LCOV - code coverage report
Current view: top level - lib - exchange_api_withdraw2.c (source / functions) Hit Total Coverage
Test: GNU Taler exchange coverage report Lines: 0 169 0.0 %
Date: 2022-08-25 06:15:09 Functions: 0 5 0.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :   This file is part of TALER
       3             :   Copyright (C) 2014-2022 Taler Systems SA
       4             : 
       5             :   TALER is free software; you can redistribute it and/or modify it under the
       6             :   terms of the GNU General Public License as published by the Free Software
       7             :   Foundation; either version 3, or (at your option) any later version.
       8             : 
       9             :   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
      10             :   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
      11             :   A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
      12             : 
      13             :   You should have received a copy of the GNU General Public License along with
      14             :   TALER; see the file COPYING.  If not, see
      15             :   <http://www.gnu.org/licenses/>
      16             : */
      17             : /**
      18             :  * @file lib/exchange_api_withdraw2.c
      19             :  * @brief Implementation of /reserves/$RESERVE_PUB/withdraw requests without blinding/unblinding
      20             :  * @author Christian Grothoff
      21             :  */
      22             : #include "platform.h"
      23             : #include <jansson.h>
      24             : #include <microhttpd.h> /* just for HTTP status codes */
      25             : #include <gnunet/gnunet_util_lib.h>
      26             : #include <gnunet/gnunet_json_lib.h>
      27             : #include <gnunet/gnunet_curl_lib.h>
      28             : #include "taler_exchange_service.h"
      29             : #include "taler_json_lib.h"
      30             : #include "exchange_api_handle.h"
      31             : #include "taler_signatures.h"
      32             : #include "exchange_api_curl_defaults.h"
      33             : 
      34             : 
      35             : /**
      36             :  * @brief A Withdraw Handle
      37             :  */
      38             : struct TALER_EXCHANGE_Withdraw2Handle
      39             : {
      40             : 
      41             :   /**
      42             :    * The connection to exchange this request handle will use
      43             :    */
      44             :   struct TALER_EXCHANGE_Handle *exchange;
      45             : 
      46             :   /**
      47             :    * The url for this request.
      48             :    */
      49             :   char *url;
      50             : 
      51             :   /**
      52             :    * Handle for the request.
      53             :    */
      54             :   struct GNUNET_CURL_Job *job;
      55             : 
      56             :   /**
      57             :    * Function to call with the result.
      58             :    */
      59             :   TALER_EXCHANGE_Withdraw2Callback cb;
      60             : 
      61             :   /**
      62             :    * Closure for @a cb.
      63             :    */
      64             :   void *cb_cls;
      65             : 
      66             :   /**
      67             :    * Context for #TEH_curl_easy_post(). Keeps the data that must
      68             :    * persist for Curl to make the upload.
      69             :    */
      70             :   struct TALER_CURL_PostContext post_ctx;
      71             : 
      72             :   /**
      73             :    * Total amount requested (value plus withdraw fee).
      74             :    */
      75             :   struct TALER_Amount requested_amount;
      76             : 
      77             :   /**
      78             :    * Public key of the reserve we are withdrawing from.
      79             :    */
      80             :   struct TALER_ReservePublicKeyP reserve_pub;
      81             : 
      82             : };
      83             : 
      84             : 
      85             : /**
      86             :  * We got a 200 OK response for the /reserves/$RESERVE_PUB/withdraw operation.
      87             :  * Extract the coin's signature and return it to the caller.  The signature we
      88             :  * get from the exchange is for the blinded value.  Thus, we first must
      89             :  * unblind it and then should verify its validity against our coin's hash.
      90             :  *
      91             :  * If everything checks out, we return the unblinded signature
      92             :  * to the application via the callback.
      93             :  *
      94             :  * @param wh operation handle
      95             :  * @param json reply from the exchange
      96             :  * @return #GNUNET_OK on success, #GNUNET_SYSERR on errors
      97             :  */
      98             : static enum GNUNET_GenericReturnValue
      99           0 : reserve_withdraw_ok (struct TALER_EXCHANGE_Withdraw2Handle *wh,
     100             :                      const json_t *json)
     101             : {
     102             :   struct TALER_BlindedDenominationSignature blind_sig;
     103             :   struct GNUNET_JSON_Specification spec[] = {
     104           0 :     TALER_JSON_spec_blinded_denom_sig ("ev_sig",
     105             :                                        &blind_sig),
     106           0 :     GNUNET_JSON_spec_end ()
     107             :   };
     108           0 :   struct TALER_EXCHANGE_HttpResponse hr = {
     109             :     .reply = json,
     110             :     .http_status = MHD_HTTP_OK
     111             :   };
     112             : 
     113           0 :   if (GNUNET_OK !=
     114           0 :       GNUNET_JSON_parse (json,
     115             :                          spec,
     116             :                          NULL, NULL))
     117             :   {
     118           0 :     GNUNET_break_op (0);
     119           0 :     return GNUNET_SYSERR;
     120             :   }
     121             : 
     122             :   /* signature is valid, return it to the application */
     123           0 :   wh->cb (wh->cb_cls,
     124             :           &hr,
     125             :           &blind_sig);
     126             :   /* make sure callback isn't called again after return */
     127           0 :   wh->cb = NULL;
     128           0 :   GNUNET_JSON_parse_free (spec);
     129           0 :   return GNUNET_OK;
     130             : }
     131             : 
     132             : 
     133             : /**
     134             :  * We got a 409 CONFLICT response for the /reserves/$RESERVE_PUB/withdraw operation.
     135             :  * Check the signatures on the withdraw transactions in the provided
     136             :  * history and that the balances add up.  We don't do anything directly
     137             :  * with the information, as the JSON will be returned to the application.
     138             :  * However, our job is ensuring that the exchange followed the protocol, and
     139             :  * this in particular means checking all of the signatures in the history.
     140             :  *
     141             :  * @param wh operation handle
     142             :  * @param json reply from the exchange
     143             :  * @return #GNUNET_OK on success, #GNUNET_SYSERR on errors
     144             :  */
     145             : static enum GNUNET_GenericReturnValue
     146           0 : reserve_withdraw_payment_required (
     147             :   struct TALER_EXCHANGE_Withdraw2Handle *wh,
     148             :   const json_t *json)
     149             : {
     150             :   struct TALER_Amount balance;
     151             :   struct TALER_Amount total_in_from_history;
     152             :   struct TALER_Amount total_out_from_history;
     153             :   json_t *history;
     154             :   size_t len;
     155             :   struct GNUNET_JSON_Specification spec[] = {
     156           0 :     TALER_JSON_spec_amount_any ("balance",
     157             :                                 &balance),
     158           0 :     GNUNET_JSON_spec_end ()
     159             :   };
     160             : 
     161           0 :   if (GNUNET_OK !=
     162           0 :       GNUNET_JSON_parse (json,
     163             :                          spec,
     164             :                          NULL, NULL))
     165             :   {
     166           0 :     GNUNET_break_op (0);
     167           0 :     return GNUNET_SYSERR;
     168             :   }
     169           0 :   history = json_object_get (json,
     170             :                              "history");
     171           0 :   if (NULL == history)
     172             :   {
     173           0 :     GNUNET_break_op (0);
     174           0 :     return GNUNET_SYSERR;
     175             :   }
     176             : 
     177             :   /* go over transaction history and compute
     178             :      total incoming and outgoing amounts */
     179           0 :   len = json_array_size (history);
     180             :   {
     181             :     struct TALER_EXCHANGE_ReserveHistoryEntry *rhistory;
     182             : 
     183             :     /* Use heap allocation as "len" may be very big and thus this may
     184             :        not fit on the stack. Use "GNUNET_malloc_large" as a malicious
     185             :        exchange may theoretically try to crash us by giving a history
     186             :        that does not fit into our memory. */
     187           0 :     rhistory = GNUNET_malloc_large (
     188             :       sizeof (struct TALER_EXCHANGE_ReserveHistoryEntry)
     189             :       * len);
     190           0 :     if (NULL == rhistory)
     191             :     {
     192           0 :       GNUNET_break (0);
     193           0 :       return GNUNET_SYSERR;
     194             :     }
     195             : 
     196           0 :     if (GNUNET_OK !=
     197           0 :         TALER_EXCHANGE_parse_reserve_history (wh->exchange,
     198             :                                               history,
     199           0 :                                               &wh->reserve_pub,
     200             :                                               balance.currency,
     201             :                                               &total_in_from_history,
     202             :                                               &total_out_from_history,
     203             :                                               len,
     204             :                                               rhistory))
     205             :     {
     206           0 :       GNUNET_break_op (0);
     207           0 :       TALER_EXCHANGE_free_reserve_history (rhistory,
     208             :                                            len);
     209           0 :       return GNUNET_SYSERR;
     210             :     }
     211           0 :     TALER_EXCHANGE_free_reserve_history (rhistory,
     212             :                                          len);
     213             :   }
     214             : 
     215             :   /* Check that funds were really insufficient */
     216           0 :   if (0 >= TALER_amount_cmp (&wh->requested_amount,
     217             :                              &balance))
     218             :   {
     219             :     /* Requested amount is smaller or equal to reported balance,
     220             :        so this should not have failed. */
     221           0 :     GNUNET_break_op (0);
     222           0 :     return GNUNET_SYSERR;
     223             :   }
     224           0 :   return GNUNET_OK;
     225             : }
     226             : 
     227             : 
     228             : /**
     229             :  * Function called when we're done processing the
     230             :  * HTTP /reserves/$RESERVE_PUB/withdraw request.
     231             :  *
     232             :  * @param cls the `struct TALER_EXCHANGE_WithdrawHandle`
     233             :  * @param response_code HTTP response code, 0 on error
     234             :  * @param response parsed JSON result, NULL on error
     235             :  */
     236             : static void
     237           0 : handle_reserve_withdraw_finished (void *cls,
     238             :                                   long response_code,
     239             :                                   const void *response)
     240             : {
     241           0 :   struct TALER_EXCHANGE_Withdraw2Handle *wh = cls;
     242           0 :   const json_t *j = response;
     243           0 :   struct TALER_EXCHANGE_HttpResponse hr = {
     244             :     .reply = j,
     245           0 :     .http_status = (unsigned int) response_code
     246             :   };
     247             : 
     248           0 :   wh->job = NULL;
     249           0 :   switch (response_code)
     250             :   {
     251           0 :   case 0:
     252           0 :     hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE;
     253           0 :     break;
     254           0 :   case MHD_HTTP_OK:
     255           0 :     if (GNUNET_OK !=
     256           0 :         reserve_withdraw_ok (wh,
     257             :                              j))
     258             :     {
     259           0 :       GNUNET_break_op (0);
     260           0 :       hr.http_status = 0;
     261           0 :       hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED;
     262           0 :       break;
     263             :     }
     264           0 :     GNUNET_assert (NULL == wh->cb);
     265           0 :     TALER_EXCHANGE_withdraw2_cancel (wh);
     266           0 :     return;
     267           0 :   case MHD_HTTP_BAD_REQUEST:
     268             :     /* This should never happen, either us or the exchange is buggy
     269             :        (or API version conflict); just pass JSON reply to the application */
     270           0 :     hr.ec = TALER_JSON_get_error_code (j);
     271           0 :     hr.hint = TALER_JSON_get_error_hint (j);
     272           0 :     break;
     273           0 :   case MHD_HTTP_FORBIDDEN:
     274           0 :     GNUNET_break_op (0);
     275             :     /* Nothing really to verify, exchange says one of the signatures is
     276             :        invalid; as we checked them, this should never happen, we
     277             :        should pass the JSON reply to the application */
     278           0 :     hr.ec = TALER_JSON_get_error_code (j);
     279           0 :     hr.hint = TALER_JSON_get_error_hint (j);
     280           0 :     break;
     281           0 :   case MHD_HTTP_NOT_FOUND:
     282             :     /* Nothing really to verify, the exchange basically just says
     283             :        that it doesn't know this reserve.  Can happen if we
     284             :        query before the wire transfer went through.
     285             :        We should simply pass the JSON reply to the application. */
     286           0 :     hr.ec = TALER_JSON_get_error_code (j);
     287           0 :     hr.hint = TALER_JSON_get_error_hint (j);
     288           0 :     break;
     289           0 :   case MHD_HTTP_CONFLICT:
     290             :     /* The exchange says that the reserve has insufficient funds;
     291             :        check the signatures in the history... */
     292           0 :     if (GNUNET_OK !=
     293           0 :         reserve_withdraw_payment_required (wh,
     294             :                                            j))
     295             :     {
     296           0 :       GNUNET_break_op (0);
     297           0 :       hr.http_status = 0;
     298           0 :       hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED;
     299             :     }
     300             :     else
     301             :     {
     302           0 :       hr.ec = TALER_JSON_get_error_code (j);
     303           0 :       hr.hint = TALER_JSON_get_error_hint (j);
     304             :     }
     305           0 :     break;
     306           0 :   case MHD_HTTP_GONE:
     307             :     /* could happen if denomination was revoked */
     308             :     /* Note: one might want to check /keys for revocation
     309             :        signature here, alas tricky in case our /keys
     310             :        is outdated => left to clients */
     311           0 :     hr.ec = TALER_JSON_get_error_code (j);
     312           0 :     hr.hint = TALER_JSON_get_error_hint (j);
     313           0 :     break;
     314           0 :   case MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS:
     315             :     /* only validate reply is well-formed */
     316             :     {
     317             :       uint64_t ptu;
     318             :       struct GNUNET_JSON_Specification spec[] = {
     319           0 :         GNUNET_JSON_spec_uint64 ("requirement_row",
     320             :                                  &ptu),
     321           0 :         GNUNET_JSON_spec_end ()
     322             :       };
     323             : 
     324           0 :       if (GNUNET_OK !=
     325           0 :           GNUNET_JSON_parse (j,
     326             :                              spec,
     327             :                              NULL, NULL))
     328             :       {
     329           0 :         GNUNET_break_op (0);
     330           0 :         hr.http_status = 0;
     331           0 :         hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED;
     332           0 :         break;
     333             :       }
     334             :     }
     335           0 :     break;
     336           0 :   case MHD_HTTP_INTERNAL_SERVER_ERROR:
     337             :     /* Server had an internal issue; we should retry, but this API
     338             :        leaves this to the application */
     339           0 :     hr.ec = TALER_JSON_get_error_code (j);
     340           0 :     hr.hint = TALER_JSON_get_error_hint (j);
     341           0 :     break;
     342           0 :   default:
     343             :     /* unexpected response code */
     344           0 :     GNUNET_break_op (0);
     345           0 :     hr.ec = TALER_JSON_get_error_code (j);
     346           0 :     hr.hint = TALER_JSON_get_error_hint (j);
     347           0 :     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
     348             :                 "Unexpected response code %u/%d for exchange withdraw\n",
     349             :                 (unsigned int) response_code,
     350             :                 (int) hr.ec);
     351           0 :     break;
     352             :   }
     353           0 :   if (NULL != wh->cb)
     354             :   {
     355           0 :     wh->cb (wh->cb_cls,
     356             :             &hr,
     357             :             NULL);
     358           0 :     wh->cb = NULL;
     359             :   }
     360           0 :   TALER_EXCHANGE_withdraw2_cancel (wh);
     361             : }
     362             : 
     363             : 
     364             : struct TALER_EXCHANGE_Withdraw2Handle *
     365           0 : TALER_EXCHANGE_withdraw2 (
     366             :   struct TALER_EXCHANGE_Handle *exchange,
     367             :   const struct TALER_PlanchetDetail *pd,
     368             :   const struct TALER_ReservePrivateKeyP *reserve_priv,
     369             :   TALER_EXCHANGE_Withdraw2Callback res_cb,
     370             :   void *res_cb_cls)
     371             : {
     372             :   struct TALER_EXCHANGE_Withdraw2Handle *wh;
     373             :   const struct TALER_EXCHANGE_Keys *keys;
     374             :   const struct TALER_EXCHANGE_DenomPublicKey *dk;
     375             :   struct TALER_ReserveSignatureP reserve_sig;
     376             :   char arg_str[sizeof (struct TALER_ReservePublicKeyP) * 2 + 32];
     377             :   struct TALER_BlindedCoinHashP bch;
     378             : 
     379           0 :   keys = TALER_EXCHANGE_get_keys (exchange);
     380           0 :   if (NULL == keys)
     381             :   {
     382           0 :     GNUNET_break (0);
     383           0 :     return NULL;
     384             :   }
     385           0 :   dk = TALER_EXCHANGE_get_denomination_key_by_hash (keys,
     386             :                                                     &pd->denom_pub_hash);
     387           0 :   if (NULL == dk)
     388             :   {
     389           0 :     GNUNET_break (0);
     390           0 :     return NULL;
     391             :   }
     392           0 :   wh = GNUNET_new (struct TALER_EXCHANGE_Withdraw2Handle);
     393           0 :   wh->exchange = exchange;
     394           0 :   wh->cb = res_cb;
     395           0 :   wh->cb_cls = res_cb_cls;
     396             :   /* Compute how much we expected to charge to the reserve */
     397           0 :   if (0 >
     398           0 :       TALER_amount_add (&wh->requested_amount,
     399             :                         &dk->value,
     400             :                         &dk->fees.withdraw))
     401             :   {
     402             :     /* Overflow here? Very strange, our CPU must be fried... */
     403           0 :     GNUNET_break (0);
     404           0 :     GNUNET_free (wh);
     405           0 :     return NULL;
     406             :   }
     407             : 
     408           0 :   GNUNET_CRYPTO_eddsa_key_get_public (&reserve_priv->eddsa_priv,
     409             :                                       &wh->reserve_pub.eddsa_pub);
     410             : 
     411             :   {
     412             :     char pub_str[sizeof (struct TALER_ReservePublicKeyP) * 2];
     413             :     char *end;
     414             : 
     415           0 :     end = GNUNET_STRINGS_data_to_string (
     416           0 :       &wh->reserve_pub,
     417             :       sizeof (struct TALER_ReservePublicKeyP),
     418             :       pub_str,
     419             :       sizeof (pub_str));
     420           0 :     *end = '\0';
     421           0 :     GNUNET_snprintf (arg_str,
     422             :                      sizeof (arg_str),
     423             :                      "/reserves/%s/withdraw",
     424             :                      pub_str);
     425             :   }
     426             : 
     427           0 :   if (GNUNET_OK !=
     428           0 :       TALER_coin_ev_hash (&pd->blinded_planchet,
     429             :                           &pd->denom_pub_hash,
     430             :                           &bch))
     431             :   {
     432           0 :     GNUNET_break (0);
     433           0 :     GNUNET_free (wh);
     434           0 :     return NULL;
     435             :   }
     436             : 
     437           0 :   TALER_wallet_withdraw_sign (&pd->denom_pub_hash,
     438           0 :                               &wh->requested_amount,
     439             :                               &bch,
     440             :                               reserve_priv,
     441             :                               &reserve_sig);
     442             :   {
     443           0 :     json_t *withdraw_obj = GNUNET_JSON_PACK (
     444             :       GNUNET_JSON_pack_data_auto ("denom_pub_hash",
     445             :                                   &pd->denom_pub_hash),
     446             :       TALER_JSON_pack_blinded_planchet ("coin_ev",
     447             :                                         &pd->blinded_planchet),
     448             :       GNUNET_JSON_pack_data_auto ("reserve_sig",
     449             :                                   &reserve_sig));
     450           0 :     GNUNET_log (GNUNET_ERROR_TYPE_INFO,
     451             :                 "Attempting to withdraw from reserve %s\n",
     452             :                 TALER_B2S (&wh->reserve_pub));
     453           0 :     wh->url = TEAH_path_to_url (exchange,
     454             :                                 arg_str);
     455           0 :     if (NULL == wh->url)
     456             :     {
     457           0 :       json_decref (withdraw_obj);
     458           0 :       GNUNET_free (wh);
     459           0 :       return NULL;
     460             :     }
     461             :     {
     462             :       CURL *eh;
     463             :       struct GNUNET_CURL_Context *ctx;
     464             : 
     465           0 :       ctx = TEAH_handle_to_context (exchange);
     466           0 :       eh = TALER_EXCHANGE_curl_easy_get_ (wh->url);
     467           0 :       if ( (NULL == eh) ||
     468             :            (GNUNET_OK !=
     469           0 :             TALER_curl_easy_post (&wh->post_ctx,
     470             :                                   eh,
     471             :                                   withdraw_obj)) )
     472             :       {
     473           0 :         GNUNET_break (0);
     474           0 :         if (NULL != eh)
     475           0 :           curl_easy_cleanup (eh);
     476           0 :         json_decref (withdraw_obj);
     477           0 :         GNUNET_free (wh->url);
     478           0 :         GNUNET_free (wh);
     479           0 :         return NULL;
     480             :       }
     481           0 :       json_decref (withdraw_obj);
     482           0 :       wh->job = GNUNET_CURL_job_add2 (ctx,
     483             :                                       eh,
     484           0 :                                       wh->post_ctx.headers,
     485             :                                       &handle_reserve_withdraw_finished,
     486             :                                       wh);
     487             :     }
     488             :   }
     489           0 :   return wh;
     490             : }
     491             : 
     492             : 
     493             : void
     494           0 : TALER_EXCHANGE_withdraw2_cancel (struct TALER_EXCHANGE_Withdraw2Handle *wh)
     495             : {
     496           0 :   if (NULL != wh->job)
     497             :   {
     498           0 :     GNUNET_CURL_job_cancel (wh->job);
     499           0 :     wh->job = NULL;
     500             :   }
     501           0 :   GNUNET_free (wh->url);
     502           0 :   TALER_curl_easy_post_finished (&wh->post_ctx);
     503           0 :   GNUNET_free (wh);
     504           0 : }

Generated by: LCOV version 1.14