diff options
author | Felix Lange <fjl@users.noreply.github.com> | 2018-06-12 21:26:08 +0800 |
---|---|---|
committer | Guillaume Ballet <gballet@gmail.com> | 2018-06-12 21:26:08 +0800 |
commit | 0255951587ef0eada5d162f3404bc481f70a2ce2 (patch) | |
tree | 6aa0c1c9405df6a88f4cbeb72e170e6e19cf55d5 /swarm/services/swap | |
parent | 85cd64df0e3331e46f41ec86a647f1b8ff306eda (diff) | |
download | go-tangerine-0255951587ef0eada5d162f3404bc481f70a2ce2.tar go-tangerine-0255951587ef0eada5d162f3404bc481f70a2ce2.tar.gz go-tangerine-0255951587ef0eada5d162f3404bc481f70a2ce2.tar.bz2 go-tangerine-0255951587ef0eada5d162f3404bc481f70a2ce2.tar.lz go-tangerine-0255951587ef0eada5d162f3404bc481f70a2ce2.tar.xz go-tangerine-0255951587ef0eada5d162f3404bc481f70a2ce2.tar.zst go-tangerine-0255951587ef0eada5d162f3404bc481f70a2ce2.zip |
crypto: replace ToECDSAPub with error-checking func UnmarshalPubkey (#16932)
ToECDSAPub was unsafe because it returned a non-nil key with nil X, Y in
case of invalid input. This change replaces ToECDSAPub with
UnmarshalPubkey across the codebase.
Diffstat (limited to 'swarm/services/swap')
-rw-r--r-- | swarm/services/swap/swap.go | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/swarm/services/swap/swap.go b/swarm/services/swap/swap.go index 1f9b22b90..1eac111be 100644 --- a/swarm/services/swap/swap.go +++ b/swarm/services/swap/swap.go @@ -19,6 +19,7 @@ package swap import ( "context" "crypto/ecdsa" + "errors" "fmt" "math/big" "os" @@ -134,6 +135,11 @@ func NewSwap(local *SwapParams, remote *SwapProfile, backend chequebook.Backend, out *chequebook.Outbox ) + remotekey, err := crypto.UnmarshalPubkey(common.FromHex(remote.PublicKey)) + if err != nil { + return nil, errors.New("invalid remote public key") + } + // check if remote chequebook is valid // insolvent chequebooks suicide so will signal as invalid // TODO: monitoring a chequebooks events @@ -142,7 +148,7 @@ func NewSwap(local *SwapParams, remote *SwapProfile, backend chequebook.Backend, log.Info(fmt.Sprintf("invalid contract %v for peer %v: %v)", remote.Contract.Hex()[:8], proto, err)) } else { // remote contract valid, create inbox - in, err = chequebook.NewInbox(local.privateKey, remote.Contract, local.Beneficiary, crypto.ToECDSAPub(common.FromHex(remote.PublicKey)), backend) + in, err = chequebook.NewInbox(local.privateKey, remote.Contract, local.Beneficiary, remotekey, backend) if err != nil { log.Warn(fmt.Sprintf("unable to set up inbox for chequebook contract %v for peer %v: %v)", remote.Contract.Hex()[:8], proto, err)) } |