From cb987575c17bd7c570d83b516dae86b4eabfe0d2 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 11 Apr 2016 20:16:58 +0200 Subject: [PATCH] check exchange signature on /wire/deposit response (#4135) --- src/exchange-lib/exchange_api_common.c | 7 ++- src/exchange-lib/exchange_api_common.h | 6 +-- src/exchange-lib/exchange_api_context.c | 10 ++-- src/exchange-lib/exchange_api_wire_deposits.c | 49 +++++++++++++++++-- 4 files changed, 55 insertions(+), 17 deletions(-) diff --git a/src/exchange-lib/exchange_api_common.c b/src/exchange-lib/exchange_api_common.c index 6d2408d93..aacbb4a2a 100644 --- a/src/exchange-lib/exchange_api_common.c +++ b/src/exchange-lib/exchange_api_common.c @@ -38,9 +38,9 @@ */ int TALER_EXCHANGE_verify_coin_history_ (const char *currency, - const struct TALER_CoinSpendPublicKeyP *coin_pub, - json_t *history, - struct TALER_Amount *total) + const struct TALER_CoinSpendPublicKeyP *coin_pub, + json_t *history, + struct TALER_Amount *total) { size_t len; size_t off; @@ -119,7 +119,6 @@ TALER_EXCHANGE_verify_coin_history_ (const char *currency, return GNUNET_SYSERR; } - // FIXME: check sig! TALER_amount_ntoh (&dr_amount, &dr->amount_with_fee); if (0 != TALER_amount_cmp (&dr_amount, diff --git a/src/exchange-lib/exchange_api_common.h b/src/exchange-lib/exchange_api_common.h index 49f486b00..2a521ceb2 100644 --- a/src/exchange-lib/exchange_api_common.h +++ b/src/exchange-lib/exchange_api_common.h @@ -34,8 +34,8 @@ */ int TALER_EXCHANGE_verify_coin_history_ (const char *currency, - const struct TALER_CoinSpendPublicKeyP *coin_pub, - json_t *history, - struct TALER_Amount *total); + const struct TALER_CoinSpendPublicKeyP *coin_pub, + json_t *history, + struct TALER_Amount *total); /* end of exchange_api_common.h */ diff --git a/src/exchange-lib/exchange_api_context.c b/src/exchange-lib/exchange_api_context.c index 544719001..8d6746a17 100644 --- a/src/exchange-lib/exchange_api_context.c +++ b/src/exchange-lib/exchange_api_context.c @@ -327,11 +327,11 @@ TALER_EXCHANGE_perform (struct TALER_EXCHANGE_Context *ctx) */ void TALER_EXCHANGE_get_select_info (struct TALER_EXCHANGE_Context *ctx, - fd_set *read_fd_set, - fd_set *write_fd_set, - fd_set *except_fd_set, - int *max_fd, - long *timeout) + fd_set *read_fd_set, + fd_set *write_fd_set, + fd_set *except_fd_set, + int *max_fd, + long *timeout) { long to; int m; diff --git a/src/exchange-lib/exchange_api_wire_deposits.c b/src/exchange-lib/exchange_api_wire_deposits.c index 5b661920d..49a50f640 100644 --- a/src/exchange-lib/exchange_api_wire_deposits.c +++ b/src/exchange-lib/exchange_api_wire_deposits.c @@ -101,12 +101,12 @@ handle_wire_deposits_finished (void *cls, struct TALER_Amount total_amount; struct TALER_MerchantPublicKeyP merchant_pub; unsigned int num_details; - struct TALER_ExchangePublicKeyP pub; - struct TALER_ExchangeSignatureP sig; + struct TALER_ExchangePublicKeyP exchange_pub; + struct TALER_ExchangeSignatureP exchange_sig; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_fixed_auto ("H_wire", &h_wire), - GNUNET_JSON_spec_fixed_auto ("exchange_pub", &pub), - GNUNET_JSON_spec_fixed_auto ("exchange_sig", &sig), + GNUNET_JSON_spec_fixed_auto ("exchange_pub", &exchange_pub), + GNUNET_JSON_spec_fixed_auto ("exchange_sig", &exchange_sig), GNUNET_JSON_spec_fixed_auto ("merchant_pub", &merchant_pub), TALER_JSON_spec_amount ("total_amount", &total_amount), GNUNET_JSON_spec_json ("details", &details_j), @@ -126,7 +126,11 @@ handle_wire_deposits_finished (void *cls, { struct TALER_WireDepositDetails details[num_details]; unsigned int i; + struct GNUNET_HashContext *hash_context; + struct TALER_WireDepositDetailP dd; + struct TALER_WireDepositDataPS wdp; + hash_context = GNUNET_CRYPTO_hash_context_start (); for (i=0;ih_contract; + dd.transaction_id = GNUNET_htonll (detail->transaction_id); + dd.coin_pub = detail->coin_pub; + TALER_amount_hton (&dd.deposit_value, + &detail->coin_value); + TALER_amount_hton (&dd.deposit_fee, + &detail->coin_fee); + GNUNET_CRYPTO_hash_context_read (hash_context, + &dd, + sizeof (struct TALER_WireDepositDetailP)); + } + /* Check signature */ + wdp.purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_WIRE_DEPOSIT); + wdp.purpose.size = htonl (sizeof (struct TALER_WireDepositDataPS)); + TALER_amount_hton (&wdp.total, + &total_amount); + wdp.merchant_pub = merchant_pub; + wdp.h_wire = h_wire; + GNUNET_CRYPTO_hash_context_finish (hash_context, + &wdp.h_details); + if ( (0 == response_code /* avoid crypto if things are already wrong */) && + (GNUNET_OK != + TALER_EXCHANGE_test_signing_key (TALER_EXCHANGE_get_keys (wdh->exchange), + &exchange_pub)) ) + { + GNUNET_break_op (0); + response_code = 0; + } + if ( (0 == response_code /* avoid crypto if things are already wrong */) && + (GNUNET_OK != + TALER_EXCHANGE_test_signing_key (TALER_EXCHANGE_get_keys (wdh->exchange), + &exchange_pub)) ) + { + GNUNET_break_op (0); + response_code = 0; } if (0 == response_code) break; - /* FIXME: check signature (#4135) */ wdh->cb (wdh->cb_cls, response_code, json,