Line data Source code
1 : /*
2 : This file is part of TALER
3 : Copyright (C) 2014-2019 Taler Systems SA
4 :
5 : TALER is free software; you can redistribute it and/or modify
6 : it under the terms of the GNU Affero General Public License as
7 : published by the Free Software Foundation; either version 3,
8 : or (at your option) any later version.
9 :
10 : TALER is distributed in the hope that it will be useful,
11 : but WITHOUT ANY WARRANTY; without even the implied warranty
12 : of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
13 : See the GNU Affero General Public License for more details.
14 :
15 : You should have received a copy of the GNU Affero General
16 : Public License along with TALER; see the file COPYING. If not,
17 : see <http://www.gnu.org/licenses/>
18 : */
19 : /**
20 : * @file taler-exchange-httpd_withdraw.c
21 : * @brief Handle /reserves/$RESERVE_PUB/withdraw requests
22 : * @author Florian Dold
23 : * @author Benedikt Mueller
24 : * @author Christian Grothoff
25 : */
26 : #include "platform.h"
27 : #include <gnunet/gnunet_util_lib.h>
28 : #include <jansson.h>
29 : #include "taler_json_lib.h"
30 : #include "taler_mhd_lib.h"
31 : #include "taler-exchange-httpd_withdraw.h"
32 : #include "taler-exchange-httpd_responses.h"
33 : #include "taler-exchange-httpd_keys.h"
34 :
35 :
36 : /**
37 : * Perform RSA signature before checking with the database?
38 : * Reduces time spent in transaction, but may cause us to
39 : * waste CPU time if DB check fails.
40 : */
41 : #define OPTIMISTIC_SIGN 1
42 :
43 :
44 : /**
45 : * Send reserve history information to client with the
46 : * message that we have insufficient funds for the
47 : * requested withdraw operation.
48 : *
49 : * @param connection connection to the client
50 : * @param ebalance expected balance based on our database
51 : * @param rh reserve history to return
52 : * @return MHD result code
53 : */
54 : static MHD_RESULT
55 3 : reply_withdraw_insufficient_funds (
56 : struct MHD_Connection *connection,
57 : const struct TALER_Amount *ebalance,
58 : const struct TALER_EXCHANGEDB_ReserveHistory *rh)
59 : {
60 : json_t *json_history;
61 : struct TALER_Amount balance;
62 :
63 3 : json_history = TEH_RESPONSE_compile_reserve_history (rh,
64 : &balance);
65 3 : if (NULL == json_history)
66 0 : return TALER_MHD_reply_with_error (connection,
67 : MHD_HTTP_INTERNAL_SERVER_ERROR,
68 : TALER_EC_EXCHANGE_WITHDRAW_HISTORY_ERROR_INSUFFICIENT_FUNDS,
69 : NULL);
70 3 : if (0 !=
71 3 : TALER_amount_cmp (&balance,
72 : ebalance))
73 : {
74 0 : GNUNET_break (0);
75 0 : json_decref (json_history);
76 0 : return TALER_MHD_reply_with_error (connection,
77 : MHD_HTTP_INTERNAL_SERVER_ERROR,
78 : TALER_EC_GENERIC_DB_INVARIANT_FAILURE,
79 : "reserve balance corrupt");
80 : }
81 3 : return TALER_MHD_REPLY_JSON_PACK (
82 : connection,
83 : MHD_HTTP_CONFLICT,
84 : TALER_JSON_pack_ec (TALER_EC_EXCHANGE_WITHDRAW_INSUFFICIENT_FUNDS),
85 : TALER_JSON_pack_amount ("balance",
86 : &balance),
87 : GNUNET_JSON_pack_array_steal ("history",
88 : json_history));
89 : }
90 :
91 :
92 : /**
93 : * Context for #withdraw_transaction.
94 : */
95 : struct WithdrawContext
96 : {
97 : /**
98 : * Details about the withdrawal request.
99 : */
100 : struct TALER_WithdrawRequestPS wsrd;
101 :
102 : /**
103 : * Value of the coin plus withdraw fee.
104 : */
105 : struct TALER_Amount amount_required;
106 :
107 : /**
108 : * Hash of the denomination public key.
109 : */
110 : struct GNUNET_HashCode denom_pub_hash;
111 :
112 : /**
113 : * Signature over the request.
114 : */
115 : struct TALER_ReserveSignatureP signature;
116 :
117 : /**
118 : * Blinded planchet.
119 : */
120 : char *blinded_msg;
121 :
122 : /**
123 : * Number of bytes in @e blinded_msg.
124 : */
125 : size_t blinded_msg_len;
126 :
127 : /**
128 : * Set to the resulting signed coin data to be returned to the client.
129 : */
130 : struct TALER_EXCHANGEDB_CollectableBlindcoin collectable;
131 :
132 : };
133 :
134 :
135 : /**
136 : * Function implementing withdraw transaction. Runs the
137 : * transaction logic; IF it returns a non-error code, the transaction
138 : * logic MUST NOT queue a MHD response. IF it returns an hard error,
139 : * the transaction logic MUST queue a MHD response and set @a mhd_ret.
140 : * IF it returns the soft error code, the function MAY be called again
141 : * to retry and MUST not queue a MHD response.
142 : *
143 : * Note that "wc->collectable.sig" may already be set before entering
144 : * this function, either because OPTIMISTIC_SIGN was used and we signed
145 : * before entering the transaction, or because this function is run
146 : * twice (!) by #TEH_DB_run_transaction() and the first time created
147 : * the signature and then failed to commit. Furthermore, we may get
148 : * a 2nd correct signature briefly if "get_withdraw_info" succeeds and
149 : * finds one in the DB. To avoid signing twice, the function may
150 : * return a valid signature in "wc->collectable.sig" **even if it failed**.
151 : * The caller must thus free the signature in either case.
152 : *
153 : * @param cls a `struct WithdrawContext *`
154 : * @param connection MHD request which triggered the transaction
155 : * @param[out] mhd_ret set to MHD response status for @a connection,
156 : * if transaction failed (!)
157 : * @return transaction status
158 : */
159 : static enum GNUNET_DB_QueryStatus
160 38 : withdraw_transaction (void *cls,
161 : struct MHD_Connection *connection,
162 : MHD_RESULT *mhd_ret)
163 : {
164 38 : struct WithdrawContext *wc = cls;
165 : struct TALER_EXCHANGEDB_Reserve r;
166 : enum GNUNET_DB_QueryStatus qs;
167 : struct TALER_DenominationSignature denom_sig;
168 :
169 : #if OPTIMISTIC_SIGN
170 : /* store away optimistic signature to protect
171 : it from being overwritten by get_withdraw_info */
172 38 : denom_sig = wc->collectable.sig;
173 38 : wc->collectable.sig.rsa_signature = NULL;
174 : #endif
175 38 : qs = TEH_plugin->get_withdraw_info (TEH_plugin->cls,
176 38 : &wc->wsrd.h_coin_envelope,
177 : &wc->collectable);
178 38 : if (0 > qs)
179 : {
180 0 : GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs);
181 0 : if (GNUNET_DB_STATUS_HARD_ERROR == qs)
182 0 : *mhd_ret = TALER_MHD_reply_with_error (connection,
183 : MHD_HTTP_INTERNAL_SERVER_ERROR,
184 : TALER_EC_GENERIC_DB_FETCH_FAILED,
185 : "withdraw details");
186 0 : wc->collectable.sig = denom_sig;
187 0 : return qs;
188 : }
189 :
190 : /* Don't sign again if we have already signed the coin */
191 38 : if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs)
192 : {
193 : /* Toss out the optimistic signature, we got another one from the DB;
194 : optimization trade-off loses in this case: we unnecessarily computed
195 : a signature :-( */
196 : #if OPTIMISTIC_SIGN
197 0 : GNUNET_CRYPTO_rsa_signature_free (denom_sig.rsa_signature);
198 : #endif
199 0 : return GNUNET_DB_STATUS_SUCCESS_ONE_RESULT;
200 : }
201 : /* We should never get more than one result, and we handled
202 : the errors (negative case) above, so that leaves no results. */
203 38 : GNUNET_assert (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs);
204 38 : wc->collectable.sig = denom_sig; /* Note: might still be NULL if we didn't do OPTIMISTIC_SIGN */
205 :
206 : /* Check if balance is sufficient */
207 38 : r.pub = wc->wsrd.reserve_pub; /* other fields of 'r' initialized in reserves_get (if successful) */
208 38 : GNUNET_log (GNUNET_ERROR_TYPE_INFO,
209 : "Trying to withdraw from reserve: %s\n",
210 : TALER_B2S (&r.pub));
211 38 : qs = TEH_plugin->reserves_get (TEH_plugin->cls,
212 : &r);
213 38 : if (0 > qs)
214 : {
215 0 : if (GNUNET_DB_STATUS_HARD_ERROR == qs)
216 0 : *mhd_ret = TALER_MHD_reply_with_error (connection,
217 : MHD_HTTP_INTERNAL_SERVER_ERROR,
218 : TALER_EC_GENERIC_DB_FETCH_FAILED,
219 : "reserves");
220 0 : return qs;
221 : }
222 38 : if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
223 : {
224 0 : *mhd_ret = TALER_MHD_reply_with_error (connection,
225 : MHD_HTTP_NOT_FOUND,
226 : TALER_EC_EXCHANGE_WITHDRAW_RESERVE_UNKNOWN,
227 : NULL);
228 0 : return GNUNET_DB_STATUS_HARD_ERROR;
229 : }
230 38 : if (0 < TALER_amount_cmp (&wc->amount_required,
231 : &r.balance))
232 : {
233 : struct TALER_EXCHANGEDB_ReserveHistory *rh;
234 :
235 : /* The reserve does not have the required amount (actual
236 : * amount + withdraw fee) */
237 : #if GNUNET_EXTRA_LOGGING
238 : {
239 : char *amount_required;
240 : char *r_balance;
241 :
242 3 : amount_required = TALER_amount_to_string (&wc->amount_required);
243 3 : r_balance = TALER_amount_to_string (&r.balance);
244 3 : TALER_LOG_DEBUG ("Asked %s over a reserve worth %s\n",
245 : amount_required,
246 : r_balance);
247 3 : GNUNET_free (amount_required);
248 3 : GNUNET_free (r_balance);
249 : }
250 : #endif
251 3 : qs = TEH_plugin->get_reserve_history (TEH_plugin->cls,
252 3 : &wc->wsrd.reserve_pub,
253 : &rh);
254 3 : if (NULL == rh)
255 : {
256 0 : if (GNUNET_DB_STATUS_HARD_ERROR == qs)
257 0 : *mhd_ret = TALER_MHD_reply_with_error (connection,
258 : MHD_HTTP_INTERNAL_SERVER_ERROR,
259 : TALER_EC_GENERIC_DB_FETCH_FAILED,
260 : "reserve history");
261 0 : return GNUNET_DB_STATUS_HARD_ERROR;
262 : }
263 3 : *mhd_ret = reply_withdraw_insufficient_funds (connection,
264 : &r.balance,
265 : rh);
266 3 : TEH_plugin->free_reserve_history (TEH_plugin->cls,
267 : rh);
268 3 : return GNUNET_DB_STATUS_HARD_ERROR;
269 : }
270 :
271 : /* Balance is good, sign the coin! */
272 : #if ! OPTIMISTIC_SIGN
273 : if (NULL == wc->collectable.sig.rsa_signature)
274 : {
275 : enum TALER_ErrorCode ec;
276 :
277 : wc->collectable.sig
278 : = TEH_keys_denomination_sign (&wc->denom_pub_hash,
279 : wc->blinded_msg,
280 : wc->blinded_msg_len,
281 : &ec);
282 : if (NULL == wc->collectable.sig.rsa_signature)
283 : {
284 : GNUNET_break (0);
285 : *mhd_ret = TALER_MHD_reply_with_ec (connection,
286 : ec,
287 : NULL);
288 : return GNUNET_DB_STATUS_HARD_ERROR;
289 : }
290 : }
291 : #endif
292 35 : wc->collectable.denom_pub_hash = wc->denom_pub_hash;
293 35 : wc->collectable.amount_with_fee = wc->amount_required;
294 35 : wc->collectable.reserve_pub = wc->wsrd.reserve_pub;
295 35 : wc->collectable.h_coin_envelope = wc->wsrd.h_coin_envelope;
296 35 : wc->collectable.reserve_sig = wc->signature;
297 35 : qs = TEH_plugin->insert_withdraw_info (TEH_plugin->cls,
298 35 : &wc->collectable);
299 35 : if (0 > qs)
300 : {
301 0 : GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs);
302 0 : if (GNUNET_DB_STATUS_HARD_ERROR == qs)
303 0 : *mhd_ret = TALER_MHD_reply_with_error (connection,
304 : MHD_HTTP_INTERNAL_SERVER_ERROR,
305 : TALER_EC_GENERIC_DB_STORE_FAILED,
306 : "withdraw details");
307 0 : return qs;
308 : }
309 35 : return qs;
310 : }
311 :
312 :
313 : MHD_RESULT
314 39 : TEH_handler_withdraw (struct TEH_RequestContext *rc,
315 : const json_t *root,
316 : const char *const args[2])
317 : {
318 : struct WithdrawContext wc;
319 : struct GNUNET_JSON_Specification spec[] = {
320 39 : GNUNET_JSON_spec_varsize ("coin_ev",
321 : (void **) &wc.blinded_msg,
322 : &wc.blinded_msg_len),
323 39 : GNUNET_JSON_spec_fixed_auto ("reserve_sig",
324 : &wc.signature),
325 39 : GNUNET_JSON_spec_fixed_auto ("denom_pub_hash",
326 : &wc.denom_pub_hash),
327 39 : GNUNET_JSON_spec_end ()
328 : };
329 : enum TALER_ErrorCode ec;
330 : struct TEH_DenominationKey *dk;
331 :
332 39 : if (GNUNET_OK !=
333 39 : GNUNET_STRINGS_string_to_data (args[0],
334 : strlen (args[0]),
335 : &wc.wsrd.reserve_pub,
336 : sizeof (wc.wsrd.reserve_pub)))
337 : {
338 0 : GNUNET_break_op (0);
339 0 : return TALER_MHD_reply_with_error (rc->connection,
340 : MHD_HTTP_BAD_REQUEST,
341 : TALER_EC_MERCHANT_GENERIC_RESERVE_PUB_MALFORMED,
342 : args[0]);
343 : }
344 :
345 : {
346 : enum GNUNET_GenericReturnValue res;
347 :
348 39 : res = TALER_MHD_parse_json_data (rc->connection,
349 : root,
350 : spec);
351 39 : if (GNUNET_OK != res)
352 0 : return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
353 : }
354 : {
355 : MHD_RESULT mret;
356 : struct GNUNET_TIME_Absolute now;
357 :
358 39 : dk = TEH_keys_denomination_by_hash (&wc.denom_pub_hash,
359 : rc->connection,
360 : &mret);
361 39 : if (NULL == dk)
362 : {
363 0 : GNUNET_JSON_parse_free (spec);
364 1 : return mret;
365 : }
366 39 : now = GNUNET_TIME_absolute_get ();
367 39 : (void) GNUNET_TIME_round_abs (&now);
368 39 : if (GNUNET_TIME_absolute_is_past (dk->meta.expire_withdraw))
369 : {
370 : struct GNUNET_TIME_Absolute now;
371 :
372 0 : now = GNUNET_TIME_absolute_get ();
373 0 : (void) GNUNET_TIME_round_abs (&now);
374 : /* This denomination is past the expiration time for withdraws */
375 0 : GNUNET_JSON_parse_free (spec);
376 0 : return TEH_RESPONSE_reply_expired_denom_pub_hash (
377 : rc->connection,
378 : &wc.denom_pub_hash,
379 : now,
380 : TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED,
381 : "WITHDRAW");
382 : }
383 39 : if (GNUNET_TIME_absolute_is_future (dk->meta.start))
384 : {
385 : struct GNUNET_TIME_Absolute now;
386 :
387 0 : now = GNUNET_TIME_absolute_get ();
388 0 : (void) GNUNET_TIME_round_abs (&now);
389 : /* This denomination is not yet valid */
390 0 : GNUNET_JSON_parse_free (spec);
391 0 : return TEH_RESPONSE_reply_expired_denom_pub_hash (
392 : rc->connection,
393 : &wc.denom_pub_hash,
394 : now,
395 : TALER_EC_EXCHANGE_GENERIC_DENOMINATION_VALIDITY_IN_FUTURE,
396 : "WITHDRAW");
397 : }
398 39 : if (dk->recoup_possible)
399 : {
400 : struct GNUNET_TIME_Absolute now;
401 :
402 1 : now = GNUNET_TIME_absolute_get ();
403 1 : (void) GNUNET_TIME_round_abs (&now);
404 : /* This denomination has been revoked */
405 1 : GNUNET_JSON_parse_free (spec);
406 1 : return TEH_RESPONSE_reply_expired_denom_pub_hash (
407 : rc->connection,
408 : &wc.denom_pub_hash,
409 : now,
410 : TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED,
411 : "WITHDRAW");
412 : }
413 : }
414 :
415 : {
416 38 : if (0 >
417 38 : TALER_amount_add (&wc.amount_required,
418 38 : &dk->meta.value,
419 38 : &dk->meta.fee_withdraw))
420 : {
421 0 : GNUNET_JSON_parse_free (spec);
422 0 : return TALER_MHD_reply_with_error (rc->connection,
423 : MHD_HTTP_INTERNAL_SERVER_ERROR,
424 : TALER_EC_EXCHANGE_WITHDRAW_AMOUNT_FEE_OVERFLOW,
425 : NULL);
426 : }
427 38 : TALER_amount_hton (&wc.wsrd.amount_with_fee,
428 : &wc.amount_required);
429 : }
430 :
431 : /* verify signature! */
432 : wc.wsrd.purpose.size
433 38 : = htonl (sizeof (wc.wsrd));
434 : wc.wsrd.purpose.purpose
435 38 : = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW);
436 : wc.wsrd.h_denomination_pub
437 38 : = wc.denom_pub_hash;
438 38 : GNUNET_CRYPTO_hash (wc.blinded_msg,
439 : wc.blinded_msg_len,
440 : &wc.wsrd.h_coin_envelope);
441 38 : if (GNUNET_OK !=
442 38 : GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW,
443 : &wc.wsrd,
444 : &wc.signature.eddsa_signature,
445 : &wc.wsrd.reserve_pub.eddsa_pub))
446 : {
447 0 : TALER_LOG_WARNING (
448 : "Client supplied invalid signature for withdraw request\n");
449 0 : GNUNET_JSON_parse_free (spec);
450 0 : return TALER_MHD_reply_with_error (rc->connection,
451 : MHD_HTTP_FORBIDDEN,
452 : TALER_EC_EXCHANGE_WITHDRAW_RESERVE_SIGNATURE_INVALID,
453 : NULL);
454 : }
455 :
456 : #if OPTIMISTIC_SIGN
457 : /* Sign before transaction! */
458 : wc.collectable.sig
459 38 : = TEH_keys_denomination_sign (&wc.denom_pub_hash,
460 38 : wc.blinded_msg,
461 : wc.blinded_msg_len,
462 : &ec);
463 38 : if (NULL == wc.collectable.sig.rsa_signature)
464 : {
465 0 : GNUNET_break (0);
466 0 : GNUNET_JSON_parse_free (spec);
467 0 : return TALER_MHD_reply_with_ec (rc->connection,
468 : ec,
469 : NULL);
470 : }
471 : #endif
472 :
473 : /* run transaction and sign (if not optimistically signed before) */
474 : {
475 : MHD_RESULT mhd_ret;
476 :
477 38 : if (GNUNET_OK !=
478 38 : TEH_DB_run_transaction (rc->connection,
479 : "run withdraw",
480 : &mhd_ret,
481 : &withdraw_transaction,
482 : &wc))
483 : {
484 : /* Even if #withdraw_transaction() failed, it may have created a signature
485 : (or we might have done it optimistically above). */
486 3 : if (NULL != wc.collectable.sig.rsa_signature)
487 3 : GNUNET_CRYPTO_rsa_signature_free (wc.collectable.sig.rsa_signature);
488 3 : GNUNET_JSON_parse_free (spec);
489 3 : return mhd_ret;
490 : }
491 : }
492 :
493 : /* Clean up and send back final (positive) response */
494 35 : GNUNET_JSON_parse_free (spec);
495 :
496 : {
497 : MHD_RESULT ret;
498 :
499 35 : ret = TALER_MHD_REPLY_JSON_PACK (
500 : rc->connection,
501 : MHD_HTTP_OK,
502 : GNUNET_JSON_pack_rsa_signature ("ev_sig",
503 : wc.collectable.sig.rsa_signature));
504 35 : GNUNET_CRYPTO_rsa_signature_free (wc.collectable.sig.rsa_signature);
505 35 : return ret;
506 : }
507 : }
508 :
509 :
510 : /* end of taler-exchange-httpd_withdraw.c */
|
