From ef4238874f6628a9ee4464ad3b70a7fde96d518b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96zg=C3=BCr=20Kesim?= Date: Mon, 27 Dec 2021 23:24:48 +0100 Subject: [age restriction] progress 9/n More worke towards support for extensions and age restriction: - taler-exchange-httpd_management_extensions.c almost completed - handling of request implemented - stub "set_extensions" for database transaction added - utility functions added - TALER_exchange_offline_extension_agemask_{sign,verify} - TALER_agemask_parse_json --- src/include/taler_crypto_lib.h | 32 +++++++++++++++++++++++++++++ src/include/taler_exchange_service.h | 2 +- src/include/taler_extensions.h | 36 ++++---------------------------- src/include/taler_json_lib.h | 12 +++++++++++ src/include/taler_signatures.h | 40 ++++++++++++++++++++++++++++++++++++ 5 files changed, 89 insertions(+), 33 deletions(-) (limited to 'src/include') diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index e6c5e2a4d..4ffee54c9 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -2518,4 +2518,36 @@ TALER_merchant_wire_signature_make ( struct TALER_MerchantSignatureP *merch_sig); +/* **************** /management/extensions offline signing **************** */ + +/** + * Create a signature for age restriction groups + * + * @param mask The bitmask representing age groups + * @param master_priv private key to sign with + * @param[out] master_sig where to write the signature + */ +void +TALER_exchange_offline_extension_agemask_sign ( + const struct TALER_AgeMask mask, + const struct TALER_MasterPrivateKeyP *master_priv, + struct TALER_MasterSignatureP *master_sig); + + +/** + * Verify the signature in @a master_sig. + * + * @param mask bit mask representing an age group for age restriction + * @param master_pub master public key of the exchange + * @param master_sig signature of the exchange + * @return #GNUNET_OK if signature is valid + */ +enum GNUNET_GenericReturnValue +TALER_exchange_offline_extension_agemask_verify ( + const struct TALER_AgeMask mask, + const struct TALER_MasterPublicKeyP *master_pub, + const struct TALER_MasterSignatureP *master_sig + ); + + #endif diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index af07588e1..04b731b32 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -2680,7 +2680,7 @@ TALER_EXCHANGE_post_management_keys_cancel ( struct TALER_EXCHANGE_ManagementPostExtensionsData { struct TALER_Extension *extensions; - struct TALER_MasterSignatureP *extension_sigs; + struct TALER_MasterSignatureP *extensions_sigs; uint32_t num_extensions; }; diff --git a/src/include/taler_extensions.h b/src/include/taler_extensions.h index 8f3dd69e7..b6d5c826c 100644 --- a/src/include/taler_extensions.h +++ b/src/include/taler_extensions.h @@ -22,6 +22,7 @@ #define TALER_EXTENSIONS_H #include +#include "taler_crypto_lib.h" #define TALER_EXTENSION_SECTION_PREFIX "exchange-extension-" @@ -36,8 +37,8 @@ enum TALER_Extension_ReturnValue enum TALER_Extension_Type { - TALER_Extension_Peer2Peer = 0, - TALER_Extension_AgeRestriction = 1, + TALER_Extension_AgeRestriction = 0, + TALER_Extension_Peer2Peer = 1, TALER_Extension_Max = 2 }; @@ -47,40 +48,11 @@ struct TALER_Extension char *name; bool critical; void *config; - size_t config_size; }; -struct TALER_Peer2Peer_Config -{ - // FIXME -}; - -/** - * TEH_extensions is the global manifest with the list supported extensions, - * sorted by TALER_Extension_Type. - * - * TODO: Mutex? - * - **/ -struct TALER_Extension TEH_extensions[TALER_Extension_Max] = { - [TALER_Extension_Peer2Peer] = { - .type = TALER_Extension_Peer2Peer, - .name = "peer2peer", - .critical = false, - .config_size = sizeof(struct TALER_Peer2Peer_Config), - }, - [TALER_Extension_AgeRestriction] = { - .type = TALER_Extension_AgeRestriction, - .name = "age_restriction", - .critical = false, - .config_size = sizeof(struct TALER_AgeMask), - }, -}; - - /* * TALER Peer2Peer Extension - * FIXME + * FIXME oec */ diff --git a/src/include/taler_json_lib.h b/src/include/taler_json_lib.h index b20bd4ea4..888256385 100644 --- a/src/include/taler_json_lib.h +++ b/src/include/taler_json_lib.h @@ -542,6 +542,18 @@ TALER_deposit_extension_hash (const json_t *extensions, struct TALER_ExtensionContractHash *ech); +/** + * Parses a JSON object { "extension": "age_restriction", "mask": }. + * + * @param root is the json object + * @param[out] mask on succes, will contain the age mask + * @return GNUNET_OK on success and GNUNET_SYSERR on failure. + */ +enum GNUNET_GenericReturnValue +TALER_agemask_parse_json (const json_t *root, + struct TALER_AgeMask *mask); + + #endif /* TALER_JSON_LIB_H_ */ /* End of taler_json_lib.h */ diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index bcfa863c1..d9fa7065b 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -97,6 +97,10 @@ */ #define TALER_SIGNATURE_MASTER_WIRE_DETAILS 1030 +/** + * Set the configuration of an extension (age-restriction or peer2peer) + */ +#define TALER_SIGNATURE_MASTER_EXTENSION 1031 /*********************************************/ /* Exchange online signatures (with signing key) */ @@ -961,6 +965,42 @@ struct TALER_MasterDelWirePS }; +/* + * @brief Signature made by the exchange offline key over the + * configuration of the age restriction extension. + */ +struct TALER_MasterExtensionAgeRestrictionPS +{ + /** + * Purpose is #TALER_SIGNATURE_MASTER_EXTENSION. Signed + * by a `struct TALER_MasterPublicKeyP` using EdDSA. + */ + struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + + /** + * Bit mask representing the lits of age groups, see TALER_AgeMask for a + * description. + */ + struct TALER_AgeMask mask; +}; + +#if 0 +/* + * @brief Signature made by the exchange offline key over the + * configuration of the peer2peer extension. + */ +struct TALER_MasterExtensionPeer2PeerPS +{ + /** + * Purpose is #TALER_SIGNATURE_MASTER_EXTENSION. Signed + * by a `struct TALER_MasterPublicKeyP` using EdDSA. + */ + struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + + // TODO oec +}; +#endif + /** * @brief Information about a denomination key. Denomination keys * are used to sign coins of a certain value into existence. -- cgit v1.2.3