[libeufin] branch master updated: Silent key checker when enc is invalid.

[gnunet]

This is an automated email from the git hooks/post-receive script.

marcello pushed a commit to branch master
in repository libeufin.

The following commit(s) were added to refs/heads/master by this push:
     new 4c196b7  Silent key checker when enc is invalid.
4c196b7 is described below

commit 4c196b7c81db58b379c04071ecf48625e53e439a
Author: Marcello Stanisci <address@hidden>
AuthorDate: Tue Mar 31 15:32:12 2020 +0200

    Silent key checker when enc is invalid.
---
 cli/python/libeufin-cli                           | 19 ++++++++++++++++
 nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt | 27 +++++++++++++----------
 util/src/main/kotlin/CryptoUtil.kt                |  8 ++++++-
 util/src/test/kotlin/CryptoUtilTest.kt            |  4 ++--
 4 files changed, 43 insertions(+), 15 deletions(-)

diff --git a/cli/python/libeufin-cli b/cli/python/libeufin-cli
index 946ebd2..b891715 100755
--- a/cli/python/libeufin-cli
+++ b/cli/python/libeufin-cli
@@ -95,6 +95,11 @@ def add_subscriber(obj, user_id, partner_id, host_id, name, 
bank_base_url):
 def ebics(ctx):
     pass
 
+@cli.group()
+@click.pass_context
+def taler(ctx):
+    pass
+
 @cli.group()
 def native():
     pass
@@ -422,6 +427,20 @@ def crz(obj, account_id, date_range, nexus_base_url):
     resp = post(url, json=req)
     print(resp.content.decode("utf-8"))
 
+@taler.command(help="Separate payments with Taler-subject from the rest")
+@click.pass_obj
+@click.option(
+    "--account-id",
+    help="Numerical ID of the customer at the Nexus",
+    required=True
+)
+@click.argument(
+  "nexus-base-url"
+)
+def digest_transactions(obj, account_id, nexus_base_url):
+    url = urljoin(nexus_base_url, 
"/ebics/subscribers/{}/digest-incoming-transactions".format(account_id))
+    resp = post(url, json=dict())
+    print(resp.content.decode("utf-8"))
 
 @ebics.command(help="Show raw transactions from the Nexus database")
 @click.pass_obj
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt 
b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
index 3c6e179..7f3dae0 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
@@ -643,7 +643,6 @@ fun main() {
 
                 return@get
             }
-
             /**
              * VERY taler-related behaviour, where the Nexus differentiates 
good
              * incoming transactions (those with a valid subject, i.e. a 
public key),
@@ -653,19 +652,23 @@ fun main() {
                 val id = expectId(call.parameters["id"])
                 // first find highest ID value of already processed rows.
                 transaction {
+                    // avoid re-processing raw payments
                     val latest = 
TalerIncomingPaymentEntry.all().sortedByDescending {
                         it.payment.id
-                    }.firstOrNull() ?: throw NexusError(
-                        HttpStatusCode.NotFound, "No payments to process"
-                    )
-                    EbicsRawBankTransactionEntry.find {
-                        EbicsRawBankTransactionsTable.id.greater(latest.id) and
-                                (EbicsRawBankTransactionsTable.nexusSubscriber 
eq id)
-                    }.forEach {
-                        if (CryptoUtil.checkValidEddsaPublicKey(
-                                
Base32Crockford.decode(it.unstructuredRemittanceInformation)
-                            )
-                        ) {
+                    }.firstOrNull()
+
+                    val payments = if (latest == null) {
+                        EbicsRawBankTransactionEntry.find {
+                            EbicsRawBankTransactionsTable.nexusSubscriber eq id
+                        }
+                    } else {
+                        EbicsRawBankTransactionEntry.find {
+                            
EbicsRawBankTransactionsTable.id.greater(latest.id) and
+                                    
(EbicsRawBankTransactionsTable.nexusSubscriber eq id)
+                        }
+                    }
+                    payments.forEach {
+                        if 
(CryptoUtil.checkValidEddsaPublicKey(it.unstructuredRemittanceInformation)) {
                             TalerIncomingPaymentEntry.new {
                                 payment = it
                                 valid = true
diff --git a/util/src/main/kotlin/CryptoUtil.kt 
b/util/src/main/kotlin/CryptoUtil.kt
index 3e98971..413ce4a 100644
--- a/util/src/main/kotlin/CryptoUtil.kt
+++ b/util/src/main/kotlin/CryptoUtil.kt
@@ -19,6 +19,7 @@
 
 package tech.libeufin.util
 
+import net.taler.wallet.crypto.Base32Crockford
 import org.bouncycastle.jce.provider.BouncyCastleProvider
 import org.slf4j.Logger
 import org.slf4j.LoggerFactory
@@ -285,7 +286,12 @@ object CryptoUtil {
         return bundle.encoded
     }
 
-    fun checkValidEddsaPublicKey(data: ByteArray): Boolean {
+    fun checkValidEddsaPublicKey(enc: String): Boolean {
+        val data = try {
+            Base32Crockford.decode(enc)
+        } catch (e: Exception) {
+            return false
+        }
         if (data.size != 32) {
             return false
         }
diff --git a/util/src/test/kotlin/CryptoUtilTest.kt 
b/util/src/test/kotlin/CryptoUtilTest.kt
index bdd8d7e..705f443 100644
--- a/util/src/test/kotlin/CryptoUtilTest.kt
+++ b/util/src/test/kotlin/CryptoUtilTest.kt
@@ -150,8 +150,8 @@ class CryptoUtilTest {
         val givenEnc = "XZH3P6NF9DSG3BH0C082X38N2RVK1RV2H24KF76028QBKDM24BCG"
         val non32bytes = "N2RVK1RV2H24KF76028QBKDM24BCG"
 
-        
assertTrue(CryptoUtil.checkValidEddsaPublicKey(Base32Crockford.decode(givenEnc)))
-        
assertFalse(CryptoUtil.checkValidEddsaPublicKey(Base32Crockford.decode(non32bytes)))
+        assertTrue(CryptoUtil.checkValidEddsaPublicKey(givenEnc))
+        assertFalse(CryptoUtil.checkValidEddsaPublicKey(non32bytes))
     }
 
     @Test

-- 
To stop receiving notification emails like this one, please contact
address@hidden.