diff options
author | Florian Dold <florian.dold@gmail.com> | 2020-03-13 19:04:16 +0530 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2020-03-13 19:04:16 +0530 |
commit | 1744b1a80063397105081a4d5aeec76936781345 (patch) | |
tree | 53399350dba33fd6e7c916b3c177e36ff7e283f9 /src/operations | |
parent | 51eef5419a37187f437115316a00ceec91e4addb (diff) | |
download | wallet-core-1744b1a80063397105081a4d5aeec76936781345.tar.xz |
signature verification for recoup
Diffstat (limited to 'src/operations')
-rw-r--r-- | src/operations/exchanges.ts | 2 | ||||
-rw-r--r-- | src/operations/recoup.ts | 42 |
2 files changed, 43 insertions, 1 deletions
diff --git a/src/operations/exchanges.ts b/src/operations/exchanges.ts index 04238e61d..f920a5a59 100644 --- a/src/operations/exchanges.ts +++ b/src/operations/exchanges.ts @@ -211,12 +211,14 @@ async function updateExchangeWithKeys( if (r.details) { // FIXME: We need to do some consistency checks! } + // FIXME: validate signing keys and merge with old set r.details = { auditors: exchangeKeysJson.auditors, currency: currency, lastUpdateTime: lastUpdateTimestamp, masterPublicKey: exchangeKeysJson.master_public_key, protocolVersion: protocolVersion, + signingKeys: exchangeKeysJson.signkeys, }; r.updateStatus = ExchangeUpdateStatus.FetchWire; r.lastError = undefined; diff --git a/src/operations/recoup.ts b/src/operations/recoup.ts index 29753ce28..163f77591 100644 --- a/src/operations/recoup.ts +++ b/src/operations/recoup.ts @@ -142,7 +142,26 @@ async function recoupWithdrawCoin( throw Error(`Coin's reserve doesn't match reserve on recoup`); } - // FIXME: verify signature + const exchange = await ws.db.get(Stores.exchanges, coin.exchangeBaseUrl); + if (!exchange) { + // FIXME: report inconsistency? + return; + } + const exchangeDetails = exchange.details; + if (!exchangeDetails) { + // FIXME: report inconsistency? + return; + } + + const isValid = ws.cryptoApi.isValidRecoupConfirmation( + coin.coinPub, + recoupConfirmation, + exchangeDetails.signingKeys, + ); + + if (!isValid) { + throw Error("invalid recoup confirmation signature"); + } // FIXME: verify that our expectations about the amount match @@ -207,6 +226,27 @@ async function recoupRefreshCoin( throw Error(`Coin's oldCoinPub doesn't match reserve on recoup`); } + const exchange = await ws.db.get(Stores.exchanges, coin.exchangeBaseUrl); + if (!exchange) { + // FIXME: report inconsistency? + return; + } + const exchangeDetails = exchange.details; + if (!exchangeDetails) { + // FIXME: report inconsistency? + return; + } + + const isValid = ws.cryptoApi.isValidRecoupConfirmation( + coin.coinPub, + recoupConfirmation, + exchangeDetails.signingKeys, + ); + + if (!isValid) { + throw Error("invalid recoup confirmation signature"); + } + const refreshGroupId = await ws.db.runWithWriteTransaction( [Stores.coins, Stores.reserves], async tx => { |