1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
|
/*
This file is part of TALER
Copyright (C) 2020 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU Affero General Public License as published by the Free Software
Foundation; either version 3, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with
TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
*/
/**
* @file taler-exchange-httpd_keys.h
* @brief management of our various keys
* @author Christian Grothoff
*/
#include "platform.h"
#include <pthread.h>
#include "taler_json_lib.h"
#include "taler_mhd_lib.h"
#include "taler-exchange-httpd_responses.h"
#ifndef TALER_EXCHANGE_HTTPD_KEYS_H
#define TALER_EXCHANGE_HTTPD_KEYS_H
/**
* Signatures of an auditor over a denomination key of this exchange.
*/
struct TEH_AuditorSignature;
/**
* @brief All information about a denomination key (which is used to
* sign coins into existence).
*/
struct TEH_DenominationKey
{
/**
* Decoded denomination public key (the hash of it is in
* @e issue, but we sometimes need the full public key as well).
*/
struct TALER_DenominationPublicKey denom_pub;
/**
* Hash code of the denomination public key.
*/
struct GNUNET_HashCode h_denom_pub;
/**
* Meta data about the type of the denomination, such as fees and validity
* periods.
*/
struct TALER_EXCHANGEDB_DenominationKeyMetaData meta;
/**
* The long-term offline master key's signature for this denomination.
* Signs over @e h_denom_pub and @e meta.
*/
struct TALER_MasterSignatureP master_sig;
/**
* We store the auditor signatures for this denomination in a DLL.
*/
struct TEH_AuditorSignature *as_head;
/**
* We store the auditor signatures for this denomination in a DLL.
*/
struct TEH_AuditorSignature *as_tail;
/**
* Set to 'true' if this denomination has been revoked and recoup is
* thus supported right now.
*/
bool recoup_possible;
};
/**
* Something changed in the database. Rebuild all key states. This function
* should be called if the exchange learns about a new signature from an
* auditor or our master key.
*
* (We do not do so immediately, but merely signal to all threads that they
* need to rebuild their key state upon the next call to
* #TEH_get_key_state()).
*/
void
TEH_keys_update_states (void);
/**
* Look up the issue for a denom public key. Note that the result
* must only be used in this thread and only until another key or
* key state is resolved.
*
* @param key_state state to look in
* @param h_denom_pub hash of denomination public key
* @param[out] ec set to the error code, in case the operation failed
* @param[out] hc set to the HTTP status code to use
* @return the denomination key issue,
* or NULL if @a h_denom_pub could not be found
*/
struct TEH_DenominationKey *
TEH_keys_denomination_by_hash (
const struct GNUNET_HashCode *h_denom_pub,
enum TALER_ErrorCode *ec,
unsigned int *hc);
/**
* Request to sign @a msg using the public key corresponding to
* @a h_denom_pub.
*
* @param h_denom_pub hash of the public key to use to sign
* @param msg message to sign
* @param msg_size number of bytes in @a msg
* @param[out] ec set to the error code (or #TALER_EC_NONE on success)
* @return signature, the value inside the structure will be NULL on failure,
* see @a ec for details about the failure
*/
struct TALER_DenominationSignature
TEH_keys_denomination_sign (
const struct GNUNET_HashCode *h_denom_pub,
const void *msg,
size_t msg_size,
enum TALER_ErrorCode *ec);
/**
* Revoke the public key associated with @param h_denom_pub .
* This function should be called AFTER the database was
* updated, as it also triggers #TEH_keys_update_states().
*
* Note that the actual revocation happens asynchronously and
* may thus fail silently. To verify that the revocation succeeded,
* clients must watch for the associated change to the key state.
*
* @param h_denom_pub hash of the public key to revoke
*/
void
TEH_keys_denomination_revoke (
const struct GNUNET_HashCode *h_denom_pub);
/**
* Sign the message in @a purpose with the exchange's signing key.
*
* The @a purpose data is the beginning of the data of which the signature is
* to be created. The `size` field in @a purpose must correctly indicate the
* number of bytes of the data structure, including its header. Use
* #TEH_keys_exchange_sign() instead of calling this function directly!
*
* @param purpose the message to sign
* @param[out] pub set to the current public signing key of the exchange
* @param[out] sig signature over purpose using current signing key
* @return #TALER_EC_NONE on success
*/
enum TALER_ErrorCode
TEH_keys_exchange_sign_ (const struct
GNUNET_CRYPTO_EccSignaturePurpose *purpose,
struct TALER_ExchangePublicKeyP *pub,
struct TALER_ExchangeSignatureP *sig)
/**
* @ingroup crypto
* @brief EdDSA sign a given block.
*
* The @a ps data must be a fixed-size struct for which the signature is to be
* created. The `size` field in @a ps->purpose must correctly indicate the
* number of bytes of the data structure, including its header.
*
* @param ps packed struct with what to sign, MUST begin with a purpose
* @param[out] pub where to store the public key to use for the signing
* @param[out] sig where to write the signature
* @return #TALER_EC_NONE on success
*/
#define TEH_keys_exchange_sign(ps,pub,sig) \
({ \
/* check size is set correctly */ \
GNUNET_assert (htonl ((ps)->purpose.size) == \
sizeof (*ps)); \
/* check 'ps' begins with the purpose */ \
GNUNET_static_assert (((void*) (ps)) == \
((void*) &(ps)->purpose)); \
TEH_exchange_sign_ (&(ps)->purpose, \
pub, \
sig); \
})
/**
* Revoke the given exchange's signing key.
* This function should be called AFTER the database was
* updated, as it also triggers #TEH_keys_update_states().
*
* Note that the actual revocation happens asynchronously and
* may thus fail silently. To verify that the revocation succeeded,
* clients must watch for the associated change to the key state.
*
* @param exchange_pub key to revoke
*/
void
TEH_keys_exchange_revoke (const struct TALER_ExchangePublicKeyP *exchange_pub);
/**
* Function to call to handle requests to "/keys" by sending
* back our current key material.
*
* @param rh context of the handler
* @param connection the MHD connection to handle
* @param args array of additional options (must be empty for this function)
* @return MHD result code
*/
MHD_RESULT
TEH_keys_get_handler (const struct TEH_RequestHandler *rh,
struct MHD_Connection *connection,
const char *const args[]);
/**
* Function to call to handle requests to "/management/keys" by sending
* back our future key material.
*
* @param rh context of the handler
* @param connection the MHD connection to handle
* @param args array of additional options (must be empty for this function)
* @return MHD result code
*/
MHD_RESULT
TEH_keys_management_get_handler (const struct TEH_RequestHandler *rh,
struct MHD_Connection *connection,
const char *const args[]);
#endif
|