From 2e7b28765ea2871df03353681f0680c53ec3ebef Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 6 Jul 2015 10:16:49 +0200 Subject: simplifying use of struct TALER_DenominationKeyValidityPS by removing signature --- src/include/taler_mintdb_lib.h | 20 +++++++++++++++- src/include/taler_mintdb_plugin.h | 4 ++-- src/include/taler_signatures.h | 48 +++++++++++++++++++++++++++++++++++---- 3 files changed, 64 insertions(+), 8 deletions(-) (limited to 'src/include') diff --git a/src/include/taler_mintdb_lib.h b/src/include/taler_mintdb_lib.h index 739194a40..24f677617 100644 --- a/src/include/taler_mintdb_lib.h +++ b/src/include/taler_mintdb_lib.h @@ -60,6 +60,24 @@ struct TALER_MINTDB_PrivateSigningKeyInformationP }; +/** + * Information about a denomination key. + */ +struct TALER_MINTDB_DenominationKeyInformationP +{ + + /** + * Signature over this struct to affirm the validity of the key. + */ + struct TALER_MasterSignatureP signature; + + /** + * Signed properties of the denomination key. + */ + struct TALER_DenominationKeyValidityPS properties; +}; + + GNUNET_NETWORK_STRUCT_END @@ -85,7 +103,7 @@ struct TALER_MINTDB_DenominationKeyIssueInformation /** * Signed public information about a denomination key. */ - struct TALER_DenominationKeyValidityPS issue; + struct TALER_MINTDB_DenominationKeyInformationP issue; }; diff --git a/src/include/taler_mintdb_plugin.h b/src/include/taler_mintdb_plugin.h index af5f2c196..21d83d9d8 100644 --- a/src/include/taler_mintdb_plugin.h +++ b/src/include/taler_mintdb_plugin.h @@ -697,7 +697,7 @@ struct TALER_MINTDB_Plugin (*insert_denomination_info) (void *cls, struct TALER_MINTDB_Session *session, const struct TALER_DenominationPublicKey *denom_pub, - const struct TALER_DenominationKeyValidityPS *issue); + const struct TALER_MINTDB_DenominationKeyInformationP *issue); /** @@ -713,7 +713,7 @@ struct TALER_MINTDB_Plugin (*get_denomination_info) (void *cls, struct TALER_MINTDB_Session *session, const struct TALER_DenominationPublicKey *denom_pub, - struct TALER_DenominationKeyValidityPS *issue); + struct TALER_MINTDB_DenominationKeyInformationP *issue); /** diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 70fc1c0ad..eebddd2dd 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -89,6 +89,17 @@ #define TALER_SIGNATURE_MINT_KEY_SET 1035 +/*********************/ +/* Wallet signatures */ +/*********************/ + +/** + * Signature where the auditor confirms that he is + * aware of certain denomination keys from the mint. + */ +#define TALER_SIGNATURE_AUDITOR_MINT_KEYS 1064 + + /***********************/ /* Merchant signatures */ /***********************/ @@ -123,11 +134,11 @@ */ #define TALER_SIGNATURE_WALLET_COIN_MELT 1202 + /*******************/ /* Test signatures */ /*******************/ - /** * EdDSA test signature. */ @@ -512,10 +523,6 @@ struct TALER_MintKeySetPS */ struct TALER_DenominationKeyValidityPS { - /** - * Signature over this struct to affirm the validity of the key. - */ - struct TALER_MasterSignatureP signature; /** * Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY. @@ -599,6 +606,37 @@ struct TALER_DenominationKeyValidityPS }; + +/** + * @brief Information about a denomination key. Denomination keys + * are used to sign coins of a certain value into existence. + */ +struct TALER_MintKeyValidityPS +{ + + /** + * Purpose is #TALER_SIGNATURE_AUDITOR_MINT_KEYS. + */ + struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + + /** + * The long-term offline master key of the mint, affirmed by the + * auditor. + */ + struct TALER_MasterPublicKeyP master; + + /** + * Array of hash(es) of the mint's denomination keys. + * Specifically, this is the hash over the + * `struct TALER_DenominationKeyValidityPS`, not just + * the public key (as the auditor needs to check against + * the correct valuations and fee structure). + */ + /* struct GNUNET_HashCode h_dks; */ + +}; + + GNUNET_NETWORK_STRUCT_END #endif -- cgit v1.2.3 From 1164803c8bf17e653630ba4316e0ecb85f0a402a Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 6 Jul 2015 10:25:52 +0200 Subject: defining auditor sig --- src/include/taler_mint_service.h | 58 +++++++++++++++++++++++++--------------- src/include/taler_signatures.h | 5 ++-- 2 files changed, 39 insertions(+), 24 deletions(-) (limited to 'src/include') diff --git a/src/include/taler_mint_service.h b/src/include/taler_mint_service.h index 7822d6200..c9dbfb874 100644 --- a/src/include/taler_mint_service.h +++ b/src/include/taler_mint_service.h @@ -117,28 +117,6 @@ enum TALER_MINT_Option }; -/** - * Information we get from the mint about auditors. - */ -struct TALER_MINT_AuditorInformation -{ - /** - * Public key of the auditing institution. - */ - struct TALER_AuditorPublicKeyP auditor_pub; - - /** - * URL of the auditing institution. The application must check that - * this is an acceptable auditor for its purpose and also verify - * that the @a auditor_pub matches the auditor's public key given at - * that website. We expect that in practice software is going to - * often ship with an initial list of accepted auditors, just like - * browsers ship with a CA root store. - */ - const char *auditor_url; -}; - - /** * @brief Mint's signature key */ @@ -209,6 +187,42 @@ struct TALER_MINT_DenomPublicKey }; +/** + * Information we get from the mint about auditors. + */ +struct TALER_MINT_AuditorInformation +{ + /** + * Public key of the auditing institution. + */ + struct TALER_AuditorPublicKeyP auditor_pub; + + /** + * URL of the auditing institution. The application must check that + * this is an acceptable auditor for its purpose and also verify + * that the @a auditor_pub matches the auditor's public key given at + * that website. We expect that in practice software is going to + * often ship with an initial list of accepted auditors, just like + * browsers ship with a CA root store. + */ + const char *auditor_url; + + /** + * Number of denomination keys audited by this auditor. + */ + unsigned int num_denom_keys; + + /** + * Array of length @a denom_keys with the denomination + * keys audited by this auditor. Note that the array + * elements point to the same locations as the entries + * in the key's main `denom_keys` array. + */ + struct TALER_MINT_DenomPublicKey *const*denom_keys; +}; + + + /** * Information about keys from the mint. */ diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index eebddd2dd..4d7e83ec5 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -608,8 +608,9 @@ struct TALER_DenominationKeyValidityPS /** - * @brief Information about a denomination key. Denomination keys - * are used to sign coins of a certain value into existence. + * @brief Information signed by an auditor affirming + * the master public key and the denomination keys + * of a mint. */ struct TALER_MintKeyValidityPS { -- cgit v1.2.3