aboutsummaryrefslogtreecommitdiff
path: root/src/include/anastasis.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/include/anastasis.h')
-rw-r--r--src/include/anastasis.h986
1 files changed, 986 insertions, 0 deletions
diff --git a/src/include/anastasis.h b/src/include/anastasis.h
new file mode 100644
index 0000000..1591106
--- /dev/null
+++ b/src/include/anastasis.h
@@ -0,0 +1,986 @@
1/*
2 This file is part of Anastasis
3 Copyright (C) 2020, 2021 Taler Systems SA
4
5 Anastasis is free software; you can redistribute it and/or modify it under the
6 terms of the GNU Lesser General Public License as published by the Free Software
7 Foundation; either version 3, or (at your option) any later version.
8
9 Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
10 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
11 A PARTICULAR PURPOSE. See the GNU General Public License for more details.
12
13 You should have received a copy of the GNU General Public License along with
14 Anastasis; see the file COPYING.GPL. If not, see <http://www.gnu.org/licenses/>
15*/
16/**
17 * @file include/anastasis.h
18 * @brief anastasis high-level client api
19 * @author Christian Grothoff
20 * @author Dominik Meister
21 * @author Dennis Neufeld
22 */
23#ifndef ANASTASIS_H
24#define ANASTASIS_H
25
26#include "anastasis_service.h"
27#include <taler/taler_json_lib.h>
28#include <gnunet/gnunet_util_lib.h>
29#include <stdbool.h>
30
31
32/* ********************* Recovery api *********************** */
33
34/**
35 * Defines the instructions for a challenge, what does the user have
36 * to do to fulfill the challenge. Also defines the method and other
37 * information for the challenge like a link for the video indent or a
38 * information to which address an e-mail was sent.
39 */
40struct ANASTASIS_Challenge;
41
42
43/**
44 * Defines the instructions for a challenge, what does the user have
45 * to do to fulfill the challenge. Also defines the method and other
46 * information for the challenge like a link for the video indent or a
47 * information to which address an e-mail was sent.
48 */
49struct ANASTASIS_ChallengeDetails
50{
51
52 /**
53 * UUID which identifies this challenge
54 */
55 struct ANASTASIS_CRYPTO_TruthUUIDP uuid;
56
57 /**
58 * Which type is this challenge (E-Mail, Security Question, SMS...)
59 */
60 const char *type;
61
62 /**
63 * Defines the base URL of the Anastasis provider used for the challenge.
64 */
65 const char *provider_url;
66
67 /**
68 * Instructions for solving the challenge (generic, set client-side
69 * when challenge was established).
70 */
71 const char *instructions;
72
73 /**
74 * true if challenged was already solved, else false.
75 */
76 bool solved;
77
78};
79
80
81/**
82 * Return public details about a challenge.
83 *
84 * @param challenge the challenge to inspect
85 * @return public details about the challenge
86 */
87const struct ANASTASIS_ChallengeDetails *
88ANASTASIS_challenge_get_details (struct ANASTASIS_Challenge *challenge);
89
90
91/**
92 * Possible outcomes of trying to start a challenge operation.
93 */
94enum ANASTASIS_ChallengeStatus
95{
96
97 /**
98 * The challenge has been solved.
99 */
100 ANASTASIS_CHALLENGE_STATUS_SOLVED,
101
102 /**
103 * Instructions for how to solve the challenge are provided. Also
104 * used if the answer we provided was wrong (or if no answer was
105 * provided, but one is needed).
106 */
107 ANASTASIS_CHALLENGE_STATUS_INSTRUCTIONS,
108
109 /**
110 * A redirection URL needed to solve the challenge is provided. Also
111 * used if the answer we provided was wrong (or if no answer was
112 * provided, but one is needed).
113 */
114 ANASTASIS_CHALLENGE_STATUS_REDIRECT_FOR_AUTHENTICATION,
115
116 /**
117 * Payment is required before the challenge can be answered.
118 */
119 ANASTASIS_CHALLENGE_STATUS_PAYMENT_REQUIRED,
120
121 /**
122 * We encountered an error talking to the Anastasis service.
123 */
124 ANASTASIS_CHALLENGE_STATUS_SERVER_FAILURE,
125
126 /**
127 * The server does not know this truth.
128 */
129 ANASTASIS_CHALLENGE_STATUS_TRUTH_UNKNOWN,
130
131 /**
132 * The rate limit for solving the challenge was exceeded.
133 */
134 ANASTASIS_CHALLENGE_STATUS_RATE_LIMIT_EXCEEDED
135
136};
137
138
139/**
140 * Response from an #ANASTASIS_challenge_start() operation.
141 */
142struct ANASTASIS_ChallengeStartResponse
143{
144 /**
145 * What is our status on satisfying this challenge. Determines @e details.
146 */
147 enum ANASTASIS_ChallengeStatus cs;
148
149 /**
150 * Which challenge is this about?
151 */
152 struct ANASTASIS_Challenge *challenge;
153
154 /**
155 * Details depending on @e cs
156 */
157 union
158 {
159
160 /**
161 * Challenge details provided if
162 * @e cs is #ANASTASIS_CHALLENGE_STATUS_INSTRUCTIONS.
163 */
164 struct
165 {
166
167 /**
168 * Response with server-side instructions for the user.
169 */
170 const void *body;
171
172 /**
173 * Mime type of the data in @e body.
174 */
175 const char *content_type;
176
177 /**
178 * Number of bytes in @e body
179 */
180 size_t body_size;
181
182 /**
183 * HTTP status returned by the server. #MHD_HTTP_ALREADY_REPORTED
184 * if the server did already send the challenge to the user,
185 * #MHD_HTTP_FORBIDDEN if the answer was wrong (or missing).
186 */
187 unsigned int http_status;
188 } open_challenge;
189
190
191 /**
192 * Response with URL to redirect the user to, if
193 * @e cs is #ANASTASIS_CHALLENGE_STATUS_REDIRECT_FOR_AUTHENTICATION.
194 */
195 const char *redirect_url;
196
197 /**
198 * Response with instructions for how to pay, if
199 * @e cs is #ANASTASIS_CHALLENGE_STATUS_PAYMENT_REQUIRED.
200 */
201 struct
202 {
203
204 /**
205 * "taler://pay" URI with details how to pay for the challenge.
206 */
207 const char *taler_pay_uri;
208
209 /**
210 * Payment secret from @e taler_pay_uri.
211 */
212 struct ANASTASIS_PaymentSecretP payment_secret;
213
214 } payment_required;
215
216
217 /**
218 * Response with details about a server-side failure, if
219 * @e cs is #ANASTASIS_CHALLENGE_STATUS_SERVER_FAILURE.
220 */
221 struct
222 {
223
224 /**
225 * HTTP status returned by the server.
226 */
227 unsigned int http_status;
228
229 /**
230 * Taler-specific error code.
231 */
232 enum TALER_ErrorCode ec;
233
234 } server_failure;
235
236 } details;
237};
238
239
240/**
241 * Defines a callback for the response status for a challenge start
242 * operation.
243 *
244 * @param cls closure
245 * @param csr response details
246 */
247typedef void
248(*ANASTASIS_AnswerFeedback)(
249 void *cls,
250 const struct ANASTASIS_ChallengeStartResponse *csr);
251
252
253/**
254 * User starts a challenge which reponds out of bounds (E-Mail, SMS,
255 * Postal..) If the challenge is zero cost, the challenge
256 * instructions will be sent to the client. If the challenge needs
257 * payment a payment link is sent to the client. After payment the
258 * challenge start method has to be called again.
259 *
260 * @param c reference to the escrow challenge which is started
261 * @param psp payment secret, NULL if no payment was yet made
262 * @param timeout how long to wait for payment
263 * @param hashed_answer answer to the challenge, NULL if we have none yet
264 * @param af reference to the answerfeedback which is passed back to the user
265 * @param af_cls closure for @a af
266 * @return #GNUNET_OK if the challenge was successfully started
267 */
268int
269ANASTASIS_challenge_start (struct ANASTASIS_Challenge *c,
270 const struct ANASTASIS_PaymentSecretP *psp,
271 struct GNUNET_TIME_Relative timeout,
272 const struct GNUNET_HashCode *hashed_answer,
273 ANASTASIS_AnswerFeedback af,
274 void *af_cls);
275
276
277/**
278 * Challenge answer for a security question. Is referenced to
279 * a challenge and sends back an AnswerFeedback. Convenience
280 * wrapper around #ANASTASIS_challenge_start that hashes @a answer
281 * for security questions.
282 *
283 * @param c reference to the challenge which is answered
284 * @param psp information about payment made for the recovery
285 * @param timeout how long to wait for payment
286 * @param answer user input instruction defines which input is needed
287 * @param af reference to the answerfeedback which is passed back to the user
288 * @param af_cls closure for @a af
289 * @return #GNUNET_OK on success
290 */
291int
292ANASTASIS_challenge_answer (struct ANASTASIS_Challenge *c,
293 const struct ANASTASIS_PaymentSecretP *psp,
294 struct GNUNET_TIME_Relative timeout,
295 const char *answer,
296 ANASTASIS_AnswerFeedback af,
297 void *af_cls);
298
299
300/**
301 * Challenge answer from the user like input SMS TAN or e-mail wpin. Is
302 * referenced to a challenge and sends back an AnswerFeedback.
303 * Convenience wrapper around #ANASTASIS_challenge_start that hashes
304 * numeric (unsalted) @a answer. Variant for numeric answers.
305 *
306 * @param c reference to the challenge which is answered
307 * @param psp information about payment made for the recovery
308 * @param timeout how long to wait for payment
309 * @param answer user input instruction defines which input is needed
310 * @param af reference to the answerfeedback which is passed back to the user
311 * @param af_cls closure for @a af
312 * @return #GNUNET_OK on success
313 */
314int
315ANASTASIS_challenge_answer2 (struct ANASTASIS_Challenge *c,
316 const struct ANASTASIS_PaymentSecretP *psp,
317 struct GNUNET_TIME_Relative timeout,
318 uint64_t answer,
319 ANASTASIS_AnswerFeedback af,
320 void *af_cls);
321
322
323/**
324 * Abort answering challenge.
325 *
326 * @param c reference to the escrow challenge which was started
327 */
328void
329ANASTASIS_challenge_abort (struct ANASTASIS_Challenge *c);
330
331
332/**
333 * Defines a Decryption Policy with multiple escrow methods
334 */
335struct ANASTASIS_DecryptionPolicy
336{
337 /**
338 * Array of challenges needed to solve for this decryption policy.
339 */
340 struct ANASTASIS_Challenge **challenges;
341
342 /**
343 * Length of the @a challenges in this policy.
344 */
345 unsigned int challenges_length;
346
347};
348
349
350/**
351 * Defines the recovery information (possible policies and version of the recovery document)
352 */
353struct ANASTASIS_RecoveryInformation
354{
355
356 /**
357 * Array of @e dps_len policies that would allow recovery of the core secret.
358 */
359 struct ANASTASIS_DecryptionPolicy **dps;
360
361 /**
362 * Array of all @e cs_len challenges to be solved (for any of the policies).
363 */
364 struct ANASTASIS_Challenge **cs;
365
366 /**
367 * Name of the secret being recovered, possibly NULL.
368 */
369 const char *secret_name;
370
371 /**
372 * Length of the @e dps array.
373 */
374 unsigned int dps_len;
375
376 /**
377 * Length of the @e cs array.
378 */
379 unsigned int cs_len;
380
381 /**
382 * Actual recovery document version obtained.
383 */
384 unsigned int version;
385};
386
387
388/**
389 * Callback which passes back the recovery document and its possible
390 * policies. Also passes back the version of the document for the user
391 * to check.
392 *
393 * @param cls closure for the callback
394 * @param ri recovery information struct which contains the policies
395 */
396typedef void
397(*ANASTASIS_PolicyCallback)(void *cls,
398 const struct ANASTASIS_RecoveryInformation *ri);
399
400
401/**
402 * Possible outcomes of a recovery process.
403 */
404enum ANASTASIS_RecoveryStatus
405{
406
407 /**
408 * Recovery succeeded.
409 */
410 ANASTASIS_RS_SUCCESS = 0,
411
412 /**
413 * The HTTP download of the policy failed.
414 */
415 ANASTASIS_RS_POLICY_DOWNLOAD_FAILED,
416
417 /**
418 * We did not get a valid policy document.
419 */
420 ANASTASIS_RS_POLICY_DOWNLOAD_NO_POLICY,
421
422 /**
423 * The decompressed policy document was too big for available memory.
424 */
425 ANASTASIS_RS_POLICY_DOWNLOAD_TOO_BIG,
426
427 /**
428 * The decrypted policy document was not compressed.
429 */
430 ANASTASIS_RS_POLICY_DOWNLOAD_INVALID_COMPRESSION,
431
432 /**
433 * The decompressed policy document was not in JSON.
434 */
435 ANASTASIS_RS_POLICY_DOWNLOAD_NO_JSON,
436
437 /**
438 * The decompressed policy document was in malformed JSON.
439 */
440 ANASTASIS_RS_POLICY_MALFORMED_JSON,
441
442 /**
443 * The Anastasis server reported a transient error.
444 */
445 ANASTASIS_RS_POLICY_SERVER_ERROR,
446
447 /**
448 * The Anastasis server no longer has a policy (likely expired).
449 */
450 ANASTASIS_RS_POLICY_GONE,
451
452 /**
453 * The Anastasis server reported that the account is unknown.
454 */
455 ANASTASIS_RS_POLICY_UNKNOWN
456};
457
458
459/**
460 * This function is called whenever the recovery process ends.
461 * On success, the secret is returned in @a secret.
462 *
463 * @param cls closure
464 * @param ec error code
465 * @param secret contains the core secret which is passed to the user
466 * @param secret_size defines the size of the core secret
467 */
468typedef void
469(*ANASTASIS_CoreSecretCallback)(void *cls,
470 enum ANASTASIS_RecoveryStatus rc,
471 const void *secret,
472 size_t secret_size);
473
474
475/**
476 * stores provider URIs, identity key material, decrypted recovery document (internally!)
477 */
478struct ANASTASIS_Recovery;
479
480
481/**
482 * Starts the recovery process by opening callbacks for the coresecret and a policy callback. A list of
483 * providers is checked for policies and passed back to the client.
484 *
485 * @param ctx context for making HTTP requests
486 * @param id_data contains the users identity, (user account on providers)
487 * @param version defines the version which will be downloaded NULL for latest version
488 * @param anastasis_provider_url NULL terminated list of possible provider urls
489 * @param provider_salt the server salt
490 * @param pc opens the policy call back which holds the downloaded version and the policies
491 * @param pc_cls closure for callback
492 * @param csc core secret callback is opened, with this the core secert is passed to the client after the authentication
493 * @param csc_cls handle for the callback
494 * @return recovery operation handle
495 */
496struct ANASTASIS_Recovery *
497ANASTASIS_recovery_begin (
498 struct GNUNET_CURL_Context *ctx,
499 const json_t *id_data,
500 unsigned int version,
501 const char *anastasis_provider_url,
502 const struct ANASTASIS_CRYPTO_ProviderSaltP *provider_salt,
503 ANASTASIS_PolicyCallback pc,
504 void *pc_cls,
505 ANASTASIS_CoreSecretCallback csc,
506 void *csc_cls);
507
508
509/**
510 * Serialize recovery operation state and returning it.
511 * The recovery MAY still continue, applications should call
512 * #ANASTASIS_recovery_abort() to truly end the recovery.
513 *
514 * @param r recovery operation to suspend.
515 * @return JSON serialized state of @a r
516 */
517json_t *
518ANASTASIS_recovery_serialize (const struct ANASTASIS_Recovery *r);
519
520
521/**
522 * Deserialize recovery operation.
523 *
524 * @param ctx context for making HTTP requests
525 * @param input result from #ANASTASIS_recovery_serialize()
526 * @param pc opens the policy call back which holds the downloaded version and the policies
527 * @param pc_cls closure for callback
528 * @param csc core secret callback is opened, with this the core secert is passed to the client after the authentication
529 * @param csc_cls handle for the callback
530 * @return recovery operation handle
531 */
532struct ANASTASIS_Recovery *
533ANASTASIS_recovery_deserialize (struct GNUNET_CURL_Context *ctx,
534 const json_t *input,
535 ANASTASIS_PolicyCallback pc,
536 void *pc_cls,
537 ANASTASIS_CoreSecretCallback csc,
538 void *csc_cls);
539
540
541/**
542 * Cancels the recovery process
543 *
544 * @param r handle to the recovery struct
545 */
546void
547ANASTASIS_recovery_abort (struct ANASTASIS_Recovery *r);
548
549
550/* ************************* Backup API ***************************** */
551
552
553/**
554 * Represents a truth object, which is a key share and the respective
555 * challenge to be solved with an Anastasis provider to recover the
556 * key share.
557 */
558struct ANASTASIS_Truth;
559
560
561/**
562 * Extracts truth data from JSON.
563 *
564 * @param json JSON encoding to decode; truth returned ONLY valid as long
565 * as the JSON remains valid (do not decref until the truth
566 * is truly finished)
567 * @return decoded truth object, NULL on error
568 */
569struct ANASTASIS_Truth *
570ANASTASIS_truth_from_json (const json_t *json);
571
572
573/**
574 * Returns JSON-encoded truth data.
575 * Creates a policy with a set of truth's. Creates the policy key
576 * with the different key shares from the @a truths. The policy key
577 * will then be used to encrypt/decrypt the escrow master key.
578 *
579 * @param t object to return JSON encoding for
580 * @return JSON encoding of @a t
581 */
582json_t *
583ANASTASIS_truth_to_json (const struct ANASTASIS_Truth *t);
584
585
586/**
587 * Handle for the operation to establish a truth object by sharing
588 * an encrypted key share with an Anastasis provider.
589 */
590struct ANASTASIS_TruthUpload;
591
592
593/**
594 * Upload result information. The resulting truth object can be used
595 * to create policies. If payment is required, the @a taler_pay_url
596 * is returned and the operation must be retried after payment.
597 * Callee MUST free @a t using ANASTASIS_truth_free().
598 *
599 * @param cls closure for callback
600 * @param t truth object to create policies, NULL on failure
601 * @param ud upload details, useful to continue in case of errors, NULL on success
602 */
603typedef void
604(*ANASTASIS_TruthCallback)(void *cls,
605 struct ANASTASIS_Truth *t,
606 const struct ANASTASIS_UploadDetails *ud);
607
608
609/**
610 * Uploads truth data to an escrow provider. The resulting truth object
611 * is returned via the @a tc function. If payment is required, it is
612 * requested via the @a tcp callback.
613 *
614 * @param ctx the CURL context used to connect to the backend
615 * @param user_id user identifier derived from user data and backend salt
616 * @param type defines the type of the challenge (secure question, sms, email)
617 * @param instructions depending on @a type! usually only for security question/answer!
618 * @param mime_type format of the challenge
619 * @param provider_salt the providers salt
620 * @param truth_data contains the truth for this challenge i.e. phone number, email address
621 * @param truth_data_size size of the @a truth_data
622 * @param payment_years_requested for how many years would the client like the service to store the truth?
623 * @param pay_timeout how long to wait for payment
624 * @param tc opens the truth callback which contains the status of the upload
625 * @param tc_cls closure for the @a tc callback
626 */
627struct ANASTASIS_TruthUpload *
628ANASTASIS_truth_upload (
629 struct GNUNET_CURL_Context *ctx,
630 const struct ANASTASIS_CRYPTO_UserIdentifierP *user_id,
631 const char *provider_url,
632 const char *type,
633 const char *instructions,
634 const char *mime_type,
635 const struct ANASTASIS_CRYPTO_ProviderSaltP *provider_salt,
636 const void *truth_data,
637 size_t truth_data_size,
638 uint32_t payment_years_requested,
639 struct GNUNET_TIME_Relative pay_timeout,
640 ANASTASIS_TruthCallback tc,
641 void *tc_cls);
642
643
644/**
645 * Retries upload of truth data to an escrow provider. The resulting
646 * truth object is returned via the @a tc function. If payment is
647 * required, it is requested via the @a tcp callback.
648 *
649 * @param ctx the CURL context used to connect to the backend
650 * @param user_id user identifier derived from user data and backend salt
651 * @param type defines the type of the challenge (secure question, sms, email)
652 * @param instructions depending on @a type! usually only for security question/answer!
653 * @param mime_type format of the challenge
654 * @param provider_salt the providers salt
655 * @param truth_data contains the truth for this challenge i.e. phone number, email address
656 * @param truth_data_size size of the @a truth_data
657 * @param payment_years_requested for how many years would the client like the service to store the truth?
658 * @param pay_timeout how long to wait for payment
659 * @param nonce nonce to use for symmetric encryption
660 * @param uuid truth UUID to use
661 * @param salt salt to use to hash security questions
662 * @param truth_key symmetric encryption key to use to encrypt @a truth_data
663 * @param key_share share of the overall key to store in this truth object
664 * @param tc opens the truth callback which contains the status of the upload
665 * @param tc_cls closure for the @a tc callback
666 */
667struct ANASTASIS_TruthUpload *
668ANASTASIS_truth_upload2 (
669 struct GNUNET_CURL_Context *ctx,
670 const struct ANASTASIS_CRYPTO_UserIdentifierP *user_id,
671 const char *provider_url,
672 const char *type,
673 const char *instructions,
674 const char *mime_type,
675 const struct ANASTASIS_CRYPTO_ProviderSaltP *provider_salt,
676 const void *truth_data,
677 size_t truth_data_size,
678 uint32_t payment_years_requested,
679 struct GNUNET_TIME_Relative pay_timeout,
680 const struct ANASTASIS_CRYPTO_NonceP *nonce,
681 const struct ANASTASIS_CRYPTO_TruthUUIDP *uuid,
682 const struct ANASTASIS_CRYPTO_QuestionSaltP *salt,
683 const struct ANASTASIS_CRYPTO_TruthKeyP *truth_key,
684 const struct ANASTASIS_CRYPTO_KeyShareP *key_share,
685 ANASTASIS_TruthCallback tc,
686 void *tc_cls);
687
688
689/**
690 * Retries upload of truth data to an escrow provider using an
691 * existing truth object. If payment is required, it is requested via
692 * the @a tc callback.
693 *
694 * @param ctx the CURL context used to connect to the backend
695 * @param user_id user identifier derived from user data and backend salt
696 * @param[in] t truth details, reference is consumed
697 * @param truth_data contains the truth for this challenge i.e. phone number, email address
698 * @param truth_data_size size of the @a truth_data
699 * @param payment_years_requested for how many years would the client like the service to store the truth?
700 * @param pay_timeout how long to wait for payment
701 * @param tc opens the truth callback which contains the status of the upload
702 * @param tc_cls closure for the @a tc callback
703 */
704struct ANASTASIS_TruthUpload *
705ANASTASIS_truth_upload3 (struct GNUNET_CURL_Context *ctx,
706 const struct ANASTASIS_CRYPTO_UserIdentifierP *user_id,
707 struct ANASTASIS_Truth *t,
708 const void *truth_data,
709 size_t truth_data_size,
710 uint32_t payment_years_requested,
711 struct GNUNET_TIME_Relative pay_timeout,
712 ANASTASIS_TruthCallback tc,
713 void *tc_cls);
714
715
716/**
717 * Cancels a truth upload process.
718 *
719 * @param tu handle for the upload
720 */
721void
722ANASTASIS_truth_upload_cancel (struct ANASTASIS_TruthUpload *tu);
723
724
725/**
726 * Free's the truth object which was returned to a #ANASTASIS_TruthCallback.
727 *
728 * @param t object to clean up
729 */
730void
731ANASTASIS_truth_free (struct ANASTASIS_Truth *t);
732
733
734/**
735 * Policy object, representing a set of truths (and thus challenges
736 * to satisfy) to recover a secret.
737 */
738struct ANASTASIS_Policy;
739
740
741/**
742 * Creates a policy with a set of truth's. Creates the policy key
743 * with the different key shares from the @a truths. The policy key
744 * will then be used to encrypt/decrypt the escrow master key.
745 *
746 * @param truths array of truths which are stored on different providers
747 * @param truths_len length of the @a truths array
748 */
749struct ANASTASIS_Policy *
750ANASTASIS_policy_create (const struct ANASTASIS_Truth *truths[],
751 unsigned int truths_len);
752
753
754/**
755 * Destroys a policy object.
756 *
757 * @param p handle for the policy to destroy
758 */
759void
760ANASTASIS_policy_destroy (struct ANASTASIS_Policy *p);
761
762
763/**
764 * Information about a provider requesting payment for storing a policy.
765 */
766struct ANASTASIS_SharePaymentRequest
767{
768 /**
769 * Payment request URL.
770 */
771 const char *payment_request_url;
772
773 /**
774 * Base URL of the provider requesting payment.
775 */
776 const char *provider_url;
777
778 /**
779 * The payment secret (aka order ID) extracted from the @e payment_request_url.
780 */
781 struct ANASTASIS_PaymentSecretP payment_secret;
782};
783
784
785/**
786 * Result of uploading share data.
787 */
788enum ANASTASIS_ShareStatus
789{
790 /**
791 * Upload successful.
792 */
793 ANASTASIS_SHARE_STATUS_SUCCESS = 0,
794
795 /**
796 * Upload requires payment.
797 */
798 ANASTASIS_SHARE_STATUS_PAYMENT_REQUIRED,
799
800 /**
801 * Failure to upload secret share at the provider.
802 */
803 ANASTASIS_SHARE_STATUS_PROVIDER_FAILED
804};
805
806
807/**
808 * Per-provider status upon successful backup.
809 */
810struct ANASTASIS_ProviderSuccessStatus
811{
812 /**
813 * Base URL of the provider.
814 */
815 const char *provider_url;
816
817 /**
818 * When will the policy expire?
819 */
820 struct GNUNET_TIME_Absolute policy_expiration;
821
822 /**
823 * Version number of the policy at the provider.
824 */
825 unsigned long long policy_version;
826
827};
828
829
830/**
831 * Complete result of a secret sharing operation.
832 */
833struct ANASTASIS_ShareResult
834{
835 /**
836 * Status of the share secret operation.
837 */
838 enum ANASTASIS_ShareStatus ss;
839
840 /**
841 * Details about the result, depending on @e ss.
842 */
843 union
844 {
845
846 struct
847 {
848
849 /**
850 * Array of status details for each provider.
851 */
852 const struct ANASTASIS_ProviderSuccessStatus *pss;
853
854 /**
855 * Length of the @e policy_version and @e provider_urls arrays.
856 */
857 unsigned int num_providers;
858
859 } success;
860
861 struct
862 {
863 /**
864 * Array of URLs with requested payments.
865 */
866 struct ANASTASIS_SharePaymentRequest *payment_requests;
867
868 /**
869 * Length of the payment_requests array.
870 */
871 unsigned int payment_requests_length;
872 } payment_required;
873
874 struct
875 {
876 /**
877 * Base URL of the failed provider.
878 */
879 const char *provider_url;
880
881 /**
882 * HTTP status returned by the provider.
883 */
884 unsigned int http_status;
885
886 /**
887 * Upload status of the provider.
888 */
889 enum ANASTASIS_UploadStatus ec;
890
891
892 } provider_failure;
893
894 } details;
895
896};
897
898
899/**
900 * Function called with the results of a #ANASTASIS_secret_share().
901 *
902 * @param cls closure
903 * @param sr share result
904 */
905typedef void
906(*ANASTASIS_ShareResultCallback)(void *cls,
907 const struct ANASTASIS_ShareResult *sr);
908
909
910/**
911 * Defines a recovery document upload process (recovery document
912 * consists of multiple policies)
913 */
914struct ANASTASIS_SecretShare;
915
916
917/**
918 * Details of a past payment
919 */
920struct ANASTASIS_ProviderDetails
921{
922 /**
923 * URL of the provider backend.
924 */
925 const char *provider_url;
926
927 /**
928 * Payment order ID / secret of a past payment.
929 */
930 struct ANASTASIS_PaymentSecretP payment_secret;
931
932 /**
933 * Server salt. Points into a truth object from which we got the
934 * salt.
935 */
936 struct ANASTASIS_CRYPTO_ProviderSaltP provider_salt;
937};
938
939
940/**
941 * Creates a recovery document with the created policies and uploads it to
942 * all servers.
943 *
944 * @param ctx the CURL context used to connect to the backend
945 * @param id_data used to create a account identifier on the escrow provider
946 * @param providers array of providers with URLs to upload the policies to
947 * @param pss_length length of the @a providers array
948 * @param policies list of policies which are included in this recovery document
949 * @param policies_length length of the @a policies array
950 * @param payment_years_requested for how many years would the client like the service to store the truth?
951 * @param pay_timeout how long to wait for payment
952 * @param spc payment callback is opened to pay the upload
953 * @param spc_cls closure for the @a spc payment callback
954 * @param src callback for the upload process
955 * @param src_cls closure for the @a src upload callback
956 * @param secret_name name of the core secret
957 * @param core_secret input of the user which is secured by anastasis e.g. (wallet private key)
958 * @param core_secret_size size of the @a core_secret
959 * @return NULL on error
960 */
961struct ANASTASIS_SecretShare *
962ANASTASIS_secret_share (struct GNUNET_CURL_Context *ctx,
963 const json_t *id_data,
964 const struct ANASTASIS_ProviderDetails providers[],
965 unsigned int pss_length,
966 const struct ANASTASIS_Policy *policies[],
967 unsigned int policies_len,
968 uint32_t payment_years_requested,
969 struct GNUNET_TIME_Relative pay_timeout,
970 ANASTASIS_ShareResultCallback src,
971 void *src_cls,
972 const char *secret_name,
973 const void *core_secret,
974 size_t core_secret_size);
975
976
977/**
978 * Cancels a secret share request.
979 *
980 * @param ss handle to the request
981 */
982void
983ANASTASIS_secret_share_cancel (struct ANASTASIS_SecretShare *ss);
984
985
986#endif