diff options
| author | Christian Grothoff <christian@grothoff.org> | 2015-01-28 19:48:41 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2015-01-28 19:48:41 +0100 |
| commit | 2e0e30291c4e490389f85bbd4973374f0adf22f4 (patch) | |
| tree | 8d5f306cb967e7e7ab137b133206c7414bbb6f35 /src/mint/taler-mint-httpd_responses.c | |
| parent | e19f1906a3363f0f49553d35d95429c92bec29d4 (diff) | |
sign /deposit reply so that merchant has proof that mint accepted it
Diffstat (limited to 'src/mint/taler-mint-httpd_responses.c')
| -rw-r--r-- | src/mint/taler-mint-httpd_responses.c | 60 |
1 files changed, 41 insertions, 19 deletions
diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c index 8a0d7e797..58addf98d 100644 --- a/src/mint/taler-mint-httpd_responses.c +++ b/src/mint/taler-mint-httpd_responses.c @@ -24,8 +24,6 @@ * @author Christian Grothoff * * TODO: - * - when generating /deposit reply, do include signature of mint - * to say that we accepted it (check reply format) * - when generating /withdraw/status reply, which signature do * we use there? Might want to instead return *all* signatures on the * existig withdraw operations, instead of Mint's signature @@ -275,14 +273,36 @@ TALER_MINT_reply_deposit_success (struct MHD_Connection *connection, const struct GNUNET_CRYPTO_EddsaPublicKey *merchant, const struct TALER_Amount *amount) { - // FIXME: return more information here, - // including in particular a signature over - // the deposit data from the mint! - return TALER_MINT_reply_json_pack (connection, - MHD_HTTP_OK, - "{s:s}", - "status", - "DEPOSIT_OK"); + struct TALER_DepositConfirmation dc; + struct GNUNET_CRYPTO_EddsaSignature sig; + json_t *sig_json; + int ret; + + dc.purpose.purpose = htonl (TALER_SIGNATURE_MINT_DEPOSIT); + dc.purpose.size = htonl (sizeof (struct TALER_DepositConfirmation)); + dc.h_contract = *h_contract; + dc.h_wire = *h_wire; + dc.transaction_id = GNUNET_htonll (transaction_id); + dc.amount = TALER_amount_hton (*amount); + dc.coin_pub = *coin_pub; + dc.merchant = *merchant; + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_sign (&mint_priv, + &dc.purpose, + &sig)) + { + LOG_WARNING ("Failed to create EdDSA signature using my private key\n"); + return TALER_MINT_reply_internal_error (connection, + "Failed to EdDSA-sign response\n"); + } + sig_json = TALER_JSON_from_sig (&dc.purpose, &sig); + ret = TALER_MINT_reply_json_pack (connection, + MHD_HTTP_OK, + "{s:s, s:o}", + "status", "DEPOSIT_OK", + "signature", sig_json); + json_decref (sig_json); + return ret; } @@ -356,30 +376,32 @@ TALER_MINT_reply_refresh_melt_success (struct MHD_Connection *connection, const struct RefreshSession *session, const struct GNUNET_CRYPTO_EddsaPublicKey *session_pub) { - json_t *root; + int ret; json_t *list; struct GNUNET_HashContext *hash_context; struct RefreshMeltResponseSignatureBody body; struct GNUNET_CRYPTO_EddsaSignature sig; json_t *sig_json; - root = json_object (); list = json_array (); - json_object_set_new (root, "blind_session_pubs", list); hash_context = GNUNET_CRYPTO_hash_context_start (); body.purpose.size = htonl (sizeof (struct RefreshMeltResponseSignatureBody)); body.purpose.purpose = htonl (TALER_SIGNATURE_REFRESH_MELT_RESPONSE); /* FIXME: should we not add something to the hash_context in the meantime? */ - GNUNET_CRYPTO_hash_context_finish (hash_context, &body.melt_response_hash); + GNUNET_CRYPTO_hash_context_finish (hash_context, + &body.melt_response_hash); TALER_MINT_keys_sign (&body.purpose, &sig); sig_json = TALER_JSON_from_sig (&body.purpose, &sig); GNUNET_assert (NULL != sig_json); - json_object_set (root, "signature", sig_json); - - return TALER_MINT_reply_json (connection, - root, - MHD_HTTP_OK); + ret = TALER_MINT_reply_json_pack (connection, + MHD_HTTP_OK, + "{s:o, s:o}", + "signature", sig_json, + "blind_session_pubs", list); + json_decref (sig_json); + json_decref (list); + return ret; } |