diff options
Diffstat (limited to 'src/exchange/taler-exchange-httpd_keystate.c')
-rw-r--r-- | src/exchange/taler-exchange-httpd_keystate.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c index 033995c6a..6f3ced2b5 100644 --- a/src/exchange/taler-exchange-httpd_keystate.c +++ b/src/exchange/taler-exchange-httpd_keystate.c @@ -1845,8 +1845,9 @@ read_again: * @param purpose the message to sign * @param[out] pub set to the current public signing key of the exchange * @param[out] sig signature over purpose using current signing key + * @return #GNUNET_OK on success, #GNUNET_SYSERR if we lack key material */ -void +int TEH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct TALER_ExchangePublicKeyP *pub, struct TALER_ExchangeSignatureP *sig) @@ -1855,15 +1856,21 @@ TEH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct TEH_KS_StateHandle *key_state; key_state = TEH_KS_acquire (); - GNUNET_assert (NULL != key_state); /* This *can* happen if the exchange's keys are - not properly maintained, but in this case we - simply have no good way forward. */ + if (NULL == key_state) + { + /* This *can* happen if the exchange's keys are + not properly maintained. */ + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _("Cannot sign request, no valid keys available\n")); + return GNUNET_SYSERR; + } *pub = key_state->current_sign_key_issue.issue.signkey_pub; GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (&key_state->current_sign_key_issue.signkey_priv.eddsa_priv, purpose, &sig->eddsa_signature)); TEH_KS_release (key_state); + return GNUNET_OK; } |