wallet-core: check master public key in /wire response

3 files changed, 36 insertions, 7 deletions

diff --git a/packages/taler-harness/src/index.ts b/packages/taler-harness/src/index.ts
index ada573698..b185e151d 100644
--- a/packages/taler-harness/src/index.ts
+++ b/packages/taler-harness/src/index.ts
@@ -24,6 +24,7 @@ import path from "path";
 import {
   addPaytoQueryParams,
   Amounts,
+  codecForExchangeWireJson,
   Configuration,
   decodeCrock,
   j2s,
@@ -47,7 +48,7 @@ import { lintExchangeDeployment } from "./lint.js";
 import { runEnvFull } from "./env-full.js";
 import { clk } from "@gnu-taler/taler-util/clk";
 import { createPlatformHttpLib } from "@gnu-taler/taler-util/http";
-import { BankAccessApiClient } from "@gnu-taler/taler-wallet-core";
+import { BankAccessApiClient, validateWireInfo } from "@gnu-taler/taler-wallet-core";
 
 const logger = new Logger("taler-harness:index.ts");
 
@@ -85,6 +86,14 @@ const advancedCli = testingCli.subcommand("advancedArgs", "advanced", {
 });
 
 advancedCli
+  .subcommand("validateWireResponse", "validate-wire-response")
+  .action((args) => {
+    const wireResp = fs.readFileSync(0, "utf8");
+    const respJson = JSON.parse(wireResp);
+    const wireInfo = codecForExchangeWireJson().decode(respJson);
+  });
+
+advancedCli
   .subcommand("decode", "decode", {
     help: "Decode base32-crockford.",
   })
diff --git a/packages/taler-util/src/taler-types.ts b/packages/taler-util/src/taler-types.ts
index 48eb49d22..f9e39e77e 100644
--- a/packages/taler-util/src/taler-types.ts
+++ b/packages/taler-util/src/taler-types.ts
@@ -843,6 +843,7 @@ export interface AccountInfo {
 }
 
 export interface ExchangeWireJson {
+  master_public_key: string;
   accounts: AccountInfo[];
   fees: { [methodName: string]: WireFeesJson[] };
 }
@@ -1432,6 +1433,7 @@ export const codecForExchangeWireJson = (): Codec<ExchangeWireJson> =>
   buildCodecForObject<ExchangeWireJson>()
     .property("accounts", codecForList(codecForAccountInfo()))
     .property("fees", codecForMap(codecForList(codecForWireFeesJson())))
+    .property("master_public_key", codecForString())
     .build("ExchangeWireJson");
 
 export const codecForProposal = (): Codec<Proposal> =>
diff --git a/packages/taler-wallet-core/src/operations/exchanges.ts b/packages/taler-wallet-core/src/operations/exchanges.ts
index d9051b32f..1fce92caf 100644
--- a/packages/taler-wallet-core/src/operations/exchanges.ts
+++ b/packages/taler-wallet-core/src/operations/exchanges.ts
@@ -63,7 +63,7 @@ import {
   ExchangeRecord,
   WalletStoresV1,
 } from "../db.js";
-import { isWithdrawableDenom } from "../index.js";
+import { isWithdrawableDenom, TalerCryptoInterface } from "../index.js";
 import { InternalWalletState, TrustInfo } from "../internal-wallet-state.js";
 import { checkDbInvariant } from "../util/invariants.js";
 import {
@@ -236,12 +236,25 @@ export async function acceptExchangeTermsOfService(
     });
 }
 
-async function validateWireInfo(
-  ws: InternalWalletState,
-  versionCurrent: number,
-  wireInfo: ExchangeWireJson,
-  masterPublicKey: string,
+export interface ValidateWireInfoArgs {
+  cryptoApi: TalerCryptoInterface;
+
+  /**
+   * Exchange major protocol version.
+   */
+  versionCurrent?: number;
+
+  wireInfo: ExchangeWireJson;
+
+  insecureTrustExchange?: boolean;
+
+  masterPublicKey: string;
+}
+
+export async function validateWireInfo(
+  args: ValidateWireInfoArgs,
 ): Promise<WireInfo> {
+  const { wireInfo, masterPublicKey, insecureTrustExchange } = args;
   for (const a of wireInfo.accounts) {
     logger.trace("validating exchange acct");
     let isValid = false;
@@ -632,6 +645,11 @@ export async function updateExchangeFromUrlHandler(
     throw Error("unexpected invalid version");
   }
 
+  if (wireInfoDownload.master_public_key != keysInfo.masterPublicKey) {
+    // FIXME: introduce error code
+    throw Error("inconsistent master public key between /keys and /wire");
+  }
+
   const wireInfo = await validateWireInfo(
     ws,
     version.current,