diff options
| author | Christian Grothoff <christian@grothoff.org> | 2020-03-01 13:31:46 +0100 | 
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2020-03-01 13:31:46 +0100 | 
| commit | 1eb292fe1fa6e00df8758fc1c2e5ac93f341dc4e (patch) | |
| tree | f50a78d26e7fd9a0241382ef4fcec4fe9baadbba /src/json | |
| parent | 2906aeb45939efa0fb5b4ab85878eb2e86418933 (diff) | |
check well-formedness of URI when signing, check return value of function for error
Diffstat (limited to 'src/json')
| -rw-r--r-- | src/json/json_wire.c | 14 | 
1 files changed, 12 insertions, 2 deletions
| diff --git a/src/json/json_wire.c b/src/json/json_wire.c index 4fc4cfea..b0bb6750 100644 --- a/src/json/json_wire.c +++ b/src/json/json_wire.c @@ -392,7 +392,8 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,  /** - * Check the signature in @a wire_s. + * Check the signature in @a wire_s.  Also performs rudimentary + * checks on the account data *if* supported.   *   * @param wire_s signed wire information of an exchange   * @param master_pub master public key of the exchange @@ -420,6 +421,7 @@ TALER_JSON_exchange_wire_signature_check (const json_t *wire_s,      return GNUNET_SYSERR;    } +  /* Note: this check does nothing if this is not an IBAN */    if (GNUNET_SYSERR == validate_payto_iban (payto_uri))    {      GNUNET_break_op (0); @@ -436,7 +438,8 @@ TALER_JSON_exchange_wire_signature_check (const json_t *wire_s,   * Create a signed wire statement for the given account.   *   * @param payto_uri account specification - * @param master_priv private key to sign with, NULL to not sign + * @param master_priv private key to sign with + * @return NULL if @a payto_uri is malformed   */  json_t *  TALER_JSON_exchange_wire_signature_make (const char *payto_uri, @@ -445,6 +448,13 @@ TALER_JSON_exchange_wire_signature_make (const char *payto_uri,  {    struct TALER_MasterSignatureP master_sig; +  /* Note: this check does nothing if this is not an IBAN */ +  if (GNUNET_SYSERR == validate_payto_iban (payto_uri)) +  { +    GNUNET_break_op (0); +    return NULL; +  } +    TALER_exchange_wire_signature_make (payto_uri,                                        master_priv,                                        &master_sig); | 
