- Running XOR of all SHA-512 hashes of each denomination's public key is
compared against the "hash" value in the JSON blob.
- Fixed a bug during creation of the running XOR.
- /keys response now contains signed denomintations
- hashes of denominations now XOR'ed per group into a single hash-code
- final hash-code is now XOR of all group hash codes
- final hash-code is signed
- lib/exchange_api_handle support for new "denominations" implemented
- parses array of denomation groups
- creates running xor of hashes
- verifies signature at the end
- previous diff/merge logic for keys remains intact.
Age restriction support for
- withdraw is done and tested
- deposit is done and tested
TODOs:
- melt/refresh/reveal
- link
------
Added functions
- TALER_age_restriction_commit
- TALER_age_commitment_derive
- TALER_age_commitment_hash
- TALER_age_restriction_commitment_free_inside
- Hash of age commitment passed around API boundaries
Exchangedb adjustments for denominations
- all prepared statements re: denominations now handle age_mask
- signature parameters adjusted
Hash and signature verification of /keys adjusted
- Hashes of (normal) denominations and age-restricted denominations are
calculated seperately
- The hash of the age-restricted ones will then be added to the other
hash
- The total hash is signed/verified
Tests for withdraw with age restriction added
- TALER_EXCHANGE_DenomPublickey now carries age_mask
- TALER_TESTING_cmd_withdraw_amount* takes age parameter
- TALER_TESTING_find_pk takes boolean age_restricted
- WithdrawState carries age_commitment and its hash
- withdraw_run derives new age commitment, if applicable
- Added age parameter to testing (13 as example)
Various Fixes and changes
- Fixes of post handler for /management/extensions
- Fixes for offline tool extensions signing
- Slight refactoring of extensions
- Age restriction extension simplified
- config is now global to extension
- added global TEH_age_restriction_enabled and TEH_age_mask in
taler-exchange-httpd
- helper functions and macros introduced
- major refactoring of extensions
- extensions live now in a separate library, libtalerextensions
- refactored all components using age_restriction accordingly
- plumbing for plugin support for extensions roughly layed down
- taler-offline-tool now handles extensions
- command "extensions" added with subcommands "show" and "sign"
- parses extensions from taler config
- shows and signs of extensions and their configurations
- creates signed set of configurations for upload
- added test for retrieval of extension config
- simplified signature verification for extensions
- remove per-extension signatures, also from DB schema
- adjust prepared statements accordingly
- adjust DB event handler for extensions
- allow NULL for config for extension in DB schema
- handler for /management/extensions adjusted to new datastructures
- changed test for TALER_denom_blind/TALER_denom_sign_blinded with and
without TALER_AgeHash
- minor updates and various fixes
Parse age restriction information from "/keys"
- parse "age_restriction" extension, extract mask for age groups
- parse denominations from "age_restricted_denoms", too, if available
