summaryrefslogtreecommitdiff
path: root/contrib
diff options
context:
space:
mode:
Diffstat (limited to 'contrib')
-rw-r--r--contrib/.gitignore1
-rw-r--r--contrib/Makefile.am1
m---------contrib/gana0
-rwxr-xr-xcontrib/gen-ts.sh26
-rw-r--r--contrib/pp/.gitignore3
-rw-r--r--contrib/pp/pp.rst64
-rw-r--r--contrib/redux.countries.json11
-rw-r--r--contrib/redux.es.json50
-rw-r--r--contrib/remote-reducer/README.md20
-rw-r--r--contrib/remote-reducer/remote_reducer.py53
-rw-r--r--contrib/tos/.gitignore3
11 files changed, 219 insertions, 13 deletions
diff --git a/contrib/.gitignore b/contrib/.gitignore
new file mode 100644
index 0000000..93559bd
--- /dev/null
+++ b/contrib/.gitignore
@@ -0,0 +1 @@
+anastasis-data.ts
diff --git a/contrib/Makefile.am b/contrib/Makefile.am
index a360ab5..a2bdf27 100644
--- a/contrib/Makefile.am
+++ b/contrib/Makefile.am
@@ -55,6 +55,7 @@ pkgdata_DATA = \
redux.cz.json \
redux.de.json \
redux.dk.json \
+ redux.es.json \
redux.in.json \
redux.it.json \
redux.jp.json \
diff --git a/contrib/gana b/contrib/gana
-Subproject 323cb8276408e2c02b59bbe6e10da904538a149
+Subproject f126ffd32255c68f4fbef5e9ef849ef04855b0a
diff --git a/contrib/gen-ts.sh b/contrib/gen-ts.sh
new file mode 100755
index 0000000..bc204d1
--- /dev/null
+++ b/contrib/gen-ts.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+# Generate a single TS file from the JSON data files in contrib/.
+# Requires prettier to be installed.
+
+gen_ts() {
+ echo "// This file is auto-generated, do not modify."
+ echo "// Generated from $(git describe --tags) on $(date -R)"
+ echo "// To re-generate, run contrib/gen-ts.sh from the main anastasis code base."
+ echo
+ echo "export const anastasisData = {"
+ echo "providersList: $(cat provider-list.json),"
+ echo "countriesList: $(cat redux.countries.json),"
+ echo "countryDetails: {"
+ for f in redux.??.json; do
+ cc=$(echo $f | awk -F "." '{ print $2 }')
+ echo "$cc: $(cat $f),"
+ done
+ echo "}," # country details
+ echo "}" # anastasis data
+
+}
+
+gen_ts > anastasis-data.ts
+# Auto-format
+prettier -w anastasis-data.ts
diff --git a/contrib/pp/.gitignore b/contrib/pp/.gitignore
new file mode 100644
index 0000000..fb83616
--- /dev/null
+++ b/contrib/pp/.gitignore
@@ -0,0 +1,3 @@
+sphinx.err
+sphinx.log
+_build/
diff --git a/contrib/pp/pp.rst b/contrib/pp/pp.rst
index a8ff838..8972028 100644
--- a/contrib/pp/pp.rst
+++ b/contrib/pp/pp.rst
@@ -1,7 +1,7 @@
Privacy Policy
==============
-Last Updated: 07.09.2021
+Last Updated: 22.09.2021
This Privacy Policy describes the policies and procedures of Anastasis
SARL (“we,” “our,” or “us”) pertaining to the collection, use, and
@@ -45,30 +45,32 @@ information (i.e., information that cannot be used to identify who you are)
will tell you how we might collect and use each type.
We do our best to not collect any Personal Information from Anastasis
-users. The detailed Personal Information Anastasis asks from you during
-the regular backup and recovery process at the beginning is never shared
-with us and only used to create a cryptographic account identifier which
-does not allow us to recover any of your details.
+users. The detailed Personal Information Anastasis asks from you
+during the regular backup and recovery process at the beginning is
+never shared with us and only used to create a cryptographic account
+identifier which does not allow us to recover any of your
+details. This data will always remain on your own device without the
+possibility of access from our side.
That being said, when using our Services to recover key material, we may
inherently receive the following information (depending on your choice of
authentication method):
- * Bank account details necessary when receiving funds from you to authenticate via a SEPA transfer. We will store these as part of our business records for accounting, and our bank will also be legally obliged to store the details for many years.
+ * Bank account details necessary when receiving funds from you to authenticate via a SEPA transfer. We will store these as part of our business records for accounting, and our bank will also be legally obliged to store the details for many years according to legal retention periods.
- * Your phone number when using SMS authentication. We rely on third party providers (such as your mobile network operator) to deliver the SMS to you. These third parties will see the SMS message sent to you and could thus learn that you are using Anastasis. SMS is inherently insecure, and you should expect many governments and private parties to be able to observe these messages. However, we do not store your SMS number on our systems, except maybe in short-term logs to diagnose errors.
+ * Your phone number when using SMS authentication. We rely on third party providers (such as your mobile network operator) to deliver the SMS to you. These third parties will see the SMS message sent to you and could thus learn that you are using Anastasis. SMS is inherently insecure, and you should expect many governments and private parties to be able to observe these messages. However, we do not store your phone number for SMS communication on our systems, except maybe in short-term logs to diagnose errors.
* Your e-mail address when using E-mail authentication. We rely on the Internet and your E-mail provider to deliver the E-mail to you. Internet service providers will see the E-mail message sent to you and could thus learn that you are using Anastasis. E-mail is inherently insecure, and you should expect many governments and private parties to be able to observe these messages. However, we do not store your E-mail address on our systems, except maybe in short-term logs to diagnose errors.
* Your physical address when using postal mail authentication. We rely on external providers for printing and sending the letter to you. These providers will need to learn your address and could learn that you are using Anastasis. Physical mail has strict privacy protections by law, but governments are known to break postal secrecy. We do not store your physical address on our systems, except maybe in short-term logs to diagnose errors.
- * When you contact us. We may collect certain information if you choose to contact us, for example to report a bug or other error with the Taler Wallet. This may include contact information such as your name, email address or phone number depending on the method you choose to contact us.
+ * When you contact us. We may collect certain information if you choose to contact us, for example to report a bug or other error with the Taler Wallet. This may include contact information such as your name, email address or phone number depending on the method you choose to contact us. We strictly only use the information provided by you in these instances to answer your request or to deliver the services requested by you.
-How we collect and process information
+How we collect and process personal data
--------------------------------------
-We may process your information for the following reasons:
+We may process your personal data for the following reasons:
* to authenticate you during secret recovery
* to support you using Anastasis when you contact us
@@ -96,8 +98,7 @@ Agents or third party partners
We may provide your Personal Information to our employees, contractors,
agents, service providers, and designees (“Agents”) to enable them to perform
certain services for us exclusively, including: improvement and maintenance of
-our software and Services. By accepting this Privacy Policy, as outlined
-above, you consent to any such transfer.
+our software and Services.
Protection of us and others
@@ -124,6 +125,43 @@ needed for purposes specified in the “How We Use the Information We
Gather” section will be deleted after ninety (90) days.
+What are your data protection rights?
+-------------------------------------
+
+Anastasis would like to make sure you are fully aware of all of your
+data protection rights. Every user is entitled to the following:
+
+**The right to access**: You have the right to request Anastasis for
+ copies of your personal data. We may charge you a small fee for this
+ service.
+
+**The right to rectification**: You have the right to request that
+Anastasis correct any information you believe is inaccurate. You also
+have the right to request Anastasis to complete information you
+believe is incomplete. The right to erasure - You have the right to
+request that Anastasis erase your personal data, under certain
+conditions.
+
+**The right to restrict processing**: You have the right to request
+ that Anastasis restrict the processing of your personal data, under
+ certain conditions.
+
+**The right to object to processing**: You have the right to object to
+ Anastasis's processing of your personal data, under certain
+ conditions.
+
+**The right to data portability**: You have the right to request that
+ Anastasis transfer the data that we have collected to another
+ organization, or directly to you, under certain conditions.
+
+If you make a request, we have one month to respond to you. If you
+would like to exercise any of these rights, please contact us at our
+email: privacy@anastasis.lu
+
+You can always contact your local data protection authority to enforce
+your rights.
+
+
Data retention
--------------
@@ -170,7 +208,7 @@ International users and visitors
--------------------------------
Our Services are (currently) hosted in Germany. If you are a user
-accessing the Services from the Switzerland, Asia, US, or any other
+accessing the Services from Switzerland, Asia, US, or any other
region with laws or regulations governing personal data collection,
use, and disclosure that differ from the laws of Germany, please be
advised that through your continued use of the Services, which is
diff --git a/contrib/redux.countries.json b/contrib/redux.countries.json
index aaaf134..8fb2e99 100644
--- a/contrib/redux.countries.json
+++ b/contrib/redux.countries.json
@@ -73,6 +73,17 @@
"call_code" : "+45"
},
{
+ "code" : "es",
+ "name" : "Spain",
+ "continent" : "Europe",
+ "continent_i18n" : { "es_ES" : "Europa" },
+ "name_i18n" : {
+ "es_ES": "España"
+ },
+ "currency": "EUR",
+ "call_code" : "+44"
+ },
+ {
"code" : "in",
"name" : "India",
"continent" : "India",
diff --git a/contrib/redux.es.json b/contrib/redux.es.json
new file mode 100644
index 0000000..5926b6d
--- /dev/null
+++ b/contrib/redux.es.json
@@ -0,0 +1,50 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "date",
+ "name": "birthdate",
+ "label": "Birthdate",
+ "widget": "anastasis_gtk_ia_birthdate",
+ "uuid" : "83d655c7-bdb6-484d-904e-80c1058c8854"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "tax_number",
+ "label": "Tax number",
+ "label_i18n":{
+ "es_ES":"Número de Identificación Fiscal (DNI, NIE)",
+ },
+ "widget": "anastasis_gtk_ia_es_dni",
+ "uuid" : "ac8bd865-6be8-445c-b650-6a18eef16a49",
+ "validation-regex": "^[0-9MXYZ][0-9]{7}[TRWAGMYFPDXBNJZSQVHLCKE]$",
+ "validation-logic": "ES_DNI_check"
+ },
+ {
+ "type": "string",
+ "name": "ssn_number",
+ "label": "Social security number",
+ "label_i18n":{
+ "es_ES":"Número de Seguridad Social",
+ },
+ "widget": "anastasis_gtk_ia_es_ssn",
+ "uuid" : "22396a19-f3bb-497e-b63a-961fd639140e",
+ "validation-regex": "^[0-9]{11}$"
+ }
+ ]
+}
diff --git a/contrib/remote-reducer/README.md b/contrib/remote-reducer/README.md
new file mode 100644
index 0000000..74adc66
--- /dev/null
+++ b/contrib/remote-reducer/README.md
@@ -0,0 +1,20 @@
+# Anastasis Remote Reducer
+
+The remote reducer is a simple HTTP service that proxies requests to
+``anastasis-reducer``. It is not meant to be used in production.
+
+## Dependencies
+
+The remote reducer needs python3 and flask. Flask can be installed via pip:
+
+```
+pip3 install flask
+```
+
+## Running the remote reducer
+
+```
+cd $ANASTASIS_GIT/contrib/remote-reducer
+export FLASK_APP=remote_reducer
+flask run -p 5000
+```
diff --git a/contrib/remote-reducer/remote_reducer.py b/contrib/remote-reducer/remote_reducer.py
new file mode 100644
index 0000000..aef6d6d
--- /dev/null
+++ b/contrib/remote-reducer/remote_reducer.py
@@ -0,0 +1,53 @@
+import flask
+from flask import Flask, request
+import subprocess
+import json
+import sys
+import os
+
+if sys.version_info.major < 3:
+ print("Python>=3 required")
+ os.exit(1)
+
+app = Flask(__name__)
+
+
+@app.route("/")
+def hello_world():
+ return "<p>Hello, World!</p>"
+
+
+@app.route("/start-recovery")
+def start_recovery():
+ res = subprocess.run(["anastasis-reducer", "-r"], capture_output=True)
+ resp = flask.Response(res.stdout)
+ resp.headers['Access-Control-Allow-Origin'] = '*'
+ return resp
+
+
+@app.route("/start-backup")
+def start_backup():
+ res = subprocess.run(["anastasis-reducer", "-b"], capture_output=True)
+ resp = flask.Response(res.stdout)
+ resp.headers['Access-Control-Allow-Origin'] = '*'
+ return resp
+
+
+@app.route("/action", methods=["POST", "OPTIONS"])
+def reduce_action():
+ if request.method == "OPTIONS":
+ resp = flask.Response()
+ resp.headers['Access-Control-Allow-Origin'] = '*'
+ resp.headers['Access-Control-Allow-Headers'] = '*'
+ resp.headers['Access-Control-Allow-Method'] = '*'
+ return resp
+
+ b = request.get_json()
+ res = subprocess.run(
+ ["anastasis-reducer", "-a", json.dumps(b["arguments"]), b["action"]],
+ capture_output=True,
+ input=json.dumps(b["state"]).encode("utf-8"),
+ )
+ resp = flask.Response(res.stdout)
+ resp.headers['Access-Control-Allow-Origin'] = '*'
+ return resp
diff --git a/contrib/tos/.gitignore b/contrib/tos/.gitignore
new file mode 100644
index 0000000..fb83616
--- /dev/null
+++ b/contrib/tos/.gitignore
@@ -0,0 +1,3 @@
+sphinx.err
+sphinx.log
+_build/