From b231cc94df3d533ac323ec562e8e8a193084302d Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 23 Aug 2022 14:36:03 +0200 Subject: enforce syntax of reserve_uri --- src/include/taler_crypto_lib.h | 8 ++++---- src/util/wallet_signatures.c | 20 ++++++++++++++++---- 2 files changed, 20 insertions(+), 8 deletions(-) (limited to 'src') diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 503cb13c..ac1aba73 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -2929,7 +2929,7 @@ TALER_wallet_purse_deposit_verify ( /** * Sign a request by a purse to merge it into an account. * - * @param reserve_url identifies the location of the reserve + * @param reserve_uri identifies the location of the reserve * @param merge_timestamp time when the merge happened * @param purse_pub key identifying the purse * @param merge_priv key identifying the merge capability @@ -2937,7 +2937,7 @@ TALER_wallet_purse_deposit_verify ( */ void TALER_wallet_purse_merge_sign ( - const char *reserve_url, + const char *reserve_uri, struct GNUNET_TIME_Timestamp merge_timestamp, const struct TALER_PurseContractPublicKeyP *purse_pub, const struct TALER_PurseMergePrivateKeyP *merge_priv, @@ -2947,7 +2947,7 @@ TALER_wallet_purse_merge_sign ( /** * Verify a purse merge request. * - * @param reserve_url identifies the location of the reserve + * @param reserve_uri identifies the location of the reserve * @param merge_timestamp time when the merge happened * @param purse_pub public key of the purse to merge * @param merge_pub public key of the merge capability @@ -2956,7 +2956,7 @@ TALER_wallet_purse_merge_sign ( */ enum GNUNET_GenericReturnValue TALER_wallet_purse_merge_verify ( - const char *reserve_url, + const char *reserve_uri, struct GNUNET_TIME_Timestamp merge_timestamp, const struct TALER_PurseContractPublicKeyP *purse_pub, const struct TALER_PurseMergePublicKeyP *merge_pub, diff --git a/src/util/wallet_signatures.c b/src/util/wallet_signatures.c index 4761ab6e..1b16731f 100644 --- a/src/util/wallet_signatures.c +++ b/src/util/wallet_signatures.c @@ -1009,7 +1009,7 @@ struct TALER_PurseMergePS void TALER_wallet_purse_merge_sign ( - const char *reserve_url, + const char *reserve_uri, struct GNUNET_TIME_Timestamp merge_timestamp, const struct TALER_PurseContractPublicKeyP *purse_pub, const struct TALER_PurseMergePrivateKeyP *merge_priv, @@ -1022,7 +1022,11 @@ TALER_wallet_purse_merge_sign ( .purse_pub = *purse_pub }; - TALER_payto_hash (reserve_url, + GNUNET_assert (0 == + strcasecmp (reserve_uri, + "payto://taler-reserve", + strlen ("payto://taler-reserve"))); + TALER_payto_hash (reserve_uri, &pm.h_payto); GNUNET_CRYPTO_eddsa_sign (&merge_priv->eddsa_priv, &pm, @@ -1032,7 +1036,7 @@ TALER_wallet_purse_merge_sign ( enum GNUNET_GenericReturnValue TALER_wallet_purse_merge_verify ( - const char *reserve_url, + const char *reserve_uri, struct GNUNET_TIME_Timestamp merge_timestamp, const struct TALER_PurseContractPublicKeyP *purse_pub, const struct TALER_PurseMergePublicKeyP *merge_pub, @@ -1045,7 +1049,15 @@ TALER_wallet_purse_merge_verify ( .purse_pub = *purse_pub }; - TALER_payto_hash (reserve_url, + if (0 != + strcasecmp (reserve_uri, + "payto://taler-reserve", + strlen ("payto://taler-reserve"))) + { + GNUNET_break (0); + return GNUNET_NO; + } + TALER_payto_hash (reserve_uri, &pm.h_payto); return GNUNET_CRYPTO_eddsa_verify ( TALER_SIGNATURE_WALLET_PURSE_MERGE, -- cgit v1.2.3