fix use of struct TALER_RefreshMeltCoinAffirmationPS

src/include/taler_mintdb_plugin.h

@@ -332,6 +332,17 @@ struct TALER_MINTDB_RefreshMelt
    */
   struct TALER_Amount amount_with_fee;
 
+  /**
+   * Melting fee charged by the mint.  This must match the Mint's
+   * denomination key's melting fee.  If the client puts in an invalid
+   * melting fee (too high or too low) that does not match the Mint's
+   * denomination key, the melting operation is invalid and will be
+   * rejected by the mint.  The @e amount_with_fee minus the @e
+   * melt_fee is the amount that will be credited to the melting
+   * session.
+   */
+  struct TALER_Amount melt_fee;
+
 };
 
 

src/mint/taler-mint-httpd_refresh.c

@@ -242,26 +242,6 @@ verify_coin_public_info (struct MHD_Connection *connection,
   struct TALER_MINTDB_DenominationKeyIssueInformation *dki;
   struct TALER_Amount fee_refresh;
 
-  body.purpose.size = htonl (sizeof (struct TALER_RefreshMeltCoinAffirmationPS));
-  body.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT);
-  body.session_hash = *session_hash;
-  TALER_amount_hton (&body.amount_with_fee,
-                     &r_melt_detail->melt_amount_with_fee);
-  body.coin_pub = r_public_info->coin_pub;
-  if (GNUNET_OK !=
-      GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT,
-                                  &body.purpose,
-                                  &r_melt_detail->melt_sig.ecdsa_signature,
-                                  &r_public_info->coin_pub.ecdsa_pub))
-  {
-    if (MHD_YES !=
-        TMH_RESPONSE_reply_json_pack (connection,
-                                    MHD_HTTP_UNAUTHORIZED,
-                                    "{s:s}",
-                                    "error", "signature invalid"))
-      return GNUNET_SYSERR;
-    return GNUNET_NO;
-  }
   key_state = TMH_KS_acquire ();
   dki = TMH_KS_denomination_key_lookup (key_state,
                                         &r_public_info->denom_pub);
@@ -276,6 +256,14 @@ verify_coin_public_info (struct MHD_Connection *connection,
      valid for issuing! (#3634) */
   TALER_amount_ntoh (&fee_refresh,
                      &dki->issue.fee_refresh);
+  body.purpose.size = htonl (sizeof (struct TALER_RefreshMeltCoinAffirmationPS));
+  body.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT);
+  body.session_hash = *session_hash;
+  TALER_amount_hton (&body.amount_with_fee,
+                     &r_melt_detail->melt_amount_with_fee);
+  TALER_amount_hton (&body.melt_fee,
+                     &fee_refresh);
+  body.coin_pub = r_public_info->coin_pub;
   if (TALER_amount_cmp (&fee_refresh,
                         &r_melt_detail->melt_amount_with_fee) < 0)
   {
@@ -287,6 +275,20 @@ verify_coin_public_info (struct MHD_Connection *connection,
   }
 
   TMH_KS_release (key_state);
+  if (GNUNET_OK !=
+      GNUNET_CRYPTO_ecdsa_verify (TALER_SIGNATURE_WALLET_COIN_MELT,
+                                  &body.purpose,
+                                  &r_melt_detail->melt_sig.ecdsa_signature,
+                                  &r_public_info->coin_pub.ecdsa_pub))
+  {
+    if (MHD_YES !=
+        TMH_RESPONSE_reply_json_pack (connection,
+                                      MHD_HTTP_UNAUTHORIZED,
+                                      "{s:s}",
+                                      "error", "signature invalid"))
+      return GNUNET_SYSERR;
+    return GNUNET_NO;
+  }
   return GNUNET_OK;
 }
 

src/mint/taler-mint-httpd_responses.c

@@ -377,6 +377,8 @@ compile_transaction_history (const struct TALER_MINTDB_TransactionList *tl)
         ms.session_hash = melt->session_hash;
         TALER_amount_hton (&ms.amount_with_fee,
                            &melt->amount_with_fee);
+        TALER_amount_hton (&ms.melt_fee,
+                           &melt->melt_fee);
         ms.coin_pub = melt->coin.coin_pub;
         transaction = TALER_json_from_ecdsa_sig (&ms.purpose,
                                                  &melt->coin_sig.ecdsa_signature);