From cc5d09cf1d28e31ca8eca054b7da2c3873e2efe7 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 7 Oct 2017 15:10:24 +0200 Subject: properly handle signing errors if httpd lacks signing keys by returning internal errors (and handling new return value from TEH_KS_sign) --- src/exchange/taler-exchange-httpd_keystate.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'src/exchange/taler-exchange-httpd_keystate.c') diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c index 033995c6a..6f3ced2b5 100644 --- a/src/exchange/taler-exchange-httpd_keystate.c +++ b/src/exchange/taler-exchange-httpd_keystate.c @@ -1845,8 +1845,9 @@ read_again: * @param purpose the message to sign * @param[out] pub set to the current public signing key of the exchange * @param[out] sig signature over purpose using current signing key + * @return #GNUNET_OK on success, #GNUNET_SYSERR if we lack key material */ -void +int TEH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct TALER_ExchangePublicKeyP *pub, struct TALER_ExchangeSignatureP *sig) @@ -1855,15 +1856,21 @@ TEH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct TEH_KS_StateHandle *key_state; key_state = TEH_KS_acquire (); - GNUNET_assert (NULL != key_state); /* This *can* happen if the exchange's keys are - not properly maintained, but in this case we - simply have no good way forward. */ + if (NULL == key_state) + { + /* This *can* happen if the exchange's keys are + not properly maintained. */ + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _("Cannot sign request, no valid keys available\n")); + return GNUNET_SYSERR; + } *pub = key_state->current_sign_key_issue.issue.signkey_pub; GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (&key_state->current_sign_key_issue.signkey_priv.eddsa_priv, purpose, &sig->eddsa_signature)); TEH_KS_release (key_state); + return GNUNET_OK; } -- cgit v1.2.3