check validity period of token issue key

author: Christian Blättler <blatc2@bfh.ch> 2024-06-06 15:03:44 +0200
committer: Christian Blättler <blatc2@bfh.ch> 2024-06-06 15:03:44 +0200
commit: 6466a9909e7de186cef7aa0b70694d3c75db2c79 (patch)
tree: 2ecda40beb34e667905e8b501c442de8eec85f68
parent: 6f4486ffac5db888832e125ab4a9fbd673b69369 (diff)
2 files changed, 57 insertions, 7 deletions
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-pay.c b/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
index 4160230d..f69d163e 100644
--- a/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
+++ b/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
@@ -2082,14 +2082,14 @@ phase_execute_pay_transaction (struct PayContext *pc)
                                            "insert used token"));
       return;
     }
-    else if (0 == qs)
+    else if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
     {
-      /* UNIQUE constreaint violation --> Token already used. */
+      /* UNIQUE constraint violation, meaining this token was already used. */
       pay_end (pc,
                TALER_MHD_reply_with_error (pc->connection,
                                            MHD_HTTP_CONFLICT,
                                            TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_TOKEN_INVALID,
-                                           "tokens"));
+                                           NULL));
       return;
     }
   }
@@ -2468,10 +2468,11 @@ phase_validate_tokens (struct PayContext *pc)
     selected = pc->choices[pc->choice_index];
 
     /* 1. Iterate over inputs of selected choice:
-          1.1. Get public key for each input lookup_token_key (slug, valid_after).
-          1.2. Iterate over provided tokens and check if required number with matching h_issue are present.
-          1.3. Validate ub_sig with the issue public key, validate token_sig using the token_pub key of the request.
-          1.4. Sum up validated tokens and check if validated_len == tokens_cnt after loop. */
+          1.1. Get key for each input.
+          1.2. Check if token signed by this key are valid at the current time.
+          1.3. Iterate over provided tokens and check if required number with matching h_issue are present.
+          1.4. Validate ub_sig with the issue public key, validate token_sig using the token_pub key of the request.
+          1.5. Sum up validated tokens and check if validated_len == tokens_cnt after loop. */
     for (unsigned int i = 0; i<selected.inputs_len; i++)
     {
       struct TALER_MerchantContractInput input = selected.inputs[i];
@@ -2484,6 +2485,7 @@ phase_validate_tokens (struct PayContext *pc)
         continue;
       }
 
+      /* TODO: Replace this with ordering convention. */
       if (GNUNET_OK != TMH_find_token_family_key (input.details.token.token_family_slug,
                                                   input.details.token.valid_after,
                                                   pc->token_families,
@@ -2502,6 +2504,26 @@ phase_validate_tokens (struct PayContext *pc)
         return;
       }
 
+      struct GNUNET_TIME_Timestamp now = GNUNET_TIME_timestamp_get ();
+
+      /* Ensure tokens signed by this key are valid at the current time. */
+      if (GNUNET_TIME_timestamp_cmp (key.valid_after, >, now) ||
+          GNUNET_TIME_timestamp_cmp (key.valid_before, <=, now))
+      {
+        GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+                    "Token family key validity period from %s to %s "
+                    "is not valid at the current time\n",
+                    GNUNET_TIME_timestamp2s (key.valid_after),
+                    GNUNET_TIME_timestamp2s (key.valid_before));
+        GNUNET_break (0);
+        pay_end (pc,
+                 TALER_MHD_reply_with_error (pc->connection,
+                                             MHD_HTTP_CONFLICT,
+                                             TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_TOKEN_INVALID,
+                                             NULL));
+        return;
+      }
+
       if (GNUNET_NO == find_valid_input_tokens (pc,
                                                 &key,
                                                 input.details.token.count))
diff --git a/src/testing/test_merchant_api.c b/src/testing/test_merchant_api.c
index 4ac4d96a..6a98572d 100644
--- a/src/testing/test_merchant_api.c
+++ b/src/testing/test_merchant_api.c
@@ -1682,6 +1682,34 @@ run (void *cls,
                                        "EUR:5",
                                        0,
                                        MHD_HTTP_OK),
+    TALER_TESTING_cmd_merchant_post_tokenfamilies ("create-upcoming-tokenfamily",
+                                                   merchant_url,
+                                                   MHD_HTTP_NO_CONTENT,
+                                                   "subscription-upcoming",
+                                                   "Upcoming Subscription",
+                                                   "An upcoming subscription that is not valid yet.",
+                                                   NULL,
+                                                   /* In one day */
+                                                   GNUNET_TIME_absolute_to_timestamp(
+                                                    GNUNET_TIME_absolute_add (
+                                                      GNUNET_TIME_timestamp_get ().abs_time, GNUNET_TIME_UNIT_DAYS)),
+                                                   /* In a year */
+                                                   GNUNET_TIME_absolute_to_timestamp(
+                                                    GNUNET_TIME_absolute_add (
+                                                      GNUNET_TIME_timestamp_get ().abs_time, GNUNET_TIME_UNIT_YEARS)),
+                                                   GNUNET_TIME_UNIT_MONTHS,
+                                                   "subscription"),
+    TALER_TESTING_cmd_merchant_post_orders_choices ("create-order-with-upcoming-output",
+                                                    cred.cfg,
+                                                    merchant_url,
+                                                    MHD_HTTP_CONFLICT,
+                                                    "create-upcoming-tokenfamily",
+                                                    0,
+                                                    1,
+                                                    "5-upcoming-output",
+                                                    GNUNET_TIME_UNIT_ZERO_TS,
+                                                    GNUNET_TIME_UNIT_FOREVER_TS,
+                                                    "EUR:5.0"),
     TALER_TESTING_cmd_merchant_post_tokenfamilies ("create-tokenfamily",
                                                    merchant_url,
                                                    MHD_HTTP_NO_CONTENT,
author	Christian Blättler <blatc2@bfh.ch>	2024-06-06 15:03:44 +0200
committer	Christian Blättler <blatc2@bfh.ch>	2024-06-06 15:03:44 +0200
commit	6466a9909e7de186cef7aa0b70694d3c75db2c79 (patch)
tree	2ecda40beb34e667905e8b501c442de8eec85f68
parent	6f4486ffac5db888832e125ab4a9fbd673b69369 (diff)