taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

check for key expiration

Browse Source
This commit is contained in:
Christian Grothoff 2020-01-17 13:09:14 +01:00
parent fc55952b4f
commit 4e125d8eda
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/auditor/taler-auditor-httpd_deposit-confirmation.c
View File

@ -54,7 +54,19 @@ verify_and_execute_deposit_confirmation (struct MHD_Connection *connection,
struct TALER_DepositConfirmationPS dcs;
struct TALER_AUDITORDB_Session *session;
enum GNUNET_DB_QueryStatus qs;
struct GNUNET_TIME_Absolute now;
now = GNUNET_TIME_absolute_get ();
if ( (es->ep_start.abs_value_us > now.abs_value_us) ||
(es->ep_expire.abs_value_us < now.abs_value_us) )
{
/* Signing key expired */
TALER_LOG_WARNING ("Expired exchange signing key\n");
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_FORBIDDEN,
TALER_EC_DEPOSIT_CONFIRMATION_SIGNATURE_INVALID,
"master_sig (expired)");
}
/* check exchange signing key signature */
skv.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY);
skv.purpose.size = htonl (sizeof (struct TALER_ExchangeSigningKeyValidityPS));