Line data Source code
1 : /*
2 : This file is part of TALER
3 : Copyright (C) 2014-2021 Taler Systems SA
4 :
5 : TALER is free software; you can redistribute it and/or modify it under the
6 : terms of the GNU General Public License as published by the Free Software
7 : Foundation; either version 3, or (at your option) any later version.
8 :
9 : TALER is distributed in the hope that it will be useful, but WITHOUT ANY
10 : WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
11 : A PARTICULAR PURPOSE. See the GNU General Public License for more details.
12 :
13 : You should have received a copy of the GNU General Public License along with
14 : TALER; see the file COPYING. If not, see
15 : <http://www.gnu.org/licenses/>
16 : */
17 : /**
18 : * @file lib/auditor_api_deposit_confirmation.c
19 : * @brief Implementation of the /deposit request of the auditor's HTTP API
20 : * @author Christian Grothoff
21 : */
22 : #include "platform.h"
23 : #include <jansson.h>
24 : #include <microhttpd.h> /* just for HTTP status codes */
25 : #include <gnunet/gnunet_util_lib.h>
26 : #include <gnunet/gnunet_json_lib.h>
27 : #include <gnunet/gnunet_curl_lib.h>
28 : #include "taler_json_lib.h"
29 : #include "taler_auditor_service.h"
30 : #include "auditor_api_handle.h"
31 : #include "taler_signatures.h"
32 : #include "auditor_api_curl_defaults.h"
33 :
34 :
35 : /**
36 : * @brief A DepositConfirmation Handle
37 : */
38 : struct TALER_AUDITOR_DepositConfirmationHandle
39 : {
40 :
41 : /**
42 : * The connection to auditor this request handle will use
43 : */
44 : struct TALER_AUDITOR_Handle *auditor;
45 :
46 : /**
47 : * The url for this request.
48 : */
49 : char *url;
50 :
51 : /**
52 : * Context for #TEH_curl_easy_post(). Keeps the data that must
53 : * persist for Curl to make the upload.
54 : */
55 : struct TALER_CURL_PostContext ctx;
56 :
57 : /**
58 : * Handle for the request.
59 : */
60 : struct GNUNET_CURL_Job *job;
61 :
62 : /**
63 : * Function to call with the result.
64 : */
65 : TALER_AUDITOR_DepositConfirmationResultCallback cb;
66 :
67 : /**
68 : * Closure for @a cb.
69 : */
70 : void *cb_cls;
71 :
72 : };
73 :
74 :
75 : /**
76 : * Function called when we're done processing the
77 : * HTTP /deposit-confirmation request.
78 : *
79 : * @param cls the `struct TALER_AUDITOR_DepositConfirmationHandle`
80 : * @param response_code HTTP response code, 0 on error
81 : * @param djson parsed JSON result, NULL on error
82 : */
83 : static void
84 0 : handle_deposit_confirmation_finished (void *cls,
85 : long response_code,
86 : const void *djson)
87 : {
88 0 : const json_t *json = djson;
89 0 : struct TALER_AUDITOR_DepositConfirmationHandle *dh = cls;
90 0 : struct TALER_AUDITOR_HttpResponse hr = {
91 : .reply = json,
92 0 : .http_status = (unsigned int) response_code
93 : };
94 :
95 0 : dh->job = NULL;
96 0 : switch (response_code)
97 : {
98 0 : case 0:
99 0 : hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE;
100 0 : break;
101 0 : case MHD_HTTP_OK:
102 0 : hr.ec = TALER_EC_NONE;
103 0 : break;
104 0 : case MHD_HTTP_BAD_REQUEST:
105 0 : hr.ec = TALER_JSON_get_error_code (json);
106 0 : hr.hint = TALER_JSON_get_error_hint (json);
107 : /* This should never happen, either us or the auditor is buggy
108 : (or API version conflict); just pass JSON reply to the application */
109 0 : break;
110 0 : case MHD_HTTP_FORBIDDEN:
111 0 : hr.ec = TALER_JSON_get_error_code (json);
112 0 : hr.hint = TALER_JSON_get_error_hint (json);
113 : /* Nothing really to verify, auditor says one of the signatures is
114 : invalid; as we checked them, this should never happen, we
115 : should pass the JSON reply to the application */
116 0 : break;
117 0 : case MHD_HTTP_NOT_FOUND:
118 0 : hr.ec = TALER_JSON_get_error_code (json);
119 0 : hr.hint = TALER_JSON_get_error_hint (json);
120 : /* Nothing really to verify, this should never
121 : happen, we should pass the JSON reply to the application */
122 0 : break;
123 0 : case MHD_HTTP_GONE:
124 0 : hr.ec = TALER_JSON_get_error_code (json);
125 0 : hr.hint = TALER_JSON_get_error_hint (json);
126 : /* Nothing really to verify, auditor says one of the signatures is
127 : invalid; as we checked them, this should never happen, we
128 : should pass the JSON reply to the application */
129 0 : break;
130 0 : case MHD_HTTP_INTERNAL_SERVER_ERROR:
131 0 : hr.ec = TALER_JSON_get_error_code (json);
132 0 : hr.hint = TALER_JSON_get_error_hint (json);
133 : /* Server had an internal issue; we should retry, but this API
134 : leaves this to the application */
135 0 : break;
136 0 : default:
137 : /* unexpected response code */
138 0 : hr.ec = TALER_JSON_get_error_code (json);
139 0 : hr.hint = TALER_JSON_get_error_hint (json);
140 0 : GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
141 : "Unexpected response code %u/%d for auditor deposit confirmation\n",
142 : (unsigned int) response_code,
143 : hr.ec);
144 0 : break;
145 : }
146 0 : dh->cb (dh->cb_cls,
147 : &hr);
148 0 : TALER_AUDITOR_deposit_confirmation_cancel (dh);
149 0 : }
150 :
151 :
152 : /**
153 : * Verify signature information about the deposit-confirmation.
154 : *
155 : * @param h_wire hash of merchant wire details
156 : * @param h_extensions hash over the extensions, if any
157 : * @param h_contract_terms hash of the contact of the merchant with the customer (further details are never disclosed to the auditor)
158 : * @param exchange_timestamp timestamp when the deposit was received by the wallet
159 : * @param wire_deadline by what time must the amount be wired to the merchant
160 : * @param refund_deadline date until which the merchant can issue a refund to the customer via the auditor (can be zero if refunds are not allowed); must not be after the @a wire_deadline
161 : * @param amount_without_fee the amount confirmed to be wired by the exchange to the merchant
162 : * @param coin_pub coin’s public key
163 : * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests)
164 : * @param exchange_sig the signature made with purpose #TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT
165 : * @param exchange_pub the public key of the exchange that matches @a exchange_sig
166 : * @param master_pub master public key of the exchange
167 : * @param ep_start when does @a exchange_pub validity start
168 : * @param ep_expire when does @a exchange_pub usage end
169 : * @param ep_end when does @a exchange_pub legal validity end
170 : * @param master_sig master signature affirming validity of @a exchange_pub
171 : * @return #GNUNET_OK if signatures are OK, #GNUNET_SYSERR if not
172 : */
173 : static enum GNUNET_GenericReturnValue
174 0 : verify_signatures (const struct TALER_MerchantWireHashP *h_wire,
175 : const struct TALER_ExtensionContractHashP *h_extensions,
176 : const struct TALER_PrivateContractHashP *h_contract_terms,
177 : struct GNUNET_TIME_Timestamp exchange_timestamp,
178 : struct GNUNET_TIME_Timestamp wire_deadline,
179 : struct GNUNET_TIME_Timestamp refund_deadline,
180 : const struct TALER_Amount *amount_without_fee,
181 : const struct TALER_CoinSpendPublicKeyP *coin_pub,
182 : const struct TALER_MerchantPublicKeyP *merchant_pub,
183 : const struct TALER_ExchangePublicKeyP *exchange_pub,
184 : const struct TALER_ExchangeSignatureP *exchange_sig,
185 : const struct TALER_MasterPublicKeyP *master_pub,
186 : struct GNUNET_TIME_Timestamp ep_start,
187 : struct GNUNET_TIME_Timestamp ep_expire,
188 : struct GNUNET_TIME_Timestamp ep_end,
189 : const struct TALER_MasterSignatureP *master_sig)
190 : {
191 0 : if (GNUNET_OK !=
192 0 : TALER_exchange_online_deposit_confirmation_verify (
193 : h_contract_terms,
194 : h_wire,
195 : h_extensions,
196 : exchange_timestamp,
197 : wire_deadline,
198 : refund_deadline,
199 : amount_without_fee,
200 : coin_pub,
201 : merchant_pub,
202 : exchange_pub,
203 : exchange_sig))
204 : {
205 0 : GNUNET_break_op (0);
206 0 : TALER_LOG_WARNING (
207 : "Invalid signature on /deposit-confirmation request!\n");
208 : {
209 0 : TALER_LOG_DEBUG ("... amount_without_fee was %s\n",
210 : TALER_amount2s (amount_without_fee));
211 : }
212 0 : return GNUNET_SYSERR;
213 : }
214 :
215 0 : if (GNUNET_OK !=
216 0 : TALER_exchange_offline_signkey_validity_verify (
217 : exchange_pub,
218 : ep_start,
219 : ep_expire,
220 : ep_end,
221 : master_pub,
222 : master_sig))
223 : {
224 0 : GNUNET_break (0);
225 0 : TALER_LOG_WARNING ("Invalid signature on exchange signing key!\n");
226 0 : return GNUNET_SYSERR;
227 : }
228 0 : if (GNUNET_TIME_absolute_is_past (ep_end.abs_time))
229 : {
230 0 : GNUNET_break (0);
231 0 : TALER_LOG_WARNING ("Exchange signing key is no longer valid!\n");
232 0 : return GNUNET_SYSERR;
233 : }
234 0 : return GNUNET_OK;
235 : }
236 :
237 :
238 : struct TALER_AUDITOR_DepositConfirmationHandle *
239 0 : TALER_AUDITOR_deposit_confirmation (
240 : struct TALER_AUDITOR_Handle *auditor,
241 : const struct TALER_MerchantWireHashP *h_wire,
242 : const struct TALER_ExtensionContractHashP *h_extensions,
243 : const struct TALER_PrivateContractHashP *h_contract_terms,
244 : struct GNUNET_TIME_Timestamp exchange_timestamp,
245 : struct GNUNET_TIME_Timestamp wire_deadline,
246 : struct GNUNET_TIME_Timestamp refund_deadline,
247 : const struct TALER_Amount *amount_without_fee,
248 : const struct TALER_CoinSpendPublicKeyP *coin_pub,
249 : const struct TALER_MerchantPublicKeyP *merchant_pub,
250 : const struct TALER_ExchangePublicKeyP *exchange_pub,
251 : const struct TALER_ExchangeSignatureP *exchange_sig,
252 : const struct TALER_MasterPublicKeyP *master_pub,
253 : struct GNUNET_TIME_Timestamp ep_start,
254 : struct GNUNET_TIME_Timestamp ep_expire,
255 : struct GNUNET_TIME_Timestamp ep_end,
256 : const struct TALER_MasterSignatureP *master_sig,
257 : TALER_AUDITOR_DepositConfirmationResultCallback cb,
258 : void *cb_cls)
259 : {
260 : struct TALER_AUDITOR_DepositConfirmationHandle *dh;
261 : struct GNUNET_CURL_Context *ctx;
262 : json_t *deposit_confirmation_obj;
263 : CURL *eh;
264 :
265 0 : GNUNET_assert (GNUNET_YES ==
266 : TALER_AUDITOR_handle_is_ready_ (auditor));
267 0 : if (GNUNET_OK !=
268 0 : verify_signatures (h_wire,
269 : h_extensions,
270 : h_contract_terms,
271 : exchange_timestamp,
272 : wire_deadline,
273 : refund_deadline,
274 : amount_without_fee,
275 : coin_pub,
276 : merchant_pub,
277 : exchange_pub,
278 : exchange_sig,
279 : master_pub,
280 : ep_start,
281 : ep_expire,
282 : ep_end,
283 : master_sig))
284 : {
285 0 : GNUNET_break_op (0);
286 0 : return NULL;
287 : }
288 :
289 : deposit_confirmation_obj
290 0 : = GNUNET_JSON_PACK (
291 : GNUNET_JSON_pack_data_auto ("h_wire",
292 : h_wire),
293 : GNUNET_JSON_pack_data_auto ("h_extensions",
294 : h_extensions),
295 : GNUNET_JSON_pack_data_auto ("h_contract_terms",
296 : h_contract_terms),
297 : GNUNET_JSON_pack_timestamp ("exchange_timestamp",
298 : exchange_timestamp),
299 : GNUNET_JSON_pack_timestamp ("refund_deadline",
300 : refund_deadline),
301 : GNUNET_JSON_pack_timestamp ("wire_deadline",
302 : wire_deadline),
303 : TALER_JSON_pack_amount ("amount_without_fee",
304 : amount_without_fee),
305 : GNUNET_JSON_pack_data_auto ("coin_pub",
306 : coin_pub),
307 : GNUNET_JSON_pack_data_auto ("merchant_pub",
308 : merchant_pub),
309 : GNUNET_JSON_pack_data_auto ("exchange_sig",
310 : exchange_sig),
311 : GNUNET_JSON_pack_data_auto ("master_pub",
312 : master_pub),
313 : GNUNET_JSON_pack_timestamp ("ep_start",
314 : ep_start),
315 : GNUNET_JSON_pack_timestamp ("ep_expire",
316 : ep_expire),
317 : GNUNET_JSON_pack_timestamp ("ep_end",
318 : ep_end),
319 : GNUNET_JSON_pack_data_auto ("master_sig",
320 : master_sig),
321 : GNUNET_JSON_pack_data_auto ("exchange_pub",
322 : exchange_pub));
323 0 : dh = GNUNET_new (struct TALER_AUDITOR_DepositConfirmationHandle);
324 0 : dh->auditor = auditor;
325 0 : dh->cb = cb;
326 0 : dh->cb_cls = cb_cls;
327 0 : dh->url = TALER_AUDITOR_path_to_url_ (auditor,
328 : "/deposit-confirmation");
329 0 : if (NULL == dh->url)
330 : {
331 0 : GNUNET_free (dh);
332 0 : return NULL;
333 : }
334 0 : eh = TALER_AUDITOR_curl_easy_get_ (dh->url);
335 :
336 0 : if ( (NULL == eh) ||
337 : (CURLE_OK !=
338 0 : curl_easy_setopt (eh,
339 : CURLOPT_CUSTOMREQUEST,
340 0 : "PUT")) ||
341 : (GNUNET_OK !=
342 0 : TALER_curl_easy_post (&dh->ctx,
343 : eh,
344 : deposit_confirmation_obj)) )
345 : {
346 0 : GNUNET_break (0);
347 0 : if (NULL != eh)
348 0 : curl_easy_cleanup (eh);
349 0 : json_decref (deposit_confirmation_obj);
350 0 : GNUNET_free (dh->url);
351 0 : GNUNET_free (dh);
352 0 : return NULL;
353 : }
354 0 : json_decref (deposit_confirmation_obj);
355 0 : GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
356 : "URL for deposit-confirmation: `%s'\n",
357 : dh->url);
358 0 : ctx = TALER_AUDITOR_handle_to_context_ (auditor);
359 0 : dh->job = GNUNET_CURL_job_add2 (ctx,
360 : eh,
361 0 : dh->ctx.headers,
362 : &handle_deposit_confirmation_finished,
363 : dh);
364 : /* Disable 100 continue processing */
365 0 : GNUNET_CURL_extend_headers (dh->job,
366 0 : curl_slist_append (NULL,
367 : "Expect:"));
368 0 : return dh;
369 : }
370 :
371 :
372 : void
373 0 : TALER_AUDITOR_deposit_confirmation_cancel (
374 : struct TALER_AUDITOR_DepositConfirmationHandle *deposit_confirmation)
375 : {
376 0 : if (NULL != deposit_confirmation->job)
377 : {
378 0 : GNUNET_CURL_job_cancel (deposit_confirmation->job);
379 0 : deposit_confirmation->job = NULL;
380 : }
381 0 : GNUNET_free (deposit_confirmation->url);
382 0 : TALER_curl_easy_post_finished (&deposit_confirmation->ctx);
383 0 : GNUNET_free (deposit_confirmation);
384 0 : }
385 :
386 :
387 : /* end of auditor_api_deposit_confirmation.c */
|
