properly handle signing errors if httpd lacks signing keys by returning internal errors (and handling new return value from TEH_KS_sign)
This commit is contained in:
Christian Grothoff
parent
7935349d35
commit
cc5d09cf1d
@ -78,9 +78,15 @@ reply_deposit_success (struct MHD_Connection *connection,
|
||||
amount_without_fee);
|
||||
dc.coin_pub = *coin_pub;
|
||||
dc.merchant = *merchant;
|
||||
TEH_KS_sign (&dc.purpose,
|
||||
&pub,
|
||||
&sig);
|
||||
if (GNUNET_OK !=
|
||||
TEH_KS_sign (&dc.purpose,
|
||||
&pub,
|
||||
&sig))
|
||||
{
|
||||
return TEH_RESPONSE_reply_internal_error (connection,
|
||||
TALER_EC_EXCHANGE_BAD_CONFIGURATION,
|
||||
"no keys");
|
||||
}
|
||||
return TEH_RESPONSE_reply_json_pack (connection,
|
||||
MHD_HTTP_OK,
|
||||
"{s:s, s:o, s:o}",
|
||||
|
||||
@ -1845,8 +1845,9 @@ read_again:
|
||||
* @param purpose the message to sign
|
||||
* @param[out] pub set to the current public signing key of the exchange
|
||||
* @param[out] sig signature over purpose using current signing key
|
||||
* @return #GNUNET_OK on success, #GNUNET_SYSERR if we lack key material
|
||||
*/
|
||||
void
|
||||
int
|
||||
TEH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
|
||||
struct TALER_ExchangePublicKeyP *pub,
|
||||
struct TALER_ExchangeSignatureP *sig)
|
||||
@ -1855,15 +1856,21 @@ TEH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
|
||||
struct TEH_KS_StateHandle *key_state;
|
||||
|
||||
key_state = TEH_KS_acquire ();
|
||||
GNUNET_assert (NULL != key_state); /* This *can* happen if the exchange's keys are
|
||||
not properly maintained, but in this case we
|
||||
simply have no good way forward. */
|
||||
if (NULL == key_state)
|
||||
{
|
||||
/* This *can* happen if the exchange's keys are
|
||||
not properly maintained. */
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
||||
_("Cannot sign request, no valid keys available\n"));
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
*pub = key_state->current_sign_key_issue.issue.signkey_pub;
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
GNUNET_CRYPTO_eddsa_sign (&key_state->current_sign_key_issue.signkey_priv.eddsa_priv,
|
||||
purpose,
|
||||
&sig->eddsa_signature));
|
||||
TEH_KS_release (key_state);
|
||||
return GNUNET_OK;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -140,8 +140,9 @@ TEH_KS_loop (void);
|
||||
* @param purpose the message to sign
|
||||
* @param[out] pub set to the current public signing key of the exchange
|
||||
* @param[out] sig signature over purpose using current signing key
|
||||
* @return #GNUNET_OK on success, #GNUNET_SYSERR if we lack key material
|
||||
*/
|
||||
void
|
||||
int
|
||||
TEH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
|
||||
struct TALER_ExchangePublicKeyP *pub,
|
||||
struct TALER_ExchangeSignatureP *sig);
|
||||
|
||||
@ -82,9 +82,15 @@ reply_payback_success (struct MHD_Connection *connection,
|
||||
amount);
|
||||
pc.coin_pub = *coin_pub;
|
||||
pc.reserve_pub = *reserve_pub;
|
||||
TEH_KS_sign (&pc.purpose,
|
||||
&pub,
|
||||
&sig);
|
||||
if (GNUNET_OK !=
|
||||
TEH_KS_sign (&pc.purpose,
|
||||
&pub,
|
||||
&sig))
|
||||
{
|
||||
return TEH_RESPONSE_reply_internal_error (connection,
|
||||
TALER_EC_EXCHANGE_BAD_CONFIGURATION,
|
||||
"no keys");
|
||||
}
|
||||
return TEH_RESPONSE_reply_json_pack (connection,
|
||||
MHD_HTTP_OK,
|
||||
"{s:o, s:o, s:o, s:o, s:o}",
|
||||
|
||||
@ -135,9 +135,15 @@ reply_refresh_melt_success (struct MHD_Connection *connection,
|
||||
body.session_hash = *session_hash;
|
||||
body.noreveal_index = htons (noreveal_index);
|
||||
body.reserved = htons (0);
|
||||
TEH_KS_sign (&body.purpose,
|
||||
&pub,
|
||||
&sig);
|
||||
if (GNUNET_OK !=
|
||||
TEH_KS_sign (&body.purpose,
|
||||
&pub,
|
||||
&sig))
|
||||
{
|
||||
return TEH_RESPONSE_reply_internal_error (connection,
|
||||
TALER_EC_EXCHANGE_BAD_CONFIGURATION,
|
||||
"no keys");
|
||||
}
|
||||
sig_json = GNUNET_JSON_from_data_auto (&sig);
|
||||
GNUNET_assert (NULL != sig_json);
|
||||
return TEH_RESPONSE_reply_json_pack (connection,
|
||||
|
||||
@ -61,9 +61,15 @@ reply_refund_success (struct MHD_Connection *connection,
|
||||
&refund->refund_amount);
|
||||
TALER_amount_hton (&rc.refund_fee,
|
||||
&refund->refund_fee);
|
||||
TEH_KS_sign (&rc.purpose,
|
||||
&pub,
|
||||
&sig);
|
||||
if (GNUNET_OK !=
|
||||
TEH_KS_sign (&rc.purpose,
|
||||
&pub,
|
||||
&sig))
|
||||
{
|
||||
return TEH_RESPONSE_reply_internal_error (connection,
|
||||
TALER_EC_EXCHANGE_BAD_CONFIGURATION,
|
||||
"no keys");
|
||||
}
|
||||
return TEH_RESPONSE_reply_json_pack (connection,
|
||||
MHD_HTTP_OK,
|
||||
"{s:s, s:o, s:o}",
|
||||
|
||||
@ -474,7 +474,7 @@ TEH_RESPONSE_reply_invalid_json (struct MHD_Connection *connection)
|
||||
* Compile the transaction history of a coin into a JSON object.
|
||||
*
|
||||
* @param tl transaction history to JSON-ify
|
||||
* @return json representation of the @a rh
|
||||
* @return json representation of the @a rh, NULL on error
|
||||
*/
|
||||
json_t *
|
||||
TEH_RESPONSE_compile_transaction_history (const struct TALER_EXCHANGEDB_TransactionList *tl)
|
||||
@ -632,9 +632,15 @@ TEH_RESPONSE_compile_transaction_history (const struct TALER_EXCHANGEDB_Transact
|
||||
&payback->value);
|
||||
pc.coin_pub = payback->coin.coin_pub;
|
||||
pc.reserve_pub = payback->reserve_pub;
|
||||
TEH_KS_sign (&pc.purpose,
|
||||
&epub,
|
||||
&esig);
|
||||
if (GNUNET_OK !=
|
||||
TEH_KS_sign (&pc.purpose,
|
||||
&epub,
|
||||
&esig))
|
||||
{
|
||||
GNUNET_break (0);
|
||||
json_decref (history);
|
||||
return NULL;
|
||||
}
|
||||
GNUNET_assert (0 ==
|
||||
json_array_append_new (history,
|
||||
json_pack ("{s:s, s:o, s:o, s:o, s:o, s:o}",
|
||||
@ -796,9 +802,15 @@ TEH_RESPONSE_compile_reserve_history (const struct TALER_EXCHANGEDB_ReserveHisto
|
||||
&payback->value);
|
||||
pc.coin_pub = payback->coin.coin_pub;
|
||||
pc.reserve_pub = payback->reserve_pub;
|
||||
TEH_KS_sign (&pc.purpose,
|
||||
&pub,
|
||||
&sig);
|
||||
if (GNUNET_OK !=
|
||||
TEH_KS_sign (&pc.purpose,
|
||||
&pub,
|
||||
&sig))
|
||||
{
|
||||
GNUNET_break (0);
|
||||
json_decref (json_history);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
GNUNET_assert (0 ==
|
||||
json_array_append_new (json_history,
|
||||
@ -852,9 +864,15 @@ TEH_RESPONSE_compile_reserve_history (const struct TALER_EXCHANGEDB_ReserveHisto
|
||||
return NULL;
|
||||
}
|
||||
rcc.wtid = pos->details.closing->wtid;
|
||||
TEH_KS_sign (&rcc.purpose,
|
||||
&pub,
|
||||
&sig);
|
||||
if (GNUNET_OK !=
|
||||
TEH_KS_sign (&rcc.purpose,
|
||||
&pub,
|
||||
&sig))
|
||||
{
|
||||
GNUNET_break (0);
|
||||
json_decref (json_history);
|
||||
return NULL;
|
||||
}
|
||||
GNUNET_assert (0 ==
|
||||
json_array_append_new (json_history,
|
||||
json_pack ("{s:s, s:O, s:o, s:o, s:o, s:o, s:o, s:o}",
|
||||
|
||||
@ -85,9 +85,15 @@ reply_track_transaction (struct MHD_Connection *connection,
|
||||
cw.execution_time = GNUNET_TIME_absolute_hton (exec_time);
|
||||
TALER_amount_hton (&cw.coin_contribution,
|
||||
coin_contribution);
|
||||
TEH_KS_sign (&cw.purpose,
|
||||
&pub,
|
||||
&sig);
|
||||
if (GNUNET_OK !=
|
||||
TEH_KS_sign (&cw.purpose,
|
||||
&pub,
|
||||
&sig))
|
||||
{
|
||||
return TEH_RESPONSE_reply_internal_error (connection,
|
||||
TALER_EC_EXCHANGE_BAD_CONFIGURATION,
|
||||
"no keys");
|
||||
}
|
||||
return TEH_RESPONSE_reply_json_pack (connection,
|
||||
MHD_HTTP_OK,
|
||||
"{s:o, s:o, s:o, s:o, s:o}",
|
||||
|
||||
@ -131,9 +131,17 @@ reply_track_transfer_details (struct MHD_Connection *connection,
|
||||
wdp.h_wire = *h_wire;
|
||||
GNUNET_CRYPTO_hash_context_finish (hash_context,
|
||||
&wdp.h_details);
|
||||
TEH_KS_sign (&wdp.purpose,
|
||||
&pub,
|
||||
&sig);
|
||||
if (GNUNET_OK !=
|
||||
TEH_KS_sign (&wdp.purpose,
|
||||
&pub,
|
||||
&sig))
|
||||
{
|
||||
json_decref (deposits);
|
||||
return TEH_RESPONSE_reply_internal_error (connection,
|
||||
TALER_EC_EXCHANGE_BAD_CONFIGURATION,
|
||||
"no keys");
|
||||
}
|
||||
|
||||
return TEH_RESPONSE_reply_json_pack (connection,
|
||||
MHD_HTTP_OK,
|
||||
"{s:o, s:o, s:o, s:o, s:o, s:o, s:o, s:o}",
|
||||
|
||||
Loading…
Reference in New Issue
Block a user