exchange

Base system with REST service to issue digital coins, run by the payment service provider
Log | Files | Refs | Submodules | README | LICENSE

exchange_api_refresh_common.h (6000B)

      1 /*
      2   This file is part of TALER
      3   Copyright (C) 2015-2022 Taler Systems SA
      4 
      5   TALER is free software; you can redistribute it and/or modify it under the
      6   terms of the GNU General Public License as published by the Free Software
      7   Foundation; either version 3, or (at your option) any later version.
      8 
      9   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
     10   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
     11   A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
     12 
     13   You should have received a copy of the GNU General Public License along with
     14   TALER; see the file COPYING.  If not, see
     15   <http://www.gnu.org/licenses/>
     16 */
     17 /**
     18  * @file lib/exchange_api_refresh_common.h
     19  * @brief shared (serialization) logic for refresh protocol
     20  * @author Christian Grothoff
     21  */
     22 #ifndef REFRESH_COMMON_H
     23 #define REFRESH_COMMON_H
     24 #include <jansson.h>
     25 #include "taler/taler_json_lib.h"
     26 #include "taler/taler_exchange_service.h"
     27 #include "taler/taler_signatures.h"
     28 
     29 
     30 /**
     31  * Information about a coin we are melting.
     32  */
     33 struct MeltedCoin
     34 {
     35   /**
     36    * Private key of the coin.
     37    */
     38   struct TALER_CoinSpendPrivateKeyP coin_priv;
     39 
     40   /**
     41    * Amount this coin contributes to the melt, including fee.
     42    */
     43   struct TALER_Amount melt_amount_with_fee;
     44 
     45   /**
     46    * The applicable fee for melting a coin of this denomination
     47    */
     48   struct TALER_Amount fee_melt;
     49 
     50   /**
     51    * The original value of the coin.
     52    */
     53   struct TALER_Amount original_value;
     54 
     55   /**
     56    * The original age commitment, its proof and its hash.  MUST be NULL if no
     57    * age commitment was set.
     58    */
     59   const struct TALER_AgeCommitmentProof *age_commitment_proof;
     60   const struct TALER_AgeCommitmentHashP *h_age_commitment;
     61 
     62   /**
     63    * Timestamp indicating when coins of this denomination become invalid.
     64    */
     65   struct GNUNET_TIME_Timestamp expire_deposit;
     66 
     67   /**
     68    * Denomination key of the original coin.
     69    */
     70   struct TALER_DenominationPublicKey pub_key;
     71 
     72   /**
     73    * Exchange's signature over the coin.
     74    */
     75   struct TALER_DenominationSignature sig;
     76 
     77 };
     78 
     79 
     80 /**
     81  * Data we keep for each fresh coin created in the
     82  * melt process.
     83  */
     84 struct FreshCoinData
     85 {
     86   /**
     87    * Denomination public key of the coin.
     88    */
     89   struct TALER_DenominationPublicKey fresh_pk;
     90 
     91   /**
     92    * Array of planchet secrets for the coins, depending
     93    * on the cut-and-choose.
     94    */
     95   struct TALER_PlanchetMasterSecretP ps[TALER_CNC_KAPPA];
     96 
     97   /**
     98    * Private key of the coin.
     99    */
    100   struct TALER_CoinSpendPrivateKeyP coin_priv;
    101 
    102   /**
    103    * Arrays of age commitments and proofs to be created, one for each
    104    * cut-and-choose dimension.  NULL if age restriction is not applicable.
    105    */
    106   struct TALER_AgeCommitmentProof *age_commitment_proofs[TALER_CNC_KAPPA];
    107 
    108   /**
    109    * Blinding key secrets for the coins, depending on the
    110    * cut-and-choose.
    111    */
    112   union GNUNET_CRYPTO_BlindingSecretP bks[TALER_CNC_KAPPA];
    113 
    114 };
    115 
    116 
    117 /**
    118  * Melt data in non-serialized format for convenient processing.
    119  */
    120 struct MeltData_v27
    121 {
    122 
    123   /**
    124    * Hash over the committed data during refresh operation.
    125    */
    126   struct TALER_RefreshCommitmentP rc;
    127 
    128   /**
    129    * Information about the melted coin.
    130    */
    131   struct MeltedCoin melted_coin;
    132 
    133   /**
    134    * Number of coins we are creating
    135    */
    136   uint16_t num_fresh_coins;
    137 
    138   /**
    139    * If true, no blinding seed is used in the melt request
    140    */
    141   bool no_blinding_seed;
    142 
    143   /**
    144    * The seed for blinding, derived from the refresh master secret;
    145    */
    146   struct TALER_BlindingMasterSeedP blinding_seed;
    147 
    148   /**
    149    * The master seed from which we derive the kappa nonces for
    150    * for signing with the @e melted_coin.
    151    * The seed itself is derived from the refresh master secret;
    152    */
    153   struct TALER_PublicRefreshMasterSeedP refresh_seed;
    154 
    155   /**
    156    * The tuple of kappa nonces which we sign with the melted coin.
    157    * From those signatures, all the planchet seeds are derived from.
    158    */
    159   struct TALER_KappaPublicRefreshNoncesP kappa_nonces;
    160 
    161   /**
    162    * The tuple of kappa signatures of the @e kappa_nonces, signed
    163    * by the @e melted_coin, from which we derive all
    164    * kappa * @e num_fresh_coins planchet secrets.
    165    */
    166   struct TALER_PrivateRefreshNonceSignatureP signatures[TALER_CNC_KAPPA];
    167 
    168   /**
    169    * Array of length @e num_fresh_coins with information
    170    * about each fresh coin.
    171    */
    172   struct FreshCoinData *fcds;
    173 
    174   /**
    175    * Array of @e num_fresh_coins denominations of the fresh coins.
    176    */
    177   const struct TALER_DenominationPublicKey **denom_pubs;
    178 
    179   /**
    180    * Array of @e num_fresh_coins of hashes of the public key of the denominations.
    181    */
    182   struct TALER_DenominationHashP  *denoms_h;
    183 
    184   /**
    185    * Blinded planchets of the fresh coins, depending on the cut-and-choose.
    186    * Array of length @e num_fresh_coins.
    187    */
    188   struct TALER_BlindedPlanchet *kappa_blinded_planchets[TALER_CNC_KAPPA];
    189 };
    190 
    191 /**
    192  * Compute the melt data from the refresh data and secret
    193  * for v27 of the protocol.
    194  *
    195  * @param rms secret internals of the refresh-reveal operation
    196  * @param rd refresh data with the characteristics of the operation
    197  * @param blinding_seed seed for blinding in case of CS denominations, can be NULL
    198  * @param alg_values contributions from the exchange into the melt
    199  * @param[out] md where to write the derived melt data
    200  */
    201 enum GNUNET_GenericReturnValue
    202 TALER_EXCHANGE_get_melt_data_v27 (
    203   const struct TALER_RefreshMasterSecretP *rms,
    204   const struct TALER_EXCHANGE_MeltInput *rd,
    205   const struct TALER_BlindingMasterSeedP *blinding_seed,
    206   const struct TALER_ExchangeBlindingValues *alg_values,
    207   struct MeltData_v27 *md);
    208 
    209 /**
    210  * Free all information associated with a melting session.  Note
    211  * that we allow the melting session to be only partially initialized,
    212  * as we use this function also when freeing melt data that was not
    213  * fully initialized.
    214  *
    215  * @param[in] md melting data to release, the pointer itself is NOT
    216  *           freed (as it is typically not allocated by itself)
    217  */
    218 void
    219 TALER_EXCHANGE_free_melt_data_v27 (struct MeltData_v27 *md);
    220 
    221 #endif