1 files changed, 214 insertions, 30 deletions

diff --git a/src/exchange/taler-exchange-httpd_keys.h b/src/exchange/taler-exchange-httpd_keys.h
index 75de7cbac..e526385ff 100644
--- a/src/exchange/taler-exchange-httpd_keys.h
+++ b/src/exchange/taler-exchange-httpd_keys.h
@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  Copyright (C) 2020 Taler Systems SA
+  Copyright (C) 2020-2022 Taler Systems SA
 
   TALER is free software; you can redistribute it and/or modify it under the
   terms of the GNU Affero General Public License as published by the Free Software
@@ -19,7 +19,6 @@
  * @author Christian Grothoff
  */
 #include "platform.h"
-#include <pthread.h>
 #include "taler_json_lib.h"
 #include "taler_mhd_lib.h"
 #include "taler-exchange-httpd_responses.h"
@@ -50,7 +49,7 @@ struct TEH_DenominationKey
   /**
    * Hash code of the denomination public key.
    */
-  struct TALER_DenominationHash h_denom_pub;
+  struct TALER_DenominationHashP h_denom_pub;
 
   /**
    * Meta data about the type of the denomination, such as fees and validity
@@ -84,6 +83,59 @@ struct TEH_DenominationKey
 
 
 /**
+ * Set of global fees (and options) for a time range.
+ */
+struct TEH_GlobalFee
+{
+  /**
+   * Kept in a DLL.
+   */
+  struct TEH_GlobalFee *next;
+
+  /**
+   * Kept in a DLL.
+   */
+  struct TEH_GlobalFee *prev;
+
+  /**
+   * Beginning of the validity period (inclusive).
+   */
+  struct GNUNET_TIME_Timestamp start_date;
+
+  /**
+   * End of the validity period (exclusive).
+   */
+  struct GNUNET_TIME_Timestamp end_date;
+
+  /**
+   * How long do unmerged purses stay around at most?
+   */
+  struct GNUNET_TIME_Relative purse_timeout;
+
+  /**
+   * What is the longest history we return?
+   */
+  struct GNUNET_TIME_Relative history_expiration;
+
+  /**
+   * Signature affirming these details.
+   */
+  struct TALER_MasterSignatureP master_sig;
+
+  /**
+   * Fee structure for operations that do not depend
+   * on a denomination or wire method.
+   */
+  struct TALER_GlobalFeeSet fees;
+
+  /**
+   * Number of free purses per account.
+   */
+  uint32_t purse_account_limit;
+};
+
+
+/**
  * Snapshot of the (coin and signing) keys (including private keys) of
  * the exchange.  There can be multiple instances of this struct, as it is
  * reference counted and only destroyed once the last user is done
@@ -102,6 +154,48 @@ struct TEH_KeyStateHandle;
 void
 TEH_check_invariants (void);
 
+/**
+ * Clean up wire subsystem.
+ */
+void
+TEH_wire_done (void);
+
+
+/**
+ * Look up wire fee structure by @a ts.
+ *
+ * @param ts timestamp to lookup wire fees at
+ * @param method wire method to lookup fees for
+ * @return the wire fee details, or
+ *         NULL if none are configured for @a ts and @a method
+ */
+const struct TALER_WireFeeSet *
+TEH_wire_fees_by_time (
+  struct GNUNET_TIME_Timestamp ts,
+  const char *method);
+
+
+/**
+ * Initialize wire subsystem.
+ *
+ * @return #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+TEH_wire_init (void);
+
+
+/**
+ * Something changed in the database. Rebuild the wire replies.  This function
+ * should be called if the exchange learns about a new signature from our
+ * master key.
+ *
+ * (We do not do so immediately, but merely signal to all threads that they
+ * need to rebuild their wire state upon the next call to
+ * #TEH_keys_get_state()).
+ */
+void
+TEH_wire_update_state (void);
+
 
 /**
  * Return the current key state for this thread.  Possibly re-builds the key
@@ -116,6 +210,12 @@ TEH_check_invariants (void);
 struct TEH_KeyStateHandle *
 TEH_keys_get_state (void);
 
+/**
+ * Obtain the key state if we should NOT run finish_keys_response() because we
+ * only need the state for the /management/keys API
+ */
+struct TEH_KeyStateHandle *
+TEH_keys_get_state_for_management_only (void);
 
 /**
  * Something changed in the database. Rebuild all key states.  This function
@@ -131,6 +231,20 @@ TEH_keys_update_states (void);
 
 
 /**
+ * Look up global fee structure by @a ts.
+ *
+ * @param ksh key state state to look in
+ * @param ts timestamp to lookup global fees at
+ * @return the global fee details, or
+ *         NULL if none are configured for @a ts
+ */
+const struct TEH_GlobalFee *
+TEH_keys_global_fee_by_time (
+  struct TEH_KeyStateHandle *ksh,
+  struct GNUNET_TIME_Timestamp ts);
+
+
+/**
  * Look up the issue for a denom public key.  Note that the result
  * must only be used in this thread and only until another key or
  * key state is resolved.
@@ -142,9 +256,10 @@ TEH_keys_update_states (void);
  *         or NULL if @a h_denom_pub could not be found
  */
 struct TEH_DenominationKey *
-TEH_keys_denomination_by_hash (const struct TALER_DenominationHash *h_denom_pub,
-                               struct MHD_Connection *conn,
-                               MHD_RESULT *mret);
+TEH_keys_denomination_by_hash (
+  const struct TALER_DenominationHashP *h_denom_pub,
+  struct MHD_Connection *conn,
+  MHD_RESULT *mret);
 
 
 /**
@@ -161,32 +276,98 @@ TEH_keys_denomination_by_hash (const struct TALER_DenominationHash *h_denom_pub,
  *         or NULL if @a h_denom_pub could not be found
  */
 struct TEH_DenominationKey *
-TEH_keys_denomination_by_hash2 (struct TEH_KeyStateHandle *ksh,
-                                const struct
-                                TALER_DenominationHash *h_denom_pub,
-                                struct MHD_Connection *conn,
-                                MHD_RESULT *mret);
+TEH_keys_denomination_by_hash_from_state (
+  const struct TEH_KeyStateHandle *ksh,
+  const struct TALER_DenominationHashP *h_denom_pub,
+  struct MHD_Connection *conn,
+  MHD_RESULT *mret);
 
 /**
- * Request to sign @a msg using the public key corresponding to
- * @a h_denom_pub.
+ * Information needed to create a blind signature.
+ */
+struct TEH_CoinSignData
+{
+  /**
+   * Hash of key to sign with.
+   */
+  const struct TALER_DenominationHashP *h_denom_pub;
+
+  /**
+   * Blinded planchet to sign over.
+   */
+  const struct TALER_BlindedPlanchet *bp;
+};
+
+
+/**
+ * Request to sign @a csds.
  *
- * @param h_denom_pub hash of the public key to use to sign
- * @param msg message to sign
- * @param msg_size number of bytes in @a msg
- * @param[out] ec set to the error code (or #TALER_EC_NONE on success)
- * @return signature, the value inside the structure will be NULL on failure,
- *         see @a ec for details about the failure
+ * @param csds array with data to blindly sign (and keys to sign with)
+ * @param csds_length length of @a csds array
+ * @param for_melt true if this is for a melt operation
+ * @param[out] bss array set to the blind signature on success; must be of length @a csds_length
+ * @return #TALER_EC_NONE on success
  */
-struct TALER_BlindedDenominationSignature
-TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub,
-                            const void *msg,
-                            size_t msg_size,
-                            enum TALER_ErrorCode *ec);
+enum TALER_ErrorCode
+TEH_keys_denomination_batch_sign (
+  unsigned int csds_length,
+  const struct TEH_CoinSignData csds[static csds_length],
+  bool for_melt,
+  struct TALER_BlindedDenominationSignature bss[static csds_length]);
 
 
 /**
- * Revoke the public key associated with @param h_denom_pub .
+ * Information needed to derive the CS r_pub.
+ */
+struct TEH_CsDeriveData
+{
+  /**
+   * Hash of key to sign with.
+   */
+  const struct TALER_DenominationHashP *h_denom_pub;
+
+  /**
+   * Nonce to use.
+   */
+  const struct GNUNET_CRYPTO_CsSessionNonce *nonce;
+};
+
+
+/**
+ * Request to derive CS @a r_pub using the denomination and nonce from @a cdd.
+ *
+ * @param cdd data to compute @a r_pub from
+ * @param for_melt true if this is for a melt operation
+ * @param[out] r_pub where to write the result
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TEH_keys_denomination_cs_r_pub (
+  const struct TEH_CsDeriveData *cdd,
+  bool for_melt,
+  struct GNUNET_CRYPTO_CSPublicRPairP *r_pub);
+
+
+/**
+ * Request to derive a bunch of CS @a r_pubs using the
+ * denominations and nonces from @a cdds.
+ *
+ * @param cdds array to compute @a r_pubs from
+ * @param cdds_length length of the @a cdds array
+ * @param for_melt true if this is for a melt operation
+ * @param[out] r_pubs array where to write the result; must be of length @a cdds_length
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TEH_keys_denomination_cs_batch_r_pub (
+  unsigned int cdds_length,
+  const struct TEH_CsDeriveData cdds[static cdds_length],
+  bool for_melt,
+  struct GNUNET_CRYPTO_CSPublicRPairP r_pubs[static cdds_length]);
+
+
+/**
+ * Revoke the public key associated with @a h_denom_pub.
  * This function should be called AFTER the database was
  * updated, as it also triggers #TEH_keys_update_states().
  *
@@ -197,7 +378,8 @@ TEH_keys_denomination_sign (const struct TALER_DenominationHash *h_denom_pub,
  * @param h_denom_pub hash of the public key to revoke
  */
 void
-TEH_keys_denomination_revoke (const struct TALER_DenominationHash *h_denom_pub);
+TEH_keys_denomination_revoke (
+  const struct TALER_DenominationHashP *h_denom_pub);
 
 
 /**
@@ -208,7 +390,7 @@ TEH_keys_finished (void);
 
 
 /**
- * Resumse all suspended /keys requests, we may now have key material
+ * Resumes all suspended /keys requests, we may now have key material
  * (or are shutting down).
  *
  * @param do_shutdown are we shutting down?
@@ -245,7 +427,7 @@ TEH_keys_exchange_sign_ (
  * number of bytes of the data structure, including its header.  Use
  * #TEH_keys_exchange_sign() instead of calling this function directly!
  *
- * @param ksh key state state to look in
+ * @param cls key state state to look in
  * @param purpose the message to sign
  * @param[out] pub set to the current public signing key of the exchange
  * @param[out] sig signature over purpose using current signing key
@@ -253,7 +435,7 @@ TEH_keys_exchange_sign_ (
  */
 enum TALER_ErrorCode
 TEH_keys_exchange_sign2_ (
-  struct TEH_KeyStateHandle *ksh,
+  void *cls,
   const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
   struct TALER_ExchangePublicKeyP *pub,
   struct TALER_ExchangeSignatureP *sig);
@@ -365,6 +547,7 @@ TEH_keys_management_get_keys_handler (const struct TEH_RequestHandler *rh,
  * Load fees and expiration times (!) for the denomination type configured for
  * the denomination matching @a h_denom_pub.
  *
+ * @param ksh key state to load fees from
  * @param h_denom_pub hash of the denomination public key
  *        to use to derive the section name of the configuration to use
  * @param[out] denom_pub set to the denomination public key (to be freed by caller!)
@@ -374,7 +557,8 @@ TEH_keys_management_get_keys_handler (const struct TEH_RequestHandler *rh,
  *         #GNUNET_SYSERR on hard errors
  */
 enum GNUNET_GenericReturnValue
-TEH_keys_load_fees (const struct TALER_DenominationHash *h_denom_pub,
+TEH_keys_load_fees (struct TEH_KeyStateHandle *ksh,
+                    const struct TALER_DenominationHashP *h_denom_pub,
                     struct TALER_DenominationPublicKey *denom_pub,
                     struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta);