LCOV - code coverage report
Current view: top level - auditor - taler-auditor-httpd_deposit-confirmation.c (source / functions) Hit Total Coverage
Test: GNU Taler exchange coverage report Lines: 81 103 78.6 %
Date: 2021-08-30 06:43:37 Functions: 4 4 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :   This file is part of TALER
       3             :   Copyright (C) 2014-2020 Taler Systems SA
       4             : 
       5             :   TALER is free software; you can redistribute it and/or modify it under the
       6             :   terms of the GNU Affero General Public License as published by the Free Software
       7             :   Foundation; either version 3, or (at your option) any later version.
       8             : 
       9             :   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
      10             :   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
      11             :   A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more details.
      12             : 
      13             :   You should have received a copy of the GNU Affero General Public License along with
      14             :   TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
      15             : */
      16             : /**
      17             :  * @file taler-auditor-httpd_deposit-confirmation.c
      18             :  * @brief Handle /deposit-confirmation requests; parses the POST and JSON and
      19             :  *        verifies the coin signature before handing things off
      20             :  *        to the database.
      21             :  * @author Christian Grothoff
      22             :  */
      23             : #include "platform.h"
      24             : #include <gnunet/gnunet_util_lib.h>
      25             : #include <gnunet/gnunet_json_lib.h>
      26             : #include <jansson.h>
      27             : #include <microhttpd.h>
      28             : #include <pthread.h>
      29             : #include "taler_json_lib.h"
      30             : #include "taler_mhd_lib.h"
      31             : #include "taler-auditor-httpd.h"
      32             : #include "taler-auditor-httpd_deposit-confirmation.h"
      33             : 
      34             : 
      35             : /**
      36             :  * Cache of already verified exchange signing keys.  Maps the hash of the
      37             :  * `struct TALER_ExchangeSigningKeyValidityPS` to the (static) string
      38             :  * "verified" or "revoked".  Access to this map is guarded by the #lock.
      39             :  */
      40             : static struct GNUNET_CONTAINER_MultiHashMap *cache;
      41             : 
      42             : /**
      43             :  * Lock for operations on #cache.
      44             :  */
      45             : static pthread_mutex_t lock;
      46             : 
      47             : 
      48             : /**
      49             :  * We have parsed the JSON information about the deposit, do some
      50             :  * basic sanity checks (especially that the signature on the coin is
      51             :  * valid, and that this type of coin exists) and then execute the
      52             :  * deposit.
      53             :  *
      54             :  * @param connection the MHD connection to handle
      55             :  * @param dc information about the deposit confirmation
      56             :  * @param es information about the exchange's signing key
      57             :  * @return MHD result code
      58             :  */
      59             : static MHD_RESULT
      60           1 : verify_and_execute_deposit_confirmation (
      61             :   struct MHD_Connection *connection,
      62             :   const struct TALER_AUDITORDB_DepositConfirmation *dc,
      63             :   const struct TALER_AUDITORDB_ExchangeSigningKey *es)
      64             : {
      65             :   enum GNUNET_DB_QueryStatus qs;
      66             :   struct GNUNET_TIME_Absolute now;
      67             :   struct GNUNET_HashCode h;
      68             :   const char *cached;
      69           2 :   struct TALER_ExchangeSigningKeyValidityPS skv = {
      70           1 :     .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY),
      71           1 :     .purpose.size = htonl (sizeof (struct TALER_ExchangeSigningKeyValidityPS)),
      72           1 :     .start = GNUNET_TIME_absolute_hton (es->ep_start),
      73           1 :     .expire = GNUNET_TIME_absolute_hton (es->ep_expire),
      74           1 :     .end = GNUNET_TIME_absolute_hton (es->ep_end),
      75             :     .signkey_pub = es->exchange_pub
      76             :   };
      77             : 
      78           1 :   now = GNUNET_TIME_absolute_get ();
      79           1 :   if ( (es->ep_start.abs_value_us > now.abs_value_us) ||
      80           1 :        (es->ep_expire.abs_value_us < now.abs_value_us) )
      81             :   {
      82             :     /* Signing key expired */
      83           0 :     TALER_LOG_WARNING ("Expired exchange signing key\n");
      84           0 :     return TALER_MHD_reply_with_error (connection,
      85             :                                        MHD_HTTP_FORBIDDEN,
      86             :                                        TALER_EC_AUDITOR_DEPOSIT_CONFIRMATION_SIGNATURE_INVALID,
      87             :                                        "master signature expired");
      88             :   }
      89             : 
      90             :   /* check our cache */
      91           1 :   GNUNET_CRYPTO_hash (&skv,
      92             :                       sizeof (skv),
      93             :                       &h);
      94           1 :   GNUNET_assert (0 == pthread_mutex_lock (&lock));
      95           1 :   cached = GNUNET_CONTAINER_multihashmap_get (cache,
      96             :                                               &h);
      97           1 :   GNUNET_assert (0 == pthread_mutex_unlock (&lock));
      98           1 :   if (GNUNET_SYSERR ==
      99           1 :       TAH_plugin->preflight (TAH_plugin->cls))
     100             :   {
     101           0 :     GNUNET_break (0);
     102           0 :     return TALER_MHD_reply_with_error (connection,
     103             :                                        MHD_HTTP_INTERNAL_SERVER_ERROR,
     104             :                                        TALER_EC_GENERIC_DB_SETUP_FAILED,
     105             :                                        NULL);
     106             :   }
     107           1 :   if (NULL == cached)
     108             :   {
     109             :     /* Not in cache, need to verify the signature, persist it, and possibly cache it */
     110           1 :     if (GNUNET_OK !=
     111           1 :         TALER_exchange_offline_signkey_validity_verify (
     112             :           &es->exchange_pub,
     113             :           es->ep_start,
     114             :           es->ep_expire,
     115             :           es->ep_end,
     116             :           &es->master_public_key,
     117             :           &es->master_sig))
     118             :     {
     119           0 :       TALER_LOG_WARNING ("Invalid signature on exchange signing key\n");
     120           0 :       return TALER_MHD_reply_with_error (connection,
     121             :                                          MHD_HTTP_FORBIDDEN,
     122             :                                          TALER_EC_AUDITOR_DEPOSIT_CONFIRMATION_SIGNATURE_INVALID,
     123             :                                          "master signature invalid");
     124             :     }
     125             : 
     126             :     /* execute transaction */
     127           1 :     qs = TAH_plugin->insert_exchange_signkey (TAH_plugin->cls,
     128             :                                               es);
     129           1 :     if (0 > qs)
     130             :     {
     131           0 :       GNUNET_break (GNUNET_DB_STATUS_HARD_ERROR == qs);
     132           0 :       TALER_LOG_WARNING ("Failed to store exchange signing key in database\n");
     133           0 :       return TALER_MHD_reply_with_error (connection,
     134             :                                          MHD_HTTP_INTERNAL_SERVER_ERROR,
     135             :                                          TALER_EC_GENERIC_DB_STORE_FAILED,
     136             :                                          "exchange signing key");
     137             :     }
     138           1 :     cached = "verified";
     139             :   }
     140             : 
     141           1 :   if (0 == strcmp (cached,
     142             :                    "verified"))
     143             :   {
     144             :     struct TALER_MasterSignatureP master_sig;
     145             : 
     146             :     /* check for revocation */
     147           1 :     qs = TAH_eplugin->lookup_signkey_revocation (TAH_eplugin->cls,
     148             :                                                  &es->exchange_pub,
     149             :                                                  &master_sig);
     150           1 :     if (0 > qs)
     151             :     {
     152           0 :       GNUNET_break (GNUNET_DB_STATUS_HARD_ERROR == qs);
     153           0 :       TALER_LOG_WARNING (
     154             :         "Failed to check for signing key revocation in database\n");
     155           0 :       return TALER_MHD_reply_with_error (connection,
     156             :                                          MHD_HTTP_INTERNAL_SERVER_ERROR,
     157             :                                          TALER_EC_GENERIC_DB_FETCH_FAILED,
     158             :                                          "exchange signing key revocation");
     159             :     }
     160           1 :     if (0 < qs)
     161           0 :       cached = "revoked";
     162             :   }
     163             : 
     164             :   /* Cache it, due to concurreny it might already be in the cache,
     165             :      so we do not cache it twice but also don't insist on the 'put' to
     166             :      succeed. */
     167           1 :   GNUNET_assert (0 == pthread_mutex_lock (&lock));
     168           1 :   (void) GNUNET_CONTAINER_multihashmap_put (cache,
     169             :                                             &h,
     170             :                                             (void *) cached,
     171             :                                             GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
     172           1 :   GNUNET_assert (0 == pthread_mutex_unlock (&lock));
     173             : 
     174           1 :   if (0 == strcmp (cached,
     175             :                    "revoked"))
     176             :   {
     177           0 :     TALER_LOG_WARNING (
     178             :       "Invalid signature on /deposit-confirmation request: key was revoked\n");
     179           0 :     return TALER_MHD_reply_with_error (connection,
     180             :                                        MHD_HTTP_GONE,
     181             :                                        TALER_EC_AUDITOR_EXCHANGE_SIGNING_KEY_REVOKED,
     182             :                                        "exchange signing key was revoked");
     183             :   }
     184             : 
     185             :   /* check deposit confirmation signature */
     186             :   {
     187           2 :     struct TALER_DepositConfirmationPS dcs = {
     188           1 :       .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT),
     189           1 :       .purpose.size = htonl (sizeof (struct TALER_DepositConfirmationPS)),
     190             :       .h_contract_terms = dc->h_contract_terms,
     191             :       .h_wire = dc->h_wire,
     192           1 :       .exchange_timestamp = GNUNET_TIME_absolute_hton (dc->exchange_timestamp),
     193           1 :       .refund_deadline = GNUNET_TIME_absolute_hton (dc->refund_deadline),
     194             :       .coin_pub = dc->coin_pub,
     195             :       .merchant = dc->merchant
     196             :     };
     197             : 
     198           1 :     TALER_amount_hton (&dcs.amount_without_fee,
     199             :                        &dc->amount_without_fee);
     200           1 :     if (GNUNET_OK !=
     201           1 :         GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT,
     202             :                                     &dcs,
     203             :                                     &dc->exchange_sig.eddsa_signature,
     204             :                                     &dc->exchange_pub.eddsa_pub))
     205             :     {
     206           0 :       TALER_LOG_WARNING (
     207             :         "Invalid signature on /deposit-confirmation request\n");
     208           0 :       return TALER_MHD_reply_with_error (connection,
     209             :                                          MHD_HTTP_FORBIDDEN,
     210             :                                          TALER_EC_AUDITOR_DEPOSIT_CONFIRMATION_SIGNATURE_INVALID,
     211             :                                          "exchange signature invalid");
     212             :     }
     213             :   }
     214             : 
     215             :   /* execute transaction */
     216           1 :   qs = TAH_plugin->insert_deposit_confirmation (TAH_plugin->cls,
     217             :                                                 dc);
     218           1 :   if (0 > qs)
     219             :   {
     220           0 :     GNUNET_break (GNUNET_DB_STATUS_HARD_ERROR == qs);
     221           0 :     TALER_LOG_WARNING ("Failed to store /deposit-confirmation in database\n");
     222           0 :     return TALER_MHD_reply_with_error (connection,
     223             :                                        MHD_HTTP_INTERNAL_SERVER_ERROR,
     224             :                                        TALER_EC_GENERIC_DB_STORE_FAILED,
     225             :                                        "deposit confirmation");
     226             :   }
     227           1 :   return TALER_MHD_REPLY_JSON_PACK (connection,
     228             :                                     MHD_HTTP_OK,
     229             :                                     GNUNET_JSON_pack_string ("status",
     230             :                                                              "DEPOSIT_CONFIRMATION_OK"));
     231             : }
     232             : 
     233             : 
     234             : /**
     235             :  * Handle a "/deposit-confirmation" request.  Parses the JSON, and, if
     236             :  * successful, passes the JSON data to #verify_and_execute_deposit_confirmation()
     237             :  * to further check the details of the operation specified.  If
     238             :  * everything checks out, this will ultimately lead to the "/deposit-confirmation"
     239             :  * being stored in the database.
     240             :  *
     241             :  * @param rh context of the handler
     242             :  * @param connection the MHD connection to handle
     243             :  * @param[in,out] connection_cls the connection's closure (can be updated)
     244             :  * @param upload_data upload data
     245             :  * @param[in,out] upload_data_size number of bytes (left) in @a upload_data
     246             :  * @return MHD result code
     247             :   */
     248             : MHD_RESULT
     249           3 : TAH_DEPOSIT_CONFIRMATION_handler (struct TAH_RequestHandler *rh,
     250             :                                   struct MHD_Connection *connection,
     251             :                                   void **connection_cls,
     252             :                                   const char *upload_data,
     253             :                                   size_t *upload_data_size)
     254             : {
     255             :   struct TALER_AUDITORDB_DepositConfirmation dc;
     256             :   struct TALER_AUDITORDB_ExchangeSigningKey es;
     257             :   struct GNUNET_JSON_Specification spec[] = {
     258           3 :     GNUNET_JSON_spec_fixed_auto ("h_contract_terms",
     259             :                                  &dc.h_contract_terms),
     260           3 :     GNUNET_JSON_spec_fixed_auto ("h_wire",
     261             :                                  &dc.h_wire),
     262           3 :     TALER_JSON_spec_absolute_time ("exchange_timestamp",
     263             :                                    &dc.exchange_timestamp),
     264           3 :     TALER_JSON_spec_absolute_time ("refund_deadline",
     265             :                                    &dc.refund_deadline),
     266           3 :     TALER_JSON_spec_amount ("amount_without_fee",
     267             :                             TAH_currency,
     268             :                             &dc.amount_without_fee),
     269           3 :     GNUNET_JSON_spec_fixed_auto ("coin_pub",
     270             :                                  &dc.coin_pub),
     271           3 :     GNUNET_JSON_spec_fixed_auto ("merchant_pub",
     272             :                                  &dc.merchant),
     273           3 :     GNUNET_JSON_spec_fixed_auto ("exchange_sig",
     274             :                                  &dc.exchange_sig),
     275           3 :     GNUNET_JSON_spec_fixed_auto ("exchange_pub",
     276             :                                  &dc.exchange_pub),
     277           3 :     GNUNET_JSON_spec_fixed_auto ("master_pub",
     278             :                                  &es.master_public_key),
     279           3 :     TALER_JSON_spec_absolute_time ("ep_start",
     280             :                                    &es.ep_start),
     281           3 :     TALER_JSON_spec_absolute_time ("ep_expire",
     282             :                                    &es.ep_expire),
     283           3 :     TALER_JSON_spec_absolute_time ("ep_end",
     284             :                                    &es.ep_end),
     285           3 :     GNUNET_JSON_spec_fixed_auto ("master_sig",
     286             :                                  &es.master_sig),
     287           3 :     GNUNET_JSON_spec_end ()
     288             :   };
     289             : 
     290             :   (void) rh;
     291             :   (void) connection_cls;
     292             :   (void) upload_data;
     293             :   (void) upload_data_size;
     294             :   {
     295             :     json_t *json;
     296             :     enum GNUNET_GenericReturnValue res;
     297             : 
     298           3 :     res = TALER_MHD_parse_post_json (connection,
     299             :                                      connection_cls,
     300             :                                      upload_data,
     301             :                                      upload_data_size,
     302             :                                      &json);
     303           3 :     if (GNUNET_SYSERR == res)
     304           2 :       return MHD_NO;
     305           3 :     if ( (GNUNET_NO == res) ||
     306           3 :          (NULL == json) )
     307           2 :       return MHD_YES;
     308           1 :     res = TALER_MHD_parse_json_data (connection,
     309             :                                      json,
     310             :                                      spec);
     311           1 :     json_decref (json);
     312           1 :     if (GNUNET_SYSERR == res)
     313           0 :       return MHD_NO; /* hard failure */
     314           1 :     if (GNUNET_NO == res)
     315           0 :       return MHD_YES; /* failure */
     316             :   }
     317             : 
     318           1 :   es.exchange_pub = dc.exchange_pub; /* used twice! */
     319           1 :   dc.master_public_key = es.master_public_key;
     320             :   {
     321             :     MHD_RESULT res;
     322             : 
     323           1 :     res = verify_and_execute_deposit_confirmation (connection,
     324             :                                                    &dc,
     325             :                                                    &es);
     326           1 :     GNUNET_JSON_parse_free (spec);
     327           1 :     return res;
     328             :   }
     329             : }
     330             : 
     331             : 
     332             : /**
     333             :  * Initialize subsystem.
     334             :  */
     335             : void
     336           4 : TEAH_DEPOSIT_CONFIRMATION_init (void)
     337             : {
     338           4 :   cache = GNUNET_CONTAINER_multihashmap_create (32,
     339             :                                                 GNUNET_NO);
     340           4 :   GNUNET_assert (0 == pthread_mutex_init (&lock, NULL));
     341           4 : }
     342             : 
     343             : 
     344             : /**
     345             :  * Shut down subsystem.
     346             :  */
     347             : void
     348           4 : TEAH_DEPOSIT_CONFIRMATION_done (void)
     349             : {
     350           4 :   GNUNET_CONTAINER_multihashmap_destroy (cache);
     351           4 :   cache = NULL;
     352           4 :   GNUNET_assert (0 == pthread_mutex_destroy (&lock));
     353           4 : }
     354             : 
     355             : 
     356             : /* end of taler-auditor-httpd_deposit-confirmation.c */

Generated by: LCOV version 1.14