From 752f10273860d2496fc3eb1e03de6ad4451e7c0f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96zg=C3=BCr=20Kesim?= Date: Fri, 4 Nov 2022 12:18:16 +0100 Subject: policy extensions and age restriction refactoring - refactoring of extension-plugin-mechanism - refactoring of age restriction extension - added policy extensions plugin plumbing - added DB schema and api - policy_details - policy_fulfillments --- src/util/Makefile.am | 1 + src/util/age_restriction.c | 111 +++++++++++++++++++++++++++++++++++++++++ src/util/exchange_signatures.c | 18 +++---- src/util/offline_signatures.c | 26 +++++----- src/util/wallet_signatures.c | 18 +++---- 5 files changed, 143 insertions(+), 31 deletions(-) (limited to 'src/util') diff --git a/src/util/Makefile.am b/src/util/Makefile.am index 94edac021..acafdae57 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am @@ -105,6 +105,7 @@ libtalerutil_la_SOURCES = \ libtalerutil_la_LIBADD = \ -lgnunetutil \ + -lgnunetjson \ -lsodium \ -ljansson \ $(LIBGCRYPT_LIBS) \ diff --git a/src/util/age_restriction.c b/src/util/age_restriction.c index b87c8543e..f4ac9abea 100644 --- a/src/util/age_restriction.c +++ b/src/util/age_restriction.c @@ -21,6 +21,7 @@ #include "platform.h" #include "taler_util.h" #include "taler_signatures.h" +#include #include void @@ -436,3 +437,113 @@ TALER_age_commitment_proof_free ( cp->commitment.keys = NULL; } } + + +enum GNUNET_GenericReturnValue +TALER_JSON_parse_age_groups (const json_t *root, + struct TALER_AgeMask *mask) +{ + enum GNUNET_GenericReturnValue ret; + const char *str; + struct GNUNET_JSON_Specification spec[] = { + GNUNET_JSON_spec_string ("age_groups", + &str), + GNUNET_JSON_spec_end () + }; + + ret = GNUNET_JSON_parse (root, + spec, + NULL, + NULL); + if (GNUNET_OK == ret) + TALER_parse_age_group_string (str, mask); + + GNUNET_JSON_parse_free (spec); + + return ret; +} + + +enum GNUNET_GenericReturnValue +TALER_parse_age_group_string ( + const char *groups, + struct TALER_AgeMask *mask) +{ + + const char *pos = groups; + unsigned int prev = 0; + unsigned int val = 0; + char c; + + while (*pos) + { + c = *pos++; + if (':' == c) + { + if (prev >= val) + return GNUNET_SYSERR; + + mask->bits |= 1 << val; + prev = val; + val = 0; + continue; + } + + if ('0'>c || '9'=val || 32<=val) + return GNUNET_SYSERR; + } + + if (32<=val || prev>=val) + return GNUNET_SYSERR; + + mask->bits |= (1 << val); + mask->bits |= 1; // mark zeroth group, too + + return GNUNET_OK; +} + + +char * +TALER_age_mask_to_string ( + const struct TALER_AgeMask *mask) +{ + uint32_t bits = mask->bits; + unsigned int n = 0; + char *buf = GNUNET_malloc (32 * 3); // max characters possible + char *pos = buf; + + if (NULL == buf) + { + return buf; + } + + while (bits != 0) + { + bits >>= 1; + n++; + if (0 == (bits & 1)) + { + continue; + } + + if (n > 9) + { + *(pos++) = '0' + n / 10; + } + *(pos++) = '0' + n % 10; + + if (0 != (bits >> 1)) + { + *(pos++) = ':'; + } + } + return buf; +} + + +/* end util/age_restriction.c */ diff --git a/src/util/exchange_signatures.c b/src/util/exchange_signatures.c index 3169cb84c..1762d5a50 100644 --- a/src/util/exchange_signatures.c +++ b/src/util/exchange_signatures.c @@ -48,10 +48,10 @@ struct TALER_DepositConfirmationPS struct TALER_MerchantWireHashP h_wire GNUNET_PACKED; /** - * Hash over the extension options of the deposit, 0 if there - * were not extension options. + * Hash over the optional policy extension of the deposit, 0 if there + * was no policy. */ - struct TALER_ExtensionContractHashP h_extensions GNUNET_PACKED; + struct TALER_ExtensionPolicyHashP h_policy GNUNET_PACKED; /** * Time when this confirmation was generated / when the exchange received @@ -101,7 +101,7 @@ TALER_exchange_online_deposit_confirmation_sign ( TALER_ExchangeSignCallback scb, const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_MerchantWireHashP *h_wire, - const struct TALER_ExtensionContractHashP *h_extensions, + const struct TALER_ExtensionPolicyHashP *h_policy, struct GNUNET_TIME_Timestamp exchange_timestamp, struct GNUNET_TIME_Timestamp wire_deadline, struct GNUNET_TIME_Timestamp refund_deadline, @@ -123,8 +123,8 @@ TALER_exchange_online_deposit_confirmation_sign ( .merchant_pub = *merchant_pub }; - if (NULL != h_extensions) - dcs.h_extensions = *h_extensions; + if (NULL != h_policy) + dcs.h_policy = *h_policy; TALER_amount_hton (&dcs.amount_without_fee, amount_without_fee); return scb (&dcs.purpose, @@ -137,7 +137,7 @@ enum GNUNET_GenericReturnValue TALER_exchange_online_deposit_confirmation_verify ( const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_MerchantWireHashP *h_wire, - const struct TALER_ExtensionContractHashP *h_extensions, + const struct TALER_ExtensionPolicyHashP *h_policy, struct GNUNET_TIME_Timestamp exchange_timestamp, struct GNUNET_TIME_Timestamp wire_deadline, struct GNUNET_TIME_Timestamp refund_deadline, @@ -159,8 +159,8 @@ TALER_exchange_online_deposit_confirmation_verify ( .merchant_pub = *merchant_pub }; - if (NULL != h_extensions) - dcs.h_extensions = *h_extensions; + if (NULL != h_policy) + dcs.h_policy = *h_policy; TALER_amount_hton (&dcs.amount_without_fee, amount_without_fee); if (GNUNET_OK != diff --git a/src/util/offline_signatures.c b/src/util/offline_signatures.c index b316c8ba7..d0b644e7f 100644 --- a/src/util/offline_signatures.c +++ b/src/util/offline_signatures.c @@ -926,10 +926,10 @@ TALER_exchange_offline_global_fee_verify ( GNUNET_NETWORK_STRUCT_BEGIN /** - * @brief Signature made by the exchange offline key over the - * configuration of an extension. + * @brief Signature made by the exchange offline key over the manifest of + * an extension. */ -struct TALER_MasterExtensionConfigurationPS +struct TALER_MasterExtensionManifestPS { /** * Purpose is #TALER_SIGNATURE_MASTER_EXTENSION. Signed @@ -938,24 +938,24 @@ struct TALER_MasterExtensionConfigurationPS struct GNUNET_CRYPTO_EccSignaturePurpose purpose; /** - * Hash of the JSON object that represents the configuration of an extension. + * Hash of the JSON object that represents the manifests of extensions. */ - struct TALER_ExtensionConfigHashP h_config GNUNET_PACKED; + struct TALER_ExtensionManifestsHashP h_manifest GNUNET_PACKED; }; GNUNET_NETWORK_STRUCT_END void -TALER_exchange_offline_extension_config_hash_sign ( - const struct TALER_ExtensionConfigHashP *h_config, +TALER_exchange_offline_extension_manifests_hash_sign ( + const struct TALER_ExtensionManifestsHashP *h_manifest, const struct TALER_MasterPrivateKeyP *master_priv, struct TALER_MasterSignatureP *master_sig) { - struct TALER_MasterExtensionConfigurationPS ec = { + struct TALER_MasterExtensionManifestPS ec = { .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_EXTENSION), .purpose.size = htonl (sizeof(ec)), - .h_config = *h_config + .h_manifest = *h_manifest }; GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, &ec, @@ -964,16 +964,16 @@ TALER_exchange_offline_extension_config_hash_sign ( enum GNUNET_GenericReturnValue -TALER_exchange_offline_extension_config_hash_verify ( - const struct TALER_ExtensionConfigHashP *h_config, +TALER_exchange_offline_extension_manifests_hash_verify ( + const struct TALER_ExtensionManifestsHashP *h_manifest, const struct TALER_MasterPublicKeyP *master_pub, const struct TALER_MasterSignatureP *master_sig ) { - struct TALER_MasterExtensionConfigurationPS ec = { + struct TALER_MasterExtensionManifestPS ec = { .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_EXTENSION), .purpose.size = htonl (sizeof(ec)), - .h_config = *h_config + .h_manifest = *h_manifest }; return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_EXTENSION, diff --git a/src/util/wallet_signatures.c b/src/util/wallet_signatures.c index 6c8124d03..5efcc5d64 100644 --- a/src/util/wallet_signatures.c +++ b/src/util/wallet_signatures.c @@ -49,9 +49,9 @@ struct TALER_DepositRequestPS struct TALER_AgeCommitmentHash h_age_commitment GNUNET_PACKED; /** - * Hash over extension attributes shared with the exchange. + * Hash over optional policy extension attributes shared with the exchange. */ - struct TALER_ExtensionContractHashP h_extensions GNUNET_PACKED; + struct TALER_ExtensionPolicyHashP h_policy GNUNET_PACKED; /** * Hash over the wiring information of the merchant. @@ -120,7 +120,7 @@ TALER_wallet_deposit_sign ( const struct TALER_MerchantWireHashP *h_wire, const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_AgeCommitmentHash *h_age_commitment, - const struct TALER_ExtensionContractHashP *h_extensions, + const struct TALER_ExtensionPolicyHashP *h_policy, const struct TALER_DenominationHashP *h_denom_pub, const struct GNUNET_TIME_Timestamp wallet_timestamp, const struct TALER_MerchantPublicKeyP *merchant_pub, @@ -141,8 +141,8 @@ TALER_wallet_deposit_sign ( if (NULL != h_age_commitment) dr.h_age_commitment = *h_age_commitment; - if (NULL != h_extensions) - dr.h_extensions = *h_extensions; + if (NULL != h_policy) + dr.h_policy = *h_policy; TALER_amount_hton (&dr.amount_with_fee, amount); TALER_amount_hton (&dr.deposit_fee, @@ -160,7 +160,7 @@ TALER_wallet_deposit_verify ( const struct TALER_MerchantWireHashP *h_wire, const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_AgeCommitmentHash *h_age_commitment, - const struct TALER_ExtensionContractHashP *h_extensions, + const struct TALER_ExtensionPolicyHashP *h_policy, const struct TALER_DenominationHashP *h_denom_pub, struct GNUNET_TIME_Timestamp wallet_timestamp, const struct TALER_MerchantPublicKeyP *merchant_pub, @@ -178,13 +178,13 @@ TALER_wallet_deposit_verify ( .refund_deadline = GNUNET_TIME_timestamp_hton (refund_deadline), .merchant = *merchant_pub, .h_age_commitment = {{{0}}}, - .h_extensions = {{{0}}} + .h_policy = {{{0}}} }; if (NULL != h_age_commitment) dr.h_age_commitment = *h_age_commitment; - if (NULL != h_extensions) - dr.h_extensions = *h_extensions; + if (NULL != h_policy) + dr.h_policy = *h_policy; TALER_amount_hton (&dr.amount_with_fee, amount); TALER_amount_hton (&dr.deposit_fee, -- cgit v1.2.3