diff options
Diffstat (limited to 'src/include/taler_signatures.h')
-rw-r--r-- | src/include/taler_signatures.h | 1656 |
1 files changed, 0 insertions, 1656 deletions
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h deleted file mode 100644 index 6b5d37685..000000000 --- a/src/include/taler_signatures.h +++ /dev/null @@ -1,1656 +0,0 @@ -/* - This file is part of TALER - Copyright (C) 2014-2020 Taler Systems SA - - TALER is free software; you can redistribute it and/or modify it under the - terms of the GNU General Public License as published by the Free Software - Foundation; either version 3, or (at your option) any later version. - - TALER is distributed in the hope that it will be useful, but WITHOUT ANY - WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR - A PARTICULAR PURPOSE. See the GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along with - TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> -*/ -/** - * @file taler_signatures.h - * @brief message formats and signature constants used to define - * the binary formats of signatures in Taler - * @author Florian Dold - * @author Benedikt Mueller - * - * This file should define the constants and C structs that one needs - * to know to implement Taler clients (wallets or merchants or - * auditor) that need to produce or verify Taler signatures. - */ -#ifndef TALER_SIGNATURES_H -#define TALER_SIGNATURES_H - -#include <gnunet/gnunet_util_lib.h> -#include "taler_amount_lib.h" -#include "taler_crypto_lib.h" - -/** - * Cut-and-choose size for refreshing. Client looses the gamble (of - * unaccountable transfers) with probability 1/TALER_CNC_KAPPA. Refresh cost - * increases linearly with TALER_CNC_KAPPA, and 3 is sufficient up to a - * income/sales tax of 66% of total transaction value. As there is - * no good reason to change this security parameter, we declare it - * fixed and part of the protocol. - */ -#define TALER_CNC_KAPPA 3 - - -/*********************************************/ -/* Exchange offline signatures (with master key) */ -/*********************************************/ - -/** - * The given revocation key was revoked and must no longer be used. - */ -#define TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED 1020 - -/** - * Add payto URI to the list of our wire methods. - */ -#define TALER_SIGNATURE_MASTER_ADD_WIRE 1021 - -/** - * Remove payto URI from the list of our wire methods. - */ -#define TALER_SIGNATURE_MASTER_DEL_WIRE 1023 - -/** - * Purpose for signing public keys signed by the exchange master key. - */ -#define TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY 1024 - -/** - * Purpose for denomination keys signed by the exchange master key. - */ -#define TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY 1025 - -/** - * Add an auditor to the list of our auditors. - */ -#define TALER_SIGNATURE_MASTER_ADD_AUDITOR 1026 - -/** - * Remove an auditor from the list of our auditors. - */ -#define TALER_SIGNATURE_MASTER_DEL_AUDITOR 1027 - -/** - * Fees charged per (aggregate) wire transfer to the merchant. - */ -#define TALER_SIGNATURE_MASTER_WIRE_FEES 1028 - -/** - * The given revocation key was revoked and must no longer be used. - */ -#define TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED 1029 - -/** - * Signature where the Exchange confirms its IBAN details in - * the /wire response. - */ -#define TALER_SIGNATURE_MASTER_WIRE_DETAILS 1030 - - -/*********************************************/ -/* Exchange online signatures (with signing key) */ -/*********************************************/ - -/** - * Purpose for the state of a reserve, signed by the exchange's signing - * key. - */ -#define TALER_SIGNATURE_EXCHANGE_RESERVE_STATUS 1032 - -/** - * Signature where the Exchange confirms a deposit request. - */ -#define TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT 1033 - -/** - * Signature where the exchange (current signing key) confirms the - * no-reveal index for cut-and-choose and the validity of the melted - * coins. - */ -#define TALER_SIGNATURE_EXCHANGE_CONFIRM_MELT 1034 - -/** - * Signature where the Exchange confirms the full /keys response set. - */ -#define TALER_SIGNATURE_EXCHANGE_KEY_SET 1035 - -/** - * Signature where the Exchange confirms the /track/transaction response. - */ -#define TALER_SIGNATURE_EXCHANGE_CONFIRM_WIRE 1036 - -/** - * Signature where the Exchange confirms the /wire/deposit response. - */ -#define TALER_SIGNATURE_EXCHANGE_CONFIRM_WIRE_DEPOSIT 1037 - -/** - * Signature where the Exchange confirms a refund request. - */ -#define TALER_SIGNATURE_EXCHANGE_CONFIRM_REFUND 1038 - -/** - * Signature where the Exchange confirms a recoup. - */ -#define TALER_SIGNATURE_EXCHANGE_CONFIRM_RECOUP 1039 - -/** - * Signature where the Exchange confirms it closed a reserve. - */ -#define TALER_SIGNATURE_EXCHANGE_RESERVE_CLOSED 1040 - -/** - * Signature where the Exchange confirms a recoup-refresh operation. - */ -#define TALER_SIGNATURE_EXCHANGE_CONFIRM_RECOUP_REFRESH 1041 - -/** - * Signature where the Exchange confirms that it does not know a denomination (hash). - */ -#define TALER_SIGNATURE_EXCHANGE_AFFIRM_DENOM_UNKNOWN 1042 - - -/** - * Signature where the Exchange confirms that it does not consider a denomination valid for the given operation - * at this time. - */ -#define TALER_SIGNATURE_EXCHANGE_AFFIRM_DENOM_EXPIRED 1043 - - -/**********************/ -/* Auditor signatures */ -/**********************/ - -/** - * Signature where the auditor confirms that he is - * aware of certain denomination keys from the exchange. - */ -#define TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS 1064 - - -/***********************/ -/* Merchant signatures */ -/***********************/ - -/** - * Signature where the merchant confirms a contract (to the customer). - */ -#define TALER_SIGNATURE_MERCHANT_CONTRACT 1101 - -/** - * Signature where the merchant confirms a refund (of a coin). - */ -#define TALER_SIGNATURE_MERCHANT_REFUND 1102 - -/** - * Signature where the merchant confirms that he needs the wire - * transfer identifier for a deposit operation. - */ -#define TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION 1103 - -/** - * Signature where the merchant confirms that the payment was - * successful - */ -#define TALER_SIGNATURE_MERCHANT_PAYMENT_OK 1104 - -/** - * Signature where the merchant confirms that the user replayed - * a payment for a browser session. - */ -#define TALER_SIGNATURE_MERCHANT_PAY_SESSION 1106 - -/** - * Signature where the merchant confirms its own (salted) - * wire details (not yet really used). - */ -#define TALER_SIGNATURE_MERCHANT_WIRE_DETAILS 1107 - - -/*********************/ -/* Wallet signatures */ -/*********************/ - -/** - * Signature where the reserve key confirms a withdraw request. - */ -#define TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW 1200 - -/** - * Signature made by the wallet of a user to confirm a deposit of a coin. - */ -#define TALER_SIGNATURE_WALLET_COIN_DEPOSIT 1201 - -/** - * Signature using a coin key confirming the melting of a coin. - */ -#define TALER_SIGNATURE_WALLET_COIN_MELT 1202 - -/** - * Signature using a coin key requesting recoup. - */ -#define TALER_SIGNATURE_WALLET_COIN_RECOUP 1203 - -/** - * Signature using a coin key authenticating link data. - */ -#define TALER_SIGNATURE_WALLET_COIN_LINK 1204 - - -/******************************/ -/* Security module signatures */ -/******************************/ - -/** - * Signature on a denomination key announcement. - */ -#define TALER_SIGNATURE_SM_DENOMINATION_KEY 1250 - -/** - * Signature on an exchange message signing key announcement. - */ -#define TALER_SIGNATURE_SM_SIGNING_KEY 1251 - -/*******************/ -/* Test signatures */ -/*******************/ - -/** - * EdDSA test signature. - */ -#define TALER_SIGNATURE_CLIENT_TEST_EDDSA 1302 - -/** - * EdDSA test signature. - */ -#define TALER_SIGNATURE_EXCHANGE_TEST_EDDSA 1303 - - -/************************/ -/* Anastasis signatures */ -/************************/ - -/** - * EdDSA signature for a policy upload. - */ -#define TALER_SIGNATURE_ANASTASIS_POLICY_UPLOAD 1400 - -/** - * EdDSA signature for a policy download. - */ -#define TALER_SIGNATURE_ANASTASIS_POLICY_DOWNLOAD 1401 - - -/*******************/ -/* Sync signatures */ -/*******************/ - - -/** - * EdDSA signature for a backup upload. - */ -#define TALER_SIGNATURE_SYNC_BACKUP_UPLOAD 1450 - - -GNUNET_NETWORK_STRUCT_BEGIN - -/** - * @brief format used by the denomination crypto helper when affirming - * that it created a denomination key. - */ -struct TALER_DenominationKeyAnnouncementPS -{ - - /** - * Purpose must be #TALER_SIGNATURE_SM_DENOMINATION_KEY. - * Used with an EdDSA signature of a `struct TALER_SecurityModulePublicKeyP`. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash of the denomination public key. - */ - struct GNUNET_HashCode h_denom_pub; - - /** - * Hash of the section name in the configuration of this denomination. - */ - struct GNUNET_HashCode h_section_name; - - /** - * When does the key become available? - */ - struct GNUNET_TIME_AbsoluteNBO anchor_time; - - /** - * How long is the key available after @e anchor_time? - */ - struct GNUNET_TIME_RelativeNBO duration_withdraw; - -}; - - -/** - * @brief format used by the signing crypto helper when affirming - * that it created an exchange signing key. - */ -struct TALER_SigningKeyAnnouncementPS -{ - - /** - * Purpose must be #TALER_SIGNATURE_SM_SIGNING_KEY. - * Used with an EdDSA signature of a `struct TALER_SecurityModulePublicKeyP`. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Public signing key of the exchange this is about. - */ - struct TALER_ExchangePublicKeyP exchange_pub; - - /** - * When does the key become available? - */ - struct GNUNET_TIME_AbsoluteNBO anchor_time; - - /** - * How long is the key available after @e anchor_time? - */ - struct GNUNET_TIME_RelativeNBO duration; - -}; - -/** - * @brief Format used for to allow the wallet to authenticate - * link data provided by the exchange. - */ -struct TALER_LinkDataPS -{ - - /** - * Purpose must be #TALER_SIGNATURE_WALLET_COIN_LINK. - * Used with an EdDSA signature of a `struct TALER_CoinPublicKeyP`. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash of the denomination public key of the new coin. - */ - struct GNUNET_HashCode h_denom_pub; - - /** - * Transfer public key (for which the private key was not revealed) - */ - struct TALER_TransferPublicKeyP transfer_pub; - - /** - * Hash of the blinded new coin. - */ - struct GNUNET_HashCode coin_envelope_hash; -}; - - -/** - * @brief Format used for to generate the signature on a request to withdraw - * coins from a reserve. - */ -struct TALER_WithdrawRequestPS -{ - - /** - * Purpose must be #TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW. - * Used with an EdDSA signature of a `struct TALER_ReservePublicKeyP`. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Reserve public key (which reserve to withdraw from). This is - * the public key which must match the signature. - */ - struct TALER_ReservePublicKeyP reserve_pub; - - /** - * Value of the coin being exchangeed (matching the denomination key) - * plus the transaction fee. We include this in what is being - * signed so that we can verify a reserve's remaining total balance - * without needing to access the respective denomination key - * information each time. - */ - struct TALER_AmountNBO amount_with_fee; - - /** - * Hash of the denomination public key for the coin that is withdrawn. - */ - struct GNUNET_HashCode h_denomination_pub GNUNET_PACKED; - - /** - * Hash of the (blinded) message to be signed by the Exchange. - */ - struct GNUNET_HashCode h_coin_envelope GNUNET_PACKED; -}; - - -/** - * @brief Format used to generate the signature on a request to deposit - * a coin into the account of a merchant. - */ -struct TALER_DepositRequestPS -{ - /** - * Purpose must be #TALER_SIGNATURE_WALLET_COIN_DEPOSIT. - * Used for an EdDSA signature with the `struct TALER_CoinSpendPublicKeyP`. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash over the contract for which this deposit is made. - */ - struct GNUNET_HashCode h_contract_terms GNUNET_PACKED; - - /** - * Hash over the wiring information of the merchant. - */ - struct GNUNET_HashCode h_wire GNUNET_PACKED; - - /** - * Hash over the denomination public key used to sign the coin. - */ - struct GNUNET_HashCode h_denom_pub GNUNET_PACKED; - - /** - * Time when this request was generated. Used, for example, to - * assess when (roughly) the income was achieved for tax purposes. - * Note that the Exchange will only check that the timestamp is not "too - * far" into the future (i.e. several days). The fact that the - * timestamp falls within the validity period of the coin's - * denomination key is irrelevant for the validity of the deposit - * request, as obviously the customer and merchant could conspire to - * set any timestamp. Also, the Exchange must accept very old deposit - * requests, as the merchant might have been unable to transmit the - * deposit request in a timely fashion (so back-dating is not - * prevented). - */ - struct GNUNET_TIME_AbsoluteNBO wallet_timestamp; - - /** - * How much time does the merchant have to issue a refund request? - * Zero if refunds are not allowed. After this time, the coin - * cannot be refunded. - */ - struct GNUNET_TIME_AbsoluteNBO refund_deadline; - - /** - * Amount to be deposited, including deposit fee charged by the - * exchange. This is the total amount that the coin's value at the exchange - * will be reduced by. - */ - struct TALER_AmountNBO amount_with_fee; - - /** - * Depositing fee charged by the exchange. This must match the Exchange's - * denomination key's depositing fee. If the client puts in an - * invalid deposit fee (too high or too low) that does not match the - * Exchange's denomination key, the deposit operation is invalid and - * will be rejected by the exchange. The @e amount_with_fee minus the - * @e deposit_fee is the amount that will be transferred to the - * account identified by @e h_wire. - */ - struct TALER_AmountNBO deposit_fee; - - /** - * The Merchant's public key. Allows the merchant to later refund - * the transaction or to inquire about the wire transfer identifier. - */ - struct TALER_MerchantPublicKeyP merchant; - - /** - * The coin's public key. This is the value that must have been - * signed (blindly) by the Exchange. The deposit request is to be - * signed by the corresponding private key (using EdDSA). - */ - struct TALER_CoinSpendPublicKeyP coin_pub; - -}; - - -/** - * @brief Format used to generate the signature on a confirmation - * from the exchange that a deposit request succeeded. - */ -struct TALER_DepositConfirmationPS -{ - /** - * Purpose must be #TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT. Signed - * by a `struct TALER_ExchangePublicKeyP` using EdDSA. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash over the contract for which this deposit is made. - */ - struct GNUNET_HashCode h_contract_terms GNUNET_PACKED; - - /** - * Hash over the wiring information of the merchant. - */ - struct GNUNET_HashCode h_wire GNUNET_PACKED; - - /** - * Time when this confirmation was generated / when the exchange received - * the deposit request. - */ - struct GNUNET_TIME_AbsoluteNBO exchange_timestamp; - - /** - * How much time does the @e merchant have to issue a refund - * request? Zero if refunds are not allowed. After this time, the - * coin cannot be refunded. Note that the wire transfer will not be - * performed by the exchange until the refund deadline. This value - * is taken from the original deposit request. - */ - struct GNUNET_TIME_AbsoluteNBO refund_deadline; - - /** - * Amount to be deposited, excluding fee. Calculated from the - * amount with fee and the fee from the deposit request. - */ - struct TALER_AmountNBO amount_without_fee; - - /** - * The coin's public key. This is the value that must have been - * signed (blindly) by the Exchange. The deposit request is to be - * signed by the corresponding private key (using EdDSA). - */ - struct TALER_CoinSpendPublicKeyP coin_pub; - - /** - * The Merchant's public key. Allows the merchant to later refund - * the transaction or to inquire about the wire transfer identifier. - */ - struct TALER_MerchantPublicKeyP merchant; - -}; - - -/** - * @brief Format used to generate the signature on a request to refund - * a coin into the account of the customer. - */ -struct TALER_RefundRequestPS -{ - /** - * Purpose must be #TALER_SIGNATURE_MERCHANT_REFUND. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash over the proposal data to identify the contract - * which is being refunded. - */ - struct GNUNET_HashCode h_contract_terms GNUNET_PACKED; - - /** - * The coin's public key. This is the value that must have been - * signed (blindly) by the Exchange. - */ - struct TALER_CoinSpendPublicKeyP coin_pub; - - /** - * The Merchant's public key. Allows the merchant to later refund - * the transaction or to inquire about the wire transfer identifier. - */ - struct TALER_MerchantPublicKeyP merchant; - - /** - * Merchant-generated transaction ID for the refund. - */ - uint64_t rtransaction_id GNUNET_PACKED; - - /** - * Amount to be refunded, including refund fee charged by the - * exchange to the customer. - */ - struct TALER_AmountNBO refund_amount; -}; - - -/** - * @brief Format used to generate the signature on a request to refund - * a coin into the account of the customer. - */ -struct TALER_RefundConfirmationPS -{ - /** - * Purpose must be #TALER_SIGNATURE_EXCHANGE_CONFIRM_REFUND. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash over the proposal data to identify the contract - * which is being refunded. - */ - struct GNUNET_HashCode h_contract_terms GNUNET_PACKED; - - /** - * The coin's public key. This is the value that must have been - * signed (blindly) by the Exchange. - */ - struct TALER_CoinSpendPublicKeyP coin_pub; - - /** - * The Merchant's public key. Allows the merchant to later refund - * the transaction or to inquire about the wire transfer identifier. - */ - struct TALER_MerchantPublicKeyP merchant; - - /** - * Merchant-generated transaction ID for the refund. - */ - uint64_t rtransaction_id GNUNET_PACKED; - - /** - * Amount to be refunded, including refund fee charged by the - * exchange to the customer. - */ - struct TALER_AmountNBO refund_amount; -}; - - -/** - * @brief Message signed by a coin to indicate that the coin should be - * melted. - */ -struct TALER_RefreshMeltCoinAffirmationPS -{ - /** - * Purpose is #TALER_SIGNATURE_WALLET_COIN_MELT. - * Used for an EdDSA signature with the `struct TALER_CoinSpendPublicKeyP`. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Which melt commitment is made by the wallet. - */ - struct TALER_RefreshCommitmentP rc GNUNET_PACKED; - - /** - * Hash over the denomination public key used to sign the coin. - */ - struct GNUNET_HashCode h_denom_pub GNUNET_PACKED; - - /** - * How much of the value of the coin should be melted? This amount - * includes the fees, so the final amount contributed to the melt is - * this value minus the fee for melting the coin. We include the - * fee in what is being signed so that we can verify a reserve's - * remaining total balance without needing to access the respective - * denomination key information each time. - */ - struct TALER_AmountNBO amount_with_fee; - - /** - * Melting fee charged by the exchange. This must match the Exchange's - * denomination key's melting fee. If the client puts in an invalid - * melting fee (too high or too low) that does not match the Exchange's - * denomination key, the melting operation is invalid and will be - * rejected by the exchange. The @e amount_with_fee minus the @e - * melt_fee is the amount that will be credited to the melting - * session. - */ - struct TALER_AmountNBO melt_fee; - - /** - * The coin's public key. This is the value that must have been - * signed (blindly) by the Exchange. The deposit request is to be - * signed by the corresponding private key (using EdDSA). - */ - struct TALER_CoinSpendPublicKeyP coin_pub; -}; - - -/** - * @brief Format of the block signed by the Exchange in response to a successful - * "/refresh/melt" request. Hereby the exchange affirms that all of the - * coins were successfully melted. This also commits the exchange to a - * particular index to not be revealed during the refresh. - */ -struct TALER_RefreshMeltConfirmationPS -{ - /** - * Purpose is #TALER_SIGNATURE_EXCHANGE_CONFIRM_MELT. Signed - * by a `struct TALER_ExchangePublicKeyP` using EdDSA. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Commitment made in the /refresh/melt. - */ - struct TALER_RefreshCommitmentP rc GNUNET_PACKED; - - /** - * Index that the client will not have to reveal, in NBO. - * Must be smaller than #TALER_CNC_KAPPA. - */ - uint32_t noreveal_index GNUNET_PACKED; - -}; - - -/** - * @brief Information about a signing key of the exchange. Signing keys are used - * to sign exchange messages other than coins, i.e. to confirm that a - * deposit was successful or that a refresh was accepted. - */ -struct TALER_ExchangeSigningKeyValidityPS -{ - - /** - * Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * When does this signing key begin to be valid? - */ - struct GNUNET_TIME_AbsoluteNBO start; - - /** - * When does this signing key expire? Note: This is currently when - * the Exchange will definitively stop using it. Signatures made with - * the key remain valid until @e end. When checking validity periods, - * clients should allow for some overlap between keys and tolerate - * the use of either key during the overlap time (due to the - * possibility of clock skew). - */ - struct GNUNET_TIME_AbsoluteNBO expire; - - /** - * When do signatures with this signing key become invalid? After - * this point, these signatures cannot be used in (legal) disputes - * anymore, as the Exchange is then allowed to destroy its side of the - * evidence. @e end is expected to be significantly larger than @e - * expire (by a year or more). - */ - struct GNUNET_TIME_AbsoluteNBO end; - - /** - * The public online signing key that the exchange will use - * between @e start and @e expire. - */ - struct TALER_ExchangePublicKeyP signkey_pub; -}; - - -/** - * @brief Signature made by the exchange over the full set of keys, used - * to detect cheating exchanges that give out different sets to - * different users. - */ -struct TALER_ExchangeKeySetPS -{ - - /** - * Purpose is #TALER_SIGNATURE_EXCHANGE_KEY_SET. Signed - * by a `struct TALER_ExchangePublicKeyP` using EdDSA. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Time of the key set issue. - */ - struct GNUNET_TIME_AbsoluteNBO list_issue_date; - - /** - * Hash over the various denomination signing keys returned. - */ - struct GNUNET_HashCode hc GNUNET_PACKED; -}; - - -/** - * @brief Signature made by the exchange offline key over the information of - * an auditor to be added to the exchange's set of auditors. - */ -struct TALER_MasterAddAuditorPS -{ - - /** - * Purpose is #TALER_SIGNATURE_MASTER_ADD_AUDITOR. Signed - * by a `struct TALER_MasterPublicKeyP` using EdDSA. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Time of the change. - */ - struct GNUNET_TIME_AbsoluteNBO start_date; - - /** - * Public key of the auditor. - */ - struct TALER_AuditorPublicKeyP auditor_pub; - - /** - * Hash over the auditor's URL. - */ - struct GNUNET_HashCode h_auditor_url GNUNET_PACKED; -}; - - -/** - * @brief Signature made by the exchange offline key over the information of - * an auditor to be removed from the exchange's set of auditors. - */ -struct TALER_MasterDelAuditorPS -{ - - /** - * Purpose is #TALER_SIGNATURE_MASTER_DEL_AUDITOR. Signed - * by a `struct TALER_MasterPublicKeyP` using EdDSA. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Time of the change. - */ - struct GNUNET_TIME_AbsoluteNBO end_date; - - /** - * Public key of the auditor. - */ - struct TALER_AuditorPublicKeyP auditor_pub; - -}; - - -/** - * @brief Signature made by the exchange offline key over the information of - * a payto:// URI to be added to the exchange's set of active wire accounts. - */ -struct TALER_MasterAddWirePS -{ - - /** - * Purpose is #TALER_SIGNATURE_MASTER_ADD_WIRE. Signed - * by a `struct TALER_MasterPublicKeyP` using EdDSA. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Time of the change. - */ - struct GNUNET_TIME_AbsoluteNBO start_date; - - /** - * Hash over the exchange's payto URI. - */ - struct GNUNET_HashCode h_wire GNUNET_PACKED; -}; - - -/** - * @brief Signature made by the exchange offline key over the information of - * a wire method to be removed to the exchange's set of active accounts. - */ -struct TALER_MasterDelWirePS -{ - - /** - * Purpose is #TALER_SIGNATURE_MASTER_DEL_WIRE. Signed - * by a `struct TALER_MasterPublicKeyP` using EdDSA. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Time of the change. - */ - struct GNUNET_TIME_AbsoluteNBO end_date; - - /** - * Hash over the exchange's payto URI. - */ - struct GNUNET_HashCode h_wire GNUNET_PACKED; - -}; - - -/** - * @brief Information about a denomination key. Denomination keys - * are used to sign coins of a certain value into existence. - */ -struct TALER_DenominationKeyValidityPS -{ - - /** - * Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * The long-term offline master key of the exchange that was - * used to create @e signature. - */ - struct TALER_MasterPublicKeyP master; - - /** - * Start time of the validity period for this key. - */ - struct GNUNET_TIME_AbsoluteNBO start; - - /** - * The exchange will sign fresh coins between @e start and this time. - * @e expire_withdraw will be somewhat larger than @e start to - * ensure a sufficiently large anonymity set, while also allowing - * the Exchange to limit the financial damage in case of a key being - * compromised. Thus, exchanges with low volume are expected to have a - * longer withdraw period (@e expire_withdraw - @e start) than exchanges - * with high transaction volume. The period may also differ between - * types of coins. A exchange may also have a few denomination keys - * with the same value with overlapping validity periods, to address - * issues such as clock skew. - */ - struct GNUNET_TIME_AbsoluteNBO expire_withdraw; - - /** - * Coins signed with the denomination key must be spent or refreshed - * between @e start and this expiration time. After this time, the - * exchange will refuse transactions involving this key as it will - * "drop" the table with double-spending information (shortly after) - * this time. Note that wallets should refresh coins significantly - * before this time to be on the safe side. @e expire_deposit must be - * significantly larger than @e expire_withdraw (by months or even - * years). - */ - struct GNUNET_TIME_AbsoluteNBO expire_deposit; - - /** - * When do signatures with this denomination key become invalid? - * After this point, these signatures cannot be used in (legal) - * disputes anymore, as the Exchange is then allowed to destroy its side - * of the evidence. @e expire_legal is expected to be significantly - * larger than @e expire_deposit (by a year or more). - */ - struct GNUNET_TIME_AbsoluteNBO expire_legal; - - /** - * The value of the coins signed with this denomination key. - */ - struct TALER_AmountNBO value; - - /** - * The fee the exchange charges when a coin of this type is withdrawn. - * (can be zero). - */ - struct TALER_AmountNBO fee_withdraw; - - /** - * The fee the exchange charges when a coin of this type is deposited. - * (can be zero). - */ - struct TALER_AmountNBO fee_deposit; - - /** - * The fee the exchange charges when a coin of this type is refreshed. - * (can be zero). - */ - struct TALER_AmountNBO fee_refresh; - - /** - * The fee the exchange charges when a coin of this type is refunded. - * (can be zero). Note that refund fees are charged to the customer; - * if a refund is given, the deposit fee is also refunded. - */ - struct TALER_AmountNBO fee_refund; - - /** - * Hash code of the denomination public key. (Used to avoid having - * the variable-size RSA key in this struct.) - */ - struct GNUNET_HashCode denom_hash GNUNET_PACKED; - -}; - - -/** - * @brief Information signed by an auditor affirming - * the master public key and the denomination keys - * of a exchange. - */ -struct TALER_ExchangeKeyValidityPS -{ - - /** - * Purpose is #TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash of the auditor's URL (including 0-terminator). - */ - struct GNUNET_HashCode auditor_url_hash; - - /** - * The long-term offline master key of the exchange, affirmed by the - * auditor. - */ - struct TALER_MasterPublicKeyP master; - - /** - * Start time of the validity period for this key. - */ - struct GNUNET_TIME_AbsoluteNBO start; - - /** - * The exchange will sign fresh coins between @e start and this time. - * @e expire_withdraw will be somewhat larger than @e start to - * ensure a sufficiently large anonymity set, while also allowing - * the Exchange to limit the financial damage in case of a key being - * compromised. Thus, exchanges with low volume are expected to have a - * longer withdraw period (@e expire_withdraw - @e start) than exchanges - * with high transaction volume. The period may also differ between - * types of coins. A exchange may also have a few denomination keys - * with the same value with overlapping validity periods, to address - * issues such as clock skew. - */ - struct GNUNET_TIME_AbsoluteNBO expire_withdraw; - - /** - * Coins signed with the denomination key must be spent or refreshed - * between @e start and this expiration time. After this time, the - * exchange will refuse transactions involving this key as it will - * "drop" the table with double-spending information (shortly after) - * this time. Note that wallets should refresh coins significantly - * before this time to be on the safe side. @e expire_deposit must be - * significantly larger than @e expire_withdraw (by months or even - * years). - */ - struct GNUNET_TIME_AbsoluteNBO expire_deposit; - - /** - * When do signatures with this denomination key become invalid? - * After this point, these signatures cannot be used in (legal) - * disputes anymore, as the Exchange is then allowed to destroy its side - * of the evidence. @e expire_legal is expected to be significantly - * larger than @e expire_deposit (by a year or more). - */ - struct GNUNET_TIME_AbsoluteNBO expire_legal; - - /** - * The value of the coins signed with this denomination key. - */ - struct TALER_AmountNBO value; - - /** - * The fee the exchange charges when a coin of this type is withdrawn. - * (can be zero). - */ - struct TALER_AmountNBO fee_withdraw; - - /** - * The fee the exchange charges when a coin of this type is deposited. - * (can be zero). - */ - struct TALER_AmountNBO fee_deposit; - - /** - * The fee the exchange charges when a coin of this type is refreshed. - * (can be zero). - */ - struct TALER_AmountNBO fee_refresh; - - /** - * The fee the exchange charges when a coin of this type is refreshed. - * (can be zero). - */ - struct TALER_AmountNBO fee_refund; - - /** - * Hash code of the denomination public key. (Used to avoid having - * the variable-size RSA key in this struct.) - */ - struct GNUNET_HashCode denom_hash GNUNET_PACKED; - -}; - - -/** - * @brief Information signed by the exchange's master - * key affirming the IBAN details for the exchange. - */ -struct TALER_MasterWireDetailsPS -{ - - /** - * Purpose is #TALER_SIGNATURE_MASTER_WIRE_DETAILS. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash over the account holder's payto:// URL and - * the salt, as done by #TALER_exchange_wire_signature_hash(). - */ - struct GNUNET_HashCode h_wire_details GNUNET_PACKED; - -}; - - -/** - * @brief Information signed by the exchange's master - * key stating the wire fee to be paid per wire transfer. - */ -struct TALER_MasterWireFeePS -{ - - /** - * Purpose is #TALER_SIGNATURE_MASTER_WIRE_FEES. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash over the wire method (yes, H("x-taler-bank") or H("iban")), in lower - * case, including 0-terminator. Used to uniquely identify which - * wire method these fees apply to. - */ - struct GNUNET_HashCode h_wire_method; - - /** - * Start date when the fee goes into effect. - */ - struct GNUNET_TIME_AbsoluteNBO start_date; - - /** - * End date when the fee stops being in effect (exclusive) - */ - struct GNUNET_TIME_AbsoluteNBO end_date; - - /** - * Fee charged to the merchant per wire transfer. - */ - struct TALER_AmountNBO wire_fee; - - /** - * Closing fee charged when we wire back funds of a reserve. - */ - struct TALER_AmountNBO closing_fee; - -}; - - -/** - * @brief Message confirming that a denomination key was revoked. - */ -struct TALER_MasterDenominationKeyRevocationPS -{ - /** - * Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash of the denomination key. - */ - struct GNUNET_HashCode h_denom_pub; - -}; - - -/** - * @brief Message confirming that an exchange online signing key was revoked. - */ -struct TALER_MasterSigningKeyRevocationPS -{ - /** - * Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * The exchange's public key. - */ - struct TALER_ExchangePublicKeyP exchange_pub; - -}; - - -/** - * @brief Format used to generate the signature on a request to obtain - * the wire transfer identifier associated with a deposit. - */ -struct TALER_DepositTrackPS -{ - /** - * Purpose must be #TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash over the proposal data of the contract for which this deposit is made. - */ - struct GNUNET_HashCode h_contract_terms GNUNET_PACKED; - - /** - * Hash over the wiring information of the merchant. - */ - struct GNUNET_HashCode h_wire GNUNET_PACKED; - - /** - * The Merchant's public key. The deposit inquiry request is to be - * signed by the corresponding private key (using EdDSA). - */ - struct TALER_MerchantPublicKeyP merchant; - - /** - * The coin's public key. This is the value that must have been - * signed (blindly) by the Exchange. - */ - struct TALER_CoinSpendPublicKeyP coin_pub; - -}; - - -/** - * @brief Format internally used for packing the detailed information - * to generate the signature for /track/transfer signatures. - */ -struct TALER_WireDepositDetailP -{ - - /** - * Hash of the contract - */ - struct GNUNET_HashCode h_contract_terms; - - /** - * Time when the wire transfer was performed by the exchange. - */ - struct GNUNET_TIME_AbsoluteNBO execution_time; - - /** - * Coin's public key. - */ - struct TALER_CoinSpendPublicKeyP coin_pub; - - /** - * Total value of the coin. - */ - struct TALER_AmountNBO deposit_value; - - /** - * Fees charged by the exchange for the deposit. - */ - struct TALER_AmountNBO deposit_fee; - -}; - - -/** - * @brief Format used to generate the signature for /wire/deposit - * replies. - */ -struct TALER_WireDepositDataPS -{ - /** - * Purpose header for the signature over the contract with - * purpose #TALER_SIGNATURE_EXCHANGE_CONFIRM_WIRE_DEPOSIT. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Total amount that was transferred. - */ - struct TALER_AmountNBO total; - - /** - * Wire fee that was charged. - */ - struct TALER_AmountNBO wire_fee; - - /** - * Public key of the merchant (for all aggregated transactions). - */ - struct TALER_MerchantPublicKeyP merchant_pub; - - /** - * Hash of wire details of the merchant. - */ - struct GNUNET_HashCode h_wire; - - /** - * Hash of the individual deposits that were aggregated, - * each in the format of a `struct TALER_WireDepositDetailP`. - */ - struct GNUNET_HashCode h_details; - -}; - -/** - * The contract sent by the merchant to the wallet. - */ -struct TALER_ProposalDataPS -{ - /** - * Purpose header for the signature over the proposal data - * with purpose #TALER_SIGNATURE_MERCHANT_CONTRACT. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash of the JSON contract in UTF-8 including 0-termination, - * using JSON_COMPACT | JSON_SORT_KEYS - */ - struct GNUNET_HashCode hash; -}; - -/** - * Used by merchants to return signed responses to /pay requests. - * Currently only used to return 200 OK signed responses. - */ -struct TALER_PaymentResponsePS -{ - /** - * Set to #TALER_SIGNATURE_MERCHANT_PAYMENT_OK. Note that - * unsuccessful payments are usually proven by some exchange's signature. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash of the proposal data associated with this confirmation - */ - struct GNUNET_HashCode h_contract_terms; -}; - - -/** - * Details affirmed by the exchange about a wire transfer the exchange - * claims to have done with respect to a deposit operation. - */ -struct TALER_ConfirmWirePS -{ - /** - * Purpose header for the signature over the contract with - * purpose #TALER_SIGNATURE_EXCHANGE_CONFIRM_WIRE. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hash over the wiring information of the merchant. - */ - struct GNUNET_HashCode h_wire GNUNET_PACKED; - - /** - * Hash over the contract for which this deposit is made. - */ - struct GNUNET_HashCode h_contract_terms GNUNET_PACKED; - - /** - * Raw value (binary encoding) of the wire transfer subject. - */ - struct TALER_WireTransferIdentifierRawP wtid; - - /** - * The coin's public key. This is the value that must have been - * signed (blindly) by the Exchange. - */ - struct TALER_CoinSpendPublicKeyP coin_pub; - - /** - * When did the exchange execute this transfer? Note that the - * timestamp may not be exactly the same on the wire, i.e. - * because the wire has a different timezone or resolution. - */ - struct GNUNET_TIME_AbsoluteNBO execution_time; - - /** - * The contribution of @e coin_pub to the total transfer volume. - * This is the value of the deposit minus the fee. - */ - struct TALER_AmountNBO coin_contribution; - -}; - - -/** - * Signed data to request that a coin should be refunded as part of - * the "emergency" /recoup protocol. The refund will go back to the bank - * account that created the reserve. - */ -struct TALER_RecoupRequestPS -{ - /** - * Purpose is #TALER_SIGNATURE_WALLET_COIN_RECOUP - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Public key of the coin to be refunded. - */ - struct TALER_CoinSpendPublicKeyP coin_pub; - - /** - * Hash of the (revoked) denomination public key of the coin. - */ - struct GNUNET_HashCode h_denom_pub; - - /** - * Blinding factor that was used to withdraw the coin. - */ - struct TALER_DenominationBlindingKeyP coin_blind; -}; - - -/** - * Response by which the exchange affirms that it will - * refund a coin as part of the emergency /recoup - * protocol. The recoup will go back to the bank - * account that created the reserve. - */ -struct TALER_RecoupConfirmationPS -{ - - /** - * Purpose is #TALER_SIGNATURE_EXCHANGE_CONFIRM_RECOUP - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * When did the exchange receive the recoup request? - * Indirectly determines when the wire transfer is (likely) - * to happen. - */ - struct GNUNET_TIME_AbsoluteNBO timestamp; - - /** - * How much of the coin's value will the exchange transfer? - * (Needed in case the coin was partially spent.) - */ - struct TALER_AmountNBO recoup_amount; - - /** - * Public key of the coin. - */ - struct TALER_CoinSpendPublicKeyP coin_pub; - - /** - * Public key of the reserve that will receive the recoup. - */ - struct TALER_ReservePublicKeyP reserve_pub; -}; - - -/** - * Response by which the exchange affirms that it will refund a refreshed coin - * as part of the emergency /recoup protocol. The recoup will go back to the - * old coin's balance. - */ -struct TALER_RecoupRefreshConfirmationPS -{ - - /** - * Purpose is #TALER_SIGNATURE_EXCHANGE_CONFIRM_RECOUP_REFRESH - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * When did the exchange receive the recoup request? - * Indirectly determines when the wire transfer is (likely) - * to happen. - */ - struct GNUNET_TIME_AbsoluteNBO timestamp; - - /** - * How much of the coin's value will the exchange transfer? - * (Needed in case the coin was partially spent.) - */ - struct TALER_AmountNBO recoup_amount; - - /** - * Public key of the refreshed coin. - */ - struct TALER_CoinSpendPublicKeyP coin_pub; - - /** - * Public key of the old coin that will receive the recoup. - */ - struct TALER_CoinSpendPublicKeyP old_coin_pub; -}; - - -/** - * Response by which the exchange affirms that it does not - * currently know a denomination by the given hash. - */ -struct TALER_DenominationUnknownAffirmationPS -{ - - /** - * Purpose is #TALER_SIGNATURE_EXCHANGE_AFFIRM_DENOM_UNKNOWN - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * When did the exchange sign this message. - */ - struct GNUNET_TIME_AbsoluteNBO timestamp; - - /** - * Hash of the public denomination key we do not know. - */ - struct GNUNET_HashCode h_denom_pub; -}; - - -/** - * Response by which the exchange affirms that it does not - * currently consider the given denomination to be valid - * for the requested operation. - */ -struct TALER_DenominationExpiredAffirmationPS -{ - - /** - * Purpose is #TALER_SIGNATURE_EXCHANGE_AFFIRM_DENOM_EXPIRED - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * When did the exchange sign this message. - */ - struct GNUNET_TIME_AbsoluteNBO timestamp; - - /** - * Name of the operation that is not allowed at this time. Might NOT be 0-terminated, but is padded with 0s. - */ - char operation[8]; - - /** - * Hash of the public denomination key we do not know. - */ - struct GNUNET_HashCode h_denom_pub; - -}; - - -/** - * Response by which the exchange affirms that it has - * closed a reserve and send back the funds. - */ -struct TALER_ReserveCloseConfirmationPS -{ - - /** - * Purpose is #TALER_SIGNATURE_EXCHANGE_RESERVE_CLOSED - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * When did the exchange initiate the wire transfer. - */ - struct GNUNET_TIME_AbsoluteNBO timestamp; - - /** - * How much did the exchange send? - */ - struct TALER_AmountNBO closing_amount; - - /** - * How much did the exchange charge for closing the reserve? - */ - struct TALER_AmountNBO closing_fee; - - /** - * Public key of the reserve that received the recoup. - */ - struct TALER_ReservePublicKeyP reserve_pub; - - /** - * Hash of the receiver's bank account. - */ - struct GNUNET_HashCode h_wire; - - /** - * Wire transfer subject. - */ - struct TALER_WireTransferIdentifierRawP wtid; -}; - - -/** - * Used by the merchant to confirm to the frontend that - * the user did a payment replay with the current browser session. - */ -struct TALER_MerchantPaySessionSigPS -{ - /** - * Set to #TALER_SIGNATURE_MERCHANT_PAY_SESSION. - */ - struct GNUNET_CRYPTO_EccSignaturePurpose purpose; - - /** - * Hashed order id. - * Hashed without the 0-termination. - */ - struct GNUNET_HashCode h_order_id GNUNET_PACKED; - - /** - * Hashed session id. - * Hashed without the 0-termination. - */ - struct GNUNET_HashCode h_session_id GNUNET_PACKED; - -}; - - -GNUNET_NETWORK_STRUCT_END - -#endif |