diff options
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/taler_crypto_lib.h | 12 | ||||
| -rw-r--r-- | src/include/taler_json_lib.h | 4 | ||||
| -rw-r--r-- | src/include/taler_mint_service.h | 178 | ||||
| -rw-r--r-- | src/include/taler_mintdb_lib.h | 103 | ||||
| -rw-r--r-- | src/include/taler_mintdb_plugin.h | 214 | ||||
| -rw-r--r-- | src/include/taler_signatures.h | 72 |
6 files changed, 408 insertions, 175 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 0f25ea3c..a3c21b38 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -190,6 +190,18 @@ struct TALER_AuditorPublicKeyP /** + * @brief Type of the public key used by the auditor. + */ +struct TALER_AuditorSignatureP +{ + /** + * Taler uses EdDSA signatures for auditors. + */ + struct GNUNET_CRYPTO_EddsaSignature eddsa_sig; +}; + + +/** * @brief Type of the offline master public keys used by the mint. */ struct TALER_MasterPrivateKeyP diff --git a/src/include/taler_json_lib.h b/src/include/taler_json_lib.h index 5a13b9bc..63cb8179 100644 --- a/src/include/taler_json_lib.h +++ b/src/include/taler_json_lib.h @@ -167,12 +167,12 @@ TALER_hash_json (json_t *json, /** * Check if the given wire format JSON object is correctly formatted * - * @param type the type of the wire format + * @param allowed NULL-terminated array of allowed wire format types * @param wire the JSON wire format object * @return #GNUNET_YES if correctly formatted; #GNUNET_NO if not */ int -TALER_json_validate_wireformat (const char *type, +TALER_json_validate_wireformat (const char **allowed, const json_t *wire); diff --git a/src/include/taler_mint_service.h b/src/include/taler_mint_service.h index 02407a3a..e36dcf69 100644 --- a/src/include/taler_mint_service.h +++ b/src/include/taler_mint_service.h @@ -150,6 +150,11 @@ struct TALER_MINT_DenomPublicKey struct TALER_DenominationPublicKey key; /** + * The hash of the public key. + */ + struct GNUNET_HashCode h_key; + + /** * Timestamp indicating when the denomination key becomes valid */ struct GNUNET_TIME_Absolute valid_from; @@ -166,6 +171,15 @@ struct TALER_MINT_DenomPublicKey struct GNUNET_TIME_Absolute deposit_valid_until; /** + * When do signatures with this denomination key become invalid? + * After this point, these signatures cannot be used in (legal) + * disputes anymore, as the Mint is then allowed to destroy its side + * of the evidence. @e expire_legal is expected to be significantly + * larger than @e expire_spend (by a year or more). + */ + struct GNUNET_TIME_Absolute expire_legal; + + /** * The value of this denomination */ struct TALER_Amount value; @@ -204,6 +218,8 @@ struct TALER_MINT_AuditorInformation * that website. We expect that in practice software is going to * often ship with an initial list of accepted auditors, just like * browsers ship with a CA root store. + * + * This field may be NULL. (#3987). */ const char *auditor_url; @@ -218,7 +234,7 @@ struct TALER_MINT_AuditorInformation * elements point to the same locations as the entries * in the key's main `denom_keys` array. */ - struct TALER_MINT_DenomPublicKey *const*denom_keys; + const struct TALER_MINT_DenomPublicKey **denom_keys; }; @@ -246,7 +262,7 @@ struct TALER_MINT_Keys /** * Array of the keys of the auditors of the mint. */ - struct TALER_AuditorPublicKeyP *auditors; + struct TALER_MINT_AuditorInformation *auditors; /** * Length of the @e sign_keys array. @@ -353,6 +369,100 @@ TALER_MINT_get_denomination_key (const struct TALER_MINT_Keys *keys, const struct TALER_DenominationPublicKey *pk); +/** + * Obtain the denomination key details from the mint. + * + * @param keys the mint's key set + * @param hc hash of the public key of the denomination to lookup + * @return details about the given denomination key + */ +const struct TALER_MINT_DenomPublicKey * +TALER_MINT_get_denomination_key_by_hash (const struct TALER_MINT_Keys *keys, + const struct GNUNET_HashCode *hc); + + +/* ********************* /wire *********************** */ + + +/** + * @brief A Wire format inquiry handle + */ +struct TALER_MINT_WireHandle; + + +/** + * Callbacks of this type are used to serve the result of submitting a + * wire format inquiry request to a mint. + * + * The callback is invoked multiple times, once for each supported @a + * method. Finally, it is invoked one more time with cls/0/NULL/NULL + * to indicate the end of the iteration. If any request fails to + * generate a valid response from the mint, @a http_status will also + * be zero and the iteration will also end. Thus, the iteration + * always ends with a final call with an @a http_status of 0. If the + * @a http_status is already 0 on the first call, then the response to + * the /wire request was invalid. Later, clients can tell the + * difference between @a http_status of 0 indicating a failed + * /wire/method request and a regular end of the iteration by @a + * method being non-NULL. If the mint simply correctly asserts that + * it does not support any methods, @a method will be NULL but the @a + * http_status will be #MHD_HTTP_OK for the first call (followed by a + * cls/0/NULL/NULL call to signal the end of the iteration). + * + * @param cls closure + * @param http_status HTTP response code, #MHD_HTTP_OK (200) for successful request; + * 0 if the mint's reply is bogus (fails to follow the protocol) + * @param method wire format method supported, i.e. "test" or "sepa", or NULL + * if already the /wire request failed. + * @param obj the received JSON reply, if successful this should be the wire + * format details as provided by /wire/METHOD/, or NULL if the + * reply was not in JSON format (in this case, the client might + * want to do an HTTP request to /wire/METHOD/ with a browser to + * provide more information to the user about the @a method). + */ +typedef void +(*TALER_MINT_WireResultCallback) (void *cls, + unsigned int http_status, + const char *method, + json_t *obj); + + +/** + * Obtain information about a mint's wire instructions. + * A mint may provide wire instructions for creating + * a reserve. The wire instructions also indicate + * which wire formats merchants may use with the mint. + * This API is typically used by a wallet for wiring + * funds, and possibly by a merchant to determine + * supported wire formats. + * + * Note that while we return the (main) response verbatim to the + * caller for further processing, we do already verify that the + * response is well-formed (i.e. that signatures included in the + * response are all valid). If the mint's reply is not well-formed, + * we return an HTTP status code of zero to @a cb. + * + * @param mint the mint handle; the mint must be ready to operate + * @param wire_cb the callback to call when a reply for this request is available + * @param wire_cb_cls closure for the above callback + * @return a handle for this request + */ +struct TALER_MINT_WireHandle * +TALER_MINT_wire (struct TALER_MINT_Handle *mint, + TALER_MINT_WireResultCallback wire_cb, + void *wire_cb_cls); + + +/** + * Cancel a wire information request. This function cannot be used + * on a request handle if a response is already served for it. + * + * @param wh the wire information request handle + */ +void +TALER_MINT_wire_cancel (struct TALER_MINT_WireHandle *wh); + + /* ********************* /deposit *********************** */ @@ -437,13 +547,13 @@ void TALER_MINT_deposit_cancel (struct TALER_MINT_DepositHandle *deposit); -/* ********************* /withdraw/status *********************** */ +/* ********************* /reserve/status *********************** */ /** - * @brief A /withdraw/status Handle + * @brief A /reserve/status Handle */ -struct TALER_MINT_WithdrawStatusHandle; +struct TALER_MINT_ReserveStatusHandle; /** @@ -513,12 +623,12 @@ struct TALER_MINT_ReserveHistory * @param history detailed transaction history, NULL on error */ typedef void -(*TALER_MINT_WithdrawStatusResultCallback) (void *cls, - unsigned int http_status, - json_t *json, - const struct TALER_Amount *balance, - unsigned int history_length, - const struct TALER_MINT_ReserveHistory *history); +(*TALER_MINT_ReserveStatusResultCallback) (void *cls, + unsigned int http_status, + json_t *json, + const struct TALER_Amount *balance, + unsigned int history_length, + const struct TALER_MINT_ReserveHistory *history); /** @@ -537,11 +647,11 @@ typedef void * @return a handle for this request; NULL if the inputs are invalid (i.e. * signatures fail to verify). In this case, the callback is not called. */ -struct TALER_MINT_WithdrawStatusHandle * -TALER_MINT_withdraw_status (struct TALER_MINT_Handle *mint, - const struct TALER_ReservePublicKeyP *reserve_pub, - TALER_MINT_WithdrawStatusResultCallback cb, - void *cb_cls); +struct TALER_MINT_ReserveStatusHandle * +TALER_MINT_reserve_status (struct TALER_MINT_Handle *mint, + const struct TALER_ReservePublicKeyP *reserve_pub, + TALER_MINT_ReserveStatusResultCallback cb, + void *cb_cls); /** @@ -551,16 +661,16 @@ TALER_MINT_withdraw_status (struct TALER_MINT_Handle *mint, * @param wsh the withdraw status request handle */ void -TALER_MINT_withdraw_status_cancel (struct TALER_MINT_WithdrawStatusHandle *wsh); +TALER_MINT_reserve_status_cancel (struct TALER_MINT_ReserveStatusHandle *wsh); -/* ********************* /withdraw/sign *********************** */ +/* ********************* /reserve/withdraw *********************** */ /** - * @brief A /withdraw/sign Handle + * @brief A /reserve/withdraw Handle */ -struct TALER_MINT_WithdrawSignHandle; +struct TALER_MINT_ReserveWithdrawHandle; /** @@ -574,14 +684,14 @@ struct TALER_MINT_WithdrawSignHandle; * @param full_response full response from the mint (for logging, in case of errors) */ typedef void -(*TALER_MINT_WithdrawSignResultCallback) (void *cls, - unsigned int http_status, - const struct TALER_DenominationSignature *sig, - json_t *full_response); +(*TALER_MINT_ReserveWithdrawResultCallback) (void *cls, + unsigned int http_status, + const struct TALER_DenominationSignature *sig, + json_t *full_response); /** - * Withdraw a coin from the mint using a /withdraw/sign request. This + * Withdraw a coin from the mint using a /reserve/withdraw request. This * API is typically used by a wallet. Note that to ensure that no * money is lost in case of hardware failures, the caller must have * committed (most of) the arguments to disk before calling, and be @@ -601,14 +711,14 @@ typedef void * if the inputs are invalid (i.e. denomination key not with this mint). * In this case, the callback is not called. */ -struct TALER_MINT_WithdrawSignHandle * -TALER_MINT_withdraw_sign (struct TALER_MINT_Handle *mint, - const struct TALER_MINT_DenomPublicKey *pk, - const struct TALER_ReservePrivateKeyP *reserve_priv, - const struct TALER_CoinSpendPrivateKeyP *coin_priv, - const struct TALER_DenominationBlindingKey *blinding_key, - TALER_MINT_WithdrawSignResultCallback res_cb, - void *res_cb_cls); +struct TALER_MINT_ReserveWithdrawHandle * +TALER_MINT_reserve_withdraw (struct TALER_MINT_Handle *mint, + const struct TALER_MINT_DenomPublicKey *pk, + const struct TALER_ReservePrivateKeyP *reserve_priv, + const struct TALER_CoinSpendPrivateKeyP *coin_priv, + const struct TALER_DenominationBlindingKey *blinding_key, + TALER_MINT_ReserveWithdrawResultCallback res_cb, + void *res_cb_cls); /** @@ -618,7 +728,7 @@ TALER_MINT_withdraw_sign (struct TALER_MINT_Handle *mint, * @param sign the withdraw sign request handle */ void -TALER_MINT_withdraw_sign_cancel (struct TALER_MINT_WithdrawSignHandle *sign); +TALER_MINT_reserve_withdraw_cancel (struct TALER_MINT_ReserveWithdrawHandle *sign); /* ********************* /refresh/melt+reveal ***************************** */ diff --git a/src/include/taler_mintdb_lib.h b/src/include/taler_mintdb_lib.h index 24f67761..7dfef8dc 100644 --- a/src/include/taler_mintdb_lib.h +++ b/src/include/taler_mintdb_lib.h @@ -37,6 +37,12 @@ */ #define TALER_MINTDB_DIR_DENOMINATION_KEYS "denomkeys" +/** + * Subdirectory under the mint's base directory which contains + * the mint's auditing information. + */ +#define TALER_MINTDB_DIR_AUDITORS "auditors" + GNUNET_NETWORK_STRUCT_BEGIN @@ -62,7 +68,7 @@ struct TALER_MINTDB_PrivateSigningKeyInformationP /** * Information about a denomination key. - */ + */ struct TALER_MINTDB_DenominationKeyInformationP { @@ -124,23 +130,6 @@ typedef int /** - * @brief Iterator over denomination keys. - * - * @param cls closure - * @param dki the denomination key - * @param alias coin alias - * @return #GNUNET_OK to continue to iterate, - * #GNUNET_NO to stop iteration with no error, - * #GNUNET_SYSERR to abort iteration with error! - */ -typedef int -(*TALER_MINTDB_DenominationKeyIterator)(void *cls, - const char *alias, - const struct TALER_MINTDB_DenominationKeyIssueInformation *dki); - - - -/** * Call @a it for each signing key found in the @a mint_base_dir. * * @param mint_base_dir base directory for the mint, @@ -158,6 +147,23 @@ TALER_MINTDB_signing_keys_iterate (const char *mint_base_dir, void *it_cls); + +/** + * @brief Iterator over denomination keys. + * + * @param cls closure + * @param dki the denomination key + * @param alias coin alias + * @return #GNUNET_OK to continue to iterate, + * #GNUNET_NO to stop iteration with no error, + * #GNUNET_SYSERR to abort iteration with error! + */ +typedef int +(*TALER_MINTDB_DenominationKeyIterator)(void *cls, + const char *alias, + const struct TALER_MINTDB_DenominationKeyIssueInformation *dki); + + /** * Call @a it for each denomination key found in the @a mint_base_dir. * @@ -202,6 +208,67 @@ TALER_MINTDB_denomination_key_read (const char *filename, /** + * @brief Iterator over auditor information. + * + * @param cls closure + * @param apub the auditor's public key + * @param mpub the mint's public key (as expected by the auditor) + * @param dki_len length of @a asig and @a dki arrays + * @param asigs array of the auditor's signatures over the @a dks, of length @a dki_len + * @param dki array of denomination coin data signed by the auditor, of length @a dki_len + * @return #GNUNET_OK to continue to iterate, + * #GNUNET_NO to stop iteration with no error, + * #GNUNET_SYSERR to abort iteration with error! + */ +typedef int +(*TALER_MINTDB_AuditorIterator)(void *cls, + const struct TALER_AuditorPublicKeyP *apub, + const struct TALER_MasterPublicKeyP *mpub, + unsigned int dki_len, + const struct TALER_AuditorSignatureP *asigs, + const struct TALER_DenominationKeyValidityPS *dki); + + +/** + * Call @a it with information for each auditor found in the @a mint_base_dir. + * + * @param mint_base_dir base directory for the mint, + * the signing keys must be in the #TALER_MINTDB_DIR_DENOMINATION_KEYS + * subdirectory + * @param it function to call with auditor information + * @param it_cls closure for @a it + * @return -1 on error, 0 if no files were found, otherwise + * a positive number (however, even with a positive + * number it is possible that @a it was never called + * as maybe none of the files were well-formed) + */ +int +TALER_MINTDB_auditor_iterate (const char *mint_base_dir, + TALER_MINTDB_AuditorIterator it, + void *it_cls); + + +/** + * Write auditor information to the given file. + * + * @param filename the file where to write the auditor information to + * @param apub the auditor's public key + * @param asigs the auditor's signatures, array of length @a dki_len + * @param mpub the mint's public key (as expected by the auditor) + * @param dki_len length of @a dki and @a asigs arrays + * @param dki array of denomination coin data signed by the auditor + * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure. + */ +int +TALER_MINTDB_auditor_write (const char *filename, + const struct TALER_AuditorPublicKeyP *apub, + const struct TALER_AuditorSignatureP *asigs, + const struct TALER_MasterPublicKeyP *mpub, + unsigned int dki_len, + const struct TALER_DenominationKeyValidityPS *dki); + + +/** * Initialize the plugin. * * @param cfg configuration to use diff --git a/src/include/taler_mintdb_plugin.h b/src/include/taler_mintdb_plugin.h index c5b9828d..c8013acc 100644 --- a/src/include/taler_mintdb_plugin.h +++ b/src/include/taler_mintdb_plugin.h @@ -417,30 +417,6 @@ struct TALER_MINTDB_LinkDataList /** - * @brief Specification for a /lock operation. - */ -struct TALER_MINTDB_LockOperation -{ - /** - * Information about the coin that is being locked. - */ - struct TALER_CoinPublicInfo coin; - - /** - * Signature over the locking operation. - */ - struct TALER_CoinSpendSignatureP coin_sig; - - /** - * How much value is being locked? - */ - struct TALER_Amount amount; - - // FIXME: more needed... -}; - - -/** * @brief Enumeration to classify the different types of transactions * that can be done with a coin. */ @@ -454,12 +430,8 @@ enum TALER_MINTDB_TransactionType /** * /refresh/melt operation. */ - TALER_MINTDB_TT_REFRESH_MELT = 1, + TALER_MINTDB_TT_REFRESH_MELT = 1 - /** - * /lock operation. - */ - TALER_MINTDB_TT_LOCK = 2 }; @@ -495,11 +467,6 @@ struct TALER_MINTDB_TransactionList */ struct TALER_MINTDB_RefreshMelt *melt; - /** - * Details if transaction was a /lock operation. - */ - struct TALER_MINTDB_LockOperation *lock; - } details; }; @@ -550,6 +517,31 @@ struct TALER_MINTDB_Session; /** + * Function called with details about deposits that + * have been made, with the goal of executing the + * corresponding wire transaction. + * + * @param cls closure + * @param id transaction ID (used as future `min_id` to avoid + * iterating over transactions more than once) + * @param amount_with_fee amount that was deposited including fee + * @param deposit_fee amount the mint gets to keep as transaction fees + * @param transaction_id unique transaction ID chosen by the merchant + * @param h_contract hash of the contract between merchant and customer + * @param wire wire details for the merchant + * @return #GNUNET_OK to continue to iterate, #GNUNET_SYSERR to stop + */ +typedef int +(*TALER_MINTDB_DepositIterator)(void *cls, + uint64_t id, + const struct TALER_Amount *amount_with_fee, + const struct TALER_Amount *deposit_fee, + uint64_t transaction_id, + const struct GNUNET_HashCode *h_contract, + const json_t *wire); + + +/** * Function called with the session hashes and transfer secret * information for a given coin. * @@ -636,23 +628,24 @@ struct TALER_MINTDB_Plugin * Commit a transaction. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion connection to use - * @return #GNUNET_OK on success + * @param session connection to use + * @return #GNUNET_OK on success, #GNUNET_NO if the transaction + * can be retried, #GNUNET_SYSERR on hard failures */ int (*commit) (void *cls, - struct TALER_MINTDB_Session *sesssion); + struct TALER_MINTDB_Session *session); /** * Abort/rollback a transaction. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion connection to use + * @param session connection to use */ void (*rollback) (void *cls, - struct TALER_MINTDB_Session *sesssion); + struct TALER_MINTDB_Session *session); /** @@ -661,7 +654,7 @@ struct TALER_MINTDB_Plugin * with this key have. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion connection to use + * @param session connection to use * @param denom_pub the public key used for signing coins of this denomination * @param issue issuing information with value, fees and other info about the coin * @return #GNUNET_OK on success; #GNUNET_SYSERR on failure @@ -677,7 +670,7 @@ struct TALER_MINTDB_Plugin * Fetch information about a denomination key. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion connection to use + * @param session connection to use * @param denom_pub the public key used for signing coins of this denomination * @param[out] issue set to issue information with value, fees and other info about the coin, can be NULL * @return #GNUNET_OK on success; #GNUNET_NO if no record was found, #GNUNET_SYSERR on failure @@ -736,7 +729,7 @@ struct TALER_MINTDB_Plugin * key of the hash of the blinded message. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection to use + * @param session database connection to use * @param h_blind hash of the blinded coin to be signed (will match * `h_coin_envelope` in the @a collectable to be returned) * @param collectable corresponding collectable coin (blind signature) @@ -747,7 +740,7 @@ struct TALER_MINTDB_Plugin */ int (*get_withdraw_info) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *h_blind, struct TALER_MINTDB_CollectableBlindcoin *collectable); @@ -757,7 +750,7 @@ struct TALER_MINTDB_Plugin * hash of the blinded message. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection to use + * @param session database connection to use * @param collectable corresponding collectable coin (blind signature) * if a coin is found * @return #GNUNET_SYSERR on internal error @@ -766,7 +759,7 @@ struct TALER_MINTDB_Plugin */ int (*insert_withdraw_info) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct TALER_MINTDB_CollectableBlindcoin *collectable); @@ -775,13 +768,13 @@ struct TALER_MINTDB_Plugin * reserve. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion connection to use + * @param session connection to use * @param reserve_pub public key of the reserve * @return known transaction history (NULL if reserve is unknown) */ struct TALER_MINTDB_ReserveHistory * (*get_reserve_history) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct TALER_ReservePublicKeyP *reserve_pub); @@ -800,7 +793,7 @@ struct TALER_MINTDB_Plugin * Check if we have the specified deposit already in the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection + * @param session database connection * @param deposit deposit to search for * @return #GNUNET_YES if we know this operation, * #GNUNET_NO if this exact deposit is unknown to us, @@ -808,30 +801,53 @@ struct TALER_MINTDB_Plugin */ int (*have_deposit) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct TALER_MINTDB_Deposit *deposit); /** - * Insert information about deposited coin into the - * database. + * Insert information about deposited coin into the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion connection to the database + * @param session connection to the database * @param deposit deposit information to store * @return #GNUNET_OK on success, #GNUNET_SYSERR on error */ int (*insert_deposit) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct TALER_MINTDB_Deposit *deposit); /** + * Obtain information about deposits. Iterates over all deposits + * above a certain ID. Use a @a min_id of 0 to start at the beginning. + * This operation is executed in its own transaction in transaction + * mode "REPEATABLE READ", i.e. we should only see valid deposits. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param session connection to the database + * @param min_id deposit to start at + * @param limit maximum number of transactions to fetch + * @param deposit_cb function to call for each deposit + * @param deposit_cb_cls closure for @a deposit_cb + * @return number of rows processed, 0 if none exist, + * #GNUNET_SYSERR on error + */ + int + (*iterate_deposits) (void *cls, + struct TALER_MINTDB_Session *session, + uint64_t min_id, + uint32_t limit, + TALER_MINTDB_DepositIterator deposit_cb, + void *deposit_cb_cls); + + + /** * Lookup refresh session data under the given @a session_hash. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database handle to use + * @param session database handle to use * @param session_hash hash over the melt to use for the lookup * @param[out] refresh_session where to store the result * @return #GNUNET_YES on success, @@ -840,7 +856,7 @@ struct TALER_MINTDB_Plugin */ int (*get_refresh_session) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash, struct TALER_MINTDB_RefreshSession *refresh_session); @@ -849,7 +865,7 @@ struct TALER_MINTDB_Plugin * Store new refresh session data under the given @a session_hash. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database handle to use + * @param session database handle to use * @param session_hash hash over the melt to use to locate the session * @param refresh_session session data to store * @return #GNUNET_YES on success, @@ -857,7 +873,7 @@ struct TALER_MINTDB_Plugin */ int (*create_refresh_session) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash, const struct TALER_MINTDB_RefreshSession *refresh_session); @@ -866,7 +882,7 @@ struct TALER_MINTDB_Plugin * Store the given /refresh/melt request in the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection + * @param session database connection * @param oldcoin_index index of the coin to store * @param melt coin melt operation details to store; includes * the session hash of the melt @@ -875,7 +891,7 @@ struct TALER_MINTDB_Plugin */ int (*insert_refresh_melt) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, uint16_t oldcoin_index, const struct TALER_MINTDB_RefreshMelt *melt); @@ -884,7 +900,7 @@ struct TALER_MINTDB_Plugin * Get information about melted coin details from the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection + * @param session database connection * @param session_hash hash to identify refresh session * @param oldcoin_index index of the coin to retrieve * @param melt melt data to fill in, can be NULL @@ -893,7 +909,7 @@ struct TALER_MINTDB_Plugin */ int (*get_refresh_melt) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash, uint16_t oldcoin_index, struct TALER_MINTDB_RefreshMelt *melt); @@ -904,7 +920,7 @@ struct TALER_MINTDB_Plugin * in a given refresh operation. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection + * @param session database connection * @param session_hash hash to identify refresh session * @param num_newcoins number of coins to generate, size of the @a denom_pubs array * @param denom_pubs array denominations of the coins to create @@ -913,7 +929,7 @@ struct TALER_MINTDB_Plugin */ int (*insert_refresh_order) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash, uint16_t num_newcoins, const struct TALER_DenominationPublicKey *denom_pubs); @@ -924,7 +940,7 @@ struct TALER_MINTDB_Plugin * create in the given refresh operation. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection + * @param session database connection * @param session_hash hash to identify refresh session * @param num_newcoins size of the @a denom_pubs array * @param[out] denom_pubs where to write @a num_newcoins denomination keys @@ -933,7 +949,7 @@ struct TALER_MINTDB_Plugin */ int (*get_refresh_order) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash, uint16_t num_newcoins, struct TALER_DenominationPublicKey *denom_pubs); @@ -944,7 +960,7 @@ struct TALER_MINTDB_Plugin * for the given refresh session in the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection to use + * @param session database connection to use * @param session_hash hash to identify refresh session * @param cnc_index cut and choose index (1st dimension), relating to #TALER_CNC_KAPPA * @param num_newcoins coin index size of the @a commit_coins array @@ -954,7 +970,7 @@ struct TALER_MINTDB_Plugin */ int (*insert_refresh_commit_coins) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash, uint16_t cnc_index, uint16_t num_newcoins, @@ -966,7 +982,7 @@ struct TALER_MINTDB_Plugin * given coin of the given refresh session from the database. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection to use + * @param session database connection to use * @param session_hash hash to identify refresh session * @param cnc_index cut and choose set index (1st dimension) * @param num_coins size of the @a commit_coins array @@ -977,7 +993,7 @@ struct TALER_MINTDB_Plugin */ int (*get_refresh_commit_coins) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash, uint16_t cnc_index, uint16_t num_coins, @@ -989,7 +1005,7 @@ struct TALER_MINTDB_Plugin * for the given refresh session. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection to use + * @param session database connection to use * @param session_hash hash to identify refresh session * @param cnc_index cut and choose index (1st dimension), relating to #TALER_CNC_KAPPA * @param num_links size of the @a commit_link array @@ -998,7 +1014,7 @@ struct TALER_MINTDB_Plugin */ int (*insert_refresh_commit_links) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash, uint16_t cnc_index, uint16_t num_links, @@ -1009,7 +1025,7 @@ struct TALER_MINTDB_Plugin * for the given refresh session. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection to use + * @param session database connection to use * @param session_hash hash to identify refresh session * @param cnc_index cut and choose index (1st dimension) * @param num_links size of the @a links array to return @@ -1020,7 +1036,7 @@ struct TALER_MINTDB_Plugin */ int (*get_refresh_commit_links) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash, uint16_t cnc_index, uint16_t num_links, @@ -1031,14 +1047,14 @@ struct TALER_MINTDB_Plugin * Get all of the information from the given melt commit operation. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection to use + * @param session database connection to use * @param session_hash hash to identify refresh session * @return NULL if the @a session_hash does not correspond to any known melt * operation */ struct TALER_MINTDB_MeltCommitment * (*get_melt_commitment) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash); @@ -1060,7 +1076,7 @@ struct TALER_MINTDB_Plugin * be used to try to obtain the private keys during "/refresh/link". * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection + * @param session database connection * @param session_hash hash to identify refresh session * @param newcoin_index coin index * @param ev_sig coin signature @@ -1068,7 +1084,7 @@ struct TALER_MINTDB_Plugin */ int (*insert_refresh_out) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash, uint16_t newcoin_index, const struct TALER_DenominationSignature *ev_sig); @@ -1079,13 +1095,13 @@ struct TALER_MINTDB_Plugin * information, the denomination keys and the signatures. * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection + * @param session database connection * @param session_hash session to get linkage data for * @return all known link data for the session */ struct TALER_MINTDB_LinkDataList * (*get_link_data_list) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct GNUNET_HashCode *session_hash); @@ -1108,7 +1124,7 @@ struct TALER_MINTDB_Plugin * * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection + * @param session database connection * @param coin_pub public key of the coin * @param tdc function to call for each session the coin was melted into * @param tdc_cls closure for @a tdc @@ -1118,56 +1134,24 @@ struct TALER_MINTDB_Plugin */ int (*get_transfer) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct TALER_CoinSpendPublicKeyP *coin_pub, TALER_MINTDB_TransferDataCallback tdc, void *tdc_cls); - - /** - * Test if the given /lock request is known to us. - * - * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection - * @param lock lock operation - * @return #GNUNET_YES if known, - * #GNUNET_NO if not, - * #GNUNET_SYSERR on internal error - */ - int - (*have_lock) (void *cls, - struct TALER_MINTDB_Session *sesssion, - const struct TALER_MINTDB_LockOperation *lock); - - - /** - * Store the given /lock request in the database. - * - * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection - * @param lock lock operation - * @return #GNUNET_OK on success - * #GNUNET_SYSERR on internal error - */ - int - (*insert_lock) (void *cls, - struct TALER_MINTDB_Session *sesssion, - const struct TALER_MINTDB_LockOperation *lock); - - /** * Compile a list of all (historic) transactions performed * with the given coin (/refresh/melt and /deposit operations). * * @param cls the @e cls of this struct with the plugin-specific state - * @param sesssion database connection + * @param session database connection * @param coin_pub coin to investigate * @return list of transactions, NULL if coin is fresh */ struct TALER_MINTDB_TransactionList * (*get_coin_transactions) (void *cls, - struct TALER_MINTDB_Session *sesssion, + struct TALER_MINTDB_Session *session, const struct TALER_CoinSpendPublicKeyP *coin_pub); diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index ffbc9fd4..3bdc4eee 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -653,13 +653,73 @@ struct TALER_MintKeyValidityPS struct TALER_MasterPublicKeyP master; /** - * Array of hash(es) of the mint's denomination keys. - * Specifically, this is the hash over the - * `struct TALER_DenominationKeyValidityPS`, not just - * the public key (as the auditor needs to check against - * the correct valuations and fee structure). + * Start time of the validity period for this key. + */ + struct GNUNET_TIME_AbsoluteNBO start; + + /** + * The mint will sign fresh coins between @e start and this time. + * @e expire_withdraw will be somewhat larger than @e start to + * ensure a sufficiently large anonymity set, while also allowing + * the Mint to limit the financial damage in case of a key being + * compromised. Thus, mints with low volume are expected to have a + * longer withdraw period (@e expire_withdraw - @e start) than mints + * with high transaction volume. The period may also differ between + * types of coins. A mint may also have a few denomination keys + * with the same value with overlapping validity periods, to address + * issues such as clock skew. + */ + struct GNUNET_TIME_AbsoluteNBO expire_withdraw; + + /** + * Coins signed with the denomination key must be spent or refreshed + * between @e start and this expiration time. After this time, the + * mint will refuse transactions involving this key as it will + * "drop" the table with double-spending information (shortly after) + * this time. Note that wallets should refresh coins significantly + * before this time to be on the safe side. @e expire_spend must be + * significantly larger than @e expire_withdraw (by months or even + * years). + */ + struct GNUNET_TIME_AbsoluteNBO expire_spend; + + /** + * When do signatures with this denomination key become invalid? + * After this point, these signatures cannot be used in (legal) + * disputes anymore, as the Mint is then allowed to destroy its side + * of the evidence. @e expire_legal is expected to be significantly + * larger than @e expire_spend (by a year or more). */ - /* struct GNUNET_HashCode h_dks; */ + struct GNUNET_TIME_AbsoluteNBO expire_legal; + + /** + * The value of the coins signed with this denomination key. + */ + struct TALER_AmountNBO value; + + /** + * The fee the mint charges when a coin of this type is withdrawn. + * (can be zero). + */ + struct TALER_AmountNBO fee_withdraw; + + /** + * The fee the mint charges when a coin of this type is deposited. + * (can be zero). + */ + struct TALER_AmountNBO fee_deposit; + + /** + * The fee the mint charges when a coin of this type is refreshed. + * (can be zero). + */ + struct TALER_AmountNBO fee_refresh; + + /** + * Hash code of the denomination public key. (Used to avoid having + * the variable-size RSA key in this struct.) + */ + struct GNUNET_HashCode denom_hash GNUNET_PACKED; }; |