From 59398cfd76ed01df0ba5f33022727047afd6b270 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sun, 19 Jan 2020 20:33:07 +0100 Subject: separate util.c and url.c --- src/util/crypto_wire.c | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) (limited to 'src/util/crypto_wire.c') diff --git a/src/util/crypto_wire.c b/src/util/crypto_wire.c index a8941e18f..d935bec4d 100644 --- a/src/util/crypto_wire.c +++ b/src/util/crypto_wire.c @@ -24,8 +24,8 @@ /** - * Compute the hash of the given wire details. The resulting - * hash is what is put into the contract. + * Compute the hash of the given wire details. The resulting + * hash is what is signed by the master key. * * @param payto_uri bank account * @param[out] hc set to the hash @@ -46,7 +46,7 @@ TALER_exchange_wire_signature_hash (const char *payto_uri, /** - * Check the signature in @a wire_s. + * Check the signature in @a master_sig. * * @param payto_uri URL that is signed * @param master_pub master public key of the exchange @@ -101,7 +101,8 @@ TALER_exchange_wire_signature_make (const char *payto_uri, /** * Compute the hash of the given wire details. The resulting - * hash is what is put into the contract. + * @a hc is what will be put into the contract between customer + * and merchant for signing by both parties. * * @param payto_uri bank account * @param salt salt used to eliminate brute-force inversion @@ -126,7 +127,15 @@ TALER_merchant_wire_signature_hash (const char *payto_uri, /** - * Check the signature in @a merch_sig. (Not yet used anywhere.) + * Check the signature in @a merch_sig. + * (Not yet used anywhere.) + * + * Expected to be used if/when we get @a merch_pub signed via + * X.509 *and* have a way for the WebEx wallet to check that the + * @a merch_pub provided matches that of the X.509 certificate + * from the Web site. Until then, @a merch_pub cannto be + * validated (no PKI), and hence there is no point in checking + * these signatures. (See #5129 and #3946). * * @param payto_uri URL that is signed * @param salt the salt used to salt the @a payto_uri when hashing -- cgit v1.2.3