diff options
author | Christian Grothoff <christian@grothoff.org> | 2015-09-18 15:37:15 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2015-09-18 15:37:15 +0200 |
commit | b0c7912df7a070d4033bad08c3c44713cb947c87 (patch) | |
tree | 2974db6d8e76e440fb0df35e2596668c0ffe6206 /src/mint/taler-mint-httpd_keystate.c | |
parent | fb14af5ba8218baaa889e42d9a5c9373f624afdb (diff) |
finish implementing #3847
Diffstat (limited to 'src/mint/taler-mint-httpd_keystate.c')
-rw-r--r-- | src/mint/taler-mint-httpd_keystate.c | 33 |
1 files changed, 29 insertions, 4 deletions
diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c index 11394067a..608e791b7 100644 --- a/src/mint/taler-mint-httpd_keystate.c +++ b/src/mint/taler-mint-httpd_keystate.c @@ -475,16 +475,41 @@ reload_auditor_iter (void *cls, const struct TALER_DenominationKeyValidityPS *dki) { struct TMH_KS_StateHandle *ctx = cls; + unsigned int i; + int found; - GNUNET_break (0); // FIXME: not implemented: #3847 - // FIXME: check merchant public key matches - // FIXME: check dki overlap with our (active) DKI set + /* Check if the signature is at least for this mint. */ + if (0 != memcmp (&mpub->eddsa_pub, + &TMH_master_public_key, + sizeof (struct GNUNET_CRYPTO_EddsaPublicKey))) + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + "Auditing information provided for a different mint, ignored\n"); + return GNUNET_OK; + } + /* check if there is an overlap between the set of keys signed by + the auditor and the denomination keys that are active right now */ + found = GNUNET_NO; + for (i=0;i<dki_len;i++) + { + if (GNUNET_YES == + GNUNET_CONTAINER_multihashmap_contains (ctx->denomkey_map, + &dki[i].denom_hash)) + { + found = GNUNET_YES; + break; + } + } + if (GNUNET_NO == found) + return GNUNET_OK; /* None of the keys are relevant for us right now, + so skip this auditor signature */ + /* add auditor information to our /keys response */ json_array_append_new (ctx->auditors_array, auditor_to_json (apub, asig, dki_len, dki)); - return GNUNET_SYSERR; + return GNUNET_OK; } |