diff options
Diffstat (limited to 'src/mint/taler-mint-httpd_deposit.c')
| -rw-r--r-- | src/mint/taler-mint-httpd_deposit.c | 145 |
1 files changed, 83 insertions, 62 deletions
diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c index 4a3713c5b..ed0eca8bb 100644 --- a/src/mint/taler-mint-httpd_deposit.c +++ b/src/mint/taler-mint-httpd_deposit.c @@ -59,19 +59,26 @@ verify_and_execute_deposit (struct MHD_Connection *connection, const struct Deposit *deposit) { struct MintKeyState *key_state; - struct TALER_CoinPublicInfo coin_info; - memcpy (&coin_info.coin_pub, - &deposit->coin_pub, - sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); - coin_info.denom_pub = deposit->denom_pub; - coin_info.denom_sig = deposit->ubsig; + /* FIXME: verify coin signature! */ + /* + if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_DEPOSIT, + &deposit->purpose, + &deposit->coin_sig, + &deposit->coin_pub)) + { + resp = json_pack ("{s:s}", "error", "Signature verfication failed"); + return TALER_MINT_reply_arg_invalid (connection, + "csig"); + } + */ key_state = TALER_MINT_key_state_acquire (); if (GNUNET_YES != TALER_MINT_test_coin_valid (key_state, - &coin_info)) + &deposit->coin)) { + LOG_WARNING ("Invalid coin passed for /deposit\n"); TALER_MINT_key_state_release (key_state); return TALER_MINT_reply_json_pack (connection, MHD_HTTP_NOT_FOUND, @@ -80,19 +87,6 @@ verify_and_execute_deposit (struct MHD_Connection *connection, } TALER_MINT_key_state_release (key_state); - /* FIXME: verify coin signature! */ - /* - if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_DEPOSIT, - &deposit->purpose, - &deposit->coin_sig, - &deposit->coin_pub)) - { - resp = json_pack ("{s:s}", "error", "Signature verfication failed"); - resp_code = MHD_HTTP_NOT_FOUND; - goto EXITIF_exit; - } - */ - return TALER_MINT_db_execute_deposit (connection, deposit); } @@ -101,12 +95,12 @@ verify_and_execute_deposit (struct MHD_Connection *connection, /** * Handle a "/deposit" request. This function parses the * JSON information and then calls #verify_and_execute_deposit() - * to verify the data and execute the deposit. + * to verify the signatures and execute the deposit. * * @param connection the MHD connection to handle * @param root root of the posted JSON * @param purpose is this a #TALER_SIGNATURE_DEPOSIT or - * #TALER_SIGNATURE_INCREMENTAL_DEPOSIT + * #TALER_SIGNATURE_INCREMENTAL_DEPOSIT // FIXME: bad type, use enum! * @param wire json describing the wire details (?) * @return MHD result code */ @@ -116,61 +110,88 @@ parse_and_handle_deposit_request (struct MHD_Connection *connection, uint32_t purpose, const json_t *wire) { - struct Deposit *deposit; + int res; + struct Deposit deposit; char *wire_enc; size_t len; - int res; + struct GNUNET_MINT_ParseFieldSpec spec[] = { + TALER_MINT_PARSE_VARIABLE ("denom_pub"), + TALER_MINT_PARSE_VARIABLE ("ubsig"), + TALER_MINT_PARSE_FIXED ("coin_pub", &deposit.coin.coin_pub), + TALER_MINT_PARSE_FIXED ("merchant_pub", &deposit.merchant_pub), + TALER_MINT_PARSE_FIXED ("H_a", &deposit.h_contract), + TALER_MINT_PARSE_FIXED ("H_wire", &deposit.h_wire), + TALER_MINT_PARSE_FIXED ("csig", &deposit.csig), + TALER_MINT_PARSE_FIXED ("transaction_id", &deposit.transaction_id), + TALER_MINT_PARSE_END + }; - // FIXME: `struct Deposit` is clearly ill-defined, we should - // not have to do this... + memset (&deposit, 0, sizeof (deposit)); + res = TALER_MINT_parse_json_data (connection, + root, + spec); + if (GNUNET_SYSERR == res) + return MHD_NO; /* hard failure */ + if (GNUNET_NO == res) + return MHD_YES; /* failure */ + deposit.coin.denom_pub + = GNUNET_CRYPTO_rsa_public_key_decode (spec[0].destination, + spec[0].destination_size_out); + if (NULL == deposit.coin.denom_pub) + { + LOG_WARNING ("Failed to parse denomination key for /deposit request\n"); + TALER_MINT_release_parsed_data (spec); + return TALER_MINT_reply_arg_invalid (connection, + "denom_pub"); + } + deposit.coin.denom_sig + = GNUNET_CRYPTO_rsa_signature_decode (spec[1].destination, + spec[1].destination_size_out); + if (NULL == deposit.coin.denom_sig) + { + LOG_WARNING ("Failed to parse unblinded signature for /deposit request\n"); + GNUNET_CRYPTO_rsa_public_key_free (deposit.coin.denom_pub); + TALER_MINT_release_parsed_data (spec); + return TALER_MINT_reply_arg_invalid (connection, + "denom_pub"); + } if (NULL == (wire_enc = json_dumps (wire, JSON_COMPACT | JSON_SORT_KEYS))) { - GNUNET_break_op (0); - return TALER_MINT_reply_json_pack (connection, - MHD_HTTP_BAD_REQUEST, - "{s:s}", - "error", "Bad format"); - + GNUNET_CRYPTO_rsa_public_key_free (deposit.coin.denom_pub); + GNUNET_CRYPTO_rsa_signature_free (deposit.coin.denom_sig); + LOG_WARNING ("Failed to parse JSON wire format specification for /deposit request\n"); + TALER_MINT_release_parsed_data (spec); + return TALER_MINT_reply_arg_invalid (connection, + "wire"); } len = strlen (wire_enc) + 1; + GNUNET_CRYPTO_hash (wire_enc, + len, + &deposit.h_wire); GNUNET_free (wire_enc); - deposit = GNUNET_malloc (sizeof (struct Deposit) + len); - { - struct GNUNET_MINT_ParseFieldSpec spec[] = - { - TALER_MINT_PARSE_FIXED ("coin_pub", &deposit->coin_pub), - TALER_MINT_PARSE_FIXED ("denom_pub", &deposit->denom_pub), - TALER_MINT_PARSE_FIXED ("ubsig", &deposit->ubsig), - TALER_MINT_PARSE_FIXED ("merchant_pub", &deposit->merchant_pub), - TALER_MINT_PARSE_FIXED ("H_a", &deposit->h_contract), - TALER_MINT_PARSE_FIXED ("H_wire", &deposit->h_wire), - TALER_MINT_PARSE_FIXED ("csig", &deposit->coin_sig), - TALER_MINT_PARSE_FIXED ("transaction_id", &deposit->transaction_id), - TALER_MINT_PARSE_END - }; - res = TALER_MINT_parse_json_data (connection, - wire, /* FIXME: wire or root here? */ - spec); - if (GNUNET_SYSERR == res) - return MHD_NO; /* hard failure */ - if (GNUNET_NO == res) - return MHD_YES; /* failure */ - - // deposit->purpose = htonl (purpose); // FIXME... - res = verify_and_execute_deposit (connection, - deposit); - TALER_MINT_release_parsed_data (spec); - } - GNUNET_free (deposit); + deposit.wire = wire; + deposit.purpose = purpose; + + // FIXME: deposit.amount not initialized! + + res = verify_and_execute_deposit (connection, + &deposit); + GNUNET_CRYPTO_rsa_public_key_free (deposit.coin.denom_pub); + GNUNET_CRYPTO_rsa_signature_free (deposit.coin.denom_sig); + TALER_MINT_release_parsed_data (spec); return res; } /** - * Handle a "/deposit" request. Parses the JSON in the post and, if + * Handle a "/deposit" request. Parses the JSON in the post to find + * the "type" (either DIRECT_DEPOSIT or INCREMENTAL_DEPOSIT), and, if * successful, passes the JSON data to - * #parse_and_handle_deposit_request(). + * #parse_and_handle_deposit_request() to further check the details + * of the operation specified in the "wire" field of the JSON data. + * If everything checks out, this will ultimately lead to the + * "/deposit" being executed, or rejected. * * @param rh context of the handler * @param connection the MHD connection to handle |