aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/exchange/taler-exchange-httpd_auditors.c255
-rw-r--r--src/exchange/taler-exchange-httpd_management_auditors.c8
-rw-r--r--src/exchange/taler-exchange-httpd_management_auditors_AP_disable.c8
-rw-r--r--src/exchange/taler-exchange-httpd_management_post_keys.c28
-rw-r--r--src/exchange/taler-exchange-httpd_management_wire.c8
-rw-r--r--src/include/taler_exchangedb_plugin.h302
-rw-r--r--src/include/taler_signatures.h2
7 files changed, 587 insertions, 24 deletions
diff --git a/src/exchange/taler-exchange-httpd_auditors.c b/src/exchange/taler-exchange-httpd_auditors.c
new file mode 100644
index 000000000..954cb9983
--- /dev/null
+++ b/src/exchange/taler-exchange-httpd_auditors.c
@@ -0,0 +1,255 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2020 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file taler-exchange-httpd_auditors.c
+ * @brief Handle request to add auditor signature on a denomination.
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <gnunet/gnunet_util_lib.h>
+#include <gnunet/gnunet_json_lib.h>
+#include <jansson.h>
+#include <microhttpd.h>
+#include <pthread.h>
+#include "taler_json_lib.h"
+#include "taler_mhd_lib.h"
+#include "taler-exchange-httpd_refund.h"
+#include "taler-exchange-httpd_responses.h"
+#include "taler-exchange-httpd_keystate.h"
+
+/**
+ * Closure for the #add_auditor_denom_sig transaction.
+ */
+struct AddAuditorDenomContext
+{
+ /**
+ * Auditor's signature affirming the AUDITORS XXX operation
+ * (includes timestamp).
+ */
+ struct TALER_AuditorSignatureP auditor_sig;
+
+ /**
+ * Denomination this is about.
+ */
+ const struct GNUNET_HashCode *h_denom_pub;
+
+ /**
+ * Auditor this is about.
+ */
+ const struct TALER_AuditorPublicKeyP *auditor_pub;
+
+};
+
+
+/**
+ * Function implementing database transaction to add an auditors. Runs the
+ * transaction logic; IF it returns a non-error code, the transaction logic
+ * MUST NOT queue a MHD response. IF it returns an hard error, the
+ * transaction logic MUST queue a MHD response and set @a mhd_ret. IF it
+ * returns the soft error code, the function MAY be called again to retry and
+ * MUST not queue a MHD response.
+ *
+ * @param cls closure with a `struct AddAuditorDenomContext`
+ * @param connection MHD request which triggered the transaction
+ * @param session database session to use
+ * @param[out] mhd_ret set to MHD response status for @a connection,
+ * if transaction failed (!)
+ * @return transaction status
+ */
+static enum GNUNET_DB_QueryStatus
+add_auditor_denom_sig (void *cls,
+ struct MHD_Connection *connection,
+ struct TALER_EXCHANGEDB_Session *session,
+ MHD_RESULT *mhd_ret)
+{
+ struct AddAuditorDenomContext *awc = cls;
+ struct TALER_EXCHANGEDB_DenominationKeyMetaData meta;
+ enum GNUNET_DB_QueryStatus qs;
+ bool enabled;
+
+ qs = TEH_plugin->lookup_deomination_key (
+ TEH_plugin->cls,
+ session,
+ aws->h_denom_pub,
+ &meta);
+ if (qs < 0)
+ {
+ if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
+ return qs;
+ GNUNET_break (0);
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_LOOKUP_FAILED,
+ "lookup denomination key");
+ return qs;
+ }
+ if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
+ {
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_NOT_FOUND,
+ TALER_EC_XXX,
+ "denomination unkown");
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ }
+
+ qs = TEH_plugin->lookup_auditor_status (
+ TEH_plugin->cls,
+ session,
+ aws->auditor_pub,
+ &enabled);
+ if (qs < 0)
+ {
+ if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
+ return qs;
+ GNUNET_break (0);
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_LOOKUP_FAILED,
+ "lookup auditor");
+ return qs;
+ }
+ if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
+ {
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_PRECONDITION_FAILED,
+ TALER_EC_EXCHANGE_XXX,
+ "auditor unkown");
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ }
+ if (! enabled)
+ {
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_GONE,
+ TALER_EC_EXCHANGE_XXX,
+ "auditor no longer in use");
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ }
+ {
+ struct TALER_ExchangeKeyValidityPS kv = {
+ .purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS),
+ .purpose.size = htonl (kv),
+ .master = TEH_master_public_key.eddsa_pub,
+ .start = meta->start,
+ .expire_withdraw = GNUNET_TIME_absolute_hton (meta.expire_withdraw),
+ .expire_deposit = GNUNET_TIME_absolute_hton (meta.expire_deposit),
+ .expire_legal = GNUNET_TIME_absolute_hton (meta.expire_legal),
+ .denom_hash = meta->denom_hash
+ };
+
+ TALER_amount_hton (&kv.value,
+ &meta.value);
+ TALER_amount_hton (&kv.fee_withdraw,
+ &meta.fee_withdraw);
+ TALER_amount_hton (&kv.fee_deposit,
+ &meta.fee_deposit);
+ TALER_amount_hton (&kv.fee_refresh,
+ &meta.fee_refresh);
+ TALER_amount_hton (&kv.fee_refund,
+ &meta.fee_refund);
+ GNUNET_CRYPTO_hash (auditor_url,
+ strlen (auditor_url) + 1,
+ &kv.auditor_url_hash);
+ if (GNUNET_OK !=
+ GNUNET_CRYPTO_eddsa_verify (
+ TALER_SIGNATURE_AUDITOR_EXCHANGE_KEYS,
+ &kv,
+ &master_sig.eddsa_sig,
+ &TEH_master_public_key.eddsa_pub))
+ {
+ /* signature invalid */
+ GNUNET_break_op (0);
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_XXX,
+ NULL);
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ }
+ }
+
+ qs = TEH_plugin->insert_auditor_denom_sig (TEH_plugin->cls,
+ session,
+ awc->h_denom_pub,
+ awc->auditor_pub,
+ &aws->auditor_sig);
+ if (qs < 0)
+ {
+ GNUNET_break (0);
+ if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
+ return qs;
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_STORE_FAILED,
+ "add auditor signature");
+ return qs;
+ }
+ return qs;
+}
+
+
+/**
+ * Handle a "/auditors/$AUDITOR_PUB/$H_DENOM_PUB" request.
+ *
+ * @param connection the MHD connection to handle
+ * @param root uploaded JSON data
+ * @return MHD result code
+ */
+MHD_RESULT
+TEH_handler_management_denominations_auditors (
+ struct MHD_Connection *connection,
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ const struct GNUNET_HashCode *h_denom_pub,
+ const json_t *root)
+{
+ struct AddAuditorDenomContext awc = {
+ .auditor_pub = auditor_pub,
+ .h_denom_pub = h_denom_pub
+ };
+ struct GNUNET_JSON_Specification spec[] = {
+ GNUNET_JSON_spec_fixed_auto ("auditor_sig",
+ &awc.auditor_sig),
+ GNUNET_JSON_spec_end ()
+ };
+ enum GNUNET_DB_QueryStatus qs;
+
+ {
+ enum GNUNET_GenericReturnValue res;
+
+ res = TALER_MHD_parse_json_data (connection,
+ root,
+ spec);
+ if (GNUNET_SYSERR == res)
+ return MHD_NO; /* hard failure */
+ if (GNUNET_NO == res)
+ return MHD_YES; /* failure */
+ }
+
+ qs = TEH_DB_run_transaction (connection,
+ "add auditor denom sig",
+ &res,
+ &add_auditor_denom_sig,
+ &awc);
+ if (qs < 0)
+ return res;
+ return TALER_MHD_reply_static (
+ connection,
+ MHD_HTTP_NO_CONTENT,
+ NULL,
+ NULL,
+ 0);
+}
+
+
+/* end of taler-exchange-httpd_management_auditors.c */
diff --git a/src/exchange/taler-exchange-httpd_management_auditors.c b/src/exchange/taler-exchange-httpd_management_auditors.c
index a69e2788a..4d4d411e7 100644
--- a/src/exchange/taler-exchange-httpd_management_auditors.c
+++ b/src/exchange/taler-exchange-httpd_management_auditors.c
@@ -82,10 +82,10 @@ add_auditor (void *cls,
struct AddAuditorContext *aac = cls;
struct GNUNET_TIME_Absolute last_date;
- qs = TEH_plugin->lookup_auditor (TEH_plugin->cls,
- session,
- &aac->auditor_pub,
- &last_date);
+ qs = TEH_plugin->lookup_auditor_timestamp (TEH_plugin->cls,
+ session,
+ &aac->auditor_pub,
+ &last_date);
if (qs < 0)
{
if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
diff --git a/src/exchange/taler-exchange-httpd_management_auditors_AP_disable.c b/src/exchange/taler-exchange-httpd_management_auditors_AP_disable.c
index 374a92036..043482bef 100644
--- a/src/exchange/taler-exchange-httpd_management_auditors_AP_disable.c
+++ b/src/exchange/taler-exchange-httpd_management_auditors_AP_disable.c
@@ -82,10 +82,10 @@ del_auditor (void *cls,
struct DelAuditorContext *dac = cls;
struct GNUNET_TIME_Absolute last_date;
- qs = TEH_plugin->lookup_auditor (TEH_plugin->cls,
- session,
- &dac->auditor_pub,
- &last_date);
+ qs = TEH_plugin->lookup_auditor_timestamp (TEH_plugin->cls,
+ session,
+ &dac->auditor_pub,
+ &last_date);
if (qs < 0)
{
if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
diff --git a/src/exchange/taler-exchange-httpd_management_post_keys.c b/src/exchange/taler-exchange-httpd_management_post_keys.c
index 9f7d56335..ab7afd34b 100644
--- a/src/exchange/taler-exchange-httpd_management_post_keys.c
+++ b/src/exchange/taler-exchange-httpd_management_post_keys.c
@@ -124,12 +124,13 @@ add_keys (void *cls,
{
enum GNUNET_DB_QueryStatus qs;
bool is_active = false;
+ struct TALER_EXCHANGEDB_DenominationKeyMetaData meta;
qs = TEH_plugin->lookup_future_deomination_key (
TEH_plugin->cls,
session,
&akc->d_sigs[i].h_denom_pub,
- &META);
+ &meta);
if (0 == qs)
{
/* For idempotency, check if the key is already active */
@@ -137,7 +138,7 @@ add_keys (void *cls,
TEH_plugin->cls,
session,
&akc->d_sigs[i].h_denom_pub,
- &META);
+ &meta);
is_active = true; /* if we pass, it's active! */
}
if (qs < 0)
@@ -168,18 +169,23 @@ add_keys (void *cls,
TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY),
.purpose.size = htonl (sizeof (dkv)),
.master = TEH_master_public_key,
- .start = META.start,
- .expire_withdraw = META.expire_withdraw,
- .expire_deposit = META.expire_deposit,
- .expire_legal = META.expire_legal,
- .value = META.value,
- .fee_withdraw = META.fee_withdraw,
- .fee_deposit = META.fee_deposit,
- .fee_refresh = META.fee_refresh,
- .fee_refund = META.fee_refund,
+ .start = GNUNET_TIME_absolute_hton (meta.start),
+ .expire_withdraw = GNUNET_TIME_absolute_hton (meta.expire_withdraw),
+ .expire_deposit = GNUNET_TIME_absolute_hton (meta.expire_deposit),
+ .expire_legal = GNUNET_TIME_absolute_hton (meta.expire_legal),
.denom_hash = akc->d_sigs[i].h_denom_pub
};
+ TALER_amount_hton (&dkv.value,
+ &meta.value);
+ TALER_amount_hton (&dkv.fee_withdraw,
+ &meta.fee_withdraw);
+ TALER_amount_hton (&dkv.fee_deposit,
+ &meta.fee_deposit);
+ TALER_amount_hton (&dkv.fee_refresh,
+ &meta.fee_refresh);
+ TALER_amount_hton (&dkv.fee_refund,
+ &meta.fee_refund);
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (
TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY,
diff --git a/src/exchange/taler-exchange-httpd_management_wire.c b/src/exchange/taler-exchange-httpd_management_wire.c
index 8a13d6cfe..a841a1e67 100644
--- a/src/exchange/taler-exchange-httpd_management_wire.c
+++ b/src/exchange/taler-exchange-httpd_management_wire.c
@@ -84,10 +84,10 @@ add_wire (void *cls,
struct AddWireContext *awc = cls;
struct GNUNET_TIME_Absolute last_date;
- qs = TEH_plugin->lookup_wire (TEH_plugin->cls,
- session,
- awc->payto_uri,
- &last_date);
+ qs = TEH_plugin->lookup_wire_timestamp (TEH_plugin->cls,
+ session,
+ awc->payto_uri,
+ &last_date);
if (qs < 0)
{
if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h
index e2abb8a6a..159141f85 100644
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@@ -216,6 +216,84 @@ struct TALER_EXCHANGEDB_Reserve
/**
+ * Meta data about a denomination public key.
+ */
+struct TALER_EXCHANGEDB_DenominationKeyMetaData
+{
+ /**
+ * Start time of the validity period for this key.
+ */
+ struct GNUNET_TIME_Absolute start;
+
+ /**
+ * The exchange will sign fresh coins between @e start and this time.
+ * @e expire_withdraw will be somewhat larger than @e start to
+ * ensure a sufficiently large anonymity set, while also allowing
+ * the Exchange to limit the financial damage in case of a key being
+ * compromised. Thus, exchanges with low volume are expected to have a
+ * longer withdraw period (@e expire_withdraw - @e start) than exchanges
+ * with high transaction volume. The period may also differ between
+ * types of coins. A exchange may also have a few denomination keys
+ * with the same value with overlapping validity periods, to address
+ * issues such as clock skew.
+ */
+ struct GNUNET_TIME_Absolute expire_withdraw;
+
+ /**
+ * Coins signed with the denomination key must be spent or refreshed
+ * between @e start and this expiration time. After this time, the
+ * exchange will refuse transactions involving this key as it will
+ * "drop" the table with double-spending information (shortly after)
+ * this time. Note that wallets should refresh coins significantly
+ * before this time to be on the safe side. @e expire_deposit must be
+ * significantly larger than @e expire_withdraw (by months or even
+ * years).
+ */
+ struct GNUNET_TIME_Absolute expire_deposit;
+
+ /**
+ * When do signatures with this denomination key become invalid?
+ * After this point, these signatures cannot be used in (legal)
+ * disputes anymore, as the Exchange is then allowed to destroy its side
+ * of the evidence. @e expire_legal is expected to be significantly
+ * larger than @e expire_deposit (by a year or more).
+ */
+ struct GNUNET_TIME_Absolute expire_legal;
+
+ /**
+ * The value of the coins signed with this denomination key.
+ */
+ struct TALER_Amount value;
+
+ /**
+ * The fee the exchange charges when a coin of this type is withdrawn.
+ * (can be zero).
+ */
+ struct TALER_Amount fee_withdraw;
+
+ /**
+ * The fee the exchange charges when a coin of this type is deposited.
+ * (can be zero).
+ */
+ struct TALER_Amount fee_deposit;
+
+ /**
+ * The fee the exchange charges when a coin of this type is refreshed.
+ * (can be zero).
+ */
+ struct TALER_Amount fee_refresh;
+
+ /**
+ * The fee the exchange charges when a coin of this type is refunded.
+ * (can be zero). Note that refund fees are charged to the customer;
+ * if a refund is given, the deposit fee is also refunded.
+ */
+ struct TALER_Amount fee_refund;
+
+};
+
+
+/**
* @brief Information we keep for a withdrawn coin to reproduce
* the /withdraw operation if needed, and to have proof
* that a reserve was drained by this amount.
@@ -2876,6 +2954,230 @@ struct TALER_EXCHANGEDB_Plugin
TALER_EXCHANGEDB_WireMissingCallback cb,
void *cb_cls);
+
+ /**
+ * Check the last date an auditor was modified.
+ *
+ * @param cls closure
+ * @param session a session
+ * @param auditor_pub key to look up information for
+ * @param[out] last_date last modification date to auditor status
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*lookup_auditor_timestamp)(void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ struct GNUNET_TIME_Absolute *last_date);
+
+
+ /**
+ * Lookup current state of an auditor.
+ *
+ * @param cls closure
+ * @param session a session
+ * @param auditor_pub key to look up information for
+ * @param[out] set to the base URL of the auditor's REST API
+ * @param[out] enabled set if the auditor is currently in use
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*lookup_auditor_status)(void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ char *auditor_url,
+ bool *enabled);
+
+
+ /**
+ * Insert information about an auditor that will audit this exchange.
+ *
+ * @param cls closure
+ * @param session a session
+ * @param auditor_pub key of the auditor
+ * @param auditor_url base URL of the auditor's REST service
+ * @param start_date date when the auditor was added by the offline system
+ * (only to be used for replay detection)
+ * @param master_sig signature affirming the addition of the auditor
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*insert_auditor)(void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ const char *auditor_url,
+ struct GNUNET_TIME_Absolute start_date,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+ /**
+ * Update information about an auditor that will audit this exchange.
+ *
+ * @param cls closure
+ * @param session a session
+ * @param auditor_pub key of the auditor (primary key for the existing record)
+ * @param auditor_url base URL of the auditor's REST service, to be updated
+ * @param change_date date when the auditor status was last changed
+ * (only to be used for replay detection)
+ * @param master_sig signature affirming the change in status (enable or disable)
+ * @param enabled true to enable, false to disable
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*update_auditor)(void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ const char *auditor_url,
+ struct GNUNET_TIME_Absolute change_date,
+ const struct TALER_MasterSignatureP *master_sig,
+ bool enabled);
+
+
+ /**
+ * Check the last date an exchange wire account was modified.
+ *
+ * @param cls closure
+ * @param session a session
+ * @param payto_uri key to look up information for
+ * @param[out] last_date last modification date to auditor status
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*lookup_wire_timestamp)(void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const char *payto_uri,
+ struct GNUNET_TIME_Absolute *last_date);
+
+
+ /**
+ * Insert information about an wire account used by this exchange.
+ *
+ * @param cls closure
+ * @param session a session
+ * @param payto_uri wire account of the exchange
+ * @param start_date date when the account was added by the offline system
+ * (only to be used for replay detection)
+ * @param master_sig signature affirming the addition of the account
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*insert_wire)(void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const char *payto_uri,
+ struct GNUNET_TIME_Absolute start_date,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+ /**
+ * Update information about a wire account of the exchange.
+ *
+ * @param cls closure
+ * @param session a session
+ * @param payto_uri account the update is about
+ * @param change_date date when the account status was last changed
+ * (only to be used for replay detection)
+ * @param master_sig signature affirming the change in status (enable or disable)
+ * @param enabled true to enable, false to disable (the actual change)
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*update_wire)(void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const char *payto_uri,
+ struct GNUNET_TIME_Absolute change_date,
+ const struct TALER_MasterSignatureP *master_sig,
+ bool enabled);
+
+
+ /**
+ * Store information about a revoked online signing key.
+ *
+ * @param cls closure
+ * @param session a session (can be NULL)
+ * @param exchange_pub exchange online signing key that was revoked
+ * @param master_sig signature affirming the revocation
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*insert_signkey_revocation)(
+ void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+ /**
+ * Lookup information about a future denomination key.
+ *
+ * @param cls closure
+ * @param session a session
+ * @param h_denom_pub hash of the denomination public key
+ * @param[out] meta set to various meta data about the key
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*lookup_future_denomination_key)(
+ void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const struct GNUNET_HashCode *h_denom_pub,
+ const struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta);
+
+
+ /**
+ * Lookup information about current denomination key.
+ *
+ * @param cls closure
+ * @param session a session
+ * @param h_denom_pub hash of the denomination public key
+ * @param[out] meta set to various meta data about the key
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*lookup_denomination_key)(
+ void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const struct GNUNET_HashCode *h_denom_pub,
+ const struct TALER_EXCHANGEDB_DenominationKeyMetaData *meta);
+
+
+ /**
+ * Activate future denomination key, turning it into a "current" or "valid"
+ * denomination key by adding the master signature. Deletes the
+ * denomination key from the 'future' table an inserts the data into the
+ * main denominations table. Because this function will trigger multiple SQL
+ * statements, it must be run within a transaction.
+ *
+ * @param cls closure
+ * @param session a session
+ * @param h_denom_pub hash of the denomination public key
+ * @param master_sig master signature to add
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*activate_denomination_key)(
+ void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const struct GNUNET_HashCode *h_denom_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+ /**
+ * Insert information about an auditor auditing a denomination key.
+ *
+ * @param cls closure
+ * @param session a session
+ * @param h_denom_pub the audited denomination
+ * @param auditor_pub the auditor's key
+ * @param auditor_sig signature affirming the auditor's audit activity
+ * @return transaction status code
+ */
+ enum GNUNET_DB_QueryStatus
+ (*insert_auditor_denom_sig)(void *cls,
+ struct TALER_EXCHANGEDB_Session *session,
+ const struct GNUNET_HashCode *h_denom_pub,
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ const struct
+ TALER_AuditorSignatureP *auditor_sig);
};
#endif /* _TALER_EXCHANGE_DB_H */
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index d80b267cf..c30f21d60 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- Copyright (C) 2014-2017 Taler Systems SA
+ Copyright (C) 2014-2020 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software