From 1eb292fe1fa6e00df8758fc1c2e5ac93f341dc4e Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sun, 1 Mar 2020 13:31:46 +0100 Subject: [PATCH] check well-formedness of URI when signing, check return value of function for error --- src/exchange-tools/taler-exchange-wire.c | 7 +++++++ src/include/taler_json_lib.h | 9 ++++++--- src/json/json_wire.c | 14 ++++++++++++-- 3 files changed, 25 insertions(+), 5 deletions(-) diff --git a/src/exchange-tools/taler-exchange-wire.c b/src/exchange-tools/taler-exchange-wire.c index 0d6cdddbf..10d849b43 100644 --- a/src/exchange-tools/taler-exchange-wire.c +++ b/src/exchange-tools/taler-exchange-wire.c @@ -74,6 +74,13 @@ sign_account_data (void *cls, wire = TALER_JSON_exchange_wire_signature_make (ai->payto_uri, &master_priv); + if (NULL == wire) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Could not sign wire account `%s'. Is the URI well-formed?\n"); + global_ret = 1; + return; + } GNUNET_assert (NULL != wire); json_out = json_dumps (wire, JSON_INDENT (2)); diff --git a/src/include/taler_json_lib.h b/src/include/taler_json_lib.h index d5f6b0ba2..c4e107c09 100644 --- a/src/include/taler_json_lib.h +++ b/src/include/taler_json_lib.h @@ -149,7 +149,8 @@ TALER_JSON_get_error_code2 (const void *data, /** * Compute the hash of the given wire details. The resulting - * hash is what is put into the contract. + * hash is what is put into the contract. Also performs rudimentary + * checks on the account data *if* supported. * * @param wire_s wire details to hash * @param[out] hc set to the hash @@ -161,7 +162,8 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s, /** - * Check the signature in @a wire_s. + * Check the signature in @a wire_s. Also performs rudimentary + * checks on the account data *if* supported. * * @param wire_s signed wire information of an exchange * @param master_pub master public key of the exchange @@ -177,7 +179,8 @@ TALER_JSON_exchange_wire_signature_check (const json_t *wire_s, * Create a signed wire statement for the given account. * * @param payto_uri account specification - * @param master_priv private key to sign with, NULL to not sign + * @param master_priv private key to sign with + * @return NULL if @a payto_uri is malformed */ json_t * TALER_JSON_exchange_wire_signature_make (const char *payto_uri, diff --git a/src/json/json_wire.c b/src/json/json_wire.c index 4fc4cfead..b0bb67503 100644 --- a/src/json/json_wire.c +++ b/src/json/json_wire.c @@ -392,7 +392,8 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s, /** - * Check the signature in @a wire_s. + * Check the signature in @a wire_s. Also performs rudimentary + * checks on the account data *if* supported. * * @param wire_s signed wire information of an exchange * @param master_pub master public key of the exchange @@ -420,6 +421,7 @@ TALER_JSON_exchange_wire_signature_check (const json_t *wire_s, return GNUNET_SYSERR; } + /* Note: this check does nothing if this is not an IBAN */ if (GNUNET_SYSERR == validate_payto_iban (payto_uri)) { GNUNET_break_op (0); @@ -436,7 +438,8 @@ TALER_JSON_exchange_wire_signature_check (const json_t *wire_s, * Create a signed wire statement for the given account. * * @param payto_uri account specification - * @param master_priv private key to sign with, NULL to not sign + * @param master_priv private key to sign with + * @return NULL if @a payto_uri is malformed */ json_t * TALER_JSON_exchange_wire_signature_make (const char *payto_uri, @@ -445,6 +448,13 @@ TALER_JSON_exchange_wire_signature_make (const char *payto_uri, { struct TALER_MasterSignatureP master_sig; + /* Note: this check does nothing if this is not an IBAN */ + if (GNUNET_SYSERR == validate_payto_iban (payto_uri)) + { + GNUNET_break_op (0); + return NULL; + } + TALER_exchange_wire_signature_make (payto_uri, master_priv, &master_sig);