diff options
| author | Christian Grothoff <christian@grothoff.org> | 2016-03-21 01:45:53 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2016-03-21 01:45:53 +0100 |
| commit | 6f8fa678c1f4672165cd82ddb43ec3546d9552a9 (patch) | |
| tree | 71b8948519f4b94d087f098393c49a523d96b8fc /src/include | |
| parent | 737e3f4bf67a2048381785328206c595bffe632a (diff) | |
implementing #3987
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/taler_exchange_service.h | 20 | ||||
| -rw-r--r-- | src/include/taler_exchangedb_lib.h | 51 | ||||
| -rw-r--r-- | src/include/taler_signatures.h | 7 |
3 files changed, 43 insertions, 35 deletions
diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index c3ecba968..cb1bd12aa 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -208,19 +208,19 @@ struct TALER_EXCHANGE_DenomPublicKey struct TALER_EXCHANGE_AuditorInformation { /** - * Public key of the auditing institution. + * Public key of the auditing institution. Wallets and merchants + * are expected to be configured with a set of public keys of + * auditors that they deem acceptable. These public keys are + * the roots of the Taler PKI. */ struct TALER_AuditorPublicKeyP auditor_pub; /** - * URL of the auditing institution. The application must check that - * this is an acceptable auditor for its purpose and also verify - * that the @a auditor_pub matches the auditor's public key given at - * that website. We expect that in practice software is going to - * often ship with an initial list of accepted auditors, just like - * browsers ship with a CA root store. - * - * This field may be NULL. (#3987). + * URL of the auditing institution. Signed by the auditor's public + * key, this URL is a place where applications can direct users for + * additional information about the auditor. In the future, there + * should also be an auditor API for automated submission about + * claims of misbehaving exchange providers. */ const char *auditor_url; @@ -230,7 +230,7 @@ struct TALER_EXCHANGE_AuditorInformation unsigned int num_denom_keys; /** - * Array of length @a denom_keys with the denomination + * Array of length @a num_denom_keys with the denomination * keys audited by this auditor. Note that the array * elements point to the same locations as the entries * in the key's main `denom_keys` array. diff --git a/src/include/taler_exchangedb_lib.h b/src/include/taler_exchangedb_lib.h index 347ad0650..e13df2d46 100644 --- a/src/include/taler_exchangedb_lib.h +++ b/src/include/taler_exchangedb_lib.h @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2014, 2015 GNUnet e.V. + Copyright (C) 2014, 2015, 2016 Inria & GNUnet e.V. TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software @@ -125,8 +125,8 @@ struct TALER_EXCHANGEDB_DenominationKeyIssueInformation */ typedef int (*TALER_EXCHANGEDB_SigningKeyIterator)(void *cls, - const char *filename, - const struct TALER_EXCHANGEDB_PrivateSigningKeyInformationP *ski); + const char *filename, + const struct TALER_EXCHANGEDB_PrivateSigningKeyInformationP *ski); /** @@ -143,8 +143,8 @@ typedef int */ int TALER_EXCHANGEDB_signing_keys_iterate (const char *exchange_base_dir, - TALER_EXCHANGEDB_SigningKeyIterator it, - void *it_cls); + TALER_EXCHANGEDB_SigningKeyIterator it, + void *it_cls); @@ -160,8 +160,8 @@ TALER_EXCHANGEDB_signing_keys_iterate (const char *exchange_base_dir, */ typedef int (*TALER_EXCHANGEDB_DenominationKeyIterator)(void *cls, - const char *alias, - const struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki); + const char *alias, + const struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki); /** @@ -179,8 +179,8 @@ typedef int */ int TALER_EXCHANGEDB_denomination_keys_iterate (const char *exchange_base_dir, - TALER_EXCHANGEDB_DenominationKeyIterator it, - void *it_cls); + TALER_EXCHANGEDB_DenominationKeyIterator it, + void *it_cls); /** @@ -192,7 +192,7 @@ TALER_EXCHANGEDB_denomination_keys_iterate (const char *exchange_base_dir, */ int TALER_EXCHANGEDB_denomination_key_write (const char *filename, - const struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki); + const struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki); /** @@ -204,7 +204,7 @@ TALER_EXCHANGEDB_denomination_key_write (const char *filename, */ int TALER_EXCHANGEDB_denomination_key_read (const char *filename, - struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki); + struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki); /** @@ -212,6 +212,7 @@ TALER_EXCHANGEDB_denomination_key_read (const char *filename, * * @param cls closure * @param apub the auditor's public key + * @param auditor_url URL of the auditor * @param mpub the exchange's public key (as expected by the auditor) * @param dki_len length of @a asig and @a dki arrays * @param asigs array of the auditor's signatures over the @a dks, of length @a dki_len @@ -222,11 +223,12 @@ TALER_EXCHANGEDB_denomination_key_read (const char *filename, */ typedef int (*TALER_EXCHANGEDB_AuditorIterator)(void *cls, - const struct TALER_AuditorPublicKeyP *apub, - const struct TALER_MasterPublicKeyP *mpub, - unsigned int dki_len, - const struct TALER_AuditorSignatureP *asigs, - const struct TALER_DenominationKeyValidityPS *dki); + const struct TALER_AuditorPublicKeyP *apub, + const char *auditor_url, + const struct TALER_MasterPublicKeyP *mpub, + unsigned int dki_len, + const struct TALER_AuditorSignatureP *asigs, + const struct TALER_DenominationKeyValidityPS *dki); /** @@ -244,8 +246,8 @@ typedef int */ int TALER_EXCHANGEDB_auditor_iterate (const char *exchange_base_dir, - TALER_EXCHANGEDB_AuditorIterator it, - void *it_cls); + TALER_EXCHANGEDB_AuditorIterator it, + void *it_cls); /** @@ -253,6 +255,7 @@ TALER_EXCHANGEDB_auditor_iterate (const char *exchange_base_dir, * * @param filename the file where to write the auditor information to * @param apub the auditor's public key + * @param auditor_url the URL of the auditor * @param asigs the auditor's signatures, array of length @a dki_len * @param mpub the exchange's public key (as expected by the auditor) * @param dki_len length of @a dki and @a asigs arrays @@ -261,11 +264,12 @@ TALER_EXCHANGEDB_auditor_iterate (const char *exchange_base_dir, */ int TALER_EXCHANGEDB_auditor_write (const char *filename, - const struct TALER_AuditorPublicKeyP *apub, - const struct TALER_AuditorSignatureP *asigs, - const struct TALER_MasterPublicKeyP *mpub, - unsigned int dki_len, - const struct TALER_DenominationKeyValidityPS *dki); + const struct TALER_AuditorPublicKeyP *apub, + const char *auditor_url, + const struct TALER_AuditorSignatureP *asigs, + const struct TALER_MasterPublicKeyP *mpub, + unsigned int dki_len, + const struct TALER_DenominationKeyValidityPS *dki); /** @@ -287,5 +291,4 @@ void TALER_EXCHANGEDB_plugin_unload (struct TALER_EXCHANGEDB_Plugin *plugin); - #endif diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 729bed262..d958f16ba 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -656,8 +656,13 @@ struct TALER_ExchangeKeyValidityPS struct GNUNET_CRYPTO_EccSignaturePurpose purpose; /** + * Hash of the auditor's URL. + */ + struct GNUNET_HashCode auditor_url_hash; + + /** * The long-term offline master key of the exchange, affirmed by the - * auditor. + * auditor. Hashed string, including 0-terminator. */ struct TALER_MasterPublicKeyP master; |