3 files changed, 25 insertions, 12 deletions

diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c
index 096023ac5..dea898587 100644
--- a/src/mint/taler-mint-httpd_keystate.c
+++ b/src/mint/taler-mint-httpd_keystate.c
@@ -519,13 +519,15 @@ TMH_KS_acquire (void)
       GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                   "No valid signing key found!\n");
 
-    keys = json_pack ("{s:o, s:o, s:o, s:o, s:o}",
+    keys = json_pack ("{s:o, s:o, s:o, s:o, s:o, s:o}",
                       "master_public_key",
                       TALER_json_from_data (&TMH_master_public_key,
                                             sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)),
                       "signkeys", key_state->sign_keys_array,
                       "denoms", key_state->denom_keys_array,
                       "list_issue_date", TALER_json_from_abs (key_state->reload_time),
+                      "eddsa_pub", TALER_json_from_data (&key_state->current_sign_key_issue.issue.signkey_pub,
+                                                         sizeof (struct TALER_MintPublicKeyP)),
                       "eddsa_sig", TALER_json_from_data (&sig,
                                                          sizeof (struct TALER_MintSignatureP)));
     key_state->keys_json = json_dumps (keys,
@@ -714,16 +716,19 @@ read_again:
  * Sign the message in @a purpose with the mint's signing key.
  *
  * @param purpose the message to sign
+ * @param[out] pub set to the current public signing key of the mint
  * @param[out] sig signature over purpose using current signing key
  */
 void
 TMH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
-                      struct TALER_MintSignatureP *sig)
+             struct TALER_MintPublicKeyP *pub,
+             struct TALER_MintSignatureP *sig)
 
 {
   struct TMH_KS_StateHandle *key_state;
 
   key_state = TMH_KS_acquire ();
+  *pub = key_state->current_sign_key_issue.issue.signkey_pub;
   GNUNET_assert (GNUNET_OK ==
                  GNUNET_CRYPTO_eddsa_sign (&key_state->current_sign_key_issue.signkey_priv.eddsa_priv,
                                            purpose,
diff --git a/src/mint/taler-mint-httpd_keystate.h b/src/mint/taler-mint-httpd_keystate.h
index bcdd01f56..5abb006cb 100644
--- a/src/mint/taler-mint-httpd_keystate.h
+++ b/src/mint/taler-mint-httpd_keystate.h
@@ -74,7 +74,7 @@ enum TMH_KS_DenominationKeyUse {
    * The key is to be usd for a /deposit or /refresh (melt) operation.
    */
   TMH_KS_DKU_DEPOSIT
-  
+
 };
 
 
@@ -110,10 +110,12 @@ TMH_KS_loop (void);
  * key.
  *
  * @param purpose the message to sign
+ * @param[out] pub set to the current public signing key of the mint
  * @param[out] sig signature over purpose using current signing key
  */
 void
 TMH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+             struct TALER_MintPublicKeyP *pub,
              struct TALER_MintSignatureP *sig);
 
 
diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c
index bb7a72f8e..fdb5137ec 100644
--- a/src/mint/taler-mint-httpd_responses.c
+++ b/src/mint/taler-mint-httpd_responses.c
@@ -348,8 +348,8 @@ TMH_RESPONSE_reply_deposit_success (struct MHD_Connection *connection,
                                     const struct TALER_Amount *amount_without_fee)
 {
   struct TALER_DepositConfirmationPS dc;
+  struct TALER_MintPublicKeyP pub;
   struct TALER_MintSignatureP sig;
-  json_t *sig_json;
 
   dc.purpose.purpose = htonl (TALER_SIGNATURE_MINT_CONFIRM_DEPOSIT);
   dc.purpose.size = htonl (sizeof (struct TALER_DepositConfirmationPS));
@@ -363,14 +363,16 @@ TMH_RESPONSE_reply_deposit_success (struct MHD_Connection *connection,
   dc.coin_pub = *coin_pub;
   dc.merchant = *merchant;
   TMH_KS_sign (&dc.purpose,
+               &pub,
                &sig);
-  sig_json = TALER_json_from_data (&sig,
-                                   sizeof (sig));
   return TMH_RESPONSE_reply_json_pack (connection,
                                        MHD_HTTP_OK,
                                        "{s:s, s:o}",
                                        "status", "DEPOSIT_OK",
-                                       "sig", sig_json);
+                                       "sig", TALER_json_from_data (&sig,
+                                                                    sizeof (sig)),
+                                       "pub", TALER_json_from_data (&pub,
+                                                                    sizeof (pub)));
 }
 
 
@@ -735,6 +737,7 @@ TMH_RESPONSE_reply_refresh_melt_success (struct MHD_Connection *connection,
                                          uint16_t noreveal_index)
 {
   struct TALER_RefreshMeltConfirmationPS body;
+  struct TALER_MintPublicKeyP pub;
   struct TALER_MintSignatureP sig;
   json_t *sig_json;
 
@@ -743,15 +746,18 @@ TMH_RESPONSE_reply_refresh_melt_success (struct MHD_Connection *connection,
   body.session_hash = *session_hash;
   body.noreveal_index = htons (noreveal_index);
   TMH_KS_sign (&body.purpose,
-                        &sig);
-  sig_json = TALER_json_from_eddsa_sig (&body.purpose,
-                                        &sig.eddsa_signature);
+               &pub,
+               &sig);
+  sig_json = TALER_json_from_data (&sig,
+                                   sizeof (sig));
   GNUNET_assert (NULL != sig_json);
   return TMH_RESPONSE_reply_json_pack (connection,
                                        MHD_HTTP_OK,
-                                       "{s:i, s:o}",
+                                       "{s:i, s:o, s:o}",
                                        "noreveal_index", (int) noreveal_index,
-                                       "signature", sig_json);
+                                       "mint_sig", sig_json,
+                                       "mint_pub", TALER_json_from_data (&pub,
+                                                                         sizeof (pub)));
 }