From 82405b0ce5593b30a1b0ee1a1995f2214a71751c Mon Sep 17 00:00:00 2001 From: Lucien Heuzeveldt Date: Thu, 6 Jan 2022 15:55:50 +0100 Subject: implement CS key handling and csr endpoint --- src/testing/.gitignore | 3 ++ src/testing/test_auditor_api.conf | 4 ++ src/testing/test_exchange_api.c | 57 +++++++++++++++++++++ .../test_exchange_api_keys_cherry_picking.conf | 8 +++ src/testing/testing_api_cmd_refresh.c | 6 ++- src/testing/testing_api_cmd_withdraw.c | 59 ++++++++++++++++++++-- src/testing/testing_api_helpers_exchange.c | 54 +++++++++++++++++--- 7 files changed, 180 insertions(+), 11 deletions(-) (limited to 'src/testing') diff --git a/src/testing/.gitignore b/src/testing/.gitignore index f721009e6..61e3a4c06 100644 --- a/src/testing/.gitignore +++ b/src/testing/.gitignore @@ -24,12 +24,15 @@ test_taler_exchange_httpd_home/.local/share/taler/taler-exchange-secmod-eddsa/ test_taler_exchange_httpd_home/.local/share/taler/taler-exchange-secmod-rsa/ test_exchange_api_keys_cherry_picking_home/.local/share/taler/crypto-rsa/ test_exchange_api_home/.local/share/taler/exchange-offline/secm_tofus.pub +test_exchange_api_home/.local/share/taler/exchange-secmod-cs/ test_exchange_api_home/.local/share/taler/exchange-secmod-eddsa/ test_exchange_api_home/.local/share/taler/exchange-secmod-rsa/ test_exchange_api_keys_cherry_picking_home/.local/share/taler/exchange-offline/secm_tofus.pub +test_exchange_api_keys_cherry_picking_home/.local/share/taler/exchange-secmod-cs/ test_exchange_api_keys_cherry_picking_home/.local/share/taler/exchange-secmod-eddsa/ test_exchange_api_keys_cherry_picking_home/.local/share/taler/exchange-secmod-rsa/ test_taler_exchange_httpd_home/.local/share/taler/exchange-offline/secm_tofus.pub +test_taler_exchange_httpd_home/.local/share/taler/exchange-secmod-cs/ test_taler_exchange_httpd_home/.local/share/taler/exchange-secmod-eddsa/ test_taler_exchange_httpd_home/.local/share/taler/exchange-secmod-rsa/ test_kyc_api diff --git a/src/testing/test_auditor_api.conf b/src/testing/test_auditor_api.conf index 03a5e2453..0b08d27ef 100644 --- a/src/testing/test_auditor_api.conf +++ b/src/testing/test_auditor_api.conf @@ -10,6 +10,10 @@ TALER_RUNTIME_DIR = ${TMPDIR:-${TMP:-/tmp}}/${USER:-}/taler-system-runtime/ # Reduce from 1 year to speed up test LOOKAHEAD_SIGN = 24 days +[taler-exchange-secmod-cs] +# Reduce from 1 year to speed up test +LOOKAHEAD_SIGN = 24 days + [taler-exchange-secmod-eddsa] # Reduce from 1 year to speed up test LOOKAHEAD_SIGN = 24 days diff --git a/src/testing/test_exchange_api.c b/src/testing/test_exchange_api.c index 59c2cb06d..29a3e5c6f 100644 --- a/src/testing/test_exchange_api.c +++ b/src/testing/test_exchange_api.c @@ -406,6 +406,60 @@ run (void *cls, TALER_TESTING_cmd_end () }; + /** + * Test CS withdrawal plus spending. + */ + struct TALER_TESTING_Command withdraw_cs[] = { + /** + * Move money to the exchange's bank account. + */ + CMD_TRANSFER_TO_EXCHANGE ("create-reserve-1", + "EUR:6.02"), + TALER_TESTING_cmd_check_bank_admin_transfer ("check-create-reserve-1", + "EUR:6.02", + bc.user42_payto, + bc.exchange_payto, + "create-reserve-1"), + /** + * Make a reserve exist, according to the previous + * transfer. + */ + CMD_EXEC_WIREWATCH ("wirewatch-1"), + /** + * Withdraw EUR:5. + */ + TALER_TESTING_cmd_withdraw_cs_amount ("withdraw-cs-coin-1", + "create-reserve-1", + "EUR:5", + MHD_HTTP_OK), + // TODO: rest of the tests + // /** + // * Withdraw EUR:1 using the SAME private coin key as for the previous coin + // * (in violation of the specification, to be detected on spending!). + // */ + // TALER_TESTING_cmd_withdraw_amount_reuse_key ("withdraw-coin-1x", + // "create-reserve-1", + // "EUR:1", + // "withdraw-coin-1", + // MHD_HTTP_OK), + // /** + // * Check the reserve is depleted. + // */ + // TALER_TESTING_cmd_status ("status-1", + // "create-reserve-1", + // "EUR:0", + // MHD_HTTP_OK), + // /* + // * Try to overdraw. + // */ + // TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-2", + // "create-reserve-1", + // "EUR:5", + // MHD_HTTP_CONFLICT), + TALER_TESTING_cmd_end () + }; + + // TODO: CS related tests /** * This block checks whether a wire deadline @@ -953,6 +1007,9 @@ run (void *cls, refresh), TALER_TESTING_cmd_batch ("track", track), + TALER_TESTING_cmd_batch ("withdraw-cs", + withdraw_cs), + // TODO: Clause Schnorr related tests TALER_TESTING_cmd_batch ("unaggregation", unaggregation), TALER_TESTING_cmd_batch ("aggregation", diff --git a/src/testing/test_exchange_api_keys_cherry_picking.conf b/src/testing/test_exchange_api_keys_cherry_picking.conf index d7dd95352..14f897c5d 100644 --- a/src/testing/test_exchange_api_keys_cherry_picking.conf +++ b/src/testing/test_exchange_api_keys_cherry_picking.conf @@ -22,6 +22,10 @@ CURRENCY = EUR # Reduce from 1 year to speed up test LOOKAHEAD_SIGN = 24 days +[taler-exchange-secmod-cs] +# Reduce from 1 year to speed up test +LOOKAHEAD_SIGN = 24 days + [taler-exchange-secmod-eddsa] # Reduce from 1 year to speed up test LOOKAHEAD_SIGN = 24 days @@ -81,6 +85,10 @@ HTTP_PORT=8082 OVERLAP_DURATION = 1 s LOOKAHEAD_SIGN = 20 s +[taler-exchange-secmod-cs] +OVERLAP_DURATION = 1 s +LOOKAHEAD_SIGN = 20 s + [taler-exchange-secmod-eddsa] OVERLAP_DURATION = 1 s DURATION = 30 s diff --git a/src/testing/testing_api_cmd_refresh.c b/src/testing/testing_api_cmd_refresh.c index d2c2c714c..0b47f5080 100644 --- a/src/testing/testing_api_cmd_refresh.c +++ b/src/testing/testing_api_cmd_refresh.c @@ -1048,8 +1048,10 @@ melt_run (void *cls, TALER_TESTING_interpreter_fail (rms->is); return; } - fresh_pk = TALER_TESTING_find_pk - (TALER_EXCHANGE_get_keys (is->exchange), &fresh_amount); + fresh_pk = TALER_TESTING_find_pk (TALER_EXCHANGE_get_keys (is->exchange), + &fresh_amount, + // FIXME: replace hardcoded value + TALER_DENOMINATION_RSA); if (NULL == fresh_pk) { GNUNET_break (0); diff --git a/src/testing/testing_api_cmd_withdraw.c b/src/testing/testing_api_cmd_withdraw.c index e87f42c34..e07eac341 100644 --- a/src/testing/testing_api_cmd_withdraw.c +++ b/src/testing/testing_api_cmd_withdraw.c @@ -72,6 +72,11 @@ struct WithdrawState */ struct TALER_Amount amount; + /** + * Type of denomination that we should withdraw + */ + enum TALER_DenominationCipher cipher; + /** * If @e amount is NULL, this specifies the denomination key to * use. Otherwise, this will be set (by the interpreter) to the @@ -261,6 +266,13 @@ reserve_withdraw_cb (void *cls, switch (wr->hr.http_status) { case MHD_HTTP_OK: + // TODO: remove + // temporary make test successful when CS + if (TALER_DENOMINATION_CS == ws->cipher) + { + break; + } + TALER_denom_sig_deep_copy (&ws->sig, &wr->details.success.sig); if (0 != ws->total_backoff.rel_value_us) @@ -388,7 +400,7 @@ withdraw_run (void *cls, &ws->reserve_pub); if (NULL == ws->reuse_coin_key_ref) { - TALER_planchet_setup_random (&ws->ps, TALER_DENOMINATION_RSA); + TALER_planchet_setup_random (&ws->ps, ws->cipher); } else { @@ -409,13 +421,14 @@ withdraw_run (void *cls, TALER_TESTING_get_trait_coin_priv (cref, index, &coin_priv)); - TALER_planchet_setup_random (&ws->ps, TALER_DENOMINATION_RSA); + TALER_planchet_setup_random (&ws->ps, ws->cipher); ws->ps.coin_priv = *coin_priv; } if (NULL == ws->pk) { dpk = TALER_TESTING_find_pk (TALER_EXCHANGE_get_keys (is->exchange), - &ws->amount); + &ws->amount, + ws->cipher); if (NULL == dpk) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, @@ -556,6 +569,44 @@ TALER_TESTING_cmd_withdraw_amount (const char *label, const char *reserve_reference, const char *amount, unsigned int expected_response_code) +{ + // TODO: ATM this is hardcoded to RSA denominations + // (use TALER_TESTING_cmd_withdraw_cs_amount for Clause Schnorr) + struct WithdrawState *ws; + + ws = GNUNET_new (struct WithdrawState); + ws->reserve_reference = reserve_reference; + if (GNUNET_OK != + TALER_string_to_amount (amount, + &ws->amount)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failed to parse amount `%s' at %s\n", + amount, + label); + GNUNET_assert (0); + } + ws->expected_response_code = expected_response_code; + ws->cipher = TALER_DENOMINATION_RSA; + { + struct TALER_TESTING_Command cmd = { + .cls = ws, + .label = label, + .run = &withdraw_run, + .cleanup = &withdraw_cleanup, + .traits = &withdraw_traits + }; + + return cmd; + } +} + + +struct TALER_TESTING_Command +TALER_TESTING_cmd_withdraw_cs_amount (const char *label, + const char *reserve_reference, + const char *amount, + unsigned int expected_response_code) { struct WithdrawState *ws; @@ -572,6 +623,7 @@ TALER_TESTING_cmd_withdraw_amount (const char *label, GNUNET_assert (0); } ws->expected_response_code = expected_response_code; + ws->cipher = TALER_DENOMINATION_CS; { struct TALER_TESTING_Command cmd = { .cls = ws, @@ -656,6 +708,7 @@ TALER_TESTING_cmd_withdraw_denomination ( ws->reserve_reference = reserve_reference; ws->pk = TALER_EXCHANGE_copy_denomination_key (dk); ws->expected_response_code = expected_response_code; + ws->cipher = dk->key.cipher; { struct TALER_TESTING_Command cmd = { .cls = ws, diff --git a/src/testing/testing_api_helpers_exchange.c b/src/testing/testing_api_helpers_exchange.c index fe7588107..a30db0336 100644 --- a/src/testing/testing_api_helpers_exchange.c +++ b/src/testing/testing_api_helpers_exchange.c @@ -416,11 +416,13 @@ TALER_TESTING_prepare_exchange (const char *config_filename, * * @param keys array of keys to search * @param amount coin value to look for + * @param cipher denomination cipher * @return NULL if no matching key was found */ const struct TALER_EXCHANGE_DenomPublicKey * TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys, - const struct TALER_Amount *amount) + const struct TALER_Amount *amount, + const enum TALER_DenominationCipher cipher) { struct GNUNET_TIME_Timestamp now; struct TALER_EXCHANGE_DenomPublicKey *pk; @@ -430,6 +432,8 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys, for (unsigned int i = 0; inum_denom_keys; i++) { pk = &keys->denom_keys[i]; + if (cipher != pk->key.cipher) + continue; if ( (0 == TALER_amount_cmp (amount, &pk->value)) && (GNUNET_TIME_timestamp_cmp (now, @@ -446,6 +450,8 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys, for (unsigned int i = 0; inum_denom_keys; i++) { pk = &keys->denom_keys[i]; + if (cipher != pk->key.cipher) + continue; if ( (0 == TALER_amount_cmp (amount, &pk->value)) && (GNUNET_TIME_timestamp_cmp (now, @@ -467,6 +473,25 @@ TALER_TESTING_find_pk (const struct TALER_EXCHANGE_Keys *keys, return NULL; } } + // do 3rd pass to check if cipher type is to blame for failure + for (unsigned int i = 0; inum_denom_keys; i++) + { + pk = &keys->denom_keys[i]; + if ( (0 == TALER_amount_cmp (amount, + &pk->value)) && + (cipher != pk->key.cipher) ) + { + GNUNET_log + (GNUNET_ERROR_TYPE_WARNING, + "Have denomination key for `%s', but with wrong" + " cipher type %d vs %d\n", + str, + cipher, + pk->key.cipher); + GNUNET_free (str); + return NULL; + } + } GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "No denomination key for amount %s found\n", str); @@ -608,9 +633,9 @@ TALER_TESTING_setup_with_exchange (TALER_TESTING_Main main_cb, * @param[in] helpers the process handles. */ static void -stop_helpers (struct GNUNET_OS_Process *helpers[2]) +stop_helpers (struct GNUNET_OS_Process *helpers[3]) { - for (unsigned int i = 0; i<2; i++) + for (unsigned int i = 0; i<3; i++) { if (NULL == helpers[i]) continue; @@ -632,7 +657,7 @@ stop_helpers (struct GNUNET_OS_Process *helpers[2]) */ static enum GNUNET_GenericReturnValue start_helpers (const char *config_filename, - struct GNUNET_OS_Process *helpers[2]) + struct GNUNET_OS_Process *helpers[3]) { char *dir; const struct GNUNET_OS_ProjectData *pd; @@ -678,9 +703,26 @@ start_helpers (const char *config_filename, NULL); GNUNET_free (fn); } + { + char *fn; + + GNUNET_asprintf (&fn, + "%s/%s", + dir, + "taler-exchange-secmod-cs"); + helpers[2] = GNUNET_OS_start_process (GNUNET_OS_INHERIT_STD_ALL, + NULL, NULL, NULL, + fn, + "taler-exchange-secmod-cs", + "-c", config_filename, + "-L", "INFO", + NULL); + GNUNET_free (fn); + } GNUNET_free (dir); if ( (NULL == helpers[0]) || - (NULL == helpers[1]) ) + (NULL == helpers[1]) || + (NULL == helpers[2]) ) { stop_helpers (helpers); return GNUNET_SYSERR; @@ -696,7 +738,7 @@ TALER_TESTING_setup_with_exchange_cfg ( { const struct TALER_TESTING_SetupContext *setup_ctx = cls; struct GNUNET_OS_Process *exchanged; - struct GNUNET_OS_Process *helpers[2]; + struct GNUNET_OS_Process *helpers[3]; unsigned long long port; char *serve; char *base_url; -- cgit v1.2.3