You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by cm...@apache.org on 2019/08/30 07:44:52 UTC

[incubator-milagro-dta] 01/01: Add order/secret request validation

This is an automated email from the ASF dual-hosted git repository.

cmorris pushed a commit to branch beneficary-dupbug
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-dta.git

commit df9838bc54c471140d8a371415e1ded76ae31c22
Author: Christopher Morris <ch...@morris.net>
AuthorDate: Fri Aug 30 08:44:30 2019 +0100

    Add order/secret request validation
---
 pkg/bitcoinplugin/service.go   | 25 +++++++++++++++++++++----
 pkg/defaultservice/order.go    | 11 +++++++++++
 pkg/defaultservice/plugable.go |  1 +
 3 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/pkg/bitcoinplugin/service.go b/pkg/bitcoinplugin/service.go
index 0b9a5c1..f087855 100644
--- a/pkg/bitcoinplugin/service.go
+++ b/pkg/bitcoinplugin/service.go
@@ -66,6 +66,27 @@ func (s *Service) ValidateOrderRequest(req *api.OrderRequest) error {
 	return nil
 }
 
+//ValidateOrderSecretRequest - checks incoming OrderSecret fields for Error, comparing to the Original Order
+func (s *Service) ValidateOrderSecretRequest(req *api.OrderSecretRequest, order documents.OrderDoc) error {
+	//These are deliberately overly long winded, but it makes the case I'm trapping more obvious to the reader
+
+	//There is no beneficiary supplided in either the Deposit or Redemption
+	if order.BeneficiaryCID == "" && req.BeneficiaryIDDocumentCID == "" {
+		return errors.New("Beneficiary must be supplied")
+	}
+
+	//A beneficiary is specified in both, but they aren't the same
+	if order.BeneficiaryCID != "" && req.BeneficiaryIDDocumentCID != "" && order.BeneficiaryCID != req.BeneficiaryIDDocumentCID {
+		return errors.New("Beneficiaries in order & order/secret don't match")
+	}
+
+	//order & order/secret beneficiary are the same order/secret is not required - discard
+	if order.BeneficiaryCID != "" && req.BeneficiaryIDDocumentCID != "" && order.BeneficiaryCID == req.BeneficiaryIDDocumentCID {
+		req.BeneficiaryIDDocumentCID = ""
+	}
+	return nil
+}
+
 // PrepareOrderPart1 adds the coin type to the order
 func (s *Service) PrepareOrderPart1(order *documents.OrderDoc, reqExtension map[string]string) (fulfillExtension map[string]string, err error) {
 	coin, err := strconv.ParseInt(reqExtension["coin"], 10, 64)
@@ -87,10 +108,6 @@ func (s *Service) PrepareOrderResponse(orderPart2 *documents.OrderDoc, reqExtens
 
 // ProduceBeneficiaryEncryptedData -
 func (s *Service) ProduceBeneficiaryEncryptedData(blsSK []byte, order *documents.OrderDoc, req *api.OrderSecretRequest) (encrypted []byte, extension map[string]string, err error) {
-	//There is no beneficiary supplided in either the Deposit or Redemption
-	if order.BeneficiaryCID == "" && req.BeneficiaryIDDocumentCID == "" {
-		return nil, nil, errors.New("Beneficiary must be supplied")
-	}
 
 	enc, err := adhocEncryptedEnvelopeEncode(s, s.NodeID(), req.BeneficiaryIDDocumentCID, *order, blsSK)
 	return enc, nil, err
diff --git a/pkg/defaultservice/order.go b/pkg/defaultservice/order.go
index 00e98f3..97a28c7 100644
--- a/pkg/defaultservice/order.go
+++ b/pkg/defaultservice/order.go
@@ -92,6 +92,11 @@ func (s *Service) ValidateOrderRequest(req *api.OrderRequest) error {
 	return nil
 }
 
+//ValidateOrderSecretRequest - Validate fields in the Order Secret
+func (s *Service) ValidateOrderSecretRequest(req *api.OrderRequest) error {
+	return nil
+}
+
 // PrepareOrderPart1 is called before the order is send
 func (s *Service) PrepareOrderPart1(order *documents.OrderDoc, reqExtension map[string]string) (fulfillExtension map[string]string, err error) {
 	return nil, nil
@@ -214,6 +219,12 @@ func (s *Service) OrderSecret(req *api.OrderSecretRequest) (*api.OrderSecretResp
 		return nil, errors.Wrap(err, "Fail to retrieve Order from IPFS")
 	}
 
+	if err := s.Plugin.ValidateOrderSecretRequest(req, *order); err != nil {
+		return nil, err
+	}
+
+	//Create a piece of data that is destined for the beneficiary, passed via the Master Fiduciary
+
 	beneficiaryEncryptedData, extension, err := s.Plugin.ProduceBeneficiaryEncryptedData(blsSK, order, req)
 	if err != nil {
 		return nil, err
diff --git a/pkg/defaultservice/plugable.go b/pkg/defaultservice/plugable.go
index b4f4bbf..65014f1 100644
--- a/pkg/defaultservice/plugable.go
+++ b/pkg/defaultservice/plugable.go
@@ -30,6 +30,7 @@ type Plugable interface {
 
 	// order
 	ValidateOrderRequest(req *api.OrderRequest) error
+	ValidateOrderSecretRequest(req *api.OrderSecretRequest, order documents.OrderDoc) error
 	PrepareOrderPart1(order *documents.OrderDoc, reqExtension map[string]string) (fulfillExtension map[string]string, err error)
 	PrepareOrderResponse(orderPart2 *documents.OrderDoc, reqExtension, fulfillExtension map[string]string) (commitment string, extension map[string]string, err error)
 	ProduceBeneficiaryEncryptedData(blsSK []byte, order *documents.OrderDoc, req *api.OrderSecretRequest) (encrypted []byte, extension map[string]string, err error)