diff options
Diffstat (limited to 'src/exchange/taler-exchange-httpd_keys.h')
-rw-r--r-- | src/exchange/taler-exchange-httpd_keys.h | 244 |
1 files changed, 214 insertions, 30 deletions
diff --git a/src/exchange/taler-exchange-httpd_keys.h b/src/exchange/taler-exchange-httpd_keys.h index 75de7cbac..e526385ff 100644 --- a/src/exchange/taler-exchange-httpd_keys.h +++ b/src/exchange/taler-exchange-httpd_keys.h @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2020 Taler Systems SA + Copyright (C) 2020-2022 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software @@ -19,7 +19,6 @@ * @author Christian Grothoff */ #include "platform.h" -#include <pthread.h> #include "taler_json_lib.h" #include "taler_mhd_lib.h" #include "taler-exchange-httpd_responses.h" @@ -50,7 +49,7 @@ struct TEH_DenominationKey /** * Hash code of the denomination public key. */ - struct TALER_DenominationHash h_denom_pub; + struct TALER_DenominationHashP h_denom_pub; /** * Meta data about the type of the denomination, such as fees and validity @@ -84,6 +83,59 @@ struct TEH_DenominationKey /** + * Set of global fees (and options) for a time range. + */ +struct TEH_GlobalFee +{ + /** + * Kept in a DLL. + */ + struct TEH_GlobalFee *next; + + /** + * Kept in a DLL. + */ + struct TEH_GlobalFee *prev; + + /** + * Beginning of the validity period (inclusive). + */ + struct GNUNET_TIME_Timestamp start_date; + + /** + * End of the validity period (exclusive). + */ + struct GNUNET_TIME_Timestamp end_date; + + /** + * How long do unmerged purses stay around at most? + */ + struct GNUNET_TIME_Relative purse_timeout; + + /** + * What is the longest history we return? + */ + struct GNUNET_TIME_Relative history_expiration; + + /** + * Signature affirming these details. + */ + struct TALER_MasterSignatureP master_sig; + + /** + * Fee structure for operations that do not depend + * on a denomination or wire method. + */ + struct TALER_GlobalFeeSet fees; + + /** + * Number of free purses per account. + */ + uint32_t purse_account_limit; +}; + + +/** * Snapshot of the (coin and signing) keys (including private keys) of * the exchange. There can be multiple instances of this struct, as it is * reference counted and only destroyed once the last user is done @@ -102,6 +154,48 @@ struct TEH_KeyStateHandle; void TEH_check_invariants (void); +/** + * Clean up wire subsystem. + */ +void +TEH_wire_done (void); + + +/** + * Look up wire fee structure by @a ts. + * + * @param ts timestamp to lookup wire fees at + * @param method wire method to lookup fees for + * @return the wire fee details, or + * NULL if none are configured for @a ts and @a method + */ +const struct TALER_WireFeeSet * +TEH_wire_fees_by_time ( + struct GNUNET_TIME_Timestamp ts, + const char *method); + + +/** + * Initialize wire subsystem. + * + * @return #GNUNET_OK on success + */ +enum GNUNET_GenericReturnValue +TEH_wire_init (void); + + +/** + * Something changed in the database. Rebuild the wire replies. This function + * should be called if the exchange learns about a new signature from our + * master key. + * + * (We do not do so immediately, but merely signal to all threads that they + * need to rebuild their wire state upon the next call to + * #TEH_keys_get_state()). + */ +void +TEH_wire_update_state (void); + /** * Return the current key state for this thread. Possibly re-builds the key @@ -116,6 +210,12 @@ TEH_check_invariants (void); struct TEH_KeyStateHandle * TEH_keys_get_state (void); +/** + * Obtain the key state if we should NOT run finish_keys_response() because we + * only need the state for the /management/keys API + */ +struct TEH_KeyStateHandle * +TEH_keys_get_state_for_management_only (void); /** * Something changed in the database. Rebuild all key states. This function @@ -131,6 +231,20 @@ TEH_keys_update_states (void); /** + * Look up global fee structure by @a ts. + * + * @param ksh key state state to look in + * @param ts timestamp to lookup global fees at + * @return the global fee details, or + * NULL if none are configured for @a ts + */ +const struct TEH_GlobalFee * +TEH_keys_global_fee_by_time ( + struct TEH_KeyStateHandle *ksh, + struct GNUNET_TIME_Timestamp ts); + + +/** * Look up the issue for a denom public key. Note that the result * must only be used in this thread and only until another key or * key state is resolved. @@ -142,9 +256,10 @@ TEH_keys_update_states (void); * or NULL if @a h_denom_pub could not be found */ struct TEH_DenominationKey * -TEH_keys_denomination_by_hash (const struct TALER_DenominationHash *h_denom_pub, - struct MHD_Connection *conn, - MHD_RESULT *mret); +TEH_keys_denomination_by_hash ( + const struct TALER_DenominationHashP *h_denom_pub, + struct MHD_Connection *conn, + MHD_RESULT *mret); /** @@ -161,32 +276,98 @@ TEH_keys_denomination_by_hash (const struct TALER_DenominationHash *h_denom_pub, * or NULL if @a h_denom_pub could not be found */ struct TEH_DenominationKey * -TEH_keys_denomination_by_hash2 (struct TEH_KeyStateHandle *ksh, - const struct - TALER_DenominationHash *h_denom_pub, - struct MHD_Connection *conn, - MHD_RESULT *mret); +TEH_keys_denomination_by_hash_from_state ( + const struct TEH_KeyStateHandle *ksh, + const struct TALER_DenominationHashP *h_denom_pub, + struct MHD_Connection *conn, + MHD_RESULT *mret); /** - * Request to sign @a msg using the public key corresponding to - * @a h_denom_pub. + * Information needed to create a blind signature. + */ +struct TEH_CoinSignData +{ + /** + * Hash of key to sign with. + */ + const struct TALER_DenominationHashP *h_denom_pub; + + /** + * Blinded planchet to sign over. + */ + const struct TALER_BlindedPlanchet *bp; +}; + + +/** + * Request to sign @a csds. * - * @param h_denom_pub hash of the public key to use to sign - * @param msg message to sign - * @param msg_size number of bytes in @a msg - * @param[out] ec set to the error code (or #TALER_EC_NONE on success) - * @return signature, the value inside the structure will be NULL on failure, - * see @a ec for details about the failure + * @param csds array with data to blindly sign (and keys to sign with) + * @param csds_length length of @a csds array + * @param for_melt true if this is for a melt operation + * @param[out] bss array set to the blind signature on success; must be of length @a csds_length + * @return #TALER_EC_NONE on success */ -struct TALER_BlindedDenominationSignature -TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub, - const void *msg, - size_t msg_size, - enum TALER_ErrorCode *ec); +enum TALER_ErrorCode +TEH_keys_denomination_batch_sign ( + unsigned int csds_length, + const struct TEH_CoinSignData csds[static csds_length], + bool for_melt, + struct TALER_BlindedDenominationSignature bss[static csds_length]); /** - * Revoke the public key associated with @param h_denom_pub . + * Information needed to derive the CS r_pub. + */ +struct TEH_CsDeriveData +{ + /** + * Hash of key to sign with. + */ + const struct TALER_DenominationHashP *h_denom_pub; + + /** + * Nonce to use. + */ + const struct GNUNET_CRYPTO_CsSessionNonce *nonce; +}; + + +/** + * Request to derive CS @a r_pub using the denomination and nonce from @a cdd. + * + * @param cdd data to compute @a r_pub from + * @param for_melt true if this is for a melt operation + * @param[out] r_pub where to write the result + * @return #TALER_EC_NONE on success + */ +enum TALER_ErrorCode +TEH_keys_denomination_cs_r_pub ( + const struct TEH_CsDeriveData *cdd, + bool for_melt, + struct GNUNET_CRYPTO_CSPublicRPairP *r_pub); + + +/** + * Request to derive a bunch of CS @a r_pubs using the + * denominations and nonces from @a cdds. + * + * @param cdds array to compute @a r_pubs from + * @param cdds_length length of the @a cdds array + * @param for_melt true if this is for a melt operation + * @param[out] r_pubs array where to write the result; must be of length @a cdds_length + * @return #TALER_EC_NONE on success + */ +enum TALER_ErrorCode +TEH_keys_denomination_cs_batch_r_pub ( + unsigned int cdds_length, + const struct TEH_CsDeriveData cdds[static cdds_length], + bool for_melt, + struct GNUNET_CRYPTO_CSPublicRPairP r_pubs[static cdds_length]); + + +/** + * Revoke the public key associated with @a h_denom_pub. * This function should be called AFTER the database was * updated, as it also triggers #TEH_keys_update_states(). * @@ -197,7 +378,8 @@ TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub, * @param h_denom_pub hash of the public key to revoke */ void -TEH_keys_denomination_revoke (const struct TALER_DenominationHash *h_denom_pub); +TEH_keys_denomination_revoke ( + const struct TALER_DenominationHashP *h_denom_pub); /** @@ -208,7 +390,7 @@ TEH_keys_finished (void); /** - * Resumse all suspended /keys requests, we may now have key material + * Resumes all suspended /keys requests, we may now have key material * (or are shutting down). * * @param do_shutdown are we shutting down? @@ -245,7 +427,7 @@ TEH_keys_exchange_sign_ ( * number of bytes of the data structure, including its header. Use * #TEH_keys_exchange_sign() instead of calling this function directly! * - * @param ksh key state state to look in + * @param cls key state state to look in * @param purpose the message to sign * @param[out] pub set to the current public signing key of the exchange * @param[out] sig signature over purpose using current signing key @@ -253,7 +435,7 @@ TEH_keys_exchange_sign_ ( */ enum TALER_ErrorCode TEH_keys_exchange_sign2_ ( - struct TEH_KeyStateHandle *ksh, + void *cls, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct TALER_ExchangePublicKeyP *pub, struct TALER_ExchangeSignatureP *sig); @@ -365,6 +547,7 @@ TEH_keys_management_get_keys_handler (const struct TEH_RequestHandler *rh, * Load fees and expiration times (!) for the denomination type configured for * the denomination matching @a h_denom_pub. * + * @param ksh key state to load fees from * @param h_denom_pub hash of the denomination public key * to use to derive the section name of the configuration to use * @param[out] denom_pub set to the denomination public key (to be freed by caller!) @@ -374,7 +557,8 @@ TEH_keys_management_get_keys_handler (const struct TEH_RequestHandler *rh, * #GNUNET_SYSERR on hard errors */ enum GNUNET_GenericReturnValue -TEH_keys_load_fees (const struct TALER_DenominationHash *h_denom_pub, +TEH_keys_load_fees (struct TEH_KeyStateHandle *ksh, + const struct TALER_DenominationHashP *h_denom_pub, struct TALER_DenominationPublicKey *denom_pub, struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta); |