Age restriction support for
- withdraw is done and tested
- deposit is done and tested
- melt is done, untested
- reveal started
- link started
Added functions
- TALER_age_commitment_hash
- TALER_age_restriction_commit
- TALER_age_commitment_derive
- TALER_age_restriction_commitment_free_inside
- Hash of age commitment passed around API boundaries
Exchangedb adjustments for denominations
- all prepared statements re: denominations now handle age_mask
- signature parameters adjusted
Hash and signature verification of /keys adjusted
- Hashes of (normal) denominations and age-restricted denominations
are calculated seperately
- The hash of the age-restricted ones will then be added to the other
hash
- The total hash is signed/verified
Tests for withdraw with age restriction added
- TALER_EXCHANGE_DenomPublickey now carries age_mask
- TALER_TESTING_cmd_withdraw_amount* takes age parameter
- WithdrawState carries age_commitment and its hash
- withdraw_run derives new age commitment, if applicable
- Added age parameter to testing (13 as example)
- TALER_TESTING_find_pk takes boolean age_restricted
- struct RefreshMeltState carries age commitment of melted coin
- melt_run calls TALER_age_commitment_derive, if necessary
Various Fixes and changes
- Fixes of post handler for /management/extensions
- Fixes for offline tool extensions signing
- Slight refactoring of extensions
- Age restriction extension simplified
- config is now global to extension
- added global TEH_age_restriction_enabled and TEH_age_mask in
taler-exchange-httpd
- helper functions and macros introduced
- major refactoring of extensions
- extensions live now in a separate library, libtalerextensions
- refactored all components using age_restriction accordingly
- plumbing for plugin support for extensions roughly layed down
- taler-offline-tool now handles extensions
- command "extensions" added with subcommands "show" and "sign"
- parses extensions from taler config
- shows and signs of extensions and their configurations
- creates signed set of configurations for upload
- added test for retrieval of extension config
- simplified signature verification for extensions
- remove per-extension signatures, also from DB schema
- adjust prepared statements accordingly
- adjust DB event handler for extensions
- allow NULL for config for extension in DB schema
- handler for /management/extensions adjusted to new datastructures
- changed test for TALER_denom_blind/TALER_denom_sign_blinded with and
without TALER_AgeHash
- minor updates and various fixes
add back #include <sys/eventfd.h>, but conditionalize on #ifdef __linux__
(This fix follows the spirit of the other changes (i.e.,
adding #ifdef __linux__) but might not be the best solution.)
The current "/recoup" API does not have clear idempotency semantics, as we've discussed on the phone. This is already bad by itself, as it makes it hard to write down what the API does other than "whatever the implementation does".
However, it actually breaks correctness in this (admittedly kinda contrived, but not impossible) case:
Say that we have a coin A obtained via withdrawal and a coin B obtained via refreshing coin A. Now the denominations of A gets revoked..
The wallet does a recoup of A for EUR:1.
Now the denomination of B also gets revoked. The wallet recoups B (incidentally also for EUR:1) and now A can be recouped again for EUR:1. But now the exchange is in a state where it will refuse a legitimate recoup request for A because the detection for an idempotent request kicks in.
This is IMHO bad API design, and the exchange should simply always recoup the maximum amount.
Furthermore, we usually follow the principle of "API calls that take up DB space are paid". With the current recoup API, I can do many tiny recoup requests which the exchange then has to store, right?
I guess it would not be a big change to remove the "amount" value from the recoup/recoup-refresh request bodies, right?
- Florian
Parse age restriction information from "/keys"
- parse "age_restriction" extension, extract mask for age groups
- parse denominations from "age_restricted_denoms", too, if available
More work towards support for extensions:
- Prepared statements and DB-plugin-functions for setting and retrieving
configurations from the database added.
- primitive "registry" of extensions for age restrictions and peer2peer
(stub)
- TALER_Extensions now with FP for parsing, setting and converting a
configuration.
- /management/extensions handler now verifies signature of the (opaque)
json object for all extensions.
- /management/extensions handler calls the FP in the corrensponding
TALER_Extension for parsing and setting the configuration of a
particular extension
More work towards age restriction:
- TALER_Extensions interfaces for config-parser, -setter and converter
implemented for age restriction
- DB event handler now retrieves config from database, parses it and
sets it (the age mask) in the global extension.
- load_age_mask now loads age mask from the global extension (and not
from the config file)
- add age_restricted_denoms to /keys response
More worke towards support for extensions and age restriction:
- taler-exchange-httpd_management_extensions.c almost completed
- handling of request implemented
- stub "set_extensions" for database transaction added
- utility functions added
- TALER_exchange_offline_extension_agemask_{sign,verify}
- TALER_agemask_parse_json
More work towards support for extensions and age restriction
- updated gana
- added handler for DB-Event
- added TEH_extensions_init() and _done()
- added global for age restriction
- added stub for post handler
- added SQL-table for extension metadata
- added enum type for extensions and other data structures
Also:
- fixed some warnings -Wmaybe-unitialized