aboutsummaryrefslogtreecommitdiff
path: root/src/mint/taler-mint-httpd_keystate.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-09-18 15:37:15 +0200
committerChristian Grothoff <christian@grothoff.org>2015-09-18 15:37:15 +0200
commitb0c7912df7a070d4033bad08c3c44713cb947c87 (patch)
tree2974db6d8e76e440fb0df35e2596668c0ffe6206 /src/mint/taler-mint-httpd_keystate.c
parentfb14af5ba8218baaa889e42d9a5c9373f624afdb (diff)
finish implementing #3847
Diffstat (limited to 'src/mint/taler-mint-httpd_keystate.c')
-rw-r--r--src/mint/taler-mint-httpd_keystate.c33
1 files changed, 29 insertions, 4 deletions
diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c
index 11394067a..608e791b7 100644
--- a/src/mint/taler-mint-httpd_keystate.c
+++ b/src/mint/taler-mint-httpd_keystate.c
@@ -475,16 +475,41 @@ reload_auditor_iter (void *cls,
const struct TALER_DenominationKeyValidityPS *dki)
{
struct TMH_KS_StateHandle *ctx = cls;
+ unsigned int i;
+ int found;
- GNUNET_break (0); // FIXME: not implemented: #3847
- // FIXME: check merchant public key matches
- // FIXME: check dki overlap with our (active) DKI set
+ /* Check if the signature is at least for this mint. */
+ if (0 != memcmp (&mpub->eddsa_pub,
+ &TMH_master_public_key,
+ sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Auditing information provided for a different mint, ignored\n");
+ return GNUNET_OK;
+ }
+ /* check if there is an overlap between the set of keys signed by
+ the auditor and the denomination keys that are active right now */
+ found = GNUNET_NO;
+ for (i=0;i<dki_len;i++)
+ {
+ if (GNUNET_YES ==
+ GNUNET_CONTAINER_multihashmap_contains (ctx->denomkey_map,
+ &dki[i].denom_hash))
+ {
+ found = GNUNET_YES;
+ break;
+ }
+ }
+ if (GNUNET_NO == found)
+ return GNUNET_OK; /* None of the keys are relevant for us right now,
+ so skip this auditor signature */
+ /* add auditor information to our /keys response */
json_array_append_new (ctx->auditors_array,
auditor_to_json (apub,
asig,
dki_len,
dki));
- return GNUNET_SYSERR;
+ return GNUNET_OK;
}