From 1b0bec0363793996eff6483d36b844cfa2381404 Mon Sep 17 00:00:00 2001
From: Florian Dold <florian@dold.me>
Date: Wed, 3 May 2023 10:01:44 +0200
Subject: [PATCH] wallet-core: support new exchange wire account signature

---
 .../taler-util/src/libtool-version.test.ts    |  2 ++
 packages/taler-util/src/taler-types.ts        |  7 ++++++
 .../src/crypto/cryptoImplementation.ts        | 25 ++++++++++++++++---
 .../src/operations/exchanges.ts               |  3 +++
 packages/taler-wallet-core/src/versions.ts    |  4 +--
 5 files changed, 36 insertions(+), 5 deletions(-)

diff --git a/packages/taler-util/src/libtool-version.test.ts b/packages/taler-util/src/libtool-version.test.ts
index c1683f0df..addd1b418 100644
--- a/packages/taler-util/src/libtool-version.test.ts
+++ b/packages/taler-util/src/libtool-version.test.ts
@@ -45,4 +45,6 @@ test("version comparison", (t) => {
     compatible: true,
     currentCmp: 0,
   });
+  t.true(LibtoolVersion.compare("42:0:1", "41:0:0")?.compatible);
+  t.true(LibtoolVersion.compare("41:0:0", "42:0:1")?.compatible);
 });
diff --git a/packages/taler-util/src/taler-types.ts b/packages/taler-util/src/taler-types.ts
index ab5951112..295530529 100644
--- a/packages/taler-util/src/taler-types.ts
+++ b/packages/taler-util/src/taler-types.ts
@@ -840,6 +840,10 @@ export class WireFeesJson {
 export interface AccountInfo {
   payto_uri: string;
   master_sig: string;
+  // Will become mandatory in later protocol versions
+  conversion_url?: string;
+  credit_restrictions?: any;
+  debit_restrictions?: any;
 }
 
 export interface ExchangeWireJson {
@@ -1426,6 +1430,9 @@ export const codecForAccountInfo = (): Codec<AccountInfo> =>
   buildCodecForObject<AccountInfo>()
     .property("payto_uri", codecForString())
     .property("master_sig", codecForString())
+    .property("conversion_url", codecOptional(codecForString()))
+    .property("credit_restrictions", codecForAny())
+    .property("debit_restrictions", codecForAny())
     .build("AccountInfo");
 
 export const codecForExchangeWireJson = (): Codec<ExchangeWireJson> =>
diff --git a/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts b/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts
index fa1271a7b..6b44c297d 100644
--- a/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts
+++ b/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts
@@ -35,6 +35,7 @@ import {
   bufferForUint32,
   bufferForUint64,
   buildSigPS,
+  canonicalJson,
   CoinDepositPermission,
   CoinEnvelope,
   createHashContext,
@@ -82,6 +83,7 @@ import {
   TalerProtocolTimestamp,
   TalerSignaturePurpose,
   UnblindedSignature,
+  validateIban,
   WireFee,
   WithdrawalPlanchet,
 } from "@gnu-taler/taler-util";
@@ -534,6 +536,9 @@ export interface WireAccountValidationRequest {
   paytoUri: string;
   sig: string;
   masterPub: string;
+  conversionUrl?: string;
+  debitRestrictions?: any[];
+  creditRestrictions?: any[];
 }
 
 export interface EddsaKeypair {
@@ -975,9 +980,23 @@ export const nativeCryptoR: TalerCryptoInterfaceR = {
   ): Promise<ValidationResult> {
     const { sig, masterPub, paytoUri } = req;
     const paytoHash = hashTruncate32(stringToBytes(paytoUri + "\0"));
-    const p = buildSigPS(TalerSignaturePurpose.MASTER_WIRE_DETAILS)
-      .put(paytoHash)
-      .build();
+    const pb = buildSigPS(TalerSignaturePurpose.MASTER_WIRE_DETAILS);
+    pb.put(paytoHash);
+    if (req.versionCurrent >= 15) {
+      let conversionUrlHash;
+      if (!req.conversionUrl) {
+        conversionUrlHash = new Uint8Array(64);
+      } else {
+        conversionUrlHash = hash(stringToBytes(req.conversionUrl + "\0"));
+      }
+      pb.put(conversionUrlHash);
+      pb.put(hash(stringToBytes(canonicalJson(req.debitRestrictions) + "\0")));
+      pb.put(hash(stringToBytes(canonicalJson(req.creditRestrictions) + "\0")));
+    }
+    const p = pb.build();
+    logger.info(`wire sig blob: ${encodeCrock(p)}`);
+    logger.info(`credit restrictions: ${j2s(req.creditRestrictions)}`);
+    logger.info(`debit restrictions: ${j2s(req.debitRestrictions)}`);
     return { valid: eddsaVerify(p, decodeCrock(sig), decodeCrock(masterPub)) };
   },
 
diff --git a/packages/taler-wallet-core/src/operations/exchanges.ts b/packages/taler-wallet-core/src/operations/exchanges.ts
index b5e02e64d..d8fb95755 100644
--- a/packages/taler-wallet-core/src/operations/exchanges.ts
+++ b/packages/taler-wallet-core/src/operations/exchanges.ts
@@ -253,6 +253,9 @@ async function validateWireInfo(
         paytoUri: a.payto_uri,
         sig: a.master_sig,
         versionCurrent,
+        conversionUrl: a.conversion_url,
+        creditRestrictions: a.credit_restrictions,
+        debitRestrictions: a.debit_restrictions,
       });
       isValid = v;
     }
diff --git a/packages/taler-wallet-core/src/versions.ts b/packages/taler-wallet-core/src/versions.ts
index c3bc142f0..eedaf68f6 100644
--- a/packages/taler-wallet-core/src/versions.ts
+++ b/packages/taler-wallet-core/src/versions.ts
@@ -1,6 +1,6 @@
 /*
  This file is part of GNU Taler
- (C) 2019 Taler Systems S.A.
+ (C) 2019-2023 Taler Systems S.A.
 
  GNU Taler is free software; you can redistribute it and/or modify it under the
  terms of the GNU General Public License as published by the Free Software
@@ -19,7 +19,7 @@
  *
  * Uses libtool's current:revision:age versioning.
  */
-export const WALLET_EXCHANGE_PROTOCOL_VERSION = "12:0:0";
+export const WALLET_EXCHANGE_PROTOCOL_VERSION = "15:0:2";
 
 /**
  * Protocol version spoken with the merchant.