implementing TALER_refresh_link_encrypted_encode, and adding test

3 files changed, 87 insertions, 1 deletions

diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 752d2bfd8..9ba13a6eb 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -544,6 +544,17 @@ TALER_refresh_link_encrypted_decode (const char *buf,
                                      size_t buf_len);
 
 
-/* FIXME: should also have _encode API... */
+/**
+ * Encode encrypted refresh link information to buffer.
+ *
+ * @param rle refresh link to encode
+ * @param[out] buf_len set number of bytes returned
+ * @return NULL on error, otherwise buffer with encoded @a rle
+ */
+char *
+TALER_refresh_link_encrypted_encode (const struct TALER_RefreshLinkEncrypted *rle,
+                                     size_t *buf_len);
+
+
 
 #endif
diff --git a/src/util/crypto.c b/src/util/crypto.c
index 14c14ebce..a00783701 100644
--- a/src/util/crypto.c
+++ b/src/util/crypto.c
@@ -292,6 +292,11 @@ TALER_refresh_link_encrypted_decode (const char *buf,
 
   if (buf_len < sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))
     return NULL;
+  if (buf_len >= GNUNET_MAX_MALLOC_CHECKED)
+  {
+    GNUNET_break (0);
+    return NULL;
+  }
   rle = GNUNET_malloc (sizeof (struct TALER_RefreshLinkEncrypted) +
                        buf_len - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey));
   rle->blinding_key_enc = (const char *) &rle[1];
@@ -304,6 +309,33 @@ TALER_refresh_link_encrypted_decode (const char *buf,
 
 
 /**
+ * Encode encrypted refresh link information to buffer.
+ *
+ * @param rle refresh link to encode
+ * @param[out] buf_len set number of bytes returned
+ * @return NULL on error, otherwise buffer with encoded @a rle
+ */
+char *
+TALER_refresh_link_encrypted_encode (const struct TALER_RefreshLinkEncrypted *rle,
+                                     size_t *buf_len)
+{
+  char *buf;
+
+  if (rle->blinding_key_enc_size >= GNUNET_MAX_MALLOC_CHECKED - sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))
+  {
+    GNUNET_break (0);
+    return NULL;
+  }
+  *buf_len = sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey) + rle->blinding_key_enc_size;
+  buf = GNUNET_malloc (*buf_len);
+  memcpy (buf,
+	  rle->coin_priv_enc,
+          *buf_len);
+  return buf;
+}
+
+
+/**
  * Check if a coin is valid; that is, whether the denomination key exists,
  * is not expired, and the signature is correct.
  *
diff --git a/src/util/test_crypto.c b/src/util/test_crypto.c
index e95f25e90..ce946dd53 100644
--- a/src/util/test_crypto.c
+++ b/src/util/test_crypto.c
@@ -24,6 +24,11 @@
 #include "taler_crypto_lib.h"
 
 
+/**
+ * Test low-level link encryption/decryption APIs.
+ *
+ * @return 0 on success
+ */
 static int
 test_basics ()
 {
@@ -77,6 +82,42 @@ test_basics ()
 }
 
 
+/**
+ * Test #TALER_refresh_link_encrypted_decode().
+ *
+ * @return 0 on success
+ */
+static int
+test_rled ()
+{
+  struct TALER_RefreshLinkEncrypted *rle;
+  char buf[512];
+  char *buf2;
+  size_t buf_len = sizeof (buf);
+
+  memset (buf, 42, sizeof (buf));
+  rle = TALER_refresh_link_encrypted_decode (buf,
+					     buf_len);
+  GNUNET_assert (NULL != rle);
+  buf_len = 42;
+  buf2 = TALER_refresh_link_encrypted_encode (rle,
+					      &buf_len);
+  GNUNET_assert (NULL != buf2);
+  GNUNET_assert (buf_len == sizeof (buf));
+  GNUNET_assert (0 == memcmp (buf,
+			      buf2,
+			      buf_len));
+  GNUNET_free (rle);
+  GNUNET_free (buf2);
+  return 0;
+}
+
+
+/**
+ * Test high-level link encryption/decryption API.
+ *
+ * @return 0 on success
+ */
 static int
 test_high_level ()
 {
@@ -131,6 +172,8 @@ main(int argc,
 {
   if (0 != test_basics ())
     return 1;
+  if (0 != test_rled ())
+    return 1;
   if (0 != test_high_level ())
     return 1;
   return 0;