From 8bdf6ab19df70c16d335ecf82f2c3b2117eeb70e Mon Sep 17 00:00:00 2001
From: Özgür Kesim <oec-taler@kesim.org>
Date: Wed, 16 Feb 2022 22:01:05 +0100
Subject: [age restriction] progress 14/n - withdraw and deposit

Age restriction support for
  - withdraw is done and tested
  - deposit is done and tested

TODOs:
  - melt/refresh/reveal
  - link

------

Added functions
 - TALER_age_restriction_commit
 - TALER_age_commitment_derive
 - TALER_age_commitment_hash
 - TALER_age_restriction_commitment_free_inside
 - Hash of age commitment passed around API boundaries

Exchangedb adjustments for denominations
 - all prepared statements re: denominations now handle age_mask
 - signature parameters adjusted

Hash and signature verification of /keys adjusted
 - Hashes of (normal) denominations and age-restricted denominations are
   calculated seperately
 - The hash of the age-restricted ones will then be added to the other
   hash
 - The total hash is signed/verified

Tests for withdraw with age restriction added
 - TALER_EXCHANGE_DenomPublickey now carries age_mask
 - TALER_TESTING_cmd_withdraw_amount* takes age parameter
 - TALER_TESTING_find_pk takes boolean age_restricted
 - WithdrawState carries age_commitment and its hash
 - withdraw_run derives new age commitment, if applicable
 - Added age parameter to testing (13 as example)

Various Fixes and changes
 - Fixes of post handler for /management/extensions
 - Fixes for offline tool extensions signing
 - Slight refactoring of extensions
 - Age restriction extension simplified
   - config is now global to extension
   - added global TEH_age_restriction_enabled and TEH_age_mask in
     taler-exchange-httpd
   - helper functions and macros introduced
---
 src/testing/testing_api_cmd_deposit.c | 27 ++++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

(limited to 'src/testing/testing_api_cmd_deposit.c')

diff --git a/src/testing/testing_api_cmd_deposit.c b/src/testing/testing_api_cmd_deposit.c
index b2fd7ddf1..d3fafc630 100644
--- a/src/testing/testing_api_cmd_deposit.c
+++ b/src/testing/testing_api_cmd_deposit.c
@@ -287,6 +287,8 @@ deposit_run (void *cls,
   const struct TALER_TESTING_Command *coin_cmd;
   const struct TALER_CoinSpendPrivateKeyP *coin_priv;
   struct TALER_CoinSpendPublicKeyP coin_pub;
+  struct TALER_AgeCommitment *age_commitment = NULL;
+  struct TALER_AgeCommitmentHash h_age_commitment = {0};
   const struct TALER_EXCHANGE_DenomPublicKey *denom_pub;
   const struct TALER_DenominationSignature *denom_pub_sig;
   struct TALER_CoinSpendSignatureP coin_sig;
@@ -382,6 +384,10 @@ deposit_run (void *cls,
         TALER_TESTING_get_trait_coin_priv (coin_cmd,
                                            ds->coin_index,
                                            &coin_priv)) ||
+       (GNUNET_OK !=
+        TALER_TESTING_get_trait_age_commitment (coin_cmd,
+                                                ds->coin_index,
+                                                &age_commitment)) ||
        (GNUNET_OK !=
         TALER_TESTING_get_trait_denom_pub (coin_cmd,
                                            ds->coin_index,
@@ -398,6 +404,12 @@ deposit_run (void *cls,
     TALER_TESTING_interpreter_fail (is);
     return;
   }
+
+  if (NULL != age_commitment)
+  {
+    TALER_age_commitment_hash (age_commitment, &h_age_commitment);
+  }
+
   ds->deposit_fee = denom_pub->fee_deposit;
   GNUNET_CRYPTO_eddsa_key_get_public (&coin_priv->eddsa_priv,
                                       &coin_pub.eddsa_pub);
@@ -431,7 +443,8 @@ deposit_run (void *cls,
                                &denom_pub->fee_deposit,
                                &h_wire,
                                &h_contract_terms,
-                               NULL, /* FIXME: extension hash! */
+                               &h_age_commitment,
+                               NULL, /* FIXME: add hash of extensions */
                                &denom_pub->h_key,
                                ds->wallet_timestamp,
                                &merchant_pub,
@@ -445,7 +458,8 @@ deposit_run (void *cls,
                                    payto_uri,
                                    &wire_salt,
                                    &h_contract_terms,
-                                   NULL, /* FIXME: extension object */
+                                   &h_age_commitment,
+                                   NULL, /* FIXME: add hash of extensions */
                                    &coin_pub,
                                    denom_pub_sig,
                                    &denom_pub->key,
@@ -520,6 +534,7 @@ deposit_traits (void *cls,
   const struct TALER_TESTING_Command *coin_cmd;
   /* Will point to coin cmd internals. */
   const struct TALER_CoinSpendPrivateKeyP *coin_spent_priv;
+  struct TALER_AgeCommitment *age_commitment;
 
   if (GNUNET_YES != ds->command_initialized)
   {
@@ -540,7 +555,11 @@ deposit_traits (void *cls,
   if (GNUNET_OK !=
       TALER_TESTING_get_trait_coin_priv (coin_cmd,
                                          ds->coin_index,
-                                         &coin_spent_priv))
+                                         &coin_spent_priv) ||
+      (GNUNET_OK !=
+       TALER_TESTING_get_trait_age_commitment (coin_cmd,
+                                               ds->coin_index,
+                                               &age_commitment)))
   {
     GNUNET_break (0);
     TALER_TESTING_interpreter_fail (ds->is);
@@ -555,6 +574,8 @@ deposit_traits (void *cls,
       /* These traits are always available */
       TALER_TESTING_make_trait_coin_priv (0,
                                           coin_spent_priv),
+      TALER_TESTING_make_trait_age_commitment (0,
+                                               age_commitment),
       TALER_TESTING_make_trait_wire_details (ds->wire_details),
       TALER_TESTING_make_trait_contract_terms (ds->contract_terms),
       TALER_TESTING_make_trait_merchant_priv (&ds->merchant_priv),
-- 
cgit v1.2.3