Line data Source code
1 : /*
2 : This file is part of TALER
3 : Copyright (C) 2023 Taler Systems SA
4 :
5 : TALER is free software; you can redistribute it and/or modify it under the
6 : terms of the GNU General Public License as published by the Free Software
7 : Foundation; either version 3, or (at your option) any later version.
8 :
9 : TALER is distributed in the hope that it will be useful, but WITHOUT ANY
10 : WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
11 : A PARTICULAR PURPOSE. See the GNU General Public License for more details.
12 :
13 : You should have received a copy of the GNU General Public License along with
14 : TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
15 : */
16 : /**
17 : * @file aml_signatures.c
18 : * @brief Utility functions for AML officers
19 : * @author Christian Grothoff
20 : */
21 : #include "taler/platform.h"
22 : #include "taler/taler_util.h"
23 : #include "taler/taler_signatures.h"
24 :
25 :
26 : GNUNET_NETWORK_STRUCT_BEGIN
27 :
28 : /**
29 : * @brief Format used to generate the signature on an AML decision.
30 : */
31 : struct TALER_AmlDecisionPS
32 : {
33 : /**
34 : * Purpose must be #TALER_SIGNATURE_AML_DECISION.
35 : * Used for an EdDSA signature with the `struct TALER_AmlOfficerPublicKeyP`.
36 : */
37 : struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
38 :
39 : /**
40 : * Time when this decision was made.
41 : */
42 : struct GNUNET_TIME_TimestampNBO decision_time;
43 :
44 : /**
45 : * Time when attributes expire, if any.
46 : */
47 : struct GNUNET_TIME_TimestampNBO attributes_expiration_time;
48 :
49 : /**
50 : * Hash of the account identifier to which the decision applies.
51 : */
52 : struct TALER_NormalizedPaytoHashP h_payto GNUNET_PACKED;
53 :
54 : /**
55 : * Hash over the justification text.
56 : */
57 : struct GNUNET_HashCode h_justification GNUNET_PACKED;
58 :
59 : /**
60 : * Hash over the justification text.
61 : */
62 : struct GNUNET_HashCode h_properties GNUNET_PACKED;
63 :
64 : /**
65 : * Hash over JSON object with new KYC rules.
66 : */
67 : struct GNUNET_HashCode h_new_rules;
68 :
69 : /**
70 : * Hash over string with new check.
71 : */
72 : struct GNUNET_HashCode h_new_measure;
73 :
74 : /**
75 : * Hash over new attributes, all zeroes
76 : * if no attributes are being set.
77 : */
78 : struct GNUNET_HashCode h_attributes;
79 :
80 : /**
81 : * 0: no investigation, 1: yes investigation.
82 : */
83 : uint64_t flags;
84 : };
85 :
86 : GNUNET_NETWORK_STRUCT_END
87 :
88 : void
89 3 : TALER_officer_aml_decision_sign (
90 : const char *justification,
91 : struct GNUNET_TIME_Timestamp decision_time,
92 : const struct TALER_NormalizedPaytoHashP *h_payto,
93 : const json_t *new_rules,
94 : const json_t *properties,
95 : const char *new_measure,
96 : bool to_investigate,
97 : const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
98 : struct TALER_AmlOfficerSignatureP *officer_sig)
99 : {
100 9 : struct TALER_AmlDecisionPS ad = {
101 3 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_DECISION),
102 3 : .purpose.size = htonl (sizeof (ad)),
103 3 : .decision_time = GNUNET_TIME_timestamp_hton (decision_time),
104 : .h_payto = *h_payto,
105 3 : .flags = GNUNET_htonll (to_investigate ? 1 : 0)
106 : };
107 :
108 3 : GNUNET_CRYPTO_hash (justification,
109 : strlen (justification),
110 : &ad.h_justification);
111 3 : if (NULL != properties)
112 3 : TALER_json_hash (properties,
113 : &ad.h_properties);
114 3 : TALER_json_hash (new_rules,
115 : &ad.h_new_rules);
116 3 : if (NULL != new_measure)
117 1 : GNUNET_CRYPTO_hash (new_measure,
118 : strlen (new_measure),
119 : &ad.h_new_measure);
120 3 : GNUNET_CRYPTO_eddsa_sign (&officer_priv->eddsa_priv,
121 : &ad,
122 : &officer_sig->eddsa_signature);
123 3 : }
124 :
125 :
126 : enum GNUNET_GenericReturnValue
127 3 : TALER_officer_aml_decision_verify (
128 : const char *justification,
129 : struct GNUNET_TIME_Timestamp decision_time,
130 : const struct TALER_NormalizedPaytoHashP *h_payto,
131 : const json_t *new_rules,
132 : const json_t *properties,
133 : const char *new_measures,
134 : bool to_investigate,
135 : const struct TALER_AmlOfficerPublicKeyP *officer_pub,
136 : const struct TALER_AmlOfficerSignatureP *officer_sig,
137 : struct GNUNET_TIME_Timestamp attributes_expiration,
138 : const json_t *attributes)
139 : {
140 9 : struct TALER_AmlDecisionPS ad = {
141 3 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_DECISION),
142 3 : .purpose.size = htonl (sizeof (ad)),
143 3 : .decision_time = GNUNET_TIME_timestamp_hton (decision_time),
144 3 : .attributes_expiration_time = GNUNET_TIME_timestamp_hton (
145 : attributes_expiration),
146 : .h_payto = *h_payto,
147 3 : .flags = GNUNET_htonll (to_investigate ? 1 : 0)
148 : };
149 :
150 3 : GNUNET_CRYPTO_hash (justification,
151 : strlen (justification),
152 : &ad.h_justification);
153 3 : if (NULL != properties)
154 3 : TALER_json_hash (properties,
155 : &ad.h_properties);
156 3 : TALER_json_hash (new_rules,
157 : &ad.h_new_rules);
158 3 : if (NULL != new_measures)
159 1 : GNUNET_CRYPTO_hash (new_measures,
160 : strlen (new_measures),
161 : &ad.h_new_measure);
162 3 : if (NULL != attributes)
163 0 : TALER_json_hash (attributes,
164 : &ad.h_attributes);
165 3 : return GNUNET_CRYPTO_eddsa_verify (
166 : TALER_SIGNATURE_AML_DECISION,
167 : &ad,
168 : &officer_sig->eddsa_signature,
169 : &officer_pub->eddsa_pub);
170 : }
171 :
172 :
173 : GNUNET_NETWORK_STRUCT_BEGIN
174 :
175 : /**
176 : * @brief Format used to generate the signature on any AML query.
177 : */
178 : struct TALER_AmlQueryPS
179 : {
180 : /**
181 : * Purpose must be #TALER_SIGNATURE_AML_QUERY.
182 : * Used for an EdDSA signature with the `struct TALER_AmlOfficerPublicKeyP`.
183 : */
184 : struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
185 :
186 : };
187 :
188 : GNUNET_NETWORK_STRUCT_END
189 :
190 :
191 : void
192 5 : TALER_officer_aml_query_sign (
193 : const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
194 : struct TALER_AmlOfficerSignatureP *officer_sig)
195 : {
196 5 : struct TALER_AmlQueryPS aq = {
197 5 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_QUERY),
198 5 : .purpose.size = htonl (sizeof (aq))
199 : };
200 :
201 5 : GNUNET_CRYPTO_eddsa_sign (&officer_priv->eddsa_priv,
202 : &aq,
203 : &officer_sig->eddsa_signature);
204 5 : }
205 :
206 :
207 : enum GNUNET_GenericReturnValue
208 5 : TALER_officer_aml_query_verify (
209 : const struct TALER_AmlOfficerPublicKeyP *officer_pub,
210 : const struct TALER_AmlOfficerSignatureP *officer_sig)
211 : {
212 5 : struct TALER_AmlQueryPS aq = {
213 5 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_QUERY),
214 5 : .purpose.size = htonl (sizeof (aq))
215 : };
216 :
217 5 : return GNUNET_CRYPTO_eddsa_verify (
218 : TALER_SIGNATURE_AML_QUERY,
219 : &aq,
220 : &officer_sig->eddsa_signature,
221 : &officer_pub->eddsa_pub);
222 : }
223 :
224 :
225 : /* end of aml_signatures.c */
|