Commit Graph

184 Commits

Author SHA1 Message Date
Thien-Thi Nguyen
33312e5abf
define TALER_SIGNATURE_MASTER_PARTNER_DETAILS as 1048
This is to avoid a duplicate Number:
https://bugs.gnunet.org/view.php?id=7240
2022-05-12 07:44:47 -04:00
Christian Grothoff
2d84d7f6dd
add function for purse status signing 2022-05-07 23:27:56 +02:00
Thien-Thi Nguyen
36c568ab8d
Remove empty GNUNET_NETWORK_STRUCT_{BEGIN,END} pair 2022-04-24 08:48:51 -04:00
Christian Grothoff
cf358f9546
-uncrustify 2022-04-23 18:13:15 +02:00
Thien-Thi Nguyen
a72337a5f3
Add abstractions: TALER_exchange_deposit_{sign,verify}
This change also removes ‘struct TALER_DepositTrackPS’
from the public API.

* src/include/taler_signatures.h (struct TALER_DepositTrackPS): Delete.

* src/util/exchange_signatures.c (struct TALER_DepositTrackPS): New.
  (TALER_exchange_deposit_sign): New func.
  (TALER_exchange_deposit_verify): New func.

* src/include/taler_crypto_lib.h
  (TALER_exchange_deposit_sign): New func decl.
  (TALER_exchange_deposit_verify): New func decl.

* src/exchange/taler-exchange-httpd_deposits_get.c
  (TEH_handler_deposits_get): Rework to use ‘TALER_exchange_deposit_verify’.

* src/lib/exchange_api_deposits_get.c
  (TALER_EXCHANGE_deposits_get): Rework to use ‘taler_exchange_deposit_sign’.
2022-04-22 20:29:45 -04:00
Thien-Thi Nguyen
509657bfef
Add abstraction: TALER_merchant_contract_sign
Additionally, this change removes ‘struct TALER_ProposalDataPS’
from the public API.

* src/include/taler_crypto_lib.h
  (TALER_merchant_contract_sign): New func decl.

* src/include/taler_signatures.h
  (struct TALER_ProposalDataPS): Delete.

* src/util/merchant_signatures.c
  (struct TALER_ProposalDataPS): Move here from taler_signatures.h.
  (TALER_merchant_contract_sign): New func.
2022-04-17 19:53:17 -04:00
Thien-Thi Nguyen
a7ad5a07e2
Add abstractions: TALER_merchant_pay_{sign,verify}
Additionally, this change removes ‘struct TALER_PaymentResponsePS’
from the public API.

* src/include/taler_crypto_lib.h
  (TALER_merchant_pay_sign): New func decl.
  (TALER_merchant_pay_verify): New func decl.

* src/include/taler_signatures.h
  (struct TALER_PaymentResponsePS): Delete.

* src/util/merchant_signatures.c
  (struct TALER_PaymentResponsePS): Move here from taler_signatures.h.
  (TALER_merchant_pay_sign): New func.
  (TALER_merchant_pay_verify): New func.
2022-04-17 04:53:17 -04:00
Christian Grothoff
72dd9514aa
-draft implementation of /purses//merge endpoint 2022-04-11 13:52:06 +02:00
Christian Grothoff
6f027fc130
add additinal signature 2022-04-02 17:25:18 +02:00
Christian Grothoff
caf66486e7
work on purse creation logic 2022-04-01 16:39:07 +02:00
Christian Grothoff
6040c9ff0f
make struct private again 2022-03-30 01:36:52 +02:00
Sebastian
adc9dae4cc
make TALER_RefundConfirmationPS public 2022-03-29 14:12:45 -03:00
Christian Grothoff
074ea7502e
centralize exchange online signature logic 2022-03-29 15:21:49 +02:00
Christian Grothoff
6505f69869
add one more p2p signature 2022-03-22 12:12:00 +01:00
Christian Grothoff
e200e86032
implement helper functions for p2p signatures, clean up existing signature logic 2022-03-22 02:33:51 +01:00
Christian Grothoff
1bb5a77c8d
add new reserve status/history signatures 2022-03-20 02:39:28 +01:00
Christian Grothoff
5fa977cc05
work on global fee structure 2022-03-05 15:13:07 +01:00
Christian Grothoff
7ff58c3d8f
refactor /wire to include logic to return the wad fee (for W2W payments) 2022-03-05 14:36:55 +01:00
Christian Grothoff
43f8ab6b48
add signing/verifying functions for global fees 2022-03-05 12:04:13 +01:00
4978b1e966
-amend missing parts to commit b20ddf0c8
- functions TALER_age_commitment_attest and
      TALER_age_commitment_verify
      implemented.
    - age restriction implementation moved into util/age_restriction.c
2022-03-02 07:58:55 +01:00
Christian Grothoff
544ba42f44
-big renaming of structs for consistent naming with P suffix 2022-02-21 00:23:23 +01:00
Christian Grothoff
a351bfc4b4
-fix CS nonce reuse check logic 2022-02-17 15:18:09 +01:00
8bdf6ab19d
[age restriction] progress 14/n - withdraw and deposit
Age restriction support for
  - withdraw is done and tested
  - deposit is done and tested

TODOs:
  - melt/refresh/reveal
  - link

------

Added functions
 - TALER_age_restriction_commit
 - TALER_age_commitment_derive
 - TALER_age_commitment_hash
 - TALER_age_restriction_commitment_free_inside
 - Hash of age commitment passed around API boundaries

Exchangedb adjustments for denominations
 - all prepared statements re: denominations now handle age_mask
 - signature parameters adjusted

Hash and signature verification of /keys adjusted
 - Hashes of (normal) denominations and age-restricted denominations are
   calculated seperately
 - The hash of the age-restricted ones will then be added to the other
   hash
 - The total hash is signed/verified

Tests for withdraw with age restriction added
 - TALER_EXCHANGE_DenomPublickey now carries age_mask
 - TALER_TESTING_cmd_withdraw_amount* takes age parameter
 - TALER_TESTING_find_pk takes boolean age_restricted
 - WithdrawState carries age_commitment and its hash
 - withdraw_run derives new age commitment, if applicable
 - Added age parameter to testing (13 as example)

Various Fixes and changes
 - Fixes of post handler for /management/extensions
 - Fixes for offline tool extensions signing
 - Slight refactoring of extensions
 - Age restriction extension simplified
   - config is now global to extension
   - added global TEH_age_restriction_enabled and TEH_age_mask in
     taler-exchange-httpd
   - helper functions and macros introduced
2022-02-16 22:01:05 +01:00
Christian Grothoff
730d8c893c
-more doxygen fixes 2022-02-12 12:35:03 +01:00
Christian Grothoff
819b67426c
-doxygen fixes 2022-02-12 10:33:23 +01:00
Christian Grothoff
94a5359494
-address misc. fixmes 2022-02-12 00:52:19 +01:00
Gian Demarmels
f239b01be1
secmod cs signatures implementation 2022-02-04 15:33:11 +01:00
Christian Grothoff
e7aeec04f4
The current recoup API is broken. I guess this is another example where "trivial" API changes turn out to have (multiple!) unexpected consequences.
The current "/recoup" API does not have clear idempotency semantics, as we've discussed on the phone.  This is already bad by itself, as it makes it hard to write down what the API does other than "whatever the implementation does".

However, it actually breaks correctness in this (admittedly kinda contrived, but not impossible) case:

Say that we have a coin A obtained via withdrawal and a coin B obtained via refreshing coin A. Now the denominations of A gets revoked..

The wallet does a recoup of A for EUR:1.

Now the denomination of B also gets revoked.  The wallet recoups B (incidentally also for EUR:1) and now A can be recouped again for EUR:1.  But now the exchange is in a state where it will refuse a legitimate recoup request for A because the detection for an idempotent request kicks in.

This is IMHO bad API design, and the exchange should simply always recoup the maximum amount.

Furthermore, we usually follow the principle of "API calls that take up DB space are paid".  With the current recoup API, I can do many tiny recoup requests which the exchange then has to store, right?

I guess it would not be a big change to remove the "amount" value from the recoup/recoup-refresh request bodies, right?

- Florian
2022-01-11 12:47:35 +01:00
cc7d7707ab
[age restriction] progress 10/n
More work towards support for extensions:
- Prepared statements and DB-plugin-functions for setting and retrieving
  configurations from the database added.
- primitive "registry" of extensions for age restrictions and peer2peer
  (stub)
- TALER_Extensions now with FP for parsing, setting and converting a
  configuration.
- /management/extensions handler now verifies signature of the (opaque)
  json object for all extensions.
- /management/extensions handler calls the FP in the corrensponding
  TALER_Extension for parsing and setting the configuration of a
  particular extension

More work towards age restriction:
- TALER_Extensions interfaces for config-parser, -setter and converter
  implemented for age restriction
- DB event handler now retrieves config from database, parses it and
  sets it (the age mask) in the global extension.
- load_age_mask now loads age mask from the global extension (and not
  from the config file)
- add age_restricted_denoms to /keys response
2022-01-08 14:40:20 +01:00
ef4238874f
[age restriction] progress 9/n
More worke towards support for extensions and age restriction:

- taler-exchange-httpd_management_extensions.c almost completed
  - handling of request implemented
  - stub "set_extensions" for database transaction added

- utility functions added
  - TALER_exchange_offline_extension_agemask_{sign,verify}
  - TALER_agemask_parse_json
2021-12-27 23:24:48 +01:00
Christian Grothoff
84c9adf5a6
v12: also do not sign over merchant_pub in REFUND signature, centralize logic 2021-12-25 14:58:04 +01:00
Christian Grothoff
87376e02eb
protocol v12 changes (/recoup split, signature changes) plus database sharding plus O(n^2)=>O(n) worst-case complexity reduction on coin balance checks 2021-12-25 13:56:40 +01:00
Christian Grothoff
2c14d33870
deduplicate melt signing logic, remove coin_pub from data being signed over 2021-12-25 13:56:40 +01:00
Christian Grothoff
1acc851deb
-fix recoup ugliness 2021-12-16 20:18:44 +01:00
Christian Grothoff
1a1fafbd43
introducing GNUNET_TIME_Timestamp, recoup now with amounts 2021-12-14 16:04:40 +01:00
Christian Grothoff
b61f601028
-use different hash for RSA vs. Denomination hashing 2021-11-17 23:02:05 +01:00
Christian Grothoff
9d6e104066
include h_extensions in deposit confirmation 2021-11-06 19:43:47 +01:00
Christian Grothoff
0b370a6814
add extension hashing 2021-11-06 17:26:11 +01:00
Christian Grothoff
ba627bf84c
-fixes 2021-11-05 22:22:47 +01:00
Christian Grothoff
2faf102a05
-more dB work 2021-10-30 21:26:40 +02:00
Christian Grothoff
fef26ec525
-fixes 2021-10-28 19:48:01 +02:00
Christian Grothoff
f7d08e8c2b
-work on FTBFS; 2021-10-27 09:23:13 +02:00
Christian Grothoff
42bdb5aa6e
-fixing more FTBFS 2021-10-27 09:23:11 +02:00
Christian Grothoff
55632b1fbf
brutally fixing types in src/include/, creating plenty of FTBFS issues 2021-10-27 09:23:11 +02:00
e6d55a77f9
remove unused anastasis signature tag 2021-10-21 08:27:22 +02:00
Christian Grothoff
4e3b133e47
-incomplete draft for /kyc-wallet handler 2021-10-17 14:12:13 +02:00
Christian Grothoff
0739405f67
-add missing def 2021-10-17 10:42:02 +02:00
Christian Grothoff
8951abfc50
-finish implemnetation of /kyc-check client library 2021-10-10 17:18:24 +02:00
Christian Grothoff
098bd64f39
-fix struct name 2021-07-23 18:43:03 +02:00
Christian Grothoff
068068f40f
return signed error message with HTTP_GONE status if denomination is not currently valid for specified operation (#6889) 2021-05-25 21:34:18 +02:00