commit a10a8efbfa1e3f0d3b4b50ebe46c10076edc7e0c
parent 7327be4c29fad5fb6a82fb0ad3f662d784bcc162
Author: Matyja Lukas Adam <lukas.matyja@students.bfh.ch>
Date: Tue, 19 Dec 2023 00:44:37 +0100
[donau] some changes on keys
Diffstat:
4 files changed, 91 insertions(+), 441 deletions(-)
diff --git a/src/donau/donau-httpd.c b/src/donau/donau-httpd.c
@@ -71,14 +71,6 @@ static int allow_address_reuse;
const struct GNUNET_CONFIGURATION_Handle *DH_cfg;
/**
- * Configuration of age restriction
- *
- * Set after loading the library, enabled in database event handler.
- */
-bool DH_age_restriction_enabled = false;
-struct TALER_AgeRestrictionConfig DH_age_restriction_config = {0};
-
-/**
* Handle to the HTTP server.
*/
static struct MHD_Daemon *mhd;
diff --git a/src/donau/donau-httpd.h b/src/donau/donau-httpd.h
@@ -36,11 +36,6 @@
extern struct GNUNET_TIME_Relative DH_max_keys_caching;
/**
- * How long is the delay before we close reserves?
- */
-extern struct GNUNET_TIME_Relative DH_reserve_closing_delay;
-
-/**
* The donau's configuration.
*/
extern const struct GNUNET_CONFIGURATION_Handle *DH_cfg;
@@ -61,17 +56,12 @@ extern int DH_check_invariants_flag;
* as building new /keys responses is expensive. Should only be
* enabled for testcases, development and test systems.
*/
-extern int DH_allow_keys_timetravel;
+//extern int DH_allow_keys_timetravel;
/**
- * Option set to #GNUNET_YES if rewards are allowed.
+ * Main directory with data.
*/
-extern int DH_enable_rewards;
-
-/**
- * Main directory with revocation data.
- */
-extern char *DH_revocation_directory;
+//extern char *DH_revocation_directory;
/**
* True if we should commit suicide once all active
@@ -97,21 +87,6 @@ extern struct TALER_AttributeEncryptionKeyP DH_attribute_key;
extern struct DONAUDB_Plugin *DH_plugin;
/**
- * Absolute STEFAN parameter.
- */
-extern struct TALER_Amount DH_stefan_abs;
-
-/**
- * Logarithmic STEFAN parameter.
- */
-extern struct TALER_Amount DH_stefan_log;
-
-/**
- * Linear STEFAN parameter.
- */
-extern struct TALER_Amount DH_stefan_lin;
-
-/**
* Default number of fractional digits to render
* amounts with.
*/
@@ -123,18 +98,6 @@ extern unsigned int DH_currency_fraction_digits;
extern char *DH_currency;
/**
- * Name of the KYC-AML-trigger evaluation binary.
- */
-extern char *DH_kyc_aml_trigger;
-
-/**
- * What is the largest amount we allow a peer to
- * merge into a reserve before always triggering
- * an AML check?
- */
-extern struct TALER_Amount DH_aml_threshold;
-
-/**
* Our (externally visible) base URL.
*/
extern char *DH_base_url;
@@ -149,12 +112,6 @@ extern volatile bool MHD_terminating;
*/
extern struct GNUNET_CURL_Context *DH_curl_ctx;
-/*
- * Signature of the offline master key of all enabled extensions' configuration
- */
-extern struct TALER_MasterSignatureP DH_extensions_sig;
-extern bool DH_extensions_signed;
-
/**
* @brief Struct describing an URL and the handler for it.
*/
@@ -308,9 +265,4 @@ struct DH_RequestHandler
bool nargs_is_upper_bound;
};
-
-/* Age restriction configuration */
-extern bool DH_age_restriction_enabled;
-extern struct TALER_AgeRestrictionConfig DH_age_restriction_config;
-
#endif
diff --git a/src/donau/donau-httpd_keys.c b/src/donau/donau-httpd_keys.c
@@ -22,12 +22,10 @@
#include "taler/platform.h"
#include "taler/taler_json_lib.h"
#include "taler/taler_mhd_lib.h"
-#include "taler_kyclogic_lib.h"
-#include "taler_dbevents.h"
-#include "taler-donau-httpd.h"
-#include "taler-donau-httpd_config.h"
-#include "taler-donau-httpd_keys.h"
-#include "taler-donau-httpd_responses.h"
+#include "donau-httpd.h"
+//#include "donau-httpd_config.h"
+#include "donau-httpd_keys.h"
+#include "donau-httpd_responses.h"
#include "donaudb_plugin.h"
#include "taler/taler_extensions.h"
@@ -54,13 +52,13 @@ struct HelperDenomination
/**
* When will the helper start to use this key for signing?
*/
- struct GNUNET_TIME_Timestamp start_time;
+ //struct GNUNET_TIME_Timestamp start_time;
/**
* For how long will the helper allow signing? 0 if
* the key was revoked or purged.
*/
- struct GNUNET_TIME_Relative validity_duration;
+ //struct GNUNET_TIME_Relative validity_duration;
/**
* Hash of the full denomination key.
@@ -70,7 +68,7 @@ struct HelperDenomination
/**
* Signature over this key from the security module's key.
*/
- struct TALER_SecurityModuleSignatureP sm_sig;
+ struct TALER_SecurityModuleSignatureP sm_sig; // when to use the module key and when the master key?
/**
* The (full) public key.
@@ -107,29 +105,29 @@ struct HelperDenomination
/**
* Signatures of an auditor over a denomination key of this donau.
*/
-struct DH_AuditorSignature
-{
- /**
- * We store the signatures in a DLL.
- */
- struct DH_AuditorSignature *prev;
+// struct DH_AuditorSignature
+// {
+// /**
+// * We store the signatures in a DLL.
+// */
+// struct DH_AuditorSignature *prev;
- /**
- * We store the signatures in a DLL.
- */
- struct DH_AuditorSignature *next;
+// /**
+// * We store the signatures in a DLL.
+// */
+// struct DH_AuditorSignature *next;
- /**
- * A signature from the auditor.
- */
- struct TALER_AuditorSignatureP asig;
+// /**
+// * A signature from the auditor.
+// */
+// struct TALER_AuditorSignatureP asig;
- /**
- * Public key of the auditor.
- */
- struct TALER_AuditorPublicKeyP apub;
+// /**
+// * Public key of the auditor.
+// */
+// struct TALER_AuditorPublicKeyP apub;
-};
+// };
/**
@@ -140,13 +138,13 @@ struct HelperSignkey
/**
* When will the helper start to use this key for signing?
*/
- struct GNUNET_TIME_Timestamp start_time;
+ //struct GNUNET_TIME_Timestamp start_time;
/**
* For how long will the helper allow signing? 0 if
* the key was revoked or purged.
*/
- struct GNUNET_TIME_Relative validity_duration;
+ //struct GNUNET_TIME_Relative validity_duration;
/**
* The public key.
@@ -238,7 +236,7 @@ struct KeysResponseData
* The client's request must include this date or a higher one
* for this response to be applicable.
*/
- struct GNUNET_TIME_Timestamp cherry_pick_date;
+ struct GNUNET_TIME_Timestamp cherry_pick_date;
};
@@ -264,7 +262,7 @@ struct SigningKey
* The long-term offline master key's signature for this signing key.
* Signs over @e donau_pub and @e meta.
*/
- struct TALER_MasterSignatureP master_sig;
+ //struct TALER_MasterSignatureP master_sig;
};
@@ -285,28 +283,6 @@ struct DH_KeyStateHandle
struct GNUNET_CONTAINER_MultiPeerMap *signkey_map;
/**
- * Head of DLL of our global fees.
- */
- struct DH_GlobalFee *gf_head;
-
- /**
- * Tail of DLL of our global fees.
- */
- struct DH_GlobalFee *gf_tail;
-
- /**
- * json array with the auditors of this donau. Contains exactly
- * the information needed for the "auditors" field of the /keys response.
- */
- json_t *auditors;
-
- /**
- * json array with the global fees of this donau. Contains exactly
- * the information needed for the "global_fees" field of the /keys response.
- */
- json_t *global_fees;
-
- /**
* Sorted array of responses to /keys (MUST be sorted by cherry-picking date) of
* length @e krd_array_length;
*/
@@ -338,19 +314,19 @@ struct DH_KeyStateHandle
/**
* When did we initiate the key reloading?
*/
- struct GNUNET_TIME_Timestamp reload_time;
+ //struct GNUNET_TIME_Timestamp reload_time;
/**
* What is the period at which we rotate keys
* (signing or denomination keys)?
*/
- struct GNUNET_TIME_Relative rekey_frequency;
+ //struct GNUNET_TIME_Relative rekey_frequency;
/**
* When does our online signing key expire and we
* thus need to re-generate this response?
*/
- struct GNUNET_TIME_Timestamp signature_expires;
+ //struct GNUNET_TIME_Timestamp signature_expires;
/**
* True if #finish_keys_response() was not yet run and this key state
@@ -646,7 +622,7 @@ check_denom_rsa_sm_pub (const struct TALER_SecurityModulePublicKeyP *sm_pub)
"Our RSA security module changed its key. This must not happen.\n");
GNUNET_assert (0);
}
- denom_rsa_sm_pub = *sm_pub; /* TOFU ;-) */
+ denom_rsa_sm_pub = *sm_pub; /* TOFU ;-) Trust on first use?*/
}
}
@@ -1182,16 +1158,8 @@ static void
destroy_key_state (struct DH_KeyStateHandle *ksh,
bool free_helper)
{
- struct DH_GlobalFee *gf;
-
clear_response_cache (ksh);
- while (NULL != (gf = ksh->gf_head))
- {
- GNUNET_CONTAINER_DLL_remove (ksh->gf_head,
- ksh->gf_tail,
- gf);
- GNUNET_free (gf);
- }
+
GNUNET_CONTAINER_multihashmap_iterate (ksh->denomkey_map,
&clear_denomination_cb,
ksh);
@@ -1200,10 +1168,6 @@ destroy_key_state (struct DH_KeyStateHandle *ksh,
&clear_signkey_cb,
ksh);
GNUNET_CONTAINER_multipeermap_destroy (ksh->signkey_map);
- json_decref (ksh->auditors);
- ksh->auditors = NULL;
- json_decref (ksh->global_fees);
- ksh->global_fees = NULL;
if (free_helper)
{
destroy_key_helpers (ksh->helpers);
@@ -1316,7 +1280,7 @@ DH_keys_finished ()
* @param cls closure with a `struct DH_KeyStateHandle *`
* @param denom_pub public key of the denomination
* @param h_denom_pub hash of @a denom_pub
- * @param meta meta data information about the denomination type (value, expirations, fees)
+ * @param meta meta data information about the denomination type (value, year)
* @param master_sig master signature affirming the validity of this denomination
* @param recoup_possible true if the key was revoked and clients can currently recoup
* coins of this denomination
@@ -1341,7 +1305,6 @@ denomination_info_cb (
meta->expire_deposit,
meta->expire_legal,
&meta->value,
- &meta->fees,
&DH_master_public_key,
master_sig))
{
@@ -1901,12 +1864,6 @@ create_krd (struct DH_KeyStateHandle *ksh,
DH_currency),
GNUNET_JSON_pack_uint64 ("currency_fraction_digits",
DH_currency_fraction_digits),
- TALER_JSON_pack_amount ("stefan_abs",
- &DH_stefan_abs),
- TALER_JSON_pack_amount ("stefan_log",
- &DH_stefan_log),
- TALER_JSON_pack_amount ("stefan_lin",
- &DH_stefan_lin),
GNUNET_JSON_pack_string ("asset_type",
asset_type),
GNUNET_JSON_pack_bool ("rewards_allowed",
@@ -1926,15 +1883,8 @@ create_krd (struct DH_KeyStateHandle *ksh,
GNUNET_JSON_pack_array_incref ("accounts",
json_object_get (wsh->json_reply,
"accounts")),
- GNUNET_JSON_pack_object_incref ("wire_fees",
- json_object_get (wsh->json_reply,
- "fees")),
GNUNET_JSON_pack_array_incref ("denominations",
grouped_denominations),
- GNUNET_JSON_pack_array_incref ("auditors",
- ksh->auditors),
- GNUNET_JSON_pack_array_incref ("global_fees",
- ksh->global_fees),
GNUNET_JSON_pack_timestamp ("list_issue_date",
last_cherry_pick_date),
GNUNET_JSON_pack_data_auto ("eddsa_pub",
@@ -1945,23 +1895,6 @@ create_krd (struct DH_KeyStateHandle *ksh,
&grouped_donau_sig));
GNUNET_assert (NULL != keys);
- /* Set wallet limit if KYC is configured */
- {
- json_t *wblwk = NULL;
-
- TALER_KYCLOGIC_kyc_iterate_thresholds (
- TALER_KYCLOGIC_KYC_TRIGGER_WALLET_BALANCE,
- &wallet_threshold_cb,
- &wblwk);
- if (NULL != wblwk)
- GNUNET_assert (
- 0 ==
- json_object_set_new (
- keys,
- "wallet_balance_limit_without_kyc",
- wblwk));
- }
-
/* Signal support for the configured, enabled extensions. */
{
json_t *extensions = json_object ();
@@ -2235,7 +2168,7 @@ finish_keys_response (struct DH_KeyStateHandle *ksh)
last_cherry_pick_date = dk->meta.start;
/*
- * Group the denominations by {cipher, value, fees, age_mask}.
+ * Group the denominations by {cipher, value}.
*
* For each group we save the group meta-data and the list of
* denominations in this group as a json-blob in the multihashmap
@@ -2249,9 +2182,7 @@ finish_keys_response (struct DH_KeyStateHandle *ksh)
struct GNUNET_HashCode key;
struct TALER_DenominationGroup meta = {
.cipher = dk->denom_pub.cipher,
- .value = dk->meta.value,
- .fees = dk->meta.fees,
- .age_mask = dk->meta.age_mask,
+ .value = dk->meta.value
};
/* Search the group/JSON-blob for the key */
@@ -2282,8 +2213,6 @@ finish_keys_response (struct DH_KeyStateHandle *ksh)
group->json = GNUNET_JSON_PACK (
GNUNET_JSON_pack_string ("cipher",
cipher),
- TALER_JSON_PACK_DENOM_FEES ("fee",
- &meta.fees),
TALER_JSON_pack_amount ("value",
&meta.value));
GNUNET_assert (NULL != group->json);
@@ -2486,83 +2415,6 @@ CLEANUP:
/**
- * Called with information about global fees.
- *
- * @param cls `struct DH_KeyStateHandle *` we are building
- * @param fees the global fees we charge
- * @param purse_timeout when do purses time out
- * @param history_expiration how long are account histories preserved
- * @param purse_account_limit how many purses are free per account
- * @param start_date from when are these fees valid (start date)
- * @param end_date until when are these fees valid (end date, exclusive)
- * @param master_sig master key signature affirming that this is the correct
- * fee (of purpose #TALER_SIGNATURE_MASTER_GLOBAL_FEES)
- */
-static void
-global_fee_info_cb (
- void *cls,
- const struct TALER_GlobalFeeSet *fees,
- struct GNUNET_TIME_Relative purse_timeout,
- struct GNUNET_TIME_Relative history_expiration,
- uint32_t purse_account_limit,
- struct GNUNET_TIME_Timestamp start_date,
- struct GNUNET_TIME_Timestamp end_date,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct DH_KeyStateHandle *ksh = cls;
- struct DH_GlobalFee *gf;
-
- if (GNUNET_OK !=
- TALER_donau_offline_global_fee_verify (
- start_date,
- end_date,
- fees,
- purse_timeout,
- history_expiration,
- purse_account_limit,
- &DH_master_public_key,
- master_sig))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "Database has global fee with invalid signature. Skipping entry. Did the donau offline public key change?\n");
- return;
- }
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "Found global fees with %u purses\n",
- purse_account_limit);
- gf = GNUNET_new (struct DH_GlobalFee);
- gf->start_date = start_date;
- gf->end_date = end_date;
- gf->fees = *fees;
- gf->purse_timeout = purse_timeout;
- gf->history_expiration = history_expiration;
- gf->purse_account_limit = purse_account_limit;
- gf->master_sig = *master_sig;
- GNUNET_CONTAINER_DLL_insert (ksh->gf_head,
- ksh->gf_tail,
- gf);
- GNUNET_assert (
- 0 ==
- json_array_append_new (
- ksh->global_fees,
- GNUNET_JSON_PACK (
- GNUNET_JSON_pack_timestamp ("start_date",
- start_date),
- GNUNET_JSON_pack_timestamp ("end_date",
- end_date),
- TALER_JSON_PACK_GLOBAL_FEES (fees),
- GNUNET_JSON_pack_time_rel ("history_expiration",
- history_expiration),
- GNUNET_JSON_pack_time_rel ("purse_timeout",
- purse_timeout),
- GNUNET_JSON_pack_uint64 ("purse_account_limit",
- purse_account_limit),
- GNUNET_JSON_pack_data_auto ("master_sig",
- master_sig))));
-}
-
-
-/**
* Create a key state.
*
* @param[in] hs helper state to (re)use, NULL if not available
@@ -2602,20 +2454,9 @@ build_key_state (struct HelperState *hs,
true);
ksh->signkey_map = GNUNET_CONTAINER_multipeermap_create (32,
false /* MUST be false! */);
- ksh->auditors = json_array ();
- GNUNET_assert (NULL != ksh->auditors);
/* NOTE: fetches master-signed signkeys, but ALSO those that were revoked! */
GNUNET_break (GNUNET_OK ==
DH_plugin->preflight (DH_plugin->cls));
- if (NULL != ksh->global_fees)
- json_decref (ksh->global_fees);
- ksh->global_fees = json_array ();
- qs = DH_plugin->get_global_fees (DH_plugin->cls,
- &global_fee_info_cb,
- ksh);
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "Loading global fees from DB: %d\n",
- qs);
if (qs < 0)
{
GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR != qs);
@@ -2767,27 +2608,6 @@ DH_keys_get_state (void)
}
-const struct DH_GlobalFee *
-DH_keys_global_fee_by_time (
- struct DH_KeyStateHandle *ksh,
- struct GNUNET_TIME_Timestamp ts)
-{
- for (const struct DH_GlobalFee *gf = ksh->gf_head;
- NULL != gf;
- gf = gf->next)
- {
- if (GNUNET_TIME_timestamp_cmp (ts,
- >=,
- gf->start_date) &&
- GNUNET_TIME_timestamp_cmp (ts,
- <,
- gf->end_date))
- return gf;
- }
- return NULL;
-}
-
-
struct DH_DenominationKey *
DH_keys_denomination_by_hash (
const struct TALER_DenominationHashP *h_denom_pub,
@@ -3376,158 +3196,6 @@ DH_keys_get_handler (struct DH_RequestContext *rc,
/**
- * Load extension data, like fees, expiration times (!) and age restriction
- * flags for the denomination type configured in section @a section_name.
- * Before calling this function, the `start` and `validity_duration` times must
- * already be initialized in @a meta.
- *
- * @param section_name section in the configuration to use
- * @param[in,out] meta denomination type data to complete
- * @return #GNUNET_OK on success
- */
-static enum GNUNET_GenericReturnValue
-load_extension_data (const char *section_name,
- struct DONAUDB_DenominationKeyMetaData *meta)
-{
- struct GNUNET_TIME_Relative deposit_duration;
- struct GNUNET_TIME_Relative legal_duration;
-
- GNUNET_assert (! GNUNET_TIME_absolute_is_zero (meta->start.abs_time)); /* caller bug */
- if (GNUNET_OK !=
- GNUNET_CONFIGURATION_get_value_time (DH_cfg,
- section_name,
- "DURATION_SPEND",
- &deposit_duration))
- {
- GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
- section_name,
- "DURATION_SPEND");
- return GNUNET_SYSERR;
- }
- if (GNUNET_OK !=
- GNUNET_CONFIGURATION_get_value_time (DH_cfg,
- section_name,
- "DURATION_LEGAL",
- &legal_duration))
- {
- GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
- section_name,
- "DURATION_LEGAL");
- return GNUNET_SYSERR;
- }
- meta->expire_deposit
- = GNUNET_TIME_absolute_to_timestamp (
- GNUNET_TIME_absolute_add (meta->expire_withdraw.abs_time,
- deposit_duration));
- meta->expire_legal = GNUNET_TIME_absolute_to_timestamp (
- GNUNET_TIME_absolute_add (meta->expire_deposit.abs_time,
- legal_duration));
- if (GNUNET_OK !=
- TALER_config_get_amount (DH_cfg,
- section_name,
- "VALUE",
- &meta->value))
- {
- GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
- "Need amount for option `%s' in section `%s'\n",
- "VALUE",
- section_name);
- return GNUNET_SYSERR;
- }
- if (0 != strcasecmp (DH_currency,
- meta->value.currency))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "Need denomination value in section `%s' to use currency `%s'\n",
- section_name,
- DH_currency);
- return GNUNET_SYSERR;
- }
- if (GNUNET_OK !=
- TALER_config_get_denom_fees (DH_cfg,
- DH_currency,
- section_name,
- &meta->fees))
- return GNUNET_SYSERR;
- meta->age_mask = load_age_mask (section_name);
- return GNUNET_OK;
-}
-
-
-enum GNUNET_GenericReturnValue
-DH_keys_load_fees (struct DH_KeyStateHandle *ksh,
- const struct TALER_DenominationHashP *h_denom_pub,
- struct TALER_DenominationPublicKey *denom_pub,
- struct DONAUDB_DenominationKeyMetaData *meta)
-{
- struct HelperDenomination *hd;
- enum GNUNET_GenericReturnValue ok;
-
- hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys,
- &h_denom_pub->hash);
- if (NULL == hd)
- {
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Denomination %s not known\n",
- GNUNET_h2s (&h_denom_pub->hash));
- return GNUNET_NO;
- }
- meta->start = hd->start_time;
- meta->expire_withdraw = GNUNET_TIME_absolute_to_timestamp (
- GNUNET_TIME_absolute_add (meta->start.abs_time,
- hd->validity_duration));
- ok = load_extension_data (hd->section_name,
- meta);
- if (GNUNET_OK == ok)
- {
- GNUNET_assert (TALER_DENOMINATION_INVALID != hd->denom_pub.cipher);
- TALER_denom_pub_deep_copy (denom_pub,
- &hd->denom_pub);
- }
- else
- {
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "No fees for `%s', voiding key\n",
- hd->section_name);
- memset (denom_pub,
- 0,
- sizeof (*denom_pub));
- }
- return ok;
-}
-
-
-enum GNUNET_GenericReturnValue
-DH_keys_get_timing (const struct DONAU_DonauPublicKeyP *donau_pub,
- struct DONAUDB_SignkeyMetaData *meta)
-{
- struct DH_KeyStateHandle *ksh;
- struct HelperSignkey *hsk;
- struct GNUNET_PeerIdentity pid;
-
- ksh = DH_keys_get_state_for_management_only ();
- if (NULL == ksh)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
-
- pid.public_key = donau_pub->eddsa_pub;
- hsk = GNUNET_CONTAINER_multipeermap_get (ksh->helpers->esign_keys,
- &pid);
- meta->start = hsk->start_time;
-
- meta->expire_sign = GNUNET_TIME_absolute_to_timestamp (
- GNUNET_TIME_absolute_add (meta->start.abs_time,
- hsk->validity_duration));
- meta->expire_legal = GNUNET_TIME_absolute_to_timestamp (
- GNUNET_TIME_absolute_add (meta->expire_sign.abs_time,
- signkey_legal_duration));
- return GNUNET_OK;
-}
-
-
-/**
* Closure for #add_future_denomkey_cb and #add_future_signkey_cb.
*/
struct FutureBuilderContext
@@ -3581,13 +3249,6 @@ add_future_denomkey_cb (void *cls,
meta.expire_withdraw = GNUNET_TIME_absolute_to_timestamp (
GNUNET_TIME_absolute_add (meta.start.abs_time,
hd->validity_duration));
- if (GNUNET_OK !=
- load_extension_data (hd->section_name,
- &meta))
- {
- /* Woops, couldn't determine fee structure!? */
- return GNUNET_OK;
- }
GNUNET_assert (
0 ==
json_array_append_new (
@@ -3605,8 +3266,6 @@ add_future_denomkey_cb (void *cls,
meta.expire_legal),
TALER_JSON_pack_denom_pub ("denom_pub",
&hd->denom_pub),
- TALER_JSON_PACK_DENOM_FEES ("fee",
- &meta.fees),
GNUNET_JSON_pack_data_auto ("denom_secmod_sig",
&hd->sm_sig),
GNUNET_JSON_pack_string ("section_name",
diff --git a/src/donau/donau-httpd_keys.h b/src/donau/donau-httpd_keys.h
@@ -55,6 +55,56 @@ struct DH_DonationUnitKey
};
+/**
+ * Run internal invariant checks. For debugging.
+ */
+void
+DH_check_invariants (void);
+
+/**
+ * Look up the issue for a unit public key. Note that the result
+ * must only be used in this thread and only until another key or
+ * key state is resolved.
+ *
+ * @param h_unit_pub hash of donation_unit public key
+ * @param[in,out] conn used to return status message if NULL is returned
+ * @param[out] mret set to the MHD status if NULL is returned
+ * @return the donation_unit key issue,
+ * or NULL if @a h_unit_pub could not be found
+ */
+struct DH_DonationUnitKey *
+DH_keys_donation_unit_by_hash (
+ const struct DONAU_DonationUnitHashP *h_unit_pub,
+ struct MHD_Connection *conn,
+ MHD_RESULT *mret);
+
+
+/**
+ * Request to sign @a csd for melting.
+ *
+ * @param csd identifies data to blindly sign and key to sign with
+ * @param[out] bs set to the blind signature on success
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+DH_keys_donation_unit_sign (
+ const struct DONAU_BlindedUniqueDonationIdentifierKeyPair *csd,
+ struct DONAU_BlindedDonationUnitSignature *bs);
+
+
+/**
+ * Request to sign @a csds for melting.
+ *
+ * @param csds array with data to blindly sign (and keys to sign with)
+ * @param csds_length length of @a csds array
+ * @param[out] bss array set to the blind signature on success; must be of length @a csds_length
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+DH_keys_donation_unit_batch_sign (
+ unsigned int csds_length,
+ const struct DONAU_BlindedUniqueDonationIdentifierKeyPair csds[static csds_length],
+ struct DONAU_BlindedDonationUnitSignature bss[static csds_length]);
/**
* Information needed to derive the CS r_pub.
@@ -77,7 +127,6 @@ struct DH_CsDeriveData
* Request to derive CS @a r_pub using the donation unit and nonce from @a cdd.
*
* @param cdd data to compute @a r_pub from
- * @param for_melt true if this is for a melt operation
* @param[out] r_pub where to write the result
* @return #TALER_EC_NONE on success
*/
@@ -93,7 +142,6 @@ DH_keys_donation_unit_cs_r_pub (
*
* @param cdds array to compute @a r_pubs from
* @param cdds_length length of the @a cdds array
- * @param for_melt true if this is for a melt operation
* @param[out] r_pubs array where to write the result; must be of length @a cdds_length
* @return #DONAU_EC_NONE on success
*/
@@ -101,7 +149,6 @@ enum TALER_ErrorCode
DH_keys_donation_unit_cs_batch_r_pub (
const struct DH_CsDeriveData *cdds,
unsigned int cdds_length,
- bool for_melt,
struct GNUNET_CRYPTO_CSPublicRPairP *r_pubs);
/**
