[age restriction] progress 14/n - withdraw and deposit

Age restriction support for
  - withdraw is done and tested
  - deposit is done and tested

TODOs:
  - melt/refresh/reveal
  - link

------

Added functions
 - TALER_age_restriction_commit
 - TALER_age_commitment_derive
 - TALER_age_commitment_hash
 - TALER_age_restriction_commitment_free_inside
 - Hash of age commitment passed around API boundaries

Exchangedb adjustments for denominations
 - all prepared statements re: denominations now handle age_mask
 - signature parameters adjusted

Hash and signature verification of /keys adjusted
 - Hashes of (normal) denominations and age-restricted denominations are
   calculated seperately
 - The hash of the age-restricted ones will then be added to the other
   hash
 - The total hash is signed/verified

Tests for withdraw with age restriction added
 - TALER_EXCHANGE_DenomPublickey now carries age_mask
 - TALER_TESTING_cmd_withdraw_amount* takes age parameter
 - TALER_TESTING_find_pk takes boolean age_restricted
 - WithdrawState carries age_commitment and its hash
 - withdraw_run derives new age commitment, if applicable
 - Added age parameter to testing (13 as example)

Various Fixes and changes
 - Fixes of post handler for /management/extensions
 - Fixes for offline tool extensions signing
 - Slight refactoring of extensions
 - Age restriction extension simplified
   - config is now global to extension
   - added global TEH_age_restriction_enabled and TEH_age_mask in
     taler-exchange-httpd
   - helper functions and macros introduced

1 files changed, 8 insertions, 0 deletions

diff --git a/src/exchange/taler-exchange-httpd_melt.c b/src/exchange/taler-exchange-httpd_melt.c
index 021b629b3..8bfdf8cef 100644
--- a/src/exchange/taler-exchange-httpd_melt.c
+++ b/src/exchange/taler-exchange-httpd_melt.c
@@ -279,6 +279,7 @@ check_melt_valid (struct MHD_Connection *connection,
     &mret);
   if (NULL == dk)
     return mret;
+
   if (GNUNET_TIME_absolute_is_past (dk->meta.expire_legal.abs_time))
   {
     /* Way too late now, even zombies have expired */
@@ -288,6 +289,7 @@ check_melt_valid (struct MHD_Connection *connection,
       TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED,
       "MELT");
   }
+
   if (GNUNET_TIME_absolute_is_future (dk->meta.start.abs_time))
   {
     /* This denomination is not yet valid */
@@ -300,9 +302,11 @@ check_melt_valid (struct MHD_Connection *connection,
 
   rmc->coin_refresh_fee = dk->meta.fee_refresh;
   rmc->coin_value = dk->meta.value;
+
   GNUNET_log (GNUNET_ERROR_TYPE_INFO,
               "Melted coin's denomination is worth %s\n",
               TALER_amount2s (&dk->meta.value));
+
   /* sanity-check that "total melt amount > melt fee" */
   if (0 <
       TALER_amount_cmp (&rmc->coin_refresh_fee,
@@ -332,6 +336,7 @@ check_melt_valid (struct MHD_Connection *connection,
                                 &rmc->coin_refresh_fee,
                                 &rmc->refresh_session.rc,
                                 &rmc->refresh_session.coin.denom_pub_hash,
+                                &rmc->refresh_session.coin.age_commitment_hash,
                                 &rmc->refresh_session.coin.coin_pub,
                                 &rmc->refresh_session.coin_sig))
   {
@@ -407,6 +412,9 @@ TEH_handler_melt (struct MHD_Connection *connection,
                                &rmc.refresh_session.coin.denom_sig),
     GNUNET_JSON_spec_fixed_auto ("denom_pub_hash",
                                  &rmc.refresh_session.coin.denom_pub_hash),
+    GNUNET_JSON_spec_mark_optional (
+      GNUNET_JSON_spec_fixed_auto ("age_commitment_hash",
+                                   &rmc.refresh_session.coin.age_commitment_hash)),
     GNUNET_JSON_spec_fixed_auto ("confirm_sig",
                                  &rmc.refresh_session.coin_sig),
     TALER_JSON_spec_amount ("value_with_fee",