From c4a68b896fa0889cc96cc30b2eae38e1996f4300 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Mon, 17 Aug 2015 03:56:49 +0200
Subject: add internal sig verification, pack hashes, fix testcase

---
 src/include/taler_signatures.h        | 14 +++++++-------
 src/mint-lib/mint_api_json.c          |  3 +++
 src/mint-lib/test_mint_api.c          | 10 ++++++----
 src/mint/taler-mint-httpd_responses.c | 30 ++++++++++++++++++++++++++++++
 4 files changed, 46 insertions(+), 11 deletions(-)

(limited to 'src')

diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index 043f3bda1..ffbc9fd45 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -215,12 +215,12 @@ struct TALER_WithdrawRequestPS
   /**
    * Hash of the denomination public key for the coin that is withdrawn.
    */
-  struct GNUNET_HashCode h_denomination_pub;
+  struct GNUNET_HashCode h_denomination_pub GNUNET_PACKED;
 
   /**
    * Hash of the (blinded) message to be signed by the Mint.
    */
-  struct GNUNET_HashCode h_coin_envelope;
+  struct GNUNET_HashCode h_coin_envelope GNUNET_PACKED;
 };
 
 
@@ -239,12 +239,12 @@ struct TALER_DepositRequestPS
   /**
    * Hash over the contract for which this deposit is made.
    */
-  struct GNUNET_HashCode h_contract;
+  struct GNUNET_HashCode h_contract GNUNET_PACKED;
 
   /**
    * Hash over the wiring information of the merchant.
    */
-  struct GNUNET_HashCode h_wire;
+  struct GNUNET_HashCode h_wire GNUNET_PACKED;
 
   /**
    * Time when this request was generated.  Used, for example, to
@@ -330,12 +330,12 @@ struct TALER_DepositConfirmationPS
   /**
    * Hash over the contract for which this deposit is made.
    */
-  struct GNUNET_HashCode h_contract;
+  struct GNUNET_HashCode h_contract GNUNET_PACKED;
 
   /**
    * Hash over the wiring information of the merchant.
    */
-  struct GNUNET_HashCode h_wire;
+  struct GNUNET_HashCode h_wire GNUNET_PACKED;
 
   /**
    * Merchant-generated transaction ID to detect duplicate
@@ -395,7 +395,7 @@ struct TALER_RefreshMeltCoinAffirmationPS
   /**
    * Which melting session should the coin become a part of.
    */
-  struct GNUNET_HashCode session_hash;
+  struct GNUNET_HashCode session_hash GNUNET_PACKED;
 
   /**
    * How much of the value of the coin should be melted?  This amount
diff --git a/src/mint-lib/mint_api_json.c b/src/mint-lib/mint_api_json.c
index b15173940..46f54d948 100644
--- a/src/mint-lib/mint_api_json.c
+++ b/src/mint-lib/mint_api_json.c
@@ -245,6 +245,9 @@ parse_json (json_t *root,
                                         &sig.eddsa_signature,
                                         spec[i].details.eddsa_signature.pub_key))
         {
+	  GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+		      "Failed to verify signature of purpose %u\n",
+		      ntohl (purpose->purpose));
           GNUNET_break_op (0);
           MAJ_parse_free (sig_spec);
           return i;
diff --git a/src/mint-lib/test_mint_api.c b/src/mint-lib/test_mint_api.c
index 340e9d17f..71e23f473 100644
--- a/src/mint-lib/test_mint_api.c
+++ b/src/mint-lib/test_mint_api.c
@@ -1973,31 +1973,33 @@ run (void *cls,
       .expected_response_code = MHD_HTTP_OK,
       .details.refresh_link.reveal_ref = "refresh-reveal-1" },
 
-#if TEST_REFRESH
 
     /* Test successfully spending coins from the refresh operation:
        first EUR:1 */
     { .oc = OC_DEPOSIT,
-      .label = "refresh-deposit-refreshed-1",
+      .label = "refresh-deposit-refreshed-1a",
       .expected_response_code = MHD_HTTP_OK,
       .details.deposit.amount = "EUR:1",
-      .details.deposit.coin_ref = "refresh-reveal-1a",
+      .details.deposit.coin_ref = "refresh-reveal-1",
       .details.deposit.coin_idx = 0,
       .details.deposit.wire_details = "{ \"type\":\"TEST\", \"bank\":\"dest bank\", \"account\":42 }",
       .details.deposit.contract = "{ \"items\"={ \"name\":\"ice cream\", \"value\":3 } }",
       .details.deposit.transaction_id = 2 },
+
     /* Test successfully spending coins from the refresh operation:
        finally EUR:0.1 */
     { .oc = OC_DEPOSIT,
       .label = "refresh-deposit-refreshed-1b",
       .expected_response_code = MHD_HTTP_OK,
       .details.deposit.amount = "EUR:0.1",
-      .details.deposit.coin_ref = "refresh-reveal-1b",
+      .details.deposit.coin_ref = "refresh-reveal-1",
       .details.deposit.coin_idx = 4,
       .details.deposit.wire_details = "{ \"type\":\"TEST\", \"bank\":\"dest bank\", \"account\":42 }",
       .details.deposit.contract = "{ \"items\"={ \"name\":\"ice cream\", \"value\":3 } }",
       .details.deposit.transaction_id = 2 },
 
+#if TEST_REFRESH
+
     /* Test running a failing melt operation (same operation again must fail) */
     { .oc = OC_REFRESH_MELT,
       .label = "refresh-melt-failing",
diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c
index 7a56efb9f..418bc1751 100644
--- a/src/mint/taler-mint-httpd_responses.c
+++ b/src/mint/taler-mint-httpd_responses.c
@@ -416,6 +416,19 @@ compile_transaction_history (const struct TALER_MINTDB_TransactionList *tl)
                            &deposit->deposit_fee);
         dr.merchant = deposit->merchant_pub;
         dr.coin_pub = deposit->coin.coin_pub;
+
+	/* internal sanity check before we hand out a bogus sig... */
+        if (GNUNET_OK !=
+            GNUNET_CRYPTO_eddsa_verify (ntohl (dr.purpose.purpose),
+                                        &dr.purpose,
+                                        &deposit->csig.eddsa_signature,
+                                        &deposit->coin.coin_pub.eddsa_pub))
+	{
+	  GNUNET_break (0);
+	  json_decref (history);
+	  return NULL;
+	}
+
         transaction = TALER_json_from_eddsa_sig (&dr.purpose,
                                                  &deposit->csig.eddsa_signature);
         break;
@@ -435,6 +448,19 @@ compile_transaction_history (const struct TALER_MINTDB_TransactionList *tl)
         TALER_amount_hton (&ms.melt_fee,
                            &melt->melt_fee);
         ms.coin_pub = melt->coin.coin_pub;
+
+	/* internal sanity check before we hand out a bogus sig... */
+        if (GNUNET_OK !=
+            GNUNET_CRYPTO_eddsa_verify (ntohl (ms.purpose.purpose),
+                                        &ms.purpose,
+                                        &melt->coin_sig.eddsa_signature,
+                                        &melt->coin.coin_pub.eddsa_pub))
+	{
+	  GNUNET_break (0);
+	  json_decref (history);
+	  return NULL;
+	}
+
         transaction = TALER_json_from_eddsa_sig (&ms.purpose,
                                                  &melt->coin_sig.eddsa_signature);
       }
@@ -476,6 +502,8 @@ TMH_RESPONSE_reply_deposit_insufficient_funds (struct MHD_Connection *connection
   json_t *history;
 
   history = compile_transaction_history (tl);
+  if (NULL == history)
+    return TMH_RESPONSE_reply_internal_db_error (connection);
   return TMH_RESPONSE_reply_json_pack (connection,
                                        MHD_HTTP_FORBIDDEN,
                                        "{s:s, s:o}",
@@ -710,6 +738,8 @@ TMH_RESPONSE_reply_refresh_melt_insufficient_funds (struct MHD_Connection *conne
   json_t *history;
 
   history = compile_transaction_history (tl);
+  if (NULL == history)
+    return TMH_RESPONSE_reply_internal_db_error (connection);
   return TMH_RESPONSE_reply_json_pack (connection,
                                        MHD_HTTP_FORBIDDEN,
                                        "{s:s, s:o, s:o, s:o, s:o, s:o}",
-- 
cgit v1.2.3