commit a8f86e6f8b2340605cf8aabb239a43e95044ad36
parent 90ce6b204b6001b43800e28c47f1904cfe91b7f4
Author: Christian Grothoff <christian@grothoff.org>
Date: Mon, 2 Feb 2026 17:27:34 +0100
nonce is public key: enforce new spec
Diffstat:
2 files changed, 18 insertions(+), 16 deletions(-)
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-claim.c b/src/backend/taler-merchant-httpd_post-orders-ID-claim.c
@@ -56,7 +56,7 @@
static enum GNUNET_DB_QueryStatus
claim_order (struct TMH_HandlerContext *hc,
const char *order_id,
- const char *nonce,
+ const struct GNUNET_CRYPTO_EddsaPublicKey *nonce,
const struct TALER_ClaimTokenP *claim_token,
json_t **contract_terms)
{
@@ -87,10 +87,10 @@ claim_order (struct TMH_HandlerContext *hc,
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs)
{
/* We already have claimed contract terms for this order_id */
- const char *stored_nonce;
+ struct GNUNET_CRYPTO_EddsaPublicKey stored_nonce;
struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_string ("nonce",
- &stored_nonce),
+ GNUNET_JSON_spec_fixed_auto ("nonce",
+ &stored_nonce),
GNUNET_JSON_spec_end ()
};
@@ -109,8 +109,9 @@ claim_order (struct TMH_HandlerContext *hc,
return GNUNET_DB_STATUS_HARD_ERROR;
}
- if (0 != strcmp (stored_nonce,
- nonce))
+ if (0 !=
+ GNUNET_memcmp (&stored_nonce,
+ nonce))
{
GNUNET_JSON_parse_free (spec);
return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;
@@ -158,9 +159,10 @@ claim_order (struct TMH_HandlerContext *hc,
}
GNUNET_assert (0 ==
- json_object_set_new (*contract_terms,
- "nonce",
- json_string (nonce)));
+ json_object_set_new (
+ *contract_terms,
+ "nonce",
+ GNUNET_JSON_from_data_auto (nonce)));
if (0 != GNUNET_memcmp_priv (&order_ct,
claim_token))
{
@@ -218,15 +220,15 @@ TMH_post_orders_ID_claim (const struct TMH_RequestHandler *rh,
struct TMH_HandlerContext *hc)
{
const char *order_id = hc->infix;
- const char *nonce;
+ struct GNUNET_CRYPTO_EddsaPublicKey nonce;
enum GNUNET_DB_QueryStatus qs;
json_t *contract_terms;
struct TALER_ClaimTokenP claim_token = { 0 };
{
struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_string ("nonce",
- &nonce),
+ GNUNET_JSON_spec_fixed_auto ("nonce",
+ &nonce),
GNUNET_JSON_spec_mark_optional (
GNUNET_JSON_spec_fixed_auto ("token",
&claim_token),
@@ -255,7 +257,7 @@ TMH_post_orders_ID_claim (const struct TMH_RequestHandler *rh,
TMH_db->preflight (TMH_db->cls);
qs = claim_order (hc,
order_id,
- nonce,
+ &nonce,
&claim_token,
&contract_terms);
if (GNUNET_DB_STATUS_SOFT_ERROR != qs)
diff --git a/src/testing/test_merchant_order_creation.sh b/src/testing/test_merchant_order_creation.sh
@@ -312,7 +312,7 @@ echo "OK"
echo -n "Claming order with token family ..."
STATUS=$(curl http://localhost:9966/orders/"$ORDER_ID"/claim \
- -d '{"nonce":"","token":"'"$TOKEN"'"}' \
+ -d '{"nonce":"0FTTZ475NBECCZN97VFTN6DEKWVKJ8AQY9PWR6VS36JZQFS66YG0","token":"'"$TOKEN"'"}' \
-w "%{http_code}" -s -o "$LAST_RESPONSE")
if [ "$STATUS" != "200" ]
@@ -364,7 +364,7 @@ ORDER_ID=$(jq -r .order_id < "$LAST_RESPONSE")
TOKEN=$(jq -r .token < "$LAST_RESPONSE")
STATUS=$(curl http://localhost:9966/orders/"$ORDER_ID"/claim \
- -d '{"nonce":"","token":"'"$TOKEN"'"}' \
+ -d '{"nonce":"0FTTZ475NBECCZN97VFTN6DEKWVKJ8AQY9PWR6VS36JZQFS66YG0","token":"'"$TOKEN"'"}' \
-w "%{http_code}" -s -o "$LAST_RESPONSE")
if [ "$STATUS" != "200" ]
@@ -420,7 +420,7 @@ ORDER_ID=$(jq -e -r .order_id < "$LAST_RESPONSE")
TOKEN=$(jq -e -r .token < "$LAST_RESPONSE")
STATUS=$(curl http://localhost:9966/orders/"$ORDER_ID"/claim \
- -d '{"nonce":"","token":"'"$TOKEN"'"}' \
+ -d '{"nonce":"1ZRJCEAGM5N98P6ATH0NSR9SP3RKQJQQ05MQJAJA57T8YNPCPWEG","token":"'"$TOKEN"'"}' \
-w "%{http_code}" -s -o "$LAST_RESPONSE")
if [ "$STATUS" != "200" ]
