Commit Graph

1279 Commits

Author SHA1 Message Date
4c53d42e44
[age restriction] progress 18/n - attestation tested
- Unit-tests for commit, derive, attest and verify added, with multiple
  combinations of minimum age and commited age.
- Fixed crypto implementation (eddsa -> ecdsa)
- Using now standard functionality from GNUNET:
  GNUNET_CRYPTO_ecdsa_{private,public}_key_derive

All tests pass (unit tests in util/ and 'make check' in testing).
2022-03-03 19:35:24 +01:00
Marco Boss
57e3864c09
Include partitioning in dbinit 2022-03-02 19:03:54 +01:00
Marco Boss
7f30609ff0
use plain uint32_t 2022-03-02 17:22:43 +01:00
Marco Boss
cab654237f
clearer doc 2022-03-02 11:28:28 +01:00
7624db4efd
-refactor TALER_AgeMask.mask -> TALER_AgeMask.bits
also: fix off-by-one in TALER_age_restriction_commit
2022-03-02 10:59:42 +01:00
Marco Boss
2abe9bf6d7
include partitioning logic in dbinit 2022-03-02 10:50:51 +01:00
4978b1e966
-amend missing parts to commit b20ddf0c8
- functions TALER_age_commitment_attest and
      TALER_age_commitment_verify
      implemented.
    - age restriction implementation moved into util/age_restriction.c
2022-03-02 07:58:55 +01:00
e9eb00e285
Refactoring TALER_AgeCommitment
Instead of a single struct TALER_AgeCommitment, we now use
 1. TALER_AgeCommitment for the age mask and list public keys for age
    restriciton.
 2. TALER_AgeProof for list of private keys for age restriction
 3. TALER_AgeCommitmentProof for the aggregation of the former two.

Also, we introduce TALER_AgeAttestation as the EDDSA signature to attest
a particular age group, along with the function prototypes
TALER_age_commitment_attest and TALER_age_commitment_verify.
2022-03-01 17:02:37 +01:00
Christian Grothoff
3d4e580699
work on auditor-sync update to latest DB 2022-02-28 22:41:24 +01:00
Christian Grothoff
ee79f31275
-work on test_sync.sh, incomplete 2022-02-28 22:41:24 +01:00
Christian Grothoff
23bc09fe3c
get test-auditor and #7181 to pass 2022-02-28 20:37:19 +01:00
Christian Grothoff
f11cab90ff
-add parens 2022-02-24 23:58:17 +01:00
b244e23859
-make age commiment structs const in traits 2022-02-23 16:08:27 +01:00
7910ca183f
double melt test no works with age restriction
- added missing field h_age_commitment in exchange's error response
- slight refactoring
2022-02-22 18:35:10 +01:00
26158fc725
[age restriction] progress 16/n - refresh/reveal/link tests
Age restriction works now with withdraw, melt/refresh/reveal and link,
including tests.

However, there is still a problem with the tests:  The melting operation
"refresh-melt-failing-age" that should fail (because of conflict), but
currently fails for other reasons.  I decided to disable that particular
test (and the next) and submit the patch I have so far.
2022-02-22 14:34:47 +01:00
Christian Grothoff
544ba42f44
-big renaming of structs for consistent naming with P suffix 2022-02-21 00:23:23 +01:00
Christian Grothoff
19624fd776
-ensure different HKDF is used in melt vs. withdraw 2022-02-20 21:51:46 +01:00
71af4c539e
-reducing FIXMEs re: age restriction
- deposit info now carries h_age_commitment
- benchmark does age commitment, too
2022-02-18 02:07:38 +01:00
f4f502d037
-minor merge conflict resolves 2022-02-18 00:50:31 +01:00
a78b3345fb
[age restriction] progress 15/n - melt/refresh/reveal and recoup
Added age restriction support for
  - melt/refresh/reveal
  - recoup

However, tests are not yet implemented for those flows.

Also: minor fixes and refactoring.
2022-02-18 00:30:19 +01:00
Christian Grothoff
a351bfc4b4
-fix CS nonce reuse check logic 2022-02-17 15:18:09 +01:00
8bdf6ab19d
[age restriction] progress 14/n - withdraw and deposit
Age restriction support for
  - withdraw is done and tested
  - deposit is done and tested

TODOs:
  - melt/refresh/reveal
  - link

------

Added functions
 - TALER_age_restriction_commit
 - TALER_age_commitment_derive
 - TALER_age_commitment_hash
 - TALER_age_restriction_commitment_free_inside
 - Hash of age commitment passed around API boundaries

Exchangedb adjustments for denominations
 - all prepared statements re: denominations now handle age_mask
 - signature parameters adjusted

Hash and signature verification of /keys adjusted
 - Hashes of (normal) denominations and age-restricted denominations are
   calculated seperately
 - The hash of the age-restricted ones will then be added to the other
   hash
 - The total hash is signed/verified

Tests for withdraw with age restriction added
 - TALER_EXCHANGE_DenomPublickey now carries age_mask
 - TALER_TESTING_cmd_withdraw_amount* takes age parameter
 - TALER_TESTING_find_pk takes boolean age_restricted
 - WithdrawState carries age_commitment and its hash
 - withdraw_run derives new age commitment, if applicable
 - Added age parameter to testing (13 as example)

Various Fixes and changes
 - Fixes of post handler for /management/extensions
 - Fixes for offline tool extensions signing
 - Slight refactoring of extensions
 - Age restriction extension simplified
   - config is now global to extension
   - added global TEH_age_restriction_enabled and TEH_age_mask in
     taler-exchange-httpd
   - helper functions and macros introduced
2022-02-16 22:01:05 +01:00
Christian Grothoff
ef938e0f7a
-correctly implement CS idempotency check on withdraw 2022-02-15 17:07:13 +01:00
Christian Grothoff
bd77bcb52d
-towards fixing the protocol 2022-02-14 23:02:25 +01:00
Christian Grothoff
9b8c350d4d
-remove redundancies in the refresh-melt computation and fix uninitialized bks return value 2022-02-13 12:44:09 +01:00
Christian Grothoff
f6ecf7458a
-refactor melt API, add FIXME for discovered bug 2022-02-12 14:38:27 +01:00
Christian Grothoff
7cedf3f0bf
-clean up refresh reveal API 2022-02-12 14:00:58 +01:00
Christian Grothoff
4d26042b5a
-modify link API to return 'ps' so that linked coins can be refreshed 2022-02-12 13:39:58 +01:00
Christian Grothoff
730d8c893c
-more doxygen fixes 2022-02-12 12:35:03 +01:00
Christian Grothoff
a0d9d59b73
-refactor to address FIXME 2022-02-12 12:20:12 +01:00
Christian Grothoff
ea4be7ba6f
-swap argument/rval for nicer code 2022-02-12 11:42:25 +01:00
Christian Grothoff
bc14c215b3
-doxygen fixes 2022-02-12 11:12:33 +01:00
Christian Grothoff
819b67426c
-doxygen fixes 2022-02-12 10:33:23 +01:00
Christian Grothoff
c93150b8cd
-work on more FIXMEs 2022-02-12 01:00:31 +01:00
Christian Grothoff
94a5359494
-address misc. fixmes 2022-02-12 00:52:19 +01:00
Christian Grothoff
9f77398fe2
-fix use of uninit memory in test 2022-02-11 17:44:18 +01:00
Christian Grothoff
0eb5b08d50
-minor API clean up 2022-02-11 17:05:57 +01:00
Christian Grothoff
4472cbaf9d
-simplify structures 2022-02-11 11:55:59 +01:00
Christian Grothoff
0995bdd1d0
-get tests to pass 2022-02-11 09:36:01 +01:00
Christian Grothoff
532d4ad0dc
-fixes to tests, and half-baked fixes for CS-/link (still fails) 2022-02-10 23:39:00 +01:00
Christian Grothoff
d58d89dcab
-get recoup/refresh to pass 2022-02-10 20:15:17 +01:00
Christian Grothoff
025922950d
pass exchange values to /recoup 2022-02-09 22:02:29 +01:00
Christian Grothoff
12290af845
-clean up crypto 2022-02-09 10:49:10 +01:00
Christian Grothoff
b3cf788424
-more test fixes 2022-02-08 14:02:27 +01:00
Christian Grothoff
8cbe16a220
fix refresh/link tests 2022-02-08 09:58:22 +01:00
Christian Grothoff
7eb989b2df
-get melt and refresh-reveal to pass again 2022-02-08 00:12:56 +01:00
Christian Grothoff
b84fb618c3
fix refreshes_reveal FTBFS 2022-02-07 13:41:55 +01:00
Christian Grothoff
169d684342
-towards CS in refresh (incomplete, FTBFS) 2022-02-07 13:23:20 +01:00
Christian Grothoff
b2e6fcae1a
fix DB API for generic blinded planchet storage 2022-02-07 13:14:25 +01:00
Christian Grothoff
fb9ba5b1d2
-rename fest 2022-02-07 12:33:35 +01:00