From 136e9accf6933a00cd4e59fbb2ddac8667d2be02 Mon Sep 17 00:00:00 2001 From: Jonathan Buchanan Date: Fri, 10 Jul 2020 22:37:11 -0400 Subject: use h_denom_pub when signing deposits --- src/lib/merchant_api_post_order_pay.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'src/lib/merchant_api_post_order_pay.c') diff --git a/src/lib/merchant_api_post_order_pay.c b/src/lib/merchant_api_post_order_pay.c index 27f380f8..78fe3080 100644 --- a/src/lib/merchant_api_post_order_pay.c +++ b/src/lib/merchant_api_post_order_pay.c @@ -119,12 +119,15 @@ check_coin_history (const struct TALER_MERCHANT_PaidCoin *pc, { struct TALER_Amount spent; struct TALER_Amount spent_plus_contrib; + struct GNUNET_HashCode h_denom_pub; + struct GNUNET_HashCode h_denom_pub_pc; if (GNUNET_OK != TALER_EXCHANGE_verify_coin_history (NULL, /* do not verify fees */ pc->amount_with_fee.currency, &pc->coin_pub, json, + &h_denom_pub, &spent)) { /* Exchange's history fails to verify */ @@ -148,6 +151,15 @@ check_coin_history (const struct TALER_MERCHANT_PaidCoin *pc, GNUNET_break_op (0); return GNUNET_SYSERR; } + GNUNET_CRYPTO_rsa_public_key_hash (pc->denom_pub.rsa_public_key, + &h_denom_pub_pc); + if (0 != GNUNET_memcmp (&h_denom_pub, + &h_denom_pub_pc)) + { + /* Hash of denom pub doesn't match. */ + GNUNET_break (0); + return GNUNET_SYSERR; + } GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Accepting proof of double-spending\n"); return GNUNET_OK; @@ -671,6 +683,8 @@ TALER_MERCHANT_order_pay (struct GNUNET_CURL_Context *ctx, } TALER_amount_hton (&dr.deposit_fee, &fee); + GNUNET_CRYPTO_rsa_public_key_hash (coin->denom_pub.rsa_public_key, + &dr.h_denom_pub); GNUNET_CRYPTO_eddsa_sign (&coin->coin_priv.eddsa_priv, &dr, &p->coin_sig.eddsa_signature); -- cgit v1.2.3