integrate auditor signature check logic with taler-helper-auditor-coins
This commit is contained in:
parent
a644355c44
commit
fe232f1fed
@ -64,7 +64,12 @@ struct TALER_MasterPublicKeyP TALER_ARL_master_pub;
|
||||
/**
|
||||
* Public key of the auditor.
|
||||
*/
|
||||
static struct TALER_AuditorPublicKeyP TALER_ARL_auditor_pub;
|
||||
struct TALER_AuditorPublicKeyP TALER_ARL_auditor_pub;
|
||||
|
||||
/**
|
||||
* REST API endpoint of the auditor.
|
||||
*/
|
||||
char *TALER_ARL_auditor_url;
|
||||
|
||||
/**
|
||||
* At what time did the auditor process start?
|
||||
@ -177,62 +182,6 @@ add_denomination (
|
||||
GNUNET_CONTAINER_multihashmap_get (denominations,
|
||||
&issue->denom_hash))
|
||||
return; /* value already known */
|
||||
#if FIXME_IMPLEMENT
|
||||
qs = TALER_ARL_edb->select_auditor_denom_sig (TALER_ARL_edb->cls,
|
||||
TALER_ARL_esession,
|
||||
&issue->denom_hash,
|
||||
&TALER_ARL_auditor_pub,
|
||||
&auditor_sig);
|
||||
if (0 >= qs)
|
||||
{
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
|
||||
"Encountered denomination `%s' that this auditor is not auditing!\n",
|
||||
GNUNET_h2s (&issue->denom_hash));
|
||||
return; /* skip! */
|
||||
}
|
||||
{
|
||||
// TODO: one of the auditor passes should really just do this
|
||||
// add problems to JSON report (even if the implications are unclear),
|
||||
// instead of doing it here!
|
||||
struct TALER_Amount coin_value;
|
||||
struct TALER_Amount fee_withdraw;
|
||||
struct TALER_Amount fee_deposit;
|
||||
struct TALER_Amount fee_refresh;
|
||||
struct TALER_Amount fee_refund;
|
||||
|
||||
TALER_amount_hton (&coin_value,
|
||||
&issue->value);
|
||||
TALER_amount_hton (&fee_withdraw,
|
||||
&issue->fee_withdraw);
|
||||
TALER_amount_hton (&fee_deposit,
|
||||
&issue->fee_deposit);
|
||||
TALER_amount_hton (&fee_refresh,
|
||||
&issue->fee_refresh);
|
||||
TALER_amount_hton (&fee_refund,
|
||||
&issue->fee_refund);
|
||||
if (GNUNET_OK !=
|
||||
TALER_auditor_denom_validity_verify (
|
||||
TALER_ARL_auditor_url,
|
||||
&issue->denom_hash,
|
||||
&TALER_ARL_master_pub,
|
||||
GNUNET_TIME_absolute_ntoh (issue->start),
|
||||
GNUNET_TIME_absolute_ntoh (issue->expire_withdraw),
|
||||
GNUNET_TIME_absolute_ntoh (issue->expire_deposit),
|
||||
GNUNET_TIME_absolute_ntoh (issue->expire_legal),
|
||||
&coin_value,
|
||||
&fee_withdraw,
|
||||
&fee_deposit,
|
||||
&fee_refresh,
|
||||
&fee_refund,
|
||||
&TALER_ARL_auditor_pub,
|
||||
&auditor_sig))
|
||||
{
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
||||
"Exchange has invalid signature from this auditor for denomination `%s' in its database!\n",
|
||||
GNUNET_h2s (&issue->denom_hash));
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#if GNUNET_EXTRA_LOGGING >= 1
|
||||
{
|
||||
struct TALER_Amount value;
|
||||
@ -728,6 +677,18 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c)
|
||||
{
|
||||
TALER_ARL_cfg = c;
|
||||
start_time = GNUNET_TIME_absolute_get ();
|
||||
|
||||
if (GNUNET_OK !=
|
||||
GNUNET_CONFIGURATION_get_value_string (TALER_ARL_cfg,
|
||||
"auditor",
|
||||
"BASE_URL",
|
||||
&TALER_ARL_auditor_url))
|
||||
{
|
||||
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
|
||||
"auditor",
|
||||
"BASE_URL");
|
||||
return GNUNET_SYSERR;
|
||||
}
|
||||
if (GNUNET_YES == GNUNET_is_zero (&TALER_ARL_master_pub))
|
||||
{
|
||||
/* -m option not given, try configuration */
|
||||
@ -944,6 +905,7 @@ TALER_ARL_done (json_t *report)
|
||||
JSON_INDENT (2));
|
||||
json_decref (report);
|
||||
}
|
||||
GNUNET_free (TALER_ARL_auditor_url);
|
||||
}
|
||||
|
||||
|
||||
|
@ -74,6 +74,16 @@ extern struct TALER_AUDITORDB_Session *TALER_ARL_asession;
|
||||
*/
|
||||
extern struct TALER_MasterPublicKeyP TALER_ARL_master_pub;
|
||||
|
||||
/**
|
||||
* Public key of the auditor.
|
||||
*/
|
||||
extern struct TALER_AuditorPublicKeyP TALER_ARL_auditor_pub;
|
||||
|
||||
/**
|
||||
* REST API endpoint of the auditor.
|
||||
*/
|
||||
extern char *TALER_ARL_auditor_url;
|
||||
|
||||
/**
|
||||
* At what time did the auditor process start?
|
||||
*/
|
||||
|
@ -2196,6 +2196,81 @@ recoup_refresh_cb (void *cls,
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Function called with the results of iterate_denomination_info(),
|
||||
* or directly (!). Used to check that we correctly signed the
|
||||
* denomination and to warn if there are denominations not approved
|
||||
* by this auditor.
|
||||
*
|
||||
* @param cls closure, NULL
|
||||
* @param denom_pub public key, sometimes NULL (!)
|
||||
* @param validity issuing information with value, fees and other info about the denomination.
|
||||
*/
|
||||
static void
|
||||
check_denomination (
|
||||
void *cls,
|
||||
const struct TALER_DenominationPublicKey *denom_pub,
|
||||
const struct TALER_EXCHANGEDB_DenominationKeyInformationP *validity)
|
||||
{
|
||||
const struct TALER_DenominationKeyValidityPS *issue = &validity->properties;
|
||||
enum GNUNET_DB_QueryStatus qs;
|
||||
struct TALER_AuditorSignatureP auditor_sig;
|
||||
|
||||
qs = TALER_ARL_edb->select_auditor_denom_sig (TALER_ARL_edb->cls,
|
||||
TALER_ARL_esession,
|
||||
&issue->denom_hash,
|
||||
&TALER_ARL_auditor_pub,
|
||||
&auditor_sig);
|
||||
if (0 >= qs)
|
||||
{
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
|
||||
"Encountered denomination `%s' that this auditor is not auditing!\n",
|
||||
GNUNET_h2s (&issue->denom_hash));
|
||||
return; /* skip! */
|
||||
}
|
||||
{
|
||||
struct TALER_Amount coin_value;
|
||||
struct TALER_Amount fee_withdraw;
|
||||
struct TALER_Amount fee_deposit;
|
||||
struct TALER_Amount fee_refresh;
|
||||
struct TALER_Amount fee_refund;
|
||||
|
||||
TALER_amount_ntoh (&coin_value,
|
||||
&issue->value);
|
||||
TALER_amount_ntoh (&fee_withdraw,
|
||||
&issue->fee_withdraw);
|
||||
TALER_amount_ntoh (&fee_deposit,
|
||||
&issue->fee_deposit);
|
||||
TALER_amount_ntoh (&fee_refresh,
|
||||
&issue->fee_refresh);
|
||||
TALER_amount_ntoh (&fee_refund,
|
||||
&issue->fee_refund);
|
||||
if (GNUNET_OK !=
|
||||
TALER_auditor_denom_validity_verify (
|
||||
TALER_ARL_auditor_url,
|
||||
&issue->denom_hash,
|
||||
&TALER_ARL_master_pub,
|
||||
GNUNET_TIME_absolute_ntoh (issue->start),
|
||||
GNUNET_TIME_absolute_ntoh (issue->expire_withdraw),
|
||||
GNUNET_TIME_absolute_ntoh (issue->expire_deposit),
|
||||
GNUNET_TIME_absolute_ntoh (issue->expire_legal),
|
||||
&coin_value,
|
||||
&fee_withdraw,
|
||||
&fee_deposit,
|
||||
&fee_refresh,
|
||||
&fee_refund,
|
||||
&TALER_ARL_auditor_pub,
|
||||
&auditor_sig))
|
||||
{
|
||||
// FIXME: add properly to audit report!
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
||||
"Exchange has invalid signature from this auditor for denomination `%s' in its database!\n",
|
||||
GNUNET_h2s (&issue->denom_hash));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Analyze the exchange's processing of coins.
|
||||
*
|
||||
@ -2211,6 +2286,17 @@ analyze_coins (void *cls)
|
||||
enum GNUNET_DB_QueryStatus qsp;
|
||||
|
||||
(void) cls;
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
||||
"Checking denominations...\n");
|
||||
qs = TALER_ARL_edb->iterate_denomination_info (TALER_ARL_edb->cls,
|
||||
TALER_ARL_esession,
|
||||
&check_denomination,
|
||||
NULL);
|
||||
if (0 > qs)
|
||||
{
|
||||
GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs);
|
||||
return qs;
|
||||
}
|
||||
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
||||
"Analyzing coins\n");
|
||||
qsp = TALER_ARL_adb->get_auditor_progress_coin (TALER_ARL_adb->cls,
|
||||
|
@ -1597,6 +1597,14 @@ postgres_get_session (void *cls)
|
||||
") VALUES "
|
||||
"($1, $2, $3);",
|
||||
3),
|
||||
/* used in #postgres_select_auditor_denom_sig() */
|
||||
GNUNET_PQ_make_prepare ("select_auditor_denom_sig",
|
||||
"SELECT"
|
||||
" auditor_sig"
|
||||
" FROM auditor_denom_sigs"
|
||||
" WHERE auditor_pub=$1"
|
||||
" AND denom_pub_hash=$2",
|
||||
2),
|
||||
/* used in #postgres_lookup_wire_fee_by_time() */
|
||||
GNUNET_PQ_make_prepare ("lookup_wire_fee_by_time",
|
||||
"SELECT"
|
||||
@ -8695,6 +8703,43 @@ postgres_insert_auditor_denom_sig (
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Select information about an auditor auditing a denomination key.
|
||||
*
|
||||
* @param cls closure
|
||||
* @param session a session
|
||||
* @param h_denom_pub the audited denomination
|
||||
* @param auditor_pub the auditor's key
|
||||
* @param[out] auditor_sig set to signature affirming the auditor's audit activity
|
||||
* @return transaction status code
|
||||
*/
|
||||
static enum GNUNET_DB_QueryStatus
|
||||
postgres_select_auditor_denom_sig (
|
||||
void *cls,
|
||||
struct TALER_EXCHANGEDB_Session *session,
|
||||
const struct GNUNET_HashCode *h_denom_pub,
|
||||
const struct TALER_AuditorPublicKeyP *auditor_pub,
|
||||
struct TALER_AuditorSignatureP *auditor_sig)
|
||||
{
|
||||
struct GNUNET_PQ_QueryParam params[] = {
|
||||
GNUNET_PQ_query_param_auto_from_type (auditor_pub),
|
||||
GNUNET_PQ_query_param_auto_from_type (h_denom_pub),
|
||||
GNUNET_PQ_query_param_end
|
||||
};
|
||||
struct GNUNET_PQ_ResultSpec rs[] = {
|
||||
GNUNET_PQ_result_spec_auto_from_type ("auditor_sig",
|
||||
auditor_sig),
|
||||
GNUNET_PQ_result_spec_end
|
||||
};
|
||||
|
||||
(void) cls;
|
||||
return GNUNET_PQ_eval_prepared_singleton_select (session->conn,
|
||||
"select_auditor_denom_sig",
|
||||
params,
|
||||
rs);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Closure for #wire_fee_by_time_helper()
|
||||
*/
|
||||
@ -9036,6 +9081,8 @@ libtaler_plugin_exchangedb_postgres_init (void *cls)
|
||||
= &postgres_lookup_denomination_key;
|
||||
plugin->insert_auditor_denom_sig
|
||||
= &postgres_insert_auditor_denom_sig;
|
||||
plugin->select_auditor_denom_sig
|
||||
= &postgres_select_auditor_denom_sig;
|
||||
plugin->lookup_wire_fee_by_time
|
||||
= &postgres_lookup_wire_fee_by_time;
|
||||
plugin->add_denomination_key
|
||||
|
@ -3436,6 +3436,25 @@ struct TALER_EXCHANGEDB_Plugin
|
||||
const struct TALER_AuditorSignatureP *auditor_sig);
|
||||
|
||||
|
||||
/**
|
||||
* Obtain information about an auditor auditing a denomination key.
|
||||
*
|
||||
* @param cls closure
|
||||
* @param session a session
|
||||
* @param h_denom_pub the audited denomination
|
||||
* @param auditor_pub the auditor's key
|
||||
* @param[out] auditor_sig set to signature affirming the auditor's audit activity
|
||||
* @return transaction status code
|
||||
*/
|
||||
enum GNUNET_DB_QueryStatus
|
||||
(*select_auditor_denom_sig)(
|
||||
void *cls,
|
||||
struct TALER_EXCHANGEDB_Session *session,
|
||||
const struct GNUNET_HashCode *h_denom_pub,
|
||||
const struct TALER_AuditorPublicKeyP *auditor_pub,
|
||||
struct TALER_AuditorSignatureP *auditor_sig);
|
||||
|
||||
|
||||
/**
|
||||
* Lookup information about known wire fees.
|
||||
*
|
||||
|
Loading…
Reference in New Issue
Block a user