Line data Source code
1 : /*
2 : This file is part of TALER
3 : Copyright (C) 2023 Taler Systems SA
4 :
5 : TALER is free software; you can redistribute it and/or modify it under the
6 : terms of the GNU General Public License as published by the Free Software
7 : Foundation; either version 3, or (at your option) any later version.
8 :
9 : TALER is distributed in the hope that it will be useful, but WITHOUT ANY
10 : WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
11 : A PARTICULAR PURPOSE. See the GNU General Public License for more details.
12 :
13 : You should have received a copy of the GNU General Public License along with
14 : TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
15 : */
16 : /**
17 : * @file aml_signatures.c
18 : * @brief Utility functions for AML officers
19 : * @author Christian Grothoff
20 : */
21 : #include "taler/taler_util.h"
22 : #include "taler/taler_signatures.h"
23 :
24 :
25 : GNUNET_NETWORK_STRUCT_BEGIN
26 :
27 : /**
28 : * @brief Format used to generate the signature on an AML decision.
29 : */
30 : struct TALER_AmlDecisionPS
31 : {
32 : /**
33 : * Purpose must be #TALER_SIGNATURE_AML_DECISION.
34 : * Used for an EdDSA signature with the `struct TALER_AmlOfficerPublicKeyP`.
35 : */
36 : struct GNUNET_CRYPTO_SignaturePurpose purpose;
37 :
38 : /**
39 : * Time when this decision was made.
40 : */
41 : struct GNUNET_TIME_TimestampNBO decision_time;
42 :
43 : /**
44 : * Time when attributes expire, if any.
45 : */
46 : struct GNUNET_TIME_TimestampNBO attributes_expiration_time;
47 :
48 : /**
49 : * Hash of the account identifier to which the decision applies.
50 : */
51 : struct TALER_NormalizedPaytoHashP h_payto GNUNET_PACKED;
52 :
53 : /**
54 : * Hash over the justification text.
55 : */
56 : struct GNUNET_HashCode h_justification GNUNET_PACKED;
57 :
58 : /**
59 : * Hash over the justification text.
60 : */
61 : struct GNUNET_HashCode h_properties GNUNET_PACKED;
62 :
63 : /**
64 : * Hash over JSON object with new KYC rules.
65 : */
66 : struct GNUNET_HashCode h_new_rules;
67 :
68 : /**
69 : * Hash over string with new check.
70 : */
71 : struct GNUNET_HashCode h_new_measure;
72 :
73 : /**
74 : * Hash over new attributes, all zeroes
75 : * if no attributes are being set.
76 : */
77 : struct GNUNET_HashCode h_attributes;
78 :
79 : /**
80 : * 0: no investigation, 1: yes investigation.
81 : */
82 : uint64_t flags;
83 : };
84 :
85 : GNUNET_NETWORK_STRUCT_END
86 :
87 : void
88 3 : TALER_officer_aml_decision_sign (
89 : const char *justification,
90 : struct GNUNET_TIME_Timestamp decision_time,
91 : const struct TALER_NormalizedPaytoHashP *h_payto,
92 : const json_t *new_rules,
93 : const json_t *properties,
94 : const char *new_measure,
95 : bool to_investigate,
96 : const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
97 : struct TALER_AmlOfficerSignatureP *officer_sig)
98 : {
99 9 : struct TALER_AmlDecisionPS ad = {
100 3 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_DECISION),
101 3 : .purpose.size = htonl (sizeof (ad)),
102 3 : .decision_time = GNUNET_TIME_timestamp_hton (decision_time),
103 : .h_payto = *h_payto,
104 3 : .flags = GNUNET_htonll (to_investigate ? 1 : 0)
105 : };
106 :
107 3 : GNUNET_CRYPTO_hash (justification,
108 : strlen (justification),
109 : &ad.h_justification);
110 3 : if (NULL != properties)
111 3 : TALER_json_hash (properties,
112 : &ad.h_properties);
113 3 : TALER_json_hash (new_rules,
114 : &ad.h_new_rules);
115 3 : if (NULL != new_measure)
116 1 : GNUNET_CRYPTO_hash (new_measure,
117 : strlen (new_measure),
118 : &ad.h_new_measure);
119 3 : GNUNET_CRYPTO_eddsa_sign (&officer_priv->eddsa_priv,
120 : &ad,
121 : &officer_sig->eddsa_signature);
122 3 : }
123 :
124 :
125 : enum GNUNET_GenericReturnValue
126 2 : TALER_officer_aml_decision_verify (
127 : const char *justification,
128 : struct GNUNET_TIME_Timestamp decision_time,
129 : const struct TALER_NormalizedPaytoHashP *h_payto,
130 : const json_t *new_rules,
131 : const json_t *properties,
132 : const char *new_measures,
133 : bool to_investigate,
134 : const struct TALER_AmlOfficerPublicKeyP *officer_pub,
135 : const struct TALER_AmlOfficerSignatureP *officer_sig,
136 : struct GNUNET_TIME_Timestamp attributes_expiration,
137 : const json_t *attributes)
138 : {
139 6 : struct TALER_AmlDecisionPS ad = {
140 2 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_DECISION),
141 2 : .purpose.size = htonl (sizeof (ad)),
142 2 : .decision_time = GNUNET_TIME_timestamp_hton (decision_time),
143 2 : .attributes_expiration_time = GNUNET_TIME_timestamp_hton (
144 : attributes_expiration),
145 : .h_payto = *h_payto,
146 2 : .flags = GNUNET_htonll (to_investigate ? 1 : 0)
147 : };
148 :
149 2 : GNUNET_CRYPTO_hash (justification,
150 : strlen (justification),
151 : &ad.h_justification);
152 2 : if (NULL != properties)
153 2 : TALER_json_hash (properties,
154 : &ad.h_properties);
155 2 : TALER_json_hash (new_rules,
156 : &ad.h_new_rules);
157 2 : if (NULL != new_measures)
158 1 : GNUNET_CRYPTO_hash (new_measures,
159 : strlen (new_measures),
160 : &ad.h_new_measure);
161 2 : if (NULL != attributes)
162 0 : TALER_json_hash (attributes,
163 : &ad.h_attributes);
164 2 : return GNUNET_CRYPTO_eddsa_verify (
165 : TALER_SIGNATURE_AML_DECISION,
166 : &ad,
167 : &officer_sig->eddsa_signature,
168 : &officer_pub->eddsa_pub);
169 : }
170 :
171 :
172 : GNUNET_NETWORK_STRUCT_BEGIN
173 :
174 : /**
175 : * @brief Format used to generate the signature on any AML query.
176 : */
177 : struct TALER_AmlQueryPS
178 : {
179 : /**
180 : * Purpose must be #TALER_SIGNATURE_AML_QUERY.
181 : * Used for an EdDSA signature with the `struct TALER_AmlOfficerPublicKeyP`.
182 : */
183 : struct GNUNET_CRYPTO_SignaturePurpose purpose;
184 :
185 : };
186 :
187 : GNUNET_NETWORK_STRUCT_END
188 :
189 :
190 : void
191 5 : TALER_officer_aml_query_sign (
192 : const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
193 : struct TALER_AmlOfficerSignatureP *officer_sig)
194 : {
195 5 : struct TALER_AmlQueryPS aq = {
196 5 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_QUERY),
197 5 : .purpose.size = htonl (sizeof (aq))
198 : };
199 :
200 5 : GNUNET_CRYPTO_eddsa_sign (&officer_priv->eddsa_priv,
201 : &aq,
202 : &officer_sig->eddsa_signature);
203 5 : }
204 :
205 :
206 : enum GNUNET_GenericReturnValue
207 5 : TALER_officer_aml_query_verify (
208 : const struct TALER_AmlOfficerPublicKeyP *officer_pub,
209 : const struct TALER_AmlOfficerSignatureP *officer_sig)
210 : {
211 5 : struct TALER_AmlQueryPS aq = {
212 5 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_QUERY),
213 5 : .purpose.size = htonl (sizeof (aq))
214 : };
215 :
216 5 : return GNUNET_CRYPTO_eddsa_verify (
217 : TALER_SIGNATURE_AML_QUERY,
218 : &aq,
219 : &officer_sig->eddsa_signature,
220 : &officer_pub->eddsa_pub);
221 : }
222 :
223 :
224 : /* end of aml_signatures.c */
|
