taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

age restriction (load per denomination). 3/n

Browse Source
This commit is contained in:
Özgür Kesim 2021-11-14 16:39:42 +01:00
parent 7c510388b9
commit c97979d00a
Signed by: oec
GPG Key ID: 3D76A56D79EDD9D7
7 changed files with 64 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/include/taler_crypto_lib.h
View File

@ -324,7 +324,9 @@ struct TALER_CoinSpendPublicKeyP
struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub; struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
/* /*
* If age restriction applies to the coin, it must come with a hash of the age commitment * If age restriction applies to the coin, it must come with a hash of the
* age commitment. A zero value indicates that the coin has no age
* commitment set.
*/ */
struct TALER_AgeHash age_commitment_hash; struct TALER_AgeHash age_commitment_hash;
}; };

4
src/include/taler_extensions.h
View File

@ -29,7 +29,7 @@
* invalid, OK otherwise. * invalid, OK otherwise.
*/ */
enum GNUNET_GenericReturnValue enum GNUNET_GenericReturnValue
TALER_get_age_mask (const struct GNUNET_CONFIGURATION_Handle *cfg, struct TALER_get_age_mask (const struct GNUNET_CONFIGURATION_Handle *cfg,
TALER_AgeMask *mask); struct TALER_AgeMask *mask);
#endif #endif

3
src/lib/exchange_api_refreshes_reveal.c
View File

@ -166,8 +166,9 @@ refresh_reveal_ok (struct TALER_EXCHANGE_RefreshesRevealHandle *rrh,
hence recomputing it here... */ hence recomputing it here... */
GNUNET_CRYPTO_eddsa_key_get_public (&fc->coin_priv.eddsa_priv, GNUNET_CRYPTO_eddsa_key_get_public (&fc->coin_priv.eddsa_priv,
&coin_pub.eddsa_pub); &coin_pub.eddsa_pub);
/* FIXME-Oec: Age commitment hash.
* must be put into coin_pub.age_mask */
TALER_coin_pub_hash (&coin_pub, TALER_coin_pub_hash (&coin_pub,
/* FIXME-Oec: Age commitment hash */
&coin_hash); &coin_hash);
if (GNUNET_OK != if (GNUNET_OK !=
TALER_planchet_to_coin (pk, TALER_planchet_to_coin (pk,

31
src/util/crypto.c
View File

@ -320,10 +320,33 @@ void
TALER_coin_pub_hash (const struct TALER_CoinSpendPublicKeyP *coin_pub, TALER_coin_pub_hash (const struct TALER_CoinSpendPublicKeyP *coin_pub,
struct TALER_CoinPubHash *coin_h) struct TALER_CoinPubHash *coin_h)
{ {
// FIXME-Oec: hash over age-restriction, too if (GNUNET_is_zero (&coin_pub->age_commitment_hash))
GNUNET_CRYPTO_hash (&coin_pub->eddsa_pub, {
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey), /* No age commitment was set */
&coin_h->hash); GNUNET_CRYPTO_hash (&coin_pub->eddsa_pub,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
&coin_h->hash);
}
else
{
/* Coin comes with age commitment. Take the hash of the age commitment
* into account */
const size_t key_s = sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey);
const size_t age_s = sizeof(struct TALER_AgeHash);
char data[key_s + age_s];
GNUNET_memcpy (&data[0],
&coin_pub->eddsa_pub,
key_s);
GNUNET_memcpy (&data[key_s],
&coin_pub->age_commitment_hash,
age_s);
GNUNET_CRYPTO_hash (&data,
key_s + age_s,
&coin_h->hash);
}
} }

4
src/util/crypto_helper_denom.c
View File

@ -281,10 +281,12 @@ TALER_CRYPTO_helper_denom_connect (
} }
/* Extract the age groups from the config, if the extension has been set, /* Extract the age groups from the config, if the extension has been set,
* and serialize them into the age mask */ * and serialize them into the age mask
*/
if (GNUNET_OK != if (GNUNET_OK !=
TALER_get_age_mask (cfg, &dh->age_mask)) TALER_get_age_mask (cfg, &dh->age_mask))
{ {
/* FIXME: maybe more specific error? */
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"extensions", /* FIXME: right section etc? */ "extensions", /* FIXME: right section etc? */
"age-restriction", "age-restriction",

4
src/util/extension_age_restriction.c
View File

@ -30,8 +30,8 @@
* invalid, OK otherwise. * invalid, OK otherwise.
*/ */
enum GNUNET_GenericReturnValue enum GNUNET_GenericReturnValue
TALER_get_age_mask (const struct GNUNET_CONFIGURATION_Handle *cfg, struct TALER_get_age_mask (const struct GNUNET_CONFIGURATION_Handle *cfg,
TALER_AgeMask *mask) struct TALER_AgeMask *mask)
{ {
/* FIXME-Oec: /* FIXME-Oec:
* *

27
src/util/taler-exchange-secmod-rsa.c
View File

@ -39,6 +39,7 @@
#include <pthread.h> #include <pthread.h>
#include <sys/eventfd.h> #include <sys/eventfd.h>
#include "taler_error_codes.h" #include "taler_error_codes.h"
#include "taler_extensions.h"
#include "taler_signatures.h" #include "taler_signatures.h"
#include "secmod_common.h" #include "secmod_common.h"
@ -151,6 +152,14 @@ struct Denomination
* Length of (new) RSA keys (in bits). * Length of (new) RSA keys (in bits).
*/ */
uint32_t rsa_keysize; uint32_t rsa_keysize;
/**
* Age Restriction Mask.
* If non-zero, it defines the age restriction groups that apply to this
* denomination.
*/
struct TALER_AgeMask age_mask;
}; };
@ -1422,10 +1431,9 @@ parse_key (struct Denomination *denom,
struct TALER_DenominationPublicKey pub; struct TALER_DenominationPublicKey pub;
struct DenominationKey *dk; struct DenominationKey *dk;
struct DenominationKey *before; struct DenominationKey *before;
struct TALER_AgeMask age_mask = { .mask = 0 }; /* FIXME-Oec */
TALER_denom_priv_to_pub (&priv, TALER_denom_priv_to_pub (&priv,
age_mask, denom->age_mask,
&pub); &pub);
dk = GNUNET_new (struct DenominationKey); dk = GNUNET_new (struct DenominationKey);
dk->denom_priv = priv; dk->denom_priv = priv;
@ -1645,6 +1653,21 @@ parse_denomination_cfg (const char *ct,
} }
denom->rsa_keysize = (unsigned int) rsa_keysize; denom->rsa_keysize = (unsigned int) rsa_keysize;
denom->section = GNUNET_strdup (ct); denom->section = GNUNET_strdup (ct);
/* Load the (optional) age groups/mask for this denomination */
denom->age_mask.mask = 0;
if (GNUNET_YES != GNUNET_CONFIGURATION_get_value_yesno (kcfg, ct,
"age-restricted"))
{
if (GNUNET_OK != TALER_get_age_mask (kcfg, &denom->age_mask))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"extenstions",
"age-restriction",
"invalid age groups");
return GNUNET_SYSERR;
}
}
return GNUNET_OK; return GNUNET_OK;
} }