diff options
| author | Christian Grothoff <grothoff@gnunet.org> | 2023-10-16 23:30:59 +0200 |
|---|---|---|
| committer | Christian Grothoff <grothoff@gnunet.org> | 2023-10-16 23:30:59 +0200 |
| commit | a4af8963703abb882b08e75f20ef3e525447551e (patch) | |
| tree | 275641d5d9c84ef0895f7e42098da2d78aabb4fb | |
| parent | ec060fd33a0b0e3747495d9bf11dbb7e6d3933a8 (diff) | |
| download | exchange-a4af8963703abb882b08e75f20ef3e525447551e.tar.xz | |
validate exchange signing key on attestations
| -rw-r--r-- | src/include/taler_exchange_service.h | 2 | ||||
| -rw-r--r-- | src/lib/exchange_api_purse_create_with_deposit.c | 2 | ||||
| -rw-r--r-- | src/lib/exchange_api_reserves_attest.c | 25 | ||||
| -rw-r--r-- | src/testing/testing_api_cmd_reserve_attest.c | 1 |
4 files changed, 26 insertions, 4 deletions
diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index 752524498..44f43367a 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -7155,6 +7155,7 @@ typedef void * * @param ctx CURL context * @param url exchange base URL + * @param keys exchange key data * @param reserve_priv private key of the reserve to attest * @param attributes_length length of the @a attributes array * @param attributes array of names of attributes to get attestations for @@ -7167,6 +7168,7 @@ struct TALER_EXCHANGE_ReservesAttestHandle * TALER_EXCHANGE_reserves_attest ( struct GNUNET_CURL_Context *ctx, const char *url, + struct TALER_EXCHANGE_Keys *keys, const struct TALER_ReservePrivateKeyP *reserve_priv, unsigned int attributes_length, const char *attributes[const static attributes_length], diff --git a/src/lib/exchange_api_purse_create_with_deposit.c b/src/lib/exchange_api_purse_create_with_deposit.c index c64beedec..215b7847e 100644 --- a/src/lib/exchange_api_purse_create_with_deposit.c +++ b/src/lib/exchange_api_purse_create_with_deposit.c @@ -281,7 +281,7 @@ handle_purse_create_deposit_finished (void *cls, checked in the GET /coins/$COIN_PUB handler */ break; case TALER_EC_EXCHANGE_GENERIC_COIN_CONFLICTING_DENOMINATION_KEY: - // FIXME: write check (add to exchange_api_common! */ + // FIXME #7267: write check (add to exchange_api_common! */ break; case TALER_EC_EXCHANGE_PURSE_DEPOSIT_CONFLICTING_META_DATA: { diff --git a/src/lib/exchange_api_reserves_attest.c b/src/lib/exchange_api_reserves_attest.c index 2537dd16a..d5a867114 100644 --- a/src/lib/exchange_api_reserves_attest.c +++ b/src/lib/exchange_api_reserves_attest.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2014-2022 Taler Systems SA + Copyright (C) 2014-2023 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software @@ -39,6 +39,11 @@ struct TALER_EXCHANGE_ReservesAttestHandle { /** + * The keys of the this request handle will use + */ + struct TALER_EXCHANGE_Keys *keys; + + /** * The url for this request. */ char *url; @@ -112,6 +117,19 @@ handle_reserves_attest_ok (struct TALER_EXCHANGE_ReservesAttestHandle *rsh, GNUNET_break_op (0); return GNUNET_SYSERR; } + if (GNUNET_OK != + TALER_EXCHANGE_test_signing_key (rsh->keys, + &rs.details.ok.exchange_pub)) + { + GNUNET_break_op (0); + rs.hr.http_status = 0; + rs.hr.ec = TALER_EC_EXCHANGE_DEPOSITS_GET_INVALID_SIGNATURE_BY_EXCHANGE; + rsh->cb (rsh->cb_cls, + &rs); + rsh->cb = NULL; + GNUNET_JSON_parse_free (spec); + return GNUNET_SYSERR; + } rs.details.ok.attributes = attributes; if (GNUNET_OK != TALER_exchange_online_reserve_attest_details_verify ( @@ -126,8 +144,6 @@ handle_reserves_attest_ok (struct TALER_EXCHANGE_ReservesAttestHandle *rsh, GNUNET_JSON_parse_free (spec); return GNUNET_SYSERR; } - /* FIXME: validate exchange_pub is actually - a good exchange signing key */ rsh->cb (rsh->cb_cls, &rs); rsh->cb = NULL; @@ -227,6 +243,7 @@ struct TALER_EXCHANGE_ReservesAttestHandle * TALER_EXCHANGE_reserves_attest ( struct GNUNET_CURL_Context *ctx, const char *url, + struct TALER_EXCHANGE_Keys *keys, const struct TALER_ReservePrivateKeyP *reserve_priv, unsigned int attributes_length, const char *attributes[const static attributes_length], @@ -324,6 +341,7 @@ TALER_EXCHANGE_reserves_attest ( rsh->post_ctx.headers, &handle_reserves_attest_finished, rsh); + rsh->keys = TALER_EXCHANGE_keys_incref (keys); return rsh; } @@ -338,6 +356,7 @@ TALER_EXCHANGE_reserves_attest_cancel ( rsh->job = NULL; } TALER_curl_easy_post_finished (&rsh->post_ctx); + TALER_EXCHANGE_keys_decref (rsh->keys); GNUNET_free (rsh->url); GNUNET_free (rsh); } diff --git a/src/testing/testing_api_cmd_reserve_attest.c b/src/testing/testing_api_cmd_reserve_attest.c index 64b15a10d..cf4b3a0c2 100644 --- a/src/testing/testing_api_cmd_reserve_attest.c +++ b/src/testing/testing_api_cmd_reserve_attest.c @@ -185,6 +185,7 @@ attest_run (void *cls, ss->rsh = TALER_EXCHANGE_reserves_attest ( TALER_TESTING_interpreter_get_context (is), exchange_url, + TALER_TESTING_get_keys (is), ss->reserve_priv, ss->attrs_len, ss->attrs, |