work on tokens

author: Christian Blättler <blatc2@bfh.ch> 2024-05-06 21:08:58 +0200
committer: Christian Blättler <blatc2@bfh.ch> 2024-05-06 21:08:58 +0200
commit: d1461b2485cb8a633e93f4ed59c560619f08af72 (patch)
tree: 4f02bc539ebd9fbe5aeb2b0ae75a2250b437a549 /src/backend
parent: 4a3145fca389fca1bbfc7ba61b7cafd1156ef656 (diff)
1 files changed, 26 insertions, 7 deletions
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-pay.c b/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
index 0dad53db..c56fa63b 100644
--- a/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
+++ b/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
@@ -451,7 +451,7 @@ struct PayContext
   struct GNUNET_HashCode h_wallet_data;
 
   /**
-   * Output commitment hash.
+   * Output commitment hash calculated from the 'tokens_evs' field of the request.
    */
   struct GNUNET_HashCode h_outputs;
 
@@ -2644,6 +2644,7 @@ phase_contract_paid (struct PayContext *pc)
     TALER_merchant_pay_sign (&pc->h_contract_terms,
                              &pc->hc->instance->merchant_priv,
                              &sig);
+    /* TODO: Add token_sigs to response body. */
     pay_end (pc,
              TALER_MHD_REPLY_JSON_PACK (
                pc->connection,
@@ -2938,6 +2939,7 @@ phase_check_contract (struct PayContext *pc)
 static void
 phase_parse_wallet_data (struct PayContext *pc)
 {
+  struct GNUNET_HashCode h_outputs_req;
   pc->choice_index = -1;
 
   if (NULL == pc->wallet_data)
@@ -2951,11 +2953,10 @@ phase_parse_wallet_data (struct PayContext *pc)
       GNUNET_JSON_spec_int64 ("choice_index",
                               &pc->choice_index),
       NULL),
-    /* TODO: Add h_outputs to wallet_data */
-    // GNUNET_JSON_spec_mark_optional(
-    //   GNUNET_JSON_spec_fixed_auto ("h_outputs",
-    //                                &pc->h_outputs),
-    //   NULL),
+    GNUNET_JSON_spec_mark_optional(
+      GNUNET_JSON_spec_fixed_auto ("h_outputs",
+                                   &h_outputs_req),
+      NULL),
     GNUNET_JSON_spec_end ()
   };
 
@@ -2974,6 +2975,17 @@ phase_parse_wallet_data (struct PayContext *pc)
     return;
   }
 
+  if (0 != GNUNET_CRYPTO_hash_cmp(&h_outputs_req, &pc->h_outputs))
+  {
+    GNUNET_break_op (0);
+    pay_end (pc,
+             TALER_MHD_reply_with_error (pc->connection,
+                                         MHD_HTTP_BAD_REQUEST,
+                                         TALER_EC_GENERIC_PARAMETER_MALFORMED,
+                                         "'wallet_data.h_outputs' does not match hash of tokens_evs"));
+    return;
+  }
+
   TALER_json_hash (pc->wallet_data,
                    &pc->h_wallet_data);
 
@@ -3253,9 +3265,16 @@ phase_parse_pay (struct PayContext *pc)
                pc->connection,
                MHD_HTTP_BAD_REQUEST,
                TALER_EC_GENERIC_PARAMETER_MALFORMED,
-               "'token_evs' array too long"));
+               "'tokens_evs' array too long"));
     return;
   }
+  if (0 < pc->token_envelopes_cnt)
+  {
+    /* Calculate output commitment to be verified later. */
+    TALER_json_hash (tokens_evs,
+                     &pc->h_outputs);
+
+  }
 
   pc->token_envelopes = GNUNET_new_array (pc->token_envelopes_cnt,
                                           struct TokenEnvelope);
author	Christian Blättler <blatc2@bfh.ch>	2024-05-06 21:08:58 +0200
committer	Christian Blättler <blatc2@bfh.ch>	2024-05-06 21:08:58 +0200
commit	d1461b2485cb8a633e93f4ed59c560619f08af72 (patch)
tree	4f02bc539ebd9fbe5aeb2b0ae75a2250b437a549 /src/backend
parent	4a3145fca389fca1bbfc7ba61b7cafd1156ef656 (diff)