aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2017-04-04 17:05:38 +0200
committerChristian Grothoff <christian@grothoff.org>2017-04-04 17:05:38 +0200
commit930101256eed811b7c7b76b7cb7e8c6f797b03f7 (patch)
tree76501e1c2bdad7760d38733875d050abd8e5c174 /src
parent4b5efa4e8160634fc6cefce8dcedb38d71f76cc6 (diff)
check payback signatures in auditor
Diffstat (limited to 'src')
-rw-r--r--src/auditor/taler-auditor.c27
1 files changed, 25 insertions, 2 deletions
diff --git a/src/auditor/taler-auditor.c b/src/auditor/taler-auditor.c
index e89812a2a..1484c2aaa 100644
--- a/src/auditor/taler-auditor.c
+++ b/src/auditor/taler-auditor.c
@@ -827,13 +827,36 @@ handle_payback_by_reserve (void *cls,
struct GNUNET_HashCode key;
struct ReserveSummary *rs;
struct GNUNET_TIME_Absolute expiry;
+ struct TALER_PaybackRequestPS pr;
/* should be monotonically increasing */
GNUNET_assert (rowid >= pp.last_reserve_payback_serial_id);
pp.last_reserve_payback_serial_id = rowid + 1;
- /* TODO: check that coin signature on payback request is valid
- and/or that the coin was eligible for payback! #3887!*/
+ if (GNUNET_OK !=
+ TALER_test_coin_valid (coin))
+ {
+ report_row_inconsistency ("payback",
+ rowid,
+ "coin denomination signature invalid");
+ }
+ pr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_PAYBACK);
+ pr.purpose.size = htonl (sizeof (pr));
+ pr.coin_pub = coin->coin_pub;
+ GNUNET_CRYPTO_rsa_public_key_hash (coin->denom_pub.rsa_public_key,
+ &pr.h_denom_pub);
+ pr.coin_blind = *coin_blind;
+ if (GNUNET_OK !=
+ GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_PAYBACK,
+ &pr.purpose,
+ &coin_sig->eddsa_signature,
+ &coin->coin_pub.eddsa_pub))
+ {
+ report_row_inconsistency ("payback",
+ rowid,
+ "coin payback signature invalid");
+ }
+ /* TODO: check that the coin was eligible for payback! #3887!*/
GNUNET_CRYPTO_hash (reserve_pub,
sizeof (*reserve_pub),