From 96b4c139ee9997f827e9559a186c9684a5978f4b Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Wed, 16 Dec 2020 12:56:35 +0100
Subject: add auditor-enable /-disable commands to taler-exchange-offline tool

---
 src/util/offline_signatures.c | 128 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 128 insertions(+)

(limited to 'src/util/offline_signatures.c')

diff --git a/src/util/offline_signatures.c b/src/util/offline_signatures.c
index be5783df4..7385f47ea 100644
--- a/src/util/offline_signatures.c
+++ b/src/util/offline_signatures.c
@@ -23,6 +23,134 @@
 #include "taler_signatures.h"
 
 
+/**
+ * Create auditor addition signature.
+ *
+ * @param auditor_pub public key of the auditor
+ * @param auditor_url URL of the auditor
+ * @param start_date when to enable the auditor (for replay detection)
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_auditor_add_sign (
+  const struct TALER_AuditorPublicKeyP *auditor_pub,
+  const char *auditor_url,
+  struct GNUNET_TIME_Absolute start_date,
+  const struct TALER_MasterPrivateKeyP *master_priv,
+  struct TALER_MasterSignatureP *master_sig)
+{
+  struct TALER_MasterAddAuditorPS kv = {
+    .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_ADD_AUDITOR),
+    .purpose.size = htonl (sizeof (kv)),
+    .start_date = GNUNET_TIME_absolute_hton (start_date),
+    .auditor_pub = *auditor_pub,
+  };
+
+  GNUNET_CRYPTO_hash (auditor_url,
+                      strlen (auditor_url) + 1,
+                      &kv.h_auditor_url);
+  GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
+                            &kv,
+                            &master_sig->eddsa_signature);
+}
+
+
+/**
+ * Verify auditor add signature.
+ *
+ * @param auditor_pub public key of the auditor
+ * @param auditor_url URL of the auditor
+ * @param start_date when to enable the auditor (for replay detection)
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+int
+TALER_exchange_offline_auditor_add_verify (
+  const struct TALER_AuditorPublicKeyP *auditor_pub,
+  const char *auditor_url,
+  struct GNUNET_TIME_Absolute start_date,
+  const struct TALER_MasterPublicKeyP *master_pub,
+  const struct TALER_MasterSignatureP *master_sig)
+{
+  struct TALER_MasterAddAuditorPS aa = {
+    .purpose.purpose = htonl (
+      TALER_SIGNATURE_MASTER_ADD_AUDITOR),
+    .purpose.size = htonl (sizeof (aa)),
+    .start_date = GNUNET_TIME_absolute_hton (start_date),
+    .auditor_pub = *auditor_pub
+  };
+
+  GNUNET_CRYPTO_hash (auditor_url,
+                      strlen (auditor_url) + 1,
+                      &aa.h_auditor_url);
+  return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_ADD_AUDITOR,
+                                     &aa,
+                                     &master_sig->eddsa_signature,
+                                     &master_pub->eddsa_pub);
+}
+
+
+/**
+ * Create auditor deletion signature.
+ *
+ * @param auditor_pub public key of the auditor
+ * @param end_date when to disable the auditor (for replay detection)
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_auditor_del_sign (
+  const struct TALER_AuditorPublicKeyP *auditor_pub,
+  struct GNUNET_TIME_Absolute end_date,
+  const struct TALER_MasterPrivateKeyP *master_priv,
+  struct TALER_MasterSignatureP *master_sig)
+{
+  struct TALER_MasterDelAuditorPS kv = {
+    .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DEL_AUDITOR),
+    .purpose.size = htonl (sizeof (kv)),
+    .end_date = GNUNET_TIME_absolute_hton (end_date),
+    .auditor_pub = *auditor_pub,
+  };
+
+  GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
+                            &kv,
+                            &master_sig->eddsa_signature);
+}
+
+
+/**
+ * Verify auditor del signature.
+ *
+ * @param auditor_pub public key of the auditor
+ * @param end_date when to disable the auditor (for replay detection)
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+int
+TALER_exchange_offline_auditor_del_verify (
+  const struct TALER_AuditorPublicKeyP *auditor_pub,
+  struct GNUNET_TIME_Absolute end_date,
+  const struct TALER_MasterPublicKeyP *master_pub,
+  const struct TALER_MasterSignatureP *master_sig)
+{
+  struct TALER_MasterDelAuditorPS da = {
+    .purpose.purpose = htonl (
+      TALER_SIGNATURE_MASTER_DEL_AUDITOR),
+    .purpose.size = htonl (sizeof (da)),
+    .end_date = GNUNET_TIME_absolute_hton (end_date),
+    .auditor_pub = *auditor_pub
+  };
+
+  return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DEL_AUDITOR,
+                                     &da,
+                                     &master_sig->eddsa_signature,
+                                     &master_pub->eddsa_pub);
+}
+
+
 void
 TALER_exchange_offline_denomination_revoke_sign (
   const struct GNUNET_HashCode *h_denom_pub,
-- 
cgit v1.2.3