From 53545c667bd44dfd9808e619b6aaa5bf25c08969 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96zg=C3=BCr=20Kesim?= Date: Mon, 31 Jan 2022 17:55:12 +0100 Subject: [PATCH] Multiple refactoring changes - TALER_AgeHash -> TALER_AgeCommitmentHash - Parameter for TALER_planchet_prepare added pro forma - Prototypes for _commit and _derive added --- src/auditor/taler-helper-auditor-coins.c | 2 +- src/benchmark/taler-aggregator-benchmark.c | 2 +- src/exchange/taler-exchange-httpd_db.c | 2 +- .../taler-exchange-httpd_recoup-refresh.c | 2 +- src/exchange/taler-exchange-httpd_recoup.c | 2 +- .../taler-exchange-httpd_refreshes_reveal.c | 1 + src/exchange/taler-exchange-httpd_responses.c | 4 +- src/exchangedb/plugin_exchangedb_postgres.c | 4 +- src/exchangedb/test_exchangedb.c | 13 +- src/include/taler_crypto_lib.h | 215 ++++++++++++------ src/include/taler_exchangedb_plugin.h | 10 +- src/include/taler_signatures.h | 4 +- src/lib/exchange_api_common.c | 4 +- src/lib/exchange_api_link.c | 3 +- src/lib/exchange_api_refresh_common.c | 1 + src/lib/exchange_api_refreshes_reveal.c | 1 + src/lib/exchange_api_withdraw.c | 1 + src/testing/testing_api_cmd_insert_deposit.c | 2 +- src/util/crypto.c | 40 +++- src/util/denom.c | 4 +- src/util/wallet_signatures.c | 6 +- 21 files changed, 216 insertions(+), 107 deletions(-) diff --git a/src/auditor/taler-helper-auditor-coins.c b/src/auditor/taler-helper-auditor-coins.c index bf97c50f2..a54f7307a 100644 --- a/src/auditor/taler-helper-auditor-coins.c +++ b/src/auditor/taler-helper-auditor-coins.c @@ -1227,7 +1227,7 @@ static int refresh_session_cb (void *cls, uint64_t rowid, const struct TALER_DenominationPublicKey *denom_pub, - const struct TALER_AgeHash *h_age_commitment, + const struct TALER_AgeCommitmentHash *h_age_commitment, const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_CoinSpendSignatureP *coin_sig, const struct TALER_Amount *amount_with_fee, diff --git a/src/benchmark/taler-aggregator-benchmark.c b/src/benchmark/taler-aggregator-benchmark.c index 411921000..365ae68dd 100644 --- a/src/benchmark/taler-aggregator-benchmark.c +++ b/src/benchmark/taler-aggregator-benchmark.c @@ -300,7 +300,7 @@ add_deposit (const struct Merchant *m) struct TALER_EXCHANGEDB_Deposit deposit; uint64_t known_coin_id; struct TALER_DenominationHash dph; - struct TALER_AgeHash agh; + struct TALER_AgeCommitmentHash agh; RANDOMIZE (&d.coin.coin_pub); d.coin.denom_pub_hash = h_denom_pub; diff --git a/src/exchange/taler-exchange-httpd_db.c b/src/exchange/taler-exchange-httpd_db.c index 3600d7931..f331e17d2 100644 --- a/src/exchange/taler-exchange-httpd_db.c +++ b/src/exchange/taler-exchange-httpd_db.c @@ -50,7 +50,7 @@ TEH_make_coin_known (const struct TALER_CoinPublicInfo *coin, { enum TALER_EXCHANGEDB_CoinKnownStatus cks; struct TALER_DenominationHash h_denom_pub; - struct TALER_AgeHash age_hash; + struct TALER_AgeCommitmentHash age_hash; /* make sure coin is 'known' in database */ cks = TEH_plugin->ensure_coin_known (TEH_plugin->cls, diff --git a/src/exchange/taler-exchange-httpd_recoup-refresh.c b/src/exchange/taler-exchange-httpd_recoup-refresh.c index 78a454c85..ec5589926 100644 --- a/src/exchange/taler-exchange-httpd_recoup-refresh.c +++ b/src/exchange/taler-exchange-httpd_recoup-refresh.c @@ -248,7 +248,7 @@ verify_and_execute_recoup_refresh ( if (GNUNET_OK != TALER_denom_blind (&dk->denom_pub, coin_bks, - NULL, /* FIXME-Oec: TALER_AgeHash * */ + NULL, /* FIXME-Oec: TALER_AgeCommitmentHash * */ &coin->coin_pub, &c_hash, &coin_ev, diff --git a/src/exchange/taler-exchange-httpd_recoup.c b/src/exchange/taler-exchange-httpd_recoup.c index 0deaa8bbb..9b1ba8224 100644 --- a/src/exchange/taler-exchange-httpd_recoup.c +++ b/src/exchange/taler-exchange-httpd_recoup.c @@ -250,7 +250,7 @@ verify_and_execute_recoup ( if (GNUNET_OK != TALER_denom_blind (&dk->denom_pub, coin_bks, - NULL, /* FIXME-Oec: TALER_AgeHash * */ + NULL, /* FIXME-Oec: TALER_AgeCommitmentHash * */ &coin->coin_pub, &c_hash, &coin_ev, diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c b/src/exchange/taler-exchange-httpd_refreshes_reveal.c index bae5ba55c..aae87290e 100644 --- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c +++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c @@ -191,6 +191,7 @@ check_commitment (struct RevealContext *rctx, GNUNET_assert (GNUNET_OK == TALER_planchet_prepare (rcd->dk, &ps, + NULL, /* FIXME-Oec, struct TALER_AgeCommitmentHash * */ &c_hash, &pd)); rcd->coin_ev = pd.coin_ev; diff --git a/src/exchange/taler-exchange-httpd_responses.c b/src/exchange/taler-exchange-httpd_responses.c index 5233fc8e9..d1a6d68fe 100644 --- a/src/exchange/taler-exchange-httpd_responses.c +++ b/src/exchange/taler-exchange-httpd_responses.c @@ -122,7 +122,7 @@ TEH_RESPONSE_compile_transaction_history ( { const struct TALER_EXCHANGEDB_MeltListEntry *melt = pos->details.melt; - const struct TALER_AgeHash *phac = NULL; + const struct TALER_AgeCommitmentHash *phac = NULL; #if ENABLE_SANITY_CHECKS if (GNUNET_OK != @@ -142,7 +142,7 @@ TEH_RESPONSE_compile_transaction_history ( /* Age restriction is optional. We communicate a NULL value to * JSON_PACK below */ - if (! TALER_AgeHash_isNullOrZero (&melt->h_age_commitment)) + if (! TALER_AgeCommitmentHash_isNullOrZero (&melt->h_age_commitment)) phac = &melt->h_age_commitment; if (0 != diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index c0c7ab13d..1a99c56e0 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -5732,7 +5732,7 @@ postgres_ensure_coin_known (void *cls, const struct TALER_CoinPublicInfo *coin, uint64_t *known_coin_id, struct TALER_DenominationHash *denom_hash, - struct TALER_AgeHash *age_hash) + struct TALER_AgeCommitmentHash *age_hash) { struct PostgresClosure *pg = cls; enum GNUNET_DB_QueryStatus qs; @@ -8214,7 +8214,7 @@ refreshs_serial_helper_cb (void *cls, struct TALER_DenominationPublicKey denom_pub; struct TALER_CoinSpendPublicKeyP coin_pub; struct TALER_CoinSpendSignatureP coin_sig; - struct TALER_AgeHash h_age_commitment; + struct TALER_AgeCommitmentHash h_age_commitment; bool ac_isnull; struct TALER_Amount amount_with_fee; uint32_t noreveal_index; diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c index d90ee3989..ffd904f20 100644 --- a/src/exchangedb/test_exchangedb.c +++ b/src/exchangedb/test_exchangedb.c @@ -472,7 +472,8 @@ static enum GNUNET_GenericReturnValue audit_refresh_session_cb (void *cls, uint64_t rowid, const struct TALER_DenominationPublicKey *denom_pub, - const struct TALER_AgeHash *h_age_commitment, + const struct + TALER_AgeCommitmentHash *h_age_commitment, const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_CoinSpendSignatureP *coin_sig, const struct TALER_Amount *amount_with_fee, @@ -1469,8 +1470,8 @@ run (void *cls) { struct TALER_PlanchetDetail pd; struct TALER_CoinSpendPublicKeyP coin_pub; - struct TALER_AgeHash age_hash; - struct TALER_AgeHash *p_ah[2] = {NULL, &age_hash}; + struct TALER_AgeCommitmentHash age_hash; + struct TALER_AgeCommitmentHash *p_ah[2] = {NULL, &age_hash}; /* Call TALER_denom_blind()/TALER_denom_sign_blinded() twice, once without * age_hash, once with age_hash */ @@ -1578,7 +1579,7 @@ run (void *cls) deadline = GNUNET_TIME_timestamp_get (); { struct TALER_DenominationHash dph; - struct TALER_AgeHash agh; + struct TALER_AgeCommitmentHash agh; FAILIF (TALER_EXCHANGEDB_CKS_ADDED != plugin->ensure_coin_known (plugin->cls, @@ -1821,7 +1822,7 @@ run (void *cls) uint64_t new_known_coin_id; struct TALER_CoinPublicInfo new_coin; struct TALER_DenominationHash dph; - struct TALER_AgeHash agh; + struct TALER_AgeCommitmentHash agh; bool recoup_ok; bool internal_failure; @@ -2173,7 +2174,7 @@ run (void *cls) { uint64_t known_coin_id; struct TALER_DenominationHash dph; - struct TALER_AgeHash agh; + struct TALER_AgeCommitmentHash agh; FAILIF (TALER_EXCHANGEDB_CKS_ADDED != plugin->ensure_coin_known (plugin->cls, diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 069c0d3ca..89f4bd2fe 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -280,67 +280,6 @@ struct TALER_MasterSignatureP struct GNUNET_CRYPTO_EddsaSignature eddsa_signature; }; -/* - * @brief Type of a list of age groups, represented as bit mask. - * - * The bits set in the mask mark the edges at the beginning of a next age - * group. F.e. for the age groups - * 0-7, 8-9, 10-11, 12-14, 14-15, 16-17, 18-21, 21-* - * the following bits are set: - * - * 31 24 16 8 0 - * | | | | | - * oooooooo oo1oo1o1 o1o1o1o1 ooooooo1 - * - * A value of 0 means that the exchange does not support the extension for - * age-restriction. - */ -struct TALER_AgeMask -{ - uint32_t mask; -}; - -/** - * @brief Age restriction commitment of a coin. - */ -struct TALER_AgeHash -{ - /** - * The commitment is a SHA-256 hash code. - */ - struct GNUNET_ShortHashCode shash; -}; - -extern const struct TALER_AgeHash TALER_AgeHash_zeroHash; -#define TALER_AgeHash_isNullOrZero(ph) ((NULL == ph) || \ - (0 == memcmp (ph, \ - &TALER_AgeHash_zeroHash, \ - sizeof(struct \ - TALER_AgeHash)))) -/* - * @brief Representation of an age commitment: one public key per age group. - * - * The number of keys must be be the same as the number of bits set in the - * corresponding age mask. - */ -struct TALER_AgeCommitment -{ - struct TALER_AgeMask mask; - struct GNUNET_CRYPTO_EddsaPublicKey *keys; - size_t num_keys; -}; - - -/* - * @brief Generates a hash of the public keys in the age commitment. - * @param commitment the age commitment - one public key per age group - * @param[out] hash resulting hash - */ -void -TALER_age_commitment_hash ( - const struct TALER_AgeCommitment *commitment, - struct TALER_AgeHash *hash); - /** * @brief Type of public keys for Taler coins. The same key material is used @@ -368,6 +307,29 @@ struct TALER_CoinSpendPrivateKeyP struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv; }; +/** + * @brief Type of private keys for age commitment in coins. + */ +struct TALER_AgeCommitmentPrivateKeyP +{ + /** + * Taler uses EdDSA for coins when signing age verification attestation. + */ + struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv; +}; + + +/** + * @brief Type of public keys for age commitment in coins. + */ +struct TALER_AgeCommitmentPublicKeyP +{ + /** + * Taler uses EdDSA for coins when signing age verification attestation. + */ + struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub; +}; + /** * @brief Type of signatures made with Taler coins. @@ -665,6 +627,46 @@ struct TALER_BlindedDenominationSignature }; +/* *************** Age Restriction *********************************** */ + +/* + * @brief Type of a list of age groups, represented as bit mask. + * + * The bits set in the mask mark the edges at the beginning of a next age + * group. F.e. for the age groups + * 0-7, 8-9, 10-11, 12-14, 14-15, 16-17, 18-21, 21-* + * the following bits are set: + * + * 31 24 16 8 0 + * | | | | | + * oooooooo oo1oo1o1 o1o1o1o1 ooooooo1 + * + * A value of 0 means that the exchange does not support the extension for + * age-restriction. + */ +struct TALER_AgeMask +{ + uint32_t mask; +}; + +/** + * @brief Age commitment of a coin. + */ +struct TALER_AgeCommitmentHash +{ + /** + * The commitment is a SHA-256 hash code. + */ + struct GNUNET_ShortHashCode shash; +}; + +extern const struct TALER_AgeCommitmentHash TALER_ZeroAgeCommitmentHash; +#define TALER_AgeCommitmentHash_isNullOrZero(ph) ((NULL == ph) || \ + (0 == memcmp (ph, \ + & \ + TALER_ZeroAgeCommitmentHash, \ + sizeof(struct \ + TALER_AgeCommitmentHash)))) /** * @brief Type of public signing keys for verifying blindly signed coins. @@ -745,7 +747,7 @@ struct TALER_CoinPublicInfo * Hash of the age commitment. If no age commitment was provided, it must be * set to all zeroes. */ - struct TALER_AgeHash age_commitment_hash; + struct TALER_AgeCommitmentHash age_commitment_hash; /** * (Unblinded) signature over @e coin_pub with @e denom_pub, @@ -855,7 +857,7 @@ TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig); enum GNUNET_GenericReturnValue TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, const union TALER_DenominationBlindingKeyP *coin_bks, - const struct TALER_AgeHash *age_commitment_hash, + const struct TALER_AgeCommitmentHash *age_commitment_hash, const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_CoinPubHash *c_hash, void **coin_ev, @@ -1055,7 +1057,7 @@ TALER_coin_ev_hash (const void *coin_ev, */ void TALER_coin_pub_hash (const struct TALER_CoinSpendPublicKeyP *coin_pub, - const struct TALER_AgeHash *age_commitment_hash, + const struct TALER_AgeCommitmentHash *age_commitment_hash, struct TALER_CoinPubHash *coin_h); @@ -1141,8 +1143,9 @@ struct TALER_FreshCoin struct TALER_CoinSpendPrivateKeyP coin_priv; /** - * FIXME-Oec: Age-verification vector, as pointer: Dyn alloc! + * Optional hash of an age commitment (#TALER_AgeCommitment), maybe NULL. */ + struct TALER_AgeCommitmentHash *age_commitment_hash; }; @@ -1263,6 +1266,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps); * * @param dk denomination key for the coin to be created * @param ps secret planchet internals (for #TALER_planchet_to_coin) + * @param ach (optional) hash of age commitment (for #TALER_planchet_to_coin) * @param[out] c_hash set to the hash of the public key of the coin (needed later) * @param[out] pd set to the planchet detail for TALER_MERCHANT_tip_pickup() and * other withdraw operations @@ -1271,6 +1275,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps); enum GNUNET_GenericReturnValue TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, const struct TALER_PlanchetSecretsP *ps, + const struct TALER_AgeCommitmentHash *ach, struct TALER_CoinPubHash *c_hash, struct TALER_PlanchetDetail *pd); @@ -1805,7 +1810,7 @@ TALER_wallet_melt_verify ( const struct TALER_Amount *melt_fee, const struct TALER_RefreshCommitmentP *rc, const struct TALER_DenominationHash *h_denom_pub, - const struct TALER_AgeHash *h_age_commitment, + const struct TALER_AgeCommitmentHash *h_age_commitment, const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_CoinSpendSignatureP *coin_sig); @@ -1846,7 +1851,7 @@ TALER_wallet_link_verify ( const struct TALER_TransferPublicKeyP *transfer_pub, const struct TALER_BlindedCoinHash *h_coin_ev, const struct TALER_CoinSpendPublicKeyP *old_coin_pub, - const struct TALER_AgeHash *h_age_commitment, + const struct TALER_AgeCommitmentHash *h_age_commitment, const struct TALER_CoinSpendSignatureP *coin_sig); @@ -2592,5 +2597,81 @@ TALER_exchange_offline_extension_config_hash_verify ( const struct TALER_MasterSignatureP *master_sig ); +/* + * @brief Representation of an age commitment: one public key per age group. + * + * The number of keys must be be the same as the number of bits set in the + * corresponding age mask. + */ +struct TALER_AgeCommitment +{ + + /* The age mask defines the age groups that were a parameter during the + * generation of this age commitment */ + struct TALER_AgeMask mask; + + /* The number of public keys, which must be the same as the number of groups + * in the mask + */ + size_t num_keys; + + /* A NULL-terminated list of public keys. + * The list must be exactly of length num_keys, i. e. the same as the number + * of age groups defined in the mask. + * + * A hash of this list is the hashed commitment that goes into FDC + * calculation during the withdraw and refresh operations for new coins. That + * way, the particular age commitment becomes mandatory and bound to a coin. + **/ + struct TALER_AgeCommitmentPublicKeyP *pub; + + /* A NULL-terminated list of private keys. + * Note that the list can be smaller than the corresponding list of public + * keys! In that case, the wallet can sign off only for a subset of the age + * groups. + */ + struct TALER_AgeCommitmentPrivateKeyP *priv; + +}; + +/* + * @brief Generates an age commitent for the given age. + * + * @param mask The age mask the defines the age groups + * @param age The age for which an age commitment is generated + * @param seed The seed that goes into the key generation. MUST be choosen uniformly random. + * @param commitment[out] The generated age commitment, allocated via GNUNET_malloc + */ +void +TALER_age_restriction_commit ( + const struct TALER_AgeMask *mask, + const uint8_t age, + const uint32_t seed, + struct TALER_AgeCommitment *commitment); + +/* + * @brief Generates a hash of the public keys in the age commitment. + * + * @param commitment the age commitment - one public key per age group + * @param[out] hash resulting hash + */ +void +TALER_age_commitment_hash ( + const struct TALER_AgeCommitment *commitment, + struct TALER_AgeCommitmentHash *hash); + +/* + * @brief Derives another, equivalent age commitment for a given one. + * + * @param orig Original age commitment + * @param seed Used to move the points on the elliptic curve in order to generate another, equivalent commitment. + * @param derived[out] The resulting age commitment, allocated via GNUNET_malloc. + */ +void +TALER_age_restriction_derive ( + const struct TALER_AgeCommitment *orig, + const uint32_t seed, + const struct TALER_AgeCommitment *derived); + #endif diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 8e5f72df3..4efc95724 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -295,7 +295,7 @@ struct TALER_EXCHANGEDB_TableData struct { struct TALER_CoinSpendPublicKeyP coin_pub; - struct TALER_AgeHash age_hash; + struct TALER_AgeCommitmentHash age_hash; uint64_t denominations_serial; struct TALER_DenominationSignature denom_sig; } known_coins; @@ -1265,7 +1265,7 @@ struct TALER_EXCHANGEDB_Refresh * applicable to the denomination. May be all zeroes if no age restriction * applies. */ - struct TALER_AgeHash h_age_commitment; + struct TALER_AgeCommitmentHash h_age_commitment; /** * Refresh commitment this coin is melted into. @@ -1317,7 +1317,7 @@ struct TALER_EXCHANGEDB_MeltListEntry * applicable to the denomination. May be all zeroes if no age restriction * applies. */ - struct TALER_AgeHash h_age_commitment; + struct TALER_AgeCommitmentHash h_age_commitment; /** * How much value is being melted? This amount includes the fees, @@ -1612,7 +1612,7 @@ typedef enum GNUNET_GenericReturnValue void *cls, uint64_t rowid, const struct TALER_DenominationPublicKey *denom_pub, - const struct TALER_AgeHash *h_age_commitment, + const struct TALER_AgeCommitmentHash *h_age_commitment, const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_CoinSpendSignatureP *coin_sig, const struct TALER_Amount *amount_with_fee, @@ -2751,7 +2751,7 @@ struct TALER_EXCHANGEDB_Plugin const struct TALER_CoinPublicInfo *coin, uint64_t *known_coin_id, struct TALER_DenominationHash *denom_pub_hash, - struct TALER_AgeHash *age_hash); + struct TALER_AgeCommitmentHash *age_hash); /** diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index e93c59487..5671d34f7 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -417,7 +417,7 @@ struct TALER_LinkDataPS /** * Hash of the age commitment, if applicable. Can be all zero */ - struct TALER_AgeHash h_age_commitment; + struct TALER_AgeCommitmentHash h_age_commitment; /** * Hash of the blinded new coin. @@ -721,7 +721,7 @@ struct TALER_RefreshMeltCoinAffirmationPS * the hash of the age commitment vector. It must be all zeroes if no age * commitment was provided. */ - struct TALER_AgeHash h_age_commitment GNUNET_PACKED; + struct TALER_AgeCommitmentHash h_age_commitment GNUNET_PACKED; /** * How much of the value of the coin should be melted? This amount diff --git a/src/lib/exchange_api_common.c b/src/lib/exchange_api_common.c index 5f280b89b..81ee67436 100644 --- a/src/lib/exchange_api_common.c +++ b/src/lib/exchange_api_common.c @@ -548,7 +548,7 @@ TALER_EXCHANGE_verify_coin_history ( { struct TALER_CoinSpendSignatureP sig; struct TALER_RefreshCommitmentP rc; - struct TALER_AgeHash h_age_commitment = {0}; + struct TALER_AgeCommitmentHash h_age_commitment = {0}; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_fixed_auto ("coin_sig", &sig), @@ -593,7 +593,7 @@ TALER_EXCHANGE_verify_coin_history ( &fee, &rc, h_denom_pub, - TALER_AgeHash_isNullOrZero ( + TALER_AgeCommitmentHash_isNullOrZero ( &h_age_commitment) ? NULL : &h_age_commitment, coin_pub, diff --git a/src/lib/exchange_api_link.c b/src/lib/exchange_api_link.c index 262af1d15..9d801c38b 100644 --- a/src/lib/exchange_api_link.c +++ b/src/lib/exchange_api_link.c @@ -105,7 +105,7 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh, }; struct TALER_TransferSecretP secret; struct TALER_PlanchetSecretsP fc; - struct TALER_AgeHash h_age_commitment = {0}; // TODO, see below. + struct TALER_AgeCommitmentHash h_age_commitment = {0}; // TODO, see below. /* parse reply */ if (GNUNET_OK != @@ -146,6 +146,7 @@ parse_link_coin (const struct TALER_EXCHANGE_LinkHandle *lh, if (GNUNET_OK != TALER_planchet_prepare (&rpub, &fc, + NULL, /* FIXME-oec. struct TALER_AgeCommitmentHash * */ &c_hash, &pd)) { diff --git a/src/lib/exchange_api_refresh_common.c b/src/lib/exchange_api_refresh_common.c index 3e367566d..ecb5c0152 100644 --- a/src/lib/exchange_api_refresh_common.c +++ b/src/lib/exchange_api_refresh_common.c @@ -433,6 +433,7 @@ TALER_EXCHANGE_refresh_prepare ( if (GNUNET_OK != TALER_planchet_prepare (&md.fresh_pks[j], fc, + NULL, /* FIXME-oec: struct TALER_AgeCommitmentHash * */ &c_hash, &pd)) { diff --git a/src/lib/exchange_api_refreshes_reveal.c b/src/lib/exchange_api_refreshes_reveal.c index 2b7fcf8cf..653368d6d 100644 --- a/src/lib/exchange_api_refreshes_reveal.c +++ b/src/lib/exchange_api_refreshes_reveal.c @@ -359,6 +359,7 @@ TALER_EXCHANGE_refreshes_reveal ( if (GNUNET_OK != TALER_planchet_prepare (&md->fresh_pks[i], &md->fresh_coins[noreveal_index][i], + NULL, /* FIXME-oec: struct TALER_AgeCommitmentHash * */ &c_hash, &pd)) { diff --git a/src/lib/exchange_api_withdraw.c b/src/lib/exchange_api_withdraw.c index 5e823ee6d..901faadfd 100644 --- a/src/lib/exchange_api_withdraw.c +++ b/src/lib/exchange_api_withdraw.c @@ -186,6 +186,7 @@ TALER_EXCHANGE_withdraw ( if (GNUNET_OK != TALER_planchet_prepare (&pk->key, ps, + NULL, /* FIXME-oec: struct TALER_AgeCommitmentHash * */ &wh->c_hash, &pd)) { diff --git a/src/testing/testing_api_cmd_insert_deposit.c b/src/testing/testing_api_cmd_insert_deposit.c index d45bd0c67..4e3ce2147 100644 --- a/src/testing/testing_api_cmd_insert_deposit.c +++ b/src/testing/testing_api_cmd_insert_deposit.c @@ -238,7 +238,7 @@ insert_deposit_run (void *cls, { uint64_t known_coin_id; struct TALER_DenominationHash dph; - struct TALER_AgeHash agh; + struct TALER_AgeCommitmentHash agh; if ( (GNUNET_OK != ids->dbc->plugin->start (ids->dbc->plugin->cls, diff --git a/src/util/crypto.c b/src/util/crypto.c index c0ad07387..1c45df35e 100644 --- a/src/util/crypto.c +++ b/src/util/crypto.c @@ -27,9 +27,9 @@ #include /** - * Used in TALER_AgeHash_isNullOrZero for comparison + * Used in TALER_AgeCommitmentHash_isNullOrZero for comparison */ -const struct TALER_AgeHash TALER_AgeHash_zeroHash = {0}; +const struct TALER_AgeCommitmentHash TALER_ZeroAgeCommitmentHash = {0}; /** * Function called by libgcrypt on serious errors. @@ -183,6 +183,7 @@ TALER_planchet_setup_random (struct TALER_PlanchetSecretsP *ps) enum GNUNET_GenericReturnValue TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, const struct TALER_PlanchetSecretsP *ps, + const struct TALER_AgeCommitmentHash *ach, struct TALER_CoinPubHash *c_hash, struct TALER_PlanchetDetail *pd) { @@ -193,7 +194,7 @@ TALER_planchet_prepare (const struct TALER_DenominationPublicKey *dk, if (GNUNET_OK != TALER_denom_blind (dk, &ps->blinding_key, - NULL, /* FIXME-Oec */ + ach, &coin_pub, c_hash, &pd->coin_ev, @@ -324,10 +325,10 @@ TALER_coin_ev_hash (const void *coin_ev, void TALER_coin_pub_hash (const struct TALER_CoinSpendPublicKeyP *coin_pub, - const struct TALER_AgeHash *age_commitment_hash, + const struct TALER_AgeCommitmentHash *ach, struct TALER_CoinPubHash *coin_h) { - if (NULL == age_commitment_hash) + if (NULL == ach) { /* No age commitment was set */ GNUNET_CRYPTO_hash (&coin_pub->eddsa_pub, @@ -339,7 +340,7 @@ TALER_coin_pub_hash (const struct TALER_CoinSpendPublicKeyP *coin_pub, /* Coin comes with age commitment. Take the hash of the age commitment * into account */ const size_t key_s = sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey); - const size_t age_s = sizeof(struct TALER_AgeHash); + const size_t age_s = sizeof(struct TALER_AgeCommitmentHash); char data[key_s + age_s]; GNUNET_memcpy (&data[0], @@ -347,7 +348,7 @@ TALER_coin_pub_hash (const struct TALER_CoinSpendPublicKeyP *coin_pub, key_s); GNUNET_memcpy (&data[key_s], - age_commitment_hash, + ach, age_s); GNUNET_CRYPTO_hash (&data, @@ -360,7 +361,7 @@ TALER_coin_pub_hash (const struct TALER_CoinSpendPublicKeyP *coin_pub, void TALER_age_commitment_hash ( const struct TALER_AgeCommitment *commitment, - struct TALER_AgeHash *ahash) + struct TALER_AgeCommitmentHash *ahash) { struct GNUNET_HashContext *hash_context; struct GNUNET_HashCode hash; @@ -373,7 +374,7 @@ TALER_age_commitment_hash ( for (size_t i = 0; i < commitment->num_keys; i++) { GNUNET_CRYPTO_hash_context_read (hash_context, - &commitment->keys[i], + &commitment->pub[i], sizeof(struct GNUNET_CRYPTO_EddsaPublicKey)); } @@ -386,4 +387,25 @@ TALER_age_commitment_hash ( } +void +TALER_age_restriction_derive ( + const struct TALER_AgeCommitment *orig, + const uint32_t seed, + const struct TALER_AgeCommitment *derived) +{ + /* TODO */ +} + + +void +TALER_age_restriction_commit ( + const struct TALER_AgeMask *mask, + const uint8_t age, + const uint32_t seed, + struct TALER_AgeCommitment *commitment) +{ + /* TODO */ +} + + /* end of crypto.c */ diff --git a/src/util/denom.c b/src/util/denom.c index b6b3764da..f7ab6ad1e 100644 --- a/src/util/denom.c +++ b/src/util/denom.c @@ -235,7 +235,7 @@ TALER_denom_priv_to_pub (const struct TALER_DenominationPrivateKey *denom_priv, enum GNUNET_GenericReturnValue TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, const union TALER_DenominationBlindingKeyP *coin_bks, - const struct TALER_AgeHash *age_commitment_hash, + const struct TALER_AgeCommitmentHash *ach, const struct TALER_CoinSpendPublicKeyP *coin_pub, struct TALER_CoinPubHash *c_hash, void **coin_ev, @@ -245,7 +245,7 @@ TALER_denom_blind (const struct TALER_DenominationPublicKey *dk, { case TALER_DENOMINATION_RSA: TALER_coin_pub_hash (coin_pub, - age_commitment_hash, + ach, c_hash); if (GNUNET_YES != GNUNET_CRYPTO_rsa_blind (&c_hash->hash, diff --git a/src/util/wallet_signatures.c b/src/util/wallet_signatures.c index b42716417..a608046a0 100644 --- a/src/util/wallet_signatures.c +++ b/src/util/wallet_signatures.c @@ -135,7 +135,7 @@ TALER_wallet_link_verify ( const struct TALER_TransferPublicKeyP *transfer_pub, const struct TALER_BlindedCoinHash *h_coin_ev, const struct TALER_CoinSpendPublicKeyP *old_coin_pub, - const struct TALER_AgeHash *h_age_commitment, + const struct TALER_AgeCommitmentHash *h_age_commitment, const struct TALER_CoinSpendSignatureP *coin_sig) { struct TALER_LinkDataPS ldp = { @@ -275,7 +275,7 @@ TALER_wallet_melt_verify ( const struct TALER_Amount *melt_fee, const struct TALER_RefreshCommitmentP *rc, const struct TALER_DenominationHash *h_denom_pub, - const struct TALER_AgeHash *h_age_commitment, + const struct TALER_AgeCommitmentHash *h_age_commitment, const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_CoinSpendSignatureP *coin_sig) { @@ -286,7 +286,7 @@ TALER_wallet_melt_verify ( .h_denom_pub = *h_denom_pub, }; - memset (&melt.h_age_commitment, 0, sizeof(struct TALER_AgeHash)); + memset (&melt.h_age_commitment, 0, sizeof(struct TALER_AgeCommitmentHash)); if (NULL != h_age_commitment) melt.h_age_commitment = *h_age_commitment;