diff options
| author | Özgür Kesim <oec-taler@kesim.org> | 2022-02-16 22:01:05 +0100 |
|---|---|---|
| committer | Özgür Kesim <oec-taler@kesim.org> | 2022-02-16 22:01:05 +0100 |
| commit | 8bdf6ab19df70c16d335ecf82f2c3b2117eeb70e (patch) | |
| tree | fe38fc98807feb6892052ee091b2b5f0a70ab17a /src/lib/exchange_api_common.c | |
| parent | b73be40ccd9ad0ef4a985f252099c867f698896d (diff) | |
[age restriction] progress 14/n - withdraw and deposit
Age restriction support for
- withdraw is done and tested
- deposit is done and tested
TODOs:
- melt/refresh/reveal
- link
------
Added functions
- TALER_age_restriction_commit
- TALER_age_commitment_derive
- TALER_age_commitment_hash
- TALER_age_restriction_commitment_free_inside
- Hash of age commitment passed around API boundaries
Exchangedb adjustments for denominations
- all prepared statements re: denominations now handle age_mask
- signature parameters adjusted
Hash and signature verification of /keys adjusted
- Hashes of (normal) denominations and age-restricted denominations are
calculated seperately
- The hash of the age-restricted ones will then be added to the other
hash
- The total hash is signed/verified
Tests for withdraw with age restriction added
- TALER_EXCHANGE_DenomPublickey now carries age_mask
- TALER_TESTING_cmd_withdraw_amount* takes age parameter
- TALER_TESTING_find_pk takes boolean age_restricted
- WithdrawState carries age_commitment and its hash
- withdraw_run derives new age commitment, if applicable
- Added age parameter to testing (13 as example)
Various Fixes and changes
- Fixes of post handler for /management/extensions
- Fixes for offline tool extensions signing
- Slight refactoring of extensions
- Age restriction extension simplified
- config is now global to extension
- added global TEH_age_restriction_enabled and TEH_age_mask in
taler-exchange-httpd
- helper functions and macros introduced
Diffstat (limited to 'src/lib/exchange_api_common.c')
| -rw-r--r-- | src/lib/exchange_api_common.c | 34 |
1 files changed, 25 insertions, 9 deletions
diff --git a/src/lib/exchange_api_common.c b/src/lib/exchange_api_common.c index 53a75a934..d03409244 100644 --- a/src/lib/exchange_api_common.c +++ b/src/lib/exchange_api_common.c @@ -477,6 +477,7 @@ TALER_EXCHANGE_verify_coin_history ( struct TALER_MerchantPublicKeyP merchant_pub; struct GNUNET_TIME_Timestamp refund_deadline = {0}; struct TALER_CoinSpendSignatureP sig; + struct TALER_AgeCommitmentHash *hac = NULL; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_fixed_auto ("coin_sig", &sig), @@ -511,6 +512,7 @@ TALER_EXCHANGE_verify_coin_history ( &fee, &h_wire, &h_contract_terms, + hac, NULL /* h_extensions! */, h_denom_pub, wallet_timestamp, @@ -543,6 +545,7 @@ TALER_EXCHANGE_verify_coin_history ( { struct TALER_CoinSpendSignatureP sig; struct TALER_RefreshCommitmentP rc; + struct TALER_AgeCommitmentHash h_age_commitment = {0}; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_fixed_auto ("coin_sig", &sig), @@ -550,6 +553,9 @@ TALER_EXCHANGE_verify_coin_history ( &rc), GNUNET_JSON_spec_fixed_auto ("h_denom_pub", h_denom_pub), + GNUNET_JSON_spec_mark_optional ( + GNUNET_JSON_spec_fixed_auto ("h_age_commitment", + &h_age_commitment)), TALER_JSON_spec_amount_any ("melt_fee", &fee), GNUNET_JSON_spec_end () @@ -563,6 +569,7 @@ TALER_EXCHANGE_verify_coin_history ( GNUNET_break_op (0); return GNUNET_SYSERR; } + if (NULL != dk) { /* check that melt fee matches our expectations from /keys! */ @@ -577,16 +584,25 @@ TALER_EXCHANGE_verify_coin_history ( return GNUNET_SYSERR; } } - if (GNUNET_OK != - TALER_wallet_melt_verify (&amount, - &fee, - &rc, - h_denom_pub, - coin_pub, - &sig)) + { - GNUNET_break_op (0); - return GNUNET_SYSERR; + const struct TALER_AgeCommitmentHash *ahc = &h_age_commitment; + + if (TALER_AgeCommitmentHash_isNullOrZero (ahc)) + ahc = NULL; + + if (GNUNET_OK != + TALER_wallet_melt_verify (&amount, + &fee, + &rc, + h_denom_pub, + ahc, + coin_pub, + &sig)) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } } add = GNUNET_YES; } |