Line data Source code
1 : /*
2 : This file is part of TALER
3 : Copyright (C) 2023 Taler Systems SA
4 :
5 : TALER is free software; you can redistribute it and/or modify it under the
6 : terms of the GNU General Public License as published by the Free Software
7 : Foundation; either version 3, or (at your option) any later version.
8 :
9 : TALER is distributed in the hope that it will be useful, but WITHOUT ANY
10 : WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
11 : A PARTICULAR PURPOSE. See the GNU General Public License for more details.
12 :
13 : You should have received a copy of the GNU General Public License along with
14 : TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
15 : */
16 : /**
17 : * @file aml_signatures.c
18 : * @brief Utility functions for AML officers
19 : * @author Christian Grothoff
20 : */
21 : #include "platform.h"
22 : #include "taler_util.h"
23 : #include "taler_signatures.h"
24 :
25 :
26 : GNUNET_NETWORK_STRUCT_BEGIN
27 :
28 : /**
29 : * @brief Format used to generate the signature on an AML decision.
30 : */
31 : struct TALER_AmlDecisionPS
32 : {
33 : /**
34 : * Purpose must be #TALER_SIGNATURE_AML_DECISION.
35 : * Used for an EdDSA signature with the `struct TALER_AmlOfficerPublicKeyP`.
36 : */
37 : struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
38 :
39 : /**
40 : * Time when this decision was made.
41 : */
42 : struct GNUNET_TIME_TimestampNBO decision_time;
43 :
44 : /**
45 : * Time when attributes expire, if any.
46 : */
47 : struct GNUNET_TIME_TimestampNBO attributes_expiration_time;
48 :
49 : /**
50 : * Hash of the account identifier to which the decision applies.
51 : */
52 : struct TALER_NormalizedPaytoHashP h_payto GNUNET_PACKED;
53 :
54 : /**
55 : * Hash over the justification text.
56 : */
57 : struct GNUNET_HashCode h_justification GNUNET_PACKED;
58 :
59 : /**
60 : * Hash over the justification text.
61 : */
62 : struct GNUNET_HashCode h_properties GNUNET_PACKED;
63 :
64 : /**
65 : * Hash over JSON object with new KYC rules.
66 : */
67 : struct GNUNET_HashCode h_new_rules;
68 :
69 : /**
70 : * Hash over string with new check.
71 : */
72 : struct GNUNET_HashCode h_new_measure;
73 :
74 : /**
75 : * Hash over new attributes, all zeroes
76 : * if no attributes are being set.
77 : */
78 : struct GNUNET_HashCode h_attributes;
79 :
80 : /**
81 : * 0: no investigation, 1: yes investigation.
82 : */
83 : uint64_t flags;
84 : };
85 :
86 : GNUNET_NETWORK_STRUCT_END
87 :
88 : void
89 3 : TALER_officer_aml_decision_sign (
90 : const char *justification,
91 : struct GNUNET_TIME_Timestamp decision_time,
92 : const struct TALER_NormalizedPaytoHashP *h_payto,
93 : const json_t *new_rules,
94 : const json_t *properties,
95 : const char *new_measure,
96 : bool to_investigate,
97 : const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
98 : struct TALER_AmlOfficerSignatureP *officer_sig)
99 : {
100 9 : struct TALER_AmlDecisionPS ad = {
101 3 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_DECISION),
102 3 : .purpose.size = htonl (sizeof (ad)),
103 3 : .decision_time = GNUNET_TIME_timestamp_hton (decision_time),
104 : .h_payto = *h_payto,
105 3 : .flags = GNUNET_htonll (to_investigate ? 1 : 0)
106 : };
107 :
108 3 : GNUNET_CRYPTO_hash (justification,
109 : strlen (justification),
110 : &ad.h_justification);
111 3 : if (NULL != properties)
112 3 : TALER_json_hash (properties,
113 : &ad.h_properties);
114 3 : TALER_json_hash (new_rules,
115 : &ad.h_new_rules);
116 3 : if (NULL != new_measure)
117 1 : GNUNET_CRYPTO_hash (new_measure,
118 : strlen (new_measure),
119 : &ad.h_new_measure);
120 3 : GNUNET_CRYPTO_eddsa_sign (&officer_priv->eddsa_priv,
121 : &ad,
122 : &officer_sig->eddsa_signature);
123 3 : }
124 :
125 :
126 : enum GNUNET_GenericReturnValue
127 3 : TALER_officer_aml_decision_verify (
128 : const char *justification,
129 : struct GNUNET_TIME_Timestamp decision_time,
130 : const struct TALER_NormalizedPaytoHashP *h_payto,
131 : const json_t *new_rules,
132 : const json_t *properties,
133 : const char *new_measures,
134 : bool to_investigate,
135 : const struct TALER_AmlOfficerPublicKeyP *officer_pub,
136 : const struct TALER_AmlOfficerSignatureP *officer_sig,
137 : struct GNUNET_TIME_Timestamp attributes_expiration,
138 : const json_t *attributes)
139 : {
140 9 : struct TALER_AmlDecisionPS ad = {
141 3 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_DECISION),
142 3 : .purpose.size = htonl (sizeof (ad)),
143 3 : .decision_time = GNUNET_TIME_timestamp_hton (decision_time),
144 3 : .attributes_expiration_time = GNUNET_TIME_timestamp_hton (attributes_expiration),
145 : .h_payto = *h_payto,
146 3 : .flags = GNUNET_htonll (to_investigate ? 1 : 0)
147 : };
148 :
149 3 : GNUNET_CRYPTO_hash (justification,
150 : strlen (justification),
151 : &ad.h_justification);
152 3 : if (NULL != properties)
153 3 : TALER_json_hash (properties,
154 : &ad.h_properties);
155 3 : TALER_json_hash (new_rules,
156 : &ad.h_new_rules);
157 3 : if (NULL != new_measures)
158 1 : GNUNET_CRYPTO_hash (new_measures,
159 : strlen (new_measures),
160 : &ad.h_new_measure);
161 3 : if (NULL != attributes)
162 0 : TALER_json_hash (attributes,
163 : &ad.h_attributes);
164 3 : return GNUNET_CRYPTO_eddsa_verify (
165 : TALER_SIGNATURE_AML_DECISION,
166 : &ad,
167 : &officer_sig->eddsa_signature,
168 : &officer_pub->eddsa_pub);
169 : }
170 :
171 :
172 : GNUNET_NETWORK_STRUCT_BEGIN
173 :
174 : /**
175 : * @brief Format used to generate the signature on any AML query.
176 : */
177 : struct TALER_AmlQueryPS
178 : {
179 : /**
180 : * Purpose must be #TALER_SIGNATURE_AML_QUERY.
181 : * Used for an EdDSA signature with the `struct TALER_AmlOfficerPublicKeyP`.
182 : */
183 : struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
184 :
185 : };
186 :
187 : GNUNET_NETWORK_STRUCT_END
188 :
189 :
190 : void
191 4 : TALER_officer_aml_query_sign (
192 : const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
193 : struct TALER_AmlOfficerSignatureP *officer_sig)
194 : {
195 4 : struct TALER_AmlQueryPS aq = {
196 4 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_QUERY),
197 4 : .purpose.size = htonl (sizeof (aq))
198 : };
199 :
200 4 : GNUNET_CRYPTO_eddsa_sign (&officer_priv->eddsa_priv,
201 : &aq,
202 : &officer_sig->eddsa_signature);
203 4 : }
204 :
205 :
206 : enum GNUNET_GenericReturnValue
207 4 : TALER_officer_aml_query_verify (
208 : const struct TALER_AmlOfficerPublicKeyP *officer_pub,
209 : const struct TALER_AmlOfficerSignatureP *officer_sig)
210 : {
211 4 : struct TALER_AmlQueryPS aq = {
212 4 : .purpose.purpose = htonl (TALER_SIGNATURE_AML_QUERY),
213 4 : .purpose.size = htonl (sizeof (aq))
214 : };
215 :
216 4 : return GNUNET_CRYPTO_eddsa_verify (
217 : TALER_SIGNATURE_AML_QUERY,
218 : &aq,
219 : &officer_sig->eddsa_signature,
220 : &officer_pub->eddsa_pub);
221 : }
222 :
223 :
224 : /* end of aml_signatures.c */
|