From 87649e856a041414cb63c2a2f02a76ca1c6e482d Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Wed, 26 Jun 2019 23:33:15 +0200 Subject: wire signatures: produce better warning Produce a better warning when the wire signature file is signed by a different key than the one we're checking the signature with. --- src/json/json_wire.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/json/json_wire.c b/src/json/json_wire.c index d5f095f76..7a4b4a5d9 100644 --- a/src/json/json_wire.c +++ b/src/json/json_wire.c @@ -105,12 +105,21 @@ TALER_JSON_exchange_wire_signature_check (const json_t *wire_s, { const char *payto_url; struct TALER_MasterSignatureP master_sig; + struct TALER_MasterPublicKeyP master_pub_from_wire; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_string ("url", &payto_url), GNUNET_JSON_spec_fixed_auto ("master_sig", &master_sig), + GNUNET_JSON_spec_fixed_auto ("master_pub", &master_pub_from_wire), GNUNET_JSON_spec_end () }; + if (0 != memcmp (&master_pub_from_wire, master_pub)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "wire signature has an unexpected master public key\n"); + return GNUNET_SYSERR; + } + if (GNUNET_OK != GNUNET_JSON_parse (wire_s, spec, @@ -136,13 +145,18 @@ TALER_JSON_exchange_wire_signature_make (const char *payto_url, const struct TALER_MasterPrivateKeyP *master_priv) { struct TALER_MasterSignatureP master_sig; + struct TALER_MasterPublicKeyP master_pub; + + GNUNET_CRYPTO_eddsa_key_get_public (&master_priv->eddsa_priv, + &master_pub.eddsa_pub); TALER_exchange_wire_signature_make (payto_url, master_priv, &master_sig); - return json_pack ("{s:s, s:o}", + return json_pack ("{s:s, s:o, s:o}", "url", payto_url, - "master_sig", GNUNET_JSON_from_data_auto (&master_sig)); + "master_sig", GNUNET_JSON_from_data_auto (&master_sig), + "master_pub", GNUNET_JSON_from_data_auto (&master_pub)); } -- cgit v1.2.3