offline_signatures.c (48555B)
1 /* 2 This file is part of TALER 3 Copyright (C) 2020-2024 Taler Systems SA 4 5 TALER is free software; you can redistribute it and/or modify it under the 6 terms of the GNU General Public License as published by the Free Software 7 Foundation; either version 3, or (at your option) any later version. 8 9 TALER is distributed in the hope that it will be useful, but WITHOUT ANY 10 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR 11 A PARTICULAR PURPOSE. See the GNU General Public License for more details. 12 13 You should have received a copy of the GNU General Public License along with 14 TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> 15 */ 16 /** 17 * @file offline_signatures.c 18 * @brief Utility functions for Taler exchange offline signatures 19 * @author Christian Grothoff 20 */ 21 #include "taler/taler_util.h" 22 #include "taler/taler_signatures.h" 23 24 25 GNUNET_NETWORK_STRUCT_BEGIN 26 27 /** 28 * @brief Signature made by the exchange offline key over the information of 29 * an AML officer status change. 30 */ 31 struct TALER_MasterAmlOfficerStatusPS 32 { 33 34 /** 35 * Purpose is #TALER_SIGNATURE_MASTER_AML_KEY. Signed 36 * by a `struct TALER_MasterPublicKeyP` using EdDSA. 37 */ 38 struct GNUNET_CRYPTO_SignaturePurpose purpose; 39 40 /** 41 * Time of the change. 42 */ 43 struct GNUNET_TIME_TimestampNBO change_date; 44 45 /** 46 * Public key of the AML officer. 47 */ 48 struct TALER_AmlOfficerPublicKeyP officer_pub; 49 50 /** 51 * Hash over the AML officer's name. 52 */ 53 struct GNUNET_HashCode h_officer_name GNUNET_PACKED; 54 55 /** 56 * Bitmask: 1 if enabled; 2 for read-only access. in NBO. 57 */ 58 uint32_t is_active GNUNET_PACKED; 59 }; 60 GNUNET_NETWORK_STRUCT_END 61 62 63 void 64 TALER_exchange_offline_aml_officer_status_sign ( 65 const struct TALER_AmlOfficerPublicKeyP *officer_pub, 66 const char *officer_name, 67 struct GNUNET_TIME_Timestamp change_date, 68 bool is_active, 69 bool read_only, 70 const struct TALER_MasterPrivateKeyP *master_priv, 71 struct TALER_MasterSignatureP *master_sig) 72 { 73 struct TALER_MasterAmlOfficerStatusPS as = { 74 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_AML_KEY), 75 .purpose.size = htonl (sizeof (as)), 76 .change_date = GNUNET_TIME_timestamp_hton (change_date), 77 .officer_pub = *officer_pub, 78 .is_active = htonl ((is_active ? 1 : 0) + (read_only ? 2 : 0)) 79 }; 80 81 GNUNET_CRYPTO_hash (officer_name, 82 strlen (officer_name) + 1, 83 &as.h_officer_name); 84 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 85 &as, 86 &master_sig->eddsa_signature); 87 } 88 89 90 enum GNUNET_GenericReturnValue 91 TALER_exchange_offline_aml_officer_status_verify ( 92 const struct TALER_AmlOfficerPublicKeyP *officer_pub, 93 const char *officer_name, 94 struct GNUNET_TIME_Timestamp change_date, 95 bool is_active, 96 bool read_only, 97 const struct TALER_MasterPublicKeyP *master_pub, 98 const struct TALER_MasterSignatureP *master_sig) 99 { 100 struct TALER_MasterAmlOfficerStatusPS as = { 101 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_AML_KEY), 102 .purpose.size = htonl (sizeof (as)), 103 .change_date = GNUNET_TIME_timestamp_hton (change_date), 104 .officer_pub = *officer_pub, 105 .is_active = htonl ((is_active ? 1 : 0) + (read_only ? 2 : 0)) 106 }; 107 108 GNUNET_CRYPTO_hash (officer_name, 109 strlen (officer_name) + 1, 110 &as.h_officer_name); 111 return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_AML_KEY, 112 &as, 113 &master_sig->eddsa_signature, 114 &master_pub->eddsa_pub); 115 } 116 117 118 GNUNET_NETWORK_STRUCT_BEGIN 119 120 /** 121 * @brief Signature made by the exchange offline key over the information of 122 * an auditor to be added to the exchange's set of auditors. 123 */ 124 struct TALER_MasterAddAuditorPS 125 { 126 127 /** 128 * Purpose is #TALER_SIGNATURE_MASTER_ADD_AUDITOR. Signed 129 * by a `struct TALER_MasterPublicKeyP` using EdDSA. 130 */ 131 struct GNUNET_CRYPTO_SignaturePurpose purpose; 132 133 /** 134 * Time of the change. 135 */ 136 struct GNUNET_TIME_TimestampNBO start_date; 137 138 /** 139 * Public key of the auditor. 140 */ 141 struct TALER_AuditorPublicKeyP auditor_pub; 142 143 /** 144 * Hash over the auditor's URL. 145 */ 146 struct GNUNET_HashCode h_auditor_url GNUNET_PACKED; 147 }; 148 GNUNET_NETWORK_STRUCT_END 149 150 151 void 152 TALER_exchange_offline_auditor_add_sign ( 153 const struct TALER_AuditorPublicKeyP *auditor_pub, 154 const char *auditor_url, 155 struct GNUNET_TIME_Timestamp start_date, 156 const struct TALER_MasterPrivateKeyP *master_priv, 157 struct TALER_MasterSignatureP *master_sig) 158 { 159 struct TALER_MasterAddAuditorPS kv = { 160 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_ADD_AUDITOR), 161 .purpose.size = htonl (sizeof (kv)), 162 .start_date = GNUNET_TIME_timestamp_hton (start_date), 163 .auditor_pub = *auditor_pub, 164 }; 165 166 GNUNET_CRYPTO_hash (auditor_url, 167 strlen (auditor_url) + 1, 168 &kv.h_auditor_url); 169 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 170 &kv, 171 &master_sig->eddsa_signature); 172 } 173 174 175 enum GNUNET_GenericReturnValue 176 TALER_exchange_offline_auditor_add_verify ( 177 const struct TALER_AuditorPublicKeyP *auditor_pub, 178 const char *auditor_url, 179 struct GNUNET_TIME_Timestamp start_date, 180 const struct TALER_MasterPublicKeyP *master_pub, 181 const struct TALER_MasterSignatureP *master_sig) 182 { 183 struct TALER_MasterAddAuditorPS aa = { 184 .purpose.purpose = htonl ( 185 TALER_SIGNATURE_MASTER_ADD_AUDITOR), 186 .purpose.size = htonl (sizeof (aa)), 187 .start_date = GNUNET_TIME_timestamp_hton (start_date), 188 .auditor_pub = *auditor_pub 189 }; 190 191 GNUNET_CRYPTO_hash (auditor_url, 192 strlen (auditor_url) + 1, 193 &aa.h_auditor_url); 194 return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_ADD_AUDITOR, 195 &aa, 196 &master_sig->eddsa_signature, 197 &master_pub->eddsa_pub); 198 } 199 200 201 GNUNET_NETWORK_STRUCT_BEGIN 202 203 /** 204 * @brief Signature made by the exchange offline key over the information of 205 * an auditor to be removed from the exchange's set of auditors. 206 */ 207 struct TALER_MasterDelAuditorPS 208 { 209 210 /** 211 * Purpose is #TALER_SIGNATURE_MASTER_DEL_AUDITOR. Signed 212 * by a `struct TALER_MasterPublicKeyP` using EdDSA. 213 */ 214 struct GNUNET_CRYPTO_SignaturePurpose purpose; 215 216 /** 217 * Time of the change. 218 */ 219 struct GNUNET_TIME_TimestampNBO end_date; 220 221 /** 222 * Public key of the auditor. 223 */ 224 struct TALER_AuditorPublicKeyP auditor_pub; 225 226 }; 227 GNUNET_NETWORK_STRUCT_END 228 229 230 void 231 TALER_exchange_offline_auditor_del_sign ( 232 const struct TALER_AuditorPublicKeyP *auditor_pub, 233 struct GNUNET_TIME_Timestamp end_date, 234 const struct TALER_MasterPrivateKeyP *master_priv, 235 struct TALER_MasterSignatureP *master_sig) 236 { 237 struct TALER_MasterDelAuditorPS kv = { 238 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DEL_AUDITOR), 239 .purpose.size = htonl (sizeof (kv)), 240 .end_date = GNUNET_TIME_timestamp_hton (end_date), 241 .auditor_pub = *auditor_pub, 242 }; 243 244 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 245 &kv, 246 &master_sig->eddsa_signature); 247 } 248 249 250 enum GNUNET_GenericReturnValue 251 TALER_exchange_offline_auditor_del_verify ( 252 const struct TALER_AuditorPublicKeyP *auditor_pub, 253 struct GNUNET_TIME_Timestamp end_date, 254 const struct TALER_MasterPublicKeyP *master_pub, 255 const struct TALER_MasterSignatureP *master_sig) 256 { 257 struct TALER_MasterDelAuditorPS da = { 258 .purpose.purpose = htonl ( 259 TALER_SIGNATURE_MASTER_DEL_AUDITOR), 260 .purpose.size = htonl (sizeof (da)), 261 .end_date = GNUNET_TIME_timestamp_hton (end_date), 262 .auditor_pub = *auditor_pub 263 }; 264 265 return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DEL_AUDITOR, 266 &da, 267 &master_sig->eddsa_signature, 268 &master_pub->eddsa_pub); 269 } 270 271 272 GNUNET_NETWORK_STRUCT_BEGIN 273 274 /** 275 * @brief Message confirming that a denomination key was revoked. 276 */ 277 struct TALER_MasterDenominationKeyRevocationPS 278 { 279 /** 280 * Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED. 281 */ 282 struct GNUNET_CRYPTO_SignaturePurpose purpose; 283 284 /** 285 * Hash of the denomination key. 286 */ 287 struct TALER_DenominationHashP h_denom_pub; 288 289 }; 290 291 GNUNET_NETWORK_STRUCT_END 292 293 294 void 295 TALER_exchange_offline_denomination_revoke_sign ( 296 const struct TALER_DenominationHashP *h_denom_pub, 297 const struct TALER_MasterPrivateKeyP *master_priv, 298 struct TALER_MasterSignatureP *master_sig) 299 { 300 struct TALER_MasterDenominationKeyRevocationPS rm = { 301 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED), 302 .purpose.size = htonl (sizeof (rm)), 303 .h_denom_pub = *h_denom_pub 304 }; 305 306 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 307 &rm, 308 &master_sig->eddsa_signature); 309 } 310 311 312 enum GNUNET_GenericReturnValue 313 TALER_exchange_offline_denomination_revoke_verify ( 314 const struct TALER_DenominationHashP *h_denom_pub, 315 const struct TALER_MasterPublicKeyP *master_pub, 316 const struct TALER_MasterSignatureP *master_sig) 317 { 318 struct TALER_MasterDenominationKeyRevocationPS kr = { 319 .purpose.purpose = htonl ( 320 TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED), 321 .purpose.size = htonl (sizeof (kr)), 322 .h_denom_pub = *h_denom_pub 323 }; 324 325 return GNUNET_CRYPTO_eddsa_verify ( 326 TALER_SIGNATURE_MASTER_DENOMINATION_KEY_REVOKED, 327 &kr, 328 &master_sig->eddsa_signature, 329 &master_pub->eddsa_pub); 330 } 331 332 333 GNUNET_NETWORK_STRUCT_BEGIN 334 335 /** 336 * @brief Message confirming that an exchange online signing key was revoked. 337 */ 338 struct TALER_MasterSigningKeyRevocationPS 339 { 340 /** 341 * Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED. 342 */ 343 struct GNUNET_CRYPTO_SignaturePurpose purpose; 344 345 /** 346 * The exchange's public key. 347 */ 348 struct TALER_ExchangePublicKeyP exchange_pub; 349 350 }; 351 352 GNUNET_NETWORK_STRUCT_END 353 354 355 void 356 TALER_exchange_offline_signkey_revoke_sign ( 357 const struct TALER_ExchangePublicKeyP *exchange_pub, 358 const struct TALER_MasterPrivateKeyP *master_priv, 359 struct TALER_MasterSignatureP *master_sig) 360 { 361 struct TALER_MasterSigningKeyRevocationPS kv = { 362 .purpose.purpose = htonl ( 363 TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED), 364 .purpose.size = htonl (sizeof (kv)), 365 .exchange_pub = *exchange_pub 366 }; 367 368 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 369 &kv, 370 &master_sig->eddsa_signature); 371 } 372 373 374 enum GNUNET_GenericReturnValue 375 TALER_exchange_offline_signkey_revoke_verify ( 376 const struct TALER_ExchangePublicKeyP *exchange_pub, 377 const struct TALER_MasterPublicKeyP *master_pub, 378 const struct TALER_MasterSignatureP *master_sig) 379 { 380 struct TALER_MasterSigningKeyRevocationPS rm = { 381 .purpose.purpose = htonl ( 382 TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED), 383 .purpose.size = htonl (sizeof (rm)), 384 .exchange_pub = *exchange_pub 385 }; 386 387 return GNUNET_CRYPTO_eddsa_verify ( 388 TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED, 389 &rm, 390 &master_sig->eddsa_signature, 391 &master_pub->eddsa_pub); 392 } 393 394 395 GNUNET_NETWORK_STRUCT_BEGIN 396 397 /** 398 * @brief Information about a signing key of the exchange. Signing keys are used 399 * to sign exchange messages other than coins, i.e. to confirm that a 400 * deposit was successful or that a refresh was accepted. 401 */ 402 struct TALER_ExchangeSigningKeyValidityPS 403 { 404 405 /** 406 * Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY. 407 */ 408 struct GNUNET_CRYPTO_SignaturePurpose purpose; 409 410 /** 411 * When does this signing key begin to be valid? 412 */ 413 struct GNUNET_TIME_TimestampNBO start; 414 415 /** 416 * When does this signing key expire? Note: This is currently when 417 * the Exchange will definitively stop using it. Signatures made with 418 * the key remain valid until @e end. When checking validity periods, 419 * clients should allow for some overlap between keys and tolerate 420 * the use of either key during the overlap time (due to the 421 * possibility of clock skew). 422 */ 423 struct GNUNET_TIME_TimestampNBO expire; 424 425 /** 426 * When do signatures with this signing key become invalid? After 427 * this point, these signatures cannot be used in (legal) disputes 428 * anymore, as the Exchange is then allowed to destroy its side of the 429 * evidence. @e end is expected to be significantly larger than @e 430 * expire (by a year or more). 431 */ 432 struct GNUNET_TIME_TimestampNBO end; 433 434 /** 435 * The public online signing key that the exchange will use 436 * between @e start and @e expire. 437 */ 438 struct TALER_ExchangePublicKeyP signkey_pub; 439 }; 440 441 GNUNET_NETWORK_STRUCT_END 442 443 444 void 445 TALER_exchange_offline_signkey_validity_sign ( 446 const struct TALER_ExchangePublicKeyP *exchange_pub, 447 struct GNUNET_TIME_Timestamp start_sign, 448 struct GNUNET_TIME_Timestamp end_sign, 449 struct GNUNET_TIME_Timestamp end_legal, 450 const struct TALER_MasterPrivateKeyP *master_priv, 451 struct TALER_MasterSignatureP *master_sig) 452 { 453 struct TALER_ExchangeSigningKeyValidityPS skv = { 454 .purpose.purpose = htonl ( 455 TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY), 456 .purpose.size = htonl (sizeof (skv)), 457 .start = GNUNET_TIME_timestamp_hton (start_sign), 458 .expire = GNUNET_TIME_timestamp_hton (end_sign), 459 .end = GNUNET_TIME_timestamp_hton (end_legal), 460 .signkey_pub = *exchange_pub 461 }; 462 463 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 464 &skv, 465 &master_sig->eddsa_signature); 466 } 467 468 469 enum GNUNET_GenericReturnValue 470 TALER_exchange_offline_signkey_validity_verify ( 471 const struct TALER_ExchangePublicKeyP *exchange_pub, 472 struct GNUNET_TIME_Timestamp start_sign, 473 struct GNUNET_TIME_Timestamp end_sign, 474 struct GNUNET_TIME_Timestamp end_legal, 475 const struct TALER_MasterPublicKeyP *master_pub, 476 const struct TALER_MasterSignatureP *master_sig) 477 { 478 struct TALER_ExchangeSigningKeyValidityPS skv = { 479 .purpose.purpose = htonl ( 480 TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY), 481 .purpose.size = htonl (sizeof (skv)), 482 .start = GNUNET_TIME_timestamp_hton (start_sign), 483 .expire = GNUNET_TIME_timestamp_hton (end_sign), 484 .end = GNUNET_TIME_timestamp_hton (end_legal), 485 .signkey_pub = *exchange_pub 486 }; 487 488 return 489 GNUNET_CRYPTO_eddsa_verify ( 490 TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY, 491 &skv, 492 &master_sig->eddsa_signature, 493 &master_pub->eddsa_pub); 494 } 495 496 497 GNUNET_NETWORK_STRUCT_BEGIN 498 499 /** 500 * @brief Information about a denomination key. Denomination keys 501 * are used to sign coins of a certain value into existence. 502 */ 503 struct TALER_DenominationKeyValidityPS 504 { 505 506 /** 507 * Purpose is #TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY. 508 */ 509 struct GNUNET_CRYPTO_SignaturePurpose purpose; 510 511 /** 512 * The long-term offline master key of the exchange that was 513 * used to create @e signature. 514 * 515 * Note: This member is not strictly required, but here for 516 * backwards-compatibility. If we ever again badly break 517 * compatibility, we might want to remove it. 518 */ 519 struct TALER_MasterPublicKeyP master; 520 521 /** 522 * Start time of the validity period for this key. 523 */ 524 struct GNUNET_TIME_TimestampNBO start; 525 526 /** 527 * The exchange will sign fresh coins between @e start and this time. 528 * @e expire_withdraw will be somewhat larger than @e start to 529 * ensure a sufficiently large anonymity set, while also allowing 530 * the Exchange to limit the financial damage in case of a key being 531 * compromised. Thus, exchanges with low volume are expected to have a 532 * longer withdraw period (@e expire_withdraw - @e start) than exchanges 533 * with high transaction volume. The period may also differ between 534 * types of coins. A exchange may also have a few denomination keys 535 * with the same value with overlapping validity periods, to address 536 * issues such as clock skew. 537 */ 538 struct GNUNET_TIME_TimestampNBO expire_withdraw; 539 540 /** 541 * Coins signed with the denomination key must be spent or refreshed 542 * between @e start and this expiration time. After this time, the 543 * exchange will refuse transactions involving this key as it will 544 * "drop" the table with double-spending information (shortly after) 545 * this time. Note that wallets should refresh coins significantly 546 * before this time to be on the safe side. @e expire_deposit must be 547 * significantly larger than @e expire_withdraw (by months or even 548 * years). 549 */ 550 struct GNUNET_TIME_TimestampNBO expire_deposit; 551 552 /** 553 * When do signatures with this denomination key become invalid? 554 * After this point, these signatures cannot be used in (legal) 555 * disputes anymore, as the Exchange is then allowed to destroy its side 556 * of the evidence. @e expire_legal is expected to be significantly 557 * larger than @e expire_deposit (by a year or more). 558 */ 559 struct GNUNET_TIME_TimestampNBO expire_legal; 560 561 /** 562 * The value of the coins signed with this denomination key. 563 */ 564 struct TALER_AmountNBO value; 565 566 /** 567 * Fees for the coin. 568 */ 569 struct TALER_DenomFeeSetNBOP fees; 570 571 /** 572 * Hash code of the denomination public key. (Used to avoid having 573 * the variable-size RSA key in this struct.) 574 */ 575 struct TALER_DenominationHashP denom_hash GNUNET_PACKED; 576 577 }; 578 579 GNUNET_NETWORK_STRUCT_END 580 581 582 void 583 TALER_exchange_offline_denom_validity_sign ( 584 const struct TALER_DenominationHashP *h_denom_pub, 585 struct GNUNET_TIME_Timestamp stamp_start, 586 struct GNUNET_TIME_Timestamp stamp_expire_withdraw, 587 struct GNUNET_TIME_Timestamp stamp_expire_deposit, 588 struct GNUNET_TIME_Timestamp stamp_expire_legal, 589 const struct TALER_Amount *coin_value, 590 const struct TALER_DenomFeeSet *fees, 591 const struct TALER_MasterPrivateKeyP *master_priv, 592 struct TALER_MasterSignatureP *master_sig) 593 { 594 struct TALER_DenominationKeyValidityPS issue = { 595 .purpose.purpose 596 = htonl (TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY), 597 .purpose.size 598 = htonl (sizeof (issue)), 599 .start = GNUNET_TIME_timestamp_hton (stamp_start), 600 .expire_withdraw = GNUNET_TIME_timestamp_hton (stamp_expire_withdraw), 601 .expire_deposit = GNUNET_TIME_timestamp_hton (stamp_expire_deposit), 602 .expire_legal = GNUNET_TIME_timestamp_hton (stamp_expire_legal), 603 .denom_hash = *h_denom_pub 604 }; 605 606 GNUNET_CRYPTO_eddsa_key_get_public (&master_priv->eddsa_priv, 607 &issue.master.eddsa_pub); 608 TALER_amount_hton (&issue.value, 609 coin_value); 610 TALER_denom_fee_set_hton (&issue.fees, 611 fees); 612 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 613 &issue, 614 &master_sig->eddsa_signature); 615 } 616 617 618 enum GNUNET_GenericReturnValue 619 TALER_exchange_offline_denom_validity_verify ( 620 const struct TALER_DenominationHashP *h_denom_pub, 621 struct GNUNET_TIME_Timestamp stamp_start, 622 struct GNUNET_TIME_Timestamp stamp_expire_withdraw, 623 struct GNUNET_TIME_Timestamp stamp_expire_deposit, 624 struct GNUNET_TIME_Timestamp stamp_expire_legal, 625 const struct TALER_Amount *coin_value, 626 const struct TALER_DenomFeeSet *fees, 627 const struct TALER_MasterPublicKeyP *master_pub, 628 const struct TALER_MasterSignatureP *master_sig) 629 { 630 struct TALER_DenominationKeyValidityPS dkv = { 631 .purpose.purpose = htonl ( 632 TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY), 633 .purpose.size = htonl (sizeof (dkv)), 634 .master = *master_pub, 635 .start = GNUNET_TIME_timestamp_hton (stamp_start), 636 .expire_withdraw = GNUNET_TIME_timestamp_hton (stamp_expire_withdraw), 637 .expire_deposit = GNUNET_TIME_timestamp_hton (stamp_expire_deposit), 638 .expire_legal = GNUNET_TIME_timestamp_hton (stamp_expire_legal), 639 .denom_hash = *h_denom_pub 640 }; 641 642 TALER_amount_hton (&dkv.value, 643 coin_value); 644 TALER_denom_fee_set_hton (&dkv.fees, 645 fees); 646 return 647 GNUNET_CRYPTO_eddsa_verify ( 648 TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY, 649 &dkv, 650 &master_sig->eddsa_signature, 651 &master_pub->eddsa_pub); 652 } 653 654 655 GNUNET_NETWORK_STRUCT_BEGIN 656 657 /** 658 * @brief Signature made by the exchange offline key over the information of 659 * a payto:// URI to be added to the exchange's set of active wire accounts. 660 */ 661 struct TALER_MasterAddWirePS 662 { 663 664 /** 665 * Purpose is #TALER_SIGNATURE_MASTER_ADD_WIRE. Signed 666 * by a `struct TALER_MasterPublicKeyP` using EdDSA. 667 */ 668 struct GNUNET_CRYPTO_SignaturePurpose purpose; 669 670 /** 671 * Time of the change. 672 */ 673 struct GNUNET_TIME_TimestampNBO start_date; 674 675 /** 676 * Hash over the exchange's payto URI. 677 */ 678 struct TALER_FullPaytoHashP h_payto GNUNET_PACKED; 679 680 /** 681 * Hash over the conversion URL, all zeros if there 682 * is no conversion URL. 683 */ 684 struct GNUNET_HashCode h_conversion_url; 685 686 /** 687 * Hash over the open banking gateway URL, all zeros if there 688 * is no open banking gateway URL. 689 */ 690 struct GNUNET_HashCode h_open_banking_gateway; 691 692 /** 693 * Hash over the wire transfer gateway URL, all zeros if there 694 * is no wire transfer gateway URL. 695 */ 696 struct GNUNET_HashCode h_wire_transfer_gateway; 697 698 /** 699 * Hash over the debit restrictions. 700 */ 701 struct GNUNET_HashCode h_debit_restrictions; 702 703 /** 704 * Hash over the credit restrictions. 705 */ 706 struct GNUNET_HashCode h_credit_restrictions; 707 708 }; 709 710 711 /** 712 * @brief Signature made by the exchange offline key over the information of 713 * a payto:// URI to be added to the exchange's set of active wire accounts. 714 * 715 * Legacy pre-v33 protocol version. 716 */ 717 struct TALER_MasterAddWire32PS 718 { 719 720 /** 721 * Purpose is #TALER_SIGNATURE_MASTER_ADD_WIRE. Signed 722 * by a `struct TALER_MasterPublicKeyP` using EdDSA. 723 */ 724 struct GNUNET_CRYPTO_SignaturePurpose purpose; 725 726 /** 727 * Time of the change. 728 */ 729 struct GNUNET_TIME_TimestampNBO start_date; 730 731 /** 732 * Hash over the exchange's payto URI. 733 */ 734 struct TALER_FullPaytoHashP h_payto GNUNET_PACKED; 735 736 /** 737 * Hash over the conversion URL, all zeros if there 738 * is no conversion URL. 739 */ 740 struct GNUNET_HashCode h_conversion_url; 741 742 /** 743 * Hash over the debit restrictions. 744 */ 745 struct GNUNET_HashCode h_debit_restrictions; 746 747 /** 748 * Hash over the credit restrictions. 749 */ 750 struct GNUNET_HashCode h_credit_restrictions; 751 752 }; 753 754 GNUNET_NETWORK_STRUCT_END 755 756 757 void 758 TALER_exchange_offline_wire_add_sign ( 759 const struct TALER_FullPayto payto_uri, 760 const char *conversion_url, 761 const char *open_banking_gateway, 762 const char *wire_transfer_gateway, 763 const json_t *debit_restrictions, 764 const json_t *credit_restrictions, 765 struct GNUNET_TIME_Timestamp now, 766 const struct TALER_MasterPrivateKeyP *master_priv, 767 struct TALER_MasterSignatureP *master_sig) 768 { 769 struct TALER_MasterAddWirePS kv = { 770 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_ADD_WIRE), 771 .purpose.size = htonl (sizeof (kv)), 772 .start_date = GNUNET_TIME_timestamp_hton (now), 773 }; 774 775 TALER_full_payto_hash (payto_uri, 776 &kv.h_payto); 777 if (NULL != conversion_url) 778 GNUNET_CRYPTO_hash (conversion_url, 779 strlen (conversion_url) + 1, 780 &kv.h_conversion_url); 781 if (NULL != open_banking_gateway) 782 GNUNET_CRYPTO_hash (open_banking_gateway, 783 strlen (open_banking_gateway) + 1, 784 &kv.h_open_banking_gateway); 785 if (NULL != wire_transfer_gateway) 786 GNUNET_CRYPTO_hash (wire_transfer_gateway, 787 strlen (wire_transfer_gateway) + 1, 788 &kv.h_wire_transfer_gateway); 789 TALER_json_hash (debit_restrictions, 790 &kv.h_debit_restrictions); 791 TALER_json_hash (credit_restrictions, 792 &kv.h_credit_restrictions); 793 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 794 &kv, 795 &master_sig->eddsa_signature); 796 } 797 798 799 enum GNUNET_GenericReturnValue 800 TALER_exchange_offline_wire_add_verify ( 801 const struct TALER_FullPayto payto_uri, 802 const char *conversion_url, 803 const char *open_banking_gateway, 804 const char *wire_transfer_gateway, 805 const json_t *debit_restrictions, 806 const json_t *credit_restrictions, 807 struct GNUNET_TIME_Timestamp sign_time, 808 const struct TALER_MasterPublicKeyP *master_pub, 809 const struct TALER_MasterSignatureP *master_sig) 810 { 811 struct TALER_MasterAddWirePS aw = { 812 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_ADD_WIRE), 813 .purpose.size = htonl (sizeof (aw)), 814 .start_date = GNUNET_TIME_timestamp_hton (sign_time), 815 }; 816 817 TALER_full_payto_hash (payto_uri, 818 &aw.h_payto); 819 if (NULL != conversion_url) 820 GNUNET_CRYPTO_hash (conversion_url, 821 strlen (conversion_url) + 1, 822 &aw.h_conversion_url); 823 if (NULL != open_banking_gateway) 824 GNUNET_CRYPTO_hash (open_banking_gateway, 825 strlen (open_banking_gateway) + 1, 826 &aw.h_open_banking_gateway); 827 if (NULL != wire_transfer_gateway) 828 GNUNET_CRYPTO_hash (wire_transfer_gateway, 829 strlen (wire_transfer_gateway) + 1, 830 &aw.h_wire_transfer_gateway); 831 TALER_json_hash (debit_restrictions, 832 &aw.h_debit_restrictions); 833 TALER_json_hash (credit_restrictions, 834 &aw.h_credit_restrictions); 835 return 836 GNUNET_CRYPTO_eddsa_verify ( 837 TALER_SIGNATURE_MASTER_ADD_WIRE, 838 &aw, 839 &master_sig->eddsa_signature, 840 &master_pub->eddsa_pub); 841 } 842 843 844 enum GNUNET_GenericReturnValue 845 TALER_exchange_offline_wire_add_verify_32 ( 846 const struct TALER_FullPayto payto_uri, 847 const char *conversion_url, 848 const json_t *debit_restrictions, 849 const json_t *credit_restrictions, 850 struct GNUNET_TIME_Timestamp sign_time, 851 const struct TALER_MasterPublicKeyP *master_pub, 852 const struct TALER_MasterSignatureP *master_sig) 853 { 854 struct TALER_MasterAddWire32PS aw = { 855 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_ADD_WIRE), 856 .purpose.size = htonl (sizeof (aw)), 857 .start_date = GNUNET_TIME_timestamp_hton (sign_time), 858 }; 859 860 TALER_full_payto_hash (payto_uri, 861 &aw.h_payto); 862 if (NULL != conversion_url) 863 GNUNET_CRYPTO_hash (conversion_url, 864 strlen (conversion_url) + 1, 865 &aw.h_conversion_url); 866 TALER_json_hash (debit_restrictions, 867 &aw.h_debit_restrictions); 868 TALER_json_hash (credit_restrictions, 869 &aw.h_credit_restrictions); 870 return 871 GNUNET_CRYPTO_eddsa_verify ( 872 TALER_SIGNATURE_MASTER_ADD_WIRE, 873 &aw, 874 &master_sig->eddsa_signature, 875 &master_pub->eddsa_pub); 876 } 877 878 879 GNUNET_NETWORK_STRUCT_BEGIN 880 881 /** 882 * @brief Signature made by the exchange offline key over the information of 883 * a wire method to be removed to the exchange's set of active accounts. 884 */ 885 struct TALER_MasterDelWirePS 886 { 887 888 /** 889 * Purpose is #TALER_SIGNATURE_MASTER_DEL_WIRE. Signed 890 * by a `struct TALER_MasterPublicKeyP` using EdDSA. 891 */ 892 struct GNUNET_CRYPTO_SignaturePurpose purpose; 893 894 /** 895 * Time of the change. 896 */ 897 struct GNUNET_TIME_TimestampNBO end_date; 898 899 /** 900 * Hash over the exchange's payto URI. 901 */ 902 struct TALER_FullPaytoHashP h_payto GNUNET_PACKED; 903 904 }; 905 906 GNUNET_NETWORK_STRUCT_END 907 908 909 void 910 TALER_exchange_offline_wire_del_sign ( 911 const struct TALER_FullPayto payto_uri, 912 struct GNUNET_TIME_Timestamp now, 913 const struct TALER_MasterPrivateKeyP *master_priv, 914 struct TALER_MasterSignatureP *master_sig) 915 { 916 struct TALER_MasterDelWirePS kv = { 917 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DEL_WIRE), 918 .purpose.size = htonl (sizeof (kv)), 919 .end_date = GNUNET_TIME_timestamp_hton (now), 920 }; 921 922 TALER_full_payto_hash (payto_uri, 923 &kv.h_payto); 924 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 925 &kv, 926 &master_sig->eddsa_signature); 927 } 928 929 930 enum GNUNET_GenericReturnValue 931 TALER_exchange_offline_wire_del_verify ( 932 const struct TALER_FullPayto payto_uri, 933 struct GNUNET_TIME_Timestamp sign_time, 934 const struct TALER_MasterPublicKeyP *master_pub, 935 const struct TALER_MasterSignatureP *master_sig) 936 { 937 struct TALER_MasterDelWirePS aw = { 938 .purpose.purpose = htonl ( 939 TALER_SIGNATURE_MASTER_DEL_WIRE), 940 .purpose.size = htonl (sizeof (aw)), 941 .end_date = GNUNET_TIME_timestamp_hton (sign_time), 942 }; 943 944 TALER_full_payto_hash (payto_uri, 945 &aw.h_payto); 946 return GNUNET_CRYPTO_eddsa_verify ( 947 TALER_SIGNATURE_MASTER_DEL_WIRE, 948 &aw, 949 &master_sig->eddsa_signature, 950 &master_pub->eddsa_pub); 951 } 952 953 954 GNUNET_NETWORK_STRUCT_BEGIN 955 956 /** 957 * @brief Information signed by the exchange's master 958 * key stating the wire fee to be paid per wire transfer. 959 */ 960 struct TALER_MasterWireFeePS 961 { 962 963 /** 964 * Purpose is #TALER_SIGNATURE_MASTER_WIRE_FEES. 965 */ 966 struct GNUNET_CRYPTO_SignaturePurpose purpose; 967 968 /** 969 * Hash over the wire method (yes, H("x-taler-bank") or H("iban")), in lower 970 * case, including 0-terminator. Used to uniquely identify which 971 * wire method these fees apply to. 972 */ 973 struct GNUNET_HashCode h_wire_method; 974 975 /** 976 * Start date when the fee goes into effect. 977 */ 978 struct GNUNET_TIME_TimestampNBO start_date; 979 980 /** 981 * End date when the fee stops being in effect (exclusive) 982 */ 983 struct GNUNET_TIME_TimestampNBO end_date; 984 985 /** 986 * Fees charged for wire transfers using the 987 * given wire method. 988 */ 989 struct TALER_WireFeeSetNBOP fees; 990 991 }; 992 993 GNUNET_NETWORK_STRUCT_END 994 995 996 void 997 TALER_exchange_offline_wire_fee_sign ( 998 const char *payment_method, 999 struct GNUNET_TIME_Timestamp start_time, 1000 struct GNUNET_TIME_Timestamp end_time, 1001 const struct TALER_WireFeeSet *fees, 1002 const struct TALER_MasterPrivateKeyP *master_priv, 1003 struct TALER_MasterSignatureP *master_sig) 1004 { 1005 struct TALER_MasterWireFeePS kv = { 1006 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_FEES), 1007 .purpose.size = htonl (sizeof (kv)), 1008 .start_date = GNUNET_TIME_timestamp_hton (start_time), 1009 .end_date = GNUNET_TIME_timestamp_hton (end_time), 1010 }; 1011 1012 GNUNET_CRYPTO_hash (payment_method, 1013 strlen (payment_method) + 1, 1014 &kv.h_wire_method); 1015 TALER_wire_fee_set_hton (&kv.fees, 1016 fees); 1017 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 1018 &kv, 1019 &master_sig->eddsa_signature); 1020 } 1021 1022 1023 enum GNUNET_GenericReturnValue 1024 TALER_exchange_offline_wire_fee_verify ( 1025 const char *payment_method, 1026 struct GNUNET_TIME_Timestamp start_time, 1027 struct GNUNET_TIME_Timestamp end_time, 1028 const struct TALER_WireFeeSet *fees, 1029 const struct TALER_MasterPublicKeyP *master_pub, 1030 const struct TALER_MasterSignatureP *master_sig) 1031 { 1032 struct TALER_MasterWireFeePS wf = { 1033 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_FEES), 1034 .purpose.size = htonl (sizeof (wf)), 1035 .start_date = GNUNET_TIME_timestamp_hton (start_time), 1036 .end_date = GNUNET_TIME_timestamp_hton (end_time) 1037 }; 1038 1039 GNUNET_CRYPTO_hash (payment_method, 1040 strlen (payment_method) + 1, 1041 &wf.h_wire_method); 1042 TALER_wire_fee_set_hton (&wf.fees, 1043 fees); 1044 return 1045 GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_FEES, 1046 &wf, 1047 &master_sig->eddsa_signature, 1048 &master_pub->eddsa_pub); 1049 } 1050 1051 1052 GNUNET_NETWORK_STRUCT_BEGIN 1053 1054 /** 1055 * Global fees charged by the exchange independent of 1056 * denomination or wire method. 1057 */ 1058 struct TALER_MasterGlobalFeePS 1059 { 1060 1061 /** 1062 * Purpose is #TALER_SIGNATURE_MASTER_GLOBAL_FEES. 1063 */ 1064 struct GNUNET_CRYPTO_SignaturePurpose purpose; 1065 1066 /** 1067 * Start date when the fee goes into effect. 1068 */ 1069 struct GNUNET_TIME_TimestampNBO start_date; 1070 1071 /** 1072 * End date when the fee stops being in effect (exclusive) 1073 */ 1074 struct GNUNET_TIME_TimestampNBO end_date; 1075 1076 /** 1077 * How long does an exchange keep a purse around after a purse 1078 * has expired (or been successfully merged)? A 'GET' request 1079 * for a purse will succeed until the purse expiration time 1080 * plus this value. 1081 */ 1082 struct GNUNET_TIME_RelativeNBO purse_timeout; 1083 1084 /** 1085 * How long will the exchange preserve the account history? After an 1086 * account was deleted/closed, the exchange will retain the account history 1087 * for legal reasons until this time. 1088 */ 1089 struct GNUNET_TIME_RelativeNBO history_expiration; 1090 1091 /** 1092 * Fee charged to the merchant per wire transfer. 1093 */ 1094 struct TALER_GlobalFeeSetNBOP fees; 1095 1096 /** 1097 * Number of concurrent purses that any 1098 * account holder is allowed to create without having 1099 * to pay the @e purse_fee. Here given in NBO. 1100 */ 1101 uint32_t purse_account_limit; 1102 1103 }; 1104 1105 GNUNET_NETWORK_STRUCT_END 1106 1107 1108 void 1109 TALER_exchange_offline_global_fee_sign ( 1110 struct GNUNET_TIME_Timestamp start_time, 1111 struct GNUNET_TIME_Timestamp end_time, 1112 const struct TALER_GlobalFeeSet *fees, 1113 struct GNUNET_TIME_Relative purse_timeout, 1114 struct GNUNET_TIME_Relative history_expiration, 1115 uint32_t purse_account_limit, 1116 const struct TALER_MasterPrivateKeyP *master_priv, 1117 struct TALER_MasterSignatureP *master_sig) 1118 { 1119 struct TALER_MasterGlobalFeePS wf = { 1120 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_GLOBAL_FEES), 1121 .purpose.size = htonl (sizeof (wf)), 1122 .start_date = GNUNET_TIME_timestamp_hton (start_time), 1123 .end_date = GNUNET_TIME_timestamp_hton (end_time), 1124 .purse_timeout = GNUNET_TIME_relative_hton (purse_timeout), 1125 .history_expiration = GNUNET_TIME_relative_hton (history_expiration), 1126 .purse_account_limit = htonl (purse_account_limit) 1127 }; 1128 1129 TALER_global_fee_set_hton (&wf.fees, 1130 fees); 1131 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 1132 &wf, 1133 &master_sig->eddsa_signature); 1134 } 1135 1136 1137 enum GNUNET_GenericReturnValue 1138 TALER_exchange_offline_global_fee_verify ( 1139 struct GNUNET_TIME_Timestamp start_time, 1140 struct GNUNET_TIME_Timestamp end_time, 1141 const struct TALER_GlobalFeeSet *fees, 1142 struct GNUNET_TIME_Relative purse_timeout, 1143 struct GNUNET_TIME_Relative history_expiration, 1144 uint32_t purse_account_limit, 1145 const struct TALER_MasterPublicKeyP *master_pub, 1146 const struct TALER_MasterSignatureP *master_sig) 1147 { 1148 struct TALER_MasterGlobalFeePS wf = { 1149 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_GLOBAL_FEES), 1150 .purpose.size = htonl (sizeof (wf)), 1151 .start_date = GNUNET_TIME_timestamp_hton (start_time), 1152 .end_date = GNUNET_TIME_timestamp_hton (end_time), 1153 .purse_timeout = GNUNET_TIME_relative_hton (purse_timeout), 1154 .history_expiration = GNUNET_TIME_relative_hton (history_expiration), 1155 .purse_account_limit = htonl (purse_account_limit) 1156 }; 1157 1158 TALER_global_fee_set_hton (&wf.fees, 1159 fees); 1160 return 1161 GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_GLOBAL_FEES, 1162 &wf, 1163 &master_sig->eddsa_signature, 1164 &master_pub->eddsa_pub); 1165 } 1166 1167 1168 GNUNET_NETWORK_STRUCT_BEGIN 1169 1170 /** 1171 * @brief Signature made by the exchange offline key over the manifest of 1172 * an extension. 1173 */ 1174 struct TALER_MasterExtensionManifestPS 1175 { 1176 /** 1177 * Purpose is #TALER_SIGNATURE_MASTER_EXTENSION. Signed 1178 * by a `struct TALER_MasterPublicKeyP` using EdDSA. 1179 */ 1180 struct GNUNET_CRYPTO_SignaturePurpose purpose; 1181 1182 /** 1183 * Hash of the JSON object that represents the manifests of extensions. 1184 */ 1185 struct TALER_ExtensionManifestsHashP h_manifest GNUNET_PACKED; 1186 }; 1187 1188 GNUNET_NETWORK_STRUCT_END 1189 1190 1191 void 1192 TALER_exchange_offline_extension_manifests_hash_sign ( 1193 const struct TALER_ExtensionManifestsHashP *h_manifest, 1194 const struct TALER_MasterPrivateKeyP *master_priv, 1195 struct TALER_MasterSignatureP *master_sig) 1196 { 1197 struct TALER_MasterExtensionManifestPS ec = { 1198 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_EXTENSION), 1199 .purpose.size = htonl (sizeof(ec)), 1200 .h_manifest = *h_manifest 1201 }; 1202 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 1203 &ec, 1204 &master_sig->eddsa_signature); 1205 } 1206 1207 1208 enum GNUNET_GenericReturnValue 1209 TALER_exchange_offline_extension_manifests_hash_verify ( 1210 const struct TALER_ExtensionManifestsHashP *h_manifest, 1211 const struct TALER_MasterPublicKeyP *master_pub, 1212 const struct TALER_MasterSignatureP *master_sig 1213 ) 1214 { 1215 struct TALER_MasterExtensionManifestPS ec = { 1216 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_EXTENSION), 1217 .purpose.size = htonl (sizeof(ec)), 1218 .h_manifest = *h_manifest 1219 }; 1220 1221 return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_EXTENSION, 1222 &ec, 1223 &master_sig->eddsa_signature, 1224 &master_pub->eddsa_pub); 1225 } 1226 1227 1228 GNUNET_NETWORK_STRUCT_BEGIN 1229 1230 /** 1231 * @brief Information signed by the exchange's master 1232 * key affirming the IBAN details for the exchange. 1233 */ 1234 struct TALER_MasterWireDetailsPS 1235 { 1236 1237 /** 1238 * Purpose is #TALER_SIGNATURE_MASTER_WIRE_DETAILS. 1239 */ 1240 struct GNUNET_CRYPTO_SignaturePurpose purpose; 1241 1242 /** 1243 * Hash over the account holder's payto:// URL. 1244 */ 1245 struct TALER_FullPaytoHashP h_wire_details GNUNET_PACKED; 1246 1247 /** 1248 * Hash over the conversion URL, all zeros if there 1249 * is no conversion URL. 1250 */ 1251 struct GNUNET_HashCode h_conversion_url; 1252 1253 /** 1254 * Hash over the open banking gateway URL, all zeros if there 1255 * is no open banking gateway URL. 1256 */ 1257 struct GNUNET_HashCode h_open_banking_gateway; 1258 1259 /** 1260 * Hash over the wire transfer gateway URL, all zeros if there 1261 * is no wire transfer gateway URL. 1262 */ 1263 struct GNUNET_HashCode h_wire_transfer_gateway; 1264 1265 /** 1266 * Hash over the debit restrictions. 1267 */ 1268 struct GNUNET_HashCode h_debit_restrictions; 1269 1270 /** 1271 * Hash over the credit restrictions. 1272 */ 1273 struct GNUNET_HashCode h_credit_restrictions; 1274 1275 }; 1276 1277 /** 1278 * @brief Information signed by the exchange's master 1279 * key affirming the IBAN details for the exchange. 1280 */ 1281 struct TALER_MasterWireDetails32PS 1282 { 1283 1284 /** 1285 * Purpose is #TALER_SIGNATURE_MASTER_WIRE_DETAILS. 1286 */ 1287 struct GNUNET_CRYPTO_SignaturePurpose purpose; 1288 1289 /** 1290 * Hash over the account holder's payto:// URL. 1291 */ 1292 struct TALER_FullPaytoHashP h_wire_details GNUNET_PACKED; 1293 1294 /** 1295 * Hash over the conversion URL, all zeros if there 1296 * is no conversion URL. 1297 */ 1298 struct GNUNET_HashCode h_conversion_url; 1299 1300 /** 1301 * Hash over the debit restrictions. 1302 */ 1303 struct GNUNET_HashCode h_debit_restrictions; 1304 1305 /** 1306 * Hash over the credit restrictions. 1307 */ 1308 struct GNUNET_HashCode h_credit_restrictions; 1309 1310 }; 1311 1312 GNUNET_NETWORK_STRUCT_END 1313 1314 1315 enum GNUNET_GenericReturnValue 1316 TALER_exchange_wire_signature_check32 ( 1317 const struct TALER_FullPayto payto_uri, 1318 const char *conversion_url, 1319 const json_t *debit_restrictions, 1320 const json_t *credit_restrictions, 1321 const struct TALER_MasterPublicKeyP *master_pub, 1322 const struct TALER_MasterSignatureP *master_sig) 1323 { 1324 struct TALER_MasterWireDetails32PS wd = { 1325 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS), 1326 .purpose.size = htonl (sizeof (wd)) 1327 }; 1328 1329 TALER_full_payto_hash (payto_uri, 1330 &wd.h_wire_details); 1331 if (NULL != conversion_url) 1332 GNUNET_CRYPTO_hash (conversion_url, 1333 strlen (conversion_url) + 1, 1334 &wd.h_conversion_url); 1335 TALER_json_hash (debit_restrictions, 1336 &wd.h_debit_restrictions); 1337 TALER_json_hash (credit_restrictions, 1338 &wd.h_credit_restrictions); 1339 return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_DETAILS, 1340 &wd, 1341 &master_sig->eddsa_signature, 1342 &master_pub->eddsa_pub); 1343 } 1344 1345 1346 enum GNUNET_GenericReturnValue 1347 TALER_exchange_wire_signature_check ( 1348 const struct TALER_FullPayto payto_uri, 1349 const char *conversion_url, 1350 const char *open_banking_gateway, 1351 const char *wire_transfer_gateway, 1352 const json_t *debit_restrictions, 1353 const json_t *credit_restrictions, 1354 const struct TALER_MasterPublicKeyP *master_pub, 1355 const struct TALER_MasterSignatureP *master_sig) 1356 { 1357 struct TALER_MasterWireDetailsPS wd = { 1358 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS), 1359 .purpose.size = htonl (sizeof (wd)) 1360 }; 1361 1362 TALER_full_payto_hash (payto_uri, 1363 &wd.h_wire_details); 1364 if (NULL != conversion_url) 1365 GNUNET_CRYPTO_hash (conversion_url, 1366 strlen (conversion_url) + 1, 1367 &wd.h_conversion_url); 1368 if (NULL != open_banking_gateway) 1369 GNUNET_CRYPTO_hash (open_banking_gateway, 1370 strlen (open_banking_gateway) + 1, 1371 &wd.h_open_banking_gateway); 1372 if (NULL != wire_transfer_gateway) 1373 GNUNET_CRYPTO_hash (wire_transfer_gateway, 1374 strlen (wire_transfer_gateway) + 1, 1375 &wd.h_wire_transfer_gateway); 1376 TALER_json_hash (debit_restrictions, 1377 &wd.h_debit_restrictions); 1378 TALER_json_hash (credit_restrictions, 1379 &wd.h_credit_restrictions); 1380 return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_WIRE_DETAILS, 1381 &wd, 1382 &master_sig->eddsa_signature, 1383 &master_pub->eddsa_pub); 1384 } 1385 1386 1387 void 1388 TALER_exchange_wire_signature_make ( 1389 const struct TALER_FullPayto payto_uri, 1390 const char *conversion_url, 1391 const char *open_banking_gateway, 1392 const char *wire_transfer_gateway, 1393 const json_t *debit_restrictions, 1394 const json_t *credit_restrictions, 1395 const struct TALER_MasterPrivateKeyP *master_priv, 1396 struct TALER_MasterSignatureP *master_sig) 1397 { 1398 struct TALER_MasterWireDetailsPS wd = { 1399 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_WIRE_DETAILS), 1400 .purpose.size = htonl (sizeof (wd)) 1401 }; 1402 1403 TALER_full_payto_hash (payto_uri, 1404 &wd.h_wire_details); 1405 if (NULL != conversion_url) 1406 GNUNET_CRYPTO_hash (conversion_url, 1407 strlen (conversion_url) + 1, 1408 &wd.h_conversion_url); 1409 if (NULL != open_banking_gateway) 1410 GNUNET_CRYPTO_hash (open_banking_gateway, 1411 strlen (open_banking_gateway) + 1, 1412 &wd.h_open_banking_gateway); 1413 if (NULL != wire_transfer_gateway) 1414 GNUNET_CRYPTO_hash (wire_transfer_gateway, 1415 strlen (wire_transfer_gateway) + 1, 1416 &wd.h_wire_transfer_gateway); 1417 TALER_json_hash (debit_restrictions, 1418 &wd.h_debit_restrictions); 1419 TALER_json_hash (credit_restrictions, 1420 &wd.h_credit_restrictions); 1421 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 1422 &wd, 1423 &master_sig->eddsa_signature); 1424 } 1425 1426 1427 GNUNET_NETWORK_STRUCT_BEGIN 1428 1429 /** 1430 * Message signed by account to merge a purse into a reserve. 1431 */ 1432 struct TALER_PartnerConfigurationPS 1433 { 1434 1435 /** 1436 * Purpose is #TALER_SIGNATURE_MASTER_PARNTER_DETAILS 1437 */ 1438 struct GNUNET_CRYPTO_SignaturePurpose purpose; 1439 struct TALER_MasterPublicKeyP partner_pub; 1440 struct GNUNET_TIME_TimestampNBO start_date; 1441 struct GNUNET_TIME_TimestampNBO end_date; 1442 struct GNUNET_TIME_RelativeNBO wad_frequency; 1443 struct TALER_AmountNBO wad_fee; 1444 struct GNUNET_HashCode h_url; 1445 }; 1446 1447 GNUNET_NETWORK_STRUCT_END 1448 1449 1450 void 1451 TALER_exchange_offline_partner_details_sign ( 1452 const struct TALER_MasterPublicKeyP *partner_pub, 1453 struct GNUNET_TIME_Timestamp start_date, 1454 struct GNUNET_TIME_Timestamp end_date, 1455 struct GNUNET_TIME_Relative wad_frequency, 1456 const struct TALER_Amount *wad_fee, 1457 const char *partner_base_url, 1458 const struct TALER_MasterPrivateKeyP *master_priv, 1459 struct TALER_MasterSignatureP *master_sig) 1460 { 1461 struct TALER_PartnerConfigurationPS wd = { 1462 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_PARTNER_DETAILS), 1463 .purpose.size = htonl (sizeof (wd)), 1464 .partner_pub = *partner_pub, 1465 .start_date = GNUNET_TIME_timestamp_hton (start_date), 1466 .end_date = GNUNET_TIME_timestamp_hton (end_date), 1467 .wad_frequency = GNUNET_TIME_relative_hton (wad_frequency), 1468 }; 1469 1470 GNUNET_CRYPTO_hash (partner_base_url, 1471 strlen (partner_base_url) + 1, 1472 &wd.h_url); 1473 TALER_amount_hton (&wd.wad_fee, 1474 wad_fee); 1475 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 1476 &wd, 1477 &master_sig->eddsa_signature); 1478 } 1479 1480 1481 enum GNUNET_GenericReturnValue 1482 TALER_exchange_offline_partner_details_verify ( 1483 const struct TALER_MasterPublicKeyP *partner_pub, 1484 struct GNUNET_TIME_Timestamp start_date, 1485 struct GNUNET_TIME_Timestamp end_date, 1486 struct GNUNET_TIME_Relative wad_frequency, 1487 const struct TALER_Amount *wad_fee, 1488 const char *partner_base_url, 1489 const struct TALER_MasterPublicKeyP *master_pub, 1490 const struct TALER_MasterSignatureP *master_sig) 1491 { 1492 struct TALER_PartnerConfigurationPS wd = { 1493 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_PARTNER_DETAILS), 1494 .purpose.size = htonl (sizeof (wd)), 1495 .partner_pub = *partner_pub, 1496 .start_date = GNUNET_TIME_timestamp_hton (start_date), 1497 .end_date = GNUNET_TIME_timestamp_hton (end_date), 1498 .wad_frequency = GNUNET_TIME_relative_hton (wad_frequency), 1499 }; 1500 1501 GNUNET_CRYPTO_hash (partner_base_url, 1502 strlen (partner_base_url) + 1, 1503 &wd.h_url); 1504 TALER_amount_hton (&wd.wad_fee, 1505 wad_fee); 1506 return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_PARTNER_DETAILS, 1507 &wd, 1508 &master_sig->eddsa_signature, 1509 &master_pub->eddsa_pub); 1510 } 1511 1512 1513 GNUNET_NETWORK_STRUCT_BEGIN 1514 1515 /** 1516 * Message signed by account to drain profits 1517 * from the escrow account of the exchange. 1518 */ 1519 struct TALER_DrainProfitPS 1520 { 1521 1522 /** 1523 * Purpose is #TALER_SIGNATURE_MASTER_DRAIN_PROFITS 1524 */ 1525 struct GNUNET_CRYPTO_SignaturePurpose purpose; 1526 struct TALER_WireTransferIdentifierRawP wtid; 1527 struct GNUNET_TIME_TimestampNBO date; 1528 struct TALER_AmountNBO amount; 1529 struct GNUNET_HashCode h_section; 1530 struct TALER_FullPaytoHashP h_payto; 1531 }; 1532 1533 GNUNET_NETWORK_STRUCT_END 1534 1535 1536 void 1537 TALER_exchange_offline_profit_drain_sign ( 1538 const struct TALER_WireTransferIdentifierRawP *wtid, 1539 struct GNUNET_TIME_Timestamp date, 1540 const struct TALER_Amount *amount, 1541 const char *account_section, 1542 const struct TALER_FullPayto payto_uri, 1543 const struct TALER_MasterPrivateKeyP *master_priv, 1544 struct TALER_MasterSignatureP *master_sig) 1545 { 1546 struct TALER_DrainProfitPS wd = { 1547 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DRAIN_PROFIT), 1548 .purpose.size = htonl (sizeof (wd)), 1549 .wtid = *wtid, 1550 .date = GNUNET_TIME_timestamp_hton (date), 1551 }; 1552 1553 GNUNET_CRYPTO_hash (account_section, 1554 strlen (account_section) + 1, 1555 &wd.h_section); 1556 TALER_full_payto_hash (payto_uri, 1557 &wd.h_payto); 1558 TALER_amount_hton (&wd.amount, 1559 amount); 1560 GNUNET_CRYPTO_eddsa_sign (&master_priv->eddsa_priv, 1561 &wd, 1562 &master_sig->eddsa_signature); 1563 } 1564 1565 1566 enum GNUNET_GenericReturnValue 1567 TALER_exchange_offline_profit_drain_verify ( 1568 const struct TALER_WireTransferIdentifierRawP *wtid, 1569 struct GNUNET_TIME_Timestamp date, 1570 const struct TALER_Amount *amount, 1571 const char *account_section, 1572 const struct TALER_FullPayto payto_uri, 1573 const struct TALER_MasterPublicKeyP *master_pub, 1574 const struct TALER_MasterSignatureP *master_sig) 1575 { 1576 struct TALER_DrainProfitPS wd = { 1577 .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DRAIN_PROFIT), 1578 .purpose.size = htonl (sizeof (wd)), 1579 .wtid = *wtid, 1580 .date = GNUNET_TIME_timestamp_hton (date), 1581 }; 1582 1583 GNUNET_CRYPTO_hash (account_section, 1584 strlen (account_section) + 1, 1585 &wd.h_section); 1586 TALER_full_payto_hash (payto_uri, 1587 &wd.h_payto); 1588 TALER_amount_hton (&wd.amount, 1589 amount); 1590 return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MASTER_DRAIN_PROFIT, 1591 &wd, 1592 &master_sig->eddsa_signature, 1593 &master_pub->eddsa_pub); 1594 } 1595 1596 1597 /* end of offline_signatures.c */