diff options
author | Christian Grothoff <christian@grothoff.org> | 2021-08-02 19:38:23 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2021-08-02 19:38:23 +0200 |
commit | c4ae15c1dbecc65b99e42e6c355952e576cfafe0 (patch) | |
tree | ec465fc048591b51bac9a1254746308014ca8795 /src/util | |
parent | 2e6b8e10de123b446ee77f714c0108dce15cd83e (diff) |
-strengthen payto validation logic
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/payto.c | 398 |
1 files changed, 398 insertions, 0 deletions
diff --git a/src/util/payto.c b/src/util/payto.c index 54072d667..7819184e8 100644 --- a/src/util/payto.c +++ b/src/util/payto.c @@ -128,3 +128,401 @@ TALER_xtalerbank_account_from_payto (const char *payto) return GNUNET_strndup (beg, end - beg); } + + +/* Country table taken from GNU gettext */ + +/** + * Entry in the country table. + */ +struct CountryTableEntry +{ + /** + * 2-Character international country code. + */ + const char *code; + + /** + * Long English name of the country. + */ + const char *english; +}; + + +/* Keep the following table in sync with gettext. + WARNING: the entries should stay sorted according to the code */ +/** + * List of country codes. + */ +static const struct CountryTableEntry country_table[] = { + { "AE", "U.A.E." }, + { "AF", "Afghanistan" }, + { "AL", "Albania" }, + { "AM", "Armenia" }, + { "AN", "Netherlands Antilles" }, + { "AR", "Argentina" }, + { "AT", "Austria" }, + { "AU", "Australia" }, + { "AZ", "Azerbaijan" }, + { "BA", "Bosnia and Herzegovina" }, + { "BD", "Bangladesh" }, + { "BE", "Belgium" }, + { "BG", "Bulgaria" }, + { "BH", "Bahrain" }, + { "BN", "Brunei Darussalam" }, + { "BO", "Bolivia" }, + { "BR", "Brazil" }, + { "BT", "Bhutan" }, + { "BY", "Belarus" }, + { "BZ", "Belize" }, + { "CA", "Canada" }, + { "CG", "Congo" }, + { "CH", "Switzerland" }, + { "CI", "Cote d'Ivoire" }, + { "CL", "Chile" }, + { "CM", "Cameroon" }, + { "CN", "People's Republic of China" }, + { "CO", "Colombia" }, + { "CR", "Costa Rica" }, + { "CS", "Serbia and Montenegro" }, + { "CZ", "Czech Republic" }, + { "DE", "Germany" }, + { "DK", "Denmark" }, + { "DO", "Dominican Republic" }, + { "DZ", "Algeria" }, + { "EC", "Ecuador" }, + { "EE", "Estonia" }, + { "EG", "Egypt" }, + { "ER", "Eritrea" }, + { "ES", "Spain" }, + { "ET", "Ethiopia" }, + { "FI", "Finland" }, + { "FO", "Faroe Islands" }, + { "FR", "France" }, + { "GB", "United Kingdom" }, + { "GD", "Caribbean" }, + { "GE", "Georgia" }, + { "GL", "Greenland" }, + { "GR", "Greece" }, + { "GT", "Guatemala" }, + { "HK", "Hong Kong" }, + { "HK", "Hong Kong S.A.R." }, + { "HN", "Honduras" }, + { "HR", "Croatia" }, + { "HT", "Haiti" }, + { "HU", "Hungary" }, + { "ID", "Indonesia" }, + { "IE", "Ireland" }, + { "IL", "Israel" }, + { "IN", "India" }, + { "IQ", "Iraq" }, + { "IR", "Iran" }, + { "IS", "Iceland" }, + { "IT", "Italy" }, + { "JM", "Jamaica" }, + { "JO", "Jordan" }, + { "JP", "Japan" }, + { "KE", "Kenya" }, + { "KG", "Kyrgyzstan" }, + { "KH", "Cambodia" }, + { "KR", "South Korea" }, + { "KW", "Kuwait" }, + { "KZ", "Kazakhstan" }, + { "LA", "Laos" }, + { "LB", "Lebanon" }, + { "LI", "Liechtenstein" }, + { "LK", "Sri Lanka" }, + { "LT", "Lithuania" }, + { "LU", "Luxembourg" }, + { "LV", "Latvia" }, + { "LY", "Libya" }, + { "MA", "Morocco" }, + { "MC", "Principality of Monaco" }, + { "MD", "Moldava" }, + { "MD", "Moldova" }, + { "ME", "Montenegro" }, + { "MK", "Former Yugoslav Republic of Macedonia" }, + { "ML", "Mali" }, + { "MM", "Myanmar" }, + { "MN", "Mongolia" }, + { "MO", "Macau S.A.R." }, + { "MT", "Malta" }, + { "MV", "Maldives" }, + { "MX", "Mexico" }, + { "MY", "Malaysia" }, + { "NG", "Nigeria" }, + { "NI", "Nicaragua" }, + { "NL", "Netherlands" }, + { "NO", "Norway" }, + { "NP", "Nepal" }, + { "NZ", "New Zealand" }, + { "OM", "Oman" }, + { "PA", "Panama" }, + { "PE", "Peru" }, + { "PH", "Philippines" }, + { "PK", "Islamic Republic of Pakistan" }, + { "PL", "Poland" }, + { "PR", "Puerto Rico" }, + { "PT", "Portugal" }, + { "PY", "Paraguay" }, + { "QA", "Qatar" }, + { "RE", "Reunion" }, + { "RO", "Romania" }, + { "RS", "Serbia" }, + { "RU", "Russia" }, + { "RW", "Rwanda" }, + { "SA", "Saudi Arabia" }, + { "SE", "Sweden" }, + { "SG", "Singapore" }, + { "SI", "Slovenia" }, + { "SK", "Slovak" }, + { "SN", "Senegal" }, + { "SO", "Somalia" }, + { "SR", "Suriname" }, + { "SV", "El Salvador" }, + { "SY", "Syria" }, + { "TH", "Thailand" }, + { "TJ", "Tajikistan" }, + { "TM", "Turkmenistan" }, + { "TN", "Tunisia" }, + { "TR", "Turkey" }, + { "TT", "Trinidad and Tobago" }, + { "TW", "Taiwan" }, + { "TZ", "Tanzania" }, + { "UA", "Ukraine" }, + { "US", "United States" }, + { "UY", "Uruguay" }, + { "VA", "Vatican" }, + { "VE", "Venezuela" }, + { "VN", "Viet Nam" }, + { "YE", "Yemen" }, + { "ZA", "South Africa" }, + { "ZW", "Zimbabwe" } +}; + + +/** + * Country code comparator function, for binary search with bsearch(). + * + * @param ptr1 pointer to a `struct table_entry` + * @param ptr2 pointer to a `struct table_entry` + * @return result of memcmp()'ing the 2-digit country codes of the entries + */ +static int +cmp_country_code (const void *ptr1, + const void *ptr2) +{ + const struct CountryTableEntry *cc1 = ptr1; + const struct CountryTableEntry *cc2 = ptr2; + + return memcmp (cc1->code, + cc2->code, + 2); +} + + +/** + * Validates given IBAN according to the European Banking Standards. See: + * http://www.europeanpaymentscouncil.eu/documents/ECBS%20IBAN%20standard%20EBS204_V3.2.pdf + * + * @param iban the IBAN number to validate + * @return NULL if correctly formatted; error message if not + */ +static char * +validate_iban (const char *iban) +{ + char cc[2]; + char ibancpy[35]; + struct CountryTableEntry cc_entry; + unsigned int len; + char *nbuf; + unsigned long long dividend; + unsigned long long remainder; + unsigned int i; + unsigned int j; + + len = strlen (iban); + if (len > 34) + return GNUNET_strdup ("IBAN number too long to be valid"); + memcpy (cc, iban, 2); + memcpy (ibancpy, iban + 4, len - 4); + memcpy (ibancpy + len - 4, iban, 4); + ibancpy[len] = '\0'; + cc_entry.code = cc; + cc_entry.english = NULL; + if (NULL == + bsearch (&cc_entry, + country_table, + sizeof (country_table) / sizeof (struct CountryTableEntry), + sizeof (struct CountryTableEntry), + &cmp_country_code)) + { + char *msg; + + GNUNET_asprintf (&msg, + "Country code `%c%c' not supported\n", + cc[0], + cc[1]); + return msg; + } + nbuf = GNUNET_malloc ((len * 2) + 1); + for (i = 0, j = 0; i < len; i++) + { + if (isalpha ((unsigned char) ibancpy[i])) + { + if (2 != snprintf (&nbuf[j], + 3, + "%2u", + (ibancpy[i] - 'A' + 10))) + { + GNUNET_break (0); + return GNUNET_strdup ("internal invariant violation"); + } + j += 2; + continue; + } + nbuf[j] = ibancpy[i]; + j++; + } + for (j = 0; '\0' != nbuf[j]; j++) + { + if (! isdigit ( (unsigned char) nbuf[j])) + { + char *msg; + + GNUNET_asprintf (&msg, + "digit expected at `%s'", + &nbuf[j]); + GNUNET_free (nbuf); + return msg; + } + } + GNUNET_assert (sizeof(dividend) >= 8); + remainder = 0; + for (unsigned int i = 0; i<j; i += 16) + { + int nread; + + if (1 != + sscanf (&nbuf[i], + "%16llu %n", + ÷nd, + &nread)) + { + char *msg; + + GNUNET_asprintf (&msg, + "wrong input for checksum calculation at `%s'", + &nbuf[i]); + GNUNET_free (nbuf); + return msg; + } + if (0 != remainder) + dividend += remainder * (pow (10, nread)); + remainder = dividend % 97; + } + GNUNET_free (nbuf); + if (1 != remainder) + return GNUNET_strdup ("IBAN checksum is wrong"); + return NULL; +} + + +/** + * Validate payto://iban/ account URL (only account information, + * wire subject and amount are ignored). + * + * @param account_url URL to parse + * @return NULL on success, otherwise an error message + * to be freed by the caller + */ +static char * +validate_payto_iban (const char *account_url) +{ + const char *iban; + const char *q; + char *result; + char *err; + +#define IBAN_PREFIX "payto://iban/" + if (0 != strncasecmp (account_url, + IBAN_PREFIX, + strlen (IBAN_PREFIX))) + return NULL; /* not an IBAN */ + + iban = strrchr (account_url, '/') + 1; +#undef IBAN_PREFIX + q = strchr (iban, + '?'); + if (NULL != q) + { + result = GNUNET_strndup (iban, + q - iban); + } + else + { + result = GNUNET_strdup (iban); + } + if (NULL != + (err = validate_iban (result))) + { + GNUNET_free (result); + return err; + } + GNUNET_free (result); + return NULL; +} + + +/** + * Check that a payto:// URI is well-formed. + * + * @param payto_uri the URL to check + * @return NULL on success, otherwise an error + * message to be freed by the caller! + */ +char * +TALER_payto_validate (const char *payto_uri) +{ + char *ret; + const char *start; + const char *end; + + if (0 != strncasecmp (payto_uri, + PAYTO, + strlen (PAYTO))) + return GNUNET_strdup ("invalid prefix"); + for (unsigned int i = 0; '\0' != payto_uri[i]; i++) + { + /* This is more strict than RFC 8905, alas we do not need to support messages/instructions/etc., + and it is generally better to start with a narrow whitelist; we can be more permissive later ...*/ +#define ALLOWED_CHARACTERS \ + "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/:&?-.,=" + if (NULL == strchr (ALLOWED_CHARACTERS, + (int) payto_uri[i])) + { + char *ret; + + GNUNET_asprintf (&ret, + "Encountered invalid character `%c' at offset %u in payto URI `%s'", + payto_uri[i], + i, + payto_uri); + return ret; + } +#undef ALLOWED_CHARACTERS + } + + start = &payto_uri[strlen (PAYTO)]; + end = strchr (start, + (unsigned char) '/'); + if (NULL == end) + return GNUNET_strdup ("missing '/' in payload"); + + if (NULL != (ret = validate_payto_iban (payto_uri))) + return ret; /* got a definitive answer */ + + /* Insert other bank account validation methods here later! */ + + return NULL; +} |