This change also removes ‘struct TALER_DepositTrackPS’
from the public API.
* src/include/taler_signatures.h (struct TALER_DepositTrackPS): Delete.
* src/util/exchange_signatures.c (struct TALER_DepositTrackPS): New.
(TALER_exchange_deposit_sign): New func.
(TALER_exchange_deposit_verify): New func.
* src/include/taler_crypto_lib.h
(TALER_exchange_deposit_sign): New func decl.
(TALER_exchange_deposit_verify): New func decl.
* src/exchange/taler-exchange-httpd_deposits_get.c
(TEH_handler_deposits_get): Rework to use ‘TALER_exchange_deposit_verify’.
* src/lib/exchange_api_deposits_get.c
(TALER_EXCHANGE_deposits_get): Rework to use ‘taler_exchange_deposit_sign’.
Additionally, this change removes ‘struct TALER_ProposalDataPS’
from the public API.
* src/include/taler_crypto_lib.h
(TALER_merchant_contract_sign): New func decl.
* src/include/taler_signatures.h
(struct TALER_ProposalDataPS): Delete.
* src/util/merchant_signatures.c
(struct TALER_ProposalDataPS): Move here from taler_signatures.h.
(TALER_merchant_contract_sign): New func.
Additionally, this change removes ‘struct TALER_PaymentResponsePS’
from the public API.
* src/include/taler_crypto_lib.h
(TALER_merchant_pay_sign): New func decl.
(TALER_merchant_pay_verify): New func decl.
* src/include/taler_signatures.h
(struct TALER_PaymentResponsePS): Delete.
* src/util/merchant_signatures.c
(struct TALER_PaymentResponsePS): Move here from taler_signatures.h.
(TALER_merchant_pay_sign): New func.
(TALER_merchant_pay_verify): New func.
We switch from EcDSA to Edx25519 for the underlying signature scheme.
Edx25519 is implemented in gnunet, starting with (gnunet-)commit
ce38d1f6c9bd7857a1c3bc2094a0ee9752b86c32.
- Unit-tests for commit, derive, attest and verify added, with multiple
combinations of minimum age and commited age.
- Fixed crypto implementation (eddsa -> ecdsa)
- Using now standard functionality from GNUNET:
GNUNET_CRYPTO_ecdsa_{private,public}_key_derive
All tests pass (unit tests in util/ and 'make check' in testing).
- functions TALER_age_commitment_attest and
TALER_age_commitment_verify
implemented.
- age restriction implementation moved into util/age_restriction.c
- functions TALER_age_commitment_attest and TALER_age_commitment_verify
implemented.
- age restriction implementation moved into util/age_restriction.c
Instead of a single struct TALER_AgeCommitment, we now use
1. TALER_AgeCommitment for the age mask and list public keys for age
restriciton.
2. TALER_AgeProof for list of private keys for age restriction
3. TALER_AgeCommitmentProof for the aggregation of the former two.
Also, we introduce TALER_AgeAttestation as the EDDSA signature to attest
a particular age group, along with the function prototypes
TALER_age_commitment_attest and TALER_age_commitment_verify.
Age restriction works now with withdraw, melt/refresh/reveal and link,
including tests.
However, there is still a problem with the tests: The melting operation
"refresh-melt-failing-age" that should fail (because of conflict), but
currently fails for other reasons. I decided to disable that particular
test (and the next) and submit the patch I have so far.
Added age restriction support for
- melt/refresh/reveal
- recoup
However, tests are not yet implemented for those flows.
Also: minor fixes and refactoring.
Age restriction support for
- withdraw is done and tested
- deposit is done and tested
TODOs:
- melt/refresh/reveal
- link
------
Added functions
- TALER_age_restriction_commit
- TALER_age_commitment_derive
- TALER_age_commitment_hash
- TALER_age_restriction_commitment_free_inside
- Hash of age commitment passed around API boundaries
Exchangedb adjustments for denominations
- all prepared statements re: denominations now handle age_mask
- signature parameters adjusted
Hash and signature verification of /keys adjusted
- Hashes of (normal) denominations and age-restricted denominations are
calculated seperately
- The hash of the age-restricted ones will then be added to the other
hash
- The total hash is signed/verified
Tests for withdraw with age restriction added
- TALER_EXCHANGE_DenomPublickey now carries age_mask
- TALER_TESTING_cmd_withdraw_amount* takes age parameter
- TALER_TESTING_find_pk takes boolean age_restricted
- WithdrawState carries age_commitment and its hash
- withdraw_run derives new age commitment, if applicable
- Added age parameter to testing (13 as example)
Various Fixes and changes
- Fixes of post handler for /management/extensions
- Fixes for offline tool extensions signing
- Slight refactoring of extensions
- Age restriction extension simplified
- config is now global to extension
- added global TEH_age_restriction_enabled and TEH_age_mask in
taler-exchange-httpd
- helper functions and macros introduced
