From a4af8963703abb882b08e75f20ef3e525447551e Mon Sep 17 00:00:00 2001
From: Christian Grothoff <grothoff@gnunet.org>
Date: Mon, 16 Oct 2023 23:30:59 +0200
Subject: validate exchange signing key on attestations

---
 src/include/taler_exchange_service.h             |  2 ++
 src/lib/exchange_api_purse_create_with_deposit.c |  2 +-
 src/lib/exchange_api_reserves_attest.c           | 25 +++++++++++++++++++++---
 src/testing/testing_api_cmd_reserve_attest.c     |  1 +
 4 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h
index 752524498..44f43367a 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -7155,6 +7155,7 @@ typedef void
  *
  * @param ctx CURL context
  * @param url exchange base URL
+ * @param keys exchange key data
  * @param reserve_priv private key of the reserve to attest
  * @param attributes_length length of the @a attributes array
  * @param attributes array of names of attributes to get attestations for
@@ -7167,6 +7168,7 @@ struct TALER_EXCHANGE_ReservesAttestHandle *
 TALER_EXCHANGE_reserves_attest (
   struct GNUNET_CURL_Context *ctx,
   const char *url,
+  struct TALER_EXCHANGE_Keys *keys,
   const struct TALER_ReservePrivateKeyP *reserve_priv,
   unsigned int attributes_length,
   const char *attributes[const static attributes_length],
diff --git a/src/lib/exchange_api_purse_create_with_deposit.c b/src/lib/exchange_api_purse_create_with_deposit.c
index c64beedec..215b7847e 100644
--- a/src/lib/exchange_api_purse_create_with_deposit.c
+++ b/src/lib/exchange_api_purse_create_with_deposit.c
@@ -281,7 +281,7 @@ handle_purse_create_deposit_finished (void *cls,
            checked in the GET /coins/$COIN_PUB handler */
         break;
       case TALER_EC_EXCHANGE_GENERIC_COIN_CONFLICTING_DENOMINATION_KEY:
-        // FIXME: write check (add to exchange_api_common! */
+        // FIXME #7267: write check (add to exchange_api_common! */
         break;
       case TALER_EC_EXCHANGE_PURSE_DEPOSIT_CONFLICTING_META_DATA:
         {
diff --git a/src/lib/exchange_api_reserves_attest.c b/src/lib/exchange_api_reserves_attest.c
index 2537dd16a..d5a867114 100644
--- a/src/lib/exchange_api_reserves_attest.c
+++ b/src/lib/exchange_api_reserves_attest.c
@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  Copyright (C) 2014-2022 Taler Systems SA
+  Copyright (C) 2014-2023 Taler Systems SA
 
   TALER is free software; you can redistribute it and/or modify it under the
   terms of the GNU General Public License as published by the Free Software
@@ -38,6 +38,11 @@
 struct TALER_EXCHANGE_ReservesAttestHandle
 {
 
+  /**
+   * The keys of the this request handle will use
+   */
+  struct TALER_EXCHANGE_Keys *keys;
+
   /**
    * The url for this request.
    */
@@ -112,6 +117,19 @@ handle_reserves_attest_ok (struct TALER_EXCHANGE_ReservesAttestHandle *rsh,
     GNUNET_break_op (0);
     return GNUNET_SYSERR;
   }
+  if (GNUNET_OK !=
+      TALER_EXCHANGE_test_signing_key (rsh->keys,
+                                       &rs.details.ok.exchange_pub))
+  {
+    GNUNET_break_op (0);
+    rs.hr.http_status = 0;
+    rs.hr.ec = TALER_EC_EXCHANGE_DEPOSITS_GET_INVALID_SIGNATURE_BY_EXCHANGE;
+    rsh->cb (rsh->cb_cls,
+             &rs);
+    rsh->cb = NULL;
+    GNUNET_JSON_parse_free (spec);
+    return GNUNET_SYSERR;
+  }
   rs.details.ok.attributes = attributes;
   if (GNUNET_OK !=
       TALER_exchange_online_reserve_attest_details_verify (
@@ -126,8 +144,6 @@ handle_reserves_attest_ok (struct TALER_EXCHANGE_ReservesAttestHandle *rsh,
     GNUNET_JSON_parse_free (spec);
     return GNUNET_SYSERR;
   }
-  /* FIXME: validate exchange_pub is actually
-     a good exchange signing key */
   rsh->cb (rsh->cb_cls,
            &rs);
   rsh->cb = NULL;
@@ -227,6 +243,7 @@ struct TALER_EXCHANGE_ReservesAttestHandle *
 TALER_EXCHANGE_reserves_attest (
   struct GNUNET_CURL_Context *ctx,
   const char *url,
+  struct TALER_EXCHANGE_Keys *keys,
   const struct TALER_ReservePrivateKeyP *reserve_priv,
   unsigned int attributes_length,
   const char *attributes[const static attributes_length],
@@ -324,6 +341,7 @@ TALER_EXCHANGE_reserves_attest (
                                    rsh->post_ctx.headers,
                                    &handle_reserves_attest_finished,
                                    rsh);
+  rsh->keys = TALER_EXCHANGE_keys_incref (keys);
   return rsh;
 }
 
@@ -338,6 +356,7 @@ TALER_EXCHANGE_reserves_attest_cancel (
     rsh->job = NULL;
   }
   TALER_curl_easy_post_finished (&rsh->post_ctx);
+  TALER_EXCHANGE_keys_decref (rsh->keys);
   GNUNET_free (rsh->url);
   GNUNET_free (rsh);
 }
diff --git a/src/testing/testing_api_cmd_reserve_attest.c b/src/testing/testing_api_cmd_reserve_attest.c
index 64b15a10d..cf4b3a0c2 100644
--- a/src/testing/testing_api_cmd_reserve_attest.c
+++ b/src/testing/testing_api_cmd_reserve_attest.c
@@ -185,6 +185,7 @@ attest_run (void *cls,
   ss->rsh = TALER_EXCHANGE_reserves_attest (
     TALER_TESTING_interpreter_get_context (is),
     exchange_url,
+    TALER_TESTING_get_keys (is),
     ss->reserve_priv,
     ss->attrs_len,
     ss->attrs,
-- 
cgit v1.2.3