signature verification for recoup

2 files changed, 33 insertions, 4 deletions

diff --git a/src/types/dbTypes.ts b/src/types/dbTypes.ts
index 36b45f5ac..f28426ac9 100644
--- a/src/types/dbTypes.ts
+++ b/src/types/dbTypes.ts
@@ -30,6 +30,7 @@ import {
   MerchantRefundPermission,
   PayReq,
   TipResponse,
+  ExchangeSignKeyJson,
 } from "./talerTypes";
 
 import { Index, Store } from "../util/query";
@@ -410,6 +411,7 @@ export interface ExchangeDetails {
    * Master public key of the exchange.
    */
   masterPublicKey: string;
+
   /**
    * Auditors (partially) auditing the exchange.
    */
@@ -426,6 +428,12 @@ export interface ExchangeDetails {
   protocolVersion: string;
 
   /**
+   * Signing keys we got from the exchange, can also contain
+   * older signing keys that are not returned by /keys anymore.
+   */
+  signingKeys: ExchangeSignKeyJson[];
+
+  /**
    * Timestamp for last update.
    */
   lastUpdateTime: Timestamp;
diff --git a/src/types/talerTypes.ts b/src/types/talerTypes.ts
index 2ecb82340..569b93120 100644
--- a/src/types/talerTypes.ts
+++ b/src/types/talerTypes.ts
@@ -599,6 +599,17 @@ export class Recoup {
 }
 
 /**
+ * Structure of one exchange signing key in the /keys response.
+ */
+export class ExchangeSignKeyJson {
+  stamp_start: Timestamp;
+  stamp_expire: Timestamp;
+  stamp_end: Timestamp;
+  key: EddsaPublicKeyString;
+  master_sig: EddsaSignatureString;
+}
+
+/**
  * Structure that the exchange gives us in /keys.
  */
 export class ExchangeKeysJson {
@@ -631,7 +642,7 @@ export class ExchangeKeysJson {
    * Short-lived signing keys used to sign online
    * responses.
    */
-  signkeys: any;
+  signkeys: ExchangeSignKeyJson[];
 
   /**
    * Protocol version.
@@ -881,6 +892,17 @@ export const codecForRecoup = () =>
       .build("Payback"),
   );
 
+export const codecForExchangeSigningKey = () =>
+  typecheckedCodec<ExchangeSignKeyJson>(
+    makeCodecForObject<ExchangeSignKeyJson>()
+      .property("key", codecForString)
+      .property("master_sig", codecForString)
+      .property("stamp_end", codecForTimestamp)
+      .property("stamp_start", codecForTimestamp)
+      .property("stamp_expire", codecForTimestamp)
+      .build("ExchangeSignKeyJson"),
+  );
+
 export const codecForExchangeKeysJson = () =>
   typecheckedCodec<ExchangeKeysJson>(
     makeCodecForObject<ExchangeKeysJson>()
@@ -889,7 +911,7 @@ export const codecForExchangeKeysJson = () =>
       .property("auditors", makeCodecForList(codecForAuditor()))
       .property("list_issue_date", codecForTimestamp)
       .property("recoup", makeCodecOptional(makeCodecForList(codecForRecoup())))
-      .property("signkeys", codecForAny)
+      .property("signkeys", makeCodecForList(codecForExchangeSigningKey()))
       .property("version", codecForString)
       .build("KeysJson"),
   );
@@ -981,10 +1003,9 @@ export const codecForRecoupConfirmation = () =>
       .build("RecoupConfirmation"),
   );
 
-
 export const codecForWithdrawResponse = () =>
   typecheckedCodec<WithdrawResponse>(
     makeCodecForObject<WithdrawResponse>()
       .property("ev_sig", codecForString)
       .build("WithdrawResponse"),
-  );
\ No newline at end of file
+  );