taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

privatize more signature structs, simplify code

Browse Source
This commit is contained in:
Christian Grothoff 2022-03-31 12:37:39 +02:00
parent eadee56dcf
commit 747ae5ef09
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
14 changed files with 608 additions and 600 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
src/auditor/report-lib.c
View File

@ -68,7 +68,7 @@ struct GNUNET_TIME_Absolute start_time;
/** /**
* Results about denominations, cached per-transaction, maps denomination pub hashes * Results about denominations, cached per-transaction, maps denomination pub hashes
* to `struct TALER_DenominationKeyValidityPS`. * to `const struct TALER_EXCHANGEDB_DenominationKeyInformation`.
*/ */
static struct GNUNET_CONTAINER_MultiHashMap *denominations; static struct GNUNET_CONTAINER_MultiHashMap *denominations;
@ -114,16 +114,14 @@ TALER_ARL_report (json_t *array,
* *
* @param cls closure, NULL * @param cls closure, NULL
* @param denom_pub public key, sometimes NULL (!) * @param denom_pub public key, sometimes NULL (!)
* @param validity issuing information with value, fees and other info about the denomination. * @param issue issuing information with value, fees and other info about the denomination.
*/ */
static void static void
add_denomination ( add_denomination (
void *cls, void *cls,
const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_EXCHANGEDB_DenominationKeyInformationP *validity) const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue)
{ {
const struct TALER_DenominationKeyValidityPS *issue = &validity->properties;
(void) cls; (void) cls;
(void) denom_pub; (void) denom_pub;
if (NULL != if (NULL !=
@ -132,35 +130,26 @@ add_denomination (
return; /* value already known */ return; /* value already known */
#if GNUNET_EXTRA_LOGGING >= 1 #if GNUNET_EXTRA_LOGGING >= 1
{ {
struct TALER_Amount value;
TALER_amount_ntoh (&value,
&issue->value);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Tracking denomination `%s' (%s)\n", "Tracking denomination `%s' (%s)\n",
GNUNET_h2s (&issue->denom_hash.hash), GNUNET_h2s (&issue->denom_hash.hash),
TALER_amount2s (&value)); TALER_amount2s (&issue->value));
TALER_amount_ntoh (&value,
&issue->fees.withdraw);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Withdraw fee is %s\n", "Withdraw fee is %s\n",
TALER_amount2s (&value)); TALER_amount2s (&issue->fees.withdraw));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Start time is %s\n", "Start time is %s\n",
GNUNET_TIME_timestamp2s GNUNET_TIME_timestamp2s (issue->start));
(GNUNET_TIME_timestamp_ntoh (issue->start)));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Expire deposit time is %s\n", "Expire deposit time is %s\n",
GNUNET_TIME_timestamp2s GNUNET_TIME_timestamp2s (issue->expire_deposit));
(GNUNET_TIME_timestamp_ntoh (issue->expire_deposit)));
} }
#endif #endif
{ {
struct TALER_DenominationKeyValidityPS *i; struct TALER_EXCHANGEDB_DenominationKeyInformation *i;
i = GNUNET_new (struct TALER_DenominationKeyValidityPS); i = GNUNET_new (struct TALER_EXCHANGEDB_DenominationKeyInformation);
*i = *issue; *i = *issue;
i->master = TALER_ARL_master_pub;
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
GNUNET_CONTAINER_multihashmap_put (denominations, GNUNET_CONTAINER_multihashmap_put (denominations,
&issue->denom_hash.hash, &issue->denom_hash.hash,
@ -173,7 +162,7 @@ add_denomination (
enum GNUNET_DB_QueryStatus enum GNUNET_DB_QueryStatus
TALER_ARL_get_denomination_info_by_hash ( TALER_ARL_get_denomination_info_by_hash (
const struct TALER_DenominationHashP *dh, const struct TALER_DenominationHashP *dh,
const struct TALER_DenominationKeyValidityPS **issue) const struct TALER_EXCHANGEDB_DenominationKeyInformation **issue)
{ {
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
@ -192,7 +181,7 @@ TALER_ARL_get_denomination_info_by_hash (
} }
} }
{ {
const struct TALER_DenominationKeyValidityPS *i; const struct TALER_EXCHANGEDB_DenominationKeyInformation *i;
i = GNUNET_CONTAINER_multihashmap_get (denominations, i = GNUNET_CONTAINER_multihashmap_get (denominations,
&dh->hash); &dh->hash);
@ -205,7 +194,7 @@ TALER_ARL_get_denomination_info_by_hash (
} }
/* maybe database changed since we last iterated, give it one more shot */ /* maybe database changed since we last iterated, give it one more shot */
{ {
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue; struct TALER_EXCHANGEDB_DenominationKeyInformation issue;
qs = TALER_ARL_edb->get_denomination_info (TALER_ARL_edb->cls, qs = TALER_ARL_edb->get_denomination_info (TALER_ARL_edb->cls,
dh, dh,
@ -224,7 +213,7 @@ TALER_ARL_get_denomination_info_by_hash (
&issue); &issue);
} }
{ {
const struct TALER_DenominationKeyValidityPS *i; const struct TALER_EXCHANGEDB_DenominationKeyInformation *i;
i = GNUNET_CONTAINER_multihashmap_get (denominations, i = GNUNET_CONTAINER_multihashmap_get (denominations,
&dh->hash); &dh->hash);
@ -246,7 +235,7 @@ TALER_ARL_get_denomination_info_by_hash (
enum GNUNET_DB_QueryStatus enum GNUNET_DB_QueryStatus
TALER_ARL_get_denomination_info ( TALER_ARL_get_denomination_info (
const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_DenominationKeyValidityPS **issue, const struct TALER_EXCHANGEDB_DenominationKeyInformation **issue,
struct TALER_DenominationHashP *dh) struct TALER_DenominationHashP *dh)
{ {
struct TALER_DenominationHashP hc; struct TALER_DenominationHashP hc;

4
src/auditor/report-lib.h
View File

@ -102,7 +102,7 @@ TALER_ARL_report (json_t *array,
enum GNUNET_DB_QueryStatus enum GNUNET_DB_QueryStatus
TALER_ARL_get_denomination_info_by_hash ( TALER_ARL_get_denomination_info_by_hash (
const struct TALER_DenominationHashP *dh, const struct TALER_DenominationHashP *dh,
const struct TALER_DenominationKeyValidityPS **issue); const struct TALER_EXCHANGEDB_DenominationKeyInformation **issue);
/** /**
@ -117,7 +117,7 @@ TALER_ARL_get_denomination_info_by_hash (
enum GNUNET_DB_QueryStatus enum GNUNET_DB_QueryStatus
TALER_ARL_get_denomination_info ( TALER_ARL_get_denomination_info (
const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_DenominationKeyValidityPS **issue, const struct TALER_EXCHANGEDB_DenominationKeyInformation **issue,
struct TALER_DenominationHashP *dh); struct TALER_DenominationHashP *dh);

48
src/auditor/taler-auditor-httpd_deposit-confirmation.c
View File

@ -32,6 +32,50 @@
#include "taler-auditor-httpd_deposit-confirmation.h" #include "taler-auditor-httpd_deposit-confirmation.h"
GNUNET_NETWORK_STRUCT_BEGIN
/**
* @brief Information about a signing key of the exchange. Signing keys are used
* to sign exchange messages other than coins, i.e. to confirm that a
* deposit was successful or that a refresh was accepted.
*/
struct ExchangeSigningKeyDataP
{
/**
* When does this signing key begin to be valid?
*/
struct GNUNET_TIME_TimestampNBO start;
/**
* When does this signing key expire? Note: This is currently when
* the Exchange will definitively stop using it. Signatures made with
* the key remain valid until @e end. When checking validity periods,
* clients should allow for some overlap between keys and tolerate
* the use of either key during the overlap time (due to the
* possibility of clock skew).
*/
struct GNUNET_TIME_TimestampNBO expire;
/**
* When do signatures with this signing key become invalid? After
* this point, these signatures cannot be used in (legal) disputes
* anymore, as the Exchange is then allowed to destroy its side of the
* evidence. @e end is expected to be significantly larger than @e
* expire (by a year or more).
*/
struct GNUNET_TIME_TimestampNBO end;
/**
* The public online signing key that the exchange will use
* between @e start and @e expire.
*/
struct TALER_ExchangePublicKeyP signkey_pub;
};
GNUNET_NETWORK_STRUCT_END
/** /**
* Cache of already verified exchange signing keys. Maps the hash of the * Cache of already verified exchange signing keys. Maps the hash of the
* `struct TALER_ExchangeSigningKeyValidityPS` to the (static) string * `struct TALER_ExchangeSigningKeyValidityPS` to the (static) string
@ -65,9 +109,7 @@ verify_and_execute_deposit_confirmation (
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
struct GNUNET_HashCode h; struct GNUNET_HashCode h;
const char *cached; const char *cached;
struct TALER_ExchangeSigningKeyValidityPS skv = { struct ExchangeSigningKeyDataP skv = {
.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY),
.purpose.size = htonl (sizeof (struct TALER_ExchangeSigningKeyValidityPS)),
.start = GNUNET_TIME_timestamp_hton (es->ep_start), .start = GNUNET_TIME_timestamp_hton (es->ep_start),
.expire = GNUNET_TIME_timestamp_hton (es->ep_expire), .expire = GNUNET_TIME_timestamp_hton (es->ep_expire),
.end = GNUNET_TIME_timestamp_hton (es->ep_end), .end = GNUNET_TIME_timestamp_hton (es->ep_end),

85
src/auditor/taler-helper-auditor-aggregation.c
View File

@ -390,7 +390,7 @@ check_transaction_history_for_deposit (
const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_PrivateContractHashP *h_contract_terms,
const struct TALER_MerchantPublicKeyP *merchant_pub, const struct TALER_MerchantPublicKeyP *merchant_pub,
const struct TALER_DenominationKeyValidityPS *issue, const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue,
const struct TALER_EXCHANGEDB_TransactionList *tl_head, const struct TALER_EXCHANGEDB_TransactionList *tl_head,
struct TALER_Amount *merchant_gain, struct TALER_Amount *merchant_gain,
struct TALER_Amount *deposit_gain) struct TALER_Amount *deposit_gain)
@ -461,23 +461,16 @@ check_transaction_history_for_deposit (
deposit_fee = fee_claimed; /* We had a deposit, remember the fee, we may need it */ deposit_fee = fee_claimed; /* We had a deposit, remember the fee, we may need it */
} }
/* Check that the fees given in the transaction list and in dki match */ /* Check that the fees given in the transaction list and in dki match */
if (0 !=
TALER_amount_cmp (&issue->fees.deposit,
fee_claimed))
{ {
struct TALER_Amount fee_expected; /* Disagreement in fee structure between auditor and exchange DB! */
report_amount_arithmetic_inconsistency ("deposit fee",
/* Fee according to denomination data of auditor */ 0,
TALER_amount_ntoh (&fee_expected, fee_claimed,
&issue->fees.deposit); &issue->fees.deposit,
if (0 != 1);
TALER_amount_cmp (&fee_expected,
fee_claimed))
{
/* Disagreement in fee structure between auditor and exchange DB! */
report_amount_arithmetic_inconsistency ("deposit fee",
0,
fee_claimed,
&fee_expected,
1);
}
} }
break; break;
case TALER_EXCHANGEDB_TT_MELT: case TALER_EXCHANGEDB_TT_MELT:
@ -487,22 +480,16 @@ check_transaction_history_for_deposit (
&expenditures, &expenditures,
amount_with_fee); amount_with_fee);
/* Check that the fees given in the transaction list and in dki match */ /* Check that the fees given in the transaction list and in dki match */
if (0 !=
TALER_amount_cmp (&issue->fees.refresh,
fee_claimed))
{ {
struct TALER_Amount fee_expected; /* Disagreement in fee structure between exchange and auditor */
report_amount_arithmetic_inconsistency ("melt fee",
TALER_amount_ntoh (&fee_expected, 0,
&issue->fees.refresh); fee_claimed,
if (0 != &issue->fees.refresh,
TALER_amount_cmp (&fee_expected, 1);
fee_claimed))
{
/* Disagreement in fee structure between exchange and auditor */
report_amount_arithmetic_inconsistency ("melt fee",
0,
fee_claimed,
&fee_expected,
1);
}
} }
break; break;
case TALER_EXCHANGEDB_TT_REFUND: case TALER_EXCHANGEDB_TT_REFUND:
@ -531,22 +518,16 @@ check_transaction_history_for_deposit (
refund_deposit_fee = GNUNET_YES; refund_deposit_fee = GNUNET_YES;
} }
/* Check that the fees given in the transaction list and in dki match */ /* Check that the fees given in the transaction list and in dki match */
if (0 !=
TALER_amount_cmp (&issue->fees.refund,
fee_claimed))
{ {
struct TALER_Amount fee_expected; /* Disagreement in fee structure between exchange and auditor! */
report_amount_arithmetic_inconsistency ("refund fee",
TALER_amount_ntoh (&fee_expected, 0,
&issue->fees.refund); fee_claimed,
if (0 != &issue->fees.refund,
TALER_amount_cmp (&fee_expected, 1);
fee_claimed))
{
/* Disagreement in fee structure between exchange and auditor! */
report_amount_arithmetic_inconsistency ("refund fee",
0,
fee_claimed,
&fee_expected,
1);
}
} }
break; break;
case TALER_EXCHANGEDB_TT_OLD_COIN_RECOUP: case TALER_EXCHANGEDB_TT_OLD_COIN_RECOUP:
@ -641,18 +622,14 @@ check_transaction_history_for_deposit (
else else
{ {
/* Now check that 'spent' is less or equal than the total coin value */ /* Now check that 'spent' is less or equal than the total coin value */
struct TALER_Amount value;
TALER_amount_ntoh (&value,
&issue->value);
if (1 == TALER_amount_cmp (&spent, if (1 == TALER_amount_cmp (&spent,
&value)) &issue->value))
{ {
/* spent > value */ /* spent > value */
report_coin_arithmetic_inconsistency ("spend", report_coin_arithmetic_inconsistency ("spend",
coin_pub, coin_pub,
&spent, &spent,
&value, &issue->value,
-1); -1);
} }
} }
@ -703,7 +680,7 @@ wire_transfer_information_cb (
const struct TALER_Amount *deposit_fee) const struct TALER_Amount *deposit_fee)
{ {
struct WireCheckContext *wcc = cls; struct WireCheckContext *wcc = cls;
const struct TALER_DenominationKeyValidityPS *issue; const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue;
struct TALER_Amount computed_value; struct TALER_Amount computed_value;
struct TALER_Amount total_deposit_without_refunds; struct TALER_Amount total_deposit_without_refunds;
struct TALER_EXCHANGEDB_TransactionList *tl; struct TALER_EXCHANGEDB_TransactionList *tl;

239
src/auditor/taler-helper-auditor-coins.c
View File

@ -276,7 +276,7 @@ get_cached_history (const struct TALER_CoinSpendPublicKeyP *coin_pub)
*/ */
static void static void
report_emergency_by_amount ( report_emergency_by_amount (
const struct TALER_DenominationKeyValidityPS *issue, const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue,
const struct TALER_Amount *risk, const struct TALER_Amount *risk,
const struct TALER_Amount *loss) const struct TALER_Amount *loss)
{ {
@ -293,12 +293,12 @@ report_emergency_by_amount (
risk), risk),
TALER_JSON_pack_amount ("denom_loss", TALER_JSON_pack_amount ("denom_loss",
loss), loss),
TALER_JSON_pack_time_abs_nbo_human ("start", TALER_JSON_pack_time_abs_human ("start",
issue->start.abs_time_nbo), issue->start.abs_time),
TALER_JSON_pack_time_abs_nbo_human ("deposit_end", TALER_JSON_pack_time_abs_human ("deposit_end",
issue->expire_deposit.abs_time_nbo), issue->expire_deposit.abs_time),
TALER_JSON_pack_amount_nbo ("value", TALER_JSON_pack_amount ("value",
&issue->value))); &issue->value)));
TALER_ARL_amount_add (&reported_emergency_risk_by_amount, TALER_ARL_amount_add (&reported_emergency_risk_by_amount,
&reported_emergency_risk_by_amount, &reported_emergency_risk_by_amount,
risk); risk);
@ -324,13 +324,11 @@ report_emergency_by_amount (
*/ */
static void static void
report_emergency_by_count ( report_emergency_by_count (
const struct TALER_DenominationKeyValidityPS *issue, const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue,
uint64_t num_issued, uint64_t num_issued,
uint64_t num_known, uint64_t num_known,
const struct TALER_Amount *risk) const struct TALER_Amount *risk)
{ {
struct TALER_Amount denom_value;
TALER_ARL_report ( TALER_ARL_report (
report_emergencies_by_count, report_emergencies_by_count,
GNUNET_JSON_PACK ( GNUNET_JSON_PACK (
@ -342,21 +340,19 @@ report_emergency_by_count (
num_known), num_known),
TALER_JSON_pack_amount ("denom_risk", TALER_JSON_pack_amount ("denom_risk",
risk), risk),
TALER_JSON_pack_time_abs_nbo_human ("start", TALER_JSON_pack_time_abs_human ("start",
issue->start.abs_time_nbo), issue->start.abs_time),
TALER_JSON_pack_time_abs_nbo_human ("deposit_end", TALER_JSON_pack_time_abs_human ("deposit_end",
issue->expire_deposit.abs_time_nbo), issue->expire_deposit.abs_time),
TALER_JSON_pack_amount_nbo ("value", TALER_JSON_pack_amount ("value",
&issue->value))); &issue->value)));
TALER_ARL_amount_add (&reported_emergency_risk_by_count, TALER_ARL_amount_add (&reported_emergency_risk_by_count,
&reported_emergency_risk_by_count, &reported_emergency_risk_by_count,
risk); risk);
TALER_amount_ntoh (&denom_value,
&issue->value);
for (uint64_t i = num_issued; i<num_known; i++) for (uint64_t i = num_issued; i<num_known; i++)
TALER_ARL_amount_add (&reported_emergency_loss_by_count, TALER_ARL_amount_add (&reported_emergency_loss_by_count,
&reported_emergency_loss_by_count, &reported_emergency_loss_by_count,
&denom_value); &issue->value);
} }
@ -624,7 +620,7 @@ struct DenominationSummary
/** /**
* Denomination key information for this denomination. * Denomination key information for this denomination.
*/ */
const struct TALER_DenominationKeyValidityPS *issue; const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue;
/** /**
* #GNUNET_YES if this record already existed in the DB. * #GNUNET_YES if this record already existed in the DB.
@ -759,7 +755,8 @@ init_denomination (const struct TALER_DenominationHashP *denom_hash,
*/ */
static struct DenominationSummary * static struct DenominationSummary *
get_denomination_summary (struct CoinContext *cc, get_denomination_summary (struct CoinContext *cc,
const struct TALER_DenominationKeyValidityPS *issue, const struct
TALER_EXCHANGEDB_DenominationKeyInformation *issue,
const struct TALER_DenominationHashP *dh) const struct TALER_DenominationHashP *dh)
{ {
struct DenominationSummary *ds; struct DenominationSummary *ds;
@ -806,14 +803,14 @@ sync_denomination (void *cls,
.hash = *denom_hash .hash = *denom_hash
}; };
struct DenominationSummary *ds = value; struct DenominationSummary *ds = value;
const struct TALER_DenominationKeyValidityPS *issue = ds->issue; const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue = ds->issue;
struct GNUNET_TIME_Absolute now; struct GNUNET_TIME_Absolute now;
struct GNUNET_TIME_Timestamp expire_deposit; struct GNUNET_TIME_Timestamp expire_deposit;
struct GNUNET_TIME_Absolute expire_deposit_grace; struct GNUNET_TIME_Absolute expire_deposit_grace;
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
now = GNUNET_TIME_absolute_get (); now = GNUNET_TIME_absolute_get ();
expire_deposit = GNUNET_TIME_timestamp_ntoh (issue->expire_deposit); expire_deposit = issue->expire_deposit;
/* add day grace period to deal with clocks not being perfectly synchronized */ /* add day grace period to deal with clocks not being perfectly synchronized */
expire_deposit_grace = GNUNET_TIME_absolute_add (expire_deposit.abs_time, expire_deposit_grace = GNUNET_TIME_absolute_add (expire_deposit.abs_time,
DEPOSIT_GRACE_PERIOD); DEPOSIT_GRACE_PERIOD);
@ -973,8 +970,7 @@ withdraw_cb (void *cls,
struct CoinContext *cc = cls; struct CoinContext *cc = cls;
struct DenominationSummary *ds; struct DenominationSummary *ds;
struct TALER_DenominationHashP dh; struct TALER_DenominationHashP dh;
const struct TALER_DenominationKeyValidityPS *issue; const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue;
struct TALER_Amount value;
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
/* Note: some optimization potential here: lots of fields we /* Note: some optimization potential here: lots of fields we
@ -1016,29 +1012,27 @@ withdraw_cb (void *cls,
GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == cc->qs); GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == cc->qs);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
TALER_amount_ntoh (&value,
&issue->value);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Issued coin in denomination `%s' of total value %s\n", "Issued coin in denomination `%s' of total value %s\n",
GNUNET_h2s (&dh.hash), GNUNET_h2s (&dh.hash),
TALER_amount2s (&value)); TALER_amount2s (&issue->value));
ds->num_issued++; ds->num_issued++;
TALER_ARL_amount_add (&ds->denom_balance, TALER_ARL_amount_add (&ds->denom_balance,
&ds->denom_balance, &ds->denom_balance,
&value); &issue->value);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"New balance of denomination `%s' is %s\n", "New balance of denomination `%s' is %s\n",
GNUNET_h2s (&dh.hash), GNUNET_h2s (&dh.hash),
TALER_amount2s (&ds->denom_balance)); TALER_amount2s (&ds->denom_balance));
TALER_ARL_amount_add (&total_escrow_balance, TALER_ARL_amount_add (&total_escrow_balance,
&total_escrow_balance, &total_escrow_balance,
&value); &issue->value);
TALER_ARL_amount_add (&total_risk, TALER_ARL_amount_add (&total_risk,
&total_risk, &total_risk,
&value); &issue->value);
TALER_ARL_amount_add (&ds->denom_risk, TALER_ARL_amount_add (&ds->denom_risk,
&ds->denom_risk, &ds->denom_risk,
&value); &issue->value);
if (TALER_ARL_do_abort ()) if (TALER_ARL_do_abort ())
return GNUNET_SYSERR; return GNUNET_SYSERR;
return GNUNET_OK; return GNUNET_OK;
@ -1054,7 +1048,7 @@ struct RevealContext
/** /**
* Denomination public data of the new coins. * Denomination public data of the new coins.
*/ */
const struct TALER_DenominationKeyValidityPS **new_issues; const struct TALER_EXCHANGEDB_DenominationKeyInformation **new_issues;
/** /**
* Set to the size of the @a new_issues array. * Set to the size of the @a new_issues array.
@ -1071,7 +1065,7 @@ struct RevealContext
* #GNUNET_NO if a denomination key was not found * #GNUNET_NO if a denomination key was not found
* #GNUNET_SYSERR if we had a database error. * #GNUNET_SYSERR if we had a database error.
*/ */
int err; enum GNUNET_GenericReturnValue err;
/** /**
* Database error, if @e err is #GNUNET_SYSERR. * Database error, if @e err is #GNUNET_SYSERR.
@ -1097,7 +1091,7 @@ reveal_data_cb (void *cls,
rctx->num_freshcoins = num_freshcoins; rctx->num_freshcoins = num_freshcoins;
rctx->new_issues = GNUNET_new_array ( rctx->new_issues = GNUNET_new_array (
num_freshcoins, num_freshcoins,
const struct TALER_DenominationKeyValidityPS *); const struct TALER_EXCHANGEDB_DenominationKeyInformation *);
/* Update outstanding amounts for all new coin's denominations */ /* Update outstanding amounts for all new coin's denominations */
for (unsigned int i = 0; i<num_freshcoins; i++) for (unsigned int i = 0; i<num_freshcoins; i++)
@ -1141,7 +1135,8 @@ reveal_data_cb (void *cls,
*/ */
static enum GNUNET_DB_QueryStatus static enum GNUNET_DB_QueryStatus
check_known_coin (const char *operation, check_known_coin (const char *operation,
const struct TALER_DenominationKeyValidityPS *issue, const struct
TALER_EXCHANGEDB_DenominationKeyInformation *issue,
uint64_t rowid, uint64_t rowid,
const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationPublicKey *denom_pub,
@ -1152,14 +1147,10 @@ check_known_coin (const char *operation,
if (NULL == get_cached_history (coin_pub)) if (NULL == get_cached_history (coin_pub))
{ {
struct TALER_Amount value;
TALER_amount_ntoh (&value,
&issue->value);
qs = check_coin_history (coin_pub, qs = check_coin_history (coin_pub,
rowid, rowid,
operation, operation,
&value); &issue->value);
if (0 > qs) if (0 > qs)
{ {
GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs); GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs);
@ -1232,7 +1223,7 @@ refresh_session_cb (void *cls,
const struct TALER_RefreshCommitmentP *rc) const struct TALER_RefreshCommitmentP *rc)
{ {
struct CoinContext *cc = cls; struct CoinContext *cc = cls;
const struct TALER_DenominationKeyValidityPS *issue; const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue;
struct DenominationSummary *dso; struct DenominationSummary *dso;
struct TALER_Amount amount_without_fee; struct TALER_Amount amount_without_fee;
struct TALER_Amount tmp; struct TALER_Amount tmp;
@ -1276,15 +1267,12 @@ refresh_session_cb (void *cls,
/* verify melt signature */ /* verify melt signature */
{ {
struct TALER_DenominationHashP h_denom_pub; struct TALER_DenominationHashP h_denom_pub;
struct TALER_Amount fee_refresh;
TALER_denom_pub_hash (denom_pub, TALER_denom_pub_hash (denom_pub,
&h_denom_pub); &h_denom_pub);
TALER_amount_ntoh (&fee_refresh,
&issue->fees.refresh);
if (GNUNET_OK != if (GNUNET_OK !=
TALER_wallet_melt_verify (amount_with_fee, TALER_wallet_melt_verify (amount_with_fee,
&fee_refresh, &issue->fees.refresh,
rc, rc,
&h_denom_pub, &h_denom_pub,
h_age_commitment, h_age_commitment,
@ -1370,46 +1358,36 @@ refresh_session_cb (void *cls,
&refresh_cost)); &refresh_cost));
for (unsigned int i = 0; i<reveal_ctx.num_freshcoins; i++) for (unsigned int i = 0; i<reveal_ctx.num_freshcoins; i++)
{ {
const struct TALER_EXCHANGEDB_DenominationKeyInformation *ni
= reveal_ctx.new_issues[i];
/* update cost of refresh */ /* update cost of refresh */
struct TALER_Amount fee;
struct TALER_Amount value;
TALER_amount_ntoh (&fee,
&reveal_ctx.new_issues[i]->fees.withdraw);
TALER_amount_ntoh (&value,
&reveal_ctx.new_issues[i]->value);
TALER_ARL_amount_add (&refresh_cost, TALER_ARL_amount_add (&refresh_cost,
&refresh_cost, &refresh_cost,
&fee); &ni->fees.withdraw);
TALER_ARL_amount_add (&refresh_cost, TALER_ARL_amount_add (&refresh_cost,
&refresh_cost, &refresh_cost,
&value); &ni->value);
} }
/* compute contribution of old coin */ /* compute contribution of old coin */
if (TALER_ARL_SR_POSITIVE !=
TALER_ARL_amount_subtract_neg (&amount_without_fee,
amount_with_fee,
&issue->fees.refresh))
{ {
struct TALER_Amount melt_fee; /* Melt fee higher than contribution of melted coin; this makes
no sense (exchange should never have accepted the operation) */
TALER_amount_ntoh (&melt_fee, report_amount_arithmetic_inconsistency ("melt contribution vs. fee",
&issue->fees.refresh); rowid,
if (TALER_ARL_SR_POSITIVE != amount_with_fee,
TALER_ARL_amount_subtract_neg (&amount_without_fee, &issue->fees.refresh,
amount_with_fee, -1);
&melt_fee)) /* To continue, best assumption is the melted coin contributed
{ nothing (=> all withdrawal amounts will be counted as losses) */
/* Melt fee higher than contribution of melted coin; this makes GNUNET_assert (GNUNET_OK ==
no sense (exchange should never have accepted the operation) */ TALER_amount_set_zero (TALER_ARL_currency,
report_amount_arithmetic_inconsistency ("melt contribution vs. fee", &amount_without_fee));
rowid,
amount_with_fee,
&melt_fee,
-1);
/* To continue, best assumption is the melted coin contributed
nothing (=> all withdrawal amounts will be counted as losses) */
GNUNET_assert (GNUNET_OK ==
TALER_amount_set_zero (TALER_ARL_currency,
&amount_without_fee));
}
} }
/* check old coin covers complete expenses (of withdraw operations) */ /* check old coin covers complete expenses (of withdraw operations) */
@ -1427,12 +1405,13 @@ refresh_session_cb (void *cls,
/* update outstanding denomination amounts for fresh coins withdrawn */ /* update outstanding denomination amounts for fresh coins withdrawn */
for (unsigned int i = 0; i<reveal_ctx.num_freshcoins; i++) for (unsigned int i = 0; i<reveal_ctx.num_freshcoins; i++)
{ {
const struct TALER_EXCHANGEDB_DenominationKeyInformation *ni
= reveal_ctx.new_issues[i];
struct DenominationSummary *dsi; struct DenominationSummary *dsi;
struct TALER_Amount value;
dsi = get_denomination_summary (cc, dsi = get_denomination_summary (cc,
reveal_ctx.new_issues[i], ni,
&reveal_ctx.new_issues[i]->denom_hash); &ni->denom_hash);
if (NULL == dsi) if (NULL == dsi)
{ {
report_row_inconsistency ("refresh_reveal", report_row_inconsistency ("refresh_reveal",
@ -1441,29 +1420,27 @@ refresh_session_cb (void *cls,
} }
else else
{ {
TALER_amount_ntoh (&value,
&reveal_ctx.new_issues[i]->value);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Created fresh coin in denomination `%s' of value %s\n", "Created fresh coin in denomination `%s' of value %s\n",
GNUNET_h2s (&reveal_ctx.new_issues[i]->denom_hash.hash), GNUNET_h2s (&ni->denom_hash.hash),
TALER_amount2s (&value)); TALER_amount2s (&ni->value));
dsi->num_issued++; dsi->num_issued++;
TALER_ARL_amount_add (&dsi->denom_balance, TALER_ARL_amount_add (&dsi->denom_balance,
&dsi->denom_balance, &dsi->denom_balance,
&value); &ni->value);
TALER_ARL_amount_add (&dsi->denom_risk, TALER_ARL_amount_add (&dsi->denom_risk,
&dsi->denom_risk, &dsi->denom_risk,
&value); &ni->value);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"New balance of denomination `%s' is %s\n", "New balance of denomination `%s' is %s\n",
GNUNET_h2s (&reveal_ctx.new_issues[i]->denom_hash.hash), GNUNET_h2s (&ni->denom_hash.hash),
TALER_amount2s (&dsi->denom_balance)); TALER_amount2s (&dsi->denom_balance));
TALER_ARL_amount_add (&total_escrow_balance, TALER_ARL_amount_add (&total_escrow_balance,
&total_escrow_balance, &total_escrow_balance,
&value); &ni->value);
TALER_ARL_amount_add (&total_risk, TALER_ARL_amount_add (&total_risk,
&total_risk, &total_risk,
&value); &ni->value);
} }
} }
GNUNET_free (reveal_ctx.new_issues); GNUNET_free (reveal_ctx.new_issues);
@ -1524,15 +1501,9 @@ refresh_session_cb (void *cls,
} }
/* update global melt fees */ /* update global melt fees */
{ TALER_ARL_amount_add (&total_melt_fee_income,
struct TALER_Amount rfee; &total_melt_fee_income,
&issue->fees.refresh);
TALER_amount_ntoh (&rfee,
&issue->fees.refresh);
TALER_ARL_amount_add (&total_melt_fee_income,
&total_melt_fee_income,
&rfee);
}
if (TALER_ARL_do_abort ()) if (TALER_ARL_do_abort ())
return GNUNET_SYSERR; return GNUNET_SYSERR;
return GNUNET_OK; return GNUNET_OK;
@ -1560,7 +1531,7 @@ deposit_cb (void *cls,
bool done) bool done)
{ {
struct CoinContext *cc = cls; struct CoinContext *cc = cls;
const struct TALER_DenominationKeyValidityPS *issue; const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue;
struct DenominationSummary *ds; struct DenominationSummary *ds;
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
@ -1613,21 +1584,18 @@ deposit_cb (void *cls,
{ {
struct TALER_MerchantWireHashP h_wire; struct TALER_MerchantWireHashP h_wire;
struct TALER_DenominationHashP h_denom_pub; struct TALER_DenominationHashP h_denom_pub;
struct TALER_Amount deposit_fee;
TALER_denom_pub_hash (denom_pub, TALER_denom_pub_hash (denom_pub,
&h_denom_pub); &h_denom_pub);
TALER_merchant_wire_signature_hash (deposit->receiver_wire_account, TALER_merchant_wire_signature_hash (deposit->receiver_wire_account,
&deposit->wire_salt, &deposit->wire_salt,
&h_wire); &h_wire);
TALER_amount_ntoh (&deposit_fee,
&issue->fees.deposit);
/* NOTE: This is one of the operations we might eventually /* NOTE: This is one of the operations we might eventually
want to do in parallel in the background to improve want to do in parallel in the background to improve
auditor performance! */ auditor performance! */
if (GNUNET_OK != if (GNUNET_OK !=
TALER_wallet_deposit_verify (&deposit->amount_with_fee, TALER_wallet_deposit_verify (&deposit->amount_with_fee,
&deposit_fee, &issue->fees.deposit,
&h_wire, &h_wire,
&deposit->h_contract_terms, &deposit->h_contract_terms,
&deposit->coin.h_age_commitment, &deposit->coin.h_age_commitment,
@ -1722,15 +1690,9 @@ deposit_cb (void *cls,
} }
/* update global deposit fees */ /* update global deposit fees */
{ TALER_ARL_amount_add (&total_deposit_fee_income,
struct TALER_Amount dfee; &total_deposit_fee_income,
&issue->fees.deposit);
TALER_amount_ntoh (&dfee,
&issue->fees.deposit);
TALER_ARL_amount_add (&total_deposit_fee_income,
&total_deposit_fee_income,
&dfee);
}
if (TALER_ARL_do_abort ()) if (TALER_ARL_do_abort ())
return GNUNET_SYSERR; return GNUNET_SYSERR;
return GNUNET_OK; return GNUNET_OK;
@ -1766,10 +1728,9 @@ refund_cb (void *cls,
const struct TALER_Amount *amount_with_fee) const struct TALER_Amount *amount_with_fee)
{ {
struct CoinContext *cc = cls; struct CoinContext *cc = cls;
const struct TALER_DenominationKeyValidityPS *issue; const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue;
struct DenominationSummary *ds; struct DenominationSummary *ds;
struct TALER_Amount amount_without_fee; struct TALER_Amount amount_without_fee;
struct TALER_Amount refund_fee;
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
GNUNET_assert (rowid >= ppc.last_refund_serial_id); /* should be monotonically increasing */ GNUNET_assert (rowid >= ppc.last_refund_serial_id); /* should be monotonically increasing */
@ -1820,17 +1781,15 @@ refund_cb (void *cls,
return GNUNET_OK; return GNUNET_OK;
} }
TALER_amount_ntoh (&refund_fee,
&issue->fees.refund);
if (TALER_ARL_SR_INVALID_NEGATIVE == if (TALER_ARL_SR_INVALID_NEGATIVE ==
TALER_ARL_amount_subtract_neg (&amount_without_fee, TALER_ARL_amount_subtract_neg (&amount_without_fee,
amount_with_fee, amount_with_fee,
&refund_fee)) &issue->fees.refund))
{ {
report_amount_arithmetic_inconsistency ("refund (fee)", report_amount_arithmetic_inconsistency ("refund (fee)",
rowid, rowid,
&amount_without_fee, &amount_without_fee,
&refund_fee, &issue->fees.refund,
-1); -1);
if (TALER_ARL_do_abort ()) if (TALER_ARL_do_abort ())
return GNUNET_SYSERR; return GNUNET_SYSERR;
@ -1875,7 +1834,7 @@ refund_cb (void *cls,
/* update total refund fee balance */ /* update total refund fee balance */
TALER_ARL_amount_add (&total_refund_fee_income, TALER_ARL_amount_add (&total_refund_fee_income,
&total_refund_fee_income, &total_refund_fee_income,
&refund_fee); &issue->fees.refund);
if (TALER_ARL_do_abort ()) if (TALER_ARL_do_abort ())
return GNUNET_SYSERR; return GNUNET_SYSERR;
return GNUNET_OK; return GNUNET_OK;
@ -1908,7 +1867,7 @@ check_recoup (struct CoinContext *cc,
{ {
struct DenominationSummary *ds; struct DenominationSummary *ds;
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
const struct TALER_DenominationKeyValidityPS *issue; const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue;
if (GNUNET_OK != if (GNUNET_OK !=
TALER_test_coin_valid (coin, TALER_test_coin_valid (coin,
@ -2096,7 +2055,7 @@ recoup_refresh_cb (void *cls,
const union TALER_DenominationBlindingKeyP *coin_blind) const union TALER_DenominationBlindingKeyP *coin_blind)
{ {
struct CoinContext *cc = cls; struct CoinContext *cc = cls;
const struct TALER_DenominationKeyValidityPS *issue; const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue;
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
(void) timestamp; (void) timestamp;
@ -2195,24 +2154,13 @@ static void
check_denomination ( check_denomination (
void *cls, void *cls,
const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_EXCHANGEDB_DenominationKeyInformationP *validity) const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue)
{ {
const struct TALER_DenominationKeyValidityPS *issue = &validity->properties;
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
struct TALER_AuditorSignatureP auditor_sig; struct TALER_AuditorSignatureP auditor_sig;
struct TALER_Amount coin_value;
struct TALER_DenomFeeSet fees;
struct GNUNET_TIME_Timestamp start;
struct GNUNET_TIME_Timestamp end;
(void) cls; (void) cls;
(void) denom_pub; (void) denom_pub;
TALER_amount_ntoh (&coin_value,
&issue->value);
TALER_denom_fee_set_ntoh (&fees,
&issue->fees);
start = GNUNET_TIME_timestamp_ntoh (issue->start);
end = GNUNET_TIME_timestamp_ntoh (issue->expire_legal);
qs = TALER_ARL_edb->select_auditor_denom_sig (TALER_ARL_edb->cls, qs = TALER_ARL_edb->select_auditor_denom_sig (TALER_ARL_edb->cls,
&issue->denom_hash, &issue->denom_hash,
&TALER_ARL_auditor_pub, &TALER_ARL_auditor_pub,
@ -2227,10 +2175,10 @@ check_denomination (
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Encountered denomination `%s' (%s) valid from %s (%llu-%llu) that this auditor is not auditing!\n", "Encountered denomination `%s' (%s) valid from %s (%llu-%llu) that this auditor is not auditing!\n",
GNUNET_h2s (&issue->denom_hash.hash), GNUNET_h2s (&issue->denom_hash.hash),
TALER_amount2s (&coin_value), TALER_amount2s (&issue->value),
GNUNET_TIME_timestamp2s (start), GNUNET_TIME_timestamp2s (issue->start),
(unsigned long long) start.abs_time.abs_value_us, (unsigned long long) issue->start.abs_time.abs_value_us,
(unsigned long long) end.abs_time.abs_value_us); (unsigned long long) issue->expire_legal.abs_time.abs_value_us);
return; /* skip! */ return; /* skip! */
} }
if (GNUNET_OK != if (GNUNET_OK !=
@ -2238,12 +2186,12 @@ check_denomination (
TALER_ARL_auditor_url, TALER_ARL_auditor_url,
&issue->denom_hash, &issue->denom_hash,
&TALER_ARL_master_pub, &TALER_ARL_master_pub,
start, issue->start,
GNUNET_TIME_timestamp_ntoh (issue->expire_withdraw), issue->expire_withdraw,
GNUNET_TIME_timestamp_ntoh (issue->expire_deposit), issue->expire_deposit,
end, issue->expire_legal,
&coin_value, &issue->value,
&fees, &issue->fees,
&TALER_ARL_auditor_pub, &TALER_ARL_auditor_pub,
&auditor_sig)) &auditor_sig))
{ {
@ -2252,11 +2200,12 @@ check_denomination (
GNUNET_JSON_pack_data_auto ("denomination", GNUNET_JSON_pack_data_auto ("denomination",
&issue->denom_hash), &issue->denom_hash),
TALER_JSON_pack_amount ("value", TALER_JSON_pack_amount ("value",
&coin_value), &issue->value),
TALER_JSON_pack_time_abs_human ("start_time", TALER_JSON_pack_time_abs_human ("start_time",
start.abs_time), issue->start.abs_time),
TALER_JSON_pack_time_abs_human ("end_time", TALER_JSON_pack_time_abs_human ("end_time",
end.abs_time))); issue->expire_legal.
abs_time)));
} }
} }

28
src/auditor/taler-helper-auditor-reserves.c
View File

@ -501,12 +501,8 @@ handle_reserve_out (void *cls,
struct ReserveContext *rc = cls; struct ReserveContext *rc = cls;
struct GNUNET_HashCode key; struct GNUNET_HashCode key;
struct ReserveSummary *rs; struct ReserveSummary *rs;
const struct TALER_DenominationKeyValidityPS *issue; const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue;
struct TALER_Amount withdraw_fee;
struct TALER_Amount auditor_value;
struct TALER_Amount auditor_amount_with_fee; struct TALER_Amount auditor_amount_with_fee;
struct GNUNET_TIME_Timestamp valid_start;
struct GNUNET_TIME_Timestamp expire_withdraw;
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
struct TALER_DenominationHashP h_denom_pub; struct TALER_DenominationHashP h_denom_pub;
@ -541,17 +537,15 @@ handle_reserve_out (void *cls,
} }
/* check that execution date is within withdraw range for denom_pub */ /* check that execution date is within withdraw range for denom_pub */
valid_start = GNUNET_TIME_timestamp_ntoh (issue->start);
expire_withdraw = GNUNET_TIME_timestamp_ntoh (issue->expire_withdraw);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Checking withdraw timing: %llu, expire: %llu, timing: %llu\n", "Checking withdraw timing: %llu, expire: %llu, timing: %llu\n",
(unsigned long long) valid_start.abs_time.abs_value_us, (unsigned long long) issue->start.abs_time.abs_value_us,
(unsigned long long) expire_withdraw.abs_time.abs_value_us, (unsigned long long) issue->expire_withdraw.abs_time.abs_value_us,
(unsigned long long) execution_date.abs_time.abs_value_us); (unsigned long long) execution_date.abs_time.abs_value_us);
if (GNUNET_TIME_timestamp_cmp (valid_start, if (GNUNET_TIME_timestamp_cmp (issue->start,
>, >,
execution_date) || execution_date) ||
GNUNET_TIME_timestamp_cmp (expire_withdraw, GNUNET_TIME_timestamp_cmp (issue->expire_withdraw,
<, <,
execution_date)) execution_date))
{ {
@ -593,13 +587,9 @@ handle_reserve_out (void *cls,
return GNUNET_OK; /* exit function here, we cannot add this to the legitimate withdrawals */ return GNUNET_OK; /* exit function here, we cannot add this to the legitimate withdrawals */
} }
TALER_amount_ntoh (&withdraw_fee,
&issue->fees.withdraw);
TALER_amount_ntoh (&auditor_value,
&issue->value);
TALER_ARL_amount_add (&auditor_amount_with_fee, TALER_ARL_amount_add (&auditor_amount_with_fee,
&auditor_value, &issue->value,
&withdraw_fee); &issue->fees.withdraw);
if (0 != if (0 !=
TALER_amount_cmp (&auditor_amount_with_fee, TALER_amount_cmp (&auditor_amount_with_fee,
amount_with_fee)) amount_with_fee))
@ -652,10 +642,10 @@ handle_reserve_out (void *cls,
TALER_amount2s (&auditor_amount_with_fee)); TALER_amount2s (&auditor_amount_with_fee));
GNUNET_log (GNUNET_ERROR_TYPE_INFO, GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Increasing withdraw profits by fee %s\n", "Increasing withdraw profits by fee %s\n",
TALER_amount2s (&withdraw_fee)); TALER_amount2s (&issue->fees.withdraw));
TALER_ARL_amount_add (&rs->total_fee, TALER_ARL_amount_add (&rs->total_fee,
&rs->total_fee, &rs->total_fee,
&withdraw_fee); &issue->fees.withdraw);
if (TALER_ARL_do_abort ()) if (TALER_ARL_do_abort ())
return GNUNET_SYSERR; return GNUNET_SYSERR;
return GNUNET_OK; return GNUNET_OK;

67
src/benchmark/taler-aggregator-benchmark.c
View File

@ -143,29 +143,6 @@ make_amount (unsigned int val,
} }
/**
* Initialize @a out with an amount given by @a val and
* @a frac using the main "currency".
*
* @param val value to set
* @param frac fraction to set
* @param[out] out where to write the amount
*/
static void
make_amountN (unsigned int val,
unsigned int frac,
struct TALER_AmountNBO *out)
{
struct TALER_Amount in;
make_amount (val,
frac,
&in);
TALER_amount_hton (out,
&in);
}
/** /**
* Create random-ish timestamp. * Create random-ish timestamp.
* *
@ -430,7 +407,7 @@ run (void *cls,
const char *cfgfile, const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *c) const struct GNUNET_CONFIGURATION_Handle *c)
{ {
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue; struct TALER_EXCHANGEDB_DenominationKeyInformation issue;
(void) cls; (void) cls;
(void) args; (void) args;
@ -466,24 +443,18 @@ run (void *cls,
GNUNET_SCHEDULER_add_shutdown (&do_shutdown, GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
NULL); NULL);
RANDOMIZE (&issue.signature); RANDOMIZE (&issue.signature);
issue.properties.purpose.purpose = htonl ( issue.start
TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY); = start;
issue.properties.purpose.size = htonl (sizeof (issue.properties)); issue.expire_withdraw
RANDOMIZE (&issue.properties.master); = GNUNET_TIME_absolute_to_timestamp (
issue.properties.start GNUNET_TIME_absolute_add (start.abs_time,
= GNUNET_TIME_timestamp_hton (start); GNUNET_TIME_UNIT_DAYS));
issue.properties.expire_withdraw issue.expire_deposit
= GNUNET_TIME_timestamp_hton ( = end;
GNUNET_TIME_absolute_to_timestamp ( issue.expire_legal
GNUNET_TIME_absolute_add (start.abs_time, = GNUNET_TIME_absolute_to_timestamp (
GNUNET_TIME_UNIT_DAYS))); GNUNET_TIME_absolute_add (end.abs_time,
issue.properties.expire_deposit GNUNET_TIME_UNIT_YEARS));
= GNUNET_TIME_timestamp_hton (end);
issue.properties.expire_legal
= GNUNET_TIME_timestamp_hton (
GNUNET_TIME_absolute_to_timestamp (
GNUNET_TIME_absolute_add (end.abs_time,
GNUNET_TIME_UNIT_YEARS)));
{ {
struct TALER_DenominationPrivateKey pk; struct TALER_DenominationPrivateKey pk;
struct TALER_DenominationPublicKey denom_pub; struct TALER_DenominationPublicKey denom_pub;
@ -505,12 +476,12 @@ run (void *cls,
alg_values.cipher = TALER_DENOMINATION_RSA; alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_denom_pub_hash (&denom_pub, TALER_denom_pub_hash (&denom_pub,
&h_denom_pub); &h_denom_pub);
make_amountN (2, 0, &issue.properties.value); make_amount (2, 0, &issue.value);
make_amountN (0, 5, &issue.properties.fees.withdraw); make_amount (0, 5, &issue.fees.withdraw);
make_amountN (0, 5, &issue.properties.fees.deposit); make_amount (0, 5, &issue.fees.deposit);
make_amountN (0, 5, &issue.properties.fees.refresh); make_amount (0, 5, &issue.fees.refresh);
make_amountN (0, 5, &issue.properties.fees.refund); make_amount (0, 5, &issue.fees.refund);
issue.properties.denom_hash = h_denom_pub; issue.denom_hash = h_denom_pub;
if (0 >= if (0 >=
plugin->insert_denomination_info (plugin->cls, plugin->insert_denomination_info (plugin->cls,
&denom_pub, &denom_pub,

143
src/exchangedb/plugin_exchangedb_postgres.c
View File

@ -3550,27 +3550,26 @@ static enum GNUNET_DB_QueryStatus
postgres_insert_denomination_info ( postgres_insert_denomination_info (
void *cls, void *cls,
const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_EXCHANGEDB_DenominationKeyInformationP *issue) const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue)
{ {
struct PostgresClosure *pg = cls; struct PostgresClosure *pg = cls;
struct TALER_DenominationHashP denom_hash; struct TALER_DenominationHashP denom_hash;
struct GNUNET_PQ_QueryParam params[] = { struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (&issue->properties.denom_hash), GNUNET_PQ_query_param_auto_from_type (&issue->denom_hash),
TALER_PQ_query_param_denom_pub (denom_pub), TALER_PQ_query_param_denom_pub (denom_pub),
GNUNET_PQ_query_param_auto_from_type (&issue->signature), GNUNET_PQ_query_param_auto_from_type (&issue->signature),
GNUNET_PQ_query_param_timestamp_nbo (&issue->properties.start), GNUNET_PQ_query_param_timestamp (&issue->start),
GNUNET_PQ_query_param_timestamp_nbo (&issue->properties.expire_withdraw), GNUNET_PQ_query_param_timestamp (&issue->expire_withdraw),
GNUNET_PQ_query_param_timestamp_nbo (&issue->properties.expire_deposit), GNUNET_PQ_query_param_timestamp (&issue->expire_deposit),
GNUNET_PQ_query_param_timestamp_nbo (&issue->properties.expire_legal), GNUNET_PQ_query_param_timestamp (&issue->expire_legal),
TALER_PQ_query_param_amount_nbo (&issue->properties.value), TALER_PQ_query_param_amount (&issue->value),
TALER_PQ_query_param_amount_nbo (&issue->properties.fees.withdraw), TALER_PQ_query_param_amount (&issue->fees.withdraw),
TALER_PQ_query_param_amount_nbo (&issue->properties.fees.deposit), TALER_PQ_query_param_amount (&issue->fees.deposit),
TALER_PQ_query_param_amount_nbo (&issue->properties.fees.refresh), TALER_PQ_query_param_amount (&issue->fees.refresh),
TALER_PQ_query_param_amount_nbo (&issue->properties.fees.refund), TALER_PQ_query_param_amount (&issue->fees.refund),
GNUNET_PQ_query_param_uint32 (&denom_pub->age_mask.bits), GNUNET_PQ_query_param_uint32 (&denom_pub->age_mask.bits),
GNUNET_PQ_query_param_end GNUNET_PQ_query_param_end
}; };
struct TALER_DenomFeeSet fees;
GNUNET_assert (denom_pub->age_mask.bits == GNUNET_assert (denom_pub->age_mask.bits ==
issue->age_mask.bits); issue->age_mask.bits);
@ -3578,26 +3577,20 @@ postgres_insert_denomination_info (
&denom_hash); &denom_hash);
GNUNET_assert (0 == GNUNET_assert (0 ==
GNUNET_memcmp (&denom_hash, GNUNET_memcmp (&denom_hash,
&issue->properties.denom_hash)); &issue->denom_hash));
GNUNET_assert (! GNUNET_TIME_absolute_is_zero ( GNUNET_assert (! GNUNET_TIME_absolute_is_zero (
GNUNET_TIME_timestamp_ntoh ( issue->start.abs_time));
issue->properties.start).abs_time));
GNUNET_assert (! GNUNET_TIME_absolute_is_zero ( GNUNET_assert (! GNUNET_TIME_absolute_is_zero (
GNUNET_TIME_timestamp_ntoh ( issue->expire_withdraw.abs_time));
issue->properties.expire_withdraw).abs_time));
GNUNET_assert (! GNUNET_TIME_absolute_is_zero ( GNUNET_assert (! GNUNET_TIME_absolute_is_zero (
GNUNET_TIME_timestamp_ntoh ( issue->expire_deposit.abs_time));
issue->properties.expire_deposit).abs_time));
GNUNET_assert (! GNUNET_TIME_absolute_is_zero ( GNUNET_assert (! GNUNET_TIME_absolute_is_zero (
GNUNET_TIME_timestamp_ntoh ( issue->expire_legal.abs_time));
issue->properties.expire_legal).abs_time));
/* check fees match denomination currency */ /* check fees match denomination currency */
TALER_denom_fee_set_ntoh (&fees,
&issue->properties.fees);
GNUNET_assert (GNUNET_YES == GNUNET_assert (GNUNET_YES ==
TALER_denom_fee_check_currency ( TALER_denom_fee_check_currency (
issue->properties.value.currency, issue->value.currency,
&fees)); &issue->fees));
return GNUNET_PQ_eval_prepared_non_select (pg->conn, return GNUNET_PQ_eval_prepared_non_select (pg->conn,
"denomination_insert", "denomination_insert",
params); params);
@ -3616,7 +3609,7 @@ static enum GNUNET_DB_QueryStatus
postgres_get_denomination_info ( postgres_get_denomination_info (
void *cls, void *cls,
const struct TALER_DenominationHashP *denom_pub_hash, const struct TALER_DenominationHashP *denom_pub_hash,
struct TALER_EXCHANGEDB_DenominationKeyInformationP *issue) struct TALER_EXCHANGEDB_DenominationKeyInformation *issue)
{ {
struct PostgresClosure *pg = cls; struct PostgresClosure *pg = cls;
enum GNUNET_DB_QueryStatus qs; enum GNUNET_DB_QueryStatus qs;
@ -3627,43 +3620,36 @@ postgres_get_denomination_info (
struct GNUNET_PQ_ResultSpec rs[] = { struct GNUNET_PQ_ResultSpec rs[] = {
GNUNET_PQ_result_spec_auto_from_type ("master_sig", GNUNET_PQ_result_spec_auto_from_type ("master_sig",
&issue->signature), &issue->signature),
GNUNET_PQ_result_spec_timestamp_nbo ("valid_from", GNUNET_PQ_result_spec_timestamp ("valid_from",
&issue->properties.start), &issue->start),
GNUNET_PQ_result_spec_timestamp_nbo ("expire_withdraw", GNUNET_PQ_result_spec_timestamp ("expire_withdraw",
&issue->properties.expire_withdraw), &issue->expire_withdraw),
GNUNET_PQ_result_spec_timestamp_nbo ("expire_deposit", GNUNET_PQ_result_spec_timestamp ("expire_deposit",
&issue->properties.expire_deposit), &issue->expire_deposit),
GNUNET_PQ_result_spec_timestamp_nbo ("expire_legal", GNUNET_PQ_result_spec_timestamp ("expire_legal",
&issue->properties.expire_legal), &issue->expire_legal),
TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("coin", TALER_PQ_RESULT_SPEC_AMOUNT ("coin",
&issue->properties.value), &issue->value),
TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("fee_withdraw", TALER_PQ_RESULT_SPEC_AMOUNT ("fee_withdraw",
&issue->properties.fees.withdraw), &issue->fees.withdraw),
TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("fee_deposit", TALER_PQ_RESULT_SPEC_AMOUNT ("fee_deposit",
&issue->properties.fees.deposit), &issue->fees.deposit),
TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("fee_refresh", TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refresh",
&issue->properties.fees.refresh), &issue->fees.refresh),
TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("fee_refund", TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refund",
&issue->properties.fees.refund), &issue->fees.refund),
GNUNET_PQ_result_spec_uint32 ("age_mask", GNUNET_PQ_result_spec_uint32 ("age_mask",
&issue->age_mask.bits), &issue->age_mask.bits),
GNUNET_PQ_result_spec_end GNUNET_PQ_result_spec_end
}; };
memset (&issue->properties.master,
0,
sizeof (issue->properties.master));
qs = GNUNET_PQ_eval_prepared_singleton_select (pg->conn, qs = GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
"denomination_get", "denomination_get",
params, params,
rs); rs);
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs) if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs)
return qs; return qs;
issue->properties.purpose.size issue->denom_hash = *denom_pub_hash;
= htonl (sizeof (struct TALER_DenominationKeyValidityPS));
issue->properties.purpose.purpose = htonl (
TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY);
issue->properties.denom_hash = *denom_pub_hash;
return qs; return qs;
} }
@ -3708,7 +3694,7 @@ domination_cb_helper (void *cls,
for (unsigned int i = 0; i<num_results; i++) for (unsigned int i = 0; i<num_results; i++)
{ {
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue; struct TALER_EXCHANGEDB_DenominationKeyInformation issue;
struct TALER_DenominationPublicKey denom_pub; struct TALER_DenominationPublicKey denom_pub;
struct TALER_DenominationHashP denom_hash; struct TALER_DenominationHashP denom_hash;
struct GNUNET_PQ_ResultSpec rs[] = { struct GNUNET_PQ_ResultSpec rs[] = {
@ -3716,24 +3702,24 @@ domination_cb_helper (void *cls,
&issue.signature), &issue.signature),
GNUNET_PQ_result_spec_auto_from_type ("denom_pub_hash", GNUNET_PQ_result_spec_auto_from_type ("denom_pub_hash",
&denom_hash), &denom_hash),
GNUNET_PQ_result_spec_timestamp_nbo ("valid_from", GNUNET_PQ_result_spec_timestamp ("valid_from",
&issue.properties.start), &issue.start),
GNUNET_PQ_result_spec_timestamp_nbo ("expire_withdraw", GNUNET_PQ_result_spec_timestamp ("expire_withdraw",
&issue.properties.expire_withdraw), &issue.expire_withdraw),
GNUNET_PQ_result_spec_timestamp_nbo ("expire_deposit", GNUNET_PQ_result_spec_timestamp ("expire_deposit",
&issue.properties.expire_deposit), &issue.expire_deposit),
GNUNET_PQ_result_spec_timestamp_nbo ("expire_legal", GNUNET_PQ_result_spec_timestamp ("expire_legal",
&issue.properties.expire_legal), &issue.expire_legal),
TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("coin", TALER_PQ_RESULT_SPEC_AMOUNT ("coin",
&issue.properties.value), &issue.value),
TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("fee_withdraw", TALER_PQ_RESULT_SPEC_AMOUNT ("fee_withdraw",
&issue.properties.fees.withdraw), &issue.fees.withdraw),
TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("fee_deposit", TALER_PQ_RESULT_SPEC_AMOUNT ("fee_deposit",
&issue.properties.fees.deposit), &issue.fees.deposit),
TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("fee_refresh", TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refresh",
&issue.properties.fees.refresh), &issue.fees.refresh),
TALER_PQ_RESULT_SPEC_AMOUNT_NBO ("fee_refund", TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refund",
&issue.properties.fees.refund), &issue.fees.refund),
TALER_PQ_result_spec_denom_pub ("denom_pub", TALER_PQ_result_spec_denom_pub ("denom_pub",
&denom_pub), &denom_pub),
GNUNET_PQ_result_spec_uint32 ("age_mask", GNUNET_PQ_result_spec_uint32 ("age_mask",
@ -3741,10 +3727,6 @@ domination_cb_helper (void *cls,
GNUNET_PQ_result_spec_end GNUNET_PQ_result_spec_end
}; };
memset (&issue.properties.master,
0,
sizeof (issue.properties.master));
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_PQ_extract_result (result, GNUNET_PQ_extract_result (result,
rs, rs,
@ -3756,18 +3738,13 @@ domination_cb_helper (void *cls,
/* Unfortunately we have to carry the age mask in both, the /* Unfortunately we have to carry the age mask in both, the
* TALER_DenominationPublicKey and * TALER_DenominationPublicKey and
* TALER_EXCHANGEDB_DenominationKeyInformationP at different times. * TALER_EXCHANGEDB_DenominationKeyInformation at different times.
* Here we use _both_ so let's make sure the values are the same. */ * Here we use _both_ so let's make sure the values are the same. */
denom_pub.age_mask = issue.age_mask; denom_pub.age_mask = issue.age_mask;
issue.properties.purpose.size
= htonl (sizeof (struct TALER_DenominationKeyValidityPS));
issue.properties.purpose.purpose
= htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY);
TALER_denom_pub_hash (&denom_pub, TALER_denom_pub_hash (&denom_pub,
&issue.properties.denom_hash); &issue.denom_hash);
if (0 != if (0 !=
GNUNET_memcmp (&issue.properties.denom_hash, GNUNET_memcmp (&issue.denom_hash,
&denom_hash)) &denom_hash))
{ {
GNUNET_break (0); GNUNET_break (0);

58
src/exchangedb/test_exchangedb.c
View File

@ -275,7 +275,7 @@ create_denom_key_pair (unsigned int size,
{ {
struct DenomKeyPair *dkp; struct DenomKeyPair *dkp;
struct TALER_EXCHANGEDB_DenominationKey dki; struct TALER_EXCHANGEDB_DenominationKey dki;
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue2; struct TALER_EXCHANGEDB_DenominationKeyInformation issue2;
dkp = GNUNET_new (struct DenomKeyPair); dkp = GNUNET_new (struct DenomKeyPair);
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
@ -289,38 +289,28 @@ create_denom_key_pair (unsigned int size,
0, 0,
sizeof (struct TALER_EXCHANGEDB_DenominationKey)); sizeof (struct TALER_EXCHANGEDB_DenominationKey));
dki.denom_pub = dkp->pub; dki.denom_pub = dkp->pub;
dki.issue.properties.start = GNUNET_TIME_timestamp_hton (now); dki.issue.start = now;
dki.issue.properties.expire_withdraw dki.issue.expire_withdraw
= GNUNET_TIME_timestamp_hton = GNUNET_TIME_absolute_to_timestamp (
(GNUNET_TIME_absolute_to_timestamp GNUNET_TIME_absolute_add (
(GNUNET_TIME_absolute_add ( now.abs_time,
now.abs_time, GNUNET_TIME_UNIT_HOURS));
GNUNET_TIME_UNIT_HOURS))); dki.issue.expire_deposit
dki.issue.properties.expire_deposit = GNUNET_TIME_absolute_to_timestamp (
= GNUNET_TIME_timestamp_hton ( GNUNET_TIME_absolute_add (
GNUNET_TIME_absolute_to_timestamp now.abs_time,
(GNUNET_TIME_absolute_add GNUNET_TIME_relative_multiply (
(now.abs_time, GNUNET_TIME_UNIT_HOURS, 2)));
GNUNET_TIME_relative_multiply ( dki.issue.expire_legal
GNUNET_TIME_UNIT_HOURS, 2)))); = GNUNET_TIME_absolute_to_timestamp (
dki.issue.properties.expire_legal GNUNET_TIME_absolute_add (
= GNUNET_TIME_timestamp_hton ( now.abs_time,
GNUNET_TIME_absolute_to_timestamp GNUNET_TIME_relative_multiply (
(GNUNET_TIME_absolute_add GNUNET_TIME_UNIT_HOURS, 3)));
(now.abs_time, dki.issue.value = *value;
GNUNET_TIME_relative_multiply ( dki.issue.fees = *fees;
GNUNET_TIME_UNIT_HOURS, 3))));
TALER_amount_hton (&dki.issue.properties.value,
value);
TALER_denom_fee_set_hton (&dki.issue.properties.fees,
fees);
TALER_denom_pub_hash (&dkp->pub, TALER_denom_pub_hash (&dkp->pub,
&dki.issue.properties.denom_hash); &dki.issue.denom_hash);
dki.issue.properties.purpose.size
= htonl (sizeof (struct TALER_DenominationKeyValidityPS));
dki.issue.properties.purpose.purpose = htonl (
TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY);
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->insert_denomination_info (plugin->cls, plugin->insert_denomination_info (plugin->cls,
&dki.denom_pub, &dki.denom_pub,
@ -334,7 +324,7 @@ create_denom_key_pair (unsigned int size,
plugin->commit (plugin->cls); plugin->commit (plugin->cls);
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->get_denomination_info (plugin->cls, plugin->get_denomination_info (plugin->cls,
&dki.issue.properties.denom_hash, &dki.issue.denom_hash,
&issue2)) &issue2))
{ {
GNUNET_break (0); GNUNET_break (0);
@ -764,7 +754,7 @@ test_gc (void)
struct DenomKeyPair *dkp; struct DenomKeyPair *dkp;
struct GNUNET_TIME_Timestamp now; struct GNUNET_TIME_Timestamp now;
struct GNUNET_TIME_Timestamp past; struct GNUNET_TIME_Timestamp past;
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue2; struct TALER_EXCHANGEDB_DenominationKeyInformation issue2;
struct TALER_DenominationHashP denom_hash; struct TALER_DenominationHashP denom_hash;
now = GNUNET_TIME_timestamp_get (); now = GNUNET_TIME_timestamp_get ();

126
src/include/taler_crypto_lib.h
View File

@ -1455,132 +1455,6 @@ struct TALER_ExchangeWithdrawValues
}; };
/**
* @brief Information about a signing key of the exchange. Signing keys are used
* to sign exchange messages other than coins, i.e. to confirm that a
* deposit was successful or that a refresh was accepted.
*
* FIXME: remove this from the public API...
*/
struct TALER_ExchangeSigningKeyValidityPS
{
/**
* Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
/**
* When does this signing key begin to be valid?
*/
struct GNUNET_TIME_TimestampNBO start;
/**
* When does this signing key expire? Note: This is currently when
* the Exchange will definitively stop using it. Signatures made with
* the key remain valid until @e end. When checking validity periods,
* clients should allow for some overlap between keys and tolerate
* the use of either key during the overlap time (due to the
* possibility of clock skew).
*/
struct GNUNET_TIME_TimestampNBO expire;
/**
* When do signatures with this signing key become invalid? After
* this point, these signatures cannot be used in (legal) disputes
* anymore, as the Exchange is then allowed to destroy its side of the
* evidence. @e end is expected to be significantly larger than @e
* expire (by a year or more).
*/
struct GNUNET_TIME_TimestampNBO end;
/**
* The public online signing key that the exchange will use
* between @e start and @e expire.
*/
struct TALER_ExchangePublicKeyP signkey_pub;
};
/**
* @brief Information about a denomination key. Denomination keys
* are used to sign coins of a certain value into existence.
*
* FIXME: remove this from the public API...
*/
struct TALER_DenominationKeyValidityPS
{
/**
* Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
/**
* The long-term offline master key of the exchange that was
* used to create @e signature.
*/
struct TALER_MasterPublicKeyP master;
/**
* Start time of the validity period for this key.
*/
struct GNUNET_TIME_TimestampNBO start;
/**
* The exchange will sign fresh coins between @e start and this time.
* @e expire_withdraw will be somewhat larger than @e start to
* ensure a sufficiently large anonymity set, while also allowing
* the Exchange to limit the financial damage in case of a key being
* compromised. Thus, exchanges with low volume are expected to have a
* longer withdraw period (@e expire_withdraw - @e start) than exchanges
* with high transaction volume. The period may also differ between
* types of coins. A exchange may also have a few denomination keys
* with the same value with overlapping validity periods, to address
* issues such as clock skew.
*/
struct GNUNET_TIME_TimestampNBO expire_withdraw;
/**
* Coins signed with the denomination key must be spent or refreshed
* between @e start and this expiration time. After this time, the
* exchange will refuse transactions involving this key as it will
* "drop" the table with double-spending information (shortly after)
* this time. Note that wallets should refresh coins significantly
* before this time to be on the safe side. @e expire_deposit must be
* significantly larger than @e expire_withdraw (by months or even
* years).
*/
struct GNUNET_TIME_TimestampNBO expire_deposit;
/**
* When do signatures with this denomination key become invalid?
* After this point, these signatures cannot be used in (legal)
* disputes anymore, as the Exchange is then allowed to destroy its side
* of the evidence. @e expire_legal is expected to be significantly
* larger than @e expire_deposit (by a year or more).
*/
struct GNUNET_TIME_TimestampNBO expire_legal;
/**
* The value of the coins signed with this denomination key.
*/
struct TALER_AmountNBO value;
/**
* Fees for the coin.
*/
struct TALER_DenomFeeSetNBOP fees;
/**
* Hash code of the denomination public key. (Used to avoid having
* the variable-size RSA key in this struct.)
*/
struct TALER_DenominationHashP denom_hash GNUNET_PACKED;
};
/** /**
* Free internals of @a denom_pub, but not @a denom_pub itself. * Free internals of @a denom_pub, but not @a denom_pub itself.
* *

95
src/include/taler_exchangedb_plugin.h
View File

@ -27,38 +27,10 @@
#include "taler_signatures.h" #include "taler_signatures.h"
GNUNET_NETWORK_STRUCT_BEGIN
/**
* @brief On disk format used for a exchange signing key. Signing keys are used
* by the exchange to affirm its messages, but not to create coins.
* Includes the private key followed by the public information about
* the signing key.
*/
struct TALER_EXCHANGEDB_PrivateSigningKeyInformationP
{
/**
* Private key part of the exchange's signing key.
*/
struct TALER_ExchangePrivateKeyP signkey_priv;
/**
* Signature over @e issue
*/
struct TALER_MasterSignatureP master_sig;
/**
* Public information about a exchange signing key.
*/
struct TALER_ExchangeSigningKeyValidityPS issue;
};
/** /**
* Information about a denomination key. * Information about a denomination key.
*/ */
struct TALER_EXCHANGEDB_DenominationKeyInformationP struct TALER_EXCHANGEDB_DenominationKeyInformation
{ {
/** /**
@ -67,9 +39,60 @@ struct TALER_EXCHANGEDB_DenominationKeyInformationP
struct TALER_MasterSignatureP signature; struct TALER_MasterSignatureP signature;
/** /**
* Signed properties of the denomination key. * Start time of the validity period for this key.
*/ */
struct TALER_DenominationKeyValidityPS properties; struct GNUNET_TIME_Timestamp start;
/**
* The exchange will sign fresh coins between @e start and this time.
* @e expire_withdraw will be somewhat larger than @e start to
* ensure a sufficiently large anonymity set, while also allowing
* the Exchange to limit the financial damage in case of a key being
* compromised. Thus, exchanges with low volume are expected to have a
* longer withdraw period (@e expire_withdraw - @e start) than exchanges
* with high transaction volume. The period may also differ between
* types of coins. A exchange may also have a few denomination keys
* with the same value with overlapping validity periods, to address
* issues such as clock skew.
*/
struct GNUNET_TIME_Timestamp expire_withdraw;
/**
* Coins signed with the denomination key must be spent or refreshed
* between @e start and this expiration time. After this time, the
* exchange will refuse transactions involving this key as it will
* "drop" the table with double-spending information (shortly after)
* this time. Note that wallets should refresh coins significantly
* before this time to be on the safe side. @e expire_deposit must be
* significantly larger than @e expire_withdraw (by months or even
* years).
*/
struct GNUNET_TIME_Timestamp expire_deposit;
/**
* When do signatures with this denomination key become invalid?
* After this point, these signatures cannot be used in (legal)
* disputes anymore, as the Exchange is then allowed to destroy its side
* of the evidence. @e expire_legal is expected to be significantly
* larger than @e expire_deposit (by a year or more).
*/
struct GNUNET_TIME_Timestamp expire_legal;
/**
* The value of the coins signed with this denomination key.
*/
struct TALER_Amount value;
/**
* Fees for the coin.
*/
struct TALER_DenomFeeSet fees;
/**
* Hash code of the denomination public key. (Used to avoid having
* the variable-size RSA key in this struct.)
*/
struct TALER_DenominationHashP denom_hash;
/** /**
* If denomination was setup for age restriction, non-zero age mask. * If denomination was setup for age restriction, non-zero age mask.
@ -79,6 +102,8 @@ struct TALER_EXCHANGEDB_DenominationKeyInformationP
}; };
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* Signature of events signalling a reserve got funding. * Signature of events signalling a reserve got funding.
*/ */
@ -474,7 +499,7 @@ struct TALER_EXCHANGEDB_DenominationKey
/** /**
* Signed public information about a denomination key. * Signed public information about a denomination key.
*/ */
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue; struct TALER_EXCHANGEDB_DenominationKeyInformation issue;
}; };
@ -2188,7 +2213,7 @@ typedef void
(*TALER_EXCHANGEDB_DenominationCallback)( (*TALER_EXCHANGEDB_DenominationCallback)(
void *cls, void *cls,
const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_EXCHANGEDB_DenominationKeyInformationP *issue); const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue);
/** /**
@ -2358,7 +2383,7 @@ struct TALER_EXCHANGEDB_Plugin
(*insert_denomination_info)( (*insert_denomination_info)(
void *cls, void *cls,
const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_DenominationPublicKey *denom_pub,
const struct TALER_EXCHANGEDB_DenominationKeyInformationP *issue); const struct TALER_EXCHANGEDB_DenominationKeyInformation *issue);
/** /**
@ -2373,7 +2398,7 @@ struct TALER_EXCHANGEDB_Plugin
(*get_denomination_info)( (*get_denomination_info)(
void *cls, void *cls,
const struct TALER_DenominationHashP *denom_pub_hash, const struct TALER_DenominationHashP *denom_pub_hash,
struct TALER_EXCHANGEDB_DenominationKeyInformationP *issue); struct TALER_EXCHANGEDB_DenominationKeyInformation *issue);
/** /**

47
src/testing/testing_api_cmd_insert_deposit.c
View File

@ -79,40 +79,37 @@ struct InsertDepositState
* @param[out] issue information to initialize with "valid" data * @param[out] issue information to initialize with "valid" data
*/ */
static void static void
fake_issue (struct TALER_EXCHANGEDB_DenominationKeyInformationP *issue) fake_issue (struct TALER_EXCHANGEDB_DenominationKeyInformation *issue)
{ {
struct GNUNET_TIME_Timestamp now; struct GNUNET_TIME_Timestamp now;
memset (issue, memset (issue,
0, 0,
sizeof (struct TALER_EXCHANGEDB_DenominationKeyInformationP)); sizeof (*issue));
now = GNUNET_TIME_timestamp_get (); now = GNUNET_TIME_timestamp_get ();
issue->properties.start issue->start
= GNUNET_TIME_timestamp_hton (now); = now;
issue->properties.expire_withdraw issue->expire_withdraw
= GNUNET_TIME_timestamp_hton ( = GNUNET_TIME_relative_to_timestamp (GNUNET_TIME_UNIT_MINUTES);
GNUNET_TIME_relative_to_timestamp (GNUNET_TIME_UNIT_MINUTES)); issue->expire_deposit
issue->properties.expire_deposit = GNUNET_TIME_relative_to_timestamp (GNUNET_TIME_UNIT_HOURS);
= GNUNET_TIME_timestamp_hton ( issue->expire_legal
GNUNET_TIME_relative_to_timestamp (GNUNET_TIME_UNIT_HOURS)); = GNUNET_TIME_relative_to_timestamp (GNUNET_TIME_UNIT_DAYS);
issue->properties.expire_legal
= GNUNET_TIME_timestamp_hton (
GNUNET_TIME_relative_to_timestamp (GNUNET_TIME_UNIT_DAYS));
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_string_to_amount_nbo ("EUR:1", TALER_string_to_amount ("EUR:1",
&issue->properties.value)); &issue->value));
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_string_to_amount_nbo ("EUR:0.1", TALER_string_to_amount ("EUR:0.1",
&issue->properties.fees.withdraw)); &issue->fees.withdraw));
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_string_to_amount_nbo ("EUR:0.1", TALER_string_to_amount ("EUR:0.1",
&issue->properties.fees.deposit)); &issue->fees.deposit));
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_string_to_amount_nbo ("EUR:0.1", TALER_string_to_amount ("EUR:0.1",
&issue->properties.fees.refresh)); &issue->fees.refresh));
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_string_to_amount_nbo ("EUR:0.1", TALER_string_to_amount ("EUR:0.1",
&issue->properties.fees.refund)); &issue->fees.refund));
} }
@ -131,7 +128,7 @@ insert_deposit_run (void *cls,
struct InsertDepositState *ids = cls; struct InsertDepositState *ids = cls;
struct TALER_EXCHANGEDB_Deposit deposit; struct TALER_EXCHANGEDB_Deposit deposit;
struct TALER_MerchantPrivateKeyP merchant_priv; struct TALER_MerchantPrivateKeyP merchant_priv;
struct TALER_EXCHANGEDB_DenominationKeyInformationP issue; struct TALER_EXCHANGEDB_DenominationKeyInformation issue;
struct TALER_DenominationPublicKey dpk; struct TALER_DenominationPublicKey dpk;
struct TALER_DenominationPrivateKey denom_priv; struct TALER_DenominationPrivateKey denom_priv;
@ -144,7 +141,7 @@ insert_deposit_run (void *cls,
TALER_DENOMINATION_RSA, TALER_DENOMINATION_RSA,
1024)); 1024));
TALER_denom_pub_hash (&dpk, TALER_denom_pub_hash (&dpk,
&issue.properties.denom_hash); &issue.denom_hash);
if ( (GNUNET_OK != if ( (GNUNET_OK !=
ids->dbc->plugin->start (ids->dbc->plugin->cls, ids->dbc->plugin->start (ids->dbc->plugin->cls,

52
src/util/exchange_signatures.c
View File

@ -23,6 +23,8 @@
#include "taler_signatures.h" #include "taler_signatures.h"
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Format used to generate the signature on a confirmation * @brief Format used to generate the signature on a confirmation
* from the exchange that a deposit request succeeded. * from the exchange that a deposit request succeeded.
@ -91,6 +93,8 @@ struct TALER_DepositConfirmationPS
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_deposit_confirmation_sign ( TALER_exchange_online_deposit_confirmation_sign (
@ -172,6 +176,8 @@ TALER_exchange_online_deposit_confirmation_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Format used to generate the signature on a request to refund * @brief Format used to generate the signature on a request to refund
* a coin into the account of the customer. * a coin into the account of the customer.
@ -213,6 +219,8 @@ struct TALER_RefundConfirmationPS
struct TALER_AmountNBO refund_amount; struct TALER_AmountNBO refund_amount;
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_refund_confirmation_sign ( TALER_exchange_online_refund_confirmation_sign (
@ -276,6 +284,8 @@ TALER_exchange_online_refund_confirmation_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Format of the block signed by the Exchange in response to a successful * @brief Format of the block signed by the Exchange in response to a successful
* "/refresh/melt" request. Hereby the exchange affirms that all of the * "/refresh/melt" request. Hereby the exchange affirms that all of the
@ -303,6 +313,8 @@ struct TALER_RefreshMeltConfirmationPS
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_melt_confirmation_sign ( TALER_exchange_online_melt_confirmation_sign (
@ -347,6 +359,8 @@ TALER_exchange_online_melt_confirmation_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Signature made by the exchange over the full set of keys, used * @brief Signature made by the exchange over the full set of keys, used
* to detect cheating exchanges that give out different sets to * to detect cheating exchanges that give out different sets to
@ -372,6 +386,8 @@ struct TALER_ExchangeKeySetPS
struct GNUNET_HashCode hc GNUNET_PACKED; struct GNUNET_HashCode hc GNUNET_PACKED;
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_key_set_sign ( TALER_exchange_online_key_set_sign (
@ -418,6 +434,8 @@ TALER_exchange_online_key_set_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Signature by which an exchange affirms that an account * @brief Signature by which an exchange affirms that an account
* successfully passed the KYC checks. * successfully passed the KYC checks.
@ -442,6 +460,8 @@ struct TALER_ExchangeAccountSetupSuccessPS
struct GNUNET_TIME_TimestampNBO timestamp; struct GNUNET_TIME_TimestampNBO timestamp;
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_account_setup_success_sign ( TALER_exchange_online_account_setup_success_sign (
@ -490,6 +510,8 @@ TALER_exchange_online_account_setup_success_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Format internally used for packing the detailed information * @brief Format internally used for packing the detailed information
* to generate the signature for /track/transfer signatures. * to generate the signature for /track/transfer signatures.
@ -524,6 +546,8 @@ struct TALER_WireDepositDetailP
}; };
GNUNET_NETWORK_STRUCT_END
void void
TALER_exchange_online_wire_deposit_append ( TALER_exchange_online_wire_deposit_append (
@ -549,6 +573,8 @@ TALER_exchange_online_wire_deposit_append (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Format used to generate the signature for /wire/deposit * @brief Format used to generate the signature for /wire/deposit
* replies. * replies.
@ -589,6 +615,8 @@ struct TALER_WireDepositDataPS
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_wire_deposit_sign ( TALER_exchange_online_wire_deposit_sign (
@ -650,6 +678,8 @@ TALER_exchange_online_wire_deposit_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* Details affirmed by the exchange about a wire transfer the exchange * Details affirmed by the exchange about a wire transfer the exchange
* claims to have done with respect to a deposit operation. * claims to have done with respect to a deposit operation.
@ -698,6 +728,8 @@ struct TALER_ConfirmWirePS
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_confirm_wire_sign ( TALER_exchange_online_confirm_wire_sign (
@ -761,6 +793,8 @@ TALER_exchange_online_confirm_wire_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* Response by which the exchange affirms that it will * Response by which the exchange affirms that it will
* refund a coin as part of the emergency /recoup * refund a coin as part of the emergency /recoup
@ -799,6 +833,8 @@ struct TALER_RecoupConfirmationPS
struct TALER_ReservePublicKeyP reserve_pub; struct TALER_ReservePublicKeyP reserve_pub;
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_confirm_recoup_sign ( TALER_exchange_online_confirm_recoup_sign (
@ -851,6 +887,8 @@ TALER_exchange_online_confirm_recoup_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* Response by which the exchange affirms that it will refund a refreshed coin * Response by which the exchange affirms that it will refund a refreshed coin
* as part of the emergency /recoup protocol. The recoup will go back to the * as part of the emergency /recoup protocol. The recoup will go back to the
@ -888,6 +926,8 @@ struct TALER_RecoupRefreshConfirmationPS
struct TALER_CoinSpendPublicKeyP old_coin_pub; struct TALER_CoinSpendPublicKeyP old_coin_pub;
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_confirm_recoup_refresh_sign ( TALER_exchange_online_confirm_recoup_refresh_sign (
@ -945,6 +985,8 @@ TALER_exchange_online_confirm_recoup_refresh_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* Response by which the exchange affirms that it does not * Response by which the exchange affirms that it does not
* currently know a denomination by the given hash. * currently know a denomination by the given hash.
@ -968,6 +1010,8 @@ struct TALER_DenominationUnknownAffirmationPS
struct TALER_DenominationHashP h_denom_pub; struct TALER_DenominationHashP h_denom_pub;
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_denomination_unknown_sign ( TALER_exchange_online_denomination_unknown_sign (
@ -1012,6 +1056,8 @@ TALER_exchange_online_denomination_unknown_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* Response by which the exchange affirms that it does not * Response by which the exchange affirms that it does not
* currently consider the given denomination to be valid * currently consider the given denomination to be valid
@ -1042,6 +1088,8 @@ struct TALER_DenominationExpiredAffirmationPS
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_denomination_expired_sign ( TALER_exchange_online_denomination_expired_sign (
@ -1100,6 +1148,8 @@ TALER_exchange_online_denomination_expired_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* Response by which the exchange affirms that it has * Response by which the exchange affirms that it has
* closed a reserve and send back the funds. * closed a reserve and send back the funds.
@ -1143,6 +1193,8 @@ struct TALER_ReserveCloseConfirmationPS
struct TALER_WireTransferIdentifierRawP wtid; struct TALER_WireTransferIdentifierRawP wtid;
}; };
GNUNET_NETWORK_STRUCT_END
enum TALER_ErrorCode enum TALER_ErrorCode
TALER_exchange_online_reserve_closed_sign ( TALER_exchange_online_reserve_closed_sign (

177
src/util/offline_signatures.c
View File

@ -23,6 +23,8 @@
#include "taler_signatures.h" #include "taler_signatures.h"
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Signature made by the exchange offline key over the information of * @brief Signature made by the exchange offline key over the information of
* an auditor to be added to the exchange's set of auditors. * an auditor to be added to the exchange's set of auditors.
@ -51,6 +53,7 @@ struct TALER_MasterAddAuditorPS
*/ */
struct GNUNET_HashCode h_auditor_url GNUNET_PACKED; struct GNUNET_HashCode h_auditor_url GNUNET_PACKED;
}; };
GNUNET_NETWORK_STRUCT_END
void void
@ -103,6 +106,8 @@ TALER_exchange_offline_auditor_add_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Signature made by the exchange offline key over the information of * @brief Signature made by the exchange offline key over the information of
* an auditor to be removed from the exchange's set of auditors. * an auditor to be removed from the exchange's set of auditors.
@ -127,6 +132,7 @@ struct TALER_MasterDelAuditorPS
struct TALER_AuditorPublicKeyP auditor_pub; struct TALER_AuditorPublicKeyP auditor_pub;
}; };
GNUNET_NETWORK_STRUCT_END
void void
@ -171,6 +177,8 @@ TALER_exchange_offline_auditor_del_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Message confirming that a denomination key was revoked. * @brief Message confirming that a denomination key was revoked.
*/ */
@ -188,6 +196,8 @@ struct TALER_MasterDenominationKeyRevocationPS
}; };
GNUNET_NETWORK_STRUCT_END
void void
TALER_exchange_offline_denomination_revoke_sign ( TALER_exchange_offline_denomination_revoke_sign (
@ -228,6 +238,8 @@ TALER_exchange_offline_denomination_revoke_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Message confirming that an exchange online signing key was revoked. * @brief Message confirming that an exchange online signing key was revoked.
*/ */
@ -245,6 +257,8 @@ struct TALER_MasterSigningKeyRevocationPS
}; };
GNUNET_NETWORK_STRUCT_END
void void
TALER_exchange_offline_signkey_revoke_sign ( TALER_exchange_offline_signkey_revoke_sign (
@ -286,6 +300,55 @@ TALER_exchange_offline_signkey_revoke_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/**
* @brief Information about a signing key of the exchange. Signing keys are used
* to sign exchange messages other than coins, i.e. to confirm that a
* deposit was successful or that a refresh was accepted.
*/
struct TALER_ExchangeSigningKeyValidityPS
{
/**
* Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
/**
* When does this signing key begin to be valid?
*/
struct GNUNET_TIME_TimestampNBO start;
/**
* When does this signing key expire? Note: This is currently when
* the Exchange will definitively stop using it. Signatures made with
* the key remain valid until @e end. When checking validity periods,
* clients should allow for some overlap between keys and tolerate
* the use of either key during the overlap time (due to the
* possibility of clock skew).
*/
struct GNUNET_TIME_TimestampNBO expire;
/**
* When do signatures with this signing key become invalid? After
* this point, these signatures cannot be used in (legal) disputes
* anymore, as the Exchange is then allowed to destroy its side of the
* evidence. @e end is expected to be significantly larger than @e
* expire (by a year or more).
*/
struct GNUNET_TIME_TimestampNBO end;
/**
* The public online signing key that the exchange will use
* between @e start and @e expire.
*/
struct TALER_ExchangePublicKeyP signkey_pub;
};
GNUNET_NETWORK_STRUCT_END
void void
TALER_exchange_offline_signkey_validity_sign ( TALER_exchange_offline_signkey_validity_sign (
const struct TALER_ExchangePublicKeyP *exchange_pub, const struct TALER_ExchangePublicKeyP *exchange_pub,
@ -339,6 +402,91 @@ TALER_exchange_offline_signkey_validity_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/**
* @brief Information about a denomination key. Denomination keys
* are used to sign coins of a certain value into existence.
*
* FIXME: remove this from the public API...
*/
struct TALER_DenominationKeyValidityPS
{
/**
* Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
/**
* The long-term offline master key of the exchange that was
* used to create @e signature.
*
* FIXME: remove this member?
*/
struct TALER_MasterPublicKeyP master;
/**
* Start time of the validity period for this key.
*/
struct GNUNET_TIME_TimestampNBO start;
/**
* The exchange will sign fresh coins between @e start and this time.
* @e expire_withdraw will be somewhat larger than @e start to
* ensure a sufficiently large anonymity set, while also allowing
* the Exchange to limit the financial damage in case of a key being
* compromised. Thus, exchanges with low volume are expected to have a
* longer withdraw period (@e expire_withdraw - @e start) than exchanges
* with high transaction volume. The period may also differ between
* types of coins. A exchange may also have a few denomination keys
* with the same value with overlapping validity periods, to address
* issues such as clock skew.
*/
struct GNUNET_TIME_TimestampNBO expire_withdraw;
/**
* Coins signed with the denomination key must be spent or refreshed
* between @e start and this expiration time. After this time, the
* exchange will refuse transactions involving this key as it will
* "drop" the table with double-spending information (shortly after)
* this time. Note that wallets should refresh coins significantly
* before this time to be on the safe side. @e expire_deposit must be
* significantly larger than @e expire_withdraw (by months or even
* years).
*/
struct GNUNET_TIME_TimestampNBO expire_deposit;
/**
* When do signatures with this denomination key become invalid?
* After this point, these signatures cannot be used in (legal)
* disputes anymore, as the Exchange is then allowed to destroy its side
* of the evidence. @e expire_legal is expected to be significantly
* larger than @e expire_deposit (by a year or more).
*/
struct GNUNET_TIME_TimestampNBO expire_legal;
/**
* The value of the coins signed with this denomination key.
*/
struct TALER_AmountNBO value;
/**
* Fees for the coin.
*/
struct TALER_DenomFeeSetNBOP fees;
/**
* Hash code of the denomination public key. (Used to avoid having
* the variable-size RSA key in this struct.)
*/
struct TALER_DenominationHashP denom_hash GNUNET_PACKED;
};
GNUNET_NETWORK_STRUCT_END
void void
TALER_exchange_offline_denom_validity_sign ( TALER_exchange_offline_denom_validity_sign (
const struct TALER_DenominationHashP *h_denom_pub, const struct TALER_DenominationHashP *h_denom_pub,
@ -412,6 +560,8 @@ TALER_exchange_offline_denom_validity_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Signature made by the exchange offline key over the information of * @brief Signature made by the exchange offline key over the information of
* a payto:// URI to be added to the exchange's set of active wire accounts. * a payto:// URI to be added to the exchange's set of active wire accounts.
@ -436,6 +586,8 @@ struct TALER_MasterAddWirePS
struct TALER_PaytoHashP h_payto GNUNET_PACKED; struct TALER_PaytoHashP h_payto GNUNET_PACKED;
}; };
GNUNET_NETWORK_STRUCT_END
void void
TALER_exchange_offline_wire_add_sign ( TALER_exchange_offline_wire_add_sign (
@ -482,6 +634,8 @@ TALER_exchange_offline_wire_add_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Signature made by the exchange offline key over the information of * @brief Signature made by the exchange offline key over the information of
* a wire method to be removed to the exchange's set of active accounts. * a wire method to be removed to the exchange's set of active accounts.
@ -507,6 +661,8 @@ struct TALER_MasterDelWirePS
}; };
GNUNET_NETWORK_STRUCT_END
void void
TALER_exchange_offline_wire_del_sign ( TALER_exchange_offline_wire_del_sign (
@ -553,6 +709,8 @@ TALER_exchange_offline_wire_del_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Information signed by the exchange's master * @brief Information signed by the exchange's master
* key stating the wire fee to be paid per wire transfer. * key stating the wire fee to be paid per wire transfer.
@ -590,6 +748,8 @@ struct TALER_MasterWireFeePS
}; };
GNUNET_NETWORK_STRUCT_END
void void
TALER_exchange_offline_wire_fee_sign ( TALER_exchange_offline_wire_fee_sign (
@ -647,6 +807,8 @@ TALER_exchange_offline_wire_fee_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* Global fees charged by the exchange independent of * Global fees charged by the exchange independent of
* denomination or wire method. * denomination or wire method.
@ -705,9 +867,10 @@ struct TALER_MasterGlobalFeePS
*/ */
uint32_t purse_account_limit; uint32_t purse_account_limit;
}; };
GNUNET_NETWORK_STRUCT_END
void void
TALER_exchange_offline_global_fee_sign ( TALER_exchange_offline_global_fee_sign (
@ -773,6 +936,8 @@ TALER_exchange_offline_global_fee_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Signature made by the exchange offline key over the * @brief Signature made by the exchange offline key over the
* configuration of an extension. * configuration of an extension.
@ -791,6 +956,8 @@ struct TALER_MasterExtensionConfigurationPS
struct TALER_ExtensionConfigHashP h_config GNUNET_PACKED; struct TALER_ExtensionConfigHashP h_config GNUNET_PACKED;
}; };
GNUNET_NETWORK_STRUCT_END
void void
TALER_exchange_offline_extension_config_hash_sign ( TALER_exchange_offline_extension_config_hash_sign (
@ -829,6 +996,8 @@ TALER_exchange_offline_extension_config_hash_verify (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* @brief Information signed by the exchange's master * @brief Information signed by the exchange's master
* key affirming the IBAN details for the exchange. * key affirming the IBAN details for the exchange.
@ -848,6 +1017,8 @@ struct TALER_MasterWireDetailsPS
}; };
GNUNET_NETWORK_STRUCT_END
enum GNUNET_GenericReturnValue enum GNUNET_GenericReturnValue
TALER_exchange_wire_signature_check ( TALER_exchange_wire_signature_check (
@ -888,6 +1059,8 @@ TALER_exchange_wire_signature_make (
} }
GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* Message signed by account to merge a purse into a reserve. * Message signed by account to merge a purse into a reserve.
*/ */
@ -906,6 +1079,8 @@ struct TALER_PartnerConfigurationPS
struct GNUNET_HashCode h_url; struct GNUNET_HashCode h_url;
}; };
GNUNET_NETWORK_STRUCT_END
void void
TALER_exchange_offline_partner_details_sign ( TALER_exchange_offline_partner_details_sign (