Commit Graph

680 Commits

Author SHA1 Message Date
Christian Grothoff
ee4077ef80
starting with purse creation client API 2022-03-28 13:19:40 +02:00
30985c0975
-rename variable 2022-03-28 12:34:14 +02:00
ccf2d69dfb
-fix leak in test_age_restriction.c 2022-03-28 12:33:41 +02:00
488d217381
-fix leaks in test_crypto.c 2022-03-28 11:17:49 +02:00
a2386abadb
[age restriction] progress 19/19 (final) - Use Edx25519 for crypto
We switch from EcDSA to Edx25519 for the underlying signature scheme.

Edx25519 is implemented in gnunet, starting with (gnunet-)commit
ce38d1f6c9bd7857a1c3bc2094a0ee9752b86c32.
2022-03-28 11:04:00 +02:00
Christian Grothoff
646c9ad061
fix leak 2022-03-27 05:02:21 +02:00
Christian Grothoff
c782dfe2aa
first draft of service API for p2p payments 2022-03-24 13:06:04 +01:00
Christian Grothoff
41399bc224
revise P2P signatures and signing schema to address recently discovered design concern resulting in the split of the purse key into purse-contract and purse-merge keys 2022-03-23 06:54:43 +01:00
Christian Grothoff
6505f69869
add one more p2p signature 2022-03-22 12:12:00 +01:00
Christian Grothoff
6868b78692
fix typo 2022-03-22 12:06:12 +01:00
Christian Grothoff
e200e86032
implement helper functions for p2p signatures, clean up existing signature logic 2022-03-22 02:33:51 +01:00
Christian Grothoff
1bb5a77c8d
add new reserve status/history signatures 2022-03-20 02:39:28 +01:00
Christian Grothoff
eac8b8c0da
-re-enable test-revocation.sh, works again 2022-03-17 15:06:58 +01:00
Christian Grothoff
12809b28ec
-misc fixes 2022-03-17 14:16:34 +01:00
cd5ee2338c
-ensure label has no zero bytes 2022-03-08 11:47:51 +01:00
Christian Grothoff
5fa977cc05
work on global fee structure 2022-03-05 15:13:07 +01:00
Christian Grothoff
7ff58c3d8f
refactor /wire to include logic to return the wad fee (for W2W payments) 2022-03-05 14:36:55 +01:00
Christian Grothoff
43f8ab6b48
add signing/verifying functions for global fees 2022-03-05 12:04:13 +01:00
Christian Grothoff
4835ddf60b
introduce sets for wire fees and global fees 2022-03-05 11:56:58 +01:00
d0b27833b2
[age restriction] added unit test for get_age_group 2022-03-04 17:00:28 +01:00
Christian Grothoff
1643b745af
use 32 byte hash for hpayto, use that for joins on queries to better align queries with partitions 2022-03-03 23:52:08 +01:00
4c53d42e44
[age restriction] progress 18/n - attestation tested
- Unit-tests for commit, derive, attest and verify added, with multiple
  combinations of minimum age and commited age.
- Fixed crypto implementation (eddsa -> ecdsa)
- Using now standard functionality from GNUNET:
  GNUNET_CRYPTO_ecdsa_{private,public}_key_derive

All tests pass (unit tests in util/ and 'make check' in testing).
2022-03-03 19:35:24 +01:00
10d7d93ad8
-tests now with age restriction 2022-03-02 11:59:21 +01:00
7624db4efd
-refactor TALER_AgeMask.mask -> TALER_AgeMask.bits
also: fix off-by-one in TALER_age_restriction_commit
2022-03-02 10:59:42 +01:00
4978b1e966
-amend missing parts to commit b20ddf0c8
- functions TALER_age_commitment_attest and
      TALER_age_commitment_verify
      implemented.
    - age restriction implementation moved into util/age_restriction.c
2022-03-02 07:58:55 +01:00
b20ddf0c8a
[age restriction] progress 17/n - attestation implemented
- functions TALER_age_commitment_attest and TALER_age_commitment_verify
  implemented.
- age restriction implementation moved into util/age_restriction.c
2022-03-01 19:30:57 +01:00
e9eb00e285
Refactoring TALER_AgeCommitment
Instead of a single struct TALER_AgeCommitment, we now use
 1. TALER_AgeCommitment for the age mask and list public keys for age
    restriciton.
 2. TALER_AgeProof for list of private keys for age restriction
 3. TALER_AgeCommitmentProof for the aggregation of the former two.

Also, we introduce TALER_AgeAttestation as the EDDSA signature to attest
a particular age group, along with the function prototypes
TALER_age_commitment_attest and TALER_age_commitment_verify.
2022-03-01 17:02:37 +01:00
Christian Grothoff
8f77bda2e0
-towards getting auditor tests to pass again with new logic 2022-02-28 16:13:30 +01:00
26158fc725
[age restriction] progress 16/n - refresh/reveal/link tests
Age restriction works now with withdraw, melt/refresh/reveal and link,
including tests.

However, there is still a problem with the tests:  The melting operation
"refresh-melt-failing-age" that should fail (because of conflict), but
currently fails for other reasons.  I decided to disable that particular
test (and the next) and submit the patch I have so far.
2022-02-22 14:34:47 +01:00
3cd6156513
do not clamp EdDSA private keys 2022-02-21 16:08:45 +01:00
Christian Grothoff
544ba42f44
-big renaming of structs for consistent naming with P suffix 2022-02-21 00:23:23 +01:00
Christian Grothoff
19624fd776
-ensure different HKDF is used in melt vs. withdraw 2022-02-20 21:51:46 +01:00
f4f502d037
-minor merge conflict resolves 2022-02-18 00:50:31 +01:00
a78b3345fb
[age restriction] progress 15/n - melt/refresh/reveal and recoup
Added age restriction support for
  - melt/refresh/reveal
  - recoup

However, tests are not yet implemented for those flows.

Also: minor fixes and refactoring.
2022-02-18 00:30:19 +01:00
Christian Grothoff
668342cd41
-fix test_crypto FTBFS 2022-02-17 15:23:05 +01:00
Christian Grothoff
a351bfc4b4
-fix CS nonce reuse check logic 2022-02-17 15:18:09 +01:00
8bdf6ab19d
[age restriction] progress 14/n - withdraw and deposit
Age restriction support for
  - withdraw is done and tested
  - deposit is done and tested

TODOs:
  - melt/refresh/reveal
  - link

------

Added functions
 - TALER_age_restriction_commit
 - TALER_age_commitment_derive
 - TALER_age_commitment_hash
 - TALER_age_restriction_commitment_free_inside
 - Hash of age commitment passed around API boundaries

Exchangedb adjustments for denominations
 - all prepared statements re: denominations now handle age_mask
 - signature parameters adjusted

Hash and signature verification of /keys adjusted
 - Hashes of (normal) denominations and age-restricted denominations are
   calculated seperately
 - The hash of the age-restricted ones will then be added to the other
   hash
 - The total hash is signed/verified

Tests for withdraw with age restriction added
 - TALER_EXCHANGE_DenomPublickey now carries age_mask
 - TALER_TESTING_cmd_withdraw_amount* takes age parameter
 - TALER_TESTING_find_pk takes boolean age_restricted
 - WithdrawState carries age_commitment and its hash
 - withdraw_run derives new age commitment, if applicable
 - Added age parameter to testing (13 as example)

Various Fixes and changes
 - Fixes of post handler for /management/extensions
 - Fixes for offline tool extensions signing
 - Slight refactoring of extensions
 - Age restriction extension simplified
   - config is now global to extension
   - added global TEH_age_restriction_enabled and TEH_age_mask in
     taler-exchange-httpd
   - helper functions and macros introduced
2022-02-16 22:01:05 +01:00
Christian Grothoff
ef938e0f7a
-correctly implement CS idempotency check on withdraw 2022-02-15 17:07:13 +01:00
Christian Grothoff
8ecbdeb55b
-actually, commit phase does take care of this 2022-02-14 23:15:29 +01:00
Christian Grothoff
bd77bcb52d
-towards fixing the protocol 2022-02-14 23:02:25 +01:00
Christian Grothoff
f4f40a31ef
-fixmes 2022-02-14 13:03:26 +01:00
Christian Grothoff
a0d9d59b73
-refactor to address FIXME 2022-02-12 12:20:12 +01:00
Christian Grothoff
88033aa15e
-removed confused TODOs 2022-02-12 12:15:02 +01:00
Christian Grothoff
d581729443
-removed confused TODOs 2022-02-12 12:14:24 +01:00
Christian Grothoff
ea4be7ba6f
-swap argument/rval for nicer code 2022-02-12 11:42:25 +01:00
Christian Grothoff
bc14c215b3
-doxygen fixes 2022-02-12 11:12:33 +01:00
Christian Grothoff
819b67426c
-doxygen fixes 2022-02-12 10:33:23 +01:00
Christian Grothoff
2cdbf58006
-remove redundant comments 2022-02-12 10:05:45 +01:00
Christian Grothoff
c93150b8cd
-work on more FIXMEs 2022-02-12 01:00:31 +01:00
Christian Grothoff
94a5359494
-address misc. fixmes 2022-02-12 00:52:19 +01:00
Christian Grothoff
3b1e742dde
-simplify: nonce no longer hashed 2022-02-11 18:00:20 +01:00
Christian Grothoff
9f77398fe2
-fix use of uninit memory in test 2022-02-11 17:44:18 +01:00
Christian Grothoff
4472cbaf9d
-simplify structures 2022-02-11 11:55:59 +01:00
Christian Grothoff
0995bdd1d0
-get tests to pass 2022-02-11 09:36:01 +01:00
Christian Grothoff
532d4ad0dc
-fixes to tests, and half-baked fixes for CS-/link (still fails) 2022-02-10 23:39:00 +01:00
Christian Grothoff
d58d89dcab
-get recoup/refresh to pass 2022-02-10 20:15:17 +01:00
Christian Grothoff
8e4eaabc96
-fix refresh commitment check for CS 2022-02-09 19:17:50 +01:00
Christian Grothoff
730f9e8865
-more refresh CS fixes 2022-02-09 17:30:02 +01:00
Christian Grothoff
1777db292e
-fix withdraw logic 2022-02-09 16:43:36 +01:00
Christian Grothoff
12290af845
-clean up crypto 2022-02-09 10:49:10 +01:00
Christian Grothoff
d559610da7
-poison 2022-02-09 10:38:02 +01:00
Christian Grothoff
77eaa685b9
-indent 2022-02-09 10:11:40 +01:00
Christian Grothoff
88b84d01cb
-simpilify 2022-02-09 10:09:01 +01:00
Christian Grothoff
b461fc6fc4
-simpilify 2022-02-09 10:03:10 +01:00
Christian Grothoff
e82d18325a
-dce 2022-02-09 10:02:10 +01:00
Christian Grothoff
bc15478c3b
-fix leak 2022-02-09 09:25:32 +01:00
Christian Grothoff
bd930549fb
initialize reserved field 2022-02-09 09:13:40 +01:00
Christian Grothoff
8cbe16a220
fix refresh/link tests 2022-02-08 09:58:22 +01:00
Christian Grothoff
7eb989b2df
-get melt and refresh-reveal to pass again 2022-02-08 00:12:56 +01:00
Christian Grothoff
a5b8244948
-wake clients if we have 0 dks 2022-02-07 15:40:21 +01:00
Christian Grothoff
271711ae64
run denom helper even with zero denoms, as we may be using the other cipher type only 2022-02-07 15:02:34 +01:00
Christian Grothoff
b84fb618c3
fix refreshes_reveal FTBFS 2022-02-07 13:41:55 +01:00
Christian Grothoff
b2e6fcae1a
fix DB API for generic blinded planchet storage 2022-02-07 13:14:25 +01:00
Christian Grothoff
c7c0beedd5
-rename fest 2022-02-07 12:35:00 +01:00
Christian Grothoff
fb9ba5b1d2
-rename fest 2022-02-07 12:33:35 +01:00
Christian Grothoff
0d03f55282
-clean up of crypto.c 2022-02-07 11:33:58 +01:00
Christian Grothoff
d850ed9ca1
-fix test_crypto 2022-02-07 11:23:53 +01:00
Christian Grothoff
3ed39955b6
-fix test_crypto ftbfs 2022-02-07 10:58:23 +01:00
Christian Grothoff
031e365814
fix FTBFS of main logic 2022-02-07 10:55:07 +01:00
Christian Grothoff
62d8368b1b
-fix more FTBFS issues 2022-02-06 19:53:23 +01:00
Christian Grothoff
66abbcac3f
-fix more FTBFS issues 2022-02-06 19:44:05 +01:00
Gian Demarmels
b280b1db04
fix src/util 2022-02-05 23:12:21 +01:00
Gian Demarmels
c42376cf40
crypto implementation 2022-02-05 00:32:53 +01:00
Christian Grothoff
03fd154a69
messing with CS/RSA fixes 2022-02-04 19:30:15 +01:00
Gian Demarmels
8674f32aec
denomination CIPHER field per denom 2022-02-04 15:39:57 +01:00
Gian Demarmels
086cf05794
refactor TALER_coin_ev_hash 2022-02-04 15:37:34 +01:00
Gian Demarmels
2213012866
include denom_pub into coin_ev_hash 2022-02-04 15:37:34 +01:00
Gian Demarmels
be50c084f8
fixed nonce check, renamed WithdrawNonce 2022-02-04 15:37:33 +01:00
Gian Demarmels
ae5f082c75
repair nonce check 2022-02-04 15:37:33 +01:00
Lucien Heuzeveldt
8d85c8b5b6
implement feedback 2022-02-04 15:37:30 +01:00
Christian Grothoff
ea97729ba8
-scope needed 2022-02-04 15:36:51 +01:00
Gian Demarmels
5b7e8f9ac5
refactoring 2022-02-04 15:36:11 +01:00
Lucien Heuzeveldt
daa7fdcfb1
implement spend 2022-02-04 15:36:10 +01:00
Gian Demarmels
9c2aefaa51
removed varargs 2022-02-04 15:36:08 +01:00
Gian Demarmels
4c7aa09784
cleanup 2022-02-04 15:34:22 +01:00
Gian Demarmels
2d70c8c6d0
secmod CS sign implementation 2022-02-04 15:34:21 +01:00
Lucien Heuzeveldt
36f551ff33
set planchet detail cipher, add cipher checks 2022-02-04 15:33:14 +01:00
Lucien Heuzeveldt
106664ed0c
implement TALER_CRYPTO_helper_cs_r_derive and related tests 2022-02-04 15:33:13 +01:00
Lucien Heuzeveldt
875a8b397e
implement secmod cs derive R 2022-02-04 15:33:13 +01:00
Gian Demarmels
d1fd3a485b
revocation 2022-02-04 15:33:13 +01:00
Gian Demarmels
9d9d4413df
setup_key for cs secmod helper 2022-02-04 15:33:12 +01:00
Gian Demarmels
18db69be2d
initial cs_secmod implementation 2022-02-04 15:33:11 +01:00
Gian Demarmels
f239b01be1
secmod cs signatures implementation 2022-02-04 15:33:11 +01:00
Lucien Heuzeveldt
75eff1524a
clean up cs implementation 2022-02-04 15:33:10 +01:00
Lucien Heuzeveldt
cf4fd36cc4
remove varargs in cs crypto implementation 2022-02-04 15:33:09 +01:00
Gian Demarmels
4bcbd704df
utility functions 2022-02-04 15:33:09 +01:00
Gian Demarmels
ca247f6f58
fixed CS signatures and cleanup/refactoring 2022-02-04 15:33:09 +01:00
Gian Demarmels
db9b84970d
add sign and verify implementation 2022-02-04 15:31:50 +01:00
Gian Demarmels
5d2157a8f6
sign_blinded implementation 2022-02-04 15:31:49 +01:00
Gian Demarmels
f1ec1e70a0
implemented planchet_prepare for CS 2022-02-04 15:31:49 +01:00
Gian Demarmels
a02ab8f81b
added CS get R functionality and planchet setup 2022-02-04 15:31:48 +01:00
Gian Demarmels
385eb51e93
CS planchet create and withdraw create 2022-02-04 15:31:48 +01:00
Gian Demarmels
f3fb7c29e6
added CS data structures, implemented CS keypair 2022-02-04 15:31:45 +01:00
8684a9bfea
[age_restriction] progress 13/n
- major refactoring of extensions
  - extensions live now in a separate library, libtalerextensions
  - refactored all components using age_restriction accordingly
  - plumbing for plugin support for extensions roughly layed down
2022-01-23 01:36:21 +01:00
0b56de6c99
[age restriction] progress 12/n
- taler-offline-tool now handles extensions
  - command "extensions" added with subcommands "show" and "sign"
  - parses extensions from taler config
  - shows and signs of extensions and their configurations
  - creates signed set of configurations for upload
  - added test for retrieval of extension config

- simplified signature verification for extensions
  - remove per-extension signatures, also from DB schema
  - adjust prepared statements accordingly
  - adjust DB event handler for extensions
  - allow NULL for config for extension in DB schema
  - handler for /management/extensions adjusted to new datastructures

- changed test for TALER_denom_blind/TALER_denom_sign_blinded with and
  without TALER_AgeHash

- minor updates and various fixes
2022-01-21 15:41:02 +01:00
Jonathan Buchanan
c10b783521
use 'pipe' instead of 'eventfd' on non-Linux systems 2022-01-18 09:15:54 -05:00
Christian Grothoff
e7aeec04f4
The current recoup API is broken. I guess this is another example where "trivial" API changes turn out to have (multiple!) unexpected consequences.
The current "/recoup" API does not have clear idempotency semantics, as we've discussed on the phone.  This is already bad by itself, as it makes it hard to write down what the API does other than "whatever the implementation does".

However, it actually breaks correctness in this (admittedly kinda contrived, but not impossible) case:

Say that we have a coin A obtained via withdrawal and a coin B obtained via refreshing coin A. Now the denominations of A gets revoked..

The wallet does a recoup of A for EUR:1.

Now the denomination of B also gets revoked.  The wallet recoups B (incidentally also for EUR:1) and now A can be recouped again for EUR:1.  But now the exchange is in a state where it will refuse a legitimate recoup request for A because the detection for an idempotent request kicks in.

This is IMHO bad API design, and the exchange should simply always recoup the maximum amount.

Furthermore, we usually follow the principle of "API calls that take up DB space are paid".  With the current recoup API, I can do many tiny recoup requests which the exchange then has to store, right?

I guess it would not be a big change to remove the "amount" value from the recoup/recoup-refresh request bodies, right?

- Florian
2022-01-11 12:47:35 +01:00
e30989c930
[age restriction] progress 11/n
Parse age restriction information from "/keys"
- parse "age_restriction" extension, extract mask for age groups
- parse denominations from "age_restricted_denoms", too, if available
2022-01-10 00:04:23 +01:00
cc7d7707ab
[age restriction] progress 10/n
More work towards support for extensions:
- Prepared statements and DB-plugin-functions for setting and retrieving
  configurations from the database added.
- primitive "registry" of extensions for age restrictions and peer2peer
  (stub)
- TALER_Extensions now with FP for parsing, setting and converting a
  configuration.
- /management/extensions handler now verifies signature of the (opaque)
  json object for all extensions.
- /management/extensions handler calls the FP in the corrensponding
  TALER_Extension for parsing and setting the configuration of a
  particular extension

More work towards age restriction:
- TALER_Extensions interfaces for config-parser, -setter and converter
  implemented for age restriction
- DB event handler now retrieves config from database, parses it and
  sets it (the age mask) in the global extension.
- load_age_mask now loads age mask from the global extension (and not
  from the config file)
- add age_restricted_denoms to /keys response
2022-01-08 14:40:20 +01:00
ef4238874f
[age restriction] progress 9/n
More worke towards support for extensions and age restriction:

- taler-exchange-httpd_management_extensions.c almost completed
  - handling of request implemented
  - stub "set_extensions" for database transaction added

- utility functions added
  - TALER_exchange_offline_extension_agemask_{sign,verify}
  - TALER_agemask_parse_json
2021-12-27 23:24:48 +01:00
Christian Grothoff
f6ecb6c895
-eliminate redundant hash operation on link signatures 2021-12-25 15:39:01 +01:00
Christian Grothoff
84c9adf5a6
v12: also do not sign over merchant_pub in REFUND signature, centralize logic 2021-12-25 14:58:04 +01:00
Christian Grothoff
87376e02eb
protocol v12 changes (/recoup split, signature changes) plus database sharding plus O(n^2)=>O(n) worst-case complexity reduction on coin balance checks 2021-12-25 13:56:40 +01:00
Christian Grothoff
2c14d33870
deduplicate melt signing logic, remove coin_pub from data being signed over 2021-12-25 13:56:40 +01:00
1b23857f2c
[age restriction] progress 8/n
More work towards support for extensions and age restriction

- updated gana
- added handler for DB-Event
- added TEH_extensions_init() and _done()
- added global for age restriction
- added stub for post handler
- added SQL-table for extension metadata
- added enum type for extensions and other data structures

Also:
- fixed some warnings -Wmaybe-unitialized
2021-12-23 15:15:33 +01:00
Christian Grothoff
1acc851deb
-fix recoup ugliness 2021-12-16 20:18:44 +01:00
Christian Grothoff
1a1fafbd43
introducing GNUNET_TIME_Timestamp, recoup now with amounts 2021-12-14 16:04:40 +01:00
a00cebcced
put crypto worker in exchange-tools, re-enable build 2021-12-08 15:54:48 +01:00
Christian Grothoff
98e44f33a7
add missing preflight 2021-12-08 12:42:22 +01:00
Christian Grothoff
67de20d26e
major rework of withdraw transaction to use stored procedure and (presumably) reduce serialization failures by avoiding SELECT before INSERT 2021-12-05 17:16:00 +01:00
Christian Grothoff
ec45eaae18
more logging 2021-12-03 16:16:19 +01:00
Christian Grothoff
dfe245814c
reduce lock contention in RSA secmod 2021-12-02 17:25:57 +01:00
Christian Grothoff
3a5eb9285c
-fix FTBFS 2021-12-02 14:33:22 +01:00
Christian Grothoff
b3e4159c2e
more perf debug messages 2021-12-02 14:11:14 +01:00
Christian Grothoff
170402203a
make check case-insensitive 2021-12-01 17:56:47 +01:00
54c62f3ab9
[age restriction] progress 6/n
lift logic for detection of age restriction of a denomination out from
taler-exchange-secmod-rsa.c to taler-exchange_httpd_keys.c
2021-12-01 15:25:33 +01:00
Christian Grothoff
d3615c708f
-fix typos 2021-11-29 17:48:39 +01:00
4e9a5c8cc7
touch unused variable 2021-11-29 10:22:35 +01:00
93fe40c5a7
fixed signednes issue 2021-11-29 10:14:23 +01:00
a467ba6a54
typo and pointer comparison fixed 2021-11-29 10:12:08 +01:00
97bae4dd65
[age restriction] progress 5/n
- taler-exchange-secmod-rsa
  - extracts AGE_RESTRICTED per denomination from config
  - propagates flag for each denomination to server
- if age restriction is set for a denomination,
  age _mask_ is taken (for now!) from config
2021-11-28 18:51:25 +01:00
6ee13445ce
[age restriction] progress 4/n
- parser for age groups
- stringify age mask
2021-11-27 14:33:07 +01:00
Christian Grothoff
f795e32b01
-fix size check for RSA-8k 2021-11-27 14:21:36 +01:00
Christian Grothoff
f493122033
fix #7105 (for exchange) 2021-11-25 23:24:04 +01:00
Christian Grothoff
98549cdc5a
-fix 2021-11-25 10:00:55 +01:00
Christian Grothoff
414237c335
handle double-revoke gracefully 2021-11-25 09:54:23 +01:00
Christian Grothoff
bab213e794
work on #7099 2021-11-25 09:43:01 +01:00
Christian Grothoff
0ac1b7abad
handle revoke followed immediately by a sign request 2021-11-24 17:44:26 +01:00
Christian Grothoff
7b50c7c012
-fix paths issue 2021-11-21 13:37:23 +01:00
Christian Grothoff
c88363be20
-fix paths issue 2021-11-21 13:33:24 +01:00