taler/wallet-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Activity

remove dependency in taler-wallet-lib, implement pay signature check/storage

Browse Source
This commit is contained in:
Florian Dold 2017-04-26 03:10:52 +02:00
parent 9aab9fd613
commit 79a2eed558
No known key found for this signature in database
GPG Key ID: D2E4F00F29D02A4B
11 changed files with 546 additions and 347 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
manifest.json
View File

@ -43,7 +43,6 @@
{ {
"matches": ["*://*/*"], "matches": ["*://*/*"],
"js": [ "js": [
"src/taler-wallet-lib.js",
"dist/contentScript-bundle.js" "dist/contentScript-bundle.js"
], ],
"run_at": "document_start" "run_at": "document_start"

2
node_modules/.yarn-integrity generated vendored
View File

@ -1 +1 @@
0dc42bcf25ec3d59c7bd394b1d9f751da1a3446ef6012260b277831cef6de2bf 751d3ff225403bea12799f2c0ad32d26a0ff81a4f88821c8f1615d3ddc5a9533

832
src/content_scripts/notify.ts
View File

@ -23,378 +23,530 @@
*/ */
"use strict";
import URI = require("urijs"); import URI = require("urijs");
declare var cloneInto: any; declare var cloneInto: any;
// Make sure we don't pollute the namespace too much. const PROTOCOL_VERSION = 1;
namespace TalerNotify {
const PROTOCOL_VERSION = 1;
let logVerbose: boolean = false; let logVerbose: boolean = false;
try { try {
logVerbose = !!localStorage.getItem("taler-log-verbose"); logVerbose = !!localStorage.getItem("taler-log-verbose");
} catch (e) { } catch (e) {
// can't read from local storage // can't read from local storage
} }
if (!taler) { if (document.documentElement.getAttribute("data-taler-nojs")) {
console.error("Taler wallet lib not included, HTTP 402 payments not" + document.dispatchEvent(new Event("taler-probe-result"));
" supported"); }
}
if (document.documentElement.getAttribute("data-taler-nojs")) {
document.dispatchEvent(new Event("taler-probe-result"));
}
function subst(url: string, H_contract: string) { function subst(url: string, H_contract: string) {
url = url.replace("${H_contract}", H_contract); url = url.replace("${H_contract}", H_contract);
url = url.replace("${$}", "$"); url = url.replace("${$}", "$");
return url; return url;
} }
interface Handler { interface Handler {
type: string; type: string;
listener: (e: CustomEvent) => void|Promise<void>; listener: (e: CustomEvent) => void|Promise<void>;
} }
const handlers: Handler[] = []; const handlers: Handler[] = [];
function hashContract(contract: string): Promise<string> { function hashContract(contract: string): Promise<string> {
let walletHashContractMsg = { let walletHashContractMsg = {
type: "hash-contract", type: "hash-contract",
detail: {contract} detail: {contract}
}; };
return new Promise<string>((resolve, reject) => { return new Promise<string>((resolve, reject) => {
chrome.runtime.sendMessage(walletHashContractMsg, (resp: any) => { chrome.runtime.sendMessage(walletHashContractMsg, (resp: any) => {
if (!resp.hash) { if (!resp.hash) {
console.log("error", resp); console.log("error", resp);
reject(Error("hashing failed")); reject(Error("hashing failed"));
} }
resolve(resp.hash); resolve(resp.hash);
});
}); });
} });
}
function queryPayment(url: string): Promise<any> { function queryPayment(url: string): Promise<any> {
const walletMsg = { const walletMsg = {
type: "query-payment", type: "query-payment",
detail: { url }, detail: { url },
}; };
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
chrome.runtime.sendMessage(walletMsg, (resp: any) => { chrome.runtime.sendMessage(walletMsg, (resp: any) => {
resolve(resp);
});
});
}
function putHistory(historyEntry: any): Promise<void> {
const walletMsg = {
type: "put-history-entry",
detail: {
historyEntry,
},
};
return new Promise<void>((resolve, reject) => {
chrome.runtime.sendMessage(walletMsg, (resp: any) => {
resolve();
});
});
}
function saveOffer(offer: any): Promise<number> {
const walletMsg = {
type: "save-offer",
detail: {
offer: {
contract: offer.data,
merchant_sig: offer.sig,
H_contract: offer.hash,
offer_time: new Date().getTime() / 1000
},
},
};
return new Promise<number>((resolve, reject) => {
chrome.runtime.sendMessage(walletMsg, (resp: any) => {
if (resp && resp.error) {
reject(resp);
} else {
resolve(resp); resolve(resp);
}); }
}); });
});
}
let sheet: CSSStyleSheet|null;
function initStyle() {
logVerbose && console.log("taking over styles");
const name = "taler-presence-stylesheet";
const content = "/* Taler stylesheet controlled by JS */";
let style = document.getElementById(name) as HTMLStyleElement|null;
if (!style) {
style = document.createElement("style");
// Needed by WebKit
style.appendChild(document.createTextNode(content));
style.id = name;
document.head.appendChild(style);
sheet = style.sheet as CSSStyleSheet;
} else {
// We've taken over the stylesheet now,
// make it clear by clearing all the rules in it
// and making it obvious in the DOM.
if (style.tagName.toLowerCase() === "style") {
style.innerText = content;
}
if (!style.sheet) {
throw Error("taler-presence-stylesheet should be a style sheet (<link> or <style>)");
}
sheet = style.sheet as CSSStyleSheet;
while (sheet.cssRules.length > 0) {
sheet.deleteRule(0);
}
}
}
function setStyles(installed: boolean) {
if (!sheet || !sheet.cssRules) {
return;
}
while (sheet.cssRules.length > 0) {
sheet.deleteRule(0);
}
if (installed) {
sheet.insertRule(".taler-installed-hide { display: none; }", 0);
sheet.insertRule(".taler-probed-hide { display: none; }", 0);
} else {
sheet.insertRule(".taler-installed-show { display: none; }", 0);
}
}
function handlePaymentResponse(walletResp: any) {
/**
* Handle a failed payment.
*
* Try to notify the wallet first, before we show a potentially
* synchronous error message (such as an alert) or leave the page.
*/
function handleFailedPayment(r: XMLHttpRequest) {
let timeoutHandle: number|null = null;
function err() {
// FIXME: proper error reporting!
console.log("pay-failed", {status: r.status, response: r.responseText});
}
function onTimeout() {
timeoutHandle = null
err();
}
talerPaymentFailed(walletResp.H_contract).then(() => {
if (timeoutHandle != null) {
clearTimeout(timeoutHandle);
timeoutHandle = null;
}
err();
})
timeoutHandle = setTimeout(onTimeout, 200);
} }
function putHistory(historyEntry: any): Promise<void> {
const walletMsg = {
type: "put-history-entry",
detail: {
historyEntry,
},
};
return new Promise<void>((resolve, reject) => {
chrome.runtime.sendMessage(walletMsg, (resp: any) => {
resolve();
});
});
}
function saveOffer(offer: any): Promise<number> { logVerbose && console.log("handling taler-notify-payment: ", walletResp);
const walletMsg = { // Payment timeout in ms.
type: "save-offer", let timeout_ms = 1000;
detail: { // Current request.
offer: { let r: XMLHttpRequest|null;
contract: offer.data, let timeoutHandle: number|null = null;
merchant_sig: offer.sig, function sendPay() {
H_contract: offer.hash, r = new XMLHttpRequest();
offer_time: new Date().getTime() / 1000 r.open("post", walletResp.contract.pay_url);
}, r.setRequestHeader("Content-Type", "application/json;charset=UTF-8");
}, r.send(JSON.stringify(walletResp.payReq));
}; r.onload = function() {
return new Promise<number>((resolve, reject) => { if (!r) {
chrome.runtime.sendMessage(walletMsg, (resp: any) => {
if (resp && resp.error) {
reject(resp);
} else {
resolve(resp);
}
});
});
}
function init() {
chrome.runtime.sendMessage({type: "get-tab-cookie"}, (resp) => {
if (chrome.runtime.lastError) {
logVerbose && console.log("extension not yet ready");
window.setTimeout(init, 200);
return; return;
} }
registerHandlers(); switch (r.status) {
// Hack to know when the extension is unloaded case 200:
let port = chrome.runtime.connect(); const merchantResp = JSON.parse(r.responseText);
logVerbose && console.log("got success from pay_url");
talerPaymentSucceeded({H_contract: walletResp.H_contract, merchantSig: merchantResp.sig}).then(() => {
let nextUrl = walletResp.contract.fulfillment_url;
logVerbose && console.log("taler-payment-succeeded done, going to", nextUrl);
window.location.href = nextUrl;
window.location.reload(true);
});
break;
default:
handleFailedPayment(r);
break;
}
r = null;
if (timeoutHandle != null) {
clearTimeout(timeoutHandle!);
timeoutHandle = null;
}
};
function retry() {
if (r) {
r.abort();
r = null;
}
timeout_ms = Math.min(timeout_ms * 2, 10 * 1000);
logVerbose && console.log("sendPay timed out, retrying in ", timeout_ms, "ms");
sendPay();
}
timeoutHandle = setTimeout(retry, timeout_ms);
}
sendPay();
}
port.onDisconnect.addListener(() => {
logVerbose && console.log("chrome runtime disconnected, removing handlers");
for (let handler of handlers) {
document.removeEventListener(handler.type, handler.listener);
}
});
if (resp && resp.type == "pay") { function init() {
logVerbose && console.log("doing taler.pay with", resp.payDetail); chrome.runtime.sendMessage({type: "get-tab-cookie"}, (resp) => {
taler.internalPay(resp.payDetail); if (chrome.runtime.lastError) {
document.documentElement.style.visibility = "hidden"; logVerbose && console.log("extension not yet ready");
window.setTimeout(init, 200);
return;
}
initStyle();
setStyles(true);
registerHandlers();
// Hack to know when the extension is unloaded
let port = chrome.runtime.connect();
port.onDisconnect.addListener(() => {
logVerbose && console.log("chrome runtime disconnected, removing handlers");
setStyles(false);
for (let handler of handlers) {
document.removeEventListener(handler.type, handler.listener);
} }
}); });
}
logVerbose && console.log("loading Taler content script"); if (resp && resp.type == "pay") {
init(); logVerbose && console.log("doing taler.pay with", resp.payDetail);
talerPay(resp.payDetail).then(handlePaymentResponse);
document.documentElement.style.visibility = "hidden";
}
});
}
interface HandlerFn { interface HandlerFn {
(detail: any, sendResponse: (msg: any) => void): void; (detail: any, sendResponse: (msg: any) => void): void;
} }
function generateNonce(): Promise<string> { function generateNonce(): Promise<string> {
const walletMsg = { const walletMsg = {
type: "generate-nonce", type: "generate-nonce",
}; };
return new Promise<string>((resolve, reject) => { return new Promise<string>((resolve, reject) => {
chrome.runtime.sendMessage(walletMsg, (resp: any) => { chrome.runtime.sendMessage(walletMsg, (resp: any) => {
resolve(resp); resolve(resp);
});
}); });
} });
}
function downloadContract(url: string, nonce: string): Promise<any> { function downloadContract(url: string, nonce: string): Promise<any> {
let parsed_url = new URI(url); let parsed_url = new URI(url);
url = parsed_url.setQuery({nonce}).href(); url = parsed_url.setQuery({nonce}).href();
// FIXME: include and check nonce! // FIXME: include and check nonce!
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
const contract_request = new XMLHttpRequest(); const contract_request = new XMLHttpRequest();
console.log("downloading contract from '" + url + "'") console.log("downloading contract from '" + url + "'")
contract_request.open("GET", url, true); contract_request.open("GET", url, true);
contract_request.onload = function (e) { contract_request.onload = function (e) {
if (contract_request.readyState == 4) { if (contract_request.readyState == 4) {
if (contract_request.status == 200) { if (contract_request.status == 200) {
console.log("response text:", console.log("response text:",
contract_request.responseText); contract_request.responseText);
var contract_wrapper = JSON.parse(contract_request.responseText); var contract_wrapper = JSON.parse(contract_request.responseText);
if (!contract_wrapper) { if (!contract_wrapper) {
console.error("response text was invalid json"); console.error("response text was invalid json");
let detail = {hint: "invalid json", status: contract_request.status, body: contract_request.responseText}; let detail = {hint: "invalid json", status: contract_request.status, body: contract_request.responseText};
reject(detail);
return;
}
resolve(contract_wrapper);
} else {
let detail = {hint: "contract download failed", status: contract_request.status, body: contract_request.responseText};
reject(detail); reject(detail);
return; return;
} }
} resolve(contract_wrapper);
}; } else {
contract_request.onerror = function (e) { let detail = {hint: "contract download failed", status: contract_request.status, body: contract_request.responseText};
let detail = {hint: "contract download failed", status: contract_request.status, body: contract_request.responseText}; reject(detail);
reject(detail);
return;
};
contract_request.send();
});
}
async function processProposal(proposal: any) {
if (!proposal.data) {
console.error("field proposal.data field missing");
return;
}
if (!proposal.hash) {
console.error("proposal.hash field missing");
return;
}
let contractHash = await hashContract(proposal.data);
if (contractHash != proposal.hash) {
console.error("merchant-supplied contract hash is wrong");
return;
}
let merchantName = "(unknown)";
try {
merchantName = proposal.data.merchant.name;
} catch (e) {
// bad contract / name not included
}
let historyEntry = {
timestamp: (new Date).getTime(),
subjectId: `contract-${contractHash}`,
type: "offer-contract",
detail: {
contractHash,
merchantName,
}
};
await putHistory(historyEntry);
let offerId = await saveOffer(proposal);
const uri = new URI(chrome.extension.getURL(
"/src/pages/confirm-contract.html"));
const params = {
offerId: offerId.toString(),
};
const target = uri.query(params).href();
document.location.replace(target);
}
function registerHandlers() {
/**
* Add a handler for a DOM event, which automatically
* handles adding sequence numbers to responses.
*/
function addHandler(type: string, handler: HandlerFn) {
let handlerWrap = (e: CustomEvent) => {
if (e.type != type) {
throw Error(`invariant violated`);
}
let callId: number|undefined = undefined;
if (e.detail && e.detail.callId != undefined) {
callId = e.detail.callId;
}
let responder = (msg?: any) => {
let fullMsg = Object.assign({}, msg, {callId});
let opts = { detail: fullMsg };
if ("function" == typeof cloneInto) {
opts = cloneInto(opts, document.defaultView);
}
let evt = new CustomEvent(type + "-result", opts);
document.dispatchEvent(evt);
};
handler(e.detail, responder);
};
document.addEventListener(type, handlerWrap);
handlers.push({type, listener: handlerWrap});
}
addHandler("taler-query-id", (msg: any, sendResponse: any) => {
// FIXME: maybe include this info in taoer-probe?
sendResponse({id: chrome.runtime.id})
});
addHandler("taler-probe", (msg: any, sendResponse: any) => {
sendResponse();
});
addHandler("taler-create-reserve", (msg: any) => {
let params = {
amount: JSON.stringify(msg.amount),
callback_url: new URI(msg.callback_url)
.absoluteTo(document.location.href),
bank_url: document.location.href,
wt_types: JSON.stringify(msg.wt_types),
suggested_exchange_url: msg.suggested_exchange_url,
};
let uri = new URI(chrome.extension.getURL("/src/pages/confirm-create-reserve.html"));
let redirectUrl = uri.query(params).href();
window.location.href = redirectUrl;
});
addHandler("taler-add-auditor", (msg: any) => {
let params = {
req: JSON.stringify(msg),
};
let uri = new URI(chrome.extension.getURL("/src/pages/add-auditor.html"));
let redirectUrl = uri.query(params).href();
window.location.href = redirectUrl;
});
addHandler("taler-confirm-reserve", (msg: any, sendResponse: any) => {
let walletMsg = {
type: "confirm-reserve",
detail: {
reservePub: msg.reserve_pub
}
};
chrome.runtime.sendMessage(walletMsg, (resp) => {
sendResponse();
});
});
addHandler("taler-confirm-contract", async(msg: any) => {
if (!msg.contract_wrapper) {
console.error("contract wrapper missing");
return;
}
const proposal = msg.contract_wrapper;
processProposal(proposal);
});
addHandler("taler-pay", async(msg: any, sendResponse: any) => {
// current URL without fragment
let url = new URI(document.location.href).fragment("").href();
let res = await queryPayment(url);
logVerbose && console.log("taler-pay: got response", res);
if (res && res.payReq) {
sendResponse(res);
return;
}
if (msg.contract_url) {
let nonce = await generateNonce();
let proposal = await downloadContract(msg.contract_url, nonce);
if (proposal.data.nonce != nonce) {
console.error("stale contract");
return; return;
} }
await processProposal(proposal);
return;
} }
};
if (msg.offer_url) { contract_request.onerror = function (e) {
document.location.href = msg.offer_url; let detail = {hint: "contract download failed", status: contract_request.status, body: contract_request.responseText};
return; reject(detail);
} return;
};
console.log("can't proceed with payment, no way to get contract specified"); contract_request.send();
}); });
addHandler("taler-payment-failed", (msg: any, sendResponse: any) => {
const walletMsg = {
type: "payment-failed",
detail: {
contractHash: msg.H_contract
},
};
chrome.runtime.sendMessage(walletMsg, (resp) => {
sendResponse();
})
});
addHandler("taler-payment-succeeded", (msg: any, sendResponse: any) => {
if (!msg.H_contract) {
console.error("H_contract missing in taler-payment-succeeded");
return;
}
logVerbose && console.log("got taler-payment-succeeded");
const walletMsg = {
type: "payment-succeeded",
detail: {
contractHash: msg.H_contract,
},
};
chrome.runtime.sendMessage(walletMsg, (resp) => {
sendResponse();
})
});
}
} }
async function processProposal(proposal: any) {
if (!proposal.data) {
console.error("field proposal.data field missing");
return;
}
if (!proposal.hash) {
console.error("proposal.hash field missing");
return;
}
let contractHash = await hashContract(proposal.data);
if (contractHash != proposal.hash) {
console.error("merchant-supplied contract hash is wrong");
return;
}
let merchantName = "(unknown)";
try {
merchantName = proposal.data.merchant.name;
} catch (e) {
// bad contract / name not included
}
let historyEntry = {
timestamp: (new Date).getTime(),
subjectId: `contract-${contractHash}`,
type: "offer-contract",
detail: {
contractHash,
merchantName,
}
};
await putHistory(historyEntry);
let offerId = await saveOffer(proposal);
const uri = new URI(chrome.extension.getURL(
"/src/pages/confirm-contract.html"));
const params = {
offerId: offerId.toString(),
};
const target = uri.query(params).href();
document.location.replace(target);
}
function talerPay(msg: any): Promise<any> {
return new Promise(async(resolve, reject) => {
// current URL without fragment
let url = new URI(document.location.href).fragment("").href();
let res = await queryPayment(url);
logVerbose && console.log("taler-pay: got response", res);
if (res && res.payReq) {
resolve(res);
return;
}
if (msg.contract_url) {
let nonce = await generateNonce();
let proposal = await downloadContract(msg.contract_url, nonce);
if (proposal.data.nonce != nonce) {
console.error("stale contract");
return;
}
await processProposal(proposal);
return;
}
if (msg.offer_url) {
document.location.href = msg.offer_url;
return;
}
console.log("can't proceed with payment, no way to get contract specified");
});
}
function talerPaymentFailed(H_contract: string) {
return new Promise(async(resolve, reject) => {
const walletMsg = {
type: "payment-failed",
detail: {
contractHash: H_contract
},
};
chrome.runtime.sendMessage(walletMsg, (resp) => {
resolve();
});
});
}
function talerPaymentSucceeded(msg: any) {
return new Promise((resolve, reject) => {
if (!msg.H_contract) {
console.error("H_contract missing in taler-payment-succeeded");
return;
}
if (!msg.merchantSig) {
console.error("merchantSig missing in taler-payment-succeeded");
return;
}
logVerbose && console.log("got taler-payment-succeeded");
const walletMsg = {
type: "payment-succeeded",
detail: {
merchantSig: msg.merchantSig,
contractHash: msg.H_contract,
},
};
chrome.runtime.sendMessage(walletMsg, (resp) => {
resolve();
});
});
}
function registerHandlers() {
/**
* Add a handler for a DOM event, which automatically
* handles adding sequence numbers to responses.
*/
function addHandler(type: string, handler: HandlerFn) {
let handlerWrap = (e: CustomEvent) => {
if (e.type != type) {
throw Error(`invariant violated`);
}
let callId: number|undefined = undefined;
if (e.detail && e.detail.callId != undefined) {
callId = e.detail.callId;
}
let responder = (msg?: any) => {
let fullMsg = Object.assign({}, msg, {callId});
let opts = { detail: fullMsg };
if ("function" == typeof cloneInto) {
opts = cloneInto(opts, document.defaultView);
}
let evt = new CustomEvent(type + "-result", opts);
document.dispatchEvent(evt);
};
handler(e.detail, responder);
};
document.addEventListener(type, handlerWrap);
handlers.push({type, listener: handlerWrap});
}
addHandler("taler-query-id", (msg: any, sendResponse: any) => {
// FIXME: maybe include this info in taoer-probe?
sendResponse({id: chrome.runtime.id})
});
addHandler("taler-probe", (msg: any, sendResponse: any) => {
sendResponse();
});
addHandler("taler-create-reserve", (msg: any) => {
let params = {
amount: JSON.stringify(msg.amount),
callback_url: new URI(msg.callback_url)
.absoluteTo(document.location.href),
bank_url: document.location.href,
wt_types: JSON.stringify(msg.wt_types),
suggested_exchange_url: msg.suggested_exchange_url,
};
let uri = new URI(chrome.extension.getURL("/src/pages/confirm-create-reserve.html"));
let redirectUrl = uri.query(params).href();
window.location.href = redirectUrl;
});
addHandler("taler-add-auditor", (msg: any) => {
let params = {
req: JSON.stringify(msg),
};
let uri = new URI(chrome.extension.getURL("/src/pages/add-auditor.html"));
let redirectUrl = uri.query(params).href();
window.location.href = redirectUrl;
});
addHandler("taler-confirm-reserve", (msg: any, sendResponse: any) => {
let walletMsg = {
type: "confirm-reserve",
detail: {
reservePub: msg.reserve_pub
}
};
chrome.runtime.sendMessage(walletMsg, (resp) => {
sendResponse();
});
});
addHandler("taler-confirm-contract", async(msg: any) => {
if (!msg.contract_wrapper) {
console.error("contract wrapper missing");
return;
}
const proposal = msg.contract_wrapper;
processProposal(proposal);
});
addHandler("taler-pay", async(msg: any, sendResponse: any) => {
let resp = await talerPay(msg);
sendResponse(resp);
});
addHandler("taler-payment-failed", async(msg: any, sendResponse: any) => {
await talerPaymentFailed(msg.H_contract);
sendResponse();
});
addHandler("taler-payment-succeeded", async(msg: any, sendResponse: any) => {
await talerPaymentSucceeded(msg);
sendResponse();
});
}
logVerbose && console.log("loading Taler content script");
init();

4
src/cryptoApi.ts
View File

@ -235,6 +235,10 @@ export class CryptoApi {
return this.doRpc<boolean>("isValidDenom", 2, denom, masterPub); return this.doRpc<boolean>("isValidDenom", 2, denom, masterPub);
} }
isValidPaymentSignature(sig: string, contractHash: string, merchantPub: string) {
return this.doRpc<PayCoinInfo>("isValidPaymentSignature", 1, sig, contractHash, merchantPub);
}
signDeposit(offer: OfferRecord, signDeposit(offer: OfferRecord,
cds: CoinWithDenom[]): Promise<PayCoinInfo> { cds: CoinWithDenom[]): Promise<PayCoinInfo> {
return this.doRpc<PayCoinInfo>("signDeposit", 3, offer, cds); return this.doRpc<PayCoinInfo>("signDeposit", 3, offer, cds);

14
src/cryptoWorker.ts
View File

@ -97,6 +97,20 @@ namespace RpcFunctions {
} }
export function isValidPaymentSignature(sig: string, contractHash: string, merchantPub: string) {
let p = new native.PaymentSignaturePS({
contract_hash: native.HashCode.fromCrock(contractHash),
});
let nativeSig = new native.EddsaSignature();
nativeSig.loadCrock(sig);
let nativePub = native.EddsaPublicKey.fromCrock(merchantPub);
return native.eddsaVerify(native.SignaturePurpose.MERCHANT_PAYMENT_OK,
p.toPurpose(),
nativeSig,
nativePub);
}
export function isValidDenom(denom: DenominationRecord, export function isValidDenom(denom: DenominationRecord,
masterPub: string): boolean { masterPub: string): boolean {
let p = new native.DenominationKeyValidityPS({ let p = new native.DenominationKeyValidityPS({

21
src/emscriptif.ts
View File

@ -206,6 +206,7 @@ export enum SignaturePurpose {
MASTER_DENOMINATION_KEY_VALIDITY = 1025, MASTER_DENOMINATION_KEY_VALIDITY = 1025,
WALLET_COIN_MELT = 1202, WALLET_COIN_MELT = 1202,
TEST = 4242, TEST = 4242,
MERCHANT_PAYMENT_OK = 1104,
} }
@ -1134,6 +1135,26 @@ export class DenominationKeyValidityPS extends SignatureStruct {
} }
} }
export interface PaymentSignaturePS_args {
contract_hash: HashCode;
}
export class PaymentSignaturePS extends SignatureStruct {
constructor(w: PaymentSignaturePS_args) {
super(w);
}
purpose() {
return SignaturePurpose.MERCHANT_PAYMENT_OK;
}
fieldTypes() {
return [
["contract_hash", HashCode],
];
}
}
export class RsaPublicKey extends MallocArenaObject { export class RsaPublicKey extends MallocArenaObject {
static fromCrock(s: string): RsaPublicKey { static fromCrock(s: string): RsaPublicKey {

1
src/taler-wallet-lib.ts
View File

@ -1 +0,0 @@
../web-common/taler-wallet-lib.ts

9
src/wallet.ts
View File

@ -1787,7 +1787,7 @@ export class Wallet {
} }
async paymentSucceeded(contractHash: string): Promise<any> { async paymentSucceeded(contractHash: string, merchantSig: string): Promise<any> {
const doPaymentSucceeded = async() => { const doPaymentSucceeded = async() => {
let t = await this.q().get<TransactionRecord>(Stores.transactions, let t = await this.q().get<TransactionRecord>(Stores.transactions,
contractHash); contractHash);
@ -1795,6 +1795,13 @@ export class Wallet {
console.error("contract not found"); console.error("contract not found");
return; return;
} }
let merchantPub = t.contract.merchant_pub;
let valid = this.cryptoApi.isValidPaymentSignature(merchantSig, contractHash, merchantPub);
if (!valid) {
console.error("merchant payment signature invalid");
// FIXME: properly display error
return;
}
t.finished = true; t.finished = true;
let modifiedCoins: CoinRecord[] = []; let modifiedCoins: CoinRecord[] = [];
for (let pc of t.payReq.coins) { for (let pc of t.payReq.coins) {

6
src/wxBackend.ts
View File

@ -254,10 +254,14 @@ function makeHandlers(db: IDBDatabase,
}, },
["payment-succeeded"]: function (detail, sender) { ["payment-succeeded"]: function (detail, sender) {
let contractHash = detail.contractHash; let contractHash = detail.contractHash;
let merchantSig = detail.merchantSig;
if (!contractHash) { if (!contractHash) {
return Promise.reject(Error("contractHash missing")); return Promise.reject(Error("contractHash missing"));
} }
return wallet.paymentSucceeded(contractHash); if (!merchantSig) {
return Promise.reject(Error("merchantSig missing"));
}
return wallet.paymentSucceeded(contractHash, merchantSig);
}, },
}; };
} }

1
tsconfig.json
View File

@ -48,7 +48,6 @@
"src/pages/tree.tsx", "src/pages/tree.tsx",
"src/query.ts", "src/query.ts",
"src/renderHtml.tsx", "src/renderHtml.tsx",
"src/taler-wallet-lib.ts",
"src/types-test.ts", "src/types-test.ts",
"src/types.ts", "src/types.ts",
"src/wallet-test.ts", "src/wallet-test.ts",

2
web-common

@ -1 +1 @@
Subproject commit d7e013594d15388b1a7342a44a0e9c8d4ecca82d Subproject commit a8bff2e27b89feb3696cf0e3a49fc00155d92de5