exchange

Base system with REST service to issue digital coins, run by the payment service provider
Log | Files | Refs | Submodules | README | LICENSE

aml_signatures.c (6308B)

      1 /*
      2   This file is part of TALER
      3   Copyright (C) 2023 Taler Systems SA
      4 
      5   TALER is free software; you can redistribute it and/or modify it under the
      6   terms of the GNU General Public License as published by the Free Software
      7   Foundation; either version 3, or (at your option) any later version.
      8 
      9   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
     10   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
     11   A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
     12 
     13   You should have received a copy of the GNU General Public License along with
     14   TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
     15 */
     16 /**
     17  * @file aml_signatures.c
     18  * @brief Utility functions for AML officers
     19  * @author Christian Grothoff
     20  */
     21 #include "taler/taler_util.h"
     22 #include "taler/taler_signatures.h"
     23 
     24 
     25 GNUNET_NETWORK_STRUCT_BEGIN
     26 
     27 /**
     28  * @brief Format used to generate the signature on an AML decision.
     29  */
     30 struct TALER_AmlDecisionPS
     31 {
     32   /**
     33    * Purpose must be #TALER_SIGNATURE_AML_DECISION.
     34    * Used for an EdDSA signature with the `struct TALER_AmlOfficerPublicKeyP`.
     35    */
     36   struct GNUNET_CRYPTO_SignaturePurpose purpose;
     37 
     38   /**
     39    * Time when this decision was made.
     40    */
     41   struct GNUNET_TIME_TimestampNBO decision_time;
     42 
     43   /**
     44    * Time when attributes expire, if any.
     45    */
     46   struct GNUNET_TIME_TimestampNBO attributes_expiration_time;
     47 
     48   /**
     49    * Hash of the account identifier to which the decision applies.
     50    */
     51   struct TALER_NormalizedPaytoHashP h_payto GNUNET_PACKED;
     52 
     53   /**
     54    * Hash over the justification text.
     55    */
     56   struct GNUNET_HashCode h_justification GNUNET_PACKED;
     57 
     58   /**
     59    * Hash over the justification text.
     60    */
     61   struct GNUNET_HashCode h_properties GNUNET_PACKED;
     62 
     63   /**
     64    * Hash over JSON object with new KYC rules.
     65    */
     66   struct GNUNET_HashCode h_new_rules;
     67 
     68   /**
     69    * Hash over string with new check.
     70    */
     71   struct GNUNET_HashCode h_new_measure;
     72 
     73   /**
     74    * Hash over new attributes, all zeroes
     75    * if no attributes are being set.
     76    */
     77   struct GNUNET_HashCode h_attributes;
     78 
     79   /**
     80    * 0: no investigation, 1: yes investigation.
     81    */
     82   uint64_t flags;
     83 };
     84 
     85 GNUNET_NETWORK_STRUCT_END
     86 
     87 void
     88 TALER_officer_aml_decision_sign (
     89   const char *justification,
     90   struct GNUNET_TIME_Timestamp decision_time,
     91   const struct TALER_NormalizedPaytoHashP *h_payto,
     92   const json_t *new_rules,
     93   const json_t *properties,
     94   const char *new_measure,
     95   bool to_investigate,
     96   const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
     97   struct TALER_AmlOfficerSignatureP *officer_sig)
     98 {
     99   struct TALER_AmlDecisionPS ad = {
    100     .purpose.purpose = htonl (TALER_SIGNATURE_AML_DECISION),
    101     .purpose.size = htonl (sizeof (ad)),
    102     .decision_time = GNUNET_TIME_timestamp_hton (decision_time),
    103     .h_payto = *h_payto,
    104     .flags = GNUNET_htonll (to_investigate ? 1 : 0)
    105   };
    106 
    107   GNUNET_CRYPTO_hash (justification,
    108                       strlen (justification),
    109                       &ad.h_justification);
    110   if (NULL != properties)
    111     TALER_json_hash (properties,
    112                      &ad.h_properties);
    113   TALER_json_hash (new_rules,
    114                    &ad.h_new_rules);
    115   if (NULL != new_measure)
    116     GNUNET_CRYPTO_hash (new_measure,
    117                         strlen (new_measure),
    118                         &ad.h_new_measure);
    119   GNUNET_CRYPTO_eddsa_sign (&officer_priv->eddsa_priv,
    120                             &ad,
    121                             &officer_sig->eddsa_signature);
    122 }
    123 
    124 
    125 enum GNUNET_GenericReturnValue
    126 TALER_officer_aml_decision_verify (
    127   const char *justification,
    128   struct GNUNET_TIME_Timestamp decision_time,
    129   const struct TALER_NormalizedPaytoHashP *h_payto,
    130   const json_t *new_rules,
    131   const json_t *properties,
    132   const char *new_measures,
    133   bool to_investigate,
    134   const struct TALER_AmlOfficerPublicKeyP *officer_pub,
    135   const struct TALER_AmlOfficerSignatureP *officer_sig,
    136   struct GNUNET_TIME_Timestamp attributes_expiration,
    137   const json_t *attributes)
    138 {
    139   struct TALER_AmlDecisionPS ad = {
    140     .purpose.purpose = htonl (TALER_SIGNATURE_AML_DECISION),
    141     .purpose.size = htonl (sizeof (ad)),
    142     .decision_time = GNUNET_TIME_timestamp_hton (decision_time),
    143     .attributes_expiration_time = GNUNET_TIME_timestamp_hton (
    144       attributes_expiration),
    145     .h_payto = *h_payto,
    146     .flags = GNUNET_htonll (to_investigate ? 1 : 0)
    147   };
    148 
    149   GNUNET_CRYPTO_hash (justification,
    150                       strlen (justification),
    151                       &ad.h_justification);
    152   if (NULL != properties)
    153     TALER_json_hash (properties,
    154                      &ad.h_properties);
    155   TALER_json_hash (new_rules,
    156                    &ad.h_new_rules);
    157   if (NULL != new_measures)
    158     GNUNET_CRYPTO_hash (new_measures,
    159                         strlen (new_measures),
    160                         &ad.h_new_measure);
    161   if (NULL != attributes)
    162     TALER_json_hash (attributes,
    163                      &ad.h_attributes);
    164   return GNUNET_CRYPTO_eddsa_verify (
    165     TALER_SIGNATURE_AML_DECISION,
    166     &ad,
    167     &officer_sig->eddsa_signature,
    168     &officer_pub->eddsa_pub);
    169 }
    170 
    171 
    172 GNUNET_NETWORK_STRUCT_BEGIN
    173 
    174 /**
    175  * @brief Format used to generate the signature on any AML query.
    176  */
    177 struct TALER_AmlQueryPS
    178 {
    179   /**
    180    * Purpose must be #TALER_SIGNATURE_AML_QUERY.
    181    * Used for an EdDSA signature with the `struct TALER_AmlOfficerPublicKeyP`.
    182    */
    183   struct GNUNET_CRYPTO_SignaturePurpose purpose;
    184 
    185 };
    186 
    187 GNUNET_NETWORK_STRUCT_END
    188 
    189 
    190 void
    191 TALER_officer_aml_query_sign (
    192   const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
    193   struct TALER_AmlOfficerSignatureP *officer_sig)
    194 {
    195   struct TALER_AmlQueryPS aq = {
    196     .purpose.purpose = htonl (TALER_SIGNATURE_AML_QUERY),
    197     .purpose.size = htonl (sizeof (aq))
    198   };
    199 
    200   GNUNET_CRYPTO_eddsa_sign (&officer_priv->eddsa_priv,
    201                             &aq,
    202                             &officer_sig->eddsa_signature);
    203 }
    204 
    205 
    206 enum GNUNET_GenericReturnValue
    207 TALER_officer_aml_query_verify (
    208   const struct TALER_AmlOfficerPublicKeyP *officer_pub,
    209   const struct TALER_AmlOfficerSignatureP *officer_sig)
    210 {
    211   struct TALER_AmlQueryPS aq = {
    212     .purpose.purpose = htonl (TALER_SIGNATURE_AML_QUERY),
    213     .purpose.size = htonl (sizeof (aq))
    214   };
    215 
    216   return GNUNET_CRYPTO_eddsa_verify (
    217     TALER_SIGNATURE_AML_QUERY,
    218     &aq,
    219     &officer_sig->eddsa_signature,
    220     &officer_pub->eddsa_pub);
    221 }
    222 
    223 
    224 /* end of aml_signatures.c */