[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-anastasis] branch master updated: Removed Employee A
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [taler-anastasis] branch master updated: Removed Employee API |
|
Date: |
Tue, 17 Sep 2019 13:09:28 +0200 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new adce107 Removed Employee API
adce107 is described below
commit adce107c2bfe312b05585a2a82b812b2502cc940
Author: Dennis Neufeld <address@hidden>
AuthorDate: Tue Sep 17 13:09:23 2019 +0200
Removed Employee API
---
src/api/api-anastasis.rst | 124 -------------------------------------------
src/api/crypto-anastasis.rst | 14 -----
2 files changed, 138 deletions(-)
diff --git a/src/api/api-anastasis.rst b/src/api/api-anastasis.rst
index 5e1ba48..dc76b5a 100644
--- a/src/api/api-anastasis.rst
+++ b/src/api/api-anastasis.rst
@@ -480,128 +480,4 @@ argument and signature may be optional.
// mime type of truth, i.e. text/ascii, image/jpeg, etc.
truth_mime: string;
- }
-
---------------
-Employee API
---------------
-
-This API is used for authentication procedures that require an employee to
authenticate
-a client (e.g. video identification).
-The employee uses an AssignmentRequest_ object to request a job to be
processed from the server.
-The server responds accordingly with an AssignmentResponse_ object that
contains, among other
-things, the required Truth-Object (for example, a photo that is required for
video identification).
-When the employee has processed the job, it sends the corresponding result, an
EncryptedVerificationResult_ object,
-back to the server. The EncryptedVerificationResult-Object must contain an
AES-GCM tag resulting from the
-encryption of a VerificationResult_ object. Since the server has all the data
needed to create the
-same tag (with result=true), it can compare the tags: If the tags match, the
verification was
-successful. If the tags do not match (the employee has set result=false etc.),
the verification will
-be considered as failed.
-
-.. http:get:: /employee/assignment/employee_ID
-
-Request:
-Body must contain an AssignmentRequest_ object.
-
-Response:
-Returns an EncryptedAssignmentResponse_ object.
-
-**Details:**
-
- .. _AssignmentRequest:
- .. code-block:: tsref
-
- interface AssignmentRequest {
- // Binary ECDHE ephemeral public key used to encrypt the gzip compressed
JSON-encoded AssignmentResponse_
- employee_pub: EddsaPublickey;
-
- // Salt included to encrypt the VerificationResult_ for this session
- employee_salt: string;
-
- }
-
- .. _EncryptedAssignmentResponse:
- .. code-block:: tsref
-
- interface EncryptedAssignmentResponse {
- // Authentication tag
- aes_gcm_tag: byte[32];
-
- // Variable-size encrypted assignment object with public key obtained
from AssignmentRequest_.
- // After decryption, this contains a gzip compressed JSON-encoded
`AssignmentResponse`_.
- // The salt of the HKDF for this encryption must include the
- // string "EAR" and is obtained from the AssignmentRequest_.
- encrypted_assignment_response: byte[];
-
- }
-
- .. _AssignmentResponse:
- .. code-block:: tsref
-
- interface AssignmentResponse {
- nonce: string;
-
- // Binary ECDHE ephemeral public key used to encrypt the gzip compressed
JSON-encoded VerificationResult_
- server_pub: EddsaPublickey;
-
- // Time when this assignment was generated
- timestamp: Timestamp;
-
- // Expiration time of the session/assignment
- deadline: Timestamp;
-
- // ground truth, i.e. picture,
- // base32-encoded
- truth: string;
-
- // mime type of truth, i.e. text/ascii, image/jpeg, etc.
- truth_mime: string;
-
- // UUID of the authentication method
- uuid: UUID;
-
- }
-
-.. http:post:: /employee/verification/UUID
-
-**Details**
-
- .. _EncryptedVerificationResult:
- .. code-block:: tsref
-
- interface EncryptedVerificationResult {
- // Authentication tag
- aes_gcm_tag: byte[32];
-
- // Variable-size encrypted verification object with public key obtained
from AssignmentResponse_.
- // After decryption, this contains a gzip compressed JSON-encoded
`VerificationResult`_.
- // The salt of the HKDF for this encryption must include the
- // string "EVR". The Nonce obtained from AssignmentResponse_ must be
also included by the HKDF.
- encrypted_verification_result: byte[];
-
- }
-
- .. _VerificationResult:
- .. code-block:: tsref
-
- interface VerificationResult {
- // result of verification procedure
- // true -> verification successful
- result: boolean;
-
- // Time when this assignment was generated
- timestamp: Timestamp;
-
- // Expiration time of the session/assignment
- deadline: Timestamp;
-
- // ground truth, i.e. picture,
- // base32-encoded
- truth: string;
-
- // mime type of truth, i.e. text/ascii, image/jpeg, etc.
- truth_mime: string;
-
- // UUID of the authentication method
- uuid: UUID;
}
\ No newline at end of file
diff --git a/src/api/crypto-anastasis.rst b/src/api/crypto-anastasis.rst
index 7bb7ae1..d9c603c 100644
--- a/src/api/crypto-anastasis.rst
+++ b/src/api/crypto-anastasis.rst
@@ -57,20 +57,6 @@ and signatures 64 bytes. For hashing, including HKDFs,
Anastasis uses 512-bit ha
uint8_t hash[64]; // usually SHA-512
};
-.. _employee_pub:
-.. sourcecode:: c
-
- struct ANASTASIS_EmployeePublicKeyP {
- uint8_t ecdhe_pub[32];
- };
-
-.. _server_pub:
-.. sourcecode:: c
-
- struct ANASTASIS_ServerPublicKeyP {
- uint8_t ecdhe_pub[32];
- };
-
.. _ephemeral_pub:
.. sourcecode:: c
--
To stop receiving notification emails like this one, please contact
address@hidden.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [taler-anastasis] branch master updated: Removed Employee API,
gnunet <=