exchange

Base system with REST service to issue digital coins, run by the payment service provider
Log | Files | Refs | Submodules | README | LICENSE

aml_signatures.c (6336B)

      1 /*
      2   This file is part of TALER
      3   Copyright (C) 2023 Taler Systems SA
      4 
      5   TALER is free software; you can redistribute it and/or modify it under the
      6   terms of the GNU General Public License as published by the Free Software
      7   Foundation; either version 3, or (at your option) any later version.
      8 
      9   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
     10   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
     11   A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
     12 
     13   You should have received a copy of the GNU General Public License along with
     14   TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
     15 */
     16 /**
     17  * @file aml_signatures.c
     18  * @brief Utility functions for AML officers
     19  * @author Christian Grothoff
     20  */
     21 #include "taler/platform.h"
     22 #include "taler/taler_util.h"
     23 #include "taler/taler_signatures.h"
     24 
     25 
     26 GNUNET_NETWORK_STRUCT_BEGIN
     27 
     28 /**
     29  * @brief Format used to generate the signature on an AML decision.
     30  */
     31 struct TALER_AmlDecisionPS
     32 {
     33   /**
     34    * Purpose must be #TALER_SIGNATURE_AML_DECISION.
     35    * Used for an EdDSA signature with the `struct TALER_AmlOfficerPublicKeyP`.
     36    */
     37   struct GNUNET_CRYPTO_SignaturePurpose purpose;
     38 
     39   /**
     40    * Time when this decision was made.
     41    */
     42   struct GNUNET_TIME_TimestampNBO decision_time;
     43 
     44   /**
     45    * Time when attributes expire, if any.
     46    */
     47   struct GNUNET_TIME_TimestampNBO attributes_expiration_time;
     48 
     49   /**
     50    * Hash of the account identifier to which the decision applies.
     51    */
     52   struct TALER_NormalizedPaytoHashP h_payto GNUNET_PACKED;
     53 
     54   /**
     55    * Hash over the justification text.
     56    */
     57   struct GNUNET_HashCode h_justification GNUNET_PACKED;
     58 
     59   /**
     60    * Hash over the justification text.
     61    */
     62   struct GNUNET_HashCode h_properties GNUNET_PACKED;
     63 
     64   /**
     65    * Hash over JSON object with new KYC rules.
     66    */
     67   struct GNUNET_HashCode h_new_rules;
     68 
     69   /**
     70    * Hash over string with new check.
     71    */
     72   struct GNUNET_HashCode h_new_measure;
     73 
     74   /**
     75    * Hash over new attributes, all zeroes
     76    * if no attributes are being set.
     77    */
     78   struct GNUNET_HashCode h_attributes;
     79 
     80   /**
     81    * 0: no investigation, 1: yes investigation.
     82    */
     83   uint64_t flags;
     84 };
     85 
     86 GNUNET_NETWORK_STRUCT_END
     87 
     88 void
     89 TALER_officer_aml_decision_sign (
     90   const char *justification,
     91   struct GNUNET_TIME_Timestamp decision_time,
     92   const struct TALER_NormalizedPaytoHashP *h_payto,
     93   const json_t *new_rules,
     94   const json_t *properties,
     95   const char *new_measure,
     96   bool to_investigate,
     97   const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
     98   struct TALER_AmlOfficerSignatureP *officer_sig)
     99 {
    100   struct TALER_AmlDecisionPS ad = {
    101     .purpose.purpose = htonl (TALER_SIGNATURE_AML_DECISION),
    102     .purpose.size = htonl (sizeof (ad)),
    103     .decision_time = GNUNET_TIME_timestamp_hton (decision_time),
    104     .h_payto = *h_payto,
    105     .flags = GNUNET_htonll (to_investigate ? 1 : 0)
    106   };
    107 
    108   GNUNET_CRYPTO_hash (justification,
    109                       strlen (justification),
    110                       &ad.h_justification);
    111   if (NULL != properties)
    112     TALER_json_hash (properties,
    113                      &ad.h_properties);
    114   TALER_json_hash (new_rules,
    115                    &ad.h_new_rules);
    116   if (NULL != new_measure)
    117     GNUNET_CRYPTO_hash (new_measure,
    118                         strlen (new_measure),
    119                         &ad.h_new_measure);
    120   GNUNET_CRYPTO_eddsa_sign (&officer_priv->eddsa_priv,
    121                             &ad,
    122                             &officer_sig->eddsa_signature);
    123 }
    124 
    125 
    126 enum GNUNET_GenericReturnValue
    127 TALER_officer_aml_decision_verify (
    128   const char *justification,
    129   struct GNUNET_TIME_Timestamp decision_time,
    130   const struct TALER_NormalizedPaytoHashP *h_payto,
    131   const json_t *new_rules,
    132   const json_t *properties,
    133   const char *new_measures,
    134   bool to_investigate,
    135   const struct TALER_AmlOfficerPublicKeyP *officer_pub,
    136   const struct TALER_AmlOfficerSignatureP *officer_sig,
    137   struct GNUNET_TIME_Timestamp attributes_expiration,
    138   const json_t *attributes)
    139 {
    140   struct TALER_AmlDecisionPS ad = {
    141     .purpose.purpose = htonl (TALER_SIGNATURE_AML_DECISION),
    142     .purpose.size = htonl (sizeof (ad)),
    143     .decision_time = GNUNET_TIME_timestamp_hton (decision_time),
    144     .attributes_expiration_time = GNUNET_TIME_timestamp_hton (
    145       attributes_expiration),
    146     .h_payto = *h_payto,
    147     .flags = GNUNET_htonll (to_investigate ? 1 : 0)
    148   };
    149 
    150   GNUNET_CRYPTO_hash (justification,
    151                       strlen (justification),
    152                       &ad.h_justification);
    153   if (NULL != properties)
    154     TALER_json_hash (properties,
    155                      &ad.h_properties);
    156   TALER_json_hash (new_rules,
    157                    &ad.h_new_rules);
    158   if (NULL != new_measures)
    159     GNUNET_CRYPTO_hash (new_measures,
    160                         strlen (new_measures),
    161                         &ad.h_new_measure);
    162   if (NULL != attributes)
    163     TALER_json_hash (attributes,
    164                      &ad.h_attributes);
    165   return GNUNET_CRYPTO_eddsa_verify (
    166     TALER_SIGNATURE_AML_DECISION,
    167     &ad,
    168     &officer_sig->eddsa_signature,
    169     &officer_pub->eddsa_pub);
    170 }
    171 
    172 
    173 GNUNET_NETWORK_STRUCT_BEGIN
    174 
    175 /**
    176  * @brief Format used to generate the signature on any AML query.
    177  */
    178 struct TALER_AmlQueryPS
    179 {
    180   /**
    181    * Purpose must be #TALER_SIGNATURE_AML_QUERY.
    182    * Used for an EdDSA signature with the `struct TALER_AmlOfficerPublicKeyP`.
    183    */
    184   struct GNUNET_CRYPTO_SignaturePurpose purpose;
    185 
    186 };
    187 
    188 GNUNET_NETWORK_STRUCT_END
    189 
    190 
    191 void
    192 TALER_officer_aml_query_sign (
    193   const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
    194   struct TALER_AmlOfficerSignatureP *officer_sig)
    195 {
    196   struct TALER_AmlQueryPS aq = {
    197     .purpose.purpose = htonl (TALER_SIGNATURE_AML_QUERY),
    198     .purpose.size = htonl (sizeof (aq))
    199   };
    200 
    201   GNUNET_CRYPTO_eddsa_sign (&officer_priv->eddsa_priv,
    202                             &aq,
    203                             &officer_sig->eddsa_signature);
    204 }
    205 
    206 
    207 enum GNUNET_GenericReturnValue
    208 TALER_officer_aml_query_verify (
    209   const struct TALER_AmlOfficerPublicKeyP *officer_pub,
    210   const struct TALER_AmlOfficerSignatureP *officer_sig)
    211 {
    212   struct TALER_AmlQueryPS aq = {
    213     .purpose.purpose = htonl (TALER_SIGNATURE_AML_QUERY),
    214     .purpose.size = htonl (sizeof (aq))
    215   };
    216 
    217   return GNUNET_CRYPTO_eddsa_verify (
    218     TALER_SIGNATURE_AML_QUERY,
    219     &aq,
    220     &officer_sig->eddsa_signature,
    221     &officer_pub->eddsa_pub);
    222 }
    223 
    224 
    225 /* end of aml_signatures.c */