From e226e5c350a84ff2a04ed183e5bde4fae6d11489 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Sat, 18 Apr 2015 13:08:19 +0200
Subject: implementing TALER_refresh_link_encrypted_encode, and adding test

---
 src/util/crypto.c | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

(limited to 'src/util/crypto.c')

diff --git a/src/util/crypto.c b/src/util/crypto.c
index 14c14ebc..a0078370 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -292,6 +292,11 @@ TALER_refresh_link_encrypted_decode (const char *buf,
 
   if (buf_len < sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))
     return NULL;
+  if (buf_len >= GNUNET_MAX_MALLOC_CHECKED)
+  {
+    GNUNET_break (0);
+    return NULL;
+  }
   rle = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) +
                        buf_len - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
   rle->blinding_key_enc = (const char *) &rle[1];
@@ -303,6 +308,33 @@ TALER_refresh_link_encrypted_decode (const char *buf,
 }
 
 
+/**
+ * Encode encrypted refresh link information to buffer.
+ *
+ * @param rle refresh link to encode
+ * @param[out] buf_len set number of bytes returned
+ * @return NULL on error, otherwise buffer with encoded @a rle
+ */
+char *
+TALER_refresh_link_encrypted_encode (const struct TALER_RefreshLinkEncrypted *rle,
+                                     size_t *buf_len)
+{
+  char *buf;
+
+  if (rle->blinding_key_enc_size >= GNUNET_MAX_MALLOC_CHECKED - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))
+  {
+    GNUNET_break (0);
+    return NULL;
+  }
+  *buf_len = sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey) + rle->blinding_key_enc_size;
+  buf = GNUNET_malloc (*buf_len);
+  memcpy (buf,
+	  rle->coin_priv_enc,
+          *buf_len);
+  return buf;
+}
+
+
 /**
  * Check if a coin is valid; that is, whether the denomination key exists,
  * is not expired, and the signature is correct.
-- 
cgit v1.2.3