diff options
| author | Özgür Kesim <oec-taler@kesim.org> | 2023-06-26 00:01:31 +0200 | 
|---|---|---|
| committer | Özgür Kesim <oec-taler@kesim.org> | 2023-06-26 00:01:31 +0200 | 
| commit | ddedf03a816e5139b235a3ebdf5b600508c5ed5f (patch) | |
| tree | a65179048fc764ec82ddf645a8982186b0157448 /src/include | |
| parent | 70bfe0ed1b9a5dbb6cc487465ef3c3df4cdb0436 (diff) | |
[age-withdraw] age-withdraw commit- and reveal-handlers  implemented, 12/n
The handlers for the commit- and reveal-phases of the age-withdraw
HTTP-endpoints are implemented, yet not active.
Still missing:
- support for age-withdraw is missing in lib/.
- tests
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/taler_crypto_lib.h | 12 | ||||
| -rw-r--r-- | src/include/taler_exchangedb_plugin.h | 161 | ||||
| -rw-r--r-- | src/include/taler_util.h | 24 | 
3 files changed, 109 insertions, 88 deletions
| diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index ea53c2fc..3af5d326 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -3728,7 +3728,8 @@ TALER_wallet_withdraw_verify (   *   * @param h_commitment hash all n*kappa blinded coins in the commitment for the age-withdraw   * @param amount_with_fee amount to debit the reserve for - * @param max_age_group maximum age group that the withdrawn coins must be restricted to + * @param mask the mask that defines the age groups + * @param max_age maximum age from which the age group is derived, that the withdrawn coins must be restricted to.   * @param reserve_priv private key to sign with   * @param[out] reserve_sig resulting signature   */ @@ -3736,7 +3737,8 @@ void  TALER_wallet_age_withdraw_sign (    const struct TALER_AgeWithdrawCommitmentHashP *h_commitment,    const struct TALER_Amount *amount_with_fee, -  uint32_t max_age_group, +  const struct TALER_AgeMask *mask, +  uint8_t max_age,    const struct TALER_ReservePrivateKeyP *reserve_priv,    struct TALER_ReserveSignatureP *reserve_sig); @@ -3745,7 +3747,8 @@ TALER_wallet_age_withdraw_sign (   *   * @param h_commitment hash all n*kappa blinded coins in the commitment for the age-withdraw   * @param amount_with_fee amount to debit the reserve for - * @param max_age_group maximum age group that the withdrawn coins must be restricted to + * @param mask the mask that defines the age groups + * @param max_age maximum age from which the age group is derived, that the withdrawn coins must be restricted to.   * @param reserve_pub public key of the reserve   * @param reserve_sig resulting signature   * @return #GNUNET_OK if the signature is valid @@ -3754,7 +3757,8 @@ enum GNUNET_GenericReturnValue  TALER_wallet_age_withdraw_verify (    const struct TALER_AgeWithdrawCommitmentHashP *h_commitment,    const struct TALER_Amount *amount_with_fee, -  uint32_t max_age_group, +  const struct TALER_AgeMask *mask, +  uint8_t max_age,    const struct TALER_ReservePublicKeyP *reserve_pub,    const struct TALER_ReserveSignatureP *reserve_sig); diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 5404f0b1..16935907 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -301,8 +301,7 @@ enum TALER_EXCHANGEDB_ReplicatedTable    TALER_EXCHANGEDB_RT_AML_HISTORY,    TALER_EXCHANGEDB_RT_KYC_ATTRIBUTES,    TALER_EXCHANGEDB_RT_PURSE_DELETION, -  TALER_EXCHANGEDB_RT_WITHDRAW_AGE_COMMITMENTS, -  TALER_EXCHANGEDB_RT_WITHDRAW_AGE_REVEALED_COINS, +  TALER_EXCHANGEDB_RT_AGE_WITHDRAW,  }; @@ -773,22 +772,14 @@ struct TALER_EXCHANGEDB_TableData        struct TALER_AgeWithdrawCommitmentHashP h_commitment;        struct TALER_Amount amount_with_fee;        uint16_t max_age; +      uint32_t noreveal_index;        struct TALER_ReservePublicKeyP reserve_pub;        struct TALER_ReserveSignatureP reserve_sig; -      uint32_t noreveal_index; -      struct GNUNET_TIME_Absolute timestamp; -    } age_withdraw_commitments; - -    struct -    { -      struct TALER_AgeWithdrawCommitmentHashP h_commitment; -      uint32_t freshcoin_index; -      uint64_t denominations_serial; -      void *coin_ev; -      size_t coin_ev_size; -      // h_coin_ev omitted, to be recomputed! -      struct TALER_BlindedDenominationSignature ev_sig; -    } age_withdraw_revealed_coins; +      uint64_t num_coins; +      uint64_t *denominations_serials; +      void *h_blind_evs; +      struct TALER_BlindedDenominationSignature denom_sigs; +    } age_withdraw;    } details; @@ -949,6 +940,13 @@ struct TALER_EXCHANGEDB_Reserve  struct TALER_EXCHANGEDB_DenominationKeyMetaData  {    /** +   * Serial of the denomination key as in the DB. +   * Can be used in calls to stored procedures in order to spare +   * additional lookups. +   */ +  uint64_t serial; + +  /**     * Start time of the validity period for this key.     */    struct GNUNET_TIME_Timestamp start; @@ -1182,11 +1180,11 @@ struct TALER_EXCHANGEDB_CollectableBlindcoin  /** - * @brief Information we keep for an age-withdraw commitment + * @brief Information we keep for an age-withdraw request   * to reproduce the /age-withdraw operation if needed, and to have proof   * that a reserve was drained by this amount.   */ -struct TALER_EXCHANGEDB_AgeWithdrawCommitment +struct TALER_EXCHANGEDB_AgeWithdraw  {    /**     * Total amount (with fee) committed to withdraw @@ -1194,7 +1192,7 @@ struct TALER_EXCHANGEDB_AgeWithdrawCommitment    struct TALER_Amount amount_with_fee;    /** -   * Maximum age that the coins are restricted to. +   * Maximum age (in years) that the coins are restricted to.     */    uint16_t max_age; @@ -1208,7 +1206,7 @@ struct TALER_EXCHANGEDB_AgeWithdrawCommitment     * revealed during cut and choose.  This value applies to all n coins in the     * commitment.     */ -  uint32_t noreveal_index; +  uint16_t noreveal_index;    /**     * Public key of the reserve that was drained. @@ -1223,9 +1221,35 @@ struct TALER_EXCHANGEDB_AgeWithdrawCommitment    struct TALER_ReserveSignatureP reserve_sig;    /** -   * The exchange's signature of the response. +   * Number of coins to be withdrawn.     */ -  struct TALER_ExchangeSignatureP sig; +  size_t num_coins; + +  /** +   * Array of @a num_coins blinded coins.  These are the chosen coins +   * (according to @a noreveal_index) from the request, which contained +   * kappa*num_coins blinded coins. +   */ +  struct TALER_BlindedCoinHashP *h_coin_evs; + +  /** +   * Array of @a num_coins denomination signatures of the blinded coins @a +   * h_coin_evs. +   */ +  struct TALER_BlindedDenominationSignature *denom_sigs; + +  /** +   * Array of @a num_coins serial id's of the denominations, corresponding to +   * the coins in @a h_coin_evs. +   */ +  uint64_t *denom_serials; + +  /** +   * Array of @a num_coins hashes of the public keys of the denominations +   * identified by @e denom_serials.  This field is set when calling +   * get_age_withdraw +   */ +  struct TALER_DenominationHashP *denom_pub_hashes;  }; @@ -2751,28 +2775,6 @@ struct TALER_EXCHANGEDB_CsRevealFreshCoinData    uint32_t coin_off;  }; -/** - * Information about a coin that was revealed to the exchange - * during reveal. - */ -struct TALER_EXCHANGEDB_AgeWithdrawRevealedCoin -{ -  /** -   * Hash of the public denomination key of the coin. -   */ -  struct TALER_DenominationHashP h_denom_pub; - -  /** -   * Signature generated by the exchange over the coin (in blinded format). -   */ -  struct TALER_BlindedDenominationSignature coin_sig; - -  /** -   * Blinded hash of the new coin -   */ -  struct TALER_BlindedCoinHashP h_coin_ev; -}; -  /**   * Generic KYC status for some operation. @@ -3761,6 +3763,15 @@ struct TALER_EXCHANGEDB_Plugin    /** +   * FIXME: merge do_batch_withdraw and do_batch_withdraw_insert into one API, +   * which takes as input (among others) +   *   - denom_serial[] +   *   - blinded_coin_evs[] +   *   - denom_sigs[] +   * The implementation should persist the data as _arrays_ in the DB. +   */ + +  /**     * Perform reserve update as part of a batch withdraw operation, checking     * for sufficient balance. Persisting the withdrawal details is done     * separately! @@ -3769,8 +3780,11 @@ struct TALER_EXCHANGEDB_Plugin     * @param now current time (rounded)     * @param reserve_pub public key of the reserve to debit     * @param amount total amount to withdraw +   * @param do_age_check if set, the batch-withdrawal can only succeed when the reserve has no age restriction (birthday) set.     * @param[out] found set to true if the reserve was found     * @param[out] balance_ok set to true if the balance was sufficient +   * @param[out] age_ok set to true if no age requirements were defined on the reserve or @e do_age_check was false +   * @param[out] allowed_maximum_age when @e age_ok is false, set to the allowed maximum age for withdrawal from the reserve.  The client MUST then use the age-withdraw endpoint     * @param[out] ruuid set to the reserve's UUID (reserves table row)     * @return query execution status     */ @@ -3780,8 +3794,11 @@ struct TALER_EXCHANGEDB_Plugin      struct GNUNET_TIME_Timestamp now,      const struct TALER_ReservePublicKeyP *reserve_pub,      const struct TALER_Amount *amount, +    bool do_age_check,      bool *found,      bool *balance_ok, +    bool *age_ok, +    uint16_t *allowed_maximum_age,      uint64_t *ruuid); @@ -3811,74 +3828,50 @@ struct TALER_EXCHANGEDB_Plugin      bool *nonce_reuse);    /** -   * Locate the response for a age-withdraw request under a hash that uniquely -   * identifies the age-withdraw operation.  Used to ensure idempotency of the -   * request. +   * Locate the response for a age-withdraw request under a hash of the +   * commitment and reserve_pub that uniquely identifies the age-withdraw +   * operation.  Used to ensure idempotency of the request.     *     * @param cls the @e cls of this struct with the plugin-specific state     * @param reserve_pub public key of the reserve for which the age-withdraw request is made     * @param ach hash that uniquely identifies the age-withdraw operation -   * @param[out] awc corresponding details of the previous age-withdraw request if an entry was found +   * @param[out] aw corresponding details of the previous age-withdraw request if an entry was found     * @return statement execution status     */    enum GNUNET_DB_QueryStatus -  (*get_age_withdraw_info)( +  (*get_age_withdraw)(      void *cls,      const struct TALER_ReservePublicKeyP *reserve_pub,      const struct TALER_AgeWithdrawCommitmentHashP *ach, -    struct TALER_EXCHANGEDB_AgeWithdrawCommitment *awc); +    struct TALER_EXCHANGEDB_AgeWithdraw *aw);    /** -   * Perform an age-withdraw operation, checking for sufficient balance -   * and possibly persisting the withdrawal details. +   * Perform an age-withdraw operation, checking for sufficient balance and +   * fulfillment of age requirements and possibly persisting the withdrawal +   * details.     *     * @param cls the `struct PostgresClosure` with the plugin-specific state     * @param commitment corresponding commitment for the age-withdraw     * @param[out] found set to true if the reserve was found     * @param[out] balance_ok set to true if the balance was sufficient +   * @param[out] age_ok set to true if age requirements were met +   * @param[out] allowed_maximum_age if @e age_ok is FALSE, this is set to the allowed maximum age     * @param[out] ruuid set to the reserve's UUID (reserves table row)     * @return query execution status     */    enum GNUNET_DB_QueryStatus    (*do_age_withdraw)(      void *cls, -    const struct TALER_EXCHANGEDB_AgeWithdrawCommitment *commitment, +    const struct TALER_EXCHANGEDB_AgeWithdraw *commitment, +    struct GNUNET_TIME_Timestamp now,      bool *found,      bool *balance_ok, +    bool *age_ok, +    uint16_t *allowed_maximum_age, +    bool *conflict,      uint64_t *ruuid);    /** -   * Store in the database which coin(s) the wallet wanted to withdraw with -   * age restriction enabled in a given age-withdraw operation and the relevant -   * information we learned or created in the reveal steop -   * -   * @param cls The `struct PostgresClosure` with the plugin-specific state -   * @param h_commitment The hash of the original age-withdraw commitment, which is a key into the age_withdraw_commitments table -   * @param num_awrcs Number of coins to generate, size of the @a coin_evs array -   * @param awrcs Array of @a num_awrcs information about coins to be created -   * @return query execution status -   */ -  enum GNUNET_DB_QueryStatus -  (*insert_age_withdraw_reveal)( -    void *cls, -    const struct TALER_AgeWithdrawCommitmentHashP *h_commitment, -    uint32_t num_awrcs, -    const struct TALER_EXCHANGEDB_AgeWithdrawRevealedCoin *awrcs); - -  /** -   * Lookup in the database for the fresh coins with age-restriction that -   * we created in the given age-withdraw operation. -   * -   * TODO: oec -   */ -  enum GNUNET_DB_QueryStatus -  (*get_age_withdraw_reveal)( -    void *cls, -    uint64_t h_commitment -    /* TODO: oec */ -    ); - -  /**     * Retrieve the details to a policy given by its hash_code     *     * @param cls the `struct PostgresClosure` with the plugin-specific state diff --git a/src/include/taler_util.h b/src/include/taler_util.h index 1de264c1..1f3a4c70 100644 --- a/src/include/taler_util.h +++ b/src/include/taler_util.h @@ -558,6 +558,18 @@ char *  TALER_age_mask_to_string (    const struct TALER_AgeMask *mask); +/* + * @brief returns the age group of a given age for a given age mask + * + * @param mask Age mask + * @param age The given age + * @return age group + */ +uint8_t +TALER_get_age_group ( +  const struct TALER_AgeMask *mask, +  uint8_t age); +  /**   * @brief Parses a JSON object { "age_groups": "a:b:...y:z" }.   * @@ -570,6 +582,18 @@ TALER_JSON_parse_age_groups (const json_t *root,                               struct TALER_AgeMask *mask); +/* @brief Return the lowest age in the corresponding group for a given age + * according the given age mask. + * + * @param[IN] mask age mask + * @param[IN] age age to check + * @return lowest age in corresponding age group + */ +uint8_t +TALER_get_lowest_age ( +  const struct TALER_AgeMask *mask, +  uint8_t age); +  /**   * Handle to an external process that will assist   * with some JSON-to-JSON conversion. | 
