ARCHIVE/xahaud
3
0
Fork 0
mirror of https://github.com/Xahau/xahaud.git synced 2025-11-28 22:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Check for malformed public key on payment channel

Browse Source
This commit is contained in:
seelabs
2017-02-24 11:16:12 -05:00
parent b7e2a3bd5f
commit 35f4698aed
3 changed files with 70 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/ripple/app/tx/impl/PayChan.cpp
View File

@@ -171,6 +171,9 @@ PayChanCreate::preflight (PreflightContext const& ctx)
if (ctx.tx[sfAccount] == ctx.tx[sfDestination])
return temDST_IS_SRC;
if (!publicKeyType(ctx.tx[sfPublicKey]))
return temMALFORMED;
return preflight2 (ctx);
}
@@ -378,6 +381,8 @@ PayChanClaim::preflight (PreflightContext const& ctx)
return tecNO_PERMISSION;
Keylet const k (ltPAYCHAN, ctx.tx[sfPayChannel]);
if (!publicKeyType(ctx.tx[sfPublicKey]))
return temMALFORMED;
PublicKey const pk (ctx.tx[sfPublicKey]);
Serializer msg;
serializePayChanAuthorization (msg, k.key, authAmt);

9
src/ripple/rpc/handlers/AccountChannels.cpp
View File

@@ -40,9 +40,12 @@ void addChannel (Json::Value& jsonLines, SLE const& line)
jDst[jss::destination_account] = to_string (line[sfDestination]);
jDst[jss::amount] = line[sfAmount].getText ();
jDst[jss::balance] = line[sfBalance].getText ();
PublicKey const pk (line[sfPublicKey]);
jDst[jss::public_key] = toBase58 (TokenType::TOKEN_ACCOUNT_PUBLIC, pk);
jDst[jss::public_key_hex] = strHex (pk);
if (publicKeyType(line[sfPublicKey]))
{
PublicKey const pk (line[sfPublicKey]);
jDst[jss::public_key] = toBase58 (TokenType::TOKEN_ACCOUNT_PUBLIC, pk);
jDst[jss::public_key_hex] = strHex (pk);
}
jDst[jss::settle_delay] = line[sfSettleDelay];
if (auto const& v = line[~sfExpiration])
jDst[jss::expiration] = *v;

59
src/test/app/PayChan_test.cpp
View File

@@ -739,6 +739,13 @@ struct PayChan_test : public beast::unit_test::suite
BEAST_EXPECT (r[jss::result][jss::channels][0u][jss::channel_id] == chan1Str);
chan1PkStr = r[jss::result][jss::channels][0u][jss::public_key].asString();
}
{
auto const r =
env.rpc ("account_channels", alice.human ());
BEAST_EXPECT (r[jss::result][jss::channels].size () == 1);
BEAST_EXPECT (r[jss::result][jss::channels][0u][jss::channel_id] == chan1Str);
chan1PkStr = r[jss::result][jss::channels][0u][jss::public_key].asString();
}
{
auto const r =
env.rpc ("account_channels", bob.human (), alice.human ());
@@ -818,6 +825,57 @@ struct PayChan_test : public beast::unit_test::suite
}
}
void
testMalformedPK ()
{
testcase ("malformed pk");
using namespace jtx;
using namespace std::literals::chrono_literals;
Env env (*this, features (featurePayChan));
auto const alice = Account ("alice");
auto const bob = Account ("bob");
auto USDA = alice["USD"];
env.fund (XRP (10000), alice, bob);
auto const pk = alice.pk ();
auto const settleDelay = 100s;
auto jv = create (alice, bob, XRP (1000), settleDelay, pk);
auto const pkHex = strHex (pk.slice ());
jv["PublicKey"] = pkHex.substr(2, pkHex.size()-2);
env (jv, ter(temMALFORMED));
jv["PublicKey"] = pkHex.substr(0, pkHex.size()-2);
env (jv, ter(temMALFORMED));
auto badPrefix = pkHex;
badPrefix[0]='f';
badPrefix[1]='f';
jv["PublicKey"] = badPrefix;
env (jv, ter(temMALFORMED));
jv["PublicKey"] = pkHex;
env (jv);
auto const chan = channel (*env.current (), alice, bob);
auto const authAmt = XRP (100);
auto const sig = signClaimAuth (alice.pk (), alice.sk (), chan, authAmt);
jv = claim(bob, chan, authAmt.value(), authAmt.value(), Slice(sig), alice.pk());
jv["PublicKey"] = pkHex.substr(2, pkHex.size()-2);
env (jv, ter(temMALFORMED));
jv["PublicKey"] = pkHex.substr(0, pkHex.size()-2);
env (jv, ter(temMALFORMED));
badPrefix = pkHex;
badPrefix[0]='f';
badPrefix[1]='f';
jv["PublicKey"] = badPrefix;
env (jv, ter(temMALFORMED));
// missing public key
jv.removeMember("PublicKey");
env (jv, ter(temMALFORMED));
jv["PublicKey"] = pkHex;
env (jv);
}
void
run () override
{
@@ -832,6 +890,7 @@ struct PayChan_test : public beast::unit_test::suite
testMultiple ();
testRPC ();
testOptionalFields ();
testMalformedPK ();
}
};