diff options
author | Christian Grothoff <christian@grothoff.org> | 2017-04-04 17:05:38 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2017-04-04 17:05:38 +0200 |
commit | 930101256eed811b7c7b76b7cb7e8c6f797b03f7 (patch) | |
tree | 76501e1c2bdad7760d38733875d050abd8e5c174 /src | |
parent | 4b5efa4e8160634fc6cefce8dcedb38d71f76cc6 (diff) |
check payback signatures in auditor
Diffstat (limited to 'src')
-rw-r--r-- | src/auditor/taler-auditor.c | 27 |
1 files changed, 25 insertions, 2 deletions
diff --git a/src/auditor/taler-auditor.c b/src/auditor/taler-auditor.c index e89812a2a..1484c2aaa 100644 --- a/src/auditor/taler-auditor.c +++ b/src/auditor/taler-auditor.c @@ -827,13 +827,36 @@ handle_payback_by_reserve (void *cls, struct GNUNET_HashCode key; struct ReserveSummary *rs; struct GNUNET_TIME_Absolute expiry; + struct TALER_PaybackRequestPS pr; /* should be monotonically increasing */ GNUNET_assert (rowid >= pp.last_reserve_payback_serial_id); pp.last_reserve_payback_serial_id = rowid + 1; - /* TODO: check that coin signature on payback request is valid - and/or that the coin was eligible for payback! #3887!*/ + if (GNUNET_OK != + TALER_test_coin_valid (coin)) + { + report_row_inconsistency ("payback", + rowid, + "coin denomination signature invalid"); + } + pr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_PAYBACK); + pr.purpose.size = htonl (sizeof (pr)); + pr.coin_pub = coin->coin_pub; + GNUNET_CRYPTO_rsa_public_key_hash (coin->denom_pub.rsa_public_key, + &pr.h_denom_pub); + pr.coin_blind = *coin_blind; + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_PAYBACK, + &pr.purpose, + &coin_sig->eddsa_signature, + &coin->coin_pub.eddsa_pub)) + { + report_row_inconsistency ("payback", + rowid, + "coin payback signature invalid"); + } + /* TODO: check that the coin was eligible for payback! #3887!*/ GNUNET_CRYPTO_hash (reserve_pub, sizeof (*reserve_pub), |