[taler-wallet-core] branch master updated: wallet-core: check master pub

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-wallet-core] branch master updated: wallet-core: check master pub

From:	gnunet
Subject:	[taler-wallet-core] branch master updated: wallet-core: check master public key in /wire response
Date:	Thu, 13 Apr 2023 14:16:08 +0200

This is an automated email from the git hooks/post-receive script.

dold pushed a commit to branch master
in repository wallet-core.

The following commit(s) were added to refs/heads/master by this push:
     new 7944a36e3 wallet-core: check master public key in /wire response
7944a36e3 is described below

commit 7944a36e30182638b35da6e113b29de8b5f16305
Author: Florian Dold <florian@dold.me>
AuthorDate: Thu Apr 13 14:16:06 2023 +0200

    wallet-core: check master public key in /wire response
---
 packages/taler-harness/src/index.ts                | 11 +++++++-
 packages/taler-util/src/taler-types.ts             |  2 ++
 .../taler-wallet-core/src/operations/exchanges.ts  | 30 +++++++++++++++++-----
 3 files changed, 36 insertions(+), 7 deletions(-)

diff --git a/packages/taler-harness/src/index.ts 
b/packages/taler-harness/src/index.ts
index ada573698..b185e151d 100644
--- a/packages/taler-harness/src/index.ts
+++ b/packages/taler-harness/src/index.ts
@@ -24,6 +24,7 @@ import path from "path";
 import {
   addPaytoQueryParams,
   Amounts,
+  codecForExchangeWireJson,
   Configuration,
   decodeCrock,
   j2s,
@@ -47,7 +48,7 @@ import { lintExchangeDeployment } from "./lint.js";
 import { runEnvFull } from "./env-full.js";
 import { clk } from "@gnu-taler/taler-util/clk";
 import { createPlatformHttpLib } from "@gnu-taler/taler-util/http";
-import { BankAccessApiClient } from "@gnu-taler/taler-wallet-core";
+import { BankAccessApiClient, validateWireInfo } from 
"@gnu-taler/taler-wallet-core";
 
 const logger = new Logger("taler-harness:index.ts");
 
@@ -84,6 +85,14 @@ const advancedCli = testingCli.subcommand("advancedArgs", 
"advanced", {
   help: "Subcommands for advanced operations (only use if you know what you're 
doing!).",
 });
 
+advancedCli
+  .subcommand("validateWireResponse", "validate-wire-response")
+  .action((args) => {
+    const wireResp = fs.readFileSync(0, "utf8");
+    const respJson = JSON.parse(wireResp);
+    const wireInfo = codecForExchangeWireJson().decode(respJson);
+  });
+
 advancedCli
   .subcommand("decode", "decode", {
     help: "Decode base32-crockford.",
diff --git a/packages/taler-util/src/taler-types.ts 
b/packages/taler-util/src/taler-types.ts
index 48eb49d22..f9e39e77e 100644
--- a/packages/taler-util/src/taler-types.ts
+++ b/packages/taler-util/src/taler-types.ts
@@ -843,6 +843,7 @@ export interface AccountInfo {
 }
 
 export interface ExchangeWireJson {
+  master_public_key: string;
   accounts: AccountInfo[];
   fees: { [methodName: string]: WireFeesJson[] };
 }
@@ -1432,6 +1433,7 @@ export const codecForExchangeWireJson = (): 
Codec<ExchangeWireJson> =>
   buildCodecForObject<ExchangeWireJson>()
     .property("accounts", codecForList(codecForAccountInfo()))
     .property("fees", codecForMap(codecForList(codecForWireFeesJson())))
+    .property("master_public_key", codecForString())
     .build("ExchangeWireJson");
 
 export const codecForProposal = (): Codec<Proposal> =>
diff --git a/packages/taler-wallet-core/src/operations/exchanges.ts 
b/packages/taler-wallet-core/src/operations/exchanges.ts
index d9051b32f..1fce92caf 100644
--- a/packages/taler-wallet-core/src/operations/exchanges.ts
+++ b/packages/taler-wallet-core/src/operations/exchanges.ts
@@ -63,7 +63,7 @@ import {
   ExchangeRecord,
   WalletStoresV1,
 } from "../db.js";
-import { isWithdrawableDenom } from "../index.js";
+import { isWithdrawableDenom, TalerCryptoInterface } from "../index.js";
 import { InternalWalletState, TrustInfo } from "../internal-wallet-state.js";
 import { checkDbInvariant } from "../util/invariants.js";
 import {
@@ -236,12 +236,25 @@ export async function acceptExchangeTermsOfService(
     });
 }
 
-async function validateWireInfo(
-  ws: InternalWalletState,
-  versionCurrent: number,
-  wireInfo: ExchangeWireJson,
-  masterPublicKey: string,
+export interface ValidateWireInfoArgs {
+  cryptoApi: TalerCryptoInterface;
+
+  /**
+   * Exchange major protocol version.
+   */
+  versionCurrent?: number;
+
+  wireInfo: ExchangeWireJson;
+
+  insecureTrustExchange?: boolean;
+
+  masterPublicKey: string;
+}
+
+export async function validateWireInfo(
+  args: ValidateWireInfoArgs,
 ): Promise<WireInfo> {
+  const { wireInfo, masterPublicKey, insecureTrustExchange } = args;
   for (const a of wireInfo.accounts) {
     logger.trace("validating exchange acct");
     let isValid = false;
@@ -632,6 +645,11 @@ export async function updateExchangeFromUrlHandler(
     throw Error("unexpected invalid version");
   }
 
+  if (wireInfoDownload.master_public_key != keysInfo.masterPublicKey) {
+    // FIXME: introduce error code
+    throw Error("inconsistent master public key between /keys and /wire");
+  }
+
   const wireInfo = await validateWireInfo(
     ws,
     version.current,

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-wallet-core] branch master updated: wallet-core: check master public key in /wire response, gnunet <=

Prev by Date: [taler-wallet-core] branch master updated: -missing import
Next by Date: [taler-wallet-core] branch master updated: Revert "wallet-core: check master public key in /wire response"
Previous by thread: [taler-wallet-core] branch master updated: -missing import
Next by thread: [taler-wallet-core] branch master updated: Revert "wallet-core: check master public key in /wire response"
Index(es):
- Date
- Thread