From 780eb20227d07afeea654e8b883790b6b1ab8e1c Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 31 Oct 2022 16:50:54 +0100 Subject: [PATCH] wallet-core: fix deposit with age restrictions --- packages/taler-util/src/taler-types.ts | 64 +++++++++++++++++++ packages/taler-wallet-cli/Makefile | 2 +- .../src/crypto/cryptoImplementation.ts | 5 +- .../src/crypto/workers/nodeThreadWorker.ts | 3 +- .../src/operations/deposits.ts | 5 +- 5 files changed, 72 insertions(+), 7 deletions(-) diff --git a/packages/taler-util/src/taler-types.ts b/packages/taler-util/src/taler-types.ts index 71ceb7939..e6223ca76 100644 --- a/packages/taler-util/src/taler-types.ts +++ b/packages/taler-util/src/taler-types.ts @@ -289,6 +289,8 @@ export interface CoinDepositPermission { minimum_age_sig?: EddsaSignatureString; age_commitment?: Edx25519PublicKeyEnc[]; + + h_age_commitment?: string; } /** @@ -1972,3 +1974,65 @@ export interface ExchangePurseDeposits { // Array of coins to deposit into the purse. deposits: PurseDeposit[]; } + +export interface ExchangeDepositRequest { + // Amount to be deposited, can be a fraction of the + // coin's total value. + contribution: AmountString; + + // The merchant's account details. + // In case of an auction policy, it refers to the seller. + merchant_payto_uri: string; + + // The salt is used to hide the payto_uri from customers + // when computing the h_wire of the merchant. + wire_salt: string; + + // SHA-512 hash of the contract of the merchant with the customer. Further + // details are never disclosed to the exchange. + h_contract_terms: HashCodeString; + + // Hash of denomination RSA key with which the coin is signed. + denom_pub_hash: HashCodeString; + + // Exchange's unblinded RSA signature of the coin. + ub_sig: UnblindedSignature; + + // Timestamp when the contract was finalized. + timestamp: TalerProtocolTimestamp; + + // Indicative time by which the exchange undertakes to transfer the funds to + // the merchant, in case of successful payment. A wire transfer deadline of 'never' + // is not allowed. + wire_transfer_deadline: TalerProtocolTimestamp; + + // EdDSA public key of the merchant, so that the client can identify the + // merchant for refund requests. + // + // THIS FIELD WILL BE DEPRECATED, once the refund mechanism becomes a + // policy via extension. + merchant_pub: EddsaPublicKeyString; + + // Date until which the merchant can issue a refund to the customer via the + // exchange, to be omitted if refunds are not allowed. + // + // THIS FIELD WILL BE DEPRECATED, once the refund mechanism becomes a + // policy via extension. + refund_deadline?: TalerProtocolTimestamp; + + // CAVEAT: THIS IS WORK IN PROGRESS + // (Optional) policy for the deposit. + // This might be a refund, auction or escrow policy. + // + // Note that support for policies is an optional feature of the exchange. + // Optional features are so called "extensions" in Taler. The exchange + // provides the list of supported extensions, including policies, in the + // ExtensionsManifestsResponse response to the /keys endpoint. + policy?: any; + + // Signature over TALER_DepositRequestPS, made by the customer with the + // coin's private key. + coin_sig: EddsaSignatureString; + + h_age_commitment?: string; +} diff --git a/packages/taler-wallet-cli/Makefile b/packages/taler-wallet-cli/Makefile index 56e298aa8..5e734a40f 100644 --- a/packages/taler-wallet-cli/Makefile +++ b/packages/taler-wallet-cli/Makefile @@ -15,7 +15,7 @@ warn-noprefix: install: warn-noprefix else install_target = $(prefix)/lib/taler-wallet-cli -.PHONY: install +.PHONY: install install-nodeps install: pnpm install --frozen-lockfile --filter @gnu-taler/taler-wallet-cli... install -d $(prefix)/bin diff --git a/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts b/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts index 98bb6c9cb..892d3fc8f 100644 --- a/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts +++ b/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts @@ -1074,13 +1074,11 @@ export const nativeCryptoR: TalerCryptoInterfaceR = { // FIXME: put extensions here if used const hExt = new Uint8Array(64); let hAgeCommitment: Uint8Array; - let maybeAgeCommitmentHash: string | undefined = undefined; let minimumAgeSig: string | undefined = undefined; if (depositInfo.ageCommitmentProof) { const ach = AgeRestriction.hashCommitment( depositInfo.ageCommitmentProof.commitment, ); - maybeAgeCommitmentHash = ach; hAgeCommitment = decodeCrock(ach); if (depositInfo.requiredMinimumAge != null) { minimumAgeSig = encodeCrock( @@ -1130,11 +1128,12 @@ export const nativeCryptoR: TalerCryptoInterfaceR = { }; if (depositInfo.requiredMinimumAge != null) { + // These are only required by the merchant s.minimum_age_sig = minimumAgeSig; s.age_commitment = depositInfo.ageCommitmentProof?.commitment.publicKeys; } else if (depositInfo.ageCommitmentProof) { - (s as any).h_age_commitment = encodeCrock(hAgeCommitment); + s.h_age_commitment = encodeCrock(hAgeCommitment); } return s; diff --git a/packages/taler-wallet-core/src/crypto/workers/nodeThreadWorker.ts b/packages/taler-wallet-core/src/crypto/workers/nodeThreadWorker.ts index de8f12902..f255e3cfd 100644 --- a/packages/taler-wallet-core/src/crypto/workers/nodeThreadWorker.ts +++ b/packages/taler-wallet-core/src/crypto/workers/nodeThreadWorker.ts @@ -19,6 +19,7 @@ */ import { Logger } from "@gnu-taler/taler-util"; import os from "os"; +import url from "url"; import { nativeCryptoR } from "../cryptoImplementation.js"; import { CryptoWorkerFactory } from "./cryptoDispatcher.js"; import { CryptoWorker } from "./cryptoWorkerInterface.js"; @@ -26,7 +27,7 @@ import { processRequestWithImpl } from "./worker-common.js"; const logger = new Logger("nodeThreadWorker.ts"); -const f = import.meta.url; +const f = url.fileURLToPath(import.meta.url); const workerCode = ` // Try loading the glue library for embedded diff --git a/packages/taler-wallet-core/src/operations/deposits.ts b/packages/taler-wallet-core/src/operations/deposits.ts index 7e87dafb8..2b27d0f8f 100644 --- a/packages/taler-wallet-core/src/operations/deposits.ts +++ b/packages/taler-wallet-core/src/operations/deposits.ts @@ -30,6 +30,7 @@ import { DepositGroupFees, durationFromSpec, encodeCrock, + ExchangeDepositRequest, GetFeeForDepositRequest, getRandomBytes, hashWire, @@ -112,8 +113,7 @@ export async function processDepositGroup( continue; } const perm = depositPermissions[i]; - let requestBody: any; - requestBody = { + const requestBody: ExchangeDepositRequest = { contribution: Amounts.stringify(perm.contribution), merchant_payto_uri: depositGroup.wire.payto_uri, wire_salt: depositGroup.wire.salt, @@ -126,6 +126,7 @@ export async function processDepositGroup( coin_sig: perm.coin_sig, denom_pub_hash: perm.h_denom, merchant_pub: depositGroup.merchantPub, + h_age_commitment: perm.h_age_commitment, }; // Check for cancellation before making network request. options.cancellationToken?.throwIfCancelled();