aboutsummaryrefslogtreecommitdiff
path: root/src/include/anastasis_service.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/include/anastasis_service.h')
-rw-r--r--src/include/anastasis_service.h703
1 files changed, 703 insertions, 0 deletions
diff --git a/src/include/anastasis_service.h b/src/include/anastasis_service.h
new file mode 100644
index 0000000..98ac490
--- /dev/null
+++ b/src/include/anastasis_service.h
@@ -0,0 +1,703 @@
1/*
2 This file is part of TALER
3 Copyright (C) 2019-2021 Taler Systems SA
4
5 Anastasis is free software; you can redistribute it and/or modify it under the
6 terms of the GNU Affero General Public License as published by the Free Software
7 Foundation; either version 3, or (at your option) any later version.
8
9 Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
10 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
11 A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
12
13 You should have received a copy of the GNU Lesser General Public License along with
14 Anastasis; see the file COPYING.LIB. If not, see <http://www.gnu.org/licenses/>
15*/
16/**
17 * @file include/anastasis_service.h
18 * @brief C interface of libanastasisrest, a C library to use merchant's HTTP API
19 * @author Christian Grothoff
20 * @author Dennis Neufeld
21 * @author Dominik Meister
22 */
23#ifndef ANASTASIS_SERVICE_H
24#define ANASTASIS_SERVICE_H
25
26#include "anastasis_crypto_lib.h"
27#include "anastasis_util_lib.h"
28#include <gnunet/gnunet_curl_lib.h>
29#include <jansson.h>
30
31
32/**
33 * Anastasis authorization method configuration
34 */
35struct ANASTASIS_AuthorizationMethodConfig
36{
37 /**
38 * Type of the method, i.e. "question".
39 */
40 const char *type;
41
42 /**
43 * Fee charged for accessing key share using this method.
44 */
45 struct TALER_Amount usage_fee;
46};
47
48
49/**
50 * @brief Anastasis configuration data.
51 */
52struct ANASTASIS_Config
53{
54 /**
55 * Protocol version supported by the server.
56 */
57 const char *version;
58
59 /**
60 * Business name of the anastasis provider.
61 */
62 const char *business_name;
63
64 /**
65 * Currency used for payments by the server.
66 */
67 const char *currency;
68
69 /**
70 * Array of authorization methods supported by the server.
71 */
72 const struct ANASTASIS_AuthorizationMethodConfig *methods;
73
74 /**
75 * Length of the @e methods array.
76 */
77 unsigned int methods_length;
78
79 /**
80 * Maximum size of an upload in megabytes.
81 */
82 uint32_t storage_limit_in_megabytes;
83
84 /**
85 * Annual fee for an account / policy upload.
86 */
87 struct TALER_Amount annual_fee;
88
89 /**
90 * Fee for a truth upload.
91 */
92 struct TALER_Amount truth_upload_fee;
93
94 /**
95 * Maximum legal liability for data loss covered by the
96 * provider.
97 */
98 struct TALER_Amount liability_limit;
99
100 /**
101 * Server salt.
102 */
103 struct ANASTASIS_CRYPTO_ProviderSaltP salt;
104
105};
106
107
108/**
109 * Function called with the result of a /config request.
110 * Note that an HTTP status of #MHD_HTTP_OK is no guarantee
111 * that @a acfg is non-NULL. @a acfg is non-NULL only if
112 * the server provided an acceptable response.
113 *
114 * @param cls closure
115 * @param http_status the HTTP status
116 * @param acfg configuration obtained, NULL if we could not parse it
117 */
118typedef void
119(*ANASTASIS_ConfigCallback)(void *cls,
120 unsigned int http_status,
121 const struct ANASTASIS_Config *acfg);
122
123
124/**
125 * @brief A Config Operation Handle
126 */
127struct ANASTASIS_ConfigOperation;
128
129
130/**
131 * Run a GET /config request against the Anastasis backend.
132 *
133 * @param ctx CURL context to use
134 * @param base_url base URL fo the Anastasis backend
135 * @param cb function to call with the results
136 * @param cb_cls closure for @a cb
137 * @return handle to cancel the operation
138 */
139struct ANASTASIS_ConfigOperation *
140ANASTASIS_get_config (struct GNUNET_CURL_Context *ctx,
141 const char *base_url,
142 ANASTASIS_ConfigCallback cb,
143 void *cb_cls);
144
145
146/**
147 * Cancel ongoing #ANASTASIS_get_config() request.
148 *
149 * @param co configuration request to cancel.
150 */
151void
152ANASTASIS_config_cancel (struct ANASTASIS_ConfigOperation *co);
153
154
155/****** POLICY API ******/
156
157
158/**
159 * Detailed results from the successful download.
160 */
161struct ANASTASIS_DownloadDetails
162{
163 /**
164 * Signature (already verified).
165 */
166 struct ANASTASIS_AccountSignatureP sig;
167
168 /**
169 * Hash over @e policy and @e policy_size.
170 */
171 struct GNUNET_HashCode curr_policy_hash;
172
173 /**
174 * The backup we downloaded.
175 */
176 const void *policy;
177
178 /**
179 * Number of bytes in @e backup.
180 */
181 size_t policy_size;
182
183 /**
184 * Policy version returned by the service.
185 */
186 uint32_t version;
187};
188
189
190/**
191 * Handle for a GET /policy operation.
192 */
193struct ANASTASIS_PolicyLookupOperation;
194
195
196/**
197 * Callback to process a GET /policy request
198 *
199 * @param cls closure
200 * @param http_status HTTP status code for this request
201 * @param ec anastasis-specific error code
202 * @param obj the response body
203 */
204typedef void
205(*ANASTASIS_PolicyLookupCallback) (void *cls,
206 unsigned int http_status,
207 const struct ANASTASIS_DownloadDetails *dd);
208
209
210/**
211 * Does a GET /policy.
212 *
213 * @param ctx execution context
214 * @param backend_url base URL of the merchant backend
215 * @param anastasis_pub public key of the user's account
216 * @param cb callback which will work the response gotten from the backend
217 * @param cb_cls closure to pass to the callback
218 * @return handle for this operation, NULL upon errors
219 */
220struct ANASTASIS_PolicyLookupOperation *
221ANASTASIS_policy_lookup (
222 struct GNUNET_CURL_Context *ctx,
223 const char *backend_url,
224 const struct ANASTASIS_CRYPTO_AccountPublicKeyP *anastasis_pub,
225 ANASTASIS_PolicyLookupCallback cb,
226 void *cb_cls);
227
228
229/**
230 * Does a GET /policy for a specific version.
231 *
232 * @param ctx execution context
233 * @param backend_url base URL of the merchant backend
234 * @param anastasis_pub public key of the user's account
235 * @param cb callback which will work the response gotten from the backend
236 * @param cb_cls closure to pass to the callback
237 * @param version version of the policy to be requested
238 * @return handle for this operation, NULL upon errors
239 */
240struct ANASTASIS_PolicyLookupOperation *
241ANASTASIS_policy_lookup_version (
242 struct GNUNET_CURL_Context *ctx,
243 const char *backend_url,
244 const struct ANASTASIS_CRYPTO_AccountPublicKeyP *anastasis_pub,
245 ANASTASIS_PolicyLookupCallback cb,
246 void *cb_cls,
247 unsigned int version);
248
249
250/**
251 * Cancel a GET /policy request.
252 *
253 * @param plo cancel the policy lookup operation
254 */
255void
256ANASTASIS_policy_lookup_cancel (
257 struct ANASTASIS_PolicyLookupOperation *plo);
258
259
260/**
261 * Handle for a POST /policy operation.
262 */
263struct ANASTASIS_PolicyStoreOperation;
264
265
266/**
267 * High-level ways how an upload may conclude.
268 */
269enum ANASTASIS_UploadStatus
270{
271 /**
272 * Backup was successfully made.
273 */
274 ANASTASIS_US_SUCCESS = 0,
275
276 /**
277 * Account expired or payment was explicitly requested
278 * by the client.
279 */
280 ANASTASIS_US_PAYMENT_REQUIRED,
281
282 /**
283 * HTTP interaction failed, see HTTP status.
284 */
285 ANASTASIS_US_HTTP_ERROR,
286
287 /**
288 * We had an internal error (not sure this can happen,
289 * but reserved for HTTP 400 status codes).
290 */
291 ANASTASIS_US_CLIENT_ERROR,
292
293 /**
294 * Server had an internal error.
295 */
296 ANASTASIS_US_SERVER_ERROR,
297
298 /**
299 * Truth already exists. Not applicable for policy uploads.
300 */
301 ANASTASIS_US_CONFLICTING_TRUTH
302};
303
304
305/**
306 * Result of an upload.
307 */
308struct ANASTASIS_UploadDetails
309{
310 /**
311 * High level status of the upload operation. Determines @e details.
312 */
313 enum ANASTASIS_UploadStatus us;
314
315 /**
316 * HTTP status code.
317 */
318 unsigned int http_status;
319
320 /**
321 * Taler error code.
322 */
323 enum TALER_ErrorCode ec;
324
325 union
326 {
327
328 struct
329 {
330 /**
331 * Hash of the stored recovery data, returned if
332 * @e us is #ANASTASIS_US_SUCCESS.
333 */
334 const struct GNUNET_HashCode *curr_backup_hash;
335
336 /**
337 * At what time is the provider set to forget this
338 * policy (because the account expires)?
339 */
340 struct GNUNET_TIME_Absolute policy_expiration;
341
342 /**
343 * Version number of the resulting policy.
344 */
345 unsigned long long policy_version;
346
347 } success;
348
349 /**
350 * Details about required payment.
351 */
352 struct
353 {
354 /**
355 * A taler://pay/-URI with a request to pay the annual fee for
356 * the service. Returned if @e us is #ANASTASIS_US_PAYMENT_REQUIRED.
357 */
358 const char *payment_request;
359
360 /**
361 * The payment secret (aka order ID) extracted from the @e payment_request.
362 */
363 struct ANASTASIS_PaymentSecretP ps;
364 } payment;
365
366 } details;
367};
368
369
370/**
371 * Callback to process a POST /policy request
372 *
373 * @param cls closure
374 * @param http_status HTTP status code for this request
375 * @param obj the decoded response body
376 */
377typedef void
378(*ANASTASIS_PolicyStoreCallback) (void *cls,
379 const struct ANASTASIS_UploadDetails *up);
380
381
382/**
383 * Store policies, does a POST /policy/$ACCOUNT_PUB
384 *
385 * @param ctx the CURL context used to connect to the backend
386 * @param backend_url backend's base URL, including final "/"
387 * @param anastasis_priv private key of the user's account
388 * @param recovery_data policy data to be stored
389 * @param recovery_data_size number of bytes in @a recovery_data
390 * @param payment_years_requested for how many years would the client like the service to store the truth?
391 * @param paid_order_id payment identifier of last payment
392 * @param payment_timeout how long to wait for the payment, use
393 * #GNUNET_TIME_UNIT_ZERO to let the server pick
394 * @param cb callback processing the response from /policy
395 * @param cb_cls closure for cb
396 * @return handle for the operation
397 */
398struct ANASTASIS_PolicyStoreOperation *
399ANASTASIS_policy_store (
400 struct GNUNET_CURL_Context *ctx,
401 const char *backend_url,
402 const struct ANASTASIS_CRYPTO_AccountPrivateKeyP *anastasis_priv,
403 const void *recovery_data,
404 size_t recovery_data_size,
405 uint32_t payment_years_requested,
406 const struct ANASTASIS_PaymentSecretP *payment_secret,
407 struct GNUNET_TIME_Relative payment_timeout,
408 ANASTASIS_PolicyStoreCallback cb,
409 void *cb_cls);
410
411
412/**
413 * Cancel a POST /policy request.
414 *
415 * @param pso the policy store operation to cancel
416 */
417void
418ANASTASIS_policy_store_cancel (
419 struct ANASTASIS_PolicyStoreOperation *pso);
420
421
422/****** TRUTH API ******/
423
424
425/**
426 * Operational status.
427 */
428enum ANASTASIS_KeyShareDownloadStatus
429{
430 /**
431 * We got the encrypted key share.
432 */
433 ANASTASIS_KSD_SUCCESS = 0,
434
435 /**
436 * Payment is needed to proceed with the recovery.
437 */
438 ANASTASIS_KSD_PAYMENT_REQUIRED,
439
440 /**
441 * The provided answer was wrong or missing. Instructions for
442 * getting a good answer may be provided.
443 */
444 ANASTASIS_KSD_INVALID_ANSWER,
445
446 /**
447 * To answer the challenge, the client should be redirected to
448 * the given URL.
449 */
450 ANASTASIS_KSD_REDIRECT_FOR_AUTHENTICATION,
451
452 /**
453 * The provider had an error.
454 */
455 ANASTASIS_KSD_SERVER_ERROR,
456
457 /**
458 * The provider claims we made an error.
459 */
460 ANASTASIS_KSD_CLIENT_FAILURE,
461
462 /**
463 * The provider does not know this truth.
464 */
465 ANASTASIS_KSD_TRUTH_UNKNOWN,
466
467 /**
468 * Too many attempts to solve the challenge were made in a short
469 * time. Try again laster.
470 */
471 ANASTASIS_KSD_RATE_LIMIT_EXCEEDED
472
473};
474
475
476/**
477 * Detailed results from the successful download.
478 */
479struct ANASTASIS_KeyShareDownloadDetails
480{
481
482 /**
483 * Operational status.
484 */
485 enum ANASTASIS_KeyShareDownloadStatus status;
486
487 /**
488 * Anastasis URL that returned the @e status.
489 */
490 const char *server_url;
491
492 /**
493 * Details depending on @e status.
494 */
495 union
496 {
497
498 /**
499 * The encrypted key share (if @e status is #ANASTASIS_KSD_SUCCESS).
500 */
501 struct ANASTASIS_CRYPTO_EncryptedKeyShareP eks;
502
503 /**
504 * Response if the challenge still needs to be answered, and the
505 * instructions are provided inline (no redirection).
506 */
507 struct
508 {
509
510 /**
511 * HTTP status returned by the server. #MHD_HTTP_ALREADY_REPORTED
512 * if the server did already send the challenge to the user,
513 * #MHD_HTTP_FORBIDDEN if the answer was wrong (or missing).
514 */
515 unsigned int http_status;
516
517 /**
518 * Response with server-side reply containing instructions for the user
519 */
520 const char *body;
521
522 /**
523 * Content-type: mime type of @e body, NULL if server did not provide any.
524 */
525 const char *content_type;
526
527 /**
528 * Number of bytes in @e body.
529 */
530 size_t body_size;
531
532 } open_challenge;
533
534 /**
535 * URL with instructions for the user to satisfy the challenge, if
536 * @e status is #ANASTASIS_KSD_REDIRECT_FOR_AUTHENTICATION.
537 */
538 const char *redirect_url;
539
540 /**
541 * Response with instructions for how to pay, if
542 * @e status is #ANASTASIS_KSD_PAYMENT_REQUIRED.
543 */
544 struct
545 {
546
547 /**
548 * "taler://pay" URL with details how to pay for the challenge.
549 */
550 const char *taler_pay_uri;
551
552 /**
553 * The order ID from @e taler_pay_uri.
554 */
555 struct ANASTASIS_PaymentSecretP payment_secret;
556
557 } payment_required;
558
559
560 /**
561 * Response with details about a server-side failure, if
562 * @e status is #ANASTASIS_KSD_SERVER_FAILURE,
563 * #ANASTASIS_KSD_CLIENT_FAILURE or #ANASTASIS_KSD_TRUTH_UNKNOWN.
564 */
565 struct
566 {
567
568 /**
569 * HTTP status returned by the server.
570 */
571 unsigned int http_status;
572
573 /**
574 * Taler-specific error code.
575 */
576 enum TALER_ErrorCode ec;
577
578 } server_failure;
579
580 } details;
581};
582
583
584/**
585 * Handle for a GET /truth operation.
586 */
587struct ANASTASIS_KeyShareLookupOperation;
588
589
590/**
591 * Callback to process a GET /truth request
592 *
593 * @param cls closure
594 * @param http_status HTTP status code for this request
595 * @param kdd details about the key share
596 */
597typedef void
598(*ANASTASIS_KeyShareLookupCallback) (
599 void *cls,
600 const struct ANASTASIS_KeyShareDownloadDetails *kdd);
601
602
603/**
604 * Does a GET /truth.
605 *
606 * @param ctx execution context
607 * @param backend_url base URL of the merchant backend
608 * @param truth_public_key identification of the Truth
609 * @param truth_key Key used to Decrypt the Truth on the Server
610 * @param payment_secret secret from the previously done payment NULL to trigger payment
611 * @param payment_timeout how long to wait for the payment, use
612 * #GNUNET_TIME_UNIT_ZERO to let the server pick
613 * @param hashed_answer hashed answer to the challenge
614 * @param cb callback which will work the response gotten from the backend
615 * @param cb_cls closure to pass to the callback
616 * @return handle for this operation, NULL upon errors
617 */
618struct ANASTASIS_KeyShareLookupOperation *
619ANASTASIS_keyshare_lookup (
620 struct GNUNET_CURL_Context *ctx,
621 const char *backend_url,
622 const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
623 const struct ANASTASIS_CRYPTO_TruthKeyP *truth_key,
624 const struct ANASTASIS_PaymentSecretP *payment_secret,
625 struct GNUNET_TIME_Relative timeout,
626 const struct GNUNET_HashCode *hashed_answer,
627 ANASTASIS_KeyShareLookupCallback cb,
628 void *cb_cls);
629
630
631/**
632 * Cancel a GET /truth request.
633 *
634 * @param tlo cancel the truth lookup operation
635 */
636void
637ANASTASIS_keyshare_lookup_cancel (
638 struct ANASTASIS_KeyShareLookupOperation *kslo);
639
640
641/**
642 * Handle for a POST /truth operation.
643 */
644struct ANASTASIS_TruthStoreOperation;
645
646
647/**
648 * Callback to process a POST /truth request
649 *
650 * @param cls closure
651 * @param obj the response body
652 */
653typedef void
654(*ANASTASIS_TruthStoreCallback) (void *cls,
655 const struct ANASTASIS_UploadDetails *up);
656
657
658/**
659 * Store Truth, does a POST /truth/$UUID
660 *
661 * @param ctx the CURL context used to connect to the backend
662 * @param backend_url backend's base URL, including final "/"
663 * @param uuid unique identfication of the Truth Upload
664 * @param prev_truth_data_hash hash of the previous truth upload, NULL for the first upload ever
665 * @param type type of the authorization method
666 * @param encrypted_keyshare key material to return to the client upon authorization
667 * @param truth_mime mime type of @e encrypted_truth (after decryption)
668 * @param encrypted_truth_size number of bytes in @e encrypted_truth
669 * @param encrypted_truth contains the @a type-specific authorization data
670 * @param payment_years_requested for how many years would the client like the service to store the truth?
671 * @param payment_timeout how long to wait for the payment, use
672 * #GNUNET_TIME_UNIT_ZERO to let the server pick
673 * @param cb callback processing the response from /truth
674 * @param cb_cls closure for cb
675 * @return handle for the operation
676 */
677struct ANASTASIS_TruthStoreOperation *
678ANASTASIS_truth_store (
679 struct GNUNET_CURL_Context *ctx,
680 const char *backend_url,
681 const struct ANASTASIS_CRYPTO_TruthUUIDP *uuid,
682 const char *type,
683 const struct ANASTASIS_CRYPTO_EncryptedKeyShareP *encrypted_keyshare,
684 const char *truth_mime,
685 size_t encrypted_truth_size,
686 const void *encrypted_truth,
687 uint32_t payment_years_requested,
688 struct GNUNET_TIME_Relative payment_timeout,
689 ANASTASIS_TruthStoreCallback cb,
690 void *cb_cls);
691
692
693/**
694 * Cancel a POST /truth request.
695 *
696 * @param tso the truth store operation
697 */
698void
699ANASTASIS_truth_store_cancel (
700 struct ANASTASIS_TruthStoreOperation *tso);
701
702
703#endif /* _ANASTASIS_SERVICE_H */