7 files changed, 161 insertions, 28 deletions

diff --git a/gnunet-signatures/Makefile b/gnunet-signatures/Makefile
index d3eef80..509febf 100644
--- a/gnunet-signatures/Makefile
+++ b/gnunet-signatures/Makefile
@@ -1,4 +1,4 @@
-FILES=gnunet_signatures.h
+FILES=gnunet_signatures.h gnunet_signatures.rst
 all: check $(FILES)
 check:
         recfix --check registry.rec
@@ -12,4 +12,14 @@ gnunet_signatures.h.tmp: registry.rec h.template
 gnunet_signatures.h: h.header gnunet_signatures.h.tmp h.footer
         cat h.header gnunet_signatures.h.tmp h.footer > $@
 
+gnunet_signatures.rst.tmp: registry.rec rst.template
+        ../format.sh rst.template 'Package = "GNUnet"' < registry.rec > $@
+
+rst.header.tmp:
+        cat README POLICY rst.header.template > $@
+
+gnunet_signatures.rst: rst.header.tmp gnunet_signatures.rst.tmp rst.footer
+        cat rst.header.tmp gnunet_signatures.rst.tmp rst.footer > $@
+
+
 .PHONY: check clean distclean
diff --git a/gnunet-signatures/POLICY b/gnunet-signatures/POLICY
new file mode 100644
index 0000000..4308df6
--- /dev/null
+++ b/gnunet-signatures/POLICY
@@ -0,0 +1,11 @@
+Policy
+^^^^^^
+
+Developers working on GNUnet or packages based on GNUnet should
+feel free to extend this registry. Entries may be deleted if
+no code using them is still expected to be in production anywhere.
+
+Updating the name of the package or subsystem is allowed provided
+that the code using the signature is being moved, as those fields
+are merely informational or used for code generation.
+
diff --git a/gnunet-signatures/README b/gnunet-signatures/README
index 99587b7..b68b960 100644
--- a/gnunet-signatures/README
+++ b/gnunet-signatures/README
@@ -1,3 +1,6 @@
+GNUnet Signature Purposes
+-------------------------
+
 GNUnet signature purpose registry.
 
 Every time a signature is created or verified with libgnunetutil's
@@ -5,3 +8,4 @@ signature functions, the signer must provide a "purpose" that provides
 the context for the signature.  By signing over the "purpose", it is
 not possible for an adversary to use a signature made in one context
 in another context.
+
diff --git a/gnunet-signatures/registry.rec b/gnunet-signatures/registry.rec
index d9bb568..ec3950a 100644
--- a/gnunet-signatures/registry.rec
+++ b/gnunet-signatures/registry.rec
@@ -39,10 +39,10 @@ Package: GNUnet
 Subsystem: GNUnet-TRANSPORT
 
 Number: 3
-Name: REVOCATION
-Comment: Signature for confirming a key revocation.
+Name: GNS_REVOCATION
+Comment: GNS zone key revocation
 Package: GNUnet
-Subsystem: GNUnet-Revocation
+Subsystem: GNS
 
 Number: 4
 Name: NAMESPACE_ADVERTISEMENT
@@ -94,9 +94,9 @@ Subsystem: GNUnet-NSE
 
 Number: 15
 Name: GNS_RECORD_SIGN
-Comment: Signature of a gnunet naming system record block
+Comment: GNS record set signature
 Package: GNUnet
-Subsystem: GNUnet-GNSRECORD
+Subsystem: GNS
 
 Number: 16
 Name: SET_ECC_KEY
@@ -219,12 +219,27 @@ Package: GNUnet
 Subsystem: GNUnet-TRANSPORT-TCP
 
 #-----------------------------------------------------------------------------
-# GNU Taler
+# GNU Taler, >= 1000
 
 #
 # Exchange offline signatures (with master key)
 #
 
+Number: 1017
+Name: MASTER_AML_KEY
+Comment: Initialize or update the status of an AML key for an AML officer
+Package: GNU Taler
+
+Number: 1018
+Name: MASTER_DRAIN_PROFIT
+Comment: Affirm wiring of exchange profits to operator account.
+Package: GNU Taler
+
+Number: 1019
+Name: MASTER_PARTNER_DETAILS
+Comment: Signature affirming a partner configuration for wads.
+Package: GNU Taler
+
 Number: 1020
 Name: MASTER_SIGNING_KEY_REVOKED
 Comment: The given revocation key was revoked and must no longer be used.
@@ -285,10 +300,6 @@ Name: MASTER_EXTENSION
 Comment: Set the configuration of an extension (age-restriction or peer2peer)
 Package: GNU Taler
 
-Number: 1048
-Name: MASTER_PARTNER_DETAILS
-Comment: Signature affirming a partner configuration for wads.
-Package: GNU Taler
 
 #
 # Exchange online signatures (with signing key)
@@ -374,6 +385,21 @@ Name: EXCHANGE_PURSE_STATUS
 Comment: Purpose for the state of a purse, signed by the exchange's signing key.
 Package: GNU Taler
 
+Number: 1048
+Name: EXCHANGE_RESERVE_ATTEST_DETAILS
+Comment: Signature by which the exchange attests identity attributes of a particular reserve owner.
+Package: GNU Taler
+
+Number: 1049
+Name: EXCHANGE_CONFIRM_PURSE_REFUND
+Comment: Signature by which the exchange confirms that a purse expired and a coin was refunded.
+Package: GNU Taler
+
+Number: 1050
+Name: EXCHANGE_CONFIRM_AGE_WITHDRAW
+Comment: Signature where the Exchange confirms an age-withdraw.
+Package: GNU Taler
+
 #
 # Auditor signatures
 #
@@ -412,13 +438,18 @@ Name: MERCHANT_WIRE_DETAILS
 Comment: Signature where the merchant confirms its own (salted) wire details (not yet really used).
 Package: GNU Taler
 
+Number: 1108
+Name: MERCHANT_TOKEN_ISSUE
+Comment: Signature where the merchant issues a token by blindly signing it. Signed with the token issue private key.
+Package: GNU Taler
+
 #
 # Wallet signatures
 #
 
 Number: 1200
 Name: WALLET_RESERVE_WITHDRAW
-Comment: Signature where the reserve key confirms a withdraw request.
+Comment: Signature where the reserve key confirms a withdraw request. Signed with the reserve private key.
 Package: GNU Taler
 
 Number: 1201
@@ -428,17 +459,17 @@ Package: GNU Taler
 
 Number: 1202
 Name: WALLET_COIN_MELT
-Comment: Signature using a coin key confirming the melting of a coin.
+Comment: Signature using a coin key confirming the melting of a coin. Signed with the coin's private key.
 Package: GNU Taler
 
 Number: 1203
 Name: WALLET_COIN_RECOUP
-Comment: Signature using a coin key requesting recoup.
+Comment: Signature using a coin key requesting recoup. Signed with the coin's private key.
 Package: GNU Taler
 
 Number: 1204
 Name: WALLET_COIN_LINK
-Comment: Signature using a coin key authenticating link data.
+Comment: Signature using a coin key authenticating link data. Signed with the old coin's private key.
 Package: GNU Taler
 
 Number: 1205
@@ -448,7 +479,7 @@ Package: GNU Taler
 
 Number: 1206
 Name: WALLET_COIN_RECOUP_REFRESH
-Comment: Signature using a coin key requesting recoup-refresh.
+Comment: Signature using a coin key requesting recoup-refresh. Signed with the coin private key.
 Package: GNU Taler
 
 Number: 1207
@@ -458,47 +489,77 @@ Package: GNU Taler
 
 Number: 1208
 Name: WALLET_RESERVE_HISTORY
-Comment: Request full reserve history and pay for it.
+Comment: Request full or partial reserve history. Signed with the reserve private key.
 Package: GNU Taler
 
 Number: 1209
-Name: WALLET_RESERVE_STATUS
-Comment: Request detailed account status (for free).
+Name: WALLET_COIN_HISTORY
+Comment: Request full or partial coin history. Signed with the coin private key.
 Package: GNU Taler
 
 Number: 1210
 Name: WALLET_PURSE_CREATE
-Comment: Request purse creation (without reserve).
+Comment: Request purse creation (without reserve). Signed by the purse private key.
 Package: GNU Taler
 
 Number: 1211
 Name: WALLET_PURSE_DEPOSIT
-Comment: Request coin to be deposited into a purse.
+Comment: Request coin to be deposited into a purse. Signed with the coin private key.
 Package: GNU Taler
 
 Number: 1212
 Name: WALLET_PURSE_STATUS
-Comment: Request purse status.
+Comment: Request purse status. Signed with the purse private key.
 Package: GNU Taler
 
 Number: 1213
 Name: WALLET_PURSE_MERGE
-Comment: Request purse to be merged with a reserve (by purse).
+Comment: Request purse to be merged with a reserve. Signed with the purse private key.
 Package: GNU Taler
 
 Number: 1214
 Name: WALLET_ACCOUNT_MERGE
-Comment: Request purse to be merged with a reserve (by account).
+Comment: Request purse to be merged with a reserve. Signed by the reserve private key.
 Package: GNU Taler
 
 Number: 1215
 Name: WALLET_RESERVE_CLOSE
-Comment: Request account to be closed.
+Comment: Request account to be closed. Signed with the reserve private key.
 Package: GNU Taler
 
 Number: 1216
 Name: WALLET_PURSE_ECONTRACT
-Comment: Associates encrypted contract with a purse.
+Comment: Associates encrypted contract with a purse. Signed with the purse private key.
+Package: GNU Taler
+
+Number: 1217
+Name: WALLET_RESERVE_OPEN
+Comment: Request reserve to be kept open. Signed with the reserve private key.
+Package: GNU Taler
+
+Number: 1218
+Name: WALLET_RESERVE_OPEN_DEPOSIT
+Comment: Request coin to be used to pay for reserve to be kept open. Signed with the coin private key.
+Package: GNU Taler
+
+Number: 1219
+Name: WALLET_RESERVE_ATTEST_DETAILS
+Comment: Request attestation about reserve owner. Signed by the reserve private key.
+Package: GNU Taler
+
+Number: 1220
+Name: WALLET_PURSE_DELETE
+Comment: Signature by which a wallet requests a purse to be deleted.
+Package: GNU Taler
+
+Number: 1221
+Name: WALLET_RESERVE_AGE_WITHDRAW
+Comment: Signature where the reserve key confirms an age-withdraw request. Signed with the reserve private key.
+Package: GNU Taler
+
+Number: 1222
+Name: WALLET_TOKEN_USE
+Comment: Signature where the token use key confirms the usage of a token on a pay request. Signed with the token use private key.
 Package: GNU Taler
 
 #
@@ -535,7 +596,22 @@ Comment: EdDSA test signature.
 Package: GNU Taler
 
 #
-# Anastasis signatures
+# AML officer signatures
+#
+
+Number: 1350
+Name: AML_DECISION
+Comment: Signature by which an AML officer signs an AML decision.
+Package: GNU Taler
+
+Number: 1351
+Name: AML_QUERY
+Comment: Signature by which an AML officer requests AML data.
+Package: GNU Taler
+
+
+#
+# GNU Anastasis signatures, >= 1400
 #
 
 Number: 1400
@@ -544,10 +620,25 @@ Comment: EdDSA signature for a policy upload.
 Package: GNU Taler
 
 #
-# Sync signatures
+# Sync signatures, >= 1450
 #
 
 Number: 1450
 Name: SYNC_BACKUP_UPLOAD
 Comment: EdDSA signature for a backup upload.
 Package: GNU Taler
+
+
+#
+# Donau signatures, >= 1500
+#
+
+Number: 1500
+Name: DONAU_DONATION_STATEMENT
+Comment: The signature is done by the Donau. The Donau signes over the total amount of the corresponding year, the corresponding year and the donation identifier of a specific donor. The statement confirms that the donor made this total in donations for the given year.
+Package: Donau
+
+Number: 1501
+Name: CHARITY_DONATION_CONFIRMATION
+Comment: The signature is made by a charity and shows that the charity is in agreement with the donation request which it sends to the Donau. The charity signs over all blinded identifiers and key pairs which it has received from the donor. The signature affirms that the charity wants the donation receipts to be issued on its behalf.
+Package: Donau
diff --git a/gnunet-signatures/rst.footer b/gnunet-signatures/rst.footer
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/gnunet-signatures/rst.footer
diff --git a/gnunet-signatures/rst.header.template b/gnunet-signatures/rst.header.template
new file mode 100644
index 0000000..1f2f336
--- /dev/null
+++ b/gnunet-signatures/rst.header.template
@@ -0,0 +1,12 @@
+Entries
+^^^^^^^
+
+.. list-table:: GNS Signature Purposes
+   :widths: auto
+   :header-rows: 1
+
+   * - Name
+     - Number
+     - Package
+     - Subsystem
+     - Comment
diff --git a/gnunet-signatures/rst.template b/gnunet-signatures/rst.template
new file mode 100644
index 0000000..7e4af96
--- /dev/null
+++ b/gnunet-signatures/rst.template
@@ -0,0 +1,5 @@
+   * - {{Name}}
+     - {{Number}}
+     - {{Package}}
+     - {{Subsystem}}
+     - {{Comment}}