[taler-exchange] 45/124: add KYC auth signature check

[gnunet]

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to tag cg-aml-branch-compiles
in repository exchange.

commit de229f77659600a78a92003f36a82058f6e95e58
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Thu May 16 20:36:28 2024 +0200

    add KYC auth signature check
---
 src/exchange/taler-exchange-httpd_kyc-check.c | 28 ++++++++++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/src/exchange/taler-exchange-httpd_kyc-check.c 
b/src/exchange/taler-exchange-httpd_kyc-check.c
index b3e850f25..61b4eb974 100644
--- a/src/exchange/taler-exchange-httpd_kyc-check.c
+++ b/src/exchange/taler-exchange-httpd_kyc-check.c
@@ -290,7 +290,33 @@ TEH_handler_kyc_check (
     }
   }
 
-  // FIXME: check signature!
+  if (GNUNET_OK !=
+      TALER_account_kyc_auth_verify (&account_pub,
+                                     &kyp->account_sig))
+  {
+    char *diag;
+    MHD_RESULT mret;
+
+    json_decref (jrules);
+    jrules = NULL;
+    if (GNUNET_is_zero (&account_pub))
+    {
+      return TALER_MHD_reply_with_error (
+        rc->connection,
+        MHD_HTTP_CONFLICT,
+        TALER_EC_EXCHANGE_KYC_CHECK_AUTHORIZATION_KEY_UNKNOWN,
+        NULL);
+    }
+    diag = GNUNET_STRINGS_data_to_string_alloc (&account_pub,
+                                                sizeof (account_pub));
+    mret = TALER_MHD_reply_with_error (
+      rc->connection,
+      MHD_HTTP_FORBIDDEN,
+      TALER_EC_EXCHANGE_KYC_CHECK_AUTHORIZATION_FAILED,
+      diag);
+    GNUNET_free (diag);
+    return mret;
+  }
 
   jlimits = TALER_KYCLOGIC_rules_to_limits (jrules);
   if (NULL == jlimits)

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.