[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-exchange] 02/02: verify deposit signature during aud
From: |
gnunet |
Subject: |
[GNUnet-SVN] [taler-exchange] 02/02: verify deposit signature during audit |
Date: |
Fri, 17 Mar 2017 14:08:04 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
commit 06c23275587272873b49801648c7fb52331fbdf9
Author: Christian Grothoff <address@hidden>
AuthorDate: Fri Mar 17 14:09:58 2017 +0100
verify deposit signature during audit
---
src/auditor/Makefile.am | 1 +
src/auditor/taler-auditor.c | 32 ++++++++++++++++++++++++++++-
src/exchangedb/plugin_exchangedb_postgres.c | 1 +
src/exchangedb/test_exchangedb.c | 20 +++++++++---------
src/include/taler_exchangedb_plugin.h | 2 ++
5 files changed, 45 insertions(+), 11 deletions(-)
diff --git a/src/auditor/Makefile.am b/src/auditor/Makefile.am
index c5d55a4..04e7dcb 100644
--- a/src/auditor/Makefile.am
+++ b/src/auditor/Makefile.am
@@ -20,6 +20,7 @@ taler_auditor_SOURCES = \
taler_auditor_LDADD = \
$(LIBGCRYPT_LIBS) \
$(top_builddir)/src/util/libtalerutil.la \
+ $(top_builddir)/src/json/libtalerjson.la \
$(top_builddir)/src/wire/libtalerwire.la \
$(top_builddir)/src/exchangedb/libtalerexchangedb.la \
$(top_builddir)/src/auditordb/libtalerauditordb.la \
diff --git a/src/auditor/taler-auditor.c b/src/auditor/taler-auditor.c
index f795897..c018a71 100644
--- a/src/auditor/taler-auditor.c
+++ b/src/auditor/taler-auditor.c
@@ -1425,6 +1425,7 @@ refresh_session_cb (void *cls,
*
* @param cls closure
* @param rowid unique serial ID for the deposit in our DB
+ * @param timestamp when did the deposit happen
* @param merchant_pub public key of the merchant
* @param coin_pub public key of the coin
* @param coin_sig signature from the coin
@@ -1441,6 +1442,7 @@ refresh_session_cb (void *cls,
static int
deposit_cb (void *cls,
uint64_t rowid,
+ struct GNUNET_TIME_Absolute timestamp,
const struct TALER_MerchantPublicKeyP *merchant_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig,
@@ -1454,6 +1456,7 @@ deposit_cb (void *cls,
struct CoinContext *cc = cls;
struct CoinSummary *cs;
const struct TALER_EXCHANGEDB_DenominationKeyInformationP *dki;
+ struct TALER_DepositRequestPS dr;
cs = get_coin_summary (cc,
coin_pub);
@@ -1464,7 +1467,34 @@ deposit_cb (void *cls,
}
dki = cs->dki;
- // TODO: verify signature
+ dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT);
+ dr.purpose.size = htonl (sizeof (dr));
+ dr.h_proposal_data = *h_proposal_data;
+ if (GNUNET_OK !=
+ TALER_JSON_hash (receiver_wire_account,
+ &dr.h_wire))
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
+ dr.timestamp = GNUNET_TIME_absolute_hton (timestamp);
+ dr.refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline);
+ TALER_amount_hton (&dr.amount_with_fee,
+ amount_with_fee);
+ dr.deposit_fee = dki->properties.fee_deposit;
+ dr.merchant = *merchant_pub;
+ dr.coin_pub = *coin_pub;
+ if (GNUNET_OK !=
+ GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT,
+ &dr.purpose,
+ &coin_sig->eddsa_signature,
+ &coin_pub->eddsa_pub))
+ {
+ report_row_inconsistency ("deposit",
+ rowid,
+ "invalid signature for coin deposit");
+ return GNUNET_OK;
+ }
// TODO: update expected amounts in 'cc'
return GNUNET_OK;
diff --git a/src/exchangedb/plugin_exchangedb_postgres.c
b/src/exchangedb/plugin_exchangedb_postgres.c
index 26d6b87..b00bc7b 100644
--- a/src/exchangedb/plugin_exchangedb_postgres.c
+++ b/src/exchangedb/plugin_exchangedb_postgres.c
@@ -4762,6 +4762,7 @@ postgres_select_deposits_above_serial_id (void *cls,
}
cb (cb_cls,
rowid,
+ deposit.timestamp,
&deposit.merchant_pub,
&deposit.coin.coin_pub,
&deposit.csig,
diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c
index 9b4cfde..2097b0a 100644
--- a/src/exchangedb/test_exchangedb.c
+++ b/src/exchangedb/test_exchangedb.c
@@ -502,33 +502,31 @@ check_transfer_data (void *cls,
*ok = GNUNET_SYSERR;
}
+
/**
* Function called with details about coins that were melted,
* with the goal of auditing the refresh's execution.
*
+ *
* @param cls closure
* @param rowid unique serial ID for the refresh session in our DB
- * @param merchant_pub public key of the merchant
* @param coin_pub public key of the coin
* @param coin_sig signature from the coin
* @param amount_with_fee amount that was deposited including fee
- * @param h_proposal_data hash of the proposal data known to merchant and
customer
- * @param refund_deadline by which the merchant adviced that he might want
- * to get a refund
- * @param wire_deadline by which the merchant adviced that he would like the
- * wire transfer to be executed
- * @param receiver_wire_account wire details for the merchant, NULL from
iterate_matching_deposits()
- * @param done flag set if the deposit was already executed (or not)
+ * @param num_newcoins how many coins were issued
+ * @param noreveal_index which index was picked by the exchange in
cut-and-choose
+ * @param session_hash what is the session hash
* @return #GNUNET_OK to continue to iterate, #GNUNET_SYSERR to stop
*/
-int
+static int
audit_refresh_session_cb (void *cls,
uint64_t rowid,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig,
const struct TALER_Amount *amount_with_fee,
uint16_t num_newcoins,
- uint16_t noreveal_index)
+ uint16_t noreveal_index,
+ const struct GNUNET_HashCode *session_hash)
{
auditor_row_cnt++;
return GNUNET_OK;
@@ -953,6 +951,7 @@ deposit_cb (void *cls,
*
* @param cls closure
* @param rowid unique serial ID for the deposit in our DB
+ * @param timestamp when did the deposit happen
* @param merchant_pub public key of the merchant
* @param coin_pub public key of the coin
* @param coin_sig signature from the coin
@@ -969,6 +968,7 @@ deposit_cb (void *cls,
static int
audit_deposit_cb (void *cls,
uint64_t rowid,
+ struct GNUNET_TIME_Absolute timestamp,
const struct TALER_MerchantPublicKeyP *merchant_pub,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig,
diff --git a/src/include/taler_exchangedb_plugin.h
b/src/include/taler_exchangedb_plugin.h
index 524025e..a365e35 100644
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@@ -590,6 +590,7 @@ typedef void
*
* @param cls closure
* @param rowid unique serial ID for the deposit in our DB
+ * @param timestamp when did the deposit happen
* @param merchant_pub public key of the merchant
* @param coin_pub public key of the coin
* @param coin_sig signature from the coin
@@ -606,6 +607,7 @@ typedef void
typedef int
(*TALER_EXCHANGEDB_DepositCallback)(void *cls,
uint64_t rowid,
+ struct GNUNET_TIME_Absolute timestamp,
const struct TALER_MerchantPublicKeyP
*merchant_pub,
const struct TALER_CoinSpendPublicKeyP
*coin_pub,
const struct TALER_CoinSpendSignatureP
*coin_sig,
--
To stop receiving notification emails like this one, please contact
address@hidden