3 files changed, 167 insertions, 13 deletions

diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index b5ae2083..a861563b 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -3107,16 +3107,14 @@ TALER_wallet_reserve_open_verify (
  * Sign to deposit coin to pay for keeping a reserve open.
  *
  * @param coin_contribution how much the coin should contribute
- * @param reserve_pub public key of the reserve
- * @param request_timestamp time of the open request
+ * @param reserve_sig signature over the reserve open operation
  * @param coin_priv private key of the coin
  * @param[out] coin_sig signature by the coin
  */
 void
 TALER_wallet_reserve_open_deposit_sign (
   const struct TALER_Amount *coin_contribution,
-  const struct TALER_ReservePublicKeyP *reserve_pub,
-  struct GNUNET_TIME_Timestamp request_timestamp,
+  const struct TALER_ReserveSignatureP *reserve_sig,
   const struct TALER_CoinSpendPrivateKeyP *coin_priv,
   struct TALER_CoinSpendSignatureP *coin_sig);
 
@@ -3125,8 +3123,7 @@ TALER_wallet_reserve_open_deposit_sign (
  * Verify signature that deposits coin to pay for keeping a reserve open.
  *
  * @param coin_contribution how much the coin should contribute
- * @param reserve_pub public key of the reserve
- * @param request_timestamp time of the open request
+ * @param reserve_sig signature over the reserve open operation
  * @param coin_pub public key of the coin
  * @param coin_sig signature by the coin
  * @return #GNUNET_OK if the signature is valid
@@ -3134,8 +3131,7 @@ TALER_wallet_reserve_open_deposit_sign (
 enum GNUNET_GenericReturnValue
 TALER_wallet_reserve_open_deposit_verify (
   const struct TALER_Amount *coin_contribution,
-  const struct TALER_ReservePublicKeyP *reserve_pub,
-  struct GNUNET_TIME_Timestamp request_timestamp,
+  const struct TALER_ReserveSignatureP *reserve_sig,
   const struct TALER_CoinSpendPublicKeyP *coin_pub,
   const struct TALER_CoinSpendSignatureP *coin_sig);
 
@@ -3223,7 +3219,7 @@ TALER_wallet_reserve_attest_request_sign (
  *
  * @param request_timestamp when was the request created
  * @param details which attributes are requested
- * @param reserve_priv private key of the reserve
+ * @param reserve_pub public key of the reserve
  * @param reserve_sig where to store the signature
  * @return #GNUNET_OK if the signature is valid
  */
@@ -4291,7 +4287,6 @@ TALER_exchange_online_reserve_attest_details_sign (
  * Verify signature by exchange affirming that a reserve
  * has had certain attributes verified via KYC.
  *
- * @param scb function to call to create the signature
  * @param attest_timestamp our time
  * @param expiration_time when does the KYC data expire
  * @param reserve_pub for which reserve are attributes attested
diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h
index 261ffb18..0ce8ff47 100644
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@@ -878,6 +878,25 @@ typedef void
 
 
 /**
+ * Function called on all legitimization operations
+ * we have performed for the given account so far
+ * (and that have not yet expired).
+ *
+ * @param cls closure
+ * @param kyc_provider_section_name configuration section
+ *        of the respective KYC process
+ * @param provider_user_id UID at a provider (can be NULL)
+ * @param legi_id legitimization process ID (can be NULL)
+ */
+typedef void
+(*TALER_EXCHANGEDB_LegitimizationProcessCallback)(
+  void *cls,
+  const char *kyc_provider_section_name,
+  const char *provider_user_id,
+  const char *legi_id);
+
+
+/**
  * Function called with information about the exchange's auditors.
  *
  * @param cls closure with a `struct TEH_KeyStateHandle *`
@@ -4044,6 +4063,98 @@ struct TALER_EXCHANGEDB_Plugin
 
 
   /**
+   * Insert reserve open coin deposit data into database.
+   * Subtracts the @a coin_total from the coin's balance.
+   *
+   * @param cls closure
+   * @param cpi public information about the coin
+   * @param coin_sig signature with @e coin_pub of type #TALER_SIGNATURE_WALLET_RESERVE_OPEN_DEPOSIT
+   * @param known_coin_id ID of the coin in the known_coins table
+   * @param coin_total amount to be spent of the coin (including deposit fee)
+   * @param reserve_sig signature by the reserve affirming the open operation
+   * @param reserve_pub public key of the reserve being opened
+   * @param[out] insufficient_funds set to true if the coin's balance is insufficient, otherwise to false
+   * @return transaction status code, 0 if operation is already in the DB
+   */
+  enum GNUNET_DB_QueryStatus
+  (*insert_reserve_open_deposit)(
+    void *cls,
+    const struct TALER_CoinPublicInfo *cpi,
+    const struct TALER_CoinSpendSignatureP *coin_sig,
+    uint64_t known_coin_id,
+    const struct TALER_Amount *coin_total,
+    const struct TALER_ReserveSignatureP *reserve_sig,
+    const struct TALER_ReservePublicKeyP *reserve_pub,
+    bool *insufficient_funds);
+
+
+  /**
+   * Insert reserve close operation into database.
+   *
+   * @param cls closure
+   * @param reserve_pub which reserve is this about?
+   * @param execution_date when did we perform the transfer?
+   * @param receiver_account to which account do we transfer, in payto://-format
+   * @param wtid identifier for the wire transfer
+   * @param amount_with_fee amount we charged to the reserve
+   * @param closing_fee how high is the closing fee
+   * @return transaction status code
+   */
+  enum GNUNET_DB_QueryStatus
+  (*do_reserve_open)(void *cls,
+                     const struct TALER_ReservePublicKeyP *reserve_pub,
+                     const struct TALER_Amount *total_paid,
+                     uint32_t min_purse_limit,
+                     const struct TALER_ReserveSignatureP *reserve_sig,
+                     struct GNUNET_TIME_Timestamp desired_expiration,
+                     struct GNUNET_TIME_Timestamp now,
+                     const struct TALER_Amount *open_fee,
+                     struct TALER_Amount *open_cost,
+                     struct GNUNET_TIME_Timestamp *final_expiration);
+
+
+  /**
+   * Select information needed to see if we can close
+   * a reserve.
+   *
+   * @param cls closure
+   * @param reserve_pub which reserve is this about?
+   * @param[out] balance current reserve balance
+   * @param[out] payto_uri set to URL of account that
+   *             originally funded the reserve;
+   *             could be set to NULL if not known
+   * @return transaction status code, 0 if reserve unknown
+   */
+  enum GNUNET_DB_QueryStatus
+  (*select_reserve_close_info)(
+    void *cls,
+    const struct TALER_ReservePublicKeyP *reserve_pub,
+    struct TALER_Amount *balance,
+    char **payto_uri);
+
+
+  /**
+   * Select information needed for KYC checks on reserve close: historic
+   * reserve closures going to the same account.
+   *
+   * @param cls closure
+   * @param h_payto which target account is this about?
+   * @param h_payto account identifier
+   * @param time_limit oldest transaction that could be relevant
+   * @param kac function to call for each applicable amount, in reverse chronological order (or until @a kac aborts by returning anything except #GNUNET_OK).
+   * @param kac_cls closure for @a kac
+   * @return transaction status code, @a kac aborting with #GNUNET_NO is not an error
+   */
+  enum GNUNET_DB_QueryStatus
+  (*iterate_reserve_close_info)(
+    void *cls,
+    const struct TALER_PaytoHashP *h_payto,
+    struct GNUNET_TIME_Absolute time_limit,
+    TALER_EXCHANGEDB_KycAmountCallback kac,
+    void *kac_cls);
+
+
+  /**
    * Insert reserve close operation into database.
    *
    * @param cls closure
@@ -5488,17 +5599,21 @@ struct TALER_EXCHANGEDB_Plugin
    *
    * @param cls the @e cls of this struct with the plugin-specific state
    * @param reserve_pub public key of the account to close
+   * @param payto_uri where to wire the funds
    * @param reserve_sig signature affiming that the account is to be closed
    * @param request_timestamp timestamp of the close request
-   * @param[out] final_balance set to the final balance in the account that will be wired back to the origin account
+   * @param balance balance at the time of closing
+   * @param closing_fee closing fee to charge
    * @return transaction status code
    */
   enum GNUNET_DB_QueryStatus
   (*insert_close_request)(void *cls,
                           const struct TALER_ReservePublicKeyP *reserve_pub,
+                          const char *payto_uri,
                           const struct TALER_ReserveSignatureP *reserve_sig,
                           struct GNUNET_TIME_Timestamp request_timestamp,
-                          struct TALER_Amount *final_balance);
+                          const struct TALER_Amount *balance,
+                          const struct TALER_Amount *closing_fee);
 
 
   /**
@@ -5726,6 +5841,24 @@ struct TALER_EXCHANGEDB_Plugin
 
 
   /**
+   * Call us on KYC legitimization processes satisfied and not expired for the
+   * given account.
+   *
+   * @param cls the @e cls of this struct with the plugin-specific state
+   * @param h_payto account identifier
+   * @param lpc function to call for each satisfied KYC legitimization process
+   * @param lpc_cls closure for @a lpc
+   * @return transaction status code
+   */
+  enum GNUNET_DB_QueryStatus
+  (*iterate_kyc_reference)(
+    void *cls,
+    const struct TALER_PaytoHashP *h_payto,
+    TALER_EXCHANGEDB_LegitimizationProcessCallback lpc,
+    void *lpc_cls);
+
+
+  /**
    * Call @a kac on withdrawn amounts after @a time_limit which are relevant
    * for a KYC trigger for a the (debited) account identified by @a h_payto.
    *
diff --git a/src/include/taler_kyclogic_lib.h b/src/include/taler_kyclogic_lib.h
index 494f7787..7f4bf5b5 100644
--- a/src/include/taler_kyclogic_lib.h
+++ b/src/include/taler_kyclogic_lib.h
@@ -68,7 +68,12 @@ enum TALER_KYCLOGIC_KycTriggerEvent
   /**
    * Wallet balance exceeds threshold.
    */
-  TALER_KYCLOGIC_KYC_TRIGGER_WALLET_BALANCE = 3
+  TALER_KYCLOGIC_KYC_TRIGGER_WALLET_BALANCE = 3,
+
+  /**
+   * Reserve is being closed by force.
+   */
+  TALER_KYCLOGIC_KYC_TRIGGER_RESERVE_CLOSE = 4
 
 };
 
@@ -302,6 +307,27 @@ TALER_KYCLOGIC_requirements_to_logic (const char *requirements,
 
 
 /**
+ * Obtain attributes we collected about a user from a
+ * provider.
+ *
+ * @param provider_section configuration section of a
+ *    provider that triggered KYC process for a user
+ * @param provider_user user ID of the user at the provider
+ * @param legitimization_id legitimizatin ID of a process
+ *    of that user at the provider
+ * @param[out] attr_expiration set to when the @a attrs expire
+ * @param[out] attrs attributes we have about the user
+ * @return error code, #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_KYCLOGIC_user_to_attributes (const char *provider_section,
+                                   const char *provider_user_id,
+                                   const char *legitimization_id,
+                                   struct GNUNET_TIME_Timestamp *attr_expiration,
+                                   json_t **attrs);
+
+
+/**
  * Obtain the provider logic for a given @a name.
  *
  * @param name name of the logic or provider section