From c5ad98da9812a05d078b6b017a545959ada96a3d Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 31 Dec 2022 15:10:35 +0100 Subject: write KYC attribute encryption logic --- src/include/taler_crypto_lib.h | 44 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) (limited to 'src/include') diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 5e7ea6059..ca80c6cca 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -603,6 +603,19 @@ struct TALER_RefreshCommitmentP }; +/** + * Symmetric key we use to encrypt KYC attributes + * in our database. + */ +struct TALER_AttributeEncryptionKeyP +{ + /** + * The key is a hash code. + */ + struct GNUNET_HashCode hash; +}; + + /** * Token used for access control to the merchant's unclaimed * orders. @@ -1791,6 +1804,37 @@ TALER_denom_pub_verify (const struct TALER_DenominationPublicKey *denom_pub, const struct TALER_CoinPubHashP *c_hash); +/** + * Encrypts KYC attributes for storage in the database. + * + * @param key encryption key to use + * @param attr set of attributes to encrypt + * @param[out] enc_attr encrypted attribute data + * @param[out] enc_attr_size number of bytes in @a enc_attr + */ +void +TALER_CRYPTO_kyc_attributes_encrypt ( + const struct TALER_AttributeEncryptionKeyP *key, + const json_t *attr, + void **enc_attr, + size_t *enc_attr_size); + + +/** + * Encrypts KYC attributes for storage in the database. + * + * @param key encryption key to use + * @param enc_attr encrypted attribute data + * @param enc_attr_size number of bytes in @a enc_attr + * @return set of decrypted attributes, NULL on failure + */ +json_t * +TALER_CRYPTO_kyc_attributes_decrypt ( + const struct TALER_AttributeEncryptionKeyP *key, + const void *enc_attr, + size_t enc_attr_size); + + /** * Check if a coin is valid; that is, whether the denomination key exists, * is not expired, and the signature is correct. -- cgit v1.2.3