struct TALER_TESTING_Command *denom_cmd; + + denom_cmd = TALER_TESTING_interpreter_lookup_command (is, + ds->denom_ref); + + if (NULL == denom_cmd) + { + GNUNET_break (0); + TALER_TESTING_interpreter_fail (is); + return; + } + GNUNET_assert (GNUNET_OK == + TALER_TESTING_get_trait_denom_pub (denom_cmd, + 0, + &dk)); + } + if (GNUNET_SYSERR == + GNUNET_DISK_directory_create_for_file (fn)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Could not setup directory for auditor private key file `%s'\n", + fn); + GNUNET_free (fn); + TALER_TESTING_interpreter_next (ds->is); + return; + } + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_key_from_file (fn, + GNUNET_YES, + &auditor_priv.eddsa_priv)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Could not load auditor private key from `%s'\n", + fn); + GNUNET_free (fn); + TALER_TESTING_interpreter_next (ds->is); + return; + } + GNUNET_free (fn); + GNUNET_CRYPTO_eddsa_key_get_public (&auditor_priv.eddsa_priv, + &auditor_pub.eddsa_pub); + + + ds->is = is; + if (ds->bad_sig) + { + memset (&auditor_sig, + 42, + sizeof (auditor_sig)); + } + else + { + struct TALER_MasterPrivateKeyP master_priv; + char *auditor_url; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_filename (is->cfg, + "exchange-offline", + "MASTER_PRIV_FILE", + &fn)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "exchange-offline", + "MASTER_PRIV_FILE"); + TALER_TESTING_interpreter_next (ds->is); + GNUNET_free (auditor_url); + return; + } + if (GNUNET_SYSERR == + GNUNET_DISK_directory_create_for_file (fn)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Could not setup directory for master private key file `%s'\n", + fn); + GNUNET_free (fn); + TALER_TESTING_interpreter_next (ds->is); + return; + } + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_key_from_file (fn, + GNUNET_YES, + &master_priv.eddsa_priv)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Could not load master private key from `%s'\n", + fn); + GNUNET_free (fn); + TALER_TESTING_interpreter_next (ds->is); + return; + } + GNUNET_free (fn); + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_filename (is->cfg, + "auditor", + "BASE_URL", + &auditor_url)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "auditor", + "BASE_URL"); + TALER_TESTING_interpreter_next (ds->is); + return; + } + + /* now sign */ + { + struct TALER_ExchangeKeyValidityPS kv = { + .purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS), + .purpose.size = htonl (sizeof (struct TALER_ExchangeKeyValidityPS)), + .start = GNUNET_TIME_absolute_hton (dk->valid_from), + .expire_withdraw = GNUNET_TIME_absolute_hton ( + dk->withdraw_valid_until), + .expire_deposit = GNUNET_TIME_absolute_hton (dk->expire_deposit), + .expire_legal = GNUNET_TIME_absolute_hton (dk->expire_legal), + .denom_hash = dk->h_key + }; + + TALER_amount_hton (&kv.value, + &dk->value); + TALER_amount_hton (&kv.fee_withdraw, + &dk->fee_withdraw); + TALER_amount_hton (&kv.fee_deposit, + &dk->fee_deposit); + TALER_amount_hton (&kv.fee_refresh, + &dk->fee_refresh); + TALER_amount_hton (&kv.fee_refund, + &dk->fee_refund); + GNUNET_CRYPTO_eddsa_key_get_public (&master_priv.eddsa_priv, + &kv.master.eddsa_pub); + GNUNET_CRYPTO_hash (auditor_url, + strlen (auditor_url) + 1, + &kv.auditor_url_hash); + /* Finally sign ... */ + GNUNET_CRYPTO_eddsa_sign (&auditor_priv.eddsa_priv, + &kv, + &auditor_sig.eddsa_sig); + } + GNUNET_free (auditor_url); + } + + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (is->cfg, + "exchange", + "BASE_URL", + &exchange_url)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "exchange", + "BASE_URL"); + TALER_TESTING_interpreter_next (ds->is); + return; + } + ds->dh = TALER_EXCHANGE_add_auditor_denomination ( + is->ctx, + exchange_url, + &h_denom_pub, + &auditor_pub, + &auditor_sig, + &denom_sig_add_cb, + ds); + GNUNET_free (exchange_url); + if (NULL == ds->dh) + { + GNUNET_break (0); + TALER_TESTING_interpreter_fail (is); + return; + } +} + + +/** + * Free the state of a "auditor_add" CMD, and possibly cancel a + * pending operation thereof. + * + * @param cls closure, must be a `struct AuditorAddDenomSigState`. + * @param cmd the command which is being cleaned up. + */ +static void +auditor_add_cleanup (void *cls, + const struct TALER_TESTING_Command *cmd) +{ + struct AuditorAddDenomSigState *ds = cls; + + if (NULL != ds->dh) + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + "Command %u (%s) did not complete\n", + ds->is->ip, + cmd->label); + TALER_EXCHANGE_add_auditor_denomination_cancel (ds->dh); + ds->dh = NULL; + } + GNUNET_free (ds); +} + + +/** + * Offer internal data from a "auditor_add" CMD, to other commands. + * + * @param cls closure. + * @param[out] ret result. + * @param trait name of the trait. + * @param index index number of the object to offer. + * + * @return #GNUNET_OK on success. + */ +static int +auditor_add_traits (void *cls, + const void **ret, + const char *trait, + unsigned int index) +{ + return GNUNET_NO; +} + + +struct TALER_TESTING_Command +TALER_TESTING_cmd_auditor_add_denom_sig (const char *label, + unsigned int expected_http_status, + const char *denom_ref, + bool bad_sig) +{ + struct AuditorAddDenomSigState *ds; + + ds = GNUNET_new (struct AuditorAddDenomSigState); + ds->expected_response_code = expected_http_status; + ds->bad_sig = bad_sig; + ds->denom_ref = denom_ref; + { + struct TALER_TESTING_Command cmd = { + .cls = ds, + .label = label, + .run = &auditor_add_run, + .cleanup = &auditor_add_cleanup, + .traits = &auditor_add_traits + }; + + return cmd; + } +} + + +/* end of testing_api_cmd_auditor_add_denom_sig.c */