[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-wallet-core] branch master updated: validate wire fees and acct i
From: |
gnunet |
Subject: |
[taler-wallet-core] branch master updated: validate wire fees and acct info |
Date: |
Thu, 05 Dec 2019 23:07:54 +0100 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository wallet-core.
The following commit(s) were added to refs/heads/master by this push:
new 7b54439f validate wire fees and acct info
7b54439f is described below
commit 7b54439fd62bd2a5e15b3068a8fbaffeb0a57468
Author: Florian Dold <address@hidden>
AuthorDate: Thu Dec 5 23:07:46 2019 +0100
validate wire fees and acct info
---
src/crypto/workers/cryptoApi.ts | 4 +++
src/crypto/workers/cryptoImplementation.ts | 26 +++++++++++++++++---
src/wallet-impl/exchanges.ts | 39 +++++++++++++++++++++++++-----
3 files changed, 59 insertions(+), 10 deletions(-)
diff --git a/src/crypto/workers/cryptoApi.ts b/src/crypto/workers/cryptoApi.ts
index 5537bb39..aa1ff2c4 100644
--- a/src/crypto/workers/cryptoApi.ts
+++ b/src/crypto/workers/cryptoApi.ts
@@ -409,6 +409,10 @@ export class CryptoApi {
return this.doRpc<boolean>("rsaVerify", 4, hm, sig, pk);
}
+ isValidWireAccount(paytoUri: string, sig: string, masterPub: string):
Promise<boolean> {
+ return this.doRpc<boolean>("isValidWireAccount", 4, paytoUri, sig,
masterPub);
+ }
+
createPaybackRequest(coin: CoinRecord): Promise<PaybackRequest> {
return this.doRpc<PaybackRequest>("createPaybackRequest", 1, coin);
}
diff --git a/src/crypto/workers/cryptoImplementation.ts
b/src/crypto/workers/cryptoImplementation.ts
index 00d81ce2..fa5a30d6 100644
--- a/src/crypto/workers/cryptoImplementation.ts
+++ b/src/crypto/workers/cryptoImplementation.ts
@@ -68,15 +68,17 @@ import {
rsaVerify,
} from "../talerCrypto";
import { randomBytes } from "../primitives/nacl-fast";
+import { kdf } from "../primitives/kdf";
enum SignaturePurpose {
RESERVE_WITHDRAW = 1200,
WALLET_COIN_DEPOSIT = 1201,
MASTER_DENOMINATION_KEY_VALIDITY = 1025,
+ MASTER_WIRE_FEES = 1028,
+ MASTER_WIRE_DETAILS = 1030,
WALLET_COIN_MELT = 1202,
TEST = 4242,
MERCHANT_PAYMENT_OK = 1104,
- MASTER_WIRE_FEES = 1028,
WALLET_COIN_PAYBACK = 1203,
WALLET_COIN_LINK = 1204,
}
@@ -157,9 +159,7 @@ export class CryptoImplementation {
* Create a pre-coin of the given denomination to be withdrawn from then
given
* reserve.
*/
- createPlanchet(
- req: PlanchetCreationRequest,
- ): PlanchetCreationResult {
+ createPlanchet(req: PlanchetCreationRequest): PlanchetCreationResult {
const reservePub = decodeCrock(req.reservePub);
const reservePriv = decodeCrock(req.reservePriv);
const denomPub = decodeCrock(req.denomPub);
@@ -264,6 +264,7 @@ export class CryptoImplementation {
.put(timestampToBuffer(wf.startStamp))
.put(timestampToBuffer(wf.endStamp))
.put(amountToBuffer(wf.wireFee))
+ .put(amountToBuffer(wf.closingFee))
.build();
const sig = decodeCrock(wf.sig);
const pub = decodeCrock(masterPub);
@@ -292,6 +293,23 @@ export class CryptoImplementation {
return eddsaVerify(p, sig, pub);
}
+ isValidWireAccount(
+ paytoUri: string,
+ sig: string,
+ masterPub: string,
+ ): boolean {
+ const h = kdf(
+ 64,
+ stringToBytes("exchange-wire-signature"),
+ stringToBytes(paytoUri + "\0"),
+ new Uint8Array(0),
+ );
+ const p = buildSigPS(SignaturePurpose.MASTER_WIRE_DETAILS)
+ .put(h)
+ .build();
+ return eddsaVerify(p, decodeCrock(sig), decodeCrock(masterPub));
+ }
+
/**
* Create a new EdDSA key pair.
*/
diff --git a/src/wallet-impl/exchanges.ts b/src/wallet-impl/exchanges.ts
index b89f3f84..b6a2f1c8 100644
--- a/src/wallet-impl/exchanges.ts
+++ b/src/wallet-impl/exchanges.ts
@@ -15,10 +15,13 @@
*/
import { InternalWalletState } from "./state";
+import { WALLET_CACHE_BREAKER_CLIENT_VERSION } from "../wallet";
import {
- WALLET_CACHE_BREAKER_CLIENT_VERSION,
-} from "../wallet";
-import { KeysJson, Denomination, ExchangeWireJson } from "../talerTypes";
+ KeysJson,
+ Denomination,
+ ExchangeWireJson,
+ WireFeesJson,
+} from "../talerTypes";
import { getTimestampNow, OperationError } from "../walletTypes";
import {
ExchangeRecord,
@@ -229,8 +232,12 @@ async function updateExchangeWithWireInfo(
if (exchange.updateStatus != ExchangeUpdateStatus.FETCH_WIRE) {
return;
}
+ const details = exchange.details;
+ if (!details) {
+ throw Error("invalid exchange state");
+ }
const reqUrl = new URL("wire", exchangeBaseUrl);
- reqUrl.searchParams.set("cacheBreaker", WALLET_CACHE_BREAKER_CLIENT_VERSION)
+ reqUrl.searchParams.set("cacheBreaker", WALLET_CACHE_BREAKER_CLIENT_VERSION);
const resp = await ws.http.get(reqUrl.href);
@@ -239,6 +246,17 @@ async function updateExchangeWithWireInfo(
throw Error("/wire response malformed");
}
const wireInfo = ExchangeWireJson.checked(wiJson);
+ for (const a of wireInfo.accounts) {
+ console.log("validating exchange acct");
+ const isValid = await ws.cryptoApi.isValidWireAccount(
+ a.url,
+ a.master_sig,
+ details.masterPublicKey,
+ );
+ if (!isValid) {
+ throw Error("exchange acct signature invalid");
+ }
+ }
const feesForType: { [wireMethod: string]: WireFee[] } = {};
for (const wireMethod of Object.keys(wireInfo.fees)) {
const feeList: WireFee[] = [];
@@ -251,13 +269,22 @@ async function updateExchangeWithWireInfo(
if (!endStamp) {
throw Error("wrong date format");
}
- feeList.push({
+ const fee: WireFee = {
closingFee: Amounts.parseOrThrow(x.closing_fee),
endStamp,
sig: x.sig,
startStamp,
wireFee: Amounts.parseOrThrow(x.wire_fee),
- });
+ };
+ const isValid = await ws.cryptoApi.isValidWireFee(
+ wireMethod,
+ fee,
+ details.masterPublicKey,
+ );
+ if (!isValid) {
+ throw Error("exchange wire fee signature invalid");
+ }
+ feeList.push(fee);
}
feesForType[wireMethod] = feeList;
}
--
To stop receiving notification emails like this one, please contact
address@hidden.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-wallet-core] branch master updated: validate wire fees and acct info,
gnunet <=