commit 3285288e9e6a467cab4a0065609b2971295ac98d
parent fffcb95dd919aeb082e04b3b4abc94aaeb81ee59
Author: Florian Dold <florian@dold.me>
Date: Sun, 23 Feb 2025 10:20:25 +0100
prepare for AMLO attribute insertion
Diffstat:
7 files changed, 118 insertions(+), 2 deletions(-)
diff --git a/src/exchange/taler-exchange-httpd_aml-decision.c b/src/exchange/taler-exchange-httpd_aml-decision.c
@@ -372,6 +372,10 @@ TEH_handler_post_aml_decision (
&officer_sig,
num_events,
sevents,
+ 0, /* enc_attributes_size*/
+ NULL, /* enc_attributes*/
+ NULL, /* attributes_hash */
+ NULL, /* attributes_expiration_time */
&invalid_officer,
&unknown_account,
&last_date,
diff --git a/src/exchange/taler-exchange-httpd_common_kyc.c b/src/exchange/taler-exchange-httpd_common_kyc.c
@@ -676,6 +676,10 @@ handle_aml_fallback_result (
NULL, /* decider_sig */
apr->details.success.num_events,
apr->details.success.events,
+ 0, /* enc_attributes_size*/
+ NULL, /* enc_attributes*/
+ NULL, /* attributes_hash */
+ NULL, /* attributes_expiration_time */
&invalid_officer,
&unknown_account,
&last_date,
diff --git a/src/exchangedb/exchange_do_insert_aml_decision.sql b/src/exchangedb/exchange_do_insert_aml_decision.sql
@@ -22,6 +22,9 @@ CREATE FUNCTION exchange_do_insert_aml_decision(
IN in_decision_time INT8,
IN in_expiration_time INT8,
IN in_properties TEXT, -- can be NULL
+ IN in_kyc_attributes_enc BYTEA, -- can be NULL
+ IN in_kyc_attributes_hash BYTEA, -- can be NULL
+ IN in_kyc_attributes_expiration INT8, -- can be NULL
IN in_new_rules TEXT,
IN in_to_investigate BOOLEAN,
IN in_new_measure_name TEXT, -- can be NULL
@@ -39,6 +42,8 @@ LANGUAGE plpgsql
AS $$
DECLARE
my_outcome_serial_id INT8;
+ my_legitimization_process_serial_id INT8;
+ my_kyc_attributes_serial_id INT8;
my_access_token BYTEA;
my_i INT4;
ini_event TEXT;
@@ -188,6 +193,53 @@ INSERT INTO legitimization_outcomes
INTO
my_outcome_serial_id;
+IF in_kyc_attributes_enc IS NOT NULL
+THEN
+ IF in_kyc_attributes_hash IS NULL OR in_kyc_attributes_expiration IS NULL
+ THEN
+ RAISE EXCEPTION 'Got in_kyc_attributes_hash without hash or expiration.';
+ END IF;
+ IF in_decider_pub IS NULL
+ THEN
+ RAISE EXCEPTION 'Got in_kyc_attributes_hash without in_decider_pub.';
+ END IF;
+ -- Simulate a legi process for attribute insertion by AML Officer
+ INSERT INTO legitimization_processes
+ (h_payto
+ ,start_time
+ ,expiration_time
+ ,provider_name
+ ,provider_user_id
+ ,finished
+ ) VALUES
+ (in_h_normalized_payto
+ ,in_decision_time
+ -- Process starts and finishes instantly
+ ,in_decision_time
+ ,'aml-officer'
+ ,in_decider_pub
+ ,TRUE
+ )
+ RETURNING legitimization_process_serial_id
+ INTO my_legitimization_process_serial_id;
+ -- Now we can insert the attribute!
+ INSERT INTO kyc_attributes
+ (h_payto
+ ,collection_time
+ ,expiration_time
+ ,encrypted_attributes
+ ,legitimization_serial
+ ) VALUES
+ (in_h_normalized_payto
+ ,in_decision_time
+ ,in_kyc_attributes_expiration
+ ,in_kyc_attributes_enc
+ ,my_legitimization_process_serial_id
+ )
+ RETURNING kyc_attributes_serial_id
+ INTO my_kyc_attributes_serial_id;
+END IF;
+
IF in_decider_pub IS NOT NULL
THEN
INSERT INTO aml_history
@@ -196,12 +248,16 @@ THEN
,justification
,decider_pub
,decider_sig
+ ,kyc_attributes_hash
+ ,kyc_attributes_serial_id
) VALUES
(in_h_normalized_payto
,my_outcome_serial_id
,in_justification
,in_decider_pub
,in_decider_sig
+ ,in_kyc_attributes_hash
+ ,my_kyc_attributes_serial_id
);
END IF;
@@ -233,5 +289,5 @@ EXECUTE FORMAT (
END $$;
-COMMENT ON FUNCTION exchange_do_insert_aml_decision(TEXT, BYTEA, BYTEA, INT8, INT8, TEXT, TEXT, BOOLEAN, TEXT, TEXT, TEXT, BYTEA, BYTEA, TEXT, TEXT[])
+COMMENT ON FUNCTION exchange_do_insert_aml_decision(TEXT, BYTEA, BYTEA, INT8, INT8, TEXT, BYTEA, BYTEA, INT8, TEXT, BOOLEAN, TEXT, TEXT, TEXT, BYTEA, BYTEA, TEXT, TEXT[])
IS 'Checks whether the AML officer is eligible to make AML decisions and if so inserts the decision into the table';
diff --git a/src/exchangedb/exchangedb_aml.c b/src/exchangedb/exchangedb_aml.c
@@ -91,6 +91,10 @@ TALER_EXCHANGEDB_persist_aml_program_result (
NULL, /* decider_sig */
apr->details.success.num_events,
apr->details.success.events,
+ 0, /* enc_attributes_size*/
+ NULL, /* enc_attributes*/
+ NULL, /* attributes_hash */
+ NULL, /* attributes_expiration_time */
&invalid_officer,
&unknown_account,
&last_date,
diff --git a/src/exchangedb/pg_insert_aml_decision.c b/src/exchangedb/pg_insert_aml_decision.c
@@ -44,6 +44,10 @@ TEH_PG_insert_aml_decision (
const struct TALER_AmlOfficerSignatureP *decider_sig,
size_t num_events,
const char *events[static num_events],
+ size_t enc_attributes_size,
+ const void *enc_attributes,
+ struct GNUNET_HashCode *attributes_hash,
+ struct GNUNET_TIME_Timestamp *attributes_expiration_time,
bool *invalid_officer,
bool *unknown_account,
struct GNUNET_TIME_Timestamp *last_date,
@@ -59,36 +63,64 @@ TEH_PG_insert_aml_decision (
char *notify_s
= GNUNET_PQ_get_event_notify_channel (&rep.header);
struct GNUNET_PQ_QueryParam params[] = {
+ /* $1: in_payto_uri */
NULL == payto_uri.full_payto
? GNUNET_PQ_query_param_null ()
: GNUNET_PQ_query_param_string (payto_uri.full_payto),
+ /* $2: in_h_normalized_payto */
GNUNET_PQ_query_param_auto_from_type (h_payto),
+ /* $3: in_h_full_payto */
NULL == payto_uri.full_payto
? GNUNET_PQ_query_param_null ()
: GNUNET_PQ_query_param_auto_from_type (&h_full_payto),
+ /* $4: in_decision_time */
GNUNET_PQ_query_param_timestamp (&decision_time),
+ /* $5: in_expiration_time*/
GNUNET_PQ_query_param_timestamp (&expiration_time),
+ /* $6: in_properties */
NULL != properties
? TALER_PQ_query_param_json (properties)
: GNUNET_PQ_query_param_null (),
+ /* $7: in_kyc_attributes_enc */
+ NULL != enc_attributes
+ ? GNUNET_PQ_query_param_fixed_size (enc_attributes,
+ enc_attributes_size)
+ : GNUNET_PQ_query_param_null (),
+ /* $8: in_kyc_attributes_hash */
+ NULL != attributes_hash
+ ? GNUNET_PQ_query_param_auto_from_type (attributes_hash)
+ : GNUNET_PQ_query_param_null (),
+ /* $9: in_kyc_attributes_expiration */
+ NULL != attributes_expiration_time
+ ? GNUNET_PQ_query_param_timestamp (attributes_expiration_time)
+ : GNUNET_PQ_query_param_null (),
+ /* $10: in_new_rules */
TALER_PQ_query_param_json (new_rules),
+ /* $11: in_to_investigate */
GNUNET_PQ_query_param_bool (to_investigate),
+ /* $12: in_new_measure_name */
NULL != new_measure_name
? GNUNET_PQ_query_param_string (new_measure_name)
: GNUNET_PQ_query_param_null (),
+ /* $13: in_jmeasures */
NULL != jmeasures
? TALER_PQ_query_param_json (jmeasures)
: GNUNET_PQ_query_param_null (),
+ /* $14: in_justification */
NULL != justification
? GNUNET_PQ_query_param_string (justification)
: GNUNET_PQ_query_param_null (),
+ /* $15: in_decider_pub */
NULL != decider_pub
? GNUNET_PQ_query_param_auto_from_type (decider_pub)
: GNUNET_PQ_query_param_null (),
+ /* $16: in_decider_sig */
NULL != decider_sig
? GNUNET_PQ_query_param_auto_from_type (decider_sig)
: GNUNET_PQ_query_param_null (),
+ /* $17: in_notify_s*/
GNUNET_PQ_query_param_string (notify_s),
+ /* $18: ina_events */
GNUNET_PQ_query_param_array_ptrs_string (num_events,
events,
pg->conn),
@@ -125,7 +157,7 @@ TEH_PG_insert_aml_decision (
",out_last_date"
",out_legitimization_measure_serial_id"
" FROM exchange_do_insert_aml_decision"
- "($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15);");
+ "($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18);");
qs = GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
"do_insert_aml_decision",
params,
diff --git a/src/exchangedb/pg_insert_aml_decision.h b/src/exchangedb/pg_insert_aml_decision.h
@@ -47,6 +47,10 @@
* @param decider_sig signature of the staff member
* @param num_events length of the @a events array
* @param events array of events to trigger
+ * @param enc_attributes_size number of bytes in @a enc_attributes
+ * @param enc_attributes encrypted attribute data
+ * @param attributes_hash hash of the unencrypted attribute data
+ * @param attributes_expiration_time when does the attribute data expire
* @param[out] invalid_officer set to TRUE if @a decider_pub is not allowed to make decisions right now
* @param[out] unknown_account set to TRUE if @a h_payto does not refer to a known account and @a jmeasures was given
* @param[out] last_date set to the previous decision time;
@@ -72,6 +76,10 @@ TEH_PG_insert_aml_decision (
const struct TALER_AmlOfficerSignatureP *decider_sig,
size_t num_events,
const char *events[static num_events],
+ size_t enc_attributes_size,
+ const void *enc_attributes,
+ struct GNUNET_HashCode *attributes_hash,
+ struct GNUNET_TIME_Timestamp *attributes_expiration_time,
bool *invalid_officer,
bool *unknown_account,
struct GNUNET_TIME_Timestamp *last_date,
diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h
@@ -7792,6 +7792,10 @@ struct TALER_EXCHANGEDB_Plugin
* @param decider_sig signature of the staff member
* @param num_events length of the @a events array
* @param events array of events to trigger
+ * @param enc_attributes_size number of bytes in @a enc_attributes
+ * @param enc_attributes encrypted attribute data
+ * @param attributes_hash hash of the unencrypted attribute data
+ * @param attributes_expiration_time when does the attribute data expire
* @param[out] invalid_officer set to TRUE if @a decider_pub is not allowed to make decisions right now
* @param[out] unknown_account set to TRUE if @a h_payto does not refer to a known account and @a jmeasures was given
* @param[out] last_date set to the previous decision time;
@@ -7817,6 +7821,10 @@ struct TALER_EXCHANGEDB_Plugin
const struct TALER_AmlOfficerSignatureP *decider_sig,
size_t num_events,
const char *events[static num_events],
+ size_t enc_attributes_size,
+ const void *enc_attributes,
+ struct GNUNET_HashCode *attributes_hash,
+ struct GNUNET_TIME_Timestamp *attributes_expiration_time,
bool *invalid_officer,
bool *unknown_account,
struct GNUNET_TIME_Timestamp *last_date,
