commit a3c666dc9867f852fc3adf262aede52b54ea2c0f
parent 8569d8271cbad0811cb859c43780c3e2971731f7
Author: Christian Grothoff <christian@grothoff.org>
Date: Tue, 24 Oct 2023 10:42:56 +0200
towards building libtalerdonauutil
Diffstat:
13 files changed, 17 insertions(+), 5019 deletions(-)
diff --git a/contrib/Makefile.am b/contrib/Makefile.am
@@ -2,60 +2,3 @@
SUBDIRS = .
-tmplpkgdatadir = $(datadir)/taler/donau/templates/
-dist_tmplpkgdata_DATA = \
- persona-donau-unauthorized.en.must \
- persona-load-failure.en.must \
- persona-donau-unpaid.en.must \
- persona-logic-failure.en.must \
- persona-invalid-response.en.must \
- persona-network-timeout.en.must \
- persona-kyc-failed.en.must \
- persona-provider-failure.en.must
-
-termsdir=$(datadir)/taler/terms/
-terms_DATA = \
- donau-tos-v0.rst \
- donau-tos-bfh-v0.rst \
- donau-pp-v0.rst
-
-install-exec-local:
- find locale/ -name "*.po"
- mkdir -p $(DESTDIR)$(datadir)
- cp --parents -r $$(find locale/ -name "*.po") $(DESTDIR)$(datadir)
-
-rdatadir=$(datadir)/taler/donau
-rdata_DATA = \
- auditor-report.tex.j2
-
-bin_SCRIPTS = \
- taler-auditor-dbconfig \
- taler-donau-dbconfig \
- taler-terms-generator \
- taler-bank-manage-testing \
- taler-nexus-prepare
-
-edit_script = $(SED) -e 's,%termsdir%,$(termsdir),'g $(NULL)
-taler-terms-generator: taler-terms-generator.in
- rm -f $@ $@.tmp && \
- $(edit_script) $< >$@.tmp && \
- chmod a-w+x $@.tmp && \
- mv $@.tmp $@
-
-CLEANFILES = \
- taler-terms-generator
-
-EXTRA_DIST = \
- locale/de/LC_MESSAGES/donau-tos-v0.po \
- taler-bank-manage-testing \
- taler-nexus-prepare \
- taler-terms-generator.in \
- gana-generate.sh \
- gana/gnu-taler-error-codes/registry.rec \
- gana/gnu-taler-error-codes/Makefile \
- $(terms_DATA) \
- $(rdata_DATA) \
- coverage.sh \
- gnunet.tag \
- microhttpd.tag \
- packages
diff --git a/src/include/Makefile.am b/src/include/Makefile.am
@@ -2,35 +2,7 @@
talerincludedir = $(includedir)/taler
talerinclude_HEADERS = \
- platform.h gettext.h \
- taler_auditor_service.h \
- taler_amount_lib.h \
- taler_attributes.h \
- taler_auditordb_lib.h \
- taler_auditordb_plugin.h \
- taler_bank_service.h \
- taler_crypto_lib.h \
- taler_curl_lib.h \
- taler_dbevents.h \
- taler_error_codes.h \
taler_donau_service.h \
taler_donaudb_lib.h \
- taler_donaudb_plugin.h \
- taler_extensions.h \
- taler_extensions_policy.h \
- taler_fakebank_lib.h \
- taler_kyclogic_lib.h \
- taler_kyclogic_plugin.h \
- taler_json_lib.h \
- taler_testing_lib.h \
- taler_util.h \
- taler_mhd_lib.h \
- taler_pq_lib.h \
- taler_signatures.h \
- taler_sq_lib.h \
- taler_templating_lib.h \
- taler_twister_testing_lib.h
+ taler_donaudb_plugin.h
-EXTRA_DIST = \
- backoff.h \
- gauger.h
diff --git a/src/util/Makefile.am b/src/util/Makefile.am
@@ -9,105 +9,15 @@ endif
pkgcfgdir = $(prefix)/share/taler/config.d/
-pkgcfg_DATA = \
- paths.conf \
- taler-donau-secmod-eddsa.conf \
- taler-donau-secmod-rsa.conf \
- taler-donau-secmod-cs.conf
-
-EXTRA_DIST = \
- $(pkgcfg_DATA) \
- taler-config.in \
- test_helper_eddsa.conf \
- test_helper_rsa.conf \
- test_helper_cs.conf \
- test_conversion.sh
-
-bin_PROGRAMS = \
- taler-donau-secmod-eddsa \
- taler-donau-secmod-rsa \
- taler-donau-secmod-cs
-
-bin_SCRIPTS = \
- taler-config
-
-edit_script = $(SED) -e 's,%libdir%,$(libdir),'g $(NULL)
-
-taler-config: taler-config.in
- rm -f $@ $@.tmp && \
- $(edit_script) $< >$@.tmp && \
- chmod a-w+x $@.tmp && \
- mv $@.tmp $@
-
-CLEANFILES = \
- taler-config
-
-taler_donau_secmod_rsa_SOURCES = \
- taler-donau-secmod-rsa.c taler-donau-secmod-rsa.h \
- secmod_common.c secmod_common.h
-taler_donau_secmod_rsa_LDADD = \
- libtalerutil.la \
- -lgnunetutil \
- -lpthread \
- $(LIBGCRYPT_LIBS) \
- $(XLIB)
-
-taler_donau_secmod_cs_SOURCES = \
- taler-donau-secmod-cs.c taler-donau-secmod-cs.h \
- secmod_common.c secmod_common.h
-taler_donau_secmod_cs_LDADD = \
- libtalerutil.la \
- -lgnunetutil \
- -lpthread \
- $(LIBGCRYPT_LIBS) \
- $(XLIB)
-
-taler_donau_secmod_eddsa_SOURCES = \
- taler-donau-secmod-eddsa.c taler-donau-secmod-eddsa.h \
- secmod_common.c secmod_common.h
-taler_donau_secmod_eddsa_LDADD = \
- libtalerutil.la \
- -lgnunetutil \
- -lpthread \
- $(LIBGCRYPT_LIBS) \
- $(XLIB)
-
lib_LTLIBRARIES = \
- libtalerutil.la
+ libtalerdonauutil.la
-libtalerutil_la_SOURCES = \
- age_restriction.c \
- amount.c \
- aml_signatures.c \
- auditor_signatures.c \
- config.c \
- conversion.c \
- crypto.c \
- crypto_confirmation.c \
- crypto_contract.c \
- crypto_helper_common.c crypto_helper_common.h \
- crypto_helper_rsa.c \
- crypto_helper_cs.c \
- crypto_helper_esign.c \
- crypto_wire.c \
- denom.c \
- donau_signatures.c \
- getopt.c \
- lang.c \
- iban.c \
+libtalerdonauutil_la_SOURCES = \
charity_signatures.c \
- mhd.c \
- offline_signatures.c \
- payto.c \
- secmod_signatures.c \
- taler_error_codes.c \
- url.c \
- util.c \
- wallet_signatures.c \
- yna.c \
- os_installation.c
+ donau_signatures.c
-libtalerutil_la_LIBADD = \
+libtalerdonauutil_la_LIBADD = \
+ -ltalerutil \
-lgnunetutil \
-lgnunetjson \
-lsodium \
@@ -117,80 +27,22 @@ libtalerutil_la_LIBADD = \
-lz \
-lm
-libtalerutil_la_LDFLAGS = \
+libtalerdonauutil_la_LDFLAGS = \
-version-info 0:0:0 \
-no-undefined
-
AM_TESTS_ENVIRONMENT=export TALER_PREFIX=$${TALER_PREFIX:-@libdir@};export PATH=$${TALER_PREFIX:-@prefix@}/bin:$$PATH;
check_PROGRAMS = \
- test_age_restriction \
- test_amount \
- test_conversion \
- test_crypto \
- test_helper_eddsa \
- test_helper_rsa \
- test_helper_cs \
- test_payto \
- test_url
+ test_crypto
TESTS = \
$(check_PROGRAMS)
-test_age_restriction_SOURCES = \
- test_age_restriction.c
-test_age_restriction_LDADD = \
- -lgnunetutil \
- libtalerutil.la
-
-test_conversion_SOURCES = \
- test_conversion.c
-test_conversion_LDADD = \
- -lgnunetjson \
- -lgnunetutil \
- -ljansson \
- libtalerutil.la
-
-test_amount_SOURCES = \
- test_amount.c
-test_amount_LDADD = \
- -lgnunetutil \
- libtalerutil.la
-
test_crypto_SOURCES = \
test_crypto.c
test_crypto_LDADD = \
- libtalerutil.la \
- -lgnunetutil \
- -ljansson
+ libtalerdonauutil.la \
+ -ltalerutil \
+ -lgnunetutil
-test_payto_SOURCES = \
- test_payto.c
-test_payto_LDADD = \
- -lgnunetutil \
- libtalerutil.la
-
-test_helper_eddsa_SOURCES = \
- test_helper_eddsa.c
-test_helper_eddsa_LDADD = \
- -lgnunetutil \
- libtalerutil.la
-
-test_helper_rsa_SOURCES = \
- test_helper_rsa.c
-test_helper_rsa_LDADD = \
- -lgnunetutil \
- libtalerutil.la
-
-test_helper_cs_SOURCES = \
- test_helper_cs.c
-test_helper_cs_LDADD = \
- -lgnunetutil \
- libtalerutil.la
-
-test_url_SOURCES = \
- test_url.c
-test_url_LDADD = \
- -lgnunetutil \
- libtalerutil.la
diff --git a/src/util/charity_signatures.c b/src/util/charity_signatures.c
@@ -18,9 +18,8 @@
* @brief Utility functions for Taler charity signatures
* @author Christian Grothoff
*/
-#include "platform.h"
-#include "taler_util.h"
-#include "taler_signatures.h"
+#include <taler/taler_util.h>
+#include <taler/taler_signatures.h>
GNUNET_NETWORK_STRUCT_BEGIN
@@ -225,8 +224,8 @@ TALER_charity_wire_signature_check (
};
TALER_charity_wire_signature_hash (payto_uri,
- salt,
- &wd.h_wire_details);
+ salt,
+ &wd.h_wire_details);
return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_CHARITY_WIRE_DETAILS,
&wd,
&merch_sig->eddsa_sig,
@@ -247,8 +246,8 @@ TALER_charity_wire_signature_make (
};
TALER_charity_wire_signature_hash (payto_uri,
- salt,
- &wd.h_wire_details);
+ salt,
+ &wd.h_wire_details);
GNUNET_CRYPTO_eddsa_sign (&merch_priv->eddsa_priv,
&wd,
&merch_sig->eddsa_sig);
diff --git a/src/util/conversion.c b/src/util/conversion.c
@@ -1,405 +0,0 @@
-/*
- This file is part of TALER
- Copyright (C) 2023 Taler Systems SA
-
- TALER is free software; you can redistribute it and/or modify it under the
- terms of the GNU General Public License as published by the Free Software
- Foundation; either version 3, or (at your option) any later version.
-
- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
- WARRANTY; without even the implied warranty of CHARITYABILITY or FITNESS FOR
- A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along with
- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
-*/
-/**
- * @file conversion.c
- * @brief helper routines to run some external JSON-to-JSON converter
- * @author Christian Grothoff
- */
-#include "platform.h"
-#include "taler_util.h"
-#include <gnunet/gnunet_util_lib.h>
-
-
-struct TALER_JSON_ExternalConversion
-{
- /**
- * Callback to call with the result.
- */
- TALER_JSON_JsonCallback cb;
-
- /**
- * Closure for @e cb.
- */
- void *cb_cls;
-
- /**
- * Handle to the helper process.
- */
- struct GNUNET_OS_Process *helper;
-
- /**
- * Pipe for the stdin of the @e helper.
- */
- struct GNUNET_DISK_FileHandle *chld_stdin;
-
- /**
- * Pipe for the stdout of the @e helper.
- */
- struct GNUNET_DISK_FileHandle *chld_stdout;
-
- /**
- * Handle to wait on the child to terminate.
- */
- struct GNUNET_ChildWaitHandle *cwh;
-
- /**
- * Task to read JSON output from the child.
- */
- struct GNUNET_SCHEDULER_Task *read_task;
-
- /**
- * Task to send JSON input to the child.
- */
- struct GNUNET_SCHEDULER_Task *write_task;
-
- /**
- * Buffer with data we need to send to the helper.
- */
- void *write_buf;
-
- /**
- * Buffer for reading data from the helper.
- */
- void *read_buf;
-
- /**
- * Total length of @e write_buf.
- */
- size_t write_size;
-
- /**
- * Current write position in @e write_buf.
- */
- size_t write_pos;
-
- /**
- * Current size of @a read_buf.
- */
- size_t read_size;
-
- /**
- * Current offset in @a read_buf.
- */
- size_t read_pos;
-
-};
-
-
-/**
- * Function called when we can read more data from
- * the child process.
- *
- * @param cls our `struct TALER_JSON_ExternalConversion *`
- */
-static void
-read_cb (void *cls)
-{
- struct TALER_JSON_ExternalConversion *ec = cls;
-
- ec->read_task = NULL;
- while (1)
- {
- ssize_t ret;
-
- if (ec->read_size == ec->read_pos)
- {
- /* Grow input buffer */
- size_t ns;
- void *tmp;
-
- ns = GNUNET_MAX (2 * ec->read_size,
- 1024);
- if (ns > GNUNET_MAX_MALLOC_CHECKED)
- ns = GNUNET_MAX_MALLOC_CHECKED;
- if (ec->read_size == ns)
- {
- /* Helper returned more than 40 MB of data! Stop reading! */
- GNUNET_break (0);
- GNUNET_break (GNUNET_OK ==
- GNUNET_DISK_file_close (ec->chld_stdin));
- return;
- }
- tmp = GNUNET_malloc_large (ns);
- if (NULL == tmp)
- {
- /* out of memory, also stop reading */
- GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
- "malloc");
- GNUNET_break (GNUNET_OK ==
- GNUNET_DISK_file_close (ec->chld_stdin));
- return;
- }
- GNUNET_memcpy (tmp,
- ec->read_buf,
- ec->read_pos);
- GNUNET_free (ec->read_buf);
- ec->read_buf = tmp;
- ec->read_size = ns;
- }
- ret = GNUNET_DISK_file_read (ec->chld_stdout,
- ec->read_buf,
- ec->read_size - ec->read_pos);
- if (ret < 0)
- {
- if ( (EAGAIN != errno) &&
- (EWOULDBLOCK != errno) &&
- (EINTR != errno) )
- {
- GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
- "read");
- return;
- }
- break;
- }
- if (0 == ret)
- {
- /* regular end of stream, good! */
- return;
- }
- GNUNET_assert (ec->read_size >= ec->read_pos + ret);
- ec->read_pos += ret;
- }
- ec->read_task
- = GNUNET_SCHEDULER_add_read_file (
- GNUNET_TIME_UNIT_FOREVER_REL,
- ec->chld_stdout,
- &read_cb,
- ec);
-}
-
-
-/**
- * Function called when we can write more data to
- * the child process.
- *
- * @param cls our `struct TALER_JSON_ExternalConversion *`
- */
-static void
-write_cb (void *cls)
-{
- struct TALER_JSON_ExternalConversion *ec = cls;
- ssize_t ret;
-
- ec->write_task = NULL;
- while (ec->write_size > ec->write_pos)
- {
- ret = GNUNET_DISK_file_write (ec->chld_stdin,
- ec->write_buf + ec->write_pos,
- ec->write_size - ec->write_pos);
- if (ret < 0)
- {
- if ( (EAGAIN != errno) &&
- (EINTR != errno) )
- GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
- "write");
- break;
- }
- if (0 == ret)
- {
- GNUNET_break (0);
- break;
- }
- GNUNET_assert (ec->write_size >= ec->write_pos + ret);
- ec->write_pos += ret;
- }
- if ( (ec->write_size > ec->write_pos) &&
- ( (EAGAIN == errno) ||
- (EWOULDBLOCK == errno) ||
- (EINTR == errno) ) )
- {
- ec->write_task
- = GNUNET_SCHEDULER_add_write_file (
- GNUNET_TIME_UNIT_FOREVER_REL,
- ec->chld_stdin,
- &write_cb,
- ec);
- }
- else
- {
- GNUNET_break (GNUNET_OK ==
- GNUNET_DISK_file_close (ec->chld_stdin));
- ec->chld_stdin = NULL;
- }
-}
-
-
-/**
- * Defines a GNUNET_ChildCompletedCallback which is sent back
- * upon death or completion of a child process.
- *
- * @param cls handle for the callback
- * @param type type of the process
- * @param exit_code status code of the process
- *
- */
-static void
-child_done_cb (void *cls,
- enum GNUNET_OS_ProcessStatusType type,
- long unsigned int exit_code)
-{
- struct TALER_JSON_ExternalConversion *ec = cls;
- json_t *j = NULL;
- json_error_t err;
-
- ec->cwh = NULL;
- if (NULL != ec->read_task)
- {
- GNUNET_SCHEDULER_cancel (ec->read_task);
- /* We could get the process termination notification before having drained
- the read buffer. So drain it now, just in case. */
- read_cb (ec);
- }
- if (NULL != ec->read_task)
- {
- GNUNET_SCHEDULER_cancel (ec->read_task);
- ec->read_task = NULL;
- }
- GNUNET_OS_process_destroy (ec->helper);
- ec->helper = NULL;
- if (0 != ec->read_pos)
- {
- j = json_loadb (ec->read_buf,
- ec->read_pos,
- JSON_REJECT_DUPLICATES,
- &err);
- if (NULL == j)
- {
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Failed to parse JSON from helper at %d: %s\n",
- err.position,
- err.text);
- }
- }
- ec->cb (ec->cb_cls,
- type,
- exit_code,
- j);
- json_decref (j);
- TALER_JSON_external_conversion_stop (ec);
-}
-
-
-struct TALER_JSON_ExternalConversion *
-TALER_JSON_external_conversion_start (const json_t *input,
- TALER_JSON_JsonCallback cb,
- void *cb_cls,
- const char *binary,
- ...)
-{
- struct TALER_JSON_ExternalConversion *ec;
- struct GNUNET_DISK_PipeHandle *pipe_stdin;
- struct GNUNET_DISK_PipeHandle *pipe_stdout;
- va_list ap;
-
- ec = GNUNET_new (struct TALER_JSON_ExternalConversion);
- ec->cb = cb;
- ec->cb_cls = cb_cls;
- pipe_stdin = GNUNET_DISK_pipe (GNUNET_DISK_PF_BLOCKING_READ);
- GNUNET_assert (NULL != pipe_stdin);
- pipe_stdout = GNUNET_DISK_pipe (GNUNET_DISK_PF_BLOCKING_WRITE);
- GNUNET_assert (NULL != pipe_stdout);
- va_start (ap,
- binary);
- ec->helper = GNUNET_OS_start_process_va (GNUNET_OS_INHERIT_STD_ERR,
- pipe_stdin,
- pipe_stdout,
- NULL,
- binary,
- ap);
- va_end (ap);
- if (NULL == ec->helper)
- {
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Failed to run conversion helper `%s'\n",
- binary);
- GNUNET_break (GNUNET_OK ==
- GNUNET_DISK_pipe_close (pipe_stdin));
- GNUNET_break (GNUNET_OK ==
- GNUNET_DISK_pipe_close (pipe_stdout));
- GNUNET_free (ec);
- return NULL;
- }
- ec->chld_stdin =
- GNUNET_DISK_pipe_detach_end (pipe_stdin,
- GNUNET_DISK_PIPE_END_WRITE);
- ec->chld_stdout =
- GNUNET_DISK_pipe_detach_end (pipe_stdout,
- GNUNET_DISK_PIPE_END_READ);
- GNUNET_break (GNUNET_OK ==
- GNUNET_DISK_pipe_close (pipe_stdin));
- GNUNET_break (GNUNET_OK ==
- GNUNET_DISK_pipe_close (pipe_stdout));
- ec->write_buf = json_dumps (input, JSON_COMPACT);
- ec->write_size = strlen (ec->write_buf);
- ec->read_task
- = GNUNET_SCHEDULER_add_read_file (GNUNET_TIME_UNIT_FOREVER_REL,
- ec->chld_stdout,
- &read_cb,
- ec);
- ec->write_task
- = GNUNET_SCHEDULER_add_write_file (GNUNET_TIME_UNIT_FOREVER_REL,
- ec->chld_stdin,
- &write_cb,
- ec);
- ec->cwh = GNUNET_wait_child (ec->helper,
- &child_done_cb,
- ec);
- return ec;
-}
-
-
-void
-TALER_JSON_external_conversion_stop (
- struct TALER_JSON_ExternalConversion *ec)
-{
- if (NULL != ec->cwh)
- {
- GNUNET_wait_child_cancel (ec->cwh);
- ec->cwh = NULL;
- }
- if (NULL != ec->helper)
- {
- GNUNET_break (0 ==
- GNUNET_OS_process_kill (ec->helper,
- SIGKILL));
- GNUNET_OS_process_destroy (ec->helper);
- }
- if (NULL != ec->read_task)
- {
- GNUNET_SCHEDULER_cancel (ec->read_task);
- ec->read_task = NULL;
- }
- if (NULL != ec->write_task)
- {
- GNUNET_SCHEDULER_cancel (ec->write_task);
- ec->write_task = NULL;
- }
- if (NULL != ec->chld_stdin)
- {
- GNUNET_break (GNUNET_OK ==
- GNUNET_DISK_file_close (ec->chld_stdin));
- ec->chld_stdin = NULL;
- }
- if (NULL != ec->chld_stdout)
- {
- GNUNET_break (GNUNET_OK ==
- GNUNET_DISK_file_close (ec->chld_stdout));
- ec->chld_stdout = NULL;
- }
- GNUNET_free (ec->read_buf);
- free (ec->write_buf);
- GNUNET_free (ec);
-}
diff --git a/src/util/crypto_confirmation.c b/src/util/crypto_confirmation.c
@@ -1,286 +0,0 @@
-/*
- This file is part of TALER
- Copyright (C) 2023 Taler Systems SA
-
- TALER is free software; you can redistribute it and/or modify it under the
- terms of the GNU General Public License as published by the Free Software
- Foundation; either version 3, or (at your option) any later version.
-
- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
- WARRANTY; without even the implied warranty of CHARITYABILITY or FITNESS FOR
- A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along with
- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
-*/
-/**
- * @file util/crypto_confirmation.c
- * @brief confirmation computation
- * @author Christian Grothoff
- * @author Priscilla Huang
- */
-#include "platform.h"
-#include "taler_util.h"
-#include "taler_mhd_lib.h"
-#include <gnunet/gnunet_db_lib.h>
-#include <gcrypt.h>
-
-/**
- * How long is a TOTP code valid?
- */
-#define TOTP_VALIDITY_PERIOD GNUNET_TIME_relative_multiply ( \
- GNUNET_TIME_UNIT_SECONDS, 30)
-
-/**
- * Range of time we allow (plus-minus).
- */
-#define TIME_INTERVAL_RANGE 2
-
-
-/**
- * Compute TOTP code at current time with offset
- * @a time_off for the @a key.
- *
- * @param ts current time
- * @param time_off offset to apply when computing the code
- * @param key pos_key in binary
- * @param key_size number of bytes in @a key
- */
-static uint64_t
-compute_totp (struct GNUNET_TIME_Timestamp ts,
- int time_off,
- const void *key,
- size_t key_size)
-{
- struct GNUNET_TIME_Absolute now;
- time_t t;
- uint64_t ctr;
- uint8_t hmac[20]; /* SHA1: 20 bytes */
-
- now = ts.abs_time;
- while (time_off < 0)
- {
- now = GNUNET_TIME_absolute_subtract (now,
- TOTP_VALIDITY_PERIOD);
- time_off++;
- }
- while (time_off > 0)
- {
- now = GNUNET_TIME_absolute_add (now,
- TOTP_VALIDITY_PERIOD);
- time_off--;
- }
- t = now.abs_value_us / GNUNET_TIME_UNIT_SECONDS.rel_value_us;
- ctr = GNUNET_htonll (t / 30LLU);
-
- {
- gcry_md_hd_t md;
- const unsigned char *mc;
-
- GNUNET_assert (GPG_ERR_NO_ERROR ==
- gcry_md_open (&md,
- GCRY_MD_SHA1,
- GCRY_MD_FLAG_HMAC));
- gcry_md_setkey (md,
- key,
- key_size);
- gcry_md_write (md,
- &ctr,
- sizeof (ctr));
- mc = gcry_md_read (md,
- GCRY_MD_SHA1);
- GNUNET_assert (NULL != mc);
- GNUNET_memcpy (hmac,
- mc,
- sizeof (hmac));
- gcry_md_close (md);
- }
-
- {
- uint32_t code = 0;
- int offset;
-
- offset = hmac[sizeof (hmac) - 1] & 0x0f;
- for (int count = 0; count < 4; count++)
- code |= ((uint32_t) hmac[offset + 3 - count]) << (8 * count);
- code &= 0x7fffffff;
- /* always use 8 digits (maximum) */
- code = code % 100000000;
- return code;
- }
-}
-
-
-/**
- * Compute RFC 3548 base32 decoding of @a val and write
- * result to @a udata.
- *
- * @param val value to decode
- * @param val_size number of bytes in @a val
- * @param key is the val in bits
- * @param key_len is the size of @a key
- */
-static int
-base32decode (const char *val,
- size_t val_size,
- void *key,
- size_t key_len)
-{
- /**
- * 32 characters for decoding, using RFC 3548.
- */
- static const char *decTable__ = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
- unsigned char *udata = key;
- unsigned int wpos = 0;
- unsigned int rpos = 0;
- unsigned int bits = 0;
- unsigned int vbit = 0;
-
- while ((rpos < val_size) || (vbit >= 8))
- {
- if ((rpos < val_size) && (vbit < 8))
- {
- char c = val[rpos++];
- if (c == '=') // padding character
- {
- break;
- }
- const char *p = strchr (decTable__, toupper (c));
- if (! p)
- { // invalid character
- return -1;
- }
- bits = (bits << 5) | (p - decTable__);
- vbit += 5;
- }
- if (vbit >= 8)
- {
- udata[wpos++] = (bits >> (vbit - 8)) & 0xFF;
- vbit -= 8;
- }
- }
- return wpos;
-}
-
-
-/**
- * @brief Builds POS confirmation to verify payment.
- *
- * @param h_key opaque key for the totp operation
- * @param h_key_len size of h_key in bytes
- * @param ts current time
- * @return Token on success, NULL of failure
- */
-static char *
-executive_totp (void *h_key,
- size_t h_key_len,
- struct GNUNET_TIME_Timestamp ts)
-{
- uint64_t code; /* totp code */
- char *ret;
- ret = NULL;
-
- for (int i = -TIME_INTERVAL_RANGE; i<= TIME_INTERVAL_RANGE; i++)
- {
- code = compute_totp (ts,
- i,
- h_key,
- h_key_len);
- if (NULL == ret)
- {
- GNUNET_asprintf (&ret,
- "%08llu",
- (unsigned long long) code);
- }
- else
- {
- char *tmp;
-
- GNUNET_asprintf (&tmp,
- "%s\n%08llu",
- ret,
- (unsigned long long) code);
- GNUNET_free (ret);
- ret = tmp;
- }
- }
- return ret;
-
-}
-
-
-char *
-TALER_build_pos_confirmation (const char *pos_key,
- enum TALER_CharityConfirmationAlgorithm pos_alg,
- const struct TALER_Amount *total,
- struct GNUNET_TIME_Timestamp ts)
-{
- size_t pos_key_length = strlen (pos_key);
- void *key; /* pos_key in binary */
- size_t key_len; /* length of the key */
- char *ret;
- int dret;
-
- if (TALER_MCA_NONE == pos_alg)
- return NULL;
- key_len = pos_key_length * 5 / 8;
- key = GNUNET_malloc (key_len);
- dret = base32decode (pos_key,
- pos_key_length,
- key,
- key_len);
- if (-1 == dret)
- {
- GNUNET_free (key);
- GNUNET_break_op (0);
- return NULL;
- }
- GNUNET_assert (dret <= key_len);
- key_len = (size_t) dret;
- switch (pos_alg)
- {
- case TALER_MCA_NONE:
- GNUNET_break (0);
- GNUNET_free (key);
- return NULL;
- case TALER_MCA_WITHOUT_PRICE: /* and 30s */
- /* Return all T-OTP codes in range separated by new lines, e.g.
- "12345678
- 24522552
- 25262425
- 42543525
- 25253552"
- */
- ret = executive_totp (key,
- key_len,
- ts);
- GNUNET_free (key);
- return ret;
- case TALER_MCA_WITH_PRICE:
- {
- struct GNUNET_HashCode hkey;
- struct TALER_AmountNBO ntotal;
-
- TALER_amount_hton (&ntotal,
- total);
- GNUNET_assert (GNUNET_YES ==
- GNUNET_CRYPTO_kdf (&hkey,
- sizeof (hkey),
- &ntotal,
- sizeof (ntotal),
- key,
- key_len,
- NULL,
- 0));
- GNUNET_free (key);
- ret = executive_totp (&hkey,
- sizeof(hkey),
- ts);
- GNUNET_free (key);
- return ret;
- }
- }
- GNUNET_free (key);
- GNUNET_break (0);
- return NULL;
-}
diff --git a/src/util/crypto_contract.c b/src/util/crypto_contract.c
@@ -1,661 +0,0 @@
-/*
- This file is part of TALER
- Copyright (C) 2022 Taler Systems SA
-
- TALER is free software; you can redistribute it and/or modify it under the
- terms of the GNU General Public License as published by the Free Software
- Foundation; either version 3, or (at your option) any later version.
-
- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
- WARRANTY; without even the implied warranty of CHARITYABILITY or FITNESS FOR
- A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along with
- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
-*/
-/**
- * @file util/crypto_contract.c
- * @brief functions for encrypting and decrypting contracts for P2P payments
- * @author Christian Grothoff <christian@grothoff.org>
- */
-#include "platform.h"
-#include "taler_util.h"
-#include <zlib.h>
-#include "taler_donau_service.h"
-
-
-/**
- * Different types of contracts supported.
- */
-enum ContractFormats
-{
- /**
- * The encrypted contract represents a payment offer. The receiver
- * can merge it into a reserve/account to accept the contract and
- * obtain the payment.
- */
- TALER_DONAU_CONTRACT_PAYMENT_OFFER = 0,
-
- /**
- * The encrypted contract represents a payment request.
- */
- TALER_DONAU_CONTRACT_PAYMENT_REQUEST = 1
-};
-
-
-/**
- * Nonce used for encryption, 24 bytes.
- */
-struct NonceP
-{
- uint8_t nonce[crypto_secretbox_NONCEBYTES];
-};
-
-/**
- * Specifies a key used for symmetric encryption, 32 bytes.
- */
-struct SymKeyP
-{
- uint32_t key[8];
-};
-
-
-/**
- * Compute @a key.
- *
- * @param key_material key for calculation
- * @param key_m_len length of key
- * @param nonce nonce for calculation
- * @param salt salt value for calculation
- * @param[out] key where to write the en-/description key
- */
-static void
-derive_key (const void *key_material,
- size_t key_m_len,
- const struct NonceP *nonce,
- const char *salt,
- struct SymKeyP *key)
-{
- GNUNET_assert (GNUNET_YES ==
- GNUNET_CRYPTO_kdf (key,
- sizeof (*key),
- /* salt / XTS */
- nonce,
- sizeof (*nonce),
- /* ikm */
- key_material,
- key_m_len,
- /* info chunks */
- /* The "salt" passed here is actually not something random,
- but a protocol-specific identifier string. Thus
- we pass it as a context info to the HKDF */
- salt,
- strlen (salt),
- NULL,
- 0));
-}
-
-
-/**
- * Encryption of data.
- *
- * @param nonce value to use for the nonce
- * @param key key which is used to derive a key/iv pair from
- * @param key_len length of key
- * @param data data to encrypt
- * @param data_size size of the data
- * @param salt salt value which is used for key derivation
- * @param[out] res ciphertext output
- * @param[out] res_size size of the ciphertext
- */
-static void
-blob_encrypt (const struct NonceP *nonce,
- const void *key,
- size_t key_len,
- const void *data,
- size_t data_size,
- const char *salt,
- void **res,
- size_t *res_size)
-{
- size_t ciphertext_size;
- struct SymKeyP skey;
-
- derive_key (key,
- key_len,
- nonce,
- salt,
- &skey);
- ciphertext_size = crypto_secretbox_NONCEBYTES
- + crypto_secretbox_MACBYTES
- + data_size;
- *res_size = ciphertext_size;
- *res = GNUNET_malloc (ciphertext_size);
- GNUNET_memcpy (*res,
- nonce,
- crypto_secretbox_NONCEBYTES);
- GNUNET_assert (0 ==
- crypto_secretbox_easy (*res + crypto_secretbox_NONCEBYTES,
- data,
- data_size,
- (void *) nonce,
- (void *) &skey));
-}
-
-
-/**
- * Decryption of data like encrypted recovery document etc.
- *
- * @param key key which is used to derive a key/iv pair from
- * @param key_len length of key
- * @param data data to decrypt
- * @param data_size size of the data
- * @param salt salt value which is used for key derivation
- * @param[out] res plaintext output
- * @param[out] res_size size of the plaintext
- * @return #GNUNET_OK on success
- */
-static enum GNUNET_GenericReturnValue
-blob_decrypt (const void *key,
- size_t key_len,
- const void *data,
- size_t data_size,
- const char *salt,
- void **res,
- size_t *res_size)
-{
- const struct NonceP *nonce;
- struct SymKeyP skey;
- size_t plaintext_size;
-
- if (data_size < crypto_secretbox_NONCEBYTES + crypto_secretbox_MACBYTES)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- nonce = data;
- derive_key (key,
- key_len,
- nonce,
- salt,
- &skey);
- plaintext_size = data_size - (crypto_secretbox_NONCEBYTES
- + crypto_secretbox_MACBYTES);
- *res = GNUNET_malloc (plaintext_size);
- *res_size = plaintext_size;
- if (0 != crypto_secretbox_open_easy (*res,
- data + crypto_secretbox_NONCEBYTES,
- data_size - crypto_secretbox_NONCEBYTES,
- (void *) nonce,
- (void *) &skey))
- {
- GNUNET_break (0);
- GNUNET_free (*res);
- return GNUNET_SYSERR;
- }
- return GNUNET_OK;
-}
-
-
-/**
- * Header for encrypted contracts.
- */
-struct ContractHeaderP
-{
- /**
- * Type of the contract, in NBO.
- */
- uint32_t ctype;
-
- /**
- * Length of the encrypted contract, in NBO.
- */
- uint32_t clen;
-};
-
-
-/**
- * Header for encrypted contracts.
- */
-struct ContractHeaderMergeP
-{
- /**
- * Generic header.
- */
- struct ContractHeaderP header;
-
- /**
- * Private key with the merge capability.
- */
- struct TALER_PurseMergePrivateKeyP merge_priv;
-};
-
-
-/**
- * Salt we use when encrypting contracts for merge.
- */
-#define MERGE_SALT "p2p-merge-contract"
-
-
-void
-TALER_CRYPTO_contract_encrypt_for_merge (
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const struct TALER_ContractDiffiePrivateP *contract_priv,
- const struct TALER_PurseMergePrivateKeyP *merge_priv,
- const json_t *contract_terms,
- void **econtract,
- size_t *econtract_size)
-{
- struct GNUNET_HashCode key;
- char *cstr;
- size_t clen;
- void *xbuf;
- struct ContractHeaderMergeP *hdr;
- struct NonceP nonce;
- uLongf cbuf_size;
- int ret;
-
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_ecdh_eddsa (&contract_priv->ecdhe_priv,
- &purse_pub->eddsa_pub,
- &key));
- cstr = json_dumps (contract_terms,
- JSON_COMPACT | JSON_SORT_KEYS);
- clen = strlen (cstr);
- cbuf_size = compressBound (clen);
- xbuf = GNUNET_malloc (cbuf_size);
- ret = compress (xbuf,
- &cbuf_size,
- (const Bytef *) cstr,
- clen);
- GNUNET_assert (Z_OK == ret);
- free (cstr);
- hdr = GNUNET_malloc (sizeof (*hdr) + cbuf_size);
- hdr->header.ctype = htonl (TALER_DONAU_CONTRACT_PAYMENT_OFFER);
- hdr->header.clen = htonl ((uint32_t) clen);
- hdr->merge_priv = *merge_priv;
- GNUNET_memcpy (&hdr[1],
- xbuf,
- cbuf_size);
- GNUNET_free (xbuf);
- GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
- &nonce,
- sizeof (nonce));
- blob_encrypt (&nonce,
- &key,
- sizeof (key),
- hdr,
- sizeof (*hdr) + cbuf_size,
- MERGE_SALT,
- econtract,
- econtract_size);
- GNUNET_free (hdr);
-}
-
-
-json_t *
-TALER_CRYPTO_contract_decrypt_for_merge (
- const struct TALER_ContractDiffiePrivateP *contract_priv,
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const void *econtract,
- size_t econtract_size,
- struct TALER_PurseMergePrivateKeyP *merge_priv)
-{
- struct GNUNET_HashCode key;
- void *xhdr;
- size_t hdr_size;
- const struct ContractHeaderMergeP *hdr;
- char *cstr;
- uLongf clen;
- json_error_t json_error;
- json_t *ret;
-
- if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdh_eddsa (&contract_priv->ecdhe_priv,
- &purse_pub->eddsa_pub,
- &key))
- {
- GNUNET_break (0);
- return NULL;
- }
- if (GNUNET_OK !=
- blob_decrypt (&key,
- sizeof (key),
- econtract,
- econtract_size,
- MERGE_SALT,
- &xhdr,
- &hdr_size))
- {
- GNUNET_break_op (0);
- return NULL;
- }
- if (hdr_size < sizeof (*hdr))
- {
- GNUNET_break_op (0);
- GNUNET_free (xhdr);
- return NULL;
- }
- hdr = xhdr;
- if (TALER_DONAU_CONTRACT_PAYMENT_OFFER != ntohl (hdr->header.ctype))
- {
- GNUNET_break_op (0);
- GNUNET_free (xhdr);
- return NULL;
- }
- clen = ntohl (hdr->header.clen);
- if (clen >= GNUNET_MAX_MALLOC_CHECKED)
- {
- GNUNET_break_op (0);
- GNUNET_free (xhdr);
- return NULL;
- }
- cstr = GNUNET_malloc (clen + 1);
- if (Z_OK !=
- uncompress ((Bytef *) cstr,
- &clen,
- (const Bytef *) &hdr[1],
- hdr_size - sizeof (*hdr)))
- {
- GNUNET_break_op (0);
- GNUNET_free (cstr);
- GNUNET_free (xhdr);
- return NULL;
- }
- *merge_priv = hdr->merge_priv;
- GNUNET_free (xhdr);
- ret = json_loadb ((char *) cstr,
- clen,
- JSON_DECODE_ANY,
- &json_error);
- if (NULL == ret)
- {
- GNUNET_break_op (0);
- GNUNET_free (cstr);
- return NULL;
- }
- GNUNET_free (cstr);
- return ret;
-}
-
-
-/**
- * Salt we use when encrypting contracts for merge.
- */
-#define DEPOSIT_SALT "p2p-deposit-contract"
-
-
-void
-TALER_CRYPTO_contract_encrypt_for_deposit (
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const struct TALER_ContractDiffiePrivateP *contract_priv,
- const json_t *contract_terms,
- void **econtract,
- size_t *econtract_size)
-{
- struct GNUNET_HashCode key;
- char *cstr;
- size_t clen;
- void *xbuf;
- struct ContractHeaderP *hdr;
- struct NonceP nonce;
- uLongf cbuf_size;
- int ret;
- void *xecontract;
- size_t xecontract_size;
-
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_ecdh_eddsa (&contract_priv->ecdhe_priv,
- &purse_pub->eddsa_pub,
- &key));
- cstr = json_dumps (contract_terms,
- JSON_COMPACT | JSON_SORT_KEYS);
- GNUNET_assert (NULL != cstr);
- clen = strlen (cstr);
- cbuf_size = compressBound (clen);
- xbuf = GNUNET_malloc (cbuf_size);
- ret = compress (xbuf,
- &cbuf_size,
- (const Bytef *) cstr,
- clen);
- GNUNET_assert (Z_OK == ret);
- free (cstr);
- hdr = GNUNET_malloc (sizeof (*hdr) + cbuf_size);
- hdr->ctype = htonl (TALER_DONAU_CONTRACT_PAYMENT_REQUEST);
- hdr->clen = htonl ((uint32_t) clen);
- GNUNET_memcpy (&hdr[1],
- xbuf,
- cbuf_size);
- GNUNET_free (xbuf);
- GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
- &nonce,
- sizeof (nonce));
- blob_encrypt (&nonce,
- &key,
- sizeof (key),
- hdr,
- sizeof (*hdr) + cbuf_size,
- DEPOSIT_SALT,
- &xecontract,
- &xecontract_size);
- GNUNET_free (hdr);
- /* prepend purse_pub */
- *econtract = GNUNET_malloc (xecontract_size + sizeof (*purse_pub));
- GNUNET_memcpy (*econtract,
- purse_pub,
- sizeof (*purse_pub));
- GNUNET_memcpy (sizeof (*purse_pub) + *econtract,
- xecontract,
- xecontract_size);
- *econtract_size = xecontract_size + sizeof (*purse_pub);
- GNUNET_free (xecontract);
-}
-
-
-json_t *
-TALER_CRYPTO_contract_decrypt_for_deposit (
- const struct TALER_ContractDiffiePrivateP *contract_priv,
- const void *econtract,
- size_t econtract_size)
-{
- const struct TALER_PurseContractPublicKeyP *purse_pub = econtract;
-
- if (econtract_size < sizeof (*purse_pub))
- {
- GNUNET_break_op (0);
- return NULL;
- }
- struct GNUNET_HashCode key;
- void *xhdr;
- size_t hdr_size;
- const struct ContractHeaderP *hdr;
- char *cstr;
- uLongf clen;
- json_error_t json_error;
- json_t *ret;
-
- if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdh_eddsa (&contract_priv->ecdhe_priv,
- &purse_pub->eddsa_pub,
- &key))
- {
- GNUNET_break (0);
- return NULL;
- }
- econtract += sizeof (*purse_pub);
- econtract_size -= sizeof (*purse_pub);
- if (GNUNET_OK !=
- blob_decrypt (&key,
- sizeof (key),
- econtract,
- econtract_size,
- DEPOSIT_SALT,
- &xhdr,
- &hdr_size))
- {
- GNUNET_break_op (0);
- return NULL;
- }
- if (hdr_size < sizeof (*hdr))
- {
- GNUNET_break_op (0);
- GNUNET_free (xhdr);
- return NULL;
- }
- hdr = xhdr;
- if (TALER_DONAU_CONTRACT_PAYMENT_REQUEST != ntohl (hdr->ctype))
- {
- GNUNET_break_op (0);
- GNUNET_free (xhdr);
- return NULL;
- }
- clen = ntohl (hdr->clen);
- if (clen >= GNUNET_MAX_MALLOC_CHECKED)
- {
- GNUNET_break_op (0);
- GNUNET_free (xhdr);
- return NULL;
- }
- cstr = GNUNET_malloc (clen + 1);
- if (Z_OK !=
- uncompress ((Bytef *) cstr,
- &clen,
- (const Bytef *) &hdr[1],
- hdr_size - sizeof (*hdr)))
- {
- GNUNET_break_op (0);
- GNUNET_free (cstr);
- GNUNET_free (xhdr);
- return NULL;
- }
- GNUNET_free (xhdr);
- ret = json_loadb ((char *) cstr,
- clen,
- JSON_DECODE_ANY,
- &json_error);
- if (NULL == ret)
- {
- GNUNET_break_op (0);
- GNUNET_free (cstr);
- return NULL;
- }
- GNUNET_free (cstr);
- return ret;
-}
-
-
-/**
- * Salt we use when encrypting KYC attributes.
- */
-#define ATTRIBUTE_SALT "kyc-attributes"
-
-
-void
-TALER_CRYPTO_kyc_attributes_encrypt (
- const struct TALER_AttributeEncryptionKeyP *key,
- const json_t *attr,
- void **enc_attr,
- size_t *enc_attr_size)
-{
- uLongf cbuf_size;
- char *cstr;
- uLongf clen;
- void *xbuf;
- int ret;
- uint32_t belen;
- struct NonceP nonce;
-
- cstr = json_dumps (attr,
- JSON_COMPACT | JSON_SORT_KEYS);
- GNUNET_assert (NULL != cstr);
- clen = strlen (cstr);
- GNUNET_assert (clen <= UINT32_MAX);
- cbuf_size = compressBound (clen);
- xbuf = GNUNET_malloc (cbuf_size + sizeof (uint32_t));
- belen = htonl ((uint32_t) clen);
- GNUNET_memcpy (xbuf,
- &belen,
- sizeof (belen));
- ret = compress (xbuf + 4,
- &cbuf_size,
- (const Bytef *) cstr,
- clen);
- GNUNET_assert (Z_OK == ret);
- free (cstr);
- GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
- &nonce,
- sizeof (nonce));
- blob_encrypt (&nonce,
- key,
- sizeof (*key),
- xbuf,
- cbuf_size + sizeof (uint32_t),
- ATTRIBUTE_SALT,
- enc_attr,
- enc_attr_size);
- GNUNET_free (xbuf);
-}
-
-
-json_t *
-TALER_CRYPTO_kyc_attributes_decrypt (
- const struct TALER_AttributeEncryptionKeyP *key,
- const void *enc_attr,
- size_t enc_attr_size)
-{
- void *xhdr;
- size_t hdr_size;
- char *cstr;
- uLongf clen;
- json_error_t json_error;
- json_t *ret;
- uint32_t belen;
-
- if (GNUNET_OK !=
- blob_decrypt (key,
- sizeof (*key),
- enc_attr,
- enc_attr_size,
- ATTRIBUTE_SALT,
- &xhdr,
- &hdr_size))
- {
- GNUNET_break_op (0);
- return NULL;
- }
- GNUNET_memcpy (&belen,
- xhdr,
- sizeof (belen));
- clen = ntohl (belen);
- if (clen >= GNUNET_MAX_MALLOC_CHECKED)
- {
- GNUNET_break_op (0);
- GNUNET_free (xhdr);
- return NULL;
- }
- cstr = GNUNET_malloc (clen + 1);
- if (Z_OK !=
- uncompress ((Bytef *) cstr,
- &clen,
- (const Bytef *) (xhdr + sizeof (uint32_t)),
- hdr_size - sizeof (uint32_t)))
- {
- GNUNET_break_op (0);
- GNUNET_free (cstr);
- GNUNET_free (xhdr);
- return NULL;
- }
- GNUNET_free (xhdr);
- ret = json_loadb ((char *) cstr,
- clen,
- JSON_DECODE_ANY,
- &json_error);
- if (NULL == ret)
- {
- GNUNET_break_op (0);
- GNUNET_free (cstr);
- return NULL;
- }
- GNUNET_free (cstr);
- return ret;
-}
diff --git a/src/util/offline_signatures.c b/src/util/offline_signatures.c
@@ -1,1388 +0,0 @@
-/*
- This file is part of TALER
- Copyright (C) 2020-2023 Taler Systems SA
-
- TALER is free software; you can redistribute it and/or modify it under the
- terms of the GNU General Public License as published by the Free Software
- Foundation; either version 3, or (at your option) any later version.
-
- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
- WARRANTY; without even the implied warranty of CHARITYABILITY or FITNESS FOR
- A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along with
- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
-*/
-/**
- * @file offline_signatures.c
- * @brief Utility functions for Taler donau offline signatures
- * @author Christian Grothoff
- */
-#include "platform.h"
-#include "taler_util.h"
-#include "taler_signatures.h"
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Signature made by the donau offline key over the information of
- * an AML officer status change.
- */
-struct TALER_MasterAmlOfficerStatusPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_AML_KEY. Signed
- * by a `struct TALER_MasterPublicKeyP` using EdDSA.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Time of the change.
- */
- struct GNUNET_TIME_TimestampNBO change_date;
-
- /**
- * Public key of the AML officer.
- */
- struct TALER_AmlOfficerPublicKeyP officer_pub;
-
- /**
- * Hash over the AML officer's name.
- */
- struct GNUNET_HashCode h_officer_name GNUNET_PACKED;
-
- /**
- * Bitmask: 1 if enabled; 2 for read-only access. in NBO.
- */
- uint32_t is_active GNUNET_PACKED;
-};
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_aml_officer_status_sign (
- const struct TALER_AmlOfficerPublicKeyP *officer_pub,
- const char *officer_name,
- struct GNUNET_TIME_Timestamp change_date,
- bool is_active,
- bool read_only,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterAmlOfficerStatusPS as = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_AML_KEY),
- .purpose.size = htonl (sizeof (as)),
- .change_date = GNUNET_TIME_timestamp_hton (change_date),
- .officer_pub = *officer_pub,
- .is_active = htonl ((is_active ? 1 : 0) + (read_only ? 2 : 0))
- };
-
- GNUNET_CRYPTO_hash (officer_name,
- strlen (officer_name) + 1,
- &as.h_officer_name);
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &as,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_aml_officer_status_verify (
- const struct TALER_AmlOfficerPublicKeyP *officer_pub,
- const char *officer_name,
- struct GNUNET_TIME_Timestamp change_date,
- bool is_active,
- bool read_only,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterAmlOfficerStatusPS as = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_AML_KEY),
- .purpose.size = htonl (sizeof (as)),
- .change_date = GNUNET_TIME_timestamp_hton (change_date),
- .officer_pub = *officer_pub,
- .is_active = htonl ((is_active ? 1 : 0) + (read_only ? 2 : 0))
- };
-
- GNUNET_CRYPTO_hash (officer_name,
- strlen (officer_name) + 1,
- &as.h_officer_name);
- return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_AML_KEY,
- &as,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Signature made by the donau offline key over the information of
- * an auditor to be added to the donau's set of auditors.
- */
-struct TALER_MasterAddAuditorPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_ADD_AUDITOR. Signed
- * by a `struct TALER_MasterPublicKeyP` using EdDSA.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Time of the change.
- */
- struct GNUNET_TIME_TimestampNBO start_date;
-
- /**
- * Public key of the auditor.
- */
- struct TALER_AuditorPublicKeyP auditor_pub;
-
- /**
- * Hash over the auditor's URL.
- */
- struct GNUNET_HashCode h_auditor_url GNUNET_PACKED;
-};
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_auditor_add_sign (
- const struct TALER_AuditorPublicKeyP *auditor_pub,
- const char *auditor_url,
- struct GNUNET_TIME_Timestamp start_date,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterAddAuditorPS kv = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_ADD_AUDITOR),
- .purpose.size = htonl (sizeof (kv)),
- .start_date = GNUNET_TIME_timestamp_hton (start_date),
- .auditor_pub = *auditor_pub,
- };
-
- GNUNET_CRYPTO_hash (auditor_url,
- strlen (auditor_url) + 1,
- &kv.h_auditor_url);
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &kv,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_auditor_add_verify (
- const struct TALER_AuditorPublicKeyP *auditor_pub,
- const char *auditor_url,
- struct GNUNET_TIME_Timestamp start_date,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterAddAuditorPS aa = {
- .purpose.purpose = htonl (
- TALER_SIGNATURE_MASTER_ADD_AUDITOR),
- .purpose.size = htonl (sizeof (aa)),
- .start_date = GNUNET_TIME_timestamp_hton (start_date),
- .auditor_pub = *auditor_pub
- };
-
- GNUNET_CRYPTO_hash (auditor_url,
- strlen (auditor_url) + 1,
- &aa.h_auditor_url);
- return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_ADD_AUDITOR,
- &aa,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Signature made by the donau offline key over the information of
- * an auditor to be removed from the donau's set of auditors.
- */
-struct TALER_MasterDelAuditorPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_DEL_AUDITOR. Signed
- * by a `struct TALER_MasterPublicKeyP` using EdDSA.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Time of the change.
- */
- struct GNUNET_TIME_TimestampNBO end_date;
-
- /**
- * Public key of the auditor.
- */
- struct TALER_AuditorPublicKeyP auditor_pub;
-
-};
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_auditor_del_sign (
- const struct TALER_AuditorPublicKeyP *auditor_pub,
- struct GNUNET_TIME_Timestamp end_date,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterDelAuditorPS kv = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DEL_AUDITOR),
- .purpose.size = htonl (sizeof (kv)),
- .end_date = GNUNET_TIME_timestamp_hton (end_date),
- .auditor_pub = *auditor_pub,
- };
-
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &kv,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_auditor_del_verify (
- const struct TALER_AuditorPublicKeyP *auditor_pub,
- struct GNUNET_TIME_Timestamp end_date,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterDelAuditorPS da = {
- .purpose.purpose = htonl (
- TALER_SIGNATURE_MASTER_DEL_AUDITOR),
- .purpose.size = htonl (sizeof (da)),
- .end_date = GNUNET_TIME_timestamp_hton (end_date),
- .auditor_pub = *auditor_pub
- };
-
- return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DEL_AUDITOR,
- &da,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Message confirming that a denomination key was revoked.
- */
-struct TALER_MasterDenominationKeyRevocationPS
-{
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Hash of the denomination key.
- */
- struct TALER_DenominationHashP h_denom_pub;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_denomination_revoke_sign (
- const struct TALER_DenominationHashP *h_denom_pub,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterDenominationKeyRevocationPS rm = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED),
- .purpose.size = htonl (sizeof (rm)),
- .h_denom_pub = *h_denom_pub
- };
-
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &rm,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_denomination_revoke_verify (
- const struct TALER_DenominationHashP *h_denom_pub,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterDenominationKeyRevocationPS kr = {
- .purpose.purpose = htonl (
- TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED),
- .purpose.size = htonl (sizeof (kr)),
- .h_denom_pub = *h_denom_pub
- };
-
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED,
- &kr,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Message confirming that an donau online signing key was revoked.
- */
-struct TALER_MasterSigningKeyRevocationPS
-{
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * The donau's public key.
- */
- struct TALER_DonauPublicKeyP donau_pub;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_signkey_revoke_sign (
- const struct TALER_DonauPublicKeyP *donau_pub,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterSigningKeyRevocationPS kv = {
- .purpose.purpose = htonl (
- TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED),
- .purpose.size = htonl (sizeof (kv)),
- .donau_pub = *donau_pub
- };
-
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &kv,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_signkey_revoke_verify (
- const struct TALER_DonauPublicKeyP *donau_pub,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterSigningKeyRevocationPS rm = {
- .purpose.purpose = htonl (
- TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED),
- .purpose.size = htonl (sizeof (rm)),
- .donau_pub = *donau_pub
- };
-
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED,
- &rm,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Information about a signing key of the donau. Signing keys are used
- * to sign donau messages other than coins, i.e. to confirm that a
- * deposit was successful or that a refresh was accepted.
- */
-struct TALER_DonauSigningKeyValidityPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * When does this signing key begin to be valid?
- */
- struct GNUNET_TIME_TimestampNBO start;
-
- /**
- * When does this signing key expire? Note: This is currently when
- * the Donau will definitively stop using it. Signatures made with
- * the key remain valid until @e end. When checking validity periods,
- * clients should allow for some overlap between keys and tolerate
- * the use of either key during the overlap time (due to the
- * possibility of clock skew).
- */
- struct GNUNET_TIME_TimestampNBO expire;
-
- /**
- * When do signatures with this signing key become invalid? After
- * this point, these signatures cannot be used in (legal) disputes
- * anymore, as the Donau is then allowed to destroy its side of the
- * evidence. @e end is expected to be significantly larger than @e
- * expire (by a year or more).
- */
- struct GNUNET_TIME_TimestampNBO end;
-
- /**
- * The public online signing key that the donau will use
- * between @e start and @e expire.
- */
- struct TALER_DonauPublicKeyP signkey_pub;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_signkey_validity_sign (
- const struct TALER_DonauPublicKeyP *donau_pub,
- struct GNUNET_TIME_Timestamp start_sign,
- struct GNUNET_TIME_Timestamp end_sign,
- struct GNUNET_TIME_Timestamp end_legal,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_DonauSigningKeyValidityPS skv = {
- .purpose.purpose = htonl (
- TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY),
- .purpose.size = htonl (sizeof (skv)),
- .start = GNUNET_TIME_timestamp_hton (start_sign),
- .expire = GNUNET_TIME_timestamp_hton (end_sign),
- .end = GNUNET_TIME_timestamp_hton (end_legal),
- .signkey_pub = *donau_pub
- };
-
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &skv,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_signkey_validity_verify (
- const struct TALER_DonauPublicKeyP *donau_pub,
- struct GNUNET_TIME_Timestamp start_sign,
- struct GNUNET_TIME_Timestamp end_sign,
- struct GNUNET_TIME_Timestamp end_legal,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_DonauSigningKeyValidityPS skv = {
- .purpose.purpose = htonl (
- TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY),
- .purpose.size = htonl (sizeof (skv)),
- .start = GNUNET_TIME_timestamp_hton (start_sign),
- .expire = GNUNET_TIME_timestamp_hton (end_sign),
- .end = GNUNET_TIME_timestamp_hton (end_legal),
- .signkey_pub = *donau_pub
- };
-
- return
- GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY,
- &skv,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Information about a denomination key. Denomination keys
- * are used to sign coins of a certain value into existence.
- */
-struct TALER_DenominationKeyValidityPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * The long-term offline master key of the donau that was
- * used to create @e signature.
- *
- * Note: This member is not strictly required, but here for
- * backwards-compatibility. If we ever again badly break
- * compatibility, we might want to remove it.
- */
- struct TALER_MasterPublicKeyP master;
-
- /**
- * Start time of the validity period for this key.
- */
- struct GNUNET_TIME_TimestampNBO start;
-
- /**
- * The donau will sign fresh coins between @e start and this time.
- * @e expire_withdraw will be somewhat larger than @e start to
- * ensure a sufficiently large anonymity set, while also allowing
- * the Donau to limit the financial damage in case of a key being
- * compromised. Thus, donaus with low volume are expected to have a
- * longer withdraw period (@e expire_withdraw - @e start) than donaus
- * with high transaction volume. The period may also differ between
- * types of coins. A donau may also have a few denomination keys
- * with the same value with overlapping validity periods, to address
- * issues such as clock skew.
- */
- struct GNUNET_TIME_TimestampNBO expire_withdraw;
-
- /**
- * Coins signed with the denomination key must be spent or refreshed
- * between @e start and this expiration time. After this time, the
- * donau will refuse transactions involving this key as it will
- * "drop" the table with double-spending information (shortly after)
- * this time. Note that wallets should refresh coins significantly
- * before this time to be on the safe side. @e expire_deposit must be
- * significantly larger than @e expire_withdraw (by months or even
- * years).
- */
- struct GNUNET_TIME_TimestampNBO expire_deposit;
-
- /**
- * When do signatures with this denomination key become invalid?
- * After this point, these signatures cannot be used in (legal)
- * disputes anymore, as the Donau is then allowed to destroy its side
- * of the evidence. @e expire_legal is expected to be significantly
- * larger than @e expire_deposit (by a year or more).
- */
- struct GNUNET_TIME_TimestampNBO expire_legal;
-
- /**
- * The value of the coins signed with this denomination key.
- */
- struct TALER_AmountNBO value;
-
- /**
- * Fees for the coin.
- */
- struct TALER_DenomFeeSetNBOP fees;
-
- /**
- * Hash code of the denomination public key. (Used to avoid having
- * the variable-size RSA key in this struct.)
- */
- struct TALER_DenominationHashP denom_hash GNUNET_PACKED;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_denom_validity_sign (
- const struct TALER_DenominationHashP *h_denom_pub,
- struct GNUNET_TIME_Timestamp stamp_start,
- struct GNUNET_TIME_Timestamp stamp_expire_withdraw,
- struct GNUNET_TIME_Timestamp stamp_expire_deposit,
- struct GNUNET_TIME_Timestamp stamp_expire_legal,
- const struct TALER_Amount *coin_value,
- const struct TALER_DenomFeeSet *fees,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_DenominationKeyValidityPS issue = {
- .purpose.purpose
- = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY),
- .purpose.size
- = htonl (sizeof (issue)),
- .start = GNUNET_TIME_timestamp_hton (stamp_start),
- .expire_withdraw = GNUNET_TIME_timestamp_hton (stamp_expire_withdraw),
- .expire_deposit = GNUNET_TIME_timestamp_hton (stamp_expire_deposit),
- .expire_legal = GNUNET_TIME_timestamp_hton (stamp_expire_legal),
- .denom_hash = *h_denom_pub
- };
-
- GNUNET_CRYPTO_eddsa_key_get_public (&master_priv->eddsa_priv,
- &issue.master.eddsa_pub);
- TALER_amount_hton (&issue.value,
- coin_value);
- TALER_denom_fee_set_hton (&issue.fees,
- fees);
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &issue,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_denom_validity_verify (
- const struct TALER_DenominationHashP *h_denom_pub,
- struct GNUNET_TIME_Timestamp stamp_start,
- struct GNUNET_TIME_Timestamp stamp_expire_withdraw,
- struct GNUNET_TIME_Timestamp stamp_expire_deposit,
- struct GNUNET_TIME_Timestamp stamp_expire_legal,
- const struct TALER_Amount *coin_value,
- const struct TALER_DenomFeeSet *fees,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_DenominationKeyValidityPS dkv = {
- .purpose.purpose = htonl (
- TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY),
- .purpose.size = htonl (sizeof (dkv)),
- .master = *master_pub,
- .start = GNUNET_TIME_timestamp_hton (stamp_start),
- .expire_withdraw = GNUNET_TIME_timestamp_hton (stamp_expire_withdraw),
- .expire_deposit = GNUNET_TIME_timestamp_hton (stamp_expire_deposit),
- .expire_legal = GNUNET_TIME_timestamp_hton (stamp_expire_legal),
- .denom_hash = *h_denom_pub
- };
-
- TALER_amount_hton (&dkv.value,
- coin_value);
- TALER_denom_fee_set_hton (&dkv.fees,
- fees);
- return
- GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY,
- &dkv,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Signature made by the donau offline key over the information of
- * a payto:// URI to be added to the donau's set of active wire accounts.
- */
-struct TALER_MasterAddWirePS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_ADD_WIRE. Signed
- * by a `struct TALER_MasterPublicKeyP` using EdDSA.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Time of the change.
- */
- struct GNUNET_TIME_TimestampNBO start_date;
-
- /**
- * Hash over the donau's payto URI.
- */
- struct TALER_PaytoHashP h_payto GNUNET_PACKED;
-
- /**
- * Hash over the conversion URL, all zeros if there
- * is no conversion URL.
- */
- struct GNUNET_HashCode h_conversion_url;
-
- /**
- * Hash over the debit restrictions.
- */
- struct GNUNET_HashCode h_debit_restrictions;
-
- /**
- * Hash over the credit restrictions.
- */
- struct GNUNET_HashCode h_credit_restrictions;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_wire_add_sign (
- const char *payto_uri,
- const char *conversion_url,
- const json_t *debit_restrictions,
- const json_t *credit_restrictions,
- struct GNUNET_TIME_Timestamp now,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterAddWirePS kv = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_ADD_WIRE),
- .purpose.size = htonl (sizeof (kv)),
- .start_date = GNUNET_TIME_timestamp_hton (now),
- };
-
- TALER_payto_hash (payto_uri,
- &kv.h_payto);
- if (NULL != conversion_url)
- GNUNET_CRYPTO_hash (conversion_url,
- strlen (conversion_url) + 1,
- &kv.h_conversion_url);
- TALER_json_hash (debit_restrictions,
- &kv.h_debit_restrictions);
- TALER_json_hash (credit_restrictions,
- &kv.h_credit_restrictions);
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &kv,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_wire_add_verify (
- const char *payto_uri,
- const char *conversion_url,
- const json_t *debit_restrictions,
- const json_t *credit_restrictions,
- struct GNUNET_TIME_Timestamp sign_time,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterAddWirePS aw = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_ADD_WIRE),
- .purpose.size = htonl (sizeof (aw)),
- .start_date = GNUNET_TIME_timestamp_hton (sign_time),
- };
-
- TALER_payto_hash (payto_uri,
- &aw.h_payto);
- if (NULL != conversion_url)
- GNUNET_CRYPTO_hash (conversion_url,
- strlen (conversion_url) + 1,
- &aw.h_conversion_url);
- TALER_json_hash (debit_restrictions,
- &aw.h_debit_restrictions);
- TALER_json_hash (credit_restrictions,
- &aw.h_credit_restrictions);
- return
- GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_MASTER_ADD_WIRE,
- &aw,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Signature made by the donau offline key over the information of
- * a wire method to be removed to the donau's set of active accounts.
- */
-struct TALER_MasterDelWirePS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_DEL_WIRE. Signed
- * by a `struct TALER_MasterPublicKeyP` using EdDSA.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Time of the change.
- */
- struct GNUNET_TIME_TimestampNBO end_date;
-
- /**
- * Hash over the donau's payto URI.
- */
- struct TALER_PaytoHashP h_payto GNUNET_PACKED;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_wire_del_sign (
- const char *payto_uri,
- struct GNUNET_TIME_Timestamp now,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterDelWirePS kv = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DEL_WIRE),
- .purpose.size = htonl (sizeof (kv)),
- .end_date = GNUNET_TIME_timestamp_hton (now),
- };
-
- TALER_payto_hash (payto_uri,
- &kv.h_payto);
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &kv,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_wire_del_verify (
- const char *payto_uri,
- struct GNUNET_TIME_Timestamp sign_time,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterDelWirePS aw = {
- .purpose.purpose = htonl (
- TALER_SIGNATURE_MASTER_DEL_WIRE),
- .purpose.size = htonl (sizeof (aw)),
- .end_date = GNUNET_TIME_timestamp_hton (sign_time),
- };
-
- TALER_payto_hash (payto_uri,
- &aw.h_payto);
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_MASTER_DEL_WIRE,
- &aw,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Information signed by the donau's master
- * key stating the wire fee to be paid per wire transfer.
- */
-struct TALER_MasterWireFeePS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_WIRE_FEES.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Hash over the wire method (yes, H("x-taler-bank") or H("iban")), in lower
- * case, including 0-terminator. Used to uniquely identify which
- * wire method these fees apply to.
- */
- struct GNUNET_HashCode h_wire_method;
-
- /**
- * Start date when the fee goes into effect.
- */
- struct GNUNET_TIME_TimestampNBO start_date;
-
- /**
- * End date when the fee stops being in effect (exclusive)
- */
- struct GNUNET_TIME_TimestampNBO end_date;
-
- /**
- * Fees charged for wire transfers using the
- * given wire method.
- */
- struct TALER_WireFeeSetNBOP fees;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_wire_fee_sign (
- const char *payment_method,
- struct GNUNET_TIME_Timestamp start_time,
- struct GNUNET_TIME_Timestamp end_time,
- const struct TALER_WireFeeSet *fees,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterWireFeePS kv = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_FEES),
- .purpose.size = htonl (sizeof (kv)),
- .start_date = GNUNET_TIME_timestamp_hton (start_time),
- .end_date = GNUNET_TIME_timestamp_hton (end_time),
- };
-
- GNUNET_CRYPTO_hash (payment_method,
- strlen (payment_method) + 1,
- &kv.h_wire_method);
- TALER_wire_fee_set_hton (&kv.fees,
- fees);
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &kv,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_wire_fee_verify (
- const char *payment_method,
- struct GNUNET_TIME_Timestamp start_time,
- struct GNUNET_TIME_Timestamp end_time,
- const struct TALER_WireFeeSet *fees,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterWireFeePS wf = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_FEES),
- .purpose.size = htonl (sizeof (wf)),
- .start_date = GNUNET_TIME_timestamp_hton (start_time),
- .end_date = GNUNET_TIME_timestamp_hton (end_time)
- };
-
- GNUNET_CRYPTO_hash (payment_method,
- strlen (payment_method) + 1,
- &wf.h_wire_method);
- TALER_wire_fee_set_hton (&wf.fees,
- fees);
- return
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_FEES,
- &wf,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Global fees charged by the donau independent of
- * denomination or wire method.
- */
-struct TALER_MasterGlobalFeePS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_GLOBAL_FEES.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Start date when the fee goes into effect.
- */
- struct GNUNET_TIME_TimestampNBO start_date;
-
- /**
- * End date when the fee stops being in effect (exclusive)
- */
- struct GNUNET_TIME_TimestampNBO end_date;
-
- /**
- * How long does an donau keep a purse around after a purse
- * has expired (or been successfully merged)? A 'GET' request
- * for a purse will succeed until the purse expiration time
- * plus this value.
- */
- struct GNUNET_TIME_RelativeNBO purse_timeout;
-
- /**
- * How long will the donau preserve the account history? After an
- * account was deleted/closed, the donau will retain the account history
- * for legal reasons until this time.
- */
- struct GNUNET_TIME_RelativeNBO history_expiration;
-
- /**
- * Fee charged to the charity per wire transfer.
- */
- struct TALER_GlobalFeeSetNBOP fees;
-
- /**
- * Number of concurrent purses that any
- * account holder is allowed to create without having
- * to pay the @e purse_fee. Here given in NBO.
- */
- uint32_t purse_account_limit;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_global_fee_sign (
- struct GNUNET_TIME_Timestamp start_time,
- struct GNUNET_TIME_Timestamp end_time,
- const struct TALER_GlobalFeeSet *fees,
- struct GNUNET_TIME_Relative purse_timeout,
- struct GNUNET_TIME_Relative history_expiration,
- uint32_t purse_account_limit,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterGlobalFeePS wf = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_GLOBAL_FEES),
- .purpose.size = htonl (sizeof (wf)),
- .start_date = GNUNET_TIME_timestamp_hton (start_time),
- .end_date = GNUNET_TIME_timestamp_hton (end_time),
- .purse_timeout = GNUNET_TIME_relative_hton (purse_timeout),
- .history_expiration = GNUNET_TIME_relative_hton (history_expiration),
- .purse_account_limit = htonl (purse_account_limit)
- };
-
- TALER_global_fee_set_hton (&wf.fees,
- fees);
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &wf,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_global_fee_verify (
- struct GNUNET_TIME_Timestamp start_time,
- struct GNUNET_TIME_Timestamp end_time,
- const struct TALER_GlobalFeeSet *fees,
- struct GNUNET_TIME_Relative purse_timeout,
- struct GNUNET_TIME_Relative history_expiration,
- uint32_t purse_account_limit,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterGlobalFeePS wf = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_GLOBAL_FEES),
- .purpose.size = htonl (sizeof (wf)),
- .start_date = GNUNET_TIME_timestamp_hton (start_time),
- .end_date = GNUNET_TIME_timestamp_hton (end_time),
- .purse_timeout = GNUNET_TIME_relative_hton (purse_timeout),
- .history_expiration = GNUNET_TIME_relative_hton (history_expiration),
- .purse_account_limit = htonl (purse_account_limit)
- };
-
- TALER_global_fee_set_hton (&wf.fees,
- fees);
- return
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_GLOBAL_FEES,
- &wf,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Signature made by the donau offline key over the manifest of
- * an extension.
- */
-struct TALER_MasterExtensionManifestPS
-{
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_EXTENSION. Signed
- * by a `struct TALER_MasterPublicKeyP` using EdDSA.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Hash of the JSON object that represents the manifests of extensions.
- */
- struct TALER_ExtensionManifestsHashP h_manifest GNUNET_PACKED;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_extension_manifests_hash_sign (
- const struct TALER_ExtensionManifestsHashP *h_manifest,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterExtensionManifestPS ec = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_EXTENSION),
- .purpose.size = htonl (sizeof(ec)),
- .h_manifest = *h_manifest
- };
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &ec,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_extension_manifests_hash_verify (
- const struct TALER_ExtensionManifestsHashP *h_manifest,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig
- )
-{
- struct TALER_MasterExtensionManifestPS ec = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_EXTENSION),
- .purpose.size = htonl (sizeof(ec)),
- .h_manifest = *h_manifest
- };
-
- return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_EXTENSION,
- &ec,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Information signed by the donau's master
- * key affirming the IBAN details for the donau.
- */
-struct TALER_MasterWireDetailsPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_WIRE_DETAILS.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Hash over the account holder's payto:// URL.
- */
- struct TALER_PaytoHashP h_wire_details GNUNET_PACKED;
-
- /**
- * Hash over the conversion URL, all zeros if there
- * is no conversion URL.
- */
- struct GNUNET_HashCode h_conversion_url;
-
- /**
- * Hash over the debit restrictions.
- */
- struct GNUNET_HashCode h_debit_restrictions;
-
- /**
- * Hash over the credit restrictions.
- */
- struct GNUNET_HashCode h_credit_restrictions;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_wire_signature_check (
- const char *payto_uri,
- const char *conversion_url,
- const json_t *debit_restrictions,
- const json_t *credit_restrictions,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterWireDetailsPS wd = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS),
- .purpose.size = htonl (sizeof (wd))
- };
-
- TALER_payto_hash (payto_uri,
- &wd.h_wire_details);
- if (NULL != conversion_url)
- GNUNET_CRYPTO_hash (conversion_url,
- strlen (conversion_url) + 1,
- &wd.h_conversion_url);
- TALER_json_hash (debit_restrictions,
- &wd.h_debit_restrictions);
- TALER_json_hash (credit_restrictions,
- &wd.h_credit_restrictions);
- return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_DETAILS,
- &wd,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-void
-TALER_donau_wire_signature_make (
- const char *payto_uri,
- const char *conversion_url,
- const json_t *debit_restrictions,
- const json_t *credit_restrictions,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_MasterWireDetailsPS wd = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS),
- .purpose.size = htonl (sizeof (wd))
- };
-
- TALER_payto_hash (payto_uri,
- &wd.h_wire_details);
- if (NULL != conversion_url)
- GNUNET_CRYPTO_hash (conversion_url,
- strlen (conversion_url) + 1,
- &wd.h_conversion_url);
- TALER_json_hash (debit_restrictions,
- &wd.h_debit_restrictions);
- TALER_json_hash (credit_restrictions,
- &wd.h_credit_restrictions);
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &wd,
- &master_sig->eddsa_signature);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed by account to merge a purse into a reserve.
- */
-struct TALER_PartnerConfigurationPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_PARNTER_DETAILS
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
- struct TALER_MasterPublicKeyP partner_pub;
- struct GNUNET_TIME_TimestampNBO start_date;
- struct GNUNET_TIME_TimestampNBO end_date;
- struct GNUNET_TIME_RelativeNBO wad_frequency;
- struct TALER_AmountNBO wad_fee;
- struct GNUNET_HashCode h_url;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_partner_details_sign (
- const struct TALER_MasterPublicKeyP *partner_pub,
- struct GNUNET_TIME_Timestamp start_date,
- struct GNUNET_TIME_Timestamp end_date,
- struct GNUNET_TIME_Relative wad_frequency,
- const struct TALER_Amount *wad_fee,
- const char *partner_base_url,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_PartnerConfigurationPS wd = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_PARTNER_DETAILS),
- .purpose.size = htonl (sizeof (wd)),
- .partner_pub = *partner_pub,
- .start_date = GNUNET_TIME_timestamp_hton (start_date),
- .end_date = GNUNET_TIME_timestamp_hton (end_date),
- .wad_frequency = GNUNET_TIME_relative_hton (wad_frequency),
- };
-
- GNUNET_CRYPTO_hash (partner_base_url,
- strlen (partner_base_url) + 1,
- &wd.h_url);
- TALER_amount_hton (&wd.wad_fee,
- wad_fee);
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &wd,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_partner_details_verify (
- const struct TALER_MasterPublicKeyP *partner_pub,
- struct GNUNET_TIME_Timestamp start_date,
- struct GNUNET_TIME_Timestamp end_date,
- struct GNUNET_TIME_Relative wad_frequency,
- const struct TALER_Amount *wad_fee,
- const char *partner_base_url,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_PartnerConfigurationPS wd = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_PARTNER_DETAILS),
- .purpose.size = htonl (sizeof (wd)),
- .partner_pub = *partner_pub,
- .start_date = GNUNET_TIME_timestamp_hton (start_date),
- .end_date = GNUNET_TIME_timestamp_hton (end_date),
- .wad_frequency = GNUNET_TIME_relative_hton (wad_frequency),
- };
-
- GNUNET_CRYPTO_hash (partner_base_url,
- strlen (partner_base_url) + 1,
- &wd.h_url);
- TALER_amount_hton (&wd.wad_fee,
- wad_fee);
- return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_PARTNER_DETAILS,
- &wd,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed by account to drain profits
- * from the escrow account of the donau.
- */
-struct TALER_DrainProfitPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_MASTER_DRAIN_PROFITS
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
- struct TALER_WireTransferIdentifierRawP wtid;
- struct GNUNET_TIME_TimestampNBO date;
- struct TALER_AmountNBO amount;
- struct GNUNET_HashCode h_section;
- struct TALER_PaytoHashP h_payto;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_donau_offline_profit_drain_sign (
- const struct TALER_WireTransferIdentifierRawP *wtid,
- struct GNUNET_TIME_Timestamp date,
- const struct TALER_Amount *amount,
- const char *account_section,
- const char *payto_uri,
- const struct TALER_MasterPrivateKeyP *master_priv,
- struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_DrainProfitPS wd = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DRAIN_PROFIT),
- .purpose.size = htonl (sizeof (wd)),
- .wtid = *wtid,
- .date = GNUNET_TIME_timestamp_hton (date),
- };
-
- GNUNET_CRYPTO_hash (account_section,
- strlen (account_section) + 1,
- &wd.h_section);
- TALER_payto_hash (payto_uri,
- &wd.h_payto);
- TALER_amount_hton (&wd.amount,
- amount);
- GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv,
- &wd,
- &master_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_donau_offline_profit_drain_verify (
- const struct TALER_WireTransferIdentifierRawP *wtid,
- struct GNUNET_TIME_Timestamp date,
- const struct TALER_Amount *amount,
- const char *account_section,
- const char *payto_uri,
- const struct TALER_MasterPublicKeyP *master_pub,
- const struct TALER_MasterSignatureP *master_sig)
-{
- struct TALER_DrainProfitPS wd = {
- .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DRAIN_PROFIT),
- .purpose.size = htonl (sizeof (wd)),
- .wtid = *wtid,
- .date = GNUNET_TIME_timestamp_hton (date),
- };
-
- GNUNET_CRYPTO_hash (account_section,
- strlen (account_section) + 1,
- &wd.h_section);
- TALER_payto_hash (payto_uri,
- &wd.h_payto);
- TALER_amount_hton (&wd.amount,
- amount);
- return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DRAIN_PROFIT,
- &wd,
- &master_sig->eddsa_signature,
- &master_pub->eddsa_pub);
-}
-
-
-/* end of offline_signatures.c */
diff --git a/src/util/os_installation.c b/src/util/os_installation.c
@@ -1,70 +0,0 @@
-/*
- This file is part of GNU Taler.
- Copyright (C) 2016 Taler Systems SA
-
- Taler is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published
- by the Free Software Foundation; either version 3, or (at your
- option) any later version.
-
- Taler is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- CHARITYABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with Taler; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- Boston, MA 02110-1301, USA.
-*/
-/**
- * @file os_installation.c
- * @brief initialize libgnunet OS subsystem for Taler.
- * @author Christian Grothoff
- */
-#include "platform.h"
-#include <gnunet/gnunet_util_lib.h>
-
-
-/**
- * Default project data used for installation path detection
- * for GNU Taler.
- */
-static const struct GNUNET_OS_ProjectData taler_pd = {
- .libname = "libtalerutil",
- .project_dirname = "taler",
- .binary_name = "taler-donau-httpd",
- .env_varname = "TALER_PREFIX",
- .base_config_varname = "TALER_BASE_CONFIG",
- .bug_email = "taler@gnu.org",
- .homepage = "http://www.gnu.org/s/taler/",
- .config_file = "taler.conf",
- .user_config_file = "~/.config/taler.conf",
- .version = PACKAGE_VERSION "-" VCS_VERSION,
- .is_gnu = 1,
- .gettext_domain = "taler",
- .gettext_path = NULL,
-};
-
-
-/**
- * Return default project data used by Taler.
- */
-const struct GNUNET_OS_ProjectData *
-TALER_project_data_default (void)
-{
- return &taler_pd;
-}
-
-
-/**
- * Initialize libtalerutil.
- */
-void __attribute__ ((constructor))
-TALER_OS_init ()
-{
- GNUNET_OS_init (&taler_pd);
-}
-
-
-/* end of os_installation.c */
diff --git a/src/util/paths.conf b/src/util/paths.conf
@@ -1,29 +0,0 @@
-# This file is in the public domain.
-#
-[PATHS]
-# The PATHS section is special, as filenames including $-expression are
-# expanded using the values from PATHS or the system environment (PATHS
-# is checked first). Taler also supports expanding $-expressions using
-# defaults with the syntax "${VAR:-default}". Here, "default" can again
-# be a $-expression.
-#
-# We usually want $HOME for $TALER_HOME, but we allow testcases to
-# easily override this by setting $TALER_TEST_HOME.
-#
-TALER_HOME = ${TALER_TEST_HOME:-${HOME:-${USERPROFILE}}}
-
-# see XDG Base Directory Specification at
-# http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html
-# for how these should be used.
-
-# Persistent data storage
-TALER_DATA_HOME = ${TALER_TEST_HOME:-${XDG_DATA_HOME:-${TALER_HOME}/.local/share/}/.local/share/}taler/
-
-# Configuration files
-TALER_CONFIG_HOME = ${TALER_TEST_HOME:-${XDG_CONFIG_HOME:-${TALER_HOME}/.config/}/.config/}taler/
-
-# Cached data, no big deal if lost
-TALER_CACHE_HOME = ${TALER_TEST_HOME:-${XDG_CACHE_HOME:-${TALER_HOME}/.cache/}/.cache/}taler/
-
-# Runtime data (always lost on system boot)
-TALER_RUNTIME_DIR = ${TMPDIR:-${TMP:-/tmp}}/taler-system-runtime/
diff --git a/src/util/taler-config.c b/src/util/taler-config.c
@@ -1,73 +0,0 @@
-/*
- This file is part of Taler.
- Copyright (C) 2012-2021 Taler Systems SA
-
- Taler is free software: you can redistribute it and/or modify it
- under the terms of the GNU Affero General Public License as published
- by the Free Software Foundation, either version 3 of the License,
- or (at your option) any later version.
-
- Taler is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- CHARITYABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Affero General Public License for more details.
-
- You should have received a copy of the GNU Affero General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-
- SPDX-License-Identifier: AGPL3.0-or-later
- */
-
-/**
- * @file util/taler-config.c
- * @brief tool to access and manipulate Taler configuration files
- * @author Christian Grothoff
- */
-#include "platform.h"
-#include "taler_util_lib.h"
-
-
-/**
- * Program to manipulate configuration files.
- *
- * @param argc number of arguments from the command line
- * @param argv command line arguments
- * @return 0 ok, 1 on error
- */
-int
-main (int argc,
- char *const *argv)
-{
- struct GNUNET_CONFIGURATION_ConfigSettings cs = {
- .api_version = GNUNET_UTIL_VERSION,
- .global_ret = EXIT_SUCCESS
- };
- struct GNUNET_GETOPT_CommandLineOption options[] = {
- GNUNET_GETOPT_OPTION_END
- };
- enum GNUNET_GenericReturnValue ret;
-
- if (GNUNET_OK !=
- GNUNET_STRINGS_get_utf8_args (argc, argv,
- &argc, &argv))
- return EXIT_FAILURE;
- TALER_OS_init ();
- ret = GNUNET_PROGRAM_run (argc,
- argv,
- "taler-config [OPTIONS]",
- gettext_noop (
- "Manipulate Taler configuration files"),
- options,
- &GNUNET_CONFIGURATION_config_tool_run,
- &cs);
- GNUNET_free_nz ((void *) argv);
- GNUNET_CONFIGURATION_config_settings_free (&cs);
- if (GNUNET_NO == ret)
- return 0;
- if (GNUNET_SYSERR == ret)
- return EXIT_INVALIDARGUMENT;
- return cs.global_ret;
-}
-
-
-/* end of taler-config.c */
diff --git a/src/util/taler-config.in b/src/util/taler-config.in
@@ -1,13 +0,0 @@
-#!/usr/bin/env bash
-
-set -eu
-
-if ! type gnunet-config >/dev/null; then
- echo "$0 needs gnunet-config to be installed"
- exit 1
-fi
-
-GC=`which gnunet-config`
-SO=`ls %libdir%/libtalerutil.so.* | sort -n | tail -n1`
-export LD_PRELOAD=${LD_PRELOAD:-}:${SO}
-exec gnunet-config "$@"
diff --git a/src/util/wallet_signatures.c b/src/util/wallet_signatures.c
@@ -1,1843 +0,0 @@
-/*
- This file is part of TALER
- Copyright (C) 2021-2023 Taler Systems SA
-
- TALER is free software; you can redistribute it and/or modify it under the
- terms of the GNU General Public License as published by the Free Software
- Foundation; either version 3, or (at your option) any later version.
-
- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
- WARRANTY; without even the implied warranty of CHARITYABILITY or FITNESS FOR
- A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along with
- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
-*/
-/**
- * @file wallet_signatures.c
- * @brief Utility functions for Taler wallet signatures
- * @author Christian Grothoff
- * @author Özgür Kesim
- */
-#include "platform.h"
-#include "taler_util.h"
-#include "taler_signatures.h"
-#include <gnunet/gnunet_common.h>
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Format used to generate the signature on a request to deposit
- * a coin into the account of a charity.
- */
-struct TALER_DepositRequestPS
-{
- /**
- * Purpose must be #TALER_SIGNATURE_WALLET_COIN_DEPOSIT.
- * Used for an EdDSA signature with the `struct TALER_CoinSpendPublicKeyP`.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Hash over the contract for which this deposit is made.
- */
- struct TALER_PrivateContractHashP h_contract_terms GNUNET_PACKED;
-
- /**
- * Hash over the age commitment that went into the coin. Maybe all zero, if
- * age commitment isn't applicable to the denomination.
- */
- struct TALER_AgeCommitmentHash h_age_commitment GNUNET_PACKED;
-
- /**
- * Hash over optional policy extension attributes shared with the donau.
- */
- struct TALER_ExtensionPolicyHashP h_policy GNUNET_PACKED;
-
- /**
- * Hash over the wiring information of the charity.
- */
- struct TALER_CharityWireHashP h_wire GNUNET_PACKED;
-
- /**
- * Hash over the denomination public key used to sign the coin.
- */
- struct TALER_DenominationHashP h_denom_pub GNUNET_PACKED;
-
- /**
- * Time when this request was generated. Used, for example, to
- * assess when (roughly) the income was achieved for tax purposes.
- * Note that the Donau will only check that the timestamp is not "too
- * far" into the future (i.e. several days). The fact that the
- * timestamp falls within the validity period of the coin's
- * denomination key is irrelevant for the validity of the deposit
- * request, as obviously the donor and charity could conspire to
- * set any timestamp. Also, the Donau must accept very old deposit
- * requests, as the charity might have been unable to transmit the
- * deposit request in a timely fashion (so back-dating is not
- * prevented).
- */
- struct GNUNET_TIME_TimestampNBO wallet_timestamp;
-
- /**
- * How much time does the charity have to issue a refund request?
- * Zero if refunds are not allowed. After this time, the coin
- * cannot be refunded.
- */
- struct GNUNET_TIME_TimestampNBO refund_deadline;
-
- /**
- * Amount to be deposited, including deposit fee charged by the
- * donau. This is the total amount that the coin's value at the donau
- * will be reduced by.
- */
- struct TALER_AmountNBO amount_with_fee;
-
- /**
- * Depositing fee charged by the donau. This must match the Donau's
- * denomination key's depositing fee. If the client puts in an
- * invalid deposit fee (too high or too low) that does not match the
- * Donau's denomination key, the deposit operation is invalid and
- * will be rejected by the donau. The @e amount_with_fee minus the
- * @e deposit_fee is the amount that will be transferred to the
- * account identified by @e h_wire.
- */
- struct TALER_AmountNBO deposit_fee;
-
- /**
- * The Charity's public key. Allows the charity to later refund
- * the transaction or to inquire about the wire transfer identifier.
- */
- struct TALER_CharityPublicKeyP charity;
-
- /**
- * Hash over a JSON containing data provided by the
- * wallet to complete the contract upon payment.
- */
- struct GNUNET_HashCode wallet_data_hash;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-void
-TALER_wallet_deposit_sign (
- const struct TALER_Amount *amount,
- const struct TALER_Amount *deposit_fee,
- const struct TALER_CharityWireHashP *h_wire,
- const struct TALER_PrivateContractHashP *h_contract_terms,
- const struct GNUNET_HashCode *wallet_data_hash,
- const struct TALER_AgeCommitmentHash *h_age_commitment,
- const struct TALER_ExtensionPolicyHashP *h_policy,
- const struct TALER_DenominationHashP *h_denom_pub,
- const struct GNUNET_TIME_Timestamp wallet_timestamp,
- const struct TALER_CharityPublicKeyP *charity_pub,
- const struct GNUNET_TIME_Timestamp refund_deadline,
- const struct TALER_CoinSpendPrivateKeyP *coin_priv,
- struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_DepositRequestPS dr = {
- .purpose.size = htonl (sizeof (dr)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT),
- .h_contract_terms = *h_contract_terms,
- .h_wire = *h_wire,
- .h_denom_pub = *h_denom_pub,
- .wallet_timestamp = GNUNET_TIME_timestamp_hton (wallet_timestamp),
- .refund_deadline = GNUNET_TIME_timestamp_hton (refund_deadline),
- .charity = *charity_pub
- };
-
- if (NULL != wallet_data_hash)
- dr.wallet_data_hash = *wallet_data_hash;
- if (NULL != h_age_commitment)
- dr.h_age_commitment = *h_age_commitment;
- if (NULL != h_policy)
- dr.h_policy = *h_policy;
- TALER_amount_hton (&dr.amount_with_fee,
- amount);
- TALER_amount_hton (&dr.deposit_fee,
- deposit_fee);
- GNUNET_CRYPTO_eddsa_sign (&coin_priv->eddsa_priv,
- &dr,
- &coin_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_deposit_verify (
- const struct TALER_Amount *amount,
- const struct TALER_Amount *deposit_fee,
- const struct TALER_CharityWireHashP *h_wire,
- const struct TALER_PrivateContractHashP *h_contract_terms,
- const struct GNUNET_HashCode *wallet_data_hash,
- const struct TALER_AgeCommitmentHash *h_age_commitment,
- const struct TALER_ExtensionPolicyHashP *h_policy,
- const struct TALER_DenominationHashP *h_denom_pub,
- struct GNUNET_TIME_Timestamp wallet_timestamp,
- const struct TALER_CharityPublicKeyP *charity_pub,
- struct GNUNET_TIME_Timestamp refund_deadline,
- const struct TALER_CoinSpendPublicKeyP *coin_pub,
- const struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_DepositRequestPS dr = {
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT),
- .purpose.size = htonl (sizeof (dr)),
- .h_contract_terms = *h_contract_terms,
- .h_wire = *h_wire,
- .h_denom_pub = *h_denom_pub,
- .wallet_timestamp = GNUNET_TIME_timestamp_hton (wallet_timestamp),
- .refund_deadline = GNUNET_TIME_timestamp_hton (refund_deadline),
- .charity = *charity_pub,
- };
-
- if (NULL != wallet_data_hash)
- dr.wallet_data_hash = *wallet_data_hash;
- if (NULL != h_age_commitment)
- dr.h_age_commitment = *h_age_commitment;
- if (NULL != h_policy)
- dr.h_policy = *h_policy;
- TALER_amount_hton (&dr.amount_with_fee,
- amount);
- TALER_amount_hton (&dr.deposit_fee,
- deposit_fee);
- if (GNUNET_OK !=
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT,
- &dr,
- &coin_sig->eddsa_signature,
- &coin_pub->eddsa_pub))
- {
- GNUNET_break_op (0);
- return GNUNET_SYSERR;
- }
- return GNUNET_OK;
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Format used for to allow the wallet to authenticate
- * link data provided by the donau.
- */
-struct TALER_LinkDataPS
-{
-
- /**
- * Purpose must be #TALER_SIGNATURE_WALLET_COIN_LINK.
- * Used with an EdDSA signature of a `struct TALER_CoinPublicKeyP`.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Hash of the denomination public key of the new coin.
- */
- struct TALER_DenominationHashP h_denom_pub;
-
- /**
- * Transfer public key (for which the private key was not revealed)
- */
- struct TALER_TransferPublicKeyP transfer_pub;
-
- /**
- * Hash of the age commitment, if applicable. Can be all zero
- */
- struct TALER_AgeCommitmentHash h_age_commitment;
-
- /**
- * Hash of the blinded new coin.
- */
- struct TALER_BlindedCoinHashP coin_envelope_hash;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-void
-TALER_wallet_link_sign (const struct TALER_DenominationHashP *h_denom_pub,
- const struct TALER_TransferPublicKeyP *transfer_pub,
- const struct TALER_BlindedCoinHashP *bch,
- const struct TALER_CoinSpendPrivateKeyP *old_coin_priv,
- struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_LinkDataPS ldp = {
- .purpose.size = htonl (sizeof (ldp)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_LINK),
- .h_denom_pub = *h_denom_pub,
- .transfer_pub = *transfer_pub,
- .coin_envelope_hash = *bch
- };
-
- GNUNET_CRYPTO_eddsa_sign (&old_coin_priv->eddsa_priv,
- &ldp,
- &coin_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_link_verify (
- const struct TALER_DenominationHashP *h_denom_pub,
- const struct TALER_TransferPublicKeyP *transfer_pub,
- const struct TALER_BlindedCoinHashP *h_coin_ev,
- const struct TALER_CoinSpendPublicKeyP *old_coin_pub,
- const struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_LinkDataPS ldp = {
- .purpose.size = htonl (sizeof (ldp)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_LINK),
- .h_denom_pub = *h_denom_pub,
- .transfer_pub = *transfer_pub,
- .coin_envelope_hash = *h_coin_ev,
- };
-
- return
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_LINK,
- &ldp,
- &coin_sig->eddsa_signature,
- &old_coin_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Signed data to request that a coin should be refunded as part of
- * the "emergency" /recoup protocol. The refund will go back to the bank
- * account that created the reserve.
- */
-struct TALER_RecoupRequestPS
-{
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_COIN_RECOUP
- * or #TALER_SIGNATURE_WALLET_COIN_RECOUP_REFRESH.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Hash of the (revoked) denomination public key of the coin.
- */
- struct TALER_DenominationHashP h_denom_pub;
-
- /**
- * Blinding factor that was used to withdraw the coin.
- */
- union TALER_DenominationBlindingKeyP coin_blind;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_recoup_verify (
- const struct TALER_DenominationHashP *h_denom_pub,
- const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_CoinSpendPublicKeyP *coin_pub,
- const struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_RecoupRequestPS pr = {
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_RECOUP),
- .purpose.size = htonl (sizeof (pr)),
- .h_denom_pub = *h_denom_pub,
- .coin_blind = *coin_bks
- };
-
- return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_RECOUP,
- &pr,
- &coin_sig->eddsa_signature,
- &coin_pub->eddsa_pub);
-}
-
-
-void
-TALER_wallet_recoup_sign (
- const struct TALER_DenominationHashP *h_denom_pub,
- const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_CoinSpendPrivateKeyP *coin_priv,
- struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_RecoupRequestPS pr = {
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_RECOUP),
- .purpose.size = htonl (sizeof (pr)),
- .h_denom_pub = *h_denom_pub,
- .coin_blind = *coin_bks
- };
-
- GNUNET_CRYPTO_eddsa_sign (&coin_priv->eddsa_priv,
- &pr,
- &coin_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_recoup_refresh_verify (
- const struct TALER_DenominationHashP *h_denom_pub,
- const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_CoinSpendPublicKeyP *coin_pub,
- const struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_RecoupRequestPS pr = {
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_RECOUP_REFRESH),
- .purpose.size = htonl (sizeof (pr)),
- .h_denom_pub = *h_denom_pub,
- .coin_blind = *coin_bks
- };
-
- return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_RECOUP_REFRESH,
- &pr,
- &coin_sig->eddsa_signature,
- &coin_pub->eddsa_pub);
-}
-
-
-void
-TALER_wallet_recoup_refresh_sign (
- const struct TALER_DenominationHashP *h_denom_pub,
- const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_CoinSpendPrivateKeyP *coin_priv,
- struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_RecoupRequestPS pr = {
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_RECOUP_REFRESH),
- .purpose.size = htonl (sizeof (struct TALER_RecoupRequestPS)),
- .h_denom_pub = *h_denom_pub,
- .coin_blind = *coin_bks
- };
-
- GNUNET_CRYPTO_eddsa_sign (&coin_priv->eddsa_priv,
- &pr,
- &coin_sig->eddsa_signature);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Message signed by a coin to indicate that the coin should be
- * melted.
- */
-struct TALER_RefreshMeltCoinAffirmationPS
-{
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_COIN_MELT.
- * Used for an EdDSA signature with the `struct TALER_CoinSpendPublicKeyP`.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Which melt commitment is made by the wallet.
- */
- struct TALER_RefreshCommitmentP rc GNUNET_PACKED;
-
- /**
- * Hash over the denomination public key used to sign the coin.
- */
- struct TALER_DenominationHashP h_denom_pub GNUNET_PACKED;
-
- /**
- * If age commitment was provided during the withdrawal of the coin, this is
- * the hash of the age commitment vector. It must be all zeroes if no age
- * commitment was provided.
- */
- struct TALER_AgeCommitmentHash h_age_commitment GNUNET_PACKED;
-
- /**
- * How much of the value of the coin should be melted? This amount
- * includes the fees, so the final amount contributed to the melt is
- * this value minus the fee for melting the coin. We include the
- * fee in what is being signed so that we can verify a reserve's
- * remaining total balance without needing to access the respective
- * denomination key information each time.
- */
- struct TALER_AmountNBO amount_with_fee;
-
- /**
- * Melting fee charged by the donau. This must match the Donau's
- * denomination key's melting fee. If the client puts in an invalid
- * melting fee (too high or too low) that does not match the Donau's
- * denomination key, the melting operation is invalid and will be
- * rejected by the donau. The @e amount_with_fee minus the @e
- * melt_fee is the amount that will be credited to the melting
- * session.
- */
- struct TALER_AmountNBO melt_fee;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-void
-TALER_wallet_melt_sign (
- const struct TALER_Amount *amount_with_fee,
- const struct TALER_Amount *melt_fee,
- const struct TALER_RefreshCommitmentP *rc,
- const struct TALER_DenominationHashP *h_denom_pub,
- const struct TALER_AgeCommitmentHash *h_age_commitment,
- const struct TALER_CoinSpendPrivateKeyP *coin_priv,
- struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_RefreshMeltCoinAffirmationPS melt = {
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT),
- .purpose.size = htonl (sizeof (melt)),
- .rc = *rc,
- .h_denom_pub = *h_denom_pub,
- .h_age_commitment = {{{0}}},
- };
-
- if (NULL != h_age_commitment)
- melt.h_age_commitment = *h_age_commitment;
-
-
- TALER_amount_hton (&melt.amount_with_fee,
- amount_with_fee);
- TALER_amount_hton (&melt.melt_fee,
- melt_fee);
- GNUNET_CRYPTO_eddsa_sign (&coin_priv->eddsa_priv,
- &melt,
- &coin_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_melt_verify (
- const struct TALER_Amount *amount_with_fee,
- const struct TALER_Amount *melt_fee,
- const struct TALER_RefreshCommitmentP *rc,
- const struct TALER_DenominationHashP *h_denom_pub,
- const struct TALER_AgeCommitmentHash *h_age_commitment,
- const struct TALER_CoinSpendPublicKeyP *coin_pub,
- const struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_RefreshMeltCoinAffirmationPS melt = {
- .purpose.size = htonl (sizeof (melt)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_MELT),
- .rc = *rc,
- .h_denom_pub = *h_denom_pub,
- .h_age_commitment = {{{0}}},
- };
-
- if (NULL != h_age_commitment)
- melt.h_age_commitment = *h_age_commitment;
-
- TALER_amount_hton (&melt.amount_with_fee,
- amount_with_fee);
- TALER_amount_hton (&melt.melt_fee,
- melt_fee);
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_WALLET_COIN_MELT,
- &melt,
- &coin_sig->eddsa_signature,
- &coin_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-
-/**
- * @brief Format used for to generate the signature on a request to withdraw
- * coins from a reserve.
- */
-struct TALER_WithdrawRequestPS
-{
-
- /**
- * Purpose must be #TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW.
- * Used with an EdDSA signature of a `struct TALER_ReservePublicKeyP`.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Value of the coin being donaud (matching the denomination key)
- * plus the transaction fee. We include this in what is being
- * signed so that we can verify a reserve's remaining total balance
- * without needing to access the respective denomination key
- * information each time.
- */
- struct TALER_AmountNBO amount_with_fee;
-
- /**
- * Hash of the denomination public key for the coin that is withdrawn.
- */
- struct TALER_DenominationHashP h_denomination_pub GNUNET_PACKED;
-
- /**
- * Hash of the (blinded) message to be signed by the Donau.
- */
- struct TALER_BlindedCoinHashP h_coin_envelope GNUNET_PACKED;
-};
-
-
-GNUNET_NETWORK_STRUCT_END
-
-void
-TALER_wallet_withdraw_sign (
- const struct TALER_DenominationHashP *h_denom_pub,
- const struct TALER_Amount *amount_with_fee,
- const struct TALER_BlindedCoinHashP *bch,
- const struct TALER_ReservePrivateKeyP *reserve_priv,
- struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_WithdrawRequestPS req = {
- .purpose.size = htonl (sizeof (req)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW),
- .h_denomination_pub = *h_denom_pub,
- .h_coin_envelope = *bch
- };
-
- TALER_amount_hton (&req.amount_with_fee,
- amount_with_fee);
- GNUNET_CRYPTO_eddsa_sign (&reserve_priv->eddsa_priv,
- &req,
- &reserve_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_withdraw_verify (
- const struct TALER_DenominationHashP *h_denom_pub,
- const struct TALER_Amount *amount_with_fee,
- const struct TALER_BlindedCoinHashP *bch,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_WithdrawRequestPS wsrd = {
- .purpose.size = htonl (sizeof (wsrd)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW),
- .h_denomination_pub = *h_denom_pub,
- .h_coin_envelope = *bch
- };
-
- TALER_amount_hton (&wsrd.amount_with_fee,
- amount_with_fee);
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW,
- &wsrd,
- &reserve_sig->eddsa_signature,
- &reserve_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * @brief Format used for to generate the signature on a request to
- * age-withdraw from a reserve.
- */
-struct TALER_AgeWithdrawRequestPS
-{
-
- /**
- * Purpose must be #TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW.
- * Used with an EdDSA signature of a `struct TALER_ReservePublicKeyP`.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * The reserve's public key
- */
- struct TALER_ReservePublicKeyP reserve_pub;
-
- /**
- * Value of the coin being donaud (matching the denomination key)
- * plus the transaction fee. We include this in what is being
- * signed so that we can verify a reserve's remaining total balance
- * without needing to access the respective denomination key
- * information each time.
- */
- struct TALER_AmountNBO amount_with_fee;
-
- /**
- * Running SHA512 hash of the commitment of n*kappa coins
- */
- struct TALER_AgeWithdrawCommitmentHashP h_commitment;
-
- /**
- * The mask that defines the age groups. MUST be the same for all denominations.
- */
- struct TALER_AgeMask mask;
-
- /**
- * Maximum age group that the coins are going to be restricted to.
- */
- uint8_t max_age_group;
-};
-
-
-GNUNET_NETWORK_STRUCT_END
-
-void
-TALER_wallet_age_withdraw_sign (
- const struct TALER_AgeWithdrawCommitmentHashP *h_commitment,
- const struct TALER_Amount *amount_with_fee,
- const struct TALER_AgeMask *mask,
- uint8_t max_age,
- const struct TALER_ReservePrivateKeyP *reserve_priv,
- struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_AgeWithdrawRequestPS req = {
- .purpose.size = htonl (sizeof (req)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_AGE_WITHDRAW),
- .h_commitment = *h_commitment,
- .mask = *mask,
- .max_age_group = TALER_get_age_group (mask, max_age)
- };
-
- GNUNET_CRYPTO_eddsa_key_get_public (&reserve_priv->eddsa_priv,
- &req.reserve_pub.eddsa_pub);
- TALER_amount_hton (&req.amount_with_fee,
- amount_with_fee);
- GNUNET_CRYPTO_eddsa_sign (&reserve_priv->eddsa_priv,
- &req,
- &reserve_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_age_withdraw_verify (
- const struct TALER_AgeWithdrawCommitmentHashP *h_commitment,
- const struct TALER_Amount *amount_with_fee,
- const struct TALER_AgeMask *mask,
- uint8_t max_age,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_AgeWithdrawRequestPS awsrd = {
- .purpose.size = htonl (sizeof (awsrd)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_AGE_WITHDRAW),
- .reserve_pub = *reserve_pub,
- .h_commitment = *h_commitment,
- .mask = *mask,
- .max_age_group = TALER_get_age_group (mask, max_age)
- };
-
- TALER_amount_hton (&awsrd.amount_with_fee,
- amount_with_fee);
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_WALLET_RESERVE_AGE_WITHDRAW,
- &awsrd,
- &reserve_sig->eddsa_signature,
- &reserve_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-
-/**
- * @brief Format used for to generate the signature on a request to withdraw
- * coins from a reserve.
- */
-struct TALER_AccountSetupRequestSignaturePS
-{
-
- /**
- * Purpose must be #TALER_SIGNATURE_WALLET_ACCOUNT_SETUP.
- * Used with an EdDSA signature of a `struct TALER_ReservePublicKeyP`.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Balance threshold the wallet is about to cross.
- */
- struct TALER_AmountNBO threshold;
-
-};
-
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_wallet_account_setup_sign (
- const struct TALER_ReservePrivateKeyP *reserve_priv,
- const struct TALER_Amount *balance_threshold,
- struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_AccountSetupRequestSignaturePS asap = {
- .purpose.size = htonl (sizeof (asap)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_ACCOUNT_SETUP)
- };
-
- TALER_amount_hton (&asap.threshold,
- balance_threshold);
- GNUNET_CRYPTO_eddsa_sign (&reserve_priv->eddsa_priv,
- &asap,
- &reserve_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_account_setup_verify (
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const struct TALER_Amount *balance_threshold,
- const struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_AccountSetupRequestSignaturePS asap = {
- .purpose.size = htonl (sizeof (asap)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_ACCOUNT_SETUP)
- };
-
- TALER_amount_hton (&asap.threshold,
- balance_threshold);
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_WALLET_ACCOUNT_SETUP,
- &asap,
- &reserve_sig->eddsa_signature,
- &reserve_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-
-/**
- * Response by which a wallet requests a full
- * reserve history and indicates it is willing
- * to pay for it.
- */
-struct TALER_ReserveHistoryRequestPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_RESERVE_HISTORY
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * When did the wallet make the request.
- */
- struct GNUNET_TIME_TimestampNBO request_timestamp;
-
- /**
- * How much does the donau charge for the history?
- */
- struct TALER_AmountNBO history_fee;
-
-};
-
-
-GNUNET_NETWORK_STRUCT_END
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_reserve_history_verify (
- const struct GNUNET_TIME_Timestamp ts,
- const struct TALER_Amount *history_fee,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_ReserveHistoryRequestPS rhr = {
- .purpose.size = htonl (sizeof (rhr)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_HISTORY),
- .request_timestamp = GNUNET_TIME_timestamp_hton (ts)
- };
-
- TALER_amount_hton (&rhr.history_fee,
- history_fee);
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_WALLET_RESERVE_HISTORY,
- &rhr,
- &reserve_sig->eddsa_signature,
- &reserve_pub->eddsa_pub);
-}
-
-
-void
-TALER_wallet_reserve_history_sign (
- const struct GNUNET_TIME_Timestamp ts,
- const struct TALER_Amount *history_fee,
- const struct TALER_ReservePrivateKeyP *reserve_priv,
- struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_ReserveHistoryRequestPS rhr = {
- .purpose.size = htonl (sizeof (rhr)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_HISTORY),
- .request_timestamp = GNUNET_TIME_timestamp_hton (ts)
- };
-
- TALER_amount_hton (&rhr.history_fee,
- history_fee);
- GNUNET_CRYPTO_eddsa_sign (&reserve_priv->eddsa_priv,
- &rhr,
- &reserve_sig->eddsa_signature);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Response by which a wallet requests an account status.
- */
-struct TALER_ReserveStatusRequestPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_RESERVE_STATUS
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * When did the wallet make the request.
- */
- struct GNUNET_TIME_TimestampNBO request_timestamp;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_reserve_status_verify (
- const struct GNUNET_TIME_Timestamp ts,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_ReserveStatusRequestPS rsr = {
- .purpose.size = htonl (sizeof (rsr)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_STATUS),
- .request_timestamp = GNUNET_TIME_timestamp_hton (ts)
- };
-
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_WALLET_RESERVE_STATUS,
- &rsr,
- &reserve_sig->eddsa_signature,
- &reserve_pub->eddsa_pub);
-}
-
-
-void
-TALER_wallet_reserve_status_sign (
- const struct GNUNET_TIME_Timestamp ts,
- const struct TALER_ReservePrivateKeyP *reserve_priv,
- struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_ReserveStatusRequestPS rsr = {
- .purpose.size = htonl (sizeof (rsr)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_STATUS),
- .request_timestamp = GNUNET_TIME_timestamp_hton (ts)
- };
-
- GNUNET_CRYPTO_eddsa_sign (&reserve_priv->eddsa_priv,
- &rsr,
- &reserve_sig->eddsa_signature);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed to create a purse (without reserve).
- */
-struct TALER_PurseCreatePS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_PURSE_CREATE
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Time when the purse will expire if still unmerged or unpaid.
- */
- struct GNUNET_TIME_TimestampNBO purse_expiration;
-
- /**
- * Total amount (with fees) to be put into the purse.
- */
- struct TALER_AmountNBO purse_amount;
-
- /**
- * Contract this purse pays for.
- */
- struct TALER_PrivateContractHashP h_contract_terms;
-
- /**
- * Public key identifying the merge capability.
- */
- struct TALER_PurseMergePublicKeyP merge_pub;
-
- /**
- * Minimum age required for payments into this purse.
- */
- uint32_t min_age GNUNET_PACKED;
-
-};
-
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_wallet_purse_create_sign (
- struct GNUNET_TIME_Timestamp purse_expiration,
- const struct TALER_PrivateContractHashP *h_contract_terms,
- const struct TALER_PurseMergePublicKeyP *merge_pub,
- uint32_t min_age,
- const struct TALER_Amount *amount,
- const struct TALER_PurseContractPrivateKeyP *purse_priv,
- struct TALER_PurseContractSignatureP *purse_sig)
-{
- struct TALER_PurseCreatePS pm = {
- .purpose.size = htonl (sizeof (pm)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_CREATE),
- .purse_expiration = GNUNET_TIME_timestamp_hton (purse_expiration),
- .h_contract_terms = *h_contract_terms,
- .merge_pub = *merge_pub,
- .min_age = htonl (min_age)
- };
-
- TALER_amount_hton (&pm.purse_amount,
- amount);
- GNUNET_CRYPTO_eddsa_sign (&purse_priv->eddsa_priv,
- &pm,
- &purse_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_purse_create_verify (
- struct GNUNET_TIME_Timestamp purse_expiration,
- const struct TALER_PrivateContractHashP *h_contract_terms,
- const struct TALER_PurseMergePublicKeyP *merge_pub,
- uint32_t min_age,
- const struct TALER_Amount *amount,
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const struct TALER_PurseContractSignatureP *purse_sig)
-{
- struct TALER_PurseCreatePS pm = {
- .purpose.size = htonl (sizeof (pm)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_CREATE),
- .purse_expiration = GNUNET_TIME_timestamp_hton (purse_expiration),
- .h_contract_terms = *h_contract_terms,
- .merge_pub = *merge_pub,
- .min_age = htonl (min_age)
- };
-
- TALER_amount_hton (&pm.purse_amount,
- amount);
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_WALLET_PURSE_CREATE,
- &pm,
- &purse_sig->eddsa_signature,
- &purse_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed to delete a purse.
- */
-struct TALER_PurseDeletePS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_PURSE_DELETE
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
-};
-
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_wallet_purse_delete_sign (
- const struct TALER_PurseContractPrivateKeyP *purse_priv,
- struct TALER_PurseContractSignatureP *purse_sig)
-{
- struct TALER_PurseDeletePS pm = {
- .purpose.size = htonl (sizeof (pm)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_DELETE)
- };
-
- GNUNET_CRYPTO_eddsa_sign (&purse_priv->eddsa_priv,
- &pm,
- &purse_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_purse_delete_verify (
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const struct TALER_PurseContractSignatureP *purse_sig)
-{
- struct TALER_PurseDeletePS pm = {
- .purpose.size = htonl (sizeof (pm)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_DELETE)
- };
-
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_WALLET_PURSE_DELETE,
- &pm,
- &purse_sig->eddsa_signature,
- &purse_pub->eddsa_pub);
-}
-
-
-void
-TALER_wallet_purse_status_sign (
- const struct TALER_PurseContractPrivateKeyP *purse_priv,
- struct TALER_PurseContractSignatureP *purse_sig)
-{
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose = {
- .size = htonl (sizeof (purpose)),
- .purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_STATUS)
- };
-
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_eddsa_sign_ (&purse_priv->eddsa_priv,
- &purpose,
- &purse_sig->eddsa_signature));
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_purse_status_verify (
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const struct TALER_PurseContractSignatureP *purse_sig)
-{
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose = {
- .size = htonl (sizeof (purpose)),
- .purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_STATUS)
- };
-
- return GNUNET_CRYPTO_eddsa_verify_ (TALER_SIGNATURE_WALLET_PURSE_STATUS,
- &purpose,
- &purse_sig->eddsa_signature,
- &purse_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed to deposit a coin into a purse.
- */
-struct TALER_PurseDepositPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_PURSE_DEPOSIT
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Amount (with deposit fee) to be deposited into the purse.
- */
- struct TALER_AmountNBO coin_amount;
-
- /**
- * Hash over the denomination public key used to sign the coin.
- */
- struct TALER_DenominationHashP h_denom_pub GNUNET_PACKED;
-
- /**
- * Hash over the age commitment that went into the coin. Maybe all zero, if
- * age commitment isn't applicable to the denomination.
- */
- struct TALER_AgeCommitmentHash h_age_commitment GNUNET_PACKED;
-
- /**
- * Purse to deposit funds into.
- */
- struct TALER_PurseContractPublicKeyP purse_pub;
-
- /**
- * Hash of the base URL of the donau hosting the
- * @e purse_pub.
- */
- struct GNUNET_HashCode h_donau_base_url GNUNET_PACKED;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-void
-TALER_wallet_purse_deposit_sign (
- const char *donau_base_url,
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const struct TALER_Amount *amount,
- const struct TALER_DenominationHashP *h_denom_pub,
- const struct TALER_AgeCommitmentHash *h_age_commitment,
- const struct TALER_CoinSpendPrivateKeyP *coin_priv,
- struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_PurseDepositPS pm = {
- .purpose.size = htonl (sizeof (pm)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_DEPOSIT),
- .purse_pub = *purse_pub,
- .h_denom_pub = *h_denom_pub,
- .h_age_commitment = *h_age_commitment
- };
-
- GNUNET_CRYPTO_hash (donau_base_url,
- strlen (donau_base_url) + 1,
- &pm.h_donau_base_url);
- TALER_amount_hton (&pm.coin_amount,
- amount);
- GNUNET_CRYPTO_eddsa_sign (&coin_priv->eddsa_priv,
- &pm,
- &coin_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_purse_deposit_verify (
- const char *donau_base_url,
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const struct TALER_Amount *amount,
- const struct TALER_DenominationHashP *h_denom_pub,
- const struct TALER_AgeCommitmentHash *h_age_commitment,
- const struct TALER_CoinSpendPublicKeyP *coin_pub,
- const struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_PurseDepositPS pm = {
- .purpose.size = htonl (sizeof (pm)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_DEPOSIT),
- .purse_pub = *purse_pub,
- .h_denom_pub = *h_denom_pub,
- .h_age_commitment = *h_age_commitment
- };
-
- GNUNET_CRYPTO_hash (donau_base_url,
- strlen (donau_base_url) + 1,
- &pm.h_donau_base_url);
- TALER_amount_hton (&pm.coin_amount,
- amount);
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_WALLET_PURSE_DEPOSIT,
- &pm,
- &coin_sig->eddsa_signature,
- &coin_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed to merge a purse into a reserve.
- */
-struct TALER_PurseMergePS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_PURSE_MERGE
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Time when the purse is merged into the reserve.
- */
- struct GNUNET_TIME_TimestampNBO merge_timestamp;
-
- /**
- * Which purse is being merged?
- */
- struct TALER_PurseContractPublicKeyP purse_pub;
-
- /**
- * Which reserve should the purse be merged with.
- * Hash of the reserve's payto:// URI.
- */
- struct TALER_PaytoHashP h_payto;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-void
-TALER_wallet_purse_merge_sign (
- const char *reserve_uri,
- struct GNUNET_TIME_Timestamp merge_timestamp,
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const struct TALER_PurseMergePrivateKeyP *merge_priv,
- struct TALER_PurseMergeSignatureP *merge_sig)
-{
- struct TALER_PurseMergePS pm = {
- .purpose.size = htonl (sizeof (pm)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_MERGE),
- .merge_timestamp = GNUNET_TIME_timestamp_hton (merge_timestamp),
- .purse_pub = *purse_pub
- };
-
- GNUNET_assert (0 ==
- strncasecmp (reserve_uri,
- "payto://taler-reserve",
- strlen ("payto://taler-reserve")));
- TALER_payto_hash (reserve_uri,
- &pm.h_payto);
- GNUNET_CRYPTO_eddsa_sign (&merge_priv->eddsa_priv,
- &pm,
- &merge_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_purse_merge_verify (
- const char *reserve_uri,
- struct GNUNET_TIME_Timestamp merge_timestamp,
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const struct TALER_PurseMergePublicKeyP *merge_pub,
- const struct TALER_PurseMergeSignatureP *merge_sig)
-{
- struct TALER_PurseMergePS pm = {
- .purpose.size = htonl (sizeof (pm)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_MERGE),
- .merge_timestamp = GNUNET_TIME_timestamp_hton (merge_timestamp),
- .purse_pub = *purse_pub
- };
-
- if (0 !=
- strncasecmp (reserve_uri,
- "payto://taler-reserve",
- strlen ("payto://taler-reserve")))
- {
- GNUNET_break (0);
- return GNUNET_NO;
- }
- TALER_payto_hash (reserve_uri,
- &pm.h_payto);
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_WALLET_PURSE_MERGE,
- &pm,
- &merge_sig->eddsa_signature,
- &merge_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed by account to merge a purse into a reserve.
- */
-struct TALER_AccountMergePS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_ACCOUNT_MERGE
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Time when the purse will expire if still unmerged or unpaid.
- */
- struct GNUNET_TIME_TimestampNBO purse_expiration;
-
- /**
- * Total amount (with fees) to be put into the purse.
- */
- struct TALER_AmountNBO purse_amount;
-
- /**
- * Purse creation fee to be paid by the reserve for
- * this operation.
- */
- struct TALER_AmountNBO purse_fee;
-
- /**
- * Contract this purse pays for.
- */
- struct TALER_PrivateContractHashP h_contract_terms;
-
- /**
- * Purse to merge.
- */
- struct TALER_PurseContractPublicKeyP purse_pub;
-
- /**
- * Time when the purse is merged into the reserve.
- */
- struct GNUNET_TIME_TimestampNBO merge_timestamp;
-
- /**
- * Minimum age required for payments into this purse,
- * in NBO.
- */
- uint32_t min_age GNUNET_PACKED;
-
- /**
- * Flags for the operation, in NBO. See
- * `enum TALER_WalletAccountMergeFlags`.
- */
- uint32_t flags GNUNET_PACKED;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_wallet_account_merge_sign (
- struct GNUNET_TIME_Timestamp merge_timestamp,
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- struct GNUNET_TIME_Timestamp purse_expiration,
- const struct TALER_PrivateContractHashP *h_contract_terms,
- const struct TALER_Amount *amount,
- const struct TALER_Amount *purse_fee,
- uint32_t min_age,
- enum TALER_WalletAccountMergeFlags flags,
- const struct TALER_ReservePrivateKeyP *reserve_priv,
- struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_AccountMergePS pm = {
- .purpose.size = htonl (sizeof (pm)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_ACCOUNT_MERGE),
- .merge_timestamp = GNUNET_TIME_timestamp_hton (merge_timestamp),
- .purse_pub = *purse_pub,
- .purse_expiration = GNUNET_TIME_timestamp_hton (purse_expiration),
- .h_contract_terms = *h_contract_terms,
- .min_age = htonl (min_age),
- .flags = htonl ((uint32_t) flags)
- };
-
- TALER_amount_hton (&pm.purse_amount,
- amount);
- TALER_amount_hton (&pm.purse_fee,
- purse_fee);
- GNUNET_CRYPTO_eddsa_sign (&reserve_priv->eddsa_priv,
- &pm,
- &reserve_sig->eddsa_signature);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_account_merge_verify (
- struct GNUNET_TIME_Timestamp merge_timestamp,
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- struct GNUNET_TIME_Timestamp purse_expiration,
- const struct TALER_PrivateContractHashP *h_contract_terms,
- const struct TALER_Amount *amount,
- const struct TALER_Amount *purse_fee,
- uint32_t min_age,
- enum TALER_WalletAccountMergeFlags flags,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_AccountMergePS pm = {
- .purpose.size = htonl (sizeof (pm)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_ACCOUNT_MERGE),
- .merge_timestamp = GNUNET_TIME_timestamp_hton (merge_timestamp),
- .purse_pub = *purse_pub,
- .purse_expiration = GNUNET_TIME_timestamp_hton (purse_expiration),
- .h_contract_terms = *h_contract_terms,
- .min_age = htonl (min_age),
- .flags = htonl ((uint32_t) flags)
- };
-
- TALER_amount_hton (&pm.purse_amount,
- amount);
- TALER_amount_hton (&pm.purse_fee,
- purse_fee);
- return GNUNET_CRYPTO_eddsa_verify (
- TALER_SIGNATURE_WALLET_ACCOUNT_MERGE,
- &pm,
- &reserve_sig->eddsa_signature,
- &reserve_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed by reserve key.
- */
-struct TALER_ReserveOpenPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_RESERVE_OPEN
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Amount to be paid from the reserve balance to open
- * the reserve.
- */
- struct TALER_AmountNBO reserve_payment;
-
- /**
- * When was the request created.
- */
- struct GNUNET_TIME_TimestampNBO request_timestamp;
-
- /**
- * For how long should the reserve be kept open.
- * (Determines amount to be paid.)
- */
- struct GNUNET_TIME_TimestampNBO reserve_expiration;
-
- /**
- * How many open purses should be included with the
- * open reserve?
- * (Determines amount to be paid.)
- */
- uint32_t purse_limit GNUNET_PACKED;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_wallet_reserve_open_sign (
- const struct TALER_Amount *reserve_payment,
- struct GNUNET_TIME_Timestamp request_timestamp,
- struct GNUNET_TIME_Timestamp reserve_expiration,
- uint32_t purse_limit,
- const struct TALER_ReservePrivateKeyP *reserve_priv,
- struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_ReserveOpenPS rop = {
- .purpose.size = htonl (sizeof (rop)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_OPEN),
- .request_timestamp = GNUNET_TIME_timestamp_hton (request_timestamp),
- .reserve_expiration = GNUNET_TIME_timestamp_hton (reserve_expiration),
- .purse_limit = htonl (purse_limit)
- };
-
- TALER_amount_hton (&rop.reserve_payment,
- reserve_payment);
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_eddsa_sign_ (&reserve_priv->eddsa_priv,
- &rop.purpose,
- &reserve_sig->eddsa_signature));
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_reserve_open_verify (
- const struct TALER_Amount *reserve_payment,
- struct GNUNET_TIME_Timestamp request_timestamp,
- struct GNUNET_TIME_Timestamp reserve_expiration,
- uint32_t purse_limit,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_ReserveOpenPS rop = {
- .purpose.size = htonl (sizeof (rop)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_OPEN),
- .request_timestamp = GNUNET_TIME_timestamp_hton (request_timestamp),
- .reserve_expiration = GNUNET_TIME_timestamp_hton (reserve_expiration),
- .purse_limit = htonl (purse_limit)
- };
-
- TALER_amount_hton (&rop.reserve_payment,
- reserve_payment);
- return GNUNET_CRYPTO_eddsa_verify_ (TALER_SIGNATURE_WALLET_RESERVE_OPEN,
- &rop.purpose,
- &reserve_sig->eddsa_signature,
- &reserve_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed by
- */
-struct TALER_ReserveOpenDepositPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_RESERVE_OPEN_DEPOSIT
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Which reserve's opening signature should be paid for?
- */
- struct TALER_ReserveSignatureP reserve_sig;
-
- /**
- * Specifies how much of the coin's value should be spent on opening this
- * reserve.
- */
- struct TALER_AmountNBO coin_contribution;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_wallet_reserve_open_deposit_sign (
- const struct TALER_Amount *coin_contribution,
- const struct TALER_ReserveSignatureP *reserve_sig,
- const struct TALER_CoinSpendPrivateKeyP *coin_priv,
- struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_ReserveOpenDepositPS rod = {
- .purpose.size = htonl (sizeof (rod)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_OPEN_DEPOSIT),
- .reserve_sig = *reserve_sig
- };
-
- TALER_amount_hton (&rod.coin_contribution,
- coin_contribution);
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_eddsa_sign_ (&coin_priv->eddsa_priv,
- &rod.purpose,
- &coin_sig->eddsa_signature));
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_reserve_open_deposit_verify (
- const struct TALER_Amount *coin_contribution,
- const struct TALER_ReserveSignatureP *reserve_sig,
- const struct TALER_CoinSpendPublicKeyP *coin_pub,
- const struct TALER_CoinSpendSignatureP *coin_sig)
-{
- struct TALER_ReserveOpenDepositPS rod = {
- .purpose.size = htonl (sizeof (rod)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_OPEN_DEPOSIT),
- .reserve_sig = *reserve_sig
- };
-
- TALER_amount_hton (&rod.coin_contribution,
- coin_contribution);
- return GNUNET_CRYPTO_eddsa_verify_ (
- TALER_SIGNATURE_WALLET_RESERVE_OPEN_DEPOSIT,
- &rod.purpose,
- &coin_sig->eddsa_signature,
- &coin_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed by reserve key.
- */
-struct TALER_ReserveClosePS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_RESERVE_CLOSE
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * When was the request created.
- */
- struct GNUNET_TIME_TimestampNBO request_timestamp;
-
- /**
- * Hash of the payto://-URI of the target account
- * for the closure, or all zeros for the reserve
- * origin account.
- */
- struct TALER_PaytoHashP target_account_h_payto;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_wallet_reserve_close_sign (
- struct GNUNET_TIME_Timestamp request_timestamp,
- const struct TALER_PaytoHashP *h_payto,
- const struct TALER_ReservePrivateKeyP *reserve_priv,
- struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_ReserveClosePS rcp = {
- .purpose.size = htonl (sizeof (rcp)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_CLOSE),
- .request_timestamp = GNUNET_TIME_timestamp_hton (request_timestamp)
- };
-
- if (NULL != h_payto)
- rcp.target_account_h_payto = *h_payto;
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_eddsa_sign_ (&reserve_priv->eddsa_priv,
- &rcp.purpose,
- &reserve_sig->eddsa_signature));
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_reserve_close_verify (
- struct GNUNET_TIME_Timestamp request_timestamp,
- const struct TALER_PaytoHashP *h_payto,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_ReserveClosePS rcp = {
- .purpose.size = htonl (sizeof (rcp)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_CLOSE),
- .request_timestamp = GNUNET_TIME_timestamp_hton (request_timestamp)
- };
-
- if (NULL != h_payto)
- rcp.target_account_h_payto = *h_payto;
- return GNUNET_CRYPTO_eddsa_verify_ (TALER_SIGNATURE_WALLET_RESERVE_CLOSE,
- &rcp.purpose,
- &reserve_sig->eddsa_signature,
- &reserve_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed by reserve private key.
- */
-struct TALER_ReserveAttestRequestPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_ATTEST_REQUEST
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * When was the request created.
- */
- struct GNUNET_TIME_TimestampNBO request_timestamp;
-
- /**
- * Hash over the JSON array of requested attributes.
- */
- struct GNUNET_HashCode h_details;
-
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-
-void
-TALER_wallet_reserve_attest_request_sign (
- struct GNUNET_TIME_Timestamp request_timestamp,
- const json_t *details,
- const struct TALER_ReservePrivateKeyP *reserve_priv,
- struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_ReserveAttestRequestPS rcp = {
- .purpose.size = htonl (sizeof (rcp)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_ATTEST_DETAILS),
- .request_timestamp = GNUNET_TIME_timestamp_hton (request_timestamp)
- };
-
- TALER_json_hash (details,
- &rcp.h_details);
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_eddsa_sign_ (&reserve_priv->eddsa_priv,
- &rcp.purpose,
- &reserve_sig->eddsa_signature));
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_reserve_attest_request_verify (
- struct GNUNET_TIME_Timestamp request_timestamp,
- const json_t *details,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const struct TALER_ReserveSignatureP *reserve_sig)
-{
- struct TALER_ReserveAttestRequestPS rcp = {
- .purpose.size = htonl (sizeof (rcp)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_ATTEST_DETAILS),
- .request_timestamp = GNUNET_TIME_timestamp_hton (request_timestamp)
- };
-
- TALER_json_hash (details,
- &rcp.h_details);
- return GNUNET_CRYPTO_eddsa_verify_ (
- TALER_SIGNATURE_WALLET_RESERVE_ATTEST_DETAILS,
- &rcp.purpose,
- &reserve_sig->eddsa_signature,
- &reserve_pub->eddsa_pub);
-}
-
-
-GNUNET_NETWORK_STRUCT_BEGIN
-
-/**
- * Message signed by purse to associate an encrypted contract.
- */
-struct TALER_PurseContractPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_WALLET_PURSE_ECONTRACT
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Hash over the encrypted contract.
- */
- struct GNUNET_HashCode h_econtract;
-
- /**
- * Public key to decrypt the contract.
- */
- struct TALER_ContractDiffiePublicP contract_pub;
-};
-
-GNUNET_NETWORK_STRUCT_END
-
-void
-TALER_wallet_econtract_upload_sign (
- const void *econtract,
- size_t econtract_size,
- const struct TALER_ContractDiffiePublicP *contract_pub,
- const struct TALER_PurseContractPrivateKeyP *purse_priv,
- struct TALER_PurseContractSignatureP *purse_sig)
-{
- struct TALER_PurseContractPS pc = {
- .purpose.size = htonl (sizeof (pc)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_ECONTRACT),
- .contract_pub = *contract_pub
- };
-
- GNUNET_CRYPTO_hash (econtract,
- econtract_size,
- &pc.h_econtract);
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_eddsa_sign_ (&purse_priv->eddsa_priv,
- &pc.purpose,
- &purse_sig->eddsa_signature));
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_econtract_upload_verify2 (
- const struct GNUNET_HashCode *h_econtract,
- const struct TALER_ContractDiffiePublicP *contract_pub,
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const struct TALER_PurseContractSignatureP *purse_sig)
-{
- struct TALER_PurseContractPS pc = {
- .purpose.size = htonl (sizeof (pc)),
- .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_PURSE_ECONTRACT),
- .contract_pub = *contract_pub,
- .h_econtract = *h_econtract
- };
-
- return GNUNET_CRYPTO_eddsa_verify_ (TALER_SIGNATURE_WALLET_PURSE_ECONTRACT,
- &pc.purpose,
- &purse_sig->eddsa_signature,
- &purse_pub->eddsa_pub);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_wallet_econtract_upload_verify (
- const void *econtract,
- size_t econtract_size,
- const struct TALER_ContractDiffiePublicP *contract_pub,
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const struct TALER_PurseContractSignatureP *purse_sig)
-{
- struct GNUNET_HashCode h_econtract;
-
- GNUNET_CRYPTO_hash (econtract,
- econtract_size,
- &h_econtract);
- return TALER_wallet_econtract_upload_verify2 (&h_econtract,
- contract_pub,
- purse_pub,
- purse_sig);
-}
-
-
-/* end of wallet_signatures.c */
